跳到主內容

Docker

apt install docker

安裝docker主程式

docker pull portainer/portainer-ce:latest
docker run -d -p 9000:9000 --restart always -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer-ce:latest

安裝web版管理介面

server {
    server_name docker.site.com;

    location ~/ {
    # prevents 502 bad gateway error
    proxy_buffers 8 32k;
    proxy_buffer_size 64k;

    client_max_body_size 75M;

    # redirect all HTTP traffic to localhost:8088;
    proxy_pass http://localhost:9000;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    #proxy_set_header X-NginX-Proxy true;

    # enables WS support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    proxy_read_timeout 999999999;
}


}

一般而言,Docker要存取Docker建立出來的內容,都要透過 IP + port 存取
由於我的VPS並無9000的port,因此必須透過Nginx Proxy 的方式存取Docker創建出來的本機port

相同的原理,我如果想要創建WordPress的話,可以使用下面的 Stacks

version: '3.1'

services:

  wordpress:
    image: wordpress:6.0.1-php7.4-apache
    restart: always
    ports:
      - 8001:80
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: exampleuser
      WORDPRESS_DB_PASSWORD: examplepass
      WORDPRESS_DB_NAME: exampledb
    volumes:
      - wordpress:/var/www/html

  db:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_DATABASE: exampledb
      MYSQL_USER: exampleuser
      MYSQL_PASSWORD: examplepass
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db:/var/lib/mysql

volumes:
  wordpress:
  db:

創建好後,再設定Nginx設定檔

server {
    server_name demo1.site.com;

    location ~/ {
    # prevents 502 bad gateway error
    proxy_buffers 8 32k;
    proxy_buffer_size 64k;

    client_max_body_size 75M;

    # redirect all HTTP traffic to localhost:8088;
    proxy_pass http://localhost:8001;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    #proxy_set_header X-NginX-Proxy true;

    # enables WS support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    proxy_read_timeout 999999999;
}


}

成功的話,輸入 https://demo1.site.com 就能連接到Docker創建出來的網站

docker exec -i -t 8001-wordpress-1 bash

進入 WordPress的容器

echo -e "file_uploads = On\nmemory_limit = 500M\nupload_max_filesize = 500M\npost_max_size = 500M\nmax_execution_time = 600" | tee -a /usr/local/etc/php/conf.d/uploads.ini;/etc/init.d/apache2 restart

Docker創建出來的WordPress預設由於有上傳限制,可以進入終端機模式,透過上面那一行解決
透過這個方式創建出來的WordPress會發現系統會判定是Apache2架出來的,還蠻有趣
每個WordPress網站都透過Docker的方式獨立區隔,有個好處就是如果中毒了只會影響到其中一個站 XD
我曾經有個經驗,同事用了破解外掛被放毒,結果造成所有的WordPress架出來的全中獎,情況非常慘烈

回到頂端