容器部署OwnCloud - DUK技术栈

721 字

4 分钟

容器部署OwnCloud

2024-06-22

工具

Debian

/

操作

本站曾经搭建过共用云盘，奈何服务器的容量太小了，还每日每夜的被打

该云盘适合个人用，太多人存取比较考验服务器硬件性能，请量力而行

现在正式开始搭建#

首先我们先梳理文件数据结构(工作目录)#

容器目录	一级目录	二级目录
/	cloud.key	-
/	cloud.crt	-
/	docker-compose.yml	-
/	nginx/	nginx.conf
/	mysql/	-
/	OwnData/	# 预留网盘数据目录
/	mysql.env	-

我习惯每次项目开始之前都梳理文件结构，方便在过程中修改及相关文件的查缺补漏，这是一个好习惯，可以在项目开始前进行文件的内容的汇总后再开始工作，运行过程中查看日志反馈情况即可

搭建执行工作的逻辑文件目录#

域名的申请与解析到服务器，就不过多赘述了，可以查看这篇文章机构认证【域名+VPS证书】三分钟搞定需要1套域名及证书，复制到工作目录下，分别是网站的cloud.key和cloud.crt文件#

建立docker-compose.yml文件#

1
# During initial ownCloud setup, select "Storage & database" --> "Configure the database" --> "MySQL/MariaDB"
2
# Database user: root
3
# Database password: 12345
4
# Database name: OwnCloud
5
# Database host: replace "localhost" with "mysql"
6
services:
7
  owncloud:
8
      image: owncloud
9
      restart: always
10
      volumes:
11
        - "./OwnData:/var/www/html"
12
      ports:
13
        - "80"
14
  mysql:
15
      image: mysql:5.7
16
      restart: always
17
      container_name: mysql
18
      environment:
19
        - TZ=Asia/Shanghai
20
      expose:
21
        - "3306"
22
      env_file:
23
        - mysql.env
24
      volumes:
25
        - ./mysql/data:/var/lib/mysql
26
        - ./mysql/logs:/var/log/mysql
27
        - ./mysql/conf:/etc/mysql/conf.d
28
  nginx:
29
      image: nginx
30
      restart: always
31
      container_name: nginx
32
      environment:
33
        - TZ=Asia/Shanghai
34
      ports:
35
        - "80:80"
36
        - "443:443"
37
      volumes:
38
        - ./:/opt/
39
        - ./OwnData:/var/www/html
40
        - ./nginx/nginx.conf:/etc/nginx/nginx.conf
41
        - ./nginx/logs/:/etc/nginx/logs/
42
      depends_on:
43
        - owncloud

注意配置文件注释部分的内容，接下来我们会在mysql.env文件中定义这些内容

建立mysql.env文件，加入如下内容#

1
MYSQL_ROOT_PASSWORD=12345
2
MYSQL_DATABASE=OwnCloud
3
MYSQL_USER=user
4
MYSQL_PASSWORD=12345

在项目运行过程中会需要使用其中的参数，请根据自身情况进行修改

建立nginx/nginx.conf文件，加入如下内容#

1
#user  nobody;
2
worker_processes  1;
3
error_log  logs/error.log;
4
error_log  logs/error.log  notice;
5
error_log  logs/error.log  info;
6
pid        logs/nginx.pid;
7
events {
8
      worker_connections  256;
9
}
10
http {
11
      include       mime.types;
12
      default_type  application/octet-stream;
13
      sendfile$ on;
14
      keepalive_timeout   65;
15
      server {
16
      listen 80;
17
      server_name cloud.net; # 修改为你解析好的域名
18
      return 301 https://$server_name$request_uri;
19
      }
20
      server {
21
      listen 443 ssl;
22
      server_name cloud.net; # 修改为你解析好的域名
23
      # SSL/TLS settings
24
      ssl_certificate /opt/cloud.crt;  # 修改为实际证书文件路径
25
      ssl_certificate_key /opt/cloud.key; # 修改为实际证书密钥路径
26
      ssl_session_timeout 5m;
27
      ssl_protocols TLSv1.2 TLSv1.3;
28
      ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
29
      ssl_prefer_server_ciphers on;
30
      ssl_session_cache shared:SSL:10m;
31
      # Security headers
32
      add_header X-Frame-Options "SAMEORIGIN" always;
33
      add_header X-Content-Type-Options "nosniff" always;
34
      add_header X-XSS-Protection "1; mode=block" always;
35
      # Proxy settings
36
      client_max_body_size 4g;
37
      location / {
38
          proxy_pass <http://owncloud:80>;
39
          proxy_set_header Host $host;
40
          proxy_set_header X-Real-IP $remote_addr;
41
          proxy_set_header X-Forwarded-For 127.0.0.1;
42
          proxy_set_header X-Forwarded-Proto $scheme;
43
      }
44
     location = /favicon.ico {
45
          log_not_found off;
46
          access_log off;
47
          }
48
      }
49
}