再从头|再回首Traefik 配置沿用以前的配置。
经测试,直接拉官方版的 nginx 和 phpfpm 会出现用户不一致而导致没有权限访问的问题。
官方版 nginx 默认的用户为 nginx,而 phpfpm则使用的 www-data, 而官方的解决方案要用到dockerfile来解决,特别麻烦。
所以使用 nginx+php打包的 三方镜像,这里选用 trafex/alpine-nginx-php7, 使用原因开源且体积小。具体可看介绍
Example PHP-FPM 7.4 & Nginx 1.18 setup for Docker, build on Alpine Linux. The image is only +/- 35MB large.
Repository: https://github.com/TrafeX/docker-php-nginx
- Built on the lightweight and secure Alpine Linux distribution
- Very small Docker image size (+/-35MB)
- Uses PHP 7.4 for better performance, lower CPU usage & memory footprint
- Optimized for 100 concurrent users
- Optimized to only use resources when there's traffic (by using PHP-FPM's on-demand PM)
- The servers Nginx, PHP-FPM and supervisord run under a non-privileged user (nobody) to make it more secure
- The logs of all the services are redirected to the output of the Docker container (visible with
docker logs -f <container name>)- Follows the KISS principle (Keep It Simple, Stupid) to make it easy to understand and adjust the image to your needs
正式开始:
一、目录结构:
创建相关目录和文件:
mkdir discuz
mkdir discuz/db-discuz
mkdir discuz/nginx
mkdir discuz/nginx/conf.d
mkdir discuz/nginx/myconf/
touch discuz/docker-compose.yml
touch discuz/nginx/myconf/discuz.conf
touch discuz/nginx/conf.d/www.domain.com.conf进入目录,从官方开源仓库下载discuz 3.4,并重命名下载到本地
cd discuz
git clone https://gitee.com/ComsenzDiscuz/DiscuzX dz3.4二、写入代码
- discuz/docker-compose.yml
version: '3.7'
services:
db:
image: mysql:5.7
container_name: db-dz
volumes:
- "./db-discuz:/var/lib/mysql"
networks:
- default
restart: always
environment:
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_DATABASE: dzdbname
MYSQL_USER: dzdbuser
MYSQL_PASSWORD: dzdbpass
nginxphp:
image: trafex/alpine-nginx-php7
container_name: nginxphp
volumes:
- "./dz3.4/upload:/var/www/html"
- "./nginx/conf.d:/etc/nginx/conf.d"
- "./nginx/myconf:/etc/nginx/myconf"
networks:
- default
- proxy
restart: always
volumes:
db-discuz:
name: db-discuz
html:
nginx: nginx
networks:
proxy:
external: true
2023年2月16日,发现trafex/alpine-nginx-php7作者,已经把仓库更新为trafex/php-nginx ,容器内相关文件位置改变
nginxphp:
image: trafex/php-nginx:3.0.0
container_name: nginxphp-tp2
expose:
- 8080
volumes:
- "./dz3.4/upload:/var/www/html"
- "./phpnginx/php.ini:/etc/php81/php.ini"
networks:
- default
- proxy
restart: always
新的仓库原生不支持pdo_mysql插件,因此不用直接【用于typecho搭建】,要用还得进容器修改内容。
- discuz/nginx/myconf/discuz.conf
rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;
rewrite ^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;
rewrite ^([^\.]*)/blog-([0-9]+)-([0-9]+)\.html$ $1/home.php?mod=space&uid=$2&do=blog&id=$3 last;
rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;
rewrite ^([^\.]*)/archiver/(fid|tid)-([0-9]+)\.html$ $1/archiver/index.php?action=$2&value=$3 last;
rewrite ^([^\.]*)/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ $1/plugin.php?id=$2:$3 last;
if (!-e $request_filename) {
return 404;
}
discuz/nginx/conf.d/www.doanin.com
server {
listen [::]:80;
listen 80 ;
server_name www.domain.com domain.com;
sendfile off;
root /var/www/html;
index index.php index.html;
#discuz rewrite
include /etc/nginx/myconf/discuz.conf;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# Redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/lib/nginx/html;
}
# Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 5d;
}
# Deny access to . files, for security
location ~ /\. {
log_not_found off;
deny all;
}
# Allow fpm ping and status from localhost
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
}
- 完成以上文件,进入docker-compose所在文件夹,
这里为discuz,创建proxy 网络以及 运行 docker-compose 启动 nginx 和 mysql数据库。
docker network create proxy
docker-compose up -d
- 查找 nginxphp 容器的内网ip
docker inspect --format='{{.NetworkSettings.Networks.proxy.IPAddress}}' nginxphp显示 ip 为 172.18.0.3(不同机器IP不一样,以实查IP为准)
- 编辑Traefik 动态文件, traefik2/data/configurations/dynamic.yml ,分别加入一个router, 一个service和一个middleware。
# Dynamic configuration
http:
routers:
...
# Roter4: discuz/bbs
discuz-1:
entryPoints:
- "websecure"
middlewares:
- "nonwww-www"
rule: "Host(`www.domain.com`) || Host(`domain.com`)"
service: discuz-service
middlewares:
...
# nonwww -> www
nonwww-www:
redirectregex:
regex: "^https://domain.com/(.*)"
replacement: "https://www.domain.com/${1}"
services:
...
# service3: discuz
discuz-service:
loadBalancer:
servers:
# container nginxphp's ip
- url: "http://172.18.0.3"
tls:
...完成,访问 domain.com 进行 Discuz的安装调试即可。
