前言

使用 Docker Compose 部署 独角数卡发卡系统，使用 Nginx 反向代理容器内 独角数卡系统 和 Phpmyadmin 端口，使其端口不暴露在外，使用Acme.sh 定期申请 SSl 证书进行续签，使用MariaDB 作为数据库，使用Redis 做内存数据库提示 独角数卡网页相应速度，使用Phpmyadmin 对数据库进行管理。

一、安装 Docker

bash <(curl -sSL https://gitee.com/SuperManito/LinuxMirrors/raw/main/DockerInstallation.sh)

二、创建配置文件

mkdir faka && cd faka
mkdir -p dujiaoka/storage dujiaoka/uploads
chmod -R 777 dujiaoka/storage dujiaoka/uploads

version: "3.9"
services:
  # Nginx 反向代理
  nginx:
    image: nginx:latest
    # ./config 中包含Nginx配置文件
    # ./key （可选） 中包含SSL证书 用于启用https连接
    volumes:
      - ./nginx/html:/usr/share/nginx/html/
      - ./nginx/conf:/etc/nginx/conf.d/
      - ./acme/faka.xxx.com:/faka_key              #证书文件夹请自行更改
      - ./acme/faka-sql.xxx.com:/faka_sql_key      #证书文件夹请自行更改
    # 对外开放 80 (http) 和 443 (https) 端口
    ports:
      - 80:80
      - 443:443
    restart: always

  # ssl 证书申请工具
  acme.sh:
    image: neilpang/acme.sh:latest
    restart: always
    environment:
      - CF_Token=xxxxxxxxxx    #我这里是 CloudFlare
      - CF_Account_ID=xxxxxxxxx  #我这里是 CloudFlare
    command: daemon
    volumes:
      - ./acme:/acme.sh

  # 独角数卡发卡系统
  dujiaoka:
    depends_on:
      - mariadb
    image: stilleshan/dujiaoka:latest
    environment:
        #- INSTALL=false
        - INSTALL=true
        # - MODIFY=true
    volumes:
      - ./dujiaoka:/dujiaoka
    restart: always

  mariadb:
    image: mariadb
    # 映射mariadb容器内存放数据库数据的文件夹
    # 其中包含了WordPress的核心数据信息
    volumes:
       - ./mariadb:/var/lib/mysql
    restart: always
    # 下面的环境变量会在数据库数据文件夹已存在时失效
    environment:
      # root用户的初始密码
      MYSQL_ROOT_PASSWORD: password
      # 使用的数据库
      MYSQL_DATABASE: faka
      # 使用的用户
      MYSQL_USER: faka
      # 使用的用户的密码
      MYSQL_PASSWORD: password


  #Redis 缓存wordpress
  redis:
    image: redis:alpine
    restart: always
    volumes:
      - ./redis:/data


  # phpmyadmin 管理数据库
  phpmyadmin:
    depends_on:
      - mariadb
    image: phpmyadmin
    restart: always
    environment:
      - PMA_HOST=mariadb
      - PMA_USER=root
      - PMA_PASSWORD=password

APP_NAME=独角数卡
APP_ENV=local
APP_KEY=base64:hDVkYhfkUjaePiaI1tcBT7G8bh2A8RQxwWIGkq7BO18=
APP_DEBUG=true
APP_URL=http://dujiaoka.test

LOG_CHANNEL=stack

# 数据库配置
DB_CONNECTION=mariadb
DB_HOST=mariadb
DB_PORT=3306
DB_DATABASE=faka
DB_USERNAME=faka
DB_PASSWORD=password

# redis 配置
REDIS_HOST==redis
REDIS_PASSWORD=
REDIS_PORT=6379

BROADCAST_DRIVER=log
SESSION_DRIVER=file
SESSION_LIFETIME=120


# 缓存配置
# file 为磁盘文件  redis 为内存级别
# redis 为内存需要安装好 redis 服务端并配置
CACHE_DRIVER=redis

# 异步消息队列
# sync 为同步  redis 为异步
# 使用 redis 异步需要安装好 redis 服务端并配置
QUEUE_CONNECTION=redis

# 后台语言
## zh_CN 简体中文
## zh_TW 繁体中文
## en    英文
DUJIAO_ADMIN_LANGUAGE=zh_CN

# 后台登录地址
ADMIN_ROUTE_PREFIX=/admin

# 后台 https 支持 docker 部署无需开启
#ADMIN_HTTPS=true

server {
    listen  80;
    server_name  faka.xxx.com faka-sql.xxx.com;
    rewrite ^(.*) https://$host$1 permanent;
}

server {
    listen 443   ssl http2;
    server_name  faka.xxx.com;
    index index.html index.htm index.php default.html default.htm default.php;

    ssl_certificate /faka_key/faka.xxx.com.cer;
    ssl_certificate_key /faka_key/faka.xxx.com.key;
    ssl_trusted_certificate /faka_key/faka.xxx.com.cer;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
    ssl_ecdh_curve secp384r1;
    ssl_session_timeout  10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_session_tickets off;
    resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
    resolver_timeout 5s;
    add_header Strict-Transport-Security "max-age=63072000" always;

    location ^~ / {
        proxy_pass http://faka_dujiaoka:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-Proto  $scheme;

        add_header X-Cache $upstream_cache_status;

        proxy_set_header Accept-Encoding "";
        sub_filter "http://" "https://";
        sub_filter_once off;
    }

    # access_log /home/wwwlogs/shop.domain.com.access.log main;
    # error_log  /home/wwwlogs/shop.domain.com.error.log warn;
}

server {
    listen 443   ssl http2;
    server_name  faka-sql.xxx.com;
    index index.html index.htm index.php default.html default.htm default.php;

    ssl_certificate /faka_sql_key/faka-sql.xxx.com.cer;
    ssl_certificate_key /faka_sql_key/faka-sql.xxx.com.key;
    ssl_trusted_certificate /faka_sql_key/faka-sql.xxx.com.cer;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
    ssl_ecdh_curve secp384r1;
    ssl_session_timeout  10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_session_tickets off;
    resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
    resolver_timeout 5s;
    add_header Strict-Transport-Security "max-age=63072000" always;

    location ^~ / {
        proxy_pass http://faka_phpmyadmin:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-Proto  $scheme;

        add_header X-Cache $upstream_cache_status;

        proxy_set_header Accept-Encoding "";
        sub_filter "http://" "https://";
        sub_filter_once off;
    }

    # access_log /home/wwwlogs/shop.domain.com.access.log main;
    # error_log  /home/wwwlogs/shop.domain.com.error.log warn;
}

三、安装部署

启动docker-compose

docker-compose up -d

acme.sh 申请ssl 证书

docker exec -it acme.sh acme.sh --issue --server letsencrypt --dns dns_cf -d faka.xxx.com --nginx

docker exec -it acme.sh acme.sh --issue --server letsencrypt --dns dns_cf -d faka-sql.xxx.com --nginx

移动配置文件至指定路径

mv env.conf dujiaoka/
mv faka.conf nginx/conf

重启 docker-compose 容器

docker-compose restart

四、后台设置

------本页内容已结束，喜欢请分享------

感谢您的来访，获取更多精彩文章请收藏本站。