因爲一個 wordpress 容器裏同時有移動站和 pc 站,並且是通過二級域名區分的,所以只能配置了自定義網絡,在 nginx 容器裏配置 host 這樣了。
由於站點代碼本身問題,遷移到 docker 有很多地方需要調(https 訪問站點資源等)。下一步直接做一個 nginx + php 的鏡像(wordpress 整體掛載到宿主機),這樣就和之前原生的雲服務器一樣了,後續遷移站點,部署什麼的就方便多了。
version: '3.1'
services:
nginx:
image: nginx:1.15.7
container_name: "nginx_container"
ports:
- "80:80"
- "443:443"
extra_hosts:
- "www.vhxsl.com:10.10.10.12"
- "m.vhxsl.com:10.10.10.12"
volumes:
- /data/nginx/html:/usr/share/nginx/html
- /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
- /data/nginx/conf/conf.d:/etc/nginx/conf.d
- /data/nginx/conf/cert:/etc/nginx/cert
- /data/nginx/logs:/var/log/nginx
restart: always
networks:
hx_net:
ipv4_address: 10.10.10.11
wordpress:
image: wordpress:4.9.8
container_name: "wordpress_container"
volumes:
- /data/wordpress/html:/var/www/html
depends_on:
- mysql
restart: always
environment:
WORDPRESS_DB_HOST: mysql
WORDPRESS_DB_USER: haojiliang
WORDPRESS_DB_PASSWORD: m*Hzq32R
WORDPRESS_DB_NAME: vhxsl
networks:
hx_net:
ipv4_address: 10.10.10.12
mysql:
image: mysql:5.7.24
container_name: "mysql_container"
volumes:
- /data/mysql/data:/var/lib/mysql
- /data/mysql/conf:/etc/mysql/conf.d
- /data/mysql/logs:/data/mysql/logs
restart: always
ports:
- "3306:3306"
environment:
MYSQL_ROOT_PASSWORD: ZMQ$qEPoAGovOM2I
MYSQL_DATABASE: vhxsl
MYSQL_USER: haojiliang
MYSQL_PASSWORD: m*Hzq32R
networks:
hx_net:
ipv4_address: 10.10.10.13
networks:
hx_net:
driver: bridge
ipam:
config:
- subnet: 10.10.10.0/16
docker 網絡常用命令:
創建:docker network create --subnet=10.10.10.0/16 mynet
查看:docker network ls
刪除所有無用網絡:docker network prune
刪除指定網絡:docker network rm mynet
常見問題:
如果報 ERROR: Pool overlaps with other one on this address space,自定義網絡用的網段和其他 docker 網絡衝突了,刪除衝突的網絡或改用新網段即可。
官方 compose 文檔:
https://docs.docker.com/compose/compose-file/#networks
附 nginx 中 www.vhxsl.com.conf 部分的配置:
server {
listen 443 ssl;
server_name www.vhxsl.com vhxsl.com;
access_log /var/log/nginx/www.vhxsl.com_nginx.log combined;
# 原生服務器部署的配置
#root /data/wwwroot/wordpress;
#index index.html index.htm index.php;
#include /usr/local/nginx/conf/rewrite/wordpress.conf;
ssl_certificate /etc/nginx/cert/www.vhxsl.com.pem;
ssl_certificate_key /etc/nginx/cert/www.vhxsl.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#error_page 404 = /404.html;
#error_page 502 = /502.html;
if ( $http_user_agent ~* "(Android|iPhone|Windows Phone|UC|Kindle|iPod|BlackBerry)" ){
rewrite ^/(.*)$ https://m.vhxsl.com$uri redirect;
}
# 按上述方式遷移到 docker 後,這裏通過 http 導致後臺代碼返回的資源地址也是 http,到瀏覽器就被攔截了。。。
# 所以爲適配代碼,後續改用自制的 nginx + php 鏡像部署
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://www.vhxsl.com;
}
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include conf.d/fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
}
server {
listen 80;
server_name www.vhxsl.com vhxsl.com;
rewrite ^(.*)$ https://$host$1 permanent;
}