docker-compose 遷移部署 wordpress 站點、創建自定義網絡、設置容器爲靜態 ip

因爲一個 wordpress 容器裏同時有移動站和 pc 站，並且是通過二級域名區分的，所以只能配置了自定義網絡，在 nginx 容器裏配置 host 這樣了。

由於站點代碼本身問題，遷移到 docker 有很多地方需要調（https 訪問站點資源等）。下一步直接做一個 nginx + php 的鏡像（wordpress 整體掛載到宿主機），這樣就和之前原生的雲服務器一樣了，後續遷移站點，部署什麼的就方便多了。

version: '3.1'

services:

  nginx:
    image: nginx:1.15.7
    container_name: "nginx_container"
    ports:
      - "80:80"
      - "443:443"
    extra_hosts:
      - "www.vhxsl.com:10.10.10.12"
      - "m.vhxsl.com:10.10.10.12"
    volumes:
      - /data/nginx/html:/usr/share/nginx/html
      - /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
      - /data/nginx/conf/conf.d:/etc/nginx/conf.d
      - /data/nginx/conf/cert:/etc/nginx/cert
      - /data/nginx/logs:/var/log/nginx
    restart: always
    networks:
      hx_net:
        ipv4_address: 10.10.10.11

  wordpress:
    image: wordpress:4.9.8
    container_name: "wordpress_container"
    volumes:
      - /data/wordpress/html:/var/www/html
    depends_on:
      - mysql
    restart: always
    environment:
      WORDPRESS_DB_HOST: mysql
      WORDPRESS_DB_USER: haojiliang
      WORDPRESS_DB_PASSWORD: m*Hzq32R
      WORDPRESS_DB_NAME: vhxsl
    networks:
      hx_net:
        ipv4_address: 10.10.10.12

  mysql:
    image: mysql:5.7.24
    container_name: "mysql_container"
    volumes:
      - /data/mysql/data:/var/lib/mysql
      - /data/mysql/conf:/etc/mysql/conf.d
      - /data/mysql/logs:/data/mysql/logs
    restart: always
    ports:
      - "3306:3306"
    environment:
      MYSQL_ROOT_PASSWORD: ZMQ$qEPoAGovOM2I
      MYSQL_DATABASE: vhxsl
      MYSQL_USER: haojiliang
      MYSQL_PASSWORD: m*Hzq32R
    networks:
      hx_net:
        ipv4_address: 10.10.10.13

networks:
  hx_net:
    driver: bridge
    ipam:
      config:
        - subnet: 10.10.10.0/16

docker 網絡常用命令：

創建：docker network create --subnet=10.10.10.0/16 mynet

查看：docker network ls

刪除所有無用網絡：docker network prune

刪除指定網絡：docker network rm mynet

常見問題：

如果報 ERROR: Pool overlaps with other one on this address space，自定義網絡用的網段和其他 docker 網絡衝突了，刪除衝突的網絡或改用新網段即可。

官方 compose 文檔：

https://docs.docker.com/compose/compose-file/#networks

附 nginx 中 www.vhxsl.com.conf 部分的配置：

server {
    listen 443 ssl;
    server_name www.vhxsl.com vhxsl.com;
    access_log /var/log/nginx/www.vhxsl.com_nginx.log combined;
    # 原生服務器部署的配置
    #root /data/wwwroot/wordpress;
    #index index.html index.htm index.php;
    #include /usr/local/nginx/conf/rewrite/wordpress.conf;

    ssl_certificate   /etc/nginx/cert/www.vhxsl.com.pem;
    ssl_certificate_key  /etc/nginx/cert/www.vhxsl.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    #error_page 404 = /404.html;
    #error_page 502 = /502.html;
	
    if ( $http_user_agent ~* "(Android|iPhone|Windows Phone|UC|Kindle|iPod|BlackBerry)" ){
        rewrite ^/(.*)$  https://m.vhxsl.com$uri redirect;
    }

    # 按上述方式遷移到 docker 後，這裏通過 http 導致後臺代碼返回的資源地址也是 http，到瀏覽器就被攔截了。。。
    # 所以爲適配代碼，後續改用自制的 nginx + php 鏡像部署
    location / {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://www.vhxsl.com;
    }

    location ~ [^/]\.php(/|$) {
        #fastcgi_pass remote_php_ip:9000;
        fastcgi_pass unix:/dev/shm/php-cgi.sock;
        fastcgi_index index.php;
        include conf.d/fastcgi.conf;
    }
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
        expires 30d;
        access_log off;
    }
    location ~ .*\.(js|css)?$ {
        expires 7d;
        access_log off;
    }
    location ~ /\.ht {
        deny all;
    }
}

server {
    listen 80;
    server_name www.vhxsl.com vhxsl.com;

    rewrite ^(.*)$  https://$host$1 permanent;
}