从入门到入坟搭建FeeNAS服务器并配置NexCloud( 五 ) _php

opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.revalidate_freq=1
opcache.save_comments=1
按自己需要设定上传文件限制：
memory_limit=1024M
post_max_size=10240M
upload_max_filesize=10240M
取消配置文件/usr/local/etc/php-fpm.d/www.conf下面的注释：
clear_env=no
重启php-fpm：
service php-fpm restart
5.6 设置Nginx和SSL证书
使用SSH工具在NextCloud监狱目录/usr/local/etc/nginx中新建nextcloud.conf配置文件，并输入以下设置（注意要在路由器中转发内部的443端口）：
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php/php7.4-fpm.sock;
}
server {
listen 443ssl http2;
listen [::]:443 ssl http2;
server_name 换成你证书对应的域名;
# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
ssl_certificate 换成你证书对应的pem文件路径;
ssl_certificate_key 换成你证书对应的key文件路径;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
location=/.well-known/carddav {
return 301 $scheme://$server_name:$server_port/remote.php/dav;
}
location=/.well-known/caldav {
return 301 $scheme://$server_name:$server_port/remote.php/dav;
}
# set max upload size
client_max_body_size 10240M;# 可以改成你所需的值
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy"no-referrer"always;
add_header X-Content-Type-Options"nosniff"always;
add_header X-Download-Options"noopen"always;
add_header X-Frame-Options"SAMEORIGIN"always;
add_header X-Permitted-Cross-Domain-Policies"none"always;
add_header X-Robots-Tag"none"always;
add_header X-XSS-Protection"1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /usr/local/www/nextcloud;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus