原帖地址: https://blog.suzuhafan.com/tutorials/docker-compose-deploy-typecho-with-https.html
Dockerfile配置参考:https://blog.elonlo.top/posts/typecho-deploy/#cl-6
Nginx多站点配置参考:https://www.cnblogs.com/z_lb/p/18129843

文主要是关于 Typecho 部署文档,使用了 Docker Compose 部署,及配置 HTTPS 访问。

1. 部署文件准备
目录如下

C:\Users\win11\vscode\typecho
├── docker-compose.yml
├── mysql/
├── mysql.env
├── nginx/
|  └── nginx.conf
├── php/
|  └── Dockerfile
└── typecho/
   ├── admin/
   ├── index.php
   ├── install/
   ├── install.php
   ├── LICENSE.txt
   ├── usr/
   └── var/

docker-compose.yml

Docker Compose 文件

version: "3"

services:
  nginx:
    image: 'nginx:1.21'
    restart: always
    container_name: nginx
    environment:
      - TZ=Asia/Shanghai
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /home/ubuntu/ssl/:/opt/
      - ./typecho:/var/www/html
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
      - ./nginx/logs/:/etc/nginx/logs/
    depends_on:
      - php
    networks:
      - web

  php:
    build: php
    restart: always
    container_name: php
    expose:
      - "9000"
    volumes:
      - ./typecho:/var/www/html
    environment:
      - TZ=Asia/Shanghai
    depends_on:
      - mysql
    networks:
      - web

  mysql:
    image: mysql:5.7
    restart: always
    container_name: mysql
    environment:
      - TZ=Asia/Shanghai
    ports:
      - "3306:3306"
    env_file:
      - mysql.env
    volumes:
      - ./mysql/data:/var/lib/mysql
      - ./mysql/logs:/var/log/mysql
      - ./mysql/conf:/etc/mysql/conf.d
    networks:
      - web

networks:
  web:

注意

nginx 的 volumes 中,/home/ubuntu/ssl 为你的 HTTPS 证书目录,根据实际情况修改

mysql

该文件夹为空

mysql.env

MYSQL_ROOT_PASSWORD=设置 ROOT 密码
MYSQL_DATABASE=typecho
MYSQL_USER=typecho
MYSQL_PASSWORD=设置 typecho 密码

注意

MYSQL_ROOT_PASSWORD:MySQL 的 root 密码,自己填上
MYSQL_PASSWORD:typecho 账号的密码,自己填上
密码建议设置复杂一点

nginx/nginx.conf

#user  nobody;
worker_processes  1;

error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile    on;

    keepalive_timeout   65;

    server {
      listen 80;
      server_name example.com;
      return 301 https://$server_name$request_uri;
    }

    server {
      listen 443 ssl;
      server_name example.com www.example.com;
      ssl_certificate /opt/example.pem;
      ssl_certificate_key /opt/example.key;
      ssl_session_timeout 5m;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
      ssl_prefer_server_ciphers on;

      server_tokens   off;
      client_max_body_size 200m;

      root /var/www/html;
      index index.php;

      location ~ .*\.php(\/.*)*$ {
        proxy_set_header HOST $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto "http";
        proxy_set_header X-NginX-Proxy true;
        fastcgi_pass   php:9000;
        if (!-e $request_filename){
          rewrite ^(.*)$ /index.php?q=$1 last;
          break;
        }
        fastcgi_index  index.php;
        fastcgi_param  PATH_INFO $fastcgi_path_info;
        fastcgi_param  PATH_TRANSLATED $document_root$fastcgi_path_info;
        fastcgi_param  SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
      }

    }

}

注意

修改 example.com 为自己的域名
ssl_certificate 和 ssl_certificate_key 配置证书目录,容器内部目录为 opt
php/Dockerfile

FROM php:7.2.3-fpm

RUN apt-get update \

&& docker-php-ext-install pdo_mysql \

&& echo "output_buffering = 4096" > /usr/local/etc/php/conf.d/php.ini \

&& echo "date.timezone = PRC" >> /usr/local/etc/php/conf.d/php.ini
typecho

该文件夹存放 Typecho 文件,可访问其官网下载,本文档部署时为 1.1 版本,不保证其他版本部署结果

2. 安装

安装

docker-compose up -d
访问 example.com (你的域名)完成 Typecho 剩余安装步骤

卸载

docker-compose down

3. 细节调整

默认安装下,域名访问都会带上 index.php,不太好看,这里可以修改 Nginx 和 Typecho 来把这个去掉

Nginx 配置文件修改

......
    server {
      listen 443 ssl;
      server_name example.com www.example.com;
      ssl_certificate /opt/example.pem;
      ssl_certificate_key /opt/example.key;
      ssl_session_timeout 5m;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
      ssl_prefer_server_ciphers on;
      server_tokens   off;
      client_max_body_size 200m;
      root /var/www/html;
      index index.php;
      # 添加以下 if 语句
      if (!-e $request_filename){
        rewrite ^(.*)$ /index.php$1 last;
      }
    
      location ~ .*\.php(\/.*)*$ {
......
}

Typecho 后台配置

打开设置 -> 永久链接设置,启用地址重写功能,会有异常提示,不用管,直接启用即可

完成以上步骤后,Typecho 就不需要 index.php 路径了,以前的包含 index.php 的也会自动跳转去掉 index.php。

标签: none

添加新评论