本想直接使用euleros,但作为官网还是在等一阵。购买了一台centos的华为云服务器,执行yum update -y 失败,提示所有镜像失效。然后改为ubuntu操作系统
管理控制台
系统设计
原网站使用nginx作为代理以支持https和http,使用wordpress作为内容管理系统,实现官网的日常动态与样式调整。这里计划都通过docker部署,使用docker-compose来管理脚本。简图如下:
基本结构图
准备环境
这里使用的操作系统是 ubuntu 20.04 server 64bit,分别安装docker,docker-compose,然后创建用户,设定网站工作目录。如下命令脚本:
# apt update -y# apt install docker.io -y# docker run hello-world# pip install docker-compose 【以往直接下载,太慢】curl -l https://github.com/docker/compose/releases/download/1.24.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose# docker-compose --version# chmod +x /usr/local/bin/docker-compose# mkdir /home/release# useradd release -d /home/release# chown release:release /home/release# passwd release# chsh -s /bin/bash release 【默认使用的sh,这里修改为bash】# /etc/sudoers 【将release添加到sudoers里面】# su - release# cat <<eof >.bash_profile> #!/bin/bash> export ps1="<u:w>"> eof# . .bash_profile# mkdir soft# cd soft# mkdir data# cd data# mkdir nginx# mkdir wordpress# mkdir mysql
编写docker-compose脚本
考虑nginx相对稳定,wordpress、mysql一体,将他们分为连个yml文件一并搞定,如下
#cat nginx.ymlversion: '3'services: nginx: image: nginx:latest volumes: - "./temp/nginx/log:/var/log/nginx" - "./data/nginx/cnf/conf.d/:/etc/nginx/conf.d/" - "./data/nginx/htdocs:/usr/share/nginx/html" restart: always ports: - "80:80" - "443:443"#cat wordpress_mysql.ymlversion: '2'services: db: image: mysql:5.7 volumes: - "./data/mysql:/var/lib/mysql" ports: - "53306:3306" restart: always environment: mysql_root_password: passwd mysql_database: db_wordpress mysql_user: wordpress mysql_password: passwd wordpress: depends_on: - db image: wordpress:latest links: - db ports: - "8000:80" restart: always volumes: - "./data/wordpress:/var/www/html_bk/" environment: mysql_root_password: passwd wordpress_db_host: db:3306 wordpress_db_user: wordpress wordpress_db_password: passwd wordpress_db_name: db_wordpress
然后,先后启动wordpress和nginx。
#sudo docker-compose -f wordpress_mysql.yml up -d#sudo docker-compose -f nginx.yml up -d
wordpress的配置
进入wordpress容器中,将备份好的wordpress目录拷贝进去
#sudo docker exec -it b609b37edbcc bash#cp -r /var/www/html_bk/* /var/www/html/可定期备份#cp -r /var/www/html/* /var/www/html_bk/然后进入/var/www/html_bk/所在宿主机目录#cd data/wordpress#git commit -am "date" #git push origin master
nginx的配置
# tree data/nginxdata/nginx/├── cnf│ └── conf.d│ ├── www.company.com│ │ ├── 2_www.company.com.crt│ │ └── 3_www.company.com.key│ └── www.company.com.conf└── htdocs# cat data/nginx/cnf/conf.d/www.company.com.confserver { listen 80; listen 443 ssl; server_name www.company.com; ssl_certificate /etc/nginx/conf.d/www.company.com/2_www.company.com.crt; ssl_certificate_key /etc/nginx/conf.d/www.company.com/3_www.company.com.key; ssl_session_timeout 5m; ssl_ciphers ecdhe-rsa-aes128-gcm-sha256:ecdhe:ecdh:aes:high:!null:!anull:!md5:!adh:!rc4; ssl_protocols tlsv1 tlsv1.1 tlsv1.2 tlsv1.3; ssl_prefer_server_ciphers on; index index.html; location / { proxy_pass http://192.168.0.223:8000; proxy_redirect off; proxy_set_header host $host; proxy_set_header x-real-ip $remote_addr; proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; }}
mysql的配置
我这里直接使用文件备份好数据库,比较粗暴。后面应该考虑使用数据库备份工具来做。文件备份的结果如下:
# tree ./data/mysqldata/mysql/├── auto.cnf├── ca-key.pem*├── ca.pem*├── client-cert.pem*├── client-key.pem*├── db_wordpress/├── ibdata1*├── ib_logfile0*├── ib_logfile1*├── ibtmp1├── mysql/├── performance_schema/├── private_key.pem*├── public_key.pem*├── server-cert.pem*├── server-key.pem*└── sys/
效果
