背景说明
由于 zhuzhilong.cn 域名未备案,在国内不能直接访问,于2023年5月15日,在腾讯云买了台轻量应用服务器(配置:2H2G60G30M)来部署未备案的网站,我的个人博客也迁移到了这个服务器上,服务器35元/月,价格也不算贵,一年的服务器费用大概35*12=420元,服务器基本信息如下:
去年腾讯云搞活动,有一款配置差不多的轻量应用服务器只需要99元一年,并且可以续费两年:
便新购了另外一台轻量应用服务器(配置:2H2G50G30M):
这样算下来 3 年只需要 99+99+59.4=257.4 元,也就是3年的费用相当于原服务器一年费用的一半多一点,作为非营运网站,也没有较高的负载,能省一点是一点吧。
服务器环境说明
原服务器上部署了如下环境:
- 宝塔面板
- MySQL 5.7
- php 5.6
- php 7.3
以上环境都是基于宝塔面板进行集成安装的,宝塔面板在管理上挺方便,但是占用资源较多,且存在服务器信息泄露的风险,新服务器便计划采用如下环境:
- Docker
- docker compose + NginxProxyManager
- docker compose + php 5.6 Z + www.trswcm.com
- docker compose + php 7.3 + blog.zhuzhilong.cn
新服务器部署记录
1、安装 Docker
Docker 的安装参考 官网的安装文档(https://docs.docker.com/engine/install/)进行安装即可,如果是国内环境的话,推荐使用阿里云镜像
2、添加 Docker 桥接网络
推荐使用自定义 Docker 桥接网络,之前有服务器跑的容器多了,到后面会报创建网络失败的情况
docker network create --subnet=172.66.0.0/16 --gateway=172.66.0.1 --opt "com.docker.network.bridge.default_bridge"="false" --opt "com.docker.network.bridge.name"="bridge_zzl" --opt "com.docker.network.bridge.enable_icc"="true" --opt "com.docker.network.bridge.enable_ip_masquerade"="true" --opt "com.docker.network.bridge.host_binding_ipv4"="0.0.0.0" --opt "com.docker.network.driver.mtu"="1500" bridge_zzl3、使用docker compose 部署 MySQL 5.7
services:
mysql:
image: mysql:5.7
container_name: mysql-5.7
#使用该参数,container内的root拥有真正的root权限,否则,container内的root只是外部的一个普通用户权限
#设置为true,不然数据卷可能挂载不了,启动不起
privileged: true
restart: always
networks:
- net-zzl
ports:
- "3316:3306"
environment:
MYSQL_ROOT_PASSWORD: PASSWORD123
MYSQL_USER: zhuzl
MYSQL_PASSWORD: PASSWORD123
TZ: Asia/Shanghai
command:
--wait_timeout=31536000
--interactive_timeout=31536000
--max_connections=1000
--default-authentication-plugin=mysql_native_password
volumes:
#映射mysql的数据目录到宿主机,保存数据
#- ./data:/var/lib/mysql
- ./data:/www/server/data
#根据宿主机下的配置文件创建容器
- ./config/my.cnf:/etc/mysql/my.cnf
- ../hosts:/etc/hosts
networks:
net-zzl:
name: bridge_zzl
external: true
config/my.cnf 内容:
[client]
#password = your_password
port = 3306
socket = /tmp/mysql.sock
default-character-set=utf8mb4
[mysqld]
port = 3306
socket = /tmp/mysql.sock
datadir = /www/server/data
default_storage_engine = InnoDB
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
performance_schema_max_table_instances = 400
table_definition_cache = 400
skip-external-locking
key_buffer_size = 64M
max_allowed_packet = 1G
table_open_cache = 128
sort_buffer_size = 16M
net_buffer_length = 4K
read_buffer_size = 16M
read_rnd_buffer_size = 256K
myisam_sort_buffer_size = 256M
thread_cache_size = 512
tmp_table_size = 32M
default_authentication_plugin = mysql_native_password
lower_case_table_names = 1
sql-mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
explicit_defaults_for_timestamp = true
#skip-name-resolve
max_connections = 500
max_connect_errors = 100
open_files_limit = 65535
log-bin=mysql-bin
binlog_format=mixed
server-id = 1
# binlog_expire_logs_seconds = 600000
slow_query_log=1
slow-query-log-file=/www/server/data/mysql-slow.log
long_query_time=3
#log_queries_not_using_indexes=on
early-plugin-load = ""
innodb_data_home_dir = /www/server/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /www/server/data
innodb_buffer_pool_size = 4096M
innodb_log_file_size = 2048M
innodb_log_buffer_size = 512M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
innodb_max_dirty_pages_pct = 90
innodb_read_io_threads = 16
innodb_write_io_threads = 16
[mysqldump]
quick
max_allowed_packet = 500M
[mysql]
no-auto-rehash
default-character-set=utf8mb4
[myisamchk]
key_buffer_size = 64M
sort_buffer_size = 16M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
4、使用docker compose 部署 nginxProxyManager
官网部署文档:https://nginxproxymanager.com/guide/#quick-setup
docker-compose.yml 文件内容如下:
services:
npm:
image: jc21/nginx-proxy-manager:latest
container_name: npm
restart: unless-stopped
networks:
- net-zzl
environment:
- ACME_AGREE=true
- TZ=Asia/Shanghai
ports:
- 80:80
- 443:443
- 81:81
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
- ../hosts:/etc/hosts
networks:
net-zzl:
name: bridge_zzl
external: true5、使用docker compose 部署 blog.zhuzhilong.cn 个人博客
我的个人博客(blog.zhuzhilong.cn)使用 Typecho 搭建,核心需要的环境 是 php 7.x + mysql.
docker-compose.yml 内容如下:
services:
zzlblog:
image: nginx:latest
container_name: zzlblog
networks:
- net-zzl
ports:
- 8100:80
environment:
- TZ=Asia/Shanghai
restart: always
volumes:
- ./www:/var/www/html
- ./logs:/var/log/nginx
- ./nginx:/etc/nginx/conf.d
- ../hosts:/etc/hosts
depends_on:
- php73
php73:
image: yearnfar/typecho-php:latest
#image: tsund/php:7.2-fpm-alpine
container_name: php73
restart: unless-stopped
networks:
- net-zzl
ports:
- 9073:9000
environment:
- TZ=Asia/Shanghai
volumes:
- ./www:/var/www/html
- ../hosts:/etc/hosts
networks:
net-zzl:
name: bridge_zzl
external: trueyearnfar/typecho-php:latest 镜像主要是参考 https://github.com/yearnfar/typecho-docker 在服务器上直接 build 生成的的镜像。
nginx/default.conf 文件内容如下:
server {
listen 80;
server_name localhost;
root /var/www/html;
index index.php;
access_log /var/log/nginx/zzlblog_access.log main;
error_log /var/log/nginx/zzlblog_error.log;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php$1 last;
}
location ~ [^/]\.php(/|$) {
root /var/www/html;
fastcgi_pass php73:9000;
proxy_set_header Host $host;
#fastcgi_pass hostserver:9073;
fastcgi_index index.php;
#ifastcgi_param PATH_INFO $fastcgi_path_info;
#fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
#fastcgi_param SCRIPT_NAME $fastcgi_script_name;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
}5、使用docker compose 部署 www.trswcm.com
www.trswcm.com 是我维护了十多年的一个小众网站,主要是十多年前做TRS产品实施的时候分享一些项目实施经验,十多年过去已经很少更新了,不过一天还是有十多 UV 的访问量,还能帮助到一小部分特定人群,使用 QYKCMS 搭建,核心需要的环境 是 php 5.x+ mysql.
docker-compose.yml 文件内容如下:
services:
trswcm:
image: nginx
container_name: trswcm
networks:
- net-zzl
ports:
- 8101:80
environment:
- TZ=Asia/Shanghai
restart: always
volumes:
- ./www:/var/www/html
- ./logs:/var/log/nginx
- ./nginx:/etc/nginx/conf.d
- ../hosts:/etc/hosts
depends_on:
- php56
php56:
image: raccourci/php56:latest
container_name: php56
restart: unless-stopped
networks:
- net-zzl
ports:
- 9056:9000
environment:
- TZ=Asia/Shanghai
volumes:
- ./www:/var/www/html
- ../hosts:/etc/hosts
networks:
net-zzl:
name: bridge_zzl
external: truenginx/default.conf 文件内容如下:
server {
listen 80;
server_name www.trswcm.com localhost;
root /var/www/html;
index index.html index.htm index.php default.php default.htm default.html;
access_log /var/log/nginx/trswcm_access.log main;
error_log /var/log/nginx/trswcm_error.log;
#if (!-e $request_filename) {
# rewrite ^(.*)$ /index.php$1 last;
#}
location ~ [^/]\.php(/|$) {
root /var/www/html;
fastcgi_pass php56:9000;
proxy_set_header Host www.trswcm.com;
#fastcgi_pass hostserver:9073;
fastcgi_index index.php;
#ifastcgi_param PATH_INFO $fastcgi_path_info;
#fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
#fastcgi_param SCRIPT_NAME $fastcgi_script_name;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
}NginxProxyManager 配置
Nginx Proxy Manager (NPM) 是一个基于 Nginx 的反向代理管理工具,旨在简化 Nginx 的配置和管理。它提供了一个直观的 Web 界面,使用户可以轻松地设置和管理反向代理、SSL 证书、访问控制等功能。
在上面的章节中,我们使用 docker compose 的方式运行了 NginxProxyManager,我们可以通过UI界面进行可视化配置,最重要的是SSL证书配置及代理配置,以下是部分界面截图:
评论 (0)