安装MySQL

# 安装
yum install mysql mysql-server
# 设置开机自启
systemctl enable --now mysqld
# 初始化数据库
mysql_secure_installation
# 设置开启远程登录
mysql -u root -p
use mysql;
update user set host = '%' where user = 'root';
FLUSH PRIVILEGES;

安装Docker

# 安装containerd
yum install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
# 安装相关依赖
yum install -y yum-utils  device-mapper-persistent-data  lvm2
# 添加docker源
yum-config-manager  --add-repo   https://download.docker.com/linux/centos/docker-ce.repo
# 安装docker
yum install docker-ce docker-ce-cli
# 设置开机自启
systemctl enable --now docker
# 添加国内镜像
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
EOF
# 重新加载
systemctl daemon-reload
systemctl restart docker

Docker安装NextCloud

# 拉取NextCloud镜像
docker pull nextcloud
# 创建nextcloud映射目录,我的为/data/nextcloud
# -name为容器名,--restart为Docker重启容器自启动,-p指定端口映射 -v指定映射目录
docker run --name nextcloud --restart=always -p 8001:80 -p 8002:443 -v /data/nextcloud:/var/www/html/ -d nextcloud
# 访问http://127.0.0.1:8001

开启Https登陆

# 由于宿主机防火墙原因,容器内无法访问外网
firewall-cmd --permanent --zone=trusted --change-interface=docker0
firewall-cmd --reload
# 重启docker
systemctl restart docker
# 进入容器
docker exec -it 容器ID /bin/bash
# 获取软件包
apt update
# 安装vim
apt install vim
# 开启ssl模块
a2enmod ssl
# 生成ssl模板
a2ensite default-ssl
# 开启headers模块
a2enmod headers

# 上传ssl证书
# 我的放在/etc/apache2/ssl/ 需创建ssl目录
mkdir /etc/apache2/ssl

# 宿主机拷贝证书到容器
docker cp ssl/ 容器ID:/etc/apache2/

# 修改 /etc/apache2/sites-enabled/default-ssl.conf
...
                ServerName xxx.jixian.io
                <IfModule mod_headers.c>
                    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
                </IfModule>
                DocumentRoot /var/www/html
                SSLEngine on
                SSLProtocol all -SSLv2 -SSLv3
                SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
                SSLHonorCipherOrder on
                SSLCertificateFile /etc/apache2/ssl/xxx_public.crt
                SSLCertificateKeyFile /etc/apache2/ssl/xxx.key
                SSLCertificateChainFile /etc/apache2/ssl/xxx_chain.crt
...

# 重启加载Apache
service apache2 reload
# 访问https://127.0.0.1:8002

安装后续

允许相关IP和域名登陆

# 容器内编辑
vim /var/www/html/config/config.php

  'trusted_domains' =>
  array (
          0 => 'xxx.jixian.io:8002',
          1 => '10.1.1.2:8002',
  ),

使用occ命令格式为

docker exec --user www-data 容器ID php occ 命令

在设置的概览里完成相关优化操作