荒岛
Pydio Cells是下一代文件共享平台,它是使用Go语言遵循微服务架构对Pydio项目进行的完全重写。
安装nginx/certbot/mariadb:
apt -y update apt -y install nginx python3-certbot-nginx mariadb-server wget unzip
初始化mariadb:
mysql_secure_installation
登录mariadb:
mysql -u root -p
创建数据库和用户:
CREATE DATABASE cells; CREATE USER 'pydio'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON cells.* to 'pydio'@'localhost'; FLUSH PRIVILEGES; exit
新建一个名为pydio的普通用户:
useradd -m -s /bin/bash pydio
创建需要用到的目录给予正确的所有者权限:
mkdir -p /opt/pydio/bin /var/cells chown -R pydio: /opt/pydio /var/cells
配置CELLS_WORKING_DIR环境变量,使其使用/var/cells目录存储数据:
echo 'export CELLS_WORKING_DIR=/var/cells' > /etc/profile.d/cells-env.sh source /etc/profile.d/cells-env.sh printenv
登录到pydio用户:
su - pydio
下载对应的二进制文件:
cd /opt/pydio/bin/
wget https://download.pydio.com/latest/cells/release/%7Blatest%7D/linux-amd64/pydio-cells-%7Blatest%7D-linux-amd64.zip
unzip pydio-cells-\{latest\}-linux-amd64.zip
rm -rf pydio-cells-\{latest\}-linux-amd64.zip
chmod a+x cells
退出pydio用户:
exit
[可选]让cells可以绑定低位端口,例如80、443。由于后续我们使用反向代理,这步骤可以省略,如果你使用内置的web服务器则需要执行此命令:
setcap 'cap_net_bind_service=+ep' /opt/pydio/bin/cells
做一个软链接方便使用:
ln -s /opt/pydio/bin/cells /usr/local/bin/cells
重新登录到pydio用户:
su - pydio
执行如下命令:
cells version
如果之前的配置一切正常将可以显示cells版本信息:
Pydio Cells Home Edition Version: 4.2.6 Built: 08 Sep 23 14:32 +0000 Git commit: b8c970d06b15c30a8f8c3879c8e86f6823867bfa OS/Arch: linux/amd64 Go version: go1.19.12
现在开始配置cells:
cells configure
选择通过浏览器进行配置:
同意软件许可协议:
配置数据库连接:
创建管理员账户:
使用本地存储,确认数据存储的目录是之前我们通过CELLS_WORKING_DIR环境变量配置的值:
等待安装完成,之后使用键盘组合键CTRL + C退出运行。
接下来我们需要配置cells站点,执行如下命令开始配置:
cells configure sites
你需要设置绑定端口为8080、监听地址为127.0.0.1、使用自签名证书、填写你的反向代理域名,你可以参考下图步骤进行配置:
新建systemd服务文件:
nano /etc/systemd/system/cells.service
写入如下配置:
[Unit] Description=Pydio Cells Documentation=https://pydio.com Wants=network-online.target After=network-online.target AssertFileIsExecutable=/opt/pydio/bin/cells [Service] User=pydio Group=pydio PermissionsStartOnly=true AmbientCapabilities=CAP_NET_BIND_SERVICE ExecStart=/opt/pydio/bin/cells start Restart=on-failure StandardOutput=journal StandardError=inherit LimitNOFILE=65536 TimeoutStopSec=5 KillSignal=INT SendSIGKILL=yes SuccessExitStatus=0 WorkingDirectory=/home/pydio Environment=CELLS_WORKING_DIR=/var/cells [Install] WantedBy=multi-user.target
新建nginx站点配置文件:
nano /etc/nginx/sites-available/pydio
写入如下配置:
server {
listen 80;
listen [::]:80;
server_name pydio.5950x.lol;
client_max_body_size 0;
proxy_buffering off;
location / {
if ($http_content_type = "application/grpc") {
grpc_pass grpcs://127.0.0.1:8080;
}
proxy_pass https://127.0.0.1:8080;
}
location /ws/ {
proxy_pass https://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /cool/ {
proxy_pass https://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
error_log /var/log/nginx/cells-proxy-error.log;
access_log /var/log/nginx/cells-proxy-access.log;
}
启用站点:
ln -s /etc/nginx/sites-available/pydio /etc/nginx/sites-enabled/pydio
签发ssl证书:
certbot --nginx
再次编辑nginx站点配置文件:
nano /etc/nginx/sites-available/pydio
如果你需要使用客户端进行文件同步,则必须启用http2:
listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot listen 443 ssl http2; # managed by Certbot
重载nginx:
systemctl reload nginx
