docker 的 http 部署配置
- 集成 MySQL 的版本
version: '3.3' services: db: image: mysql:5.7.38 volumes: - ./data:/var/lib/mysql ports: - "3307:3306" restart: "no" environment: MYSQL_ROOT_PASSWORD: wordpress MYSQL_DATABASE: wordpress MYSQL_USER: wordpress MYSQL_PASSWORD: wordpress wordpress: depends_on: - db image: wordpress:6.0.2 ports: - "8000:80" restart: "no" environment: WORDPRESS_DB_HOST: "db:3306" WORDPRESS_DB_USER: "wordpress" WORDPRESS_DB_PASSWORD: "wordpress" WORDPRESS_DEBUG: 1 volumes: - ./wordpress:/var/www/html - ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
- 使用 rds 版本的 mysql
version: '3.3' services: wordpress: image: wordpress:6.0.2 ports: - "80:80" restart: "no" environment: WORDPRESS_DB_HOST: "${MYSQL_HOST}:${MYSQL_PORT}" WORDPRESS_DB_NAME: "${MYSQL_DB_NAME}" WORDPRESS_DB_USER: "${MYSQL_USERNAME}" WORDPRESS_DB_PASSWORD: "${MYSQL_PASSWORD}" # WORDPRESS_DEBUG: 1 volumes: - ./wordpress:/var/www/html - ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
启用 https
先增加端口和 ssl 证书映射文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
version: '3.3'
services:
wordpress:
image: wordpress:6.0.2
ports:
- "80:80"
- "443:443"
restart: "no"
environment:
WORDPRESS_DB_HOST: "${MYSQL_HOST}:${MYSQL_PORT}"
WORDPRESS_DB_NAME: "${MYSQL_DB_NAME}"
WORDPRESS_DB_USER: "${MYSQL_USERNAME}"
WORDPRESS_DB_PASSWORD: "${MYSQL_PASSWORD}"
# WORDPRESS_DEBUG: 1
volumes:
- ./wordpress:/var/www/html
- ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
- ./ssl:/ssl
进入 wordpress 容器,加载 apache 的 ssl 模块。文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
[root@instance]# docker exec -it wordpress bash
root@0f05292f2238:/var/www/html# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
service apache2 restart
编辑容器中的 ssl 文件
root@0f05292f2238:/var/www/html# vim /etc/apache2/sites-available/default-ssl.conf
容器中没有 vim,我们先把文件拷贝出来,然后在映射进去文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
root@0f05292f2238:/var/www/html# cp /etc/apache2/sites-available/default-ssl.conf /ssl/default-ssl.conf
ssl 证书和私钥文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
找到 SSLCertificateFile 和 SSLCertificateKeyFile 这两个配置项,改成把私钥和证书文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
# SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
# SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateFile /ssl/certs/blog.terwergreen.com.pem
SSLCertificateKeyFile /ssl/certs/blog.terwergreen.com.key
强制 http 请求转到 https
编辑 /etc/apache2/sites-available/000-default.conf ,找到 这里要注意修改文件的位置文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
如果发现没有生效看这里文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
1、重建容器需要重新启用 ssl文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
2、从 apache 的配置文件 <Directory "/var/www/html">
RewriteEngine on
RewriteBase /
# FORCE HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</Directory>
踩坑
a2enmod ssl
apache2.conf
可以看到,apache 只会读取 /etc/apache2/sites-enabled
目录的配置文件,所以需要把 /etc/apache2/sites-available
下的 default-ssl.conf
文件链接到 /etc/apache2/sites-enabled
目录下。文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html
ln -s /etc/apache2/sites-available/default-ssl.conf \
/etc/apache2/sites-enabled/default-ssl.conf
最终完整版的配置
文章源自浅海拾贝-https://blog.terwergreen.com/docker-s-wordpress-enables-https-jv469.html version: '3.3'
services:
wordpress:
image: wordpress:6.0.2
ports:
- "80:80"
- "443:443"
restart: "no"
environment:
WORDPRESS_DB_HOST: "${MYSQL_HOST}:${MYSQL_PORT}"
WORDPRESS_DB_NAME: "${MYSQL_DB_NAME}"
WORDPRESS_DB_USER: "${MYSQL_USERNAME}"
WORDPRESS_DB_PASSWORD: "${MYSQL_PASSWORD}"
# WORDPRESS_DEBUG: 1
volumes:
- ./wordpress:/var/www/html
- ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
- ./ssl:/ssl
- ./ssl-conf/default-ssl.conf:/etc/apache2/sites-available/default-ssl.conf
- ./ssl-conf/000-default.conf:/etc/apache2/sites-available/000-default.conf
- 扫码加我微信
- 验证消息请输入:来自你的博客
- 我的微信公众号
- 微信扫一扫与我交流吧
评论