繼上篇 用 Nginx 來安裝 WordPress 把 WordPress 由 Apache 改裝成 Nginx 之後,接下來也要把現有的 Owncloud 改成 Nginx 來跑
在本篇不包含 Owncloud 的安裝細項,僅將原本的 Apache 改為 Nginx 來 run
安裝可參考: CentOS6.5 建立自己的私有雲 OwnCloud 6.0 前言與安裝
實作的環境是採用 CentOS 6 + ownCloud 6,請記得不要將 ownCloud 升級至 8 ,因為 ownCloud 8 必須採用 php 5.4 later,而 CentOS 6 最高只有 php 5.3 !!
本篇範例中會實作 Nginx 以下
- SSL
- return 轉址 http to https
step1. 設定 php-fpm
首先必須確定一些必要參數
listen = /var/run/php-fpm/php-fpm.sock
step2. 加入 nginx ownCloud.conf
$ vim /etc/nginx/conf.d/ownCloud.conf
server {
listen 80;
server_name cloud.twbbs.org;
# enforce https
return 301 https://cloud.twbbs.org$request_uri;
}
server {
listen 443;
server_name shazicloud.twbbs.org;
root /home/owncloud;
index index.php;
ssl on;
ssl_certificate /etc/pki/tls/certs/simple.crt;
ssl_certificate_key /etc/pki/tls/private/simple.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
gzip off;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ /index.php;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
include fastcgi_params;
}
# Optional: set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
- 在 listen 80 的那段,將回應標頭 301 return 給 https 處理
- deny all 所有敏感的檔案及目錄 .htaccess / data / config / .xml / README
- rewrite 支援 caldav / cardav / webdav,當然,如果你用不到也可以不需要加入
- 用 expires 來提供靜態檔案到期的時間為 30d,並且不寫入 access_log
step3. 重新啟動 Nginx , php-fpm 服務
$ service php-fpm restart $ service nginx restart
查看 ownCloud 並且登入測試功能 OK!
從 WordPress 跟 ownCloud 的範例,可以滿足大多一般性網站的需求,當然 fastcgi 有更多更強的 option 可以參考官網來支援使用,下次有使用到在記錄下來囉!!
參考資料:
Module ngx_http_fastcgi_module
