如何在Ubuntu 20.04上安装和配置Nextcloud

伊铭
2023-12-01

介绍 (Introduction)

Nextcloud, a fork of ownCloud, is a file sharing server that permits you to store your personal content, like documents and pictures, in a centralized location, much like Dropbox. The difference with Nextcloud is that all of its features are open-source. It also returns the control and security of your sensitive data back to you, thus eliminating the use of a third-party cloud hosting service.

Nextcloud是ownCloud的分支,是一个文件共享服务器,允许您将个人内容(如文档和图片)存储在集中的位置,就像Dropbox一样。 Nextcloud的不同之处在于其所有功能都是开源的。 它还将对敏感数据的控制和安全返回给您,从而消除了使用第三方云托管服务的麻烦。

In this tutorial, we will install and configure a Nextcloud instance on an Ubuntu 20.04 server.

在本教程中,我们将在Ubuntu 20.04服务器上安装和配置Nextcloud实例。

先决条件 (Prerequisites)

In order to complete the steps in this guide, you will need the following:

为了完成本指南中的步骤,您将需要以下内容:

  • A non-root** sudo-enabled user and firewall configured on your server**: You can create a user with sudo privileges and set up a basic firewall by following the Initial Server Setup with Ubuntu 20.04.

    在服务器上配置了 root用户的启用sudo的用户和防火墙**:您可以按照Ubuntu 20.04初始服务器设置,创建具有sudo特权的用户并设置基本防火墙。

  • (Optional) A domain name pointed to your server: We will be securing connections to the Nextcloud installation with TLS/SSL. Nextcloud can set up and manage a free, trusted SSL certificate from Let’s Encrypt if your server has a domain name. If not, Nextcloud can set up a self-signed SSL certificate that can encrypt connections, but won’t be trusted by default in web browsers. If you are using DigitalOcean, you can read our DNS documentation to learn how to add domains to your account and manage DNS records, if you intend to use Let’s Encrypt.

    (可选)指向您服务器的域名 :我们将使用TLS / SSL保护与Nextcloud安装的连接。 如果您的服务器具有域名,则Nextcloud可以从Let's Encrypt设置和管理免费的受信任SSL证书。 否则,Nextcloud可以设置一个自签名SSL证书,该证书可以加密连接,但默认情况下不会在Web浏览器中被信任。 如果您使用的是DigitalOcean,并且打算使用“加密”,则可以阅读我们的DNS文档,以了解如何向您的帐户添加域并管理DNS记录。

Once you have completed the above steps, continue on to learn how to set up Nextcloud on your server.

完成上述步骤后,继续学习如何在服务器上设置Nextcloud。

步骤1 –安装Nextcloud (Step 1 – Installing Nextcloud)

We will be installing Nextcloud using the Snap packaging system. This packaging system, available on Ubuntu 20.04 by default, allows organizations to ship software, along with all associated dependencies and configuration, in a self-contained unit with automatic updates. This means that instead of installing and configuring a web and database server and then configuring the Nextcloud app to run on it, we can install the snap package which handles the underlying systems automatically.

我们将使用Snap打包系统安装Nextcloud。 这个打包系统默认在Ubuntu 20.04上可用,它允许组织将软件以及所有相关的依赖项和配置一起发送到具有自动更新功能的独立单元中。 这意味着我们可以安装自动处理基础系统的snap软件包,而不是安装和配置Web和数据库服务器,然后配置Nextcloud应用程序以在其上运行。

To download the Nextcloud snap package and install it on the system, type:

要下载Nextcloud snap软件包并将其安装在系统上,请键入:

  • sudo snap install nextcloud

    sudo snap安装nextcloud

The Nextcloud package will be downloaded and installed on your server. You can confirm that the installation process was successful by listing the changes associated with the snap:

Nextcloud软件包将下载并安装在您的服务器上。 您可以通过列出与快照相关的更改来确认安装过程是否成功:

  • snap changes nextcloud

    快速更改nextcloud

   
   
Output
ID Status Spawn Ready Summary 4 Done today at 16:12 UTC today at 16:12 UTC Install "nextcloud" snap

The status and summary indicate that the installation was completed without any problems.

状态和摘要表明安装已完成,没有任何问题。

获取有关Nextcloud快照的其他信息 (Getting Additional Information About the Nextcloud Snap)

If you’d like some more information about the Nextcloud snap, there are a few commands that can be helpful.

如果您想了解有关Nextcloud快照的更多信息,可以使用一些命令。

The snap info command can show you the description, the Nextcloud management commands available, as well as the installed version and the snap channel being tracked:

snap info命令可以为您显示说明,可用的Nextcloud管理命令以及已安装的版本和正在跟踪的snap通道:

  • snap info nextcloud

    捕捉信息nextcloud

Snaps can define connections they support, which consist of a slot and plug that, when hooked together, gives the snap access to certain capabilities or levels of access. For instance, snaps that need to act as a network client must have the network connection. To see what snap connections this snap defines, type:

快照可以定义它们支持的连接,其中包括插槽和插头,将它们钩在一起时,可以使快照访问某些功能或访问级别。 例如,需要充当网络客户端的快照必须具有network连接。 要查看此快照定义的快照connections ,请键入:

  • snap connections nextcloud

    捕捉连接nextcloud

   
   
Output
Interface Plug Slot Notes network nextcloud:network :network - network-bind nextcloud:network-bind :network-bind - removable-media nextcloud:removable-media - -

To learn about all of the specific services and apps that this snap provides, you can take a look at the snap definition file by typing:

要了解此快照提供的所有特定服务和应用程序,可以通过键入以下内容来查看快照定义文件:

  • cat /snap/nextcloud/current/meta/snap.yaml

    猫/snap/nextcloud/current/meta/snap.yaml

This will allow you to see the individual components included within the snap, if you need help with debugging.

如果需要调试方面的帮助,这将使您能够看到快照中包含的各个组件。

第2步–配置管理帐户 (Step 2 – Configuring an Administrative Account)

There are a few different ways you can configure the Nextcloud snap. In this guide, rather than creating an administrative user through the web interface, we will create one on the command line in order to avoid a small window where the administrator registration page would be accessible to anyone visiting your server’s IP address or domain name.

您可以通过几种不同的方式配置Nextcloud快照。 在本指南中,我们不是在Web界面上创建管理员用户,而是在命令行上创建一个管理员用户,以避免出现一个很小的窗口,在该窗口中,访问服务器IP地址或域名的任何人都可以访问管理员注册页面。

To configure Nextcloud with a new administrator account, use the nextcloud.manual-install command. You must pass in a username and a password as arguments:

要使用新的管理员帐户配置Nextcloud,请使用nextcloud.manual-install命令。 您必须输入用户名和密码作为参数:

  • sudo nextcloud.manual-install sammy password

    sudo nextcloud.manual-install sammy 密码

The following message indicates that Nextcloud has been configured correctly:

以下消息表明Nextcloud已正确配置:


   
   
Output
Nextcloud was successfully installed

Now that Nextcloud is installed, we need to adjust the trusted domains so that Nextcloud will respond to requests using the server’s domain name or IP address.

现在已安装Nextcloud,我们需要调整受信任的域,以便Nextcloud将使用服务器的域名或IP地址来响应请求。

步骤3 –调整信任域 (Step 3 – Adjusting the Trusted Domains)

When installing from the command line, Nextcloud restricts the host names that the instance will respond to. By default, the service only responds to requests made to the “localhost” hostname. We will be accessing Nextcloud through the server’s domain name or IP address, so we’ll need to adjust this setting to accept these type of requests.

从命令行安装时,Nextcloud会限制实例将响应的主机名。 默认情况下,服务仅响应对“ localhost”主机名的请求。 我们将通过服务器的域名或IP地址访问Nextcloud,因此我们需要调整此设置以接受这些类型的请求。

You can view the current settings by querying the value of the trusted_domains array:

您可以通过查询trusted_domains数组的值来查看当前设置:

  • sudo nextcloud.occ config:system:get trusted_domains

    须藤nextcloud.occ配置:系统:获取Trusted_domains

   
   
Output
localhost

Currently, only localhost is present as the first value in the array. We can add an entry for our server’s domain name or IP address by typing:

当前,只有localhost作为数组中的第一个值。 我们可以通过输入以下内容为服务器的域名或IP地址添加条目:

  • sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com

    sudo nextcloud.occ配置:系统:设置Trusted_domains 1 --value = example.com


   
   
Output
System config value trusted_domains => 1 set to string example.com

If we query the trusted domains again, we will see that we now have two entries:

如果再次查询受信任的域,我们将看到现在有两个条目:

  • sudo nextcloud.occ config:system:get trusted_domains

    须藤nextcloud.occ配置:系统:获取Trusted_domains

   
   
Output
localhost example.com

If you need to add another way of accessing the Nextcloud instance, you can add additional domains or addresses by rerunning the config:system:set command with an incremented index number (the “1” in the first command) and adjusting the --value.

如果您需要添加另一种访问Nextcloud实例的方法,则可以通过使用递增的索引号(第一个命令中的“ 1”)重新运行config:system:set命令并调整--value来添加其他域或地址。 。

步骤4 –使用SSL保护Nextcloud Web界面的安全 (Step 4 – Securing the Nextcloud Web Interface with SSL)

Before we begin using Nextcloud, we need to secure the web interface.

在开始使用Nextcloud之前,我们需要保护Web界面的安全。

If you have a domain name associated with your Nextcloud server, the Nextcloud snap can help you obtain and configure a trusted SSL certificate from Let’s Encrypt. If your Nextcloud server does not have a domain name, Nextcloud can configure a self-signed certificate which will encrypt your web traffic but won’t be automatically trusted by your web browser.

如果您具有与Nextcloud服务器关联的域名,则Nextcloud快照可以帮助您从Let's Encrypt获取并配置受信任的SSL证书。 如果您的Nextcloud服务器没有域名,则Nextcloud可以配置自签名证书,该证书将加密您的网络流量,但不会被您的网络浏览器自动信任。

With that in mind, follow the section below that matches your scenario.

考虑到这一点,请按照下面适合您的情况的部分进行操作。

选项1:使用“让我们加密”设置SSL (Option 1: Setting Up SSL with Let’s Encrypt)

If you have a domain name associated with your Nextcloud server, the best option for securing your web interface is to obtain a Let’s Encrypt SSL certificate.

如果您具有与Nextcloud服务器关联的域名,那么保护Web界面安全的最佳选择是获取Let's Encrypt SSL证书。

Start by opening the ports in the firewall that Let’s Encrypt uses to validate domain ownership. This will make your Nextcloud login page publicly accessible, but since we already have an administrator account configured, no one will be able to hijack the installation:

首先打开防火墙中让我们加密用来验证域所有权的端口。 这将使您的Nextcloud登录页面可公开访问,但是由于我们已经配置了管理员帐户,因此没有人能够劫持安装:

  • sudo ufw allow 80,443/tcp

    sudo ufw允许80,443 / tcp

Next, request a Let’s Encrypt certificate by typing:

接下来,通过键入以下命令来请求“加密”证书:

  • sudo nextcloud.enable-https lets-encrypt

    sudo nextcloud.enable-https lets-encrypt

You will first be asked whether your server meets the conditions necessary to request a certificate from the Let’s Encrypt service:

首先将询问您服务器是否满足从Let's Encrypt服务请求证书的必要条件:


   
   
Output
In order for Let's Encrypt to verify that you actually own the domain(s) for which you're requesting a certificate, there are a number of requirements of which you need to be aware: 1. In order to register with the Let's Encrypt ACME server, you must agree to the currently-in-effect Subscriber Agreement located here: https://letsencrypt.org/repository/ By continuing to use this tool you agree to these terms. Please cancel now if otherwise. 2. You must have the domain name(s) for which you want certificates pointing at the external IP address of this machine. 3. Both ports 80 and 443 on the external IP address of this machine must point to this machine (e.g. port forwarding might need to be setup on your router). Have you met these requirements? (y/n)

Type y to continue.

键入y继续。

Next, you will be asked to provide an email address to use for recovery operations:

接下来,将要求您提供用于恢复操作的电子邮件地址:


   
   
Output
Please enter an email address (for urgent notices or key recovery):

Enter your email and press Enter to continue.

输入您的电子邮件,然后按Enter继续。

Finally, enter the domain name associated with your Nextcloud server:

最后,输入与您的Nextcloud服务器关联的域名:


   
   
Output
Please enter your domain name(s) (space-separated): example.com

Your Let’s Encrypt certificate will be requested and, provided everything went well, the internal Apache instance will be restarted to immediately implement SSL:

将请求您的Let's Encrypt证书,并且如果一切顺利,将重新启动内部Apache实例以立即实现SSL:


   
   
Output
Attempting to obtain certificates... done Restarting apache... done

You can now skip ahead to the next step to sign into Nextcloud for the first time.

现在,您可以跳到下一步,第一次登录Nextcloud。

选项2:使用自签名证书设置SSL (Option 2: Setting Up SSL with a Self-Signed Certificate)

If your Nextcloud server does not have a domain name, you can still secure the web interface by generating a self-signed SSL certificate. This certificate will allow access to the web interface over an encrypted connection, but will be unable to verify the identity of your server, so your browser will likely display a warning.

如果您的Nextcloud服务器没有域名,您仍然可以通过生成自签名SSL证书来保护Web界面。 该证书将允许通过加密连接访问Web界面,但是将无法验证服务器的身份,因此您的浏览器可能会显示警告。

To generate a self-signed certificate and configure Nextcloud to use it, type:

要生成自签名证书并配置Nextcloud使用它,请键入:

  • sudo nextcloud.enable-https self-signed

    sudo nextcloud.enable-https自签名

   
   
Output
Generating key and self-signed certificate... done Restarting apache... done

The above output indicates that Nextcloud generated and enabled a self-signed certificate.

以上输出表明Nextcloud生成并启用了自签名证书。

Now that the interface is secure, open the web ports in the firewall to allow access to the web interface:

现在界面已经安全了,打开防火墙中的Web端口以允许访问Web界面:

  • sudo ufw allow 80,443/tcp

    sudo ufw允许80,443 / tcp

You are now ready to log into Nextcloud for the first time.

现在您已经准备好首次登录Nextcloud。

步骤5 –登录Nextcloud Web界面 (Step 5 – Logging in to the Nextcloud Web Interface)

Now that Nextcloud is configured, visit your server’s domain name or IP address in your web browser:

既然已经配置了Nextcloud,请在Web浏览器中访问服务器的域名或IP地址:

https://example.com

Note: If you set up a self-signed SSL certificate, your browser may display a warning that the connection is insecure because the server’s certificate is not signed by a recognized certificate authority. This is expected for self-signed certificates, so feel free to click through the warning to proceed to the site.

注意:如果设置了自签名SSL证书,则浏览器可能会显示警告,说明连接不安全,因为服务器的证书未由公认的证书颁发机构签名。 对于自签名证书,这是预期的,因此请随时单击警告以继续该站点。

Since you have already configure an administrator account from the command line, you will be taken to the Nextcloud login page. Enter the credentials you created for the administrative user:

由于您已经从命令行配置了管理员帐户,因此将带您进入Nextcloud登录页面。 输入您为管理用户创建的凭据:

Click the Log in button to log in to the Nextcloud web interface.

单击“ 登录”按钮以登录Nextcloud Web界面。

The first time you enter, a window will be displayed with some introductory text and links to various Nextcloud clients that can be used to access your Nextcloud instance:

首次输入时,将显示一个窗口,其中包含一些介绍性文本和指向可用于访问Nextcloud实例的各种Nextcloud客户端的链接:

Click through to download any clients you are interested in, or exit out of the window by clicking the X in the upper-right corner. You will be taken to the main Nextcloud interface, where you can begin to upload and manage files:

单击以下载您感兴趣的任何客户端,或者通过单击右上角的X退出窗口。 您将被带到Nextcloud主界面,在这里您可以开始上传和管理文件:

Your installation is now complete and secured. Feel free to explore the interface to get more familiarity with the features and functionality of your new system.

现在,您的安装已完成并受到保护。 随意浏览界面,以更加熟悉新系统的功能。

结论 (Conclusion)

Nextcloud can replicate the capabilities of popular third-party cloud storage services. Content can be shared between users or externally with public URLs. The advantage of Nextcloud is that the information is stored securely in a place that you control.

Nextcloud可以复制流行的第三方云存储服务的功能。 内容可以在用户之间共享,也可以在外部使用公共URL共享。 Nextcloud的优点是信息安全地存储在您控制的位置。

For additional functionality, take a look at Nextcloud’s app store, where you can install plugins to extend the service’s capabilities.

有关其他功能,请查看Nextcloud的应用商店 ,您可以在其中安装插件以扩展服务的功能。

翻译自: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-20-04

 类似资料: