建議學習dock,會linux基礎會比較好
有架設過Apache2 nginx mysql phpmyadmin過有些東西比較好理解
裏面maybe跳很快 我上手docker沒有很久 1~2星期內 將專案轉換成docker使用
大多運行再beta上,online版本還不敢改成docker使用
目前有4個專案
1.web 前端 vue+nuxt+pm2
2.middleware apiServer php laravel
3.vendor 後台1 php laravel
4.backend 後台2 php CI
docker ps ; 可以看現在運行中的
docker exec -it CONTAINER_ID bash ;進入那台docker bash裏面察看一下問題
docker-compose ;一定要再laradock裏面執行
docker-compose build XXXX; xxxx like nginx mysql 建立新或重建
docker-compose up -d xxxx;xxxx like nginx mysql 啟動 這個docker -d 背景執行
docker-compose down;關閉所有
就是laravel+Dock 幾乎把可以用到的用好了
由於專案較多且需要獨立vue的前端
laradock 就是開發環境相關的設定
www 就是你的code放置的地方
apple791210
cd laradock
cp env-example .env
vi .env
修改 同步docker內外資料夾在哪裡
# Point to the path of your applications code on your host
APP_CODE_PATH_HOST=../www
vi .env
記得要先修改 mysql的帳密
MYSQL_VERSION=latest
MYSQL_DATABASE=default
MYSQL_USER= user
MYSQL_PASSWORD= urpassword
MYSQL_PORT=3306
MYSQL_ROOT_PASSWORD= rootpassword
MYSQL_ENTRYPOINT_INITDB=./mysql/docker-entrypoint-initdb.d
建制mysql docker 然後運行
docker-compose build mysql
docker-compose up -d mysql
如果之後要清空資料庫的話 相關資料再 直接清空
ls ~/.laradock/data/mysql/
sudo rm -fr ~/.laradock/data/mysql/
啟動mysql
然後察看 msyql CONTAINER ID
將你的sql檔案直接匯入XDBnameX 裏面去
docker-compose up -d mysql
docker ps
docker exec -i xCONTAINER IDx mysql -uroot -prootpassword XDBnameX < ???.sql
設定 phpmyadmin port 你自己喜歡就好 EX 我設定再8081
之後用 127.0.0.1:8081 直接進去
### PHP MY ADMIN ##########################################
# Accepted values: mariadb - mysql
PMA_DB_ENGINE=mysql
# Credentials/Port:
PMA_USER=default
PMA_PASSWORD=secret
PMA_ROOT_PASSWORD=secret
PMA_PORT=8081
建制phpmyadmin docker 然後運行
需要配合mysql一起上
docker-compose build phpmyadmin
docker-compose up -d mysql phpmyadmin
伺服器:mysql
使用者名稱:root
密碼: rootpassword
進入docker 環境裡 進入到/var/www裡
是否與 ../www相同
設定你的laravel專案
同理給vendor backend
docker-compose exec workspace bash
cd /var/www/middleware
composer install
npm install
vi .env
DB_CONNECTION=mysql
DB_HOST=mysql
DB_PORT=3306
DB_DATABASE=XDBnameX
DB_USERNAME=root
DB_PASSWORD=rootpassword
1.同理給 middleware vendor backend
先假設網域名稱為 middleware,先複製 config
cd laradock/nginx/sites
cp laravel.conf.example laravel.middleware.conf
vi laravel.middleware.conf
先關閉SSL
server_name laravel.middleware 自己想取自己想
重點 root /var/www/middleware/public;
因為開啟dock後 你的專案會再docker /var/www 裏面:ㄆ
server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl http2;
# ssl_certificate ;
# ssl_certificate_key ;
server_name laravel.middleware;
root /var/www/middleware/public;
index index.php index.html index.htm;
location ^~ /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
docker-compose build nginx
docker-compose up -d nginx
因為php-fpm運行為www-data
docker-compose exec php-fpm id www-data
uid=1000(www-data) gid=1000(www-data) groups=1000(www-data)
所以需要設定權限
cd ../www/
chown -R 1000:1000 middleware/storage
vi /etc/hosts
127.0.0.1 laravel.middleware
127.0.0.1 laravel.vendor
127.0.0.1 laravel.backend
127.0.0.1 laravel.web
這樣再網頁打上laravel.middleware
就可以看到你的專案了
或許有更好的方式建制
當初處理了一段時間
要將vue一起混著用
cd laradock
mkdir node
cd node
vi Dockerfile
使用node 10 你可以自己換成你要的
安裝vim pm2 gulp
我們使用gulp打包nuxt vue
# Use an official node runtime as a parent image
FROM node:10
MAINTAINER JERRY
RUN apt-get update &&\
apt-get -y install vim
WORKDIR /var/www
# Install dependencies
# COPY package.json yarn.lock /app/
RUN npm install -g pm2
RUN npm uninstall -g gulp
cd laradock
vi docker-compose.yml
增加node的設定
1.container_name 之後對應nginx設定
2.command 開啟後一些流程 可以再優化
3.ports 再package 上面有設定"beta-start": "HOST=0.0.0.0 PORT=3333 nuxt start"
4.volumes 吃相同/var/www
### node ####################################################
node:
build:
context: ./node
container_name: web
command: >
/bin/bash -c 'cd web/;
dpkg -i --force-overwrite *.deb;
rm *.deb;
npm install;
pm2-runtime start npm --name "web" -- run beta-start;'
ports:
- "3030:3333"
networks:
- frontend
- backend
volumes:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG}
links:
- docker-in-docker
extra_hosts:
- "dockerhost:${DOCKER_HOST_IP}"
environment:
- PHP_IDE_CONFIG=${PHP_IDE_CONFIG}
- DOCKER_HOST=tcp://docker-in-docker:2376
- DOCKER_TLS_VERIFY=1
- DOCKER_TLS_CERTDIR=/certs
- DOCKER_CERT_PATH=/certs/client
- FAKETIME=${PHP_FPM_FAKETIME}
讓前端要call api找的到地方 再backend:aliases:
### NGINX Server #########################################
nginx:
container_name: nginx
build:
context: ./nginx
args:
- CHANGE_SOURCE=${CHANGE_SOURCE}
- PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
- PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
- http_proxy
- https_proxy
- no_proxy
volumes:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG}
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
ports:
- "${NGINX_HOST_HTTP_PORT}:80"
- "${NGINX_HOST_HTTPS_PORT}:443"
- "${VARNISH_BACKEND_PORT}:81"
depends_on:
- php-fpm
networks:
frontend:
aliases:
- test
backend:
aliases:
- laravel.middleware
- laravel.vendor
- laravel.backend
- laravel.web
vi laradock/nginx/sites/laravel.web.conf
代理proxy_pass http://web:3333; 其中web是container_name設定的
開啟css jpg js ....等等功能
map $sent_http_content_type $expires {
"text/html" epoch;
"text/html; charset=utf-8" epoch;
default off;
}
server {
listen 80;
listen [::]:80;
gzip on;
gzip_types text/plain application/xml text/css application/javascript;
gzip_min_length 1000;
fastcgi_intercept_errors on;
server_name laravel.web;
charset utf-8;
root /var/www/web/.nuxt;
index index.html index.htm;
proxy_set_header X-Forwarded-Proto $scheme;
location / {
expires $expires;
proxy_pass http://web:3333;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
}
location ~* \.(?:css|js|json|map)$ {
expires 60d;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(png|jpg|gif|ico)$ {
expires 60d;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(woff|woff2|ttf)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(html|xml|txt)$ {
add_header Cache-Control "public";
}
location /apple-app-site-association {
default_type application/json;
add_header Cache-Control "public";
}
location ~ /\.{
access_log off;
log_not_found off;
deny all;
}
location ^~ /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
error_log /var/log/nginx/laravel_error.log;
access_log /var/log/nginx/laravel_access.log;
}
參考 Docker-HTTPS
一共4網站要做SSL驗證的話
上述的laravel.web laravel.middleware為localhost的使用使用
之後上線版本 修改成你的DNS
建議使用fullchain 我也不知道WHY.....
letsencrypt certonly --webroot -w /var/www/letsencrypt -d $CNMIDDLEWARE --agree-tos --email $EMAIL --non-interactive --text
letsencrypt certonly --webroot -w /var/www/letsencrypt -d $CNWEB --agree-tos --email $EMAIL --non-interactive --text
letsencrypt certonly --webroot -w /var/www/letsencrypt -d $CNVENDOR --agree-tos --email $EMAIL --non-interactive --text
letsencrypt certonly --webroot -w /var/www/letsencrypt -d $CNBACKEND --agree-tos --email $EMAIL --non-interactive --text
cp /etc/letsencrypt/archive/$CNMIDDLEWARE/cert1.pem /var/certs/cert1.$CNMIDDLEWARE.pem
cp /etc/letsencrypt/archive/$CNMIDDLEWARE/fullchain.pem /var/certs/fullchain.$CNMIDDLEWARE.pem
cp /etc/letsencrypt/archive/$CNMIDDLEWARE/privkey1.pem /var/certs/privkey1.$CNMIDDLEWARE.pem
cp /etc/letsencrypt/archive/$CNWEB/cert1.pem /var/certs/cert1.$CNWEB.pem
cp /etc/letsencrypt/archive/$CNWEB/privkey1.pem /var/certs/privkey1.$CNWEB.pem
cp /etc/letsencrypt/archive/$CNVENDOR/cert1.pem /var/certs/cert1.$CNVENDOR.pem
cp /etc/letsencrypt/archive/$CNVENDOR/privkey1.pem /var/certs/privkey1.$CNVENDOR.pem
cp /etc/letsencrypt/archive/$CNBACKEND/cert1.pem /var/certs/cert1.$CNBACKEND.pem
cp /etc/letsencrypt/archive/$CNBACKEND/privkey1.pem /var/certs/privkey1.$CNBACKEND.pem
修改對應 run-certbot.sh 的變數名稱
然後再你的www裏面增加 letsencrypt資料夾
cd www/
mkdir letsencrypt
之後跑certbot會用到
這些設定跟nginx有關,再驗證的時後會網址會增加xxxxx.tw/.well-known/acme-challenge
然後會對應到 你資料夾 www/letsencrypt
location ^~ /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
然後驗證完了你的憑證都在 laradock/data/certbot/certs 裏面
./certbot/log/:/var/log/letsencrypt 這段只是察看log error
### Certbot #########################################
certbot:
build:
context: ./certbot
volumes:
- ./data/certbot/certs/:/var/certs
- ../www/letsencrypt/:/var/www/letsencrypt
- ./certbot/log/:/var/log/letsencrypt
environment:
- CNWEB=web.yourdns.tw
- CNMIDDLEWARE=middleware.yourdns.tw
- CNVENDOR=vendor.yourdns.tw
- CNBACKEND=backend.yourdns.tw
- EMAIL=XXXXXXX@gmail.com
networks:
- frontend
把./data/certbot/certs/:/var/certs SSL憑證掛載進去docker nginx裏面
### NGINX Server #########################################
nginx:
container_name: nginx
build:
context: ./nginx
args:
- CHANGE_SOURCE=${CHANGE_SOURCE}
- PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
- PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
- http_proxy
- https_proxy
- no_proxy
volumes:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG}
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
- ./data/certbot/certs/:/var/certs
.....等等
如果無法掛載/var/certs的話
cd laradock/nginx
vi Dockerfile
增加一行
讓nginx形成的時候有資料夾
RUN mkdir /var/certs
當我們有使用 queue 或是 scheduler 的功能時, 會需要在背景起一個 process 用來監聽 queue job, 這時便需要使用程序管理器
cd laradock/php-worker/supervisord.d
cp laravel-worker.conf.example middleware.conf
cp laravel-worker.conf.example vendor.conf
---
內容填
program:laravel-middleware 如果有多專案 要換名稱阿
[program:laravel-middleware]
process_name=%(program_name)s_%(process_num)02d
command=php /var/www/middleware/artisan queue:work --sleep=3 --tries=3 --daemon
autostart=true
autorestart=true
numprocs=3
user=laradock
redirect_stderr=true
stdout_logfile=/var/www/middleware/storage/logs/worker.log
iThome鐵人賽
看影片追技術