挂载NFS网盘
参见上一篇
创建用户组
groupadd sftp_users
创建用户
# sftp账户
useradd -M -g sftp_users -s /usr/sbin/nologin user1
恢复cloudreve
cp -rp /data/master.backup/cloudreve_3.8.2_linux_amd64* /opt/
cp -rp /data/master.backup/cloudreve.service /etc/systemd/system/
修改各路径权限
# chown user0:sftp_users -R /opt/cloudreve_3.8.2_linux_amd64
# chown user0:sftp_users -R /data/user0
# chown user1:sftp_users -R /data/user1
查看密码
cd /opt/cloudreve_3.8.2_linux_amd64/
./cloudreve -c conf.ini
记下控制台输出的账号密码,就可以停止了
启动cloudreve
systemctl enable cloudreve
systemctl start cloudreve
systemctl status cloudreve
设置云盘
关闭注册
注册与登录
关闭缓存(减少内存占用)
图像与预览
账号密码
用户
修改存储限制
用户组
存储策略
/data/user{uid}/Root/{path}
webdav
导入数据
先删除缩略图
find /data/user1/Root -name ‘*._thumb’ -type f | xargs rm -rf
开启aria2
先不开启了
开启sftp
暂时好像没啥用,先不开启了
开启https
先在内网穿透服务器上
curl https://get.acme.sh | sh -s email=dongpo.li@hotmail.com
export CF_Token="****"
acme.sh --issue --dns dns_cf -d sketcherly.xyz -d '*.sketcherly.xyz' -d '*.*.sketcherly.xyz'
acme.sh --install-cert -d *.sketcherly.xyz --key-file /etc/nginx/cert/files.sketcherly.xyz.key --fullchain-file /etc/nginx/cert/files.sketcherly.xyz.crt --reloadcmd "systemctl force-reload nginx"
# crontab -l
22 21 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
32 21 * * * "/root/.acme.sh"/acme.sh --install-cert -d *.sketcherly.xyz --key-file /etc/nginx/cert/files.sketcherly.xyz.key --fullchain-file /etc/nginx/cert/files.sketcherly.xyz.crt --reloadcmd "systemctl force-reload nginx"
32 21 * * * "/root/.acme.sh"/acme.sh --install-cert -d *.sketcherly.xyz --key-file /etc/nginx/cert/grafana.sketcherly.xyz.key --fullchain-file /etc/nginx/cert/grafana.sketcherly.xyz.crt --reloadcmd "systemctl force-reload nginx"
33 21 * * * systemctl force-reload nginx
配置Nginx
vim /etc/nginx/conf.d/files.sketcherly.xyz.conf
upstream files.sketcherly.xyz.upstream {
server localhost:5212 weight=1 max_fails=3 fail_timeout=10s;
}
server {
listen 443 ssl;
server_name files.sketcherly.xyz;
#填写证书文件名称
ssl_certificate /etc/nginx/conf.d/cert/sketcherly.xyz.crt;
#填写证书私钥文件名称··
ssl_certificate_key /etc/nginx/conf.d/cert/sketcherly.xyz.key;
ssl_session_timeout 5m;
#表示使用的加密套件的类型
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
#表示使用的TLS协议的类型,您需要自行评估是否配置TLSv1.1协议。
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://files.sketcherly.xyz.upstream/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_max_temp_file_size 0;
client_max_body_size 1024g;
proxy_redirect off;
proxy_read_timeout 240s;
}
}