Docker Compose 部署 Typecho 及 HTTPS 访问
原帖地址: https://blog.suzuhafan.com/tutorials/docker-compose-deploy-typecho-with-https.html
Dockerfile配置参考:https://blog.elonlo.top/posts/typecho-deploy/#cl-6
Nginx多站点配置参考:https://www.cnblogs.com/z_lb/p/18129843
文主要是关于 Typecho 部署文档,使用了 Docker Compose 部署,及配置 HTTPS 访问。
1. 部署文件准备
目录如下
C:\Users\win11\vscode\typecho
├── docker-compose.yml
├── mysql/
├── mysql.env
├── nginx/
| └── nginx.conf
├── php/
| └── Dockerfile
└── typecho/
├── admin/
├── index.php
├── install/
├── install.php
├── LICENSE.txt
├── usr/
└── var/
docker-compose.yml
Docker Compose 文件
version: "3"
services:
nginx:
image: 'nginx:1.21'
restart: always
container_name: nginx
environment:
- TZ=Asia/Shanghai
ports:
- "80:80"
- "443:443"
volumes:
- /home/ubuntu/ssl/:/opt/
- ./typecho:/var/www/html
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/logs/:/etc/nginx/logs/
depends_on:
- php
networks:
- web
php:
build: php
restart: always
container_name: php
expose:
- "9000"
volumes:
- ./typecho:/var/www/html
environment:
- TZ=Asia/Shanghai
depends_on:
- mysql
networks:
- web
mysql:
image: mysql:5.7
restart: always
container_name: mysql
environment:
- TZ=Asia/Shanghai
ports:
- "3306:3306"
env_file:
- mysql.env
volumes:
- ./mysql/data:/var/lib/mysql
- ./mysql/logs:/var/log/mysql
- ./mysql/conf:/etc/mysql/conf.d
networks:
- web
networks:
web:
注意
nginx 的 volumes 中,/home/ubuntu/ssl 为你的 HTTPS 证书目录,根据实际情况修改
mysql
该文件夹为空
mysql.env
MYSQL_ROOT_PASSWORD=设置 ROOT 密码
MYSQL_DATABASE=typecho
MYSQL_USER=typecho
MYSQL_PASSWORD=设置 typecho 密码
注意
MYSQL_ROOT_PASSWORD:MySQL 的 root 密码,自己填上
MYSQL_PASSWORD:typecho 账号的密码,自己填上
密码建议设置复杂一点
nginx/nginx.conf
#user nobody;
worker_processes 1;
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /opt/example.pem;
ssl_certificate_key /opt/example.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
server_tokens off;
client_max_body_size 200m;
root /var/www/html;
index index.php;
location ~ .*\.php(\/.*)*$ {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "http";
proxy_set_header X-NginX-Proxy true;
fastcgi_pass php:9000;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php?q=$1 last;
break;
}
fastcgi_index index.php;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
注意
修改 example.com 为自己的域名
ssl_certificate 和 ssl_certificate_key 配置证书目录,容器内部目录为 opt
php/Dockerfile
FROM php:7.2.3-fpm
RUN apt-get update \
&& docker-php-ext-install pdo_mysql \
&& echo "output_buffering = 4096" > /usr/local/etc/php/conf.d/php.ini \
&& echo "date.timezone = PRC" >> /usr/local/etc/php/conf.d/php.ini
typecho
该文件夹存放 Typecho 文件,可访问其官网下载,本文档部署时为 1.1 版本,不保证其他版本部署结果
2. 安装
安装
docker-compose up -d
访问 example.com (你的域名)完成 Typecho 剩余安装步骤
卸载
docker-compose down
3. 细节调整
默认安装下,域名访问都会带上 index.php,不太好看,这里可以修改 Nginx 和 Typecho 来把这个去掉
Nginx 配置文件修改
......
server {
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /opt/example.pem;
ssl_certificate_key /opt/example.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
server_tokens off;
client_max_body_size 200m;
root /var/www/html;
index index.php;
# 添加以下 if 语句
if (!-e $request_filename){
rewrite ^(.*)$ /index.php$1 last;
}
location ~ .*\.php(\/.*)*$ {
......
}
Typecho 后台配置
打开设置 -> 永久链接设置,启用地址重写功能,会有异常提示,不用管,直接启用即可
完成以上步骤后,Typecho 就不需要 index.php 路径了,以前的包含 index.php 的也会自动跳转去掉 index.php。