B3log開源部落格compose搭建

B3log開源部落格搭建

docker 安裝

yum install docker-ce-17.12.1.ce

docker-compose 安裝

curl -L https://github.com/docker/compose/releases/download/1.24.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

# 設定 docker-compose 執行許可權
chmod +x /usr/local/bin/docker-compose

注意

• 事先購買好域名並配置好解析。
• 開放伺服器80和443埠，雲伺服器在安全組中新增規則。
• 證書申請在SSL證書，我是用的阿里雲伺服器，證書可以免費使用一年，過期後需要重新申請。

專案結構

.
├── compose-nginx.yml
├── compose-solo-mysql.yml # 這裡我是自建的資料，之前有，就沒有執行這個編排檔案
├── docker-compose.yml
├── nginx
│   ├── cert # https使用
│   │   ├── 7620436_www.example.com.key
│   │   ├── 7620436_www.example.com.pem
│   ├── conf
│   │   └── app.conf
│   └── logs
│       ├── access.log
│       └── error.log
├── solo
│   └── skins # 部落格皮膚，可以從官方倉庫克隆專案，複製裡面的skins

溫馨提示：下面的配置請根據這個目錄結構對號入座，本人主站也是使用該配置部署。有問題請評論區聯絡我。

docker-compose.yml

version: "3"

services:
  solo:
    container_name: solo
    image: b3log/solo
    restart: always
    environment:
      RUNTIME_DB: "MYSQL"
      JDBC_USERNAME: "root"
      JDBC_PASSWORD: "123456"
      JDBC_DRIVER: "com.mysql.cj.jdbc.Driver"
      JDBC_URL: "jdbc:mysql://172.16.96.61:3306/solo?useUnicode=yes&characterEncoding=UTF-8&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true"
    command: --listen_port=8080 --server_scheme=https --server_host=www.example.com --lute_http=http://172.16.96.61:8249 --server_port= --static_server_scheme=https --static_server_host=cdn.jsdelivr.net --static_path=/gh/88250/solo/src/main/resources
    volumes:
      # Pay attention to synchronization time
      # echo 'Asia/Shanghai' > /etc/timezone/timezone
      - /etc/timezone/timezone:/etc/timezone
      - /etc/localtime:/etc/localtime
      - ./solo/skins/:/opt/solo/skins/:ro
    ports:
      - 8080:8080
    dns:
      - 114.114.114.114
      - 8.8.8.8
  lute:
    image: b3log/lute-http
    container_name: lute
    restart: always
    volumes:
    # Pay attention to synchronization time
    # echo 'Asia/Shanghai' > /etc/timezone/timezone
    - /etc/timezone/timezone:/etc/timezone
    - /etc/localtime:/etc/localtime
    ports:
    - 8249:8249

compose-solo-mysql.yml

version: "3"
services:
  blog-mysql:
    image: mysql:8.0.22
    restart: always
    container_name: blog-mysql
    privileged: false
    ports:
      - 3306:3306
    networks:
      - blog-extranet
    environment:
      - MYSQL_ROOT_PASSWORD=123456
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./mysql/conf/:/etc/mysql/
      - ./mysql/data/:/var/lib/mysql/
      - ./mysql/init/:/docker-entrypoint-initdb.d/
      - ./mysql/logs/:/logs/

networks:
  blog-extranet:
    driver: bridge

compose-nginx.yml

version: "3"

services:
  nginx:
    image: nginx:1.14
    restart: always
    container_name: nginx
    privileged: true
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./nginx/conf/:/etc/nginx/conf.d/
      - ./nginx/cert/:/etc/nginx/cert/
      - ./nginx/logs/:/etc/nginx/log/
    dns:
    - 114.114.114.114
    - 8.8.8.8
networks:
  blog-extranet:
    driver: bridge

app.conf (nginx配置)

upstream blog {
    # server www.example.com:8080;
    # Solo 監聽埠，這裡的ip最好是你的雲伺服器內網ip，可以通過ip addr 或者ifconfig檢視
    server  172.16.96.61:8080;
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name www.example.com;
    # http 重定向到https 配置
    if ($http_x_forwarded_proto = "http") {
        return 301 https://$server_name$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name www.example.com;
    charset utf-8;
    access_log /etc/nginx/log/access.log;
    error_log /etc/nginx/log/error.log;
    
    ssl_certificate /etc/nginx/cert/7620436_www.example.com.pem;
    ssl_certificate_key /etc/nginx/cert/7620436_www.example.com.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   
    ssl_prefer_server_ciphers on;
 
    location / {
         proxy_pass http://blog$request_uri;
         proxy_set_header Host $http_host;
         proxy_set_header X-Forwarded-Host $server_name;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         client_max_body_size 10m;
    }

    # 防止爬蟲抓取
    if ($http_user_agent ~* "360Spider|JikeSpider|Spider|spider|bot|Bot|2345Explorer|curl|wget|webZIP|qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot|NSPlayer|bingbot")
    {
        return 403;
    }

    error_page   403 404 500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html/error-page;
    }
}