前言
今天尝试了好几种博客的一键化部署,最后个人感觉用起来最舒服的还是halo。在这里正好把一键部署的方式记录一下
目录结构
├── docker-compose.yml
├── .env
├── halo2/
└── nginx/
├── nginx.conf
└── ssl/
├── www.yourdomain.crt.pem
└── www.yourdomain.key.pem
文件内容
docker-compose.yml文件
version: "3"
services:
nginx:
image: nginx:latest
restart: always
depends_on:
- halo
networks:
- halo_network
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/ssl:/etc/nginx/ssl
environment:
- SERVER_NAME=${NGINX_SERVER_NAME}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:80"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
halo:
image: registry.fit2cloud.com/halo/halo:2.20
restart: on-failure:3
depends_on:
halodb:
condition: service_healthy
networks:
- halo_network
volumes:
- ./halo2:/root/.halo2
# 不再直接暴露8090端口,由Nginx代理
expose:
- "8090"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8090/actuator/health/readiness"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
environment:
- JVM_OPTS=${HALO_JVM_OPTS}
command:
- --spring.r2dbc.url=r2dbc:pool:mysql://halodb:3306/${MYSQL_DATABASE}
- --spring.r2dbc.username=${HALO_DB_USERNAME}
- --spring.r2dbc.password=${HALO_DB_PASSWORD}
- --spring.sql.init.platform=mysql
- --halo.external-url=${HALO_EXTERNAL_URL}
halodb:
image: mysql:8.1.0
restart: on-failure:3
networks:
- halo_network
command:
- --default-authentication-plugin=caching_sha2_password
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_general_ci
- --explicit_defaults_for_timestamp=true
volumes:
- halo_mysql_data:/var/lib/mysql
- ./mysqlBackup:/data/mysqlBackup
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "--silent"]
interval: 3s
retries: 5
start_period: 30s
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
networks:
halo_network:
volumes:
halo_mysql_data:
driver: localnginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
# 增加请求体大小限制
client_max_body_size 10M;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
upstream halo_end {
server halo:8090;
}
server {
listen 80;
server_name www.yourdomain.com;
return 301 https://$host$request_uri; # HTTP强制跳转HTTPS
}
server {
listen 443 ssl;
server_name www.yourdomain.com;
# SSL证书配置
ssl_certificate /etc/nginx/ssl/www.yourdomain.com_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/www.yourdomain.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
# 强制HTTPS安全协议
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
proxy_pass http://halo_end;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
} .env文件
# MySQL配置
MYSQL_ROOT_PASSWORD=MYSQL_ROOT_PASSWORD
MYSQL_DATABASE=MYSQL_DATABASE
# Halo配置
HALO_EXTERNAL_URL=https://www.yourdomain.com
HALO_DB_USERNAME=HALO_DB_USERNAME
HALO_DB_PASSWORD=HALO_DB_PASSWORD
HALO_JVM_OPTS=HALO_JVM_OPTS
# Nginx配置
NGINX_SERVER_NAME=www.yourdomain.com启动方式
docker-compose up -d