diff --git a/.editorconfig b/.editorconfig index 64e83d2..08e277a 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,5 +8,5 @@ indent_style = space indent_size = 4 trim_trailing_whitespace = true -[*.{js,json,scss,vue,yml,yaml,sh}] +[*.{js,json,scss,vue,yml,yaml,sh,conf}] indent_size = 2 diff --git a/.env.example b/.env.example index ece7f1c..6629a66 100644 --- a/.env.example +++ b/.env.example @@ -19,24 +19,12 @@ REDIS_DATA_PATH=./data/redis5 REDIS_CONF_PATH=./redis/redis5.conf REDIS_PORT=6379 -### ElasticSearch 7.17 ######################## -ELASTICSEARCH_PATH=./data/elasticsearch/ - -### Kibana 7.17 ######################## -KIBANA_PORT=5601 -ELASTICSEARCH_USERNAME=elastic -ELASTICSEARCH_PASSWORD=123456 - ### IPV4_ADDRESS ############################## SUBNET=172.19.0.0/16 NGINX_IP=172.19.0.2 MYSQL_IP=172.19.0.3 REDIS_IP=172.19.0.4 -ELASTICSEARCH_IP=172.19.0.5 -KIBANA_IP=172.19.0.6 -ES01_IP=172.19.0.7 -ES02_IP=172.19.0.8 -ES03_IP=172.19.0.9 +CERTBOT_IP=172.19.0.11 PHP56_IP=172.19.0.56 PHP71_IP=172.19.0.71 PHP72_IP=172.19.0.72 diff --git a/README.md b/README.md index d8683c2..83cc636 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,18 @@ -1. docker-lnmp 项目帮助开发者快速构建本地开发环境,包括Nginx、PHP、MySQL、Redis、MongoDB、ElasticSearch、Kibana服务镜像,支持服务版本切换,并支持配置文件和日志文件映射,不限操作系统; +1. docker-lnmp 项目帮助开发者快速构建本地开发环境,包括Nginx、PHP、MySQL、Redis 服务镜像,支持配置文件和日志文件映射,不限操作系统; 2. 此项目适合个人开发者本机部署,可以快速切换服务版本满足学习服务新版本的需求; 也适合团队中统一开发环境,设定好配置后一键部署, 便于提高团队开发效率; 2. PHP 支持多版本 包括php5.6、 php7.1、php7.2、php7.3、php7.4、php8.0、php8.1 版本; 3. MySQL 支持 5.7 、8.0 版本; 4. Redis 支持 4.0 、5.0 、6.0 版本; -5. ElasticSearch 和 Kibana 是 7.17.0 版本; -6PHP 扩展包括了gd、grpc、redis、protobuf、memcached、swoole等; +5. PHP 扩展包括了gd、grpc、redis、protobuf、memcached、swoole等; ### 一. [install docker](https://github.com/ogenes/docker-lnmp/wiki/Docker-%E7%AE%80%E4%BB%8B%E5%8F%8A%E5%AE%89%E8%A3%85) ``` $ docker -v -Docker version 19.03.8, build afacb8b +Docker version 20.10.21, build baeda1f $ docker-compose -v -docker-compose version 1.25.5, build 8a1c60f6 +Docker Compose version v2.12.2 ``` @@ -31,13 +30,19 @@ $ cp .env.example .env ### 四. run ```shell script +#创建网络,指定子网与.env中配置一致 +$ docker network create backend --subnet=172.19.0.0/16 +18f511530214374896700ad3f179fb9180227fe4e5b6ccf7e9f8ed9b8602059c +$ docker network ls | grep backend +18f511530214 backend bridge local + #首次执行耗时较久,耐心等待 $ docker-compose up -d nginx php74 mysql redis $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ba864491ac22 docker-lnmp_mysql "docker-entrypoint.s…" 22 minutes ago Up 6 seconds 0.0.0.0:3306->3306/tcp, 33060/tcp mysql 68ca3dcdf667 docker-lnmp_nginx "nginx -g 'daemon of…" 42 minutes ago Up 3 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx -9e46003ebe39 docker-lnmp_php "docker-php-entrypoi…" 42 minutes ago Up 4 seconds 0.0.0.0:9000->9000/tcp php +9e46003ebe39 docker-lnmp_php74 "docker-php74-entrypoi…" 42 minutes ago Up 4 seconds 0.0.0.0:9074->9074/tcp php e1c96bbea465 docker-lnmp_redis "docker-entrypoint.s…" 51 minutes ago Up 5 seconds 0.0.0.0:6379->6379/tcp redis ``` @@ -61,7 +66,7 @@ $ docker-compose restart nginx 可以通过修改 env 文件的 MYSQL_VERSION 、REDIS_VERSION 来选择其他版本 MySQL 和 Redis 切换版本时,注意切换配置文件 - 项目目录默认为 docker-lnmp/www 目录 + 项目目录默认为 docker-lnmp/../www 目录 可以通过修改 env 文件的 WEB_ROOT_PATH 来指定其他目录 nginx 虚拟主机配置文件在 docker-lnmp/nginx/conf.d 目录内, 可以参考 default 项目配置。 @@ -92,48 +97,185 @@ $ docker-compose down --rmi all ### 目录结构 ``` -. ├── LICENSE ├── README.md -├── data -│   ├── elasticsearch -│   ├── mysql -│   ├── redis -├── docker-compose.yml -├── elasticsearch -│   └── Dockerfile -├── kibana7 -│   └── Dockerfile -├── logs -├── mongo -│   ├── Dockerfile -│   └── mongod.conf +├── compose.yml ├── mysql -│   ├── Dockerfile -│   └── docker.cnf + ├── Dockerfile + └── docker.cnf ├── nginx -│   ├── Dockerfile -│   ├── conf.d -│   │   ├── default.conf.example -│   └── nginx.conf -├── php -│   ├── Dockerfile -│   └── config -│   ├── php-fpm.conf -│   ├── php-fpm.d -│   │   ├── docker.conf -│   │   ├── www.conf -│   │   └── zz-docker.conf -│   └── php.ini -├── redis -│   ├── Dockerfile -│   ├── redis4.conf -│   ├── redis5.conf -│   └── redis6.conf -├── text.log -└── www - └── default - └── index.php + ├── Dockerfile + ├── conf.d + ├── default.conf + ├── fpm + ├── php56-fpm + ├── php71-fpm + ├── php72-fpm + ├── php73-fpm + ├── php74-fpm + ├── php80-fpm + └── php81-fpm + ├── nginx.conf +├── php56 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php71 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php72 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php73 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php74 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php80 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +├── php81 + ├── Dockerfile + └── config + ├── php-fpm.conf + ├── php-fpm.d + ├── www.conf + └── zz-docker.conf + └── php.ini +└── redis +├── Dockerfile +├── redis4.conf +├── redis5.conf +└── redis6.conf + +``` + +### Certbot 申请免费的ssl证书 +1. 先配置http可访问, 以 test.ogenes.cn 为例 +```shell +[root@ogenes01 docker-lnmp]# pwd +/data/docker-lnmp +[root@ogenes01 docker-lnmp]# vim nginx/conf.d/test.conf +server { + listen 80; + listen [::]:80; + + server_name test.ogenes.cn; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + charset utf-8; + default_type text/html; + return 200 'Hello Ogenes Test!'; + } +} + +[root@ogenes01 docker-lnmp]# docker-compose restart nginx +[+] Running 1/1 + ⠿ Container nginx Started +[root@ogenes01 docker-lnmp]# curl test.ogenes.cn +Hello Ogenes Test! +``` +2. 申请ssl证书 +```shell +[root@ogenes01 docker-lnmp]# docker-compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d test.ogenes.cn +Saving debug log to /var/log/letsencrypt/letsencrypt.log +Requesting a certificate for test.ogenes.cn + +Successfully received certificate. +Certificate is saved at: /etc/letsencrypt/live/test.ogenes.cn/fullchain.pem +Key is saved at: /etc/letsencrypt/live/test.ogenes.cn/privkey.pem +This certificate expires on 2023-07-18. +These files will be updated when the certificate renews. + +NEXT STEPS: +- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See https://certbot.org/renewal-setup for instructions. +We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org. +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +If you like Certbot, please consider supporting our work by: + * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate + * Donating to EFF: https://eff.org/donate-le +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[root@ogenes01 docker-lnmp]# ``` +3. 修改nginx配置,支持https +```shell +[root@ogenes01 docker-lnmp]# vim nginx/conf.d/test.conf +server { + listen 80; + listen [::]:80; + + server_name test.ogenes.cn; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://test.ogenes.cn$request_uri; + } +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name test.ogenes.cn; + + ssl_certificate /etc/nginx/ssl/live/test.ogenes.cn/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/live/test.ogenes.cn/privkey.pem; + + location / { + charset utf-8; + default_type text/html; + return 200 'Hello Ogenes Test Https!'; + } +} +[root@ogenes01 docker-lnmp]# docker-compose restart nginx +[+] Running 1/1 + ⠿ Container nginx Started +[root@ogenes01 docker-lnmp]# curl https://test.ogenes.cn +Hello Ogenes Test Https! +``` +![image-20230419175534350](https://img.ogenes.cn/img/2023/image-20230419175534350.png) + +4. 配置计划任务,每个月月初自动刷新 +```shell +#更新https证书 +1 1 1 * * cd /data/docker-lnmp && docker-compose run --rm certbot renew >> /dev/null 2>&1 +``` diff --git a/compose.yml b/compose.yml index 28533ee..28af7da 100644 --- a/compose.yml +++ b/compose.yml @@ -22,6 +22,8 @@ x-hosts: &hosts - esb-base.local.55haitao.com:${NGINX_IP} - esb-utils.local.55haitao.com:${NGINX_IP} - esb-api.local.55haitao.com:${NGINX_IP} + - cas.dev.com:${NGINX_IP} + - permission.dev.com:${NGINX_IP} services: ### NGINX ############################################################################## @@ -37,14 +39,31 @@ services: # nginx默认配置文件 - ./nginx/nginx.conf:/etc/nginx/nginx.conf - ./nginx/conf.d:/etc/nginx/conf.d - # 项目代码 + - ./nginx/ssl:/etc/nginx/ssl - ${WEB_ROOT_PATH}:/var/www/ - # nginx日志 - ${NGINX_LOG_PATH}:/var/log/nginx/ networks: backend: ipv4_address: ${NGINX_IP} - ### MySQL ############################################################################## + certbot: + image: certbot/certbot + volumes: + - ${WEB_ROOT_PATH}/www/:/var/www/certbot/:rw + - ./nginx/ssl/:/etc/letsencrypt/:rw + networks: + backend: + ipv4_address: ${CERTBOT_IP} + + certbot: + image: certbot/certbot + container_name: certbot + volumes: + - ${WEB_ROOT_PATH}/certbot/:/var/www/certbot/:rw + - ./nginx/ssl/:/etc/letsencrypt/:rw + networks: + backend: + ipv4_address: ${CERTBOT_IP} + mysql: build: context: ./mysql @@ -69,8 +88,6 @@ services: backend: ipv4_address: ${MYSQL_IP} - - ### Redis ############################################################################## redis: build: context: ./redis @@ -88,7 +105,6 @@ services: backend: ipv4_address: ${REDIS_IP} - ### PHP56 ############################################################################# php56: build: context: ./php56 @@ -123,7 +139,7 @@ services: networks: backend: ipv4_address: ${PHP56_IP} - ### PHP71 ############################################################################## + php71: build: context: ./php71 @@ -159,7 +175,6 @@ services: backend: ipv4_address: ${PHP71_IP} - ### PHP72 ############################################################################## php72: build: context: ./php72 @@ -194,7 +209,7 @@ services: networks: backend: ipv4_address: ${PHP72_IP} - ### PHP73 ############################################################################## + php73: build: context: ./php73 @@ -230,7 +245,6 @@ services: backend: ipv4_address: ${PHP73_IP} - ### PHP74 ############################################################################# php74: build: context: ./php74 @@ -268,7 +282,6 @@ services: backend: ipv4_address: ${PHP74_IP} - ### PHP80 ############################################################################## php80: build: context: ./php80 @@ -305,7 +318,6 @@ services: backend: ipv4_address: ${PHP80_IP} - ### PHP81 ############################################################################## php81: build: context: ./php81 @@ -343,116 +355,6 @@ services: backend: ipv4_address: ${PHP81_IP} - ### ElasticSearch ###################################################################### - es01: - build: - context: ./elasticsearch - container_name: es01 - environment: - - node.name=es01 - - discovery.seed_hosts=es02,es03 - - cluster.initial_master_nodes=es01,es02,es03 - - cluster.name=docker-cluster - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - xpack.security.enabled=false - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - cap_add: - - IPC_LOCK - volumes: - - ${ELASTICSEARCH_PATH}/01/data:/usr/share/elasticsearch/data - - ${ELASTICSEARCH_PATH}/01/plugins:/usr/share/elasticsearch/plugins - - ${ELASTICSEARCH_LOG}/01:/usr/share/elasticsearch/logs - ports: - - 9200:9200 - networks: - backend: - ipv4_address: ${ES01_IP} - - es02: - build: - context: ./elasticsearch - container_name: es02 - environment: - - node.name=es02 - - discovery.seed_hosts=es01,es03 - - cluster.initial_master_nodes=es01,es02,es03 - - cluster.name=docker-cluster - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - xpack.security.enabled=false - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - cap_add: - - IPC_LOCK - volumes: - - ${ELASTICSEARCH_PATH}/02/data:/usr/share/elasticsearch/data - - ${ELASTICSEARCH_PATH}/02/plugins:/usr/share/elasticsearch/plugins - - ${ELASTICSEARCH_LOG}/02:/usr/share/elasticsearch/logs - networks: - backend: - ipv4_address: ${ES02_IP} - - es03: - build: - context: ./elasticsearch - container_name: es03 - environment: - - node.name=es03 - - discovery.seed_hosts=es01,es02 - - cluster.initial_master_nodes=es01,es02,es03 - - cluster.name=docker-cluster - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - xpack.security.enabled=false - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - cap_add: - - IPC_LOCK - volumes: - - ${ELASTICSEARCH_PATH}/03/data:/usr/share/elasticsearch/data - - ${ELASTICSEARCH_PATH}/03/plugins:/usr/share/elasticsearch/plugins - - ${ELASTICSEARCH_LOG}/03:/usr/share/elasticsearch/logs - networks: - backend: - ipv4_address: ${ES03_IP} - - ### kibana ############################################################################ - kibana: - build: - context: ./kibana - container_name: kibana - environment: - - SERVER_NAME=kibana - - XPACK_MONITORING_ENABLED=true - - ELASTICSEARCH_HOSTS=http://es01:9200 - - I18N_LOCALE=zh-CN - - ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME} - - ELASTICSEARCH_PASSWORD="${ELASTICSEARCH_PASSWORD}" - ports: - - ${KIBANA_PORT}:5601 - networks: - backend: - ipv4_address: ${KIBANA_IP} - networks: backend: - driver: bridge - ipam: - config: - - subnet: ${SUBNET} + external: true diff --git a/elasticsearch/Dockerfile b/elasticsearch/Dockerfile deleted file mode 100644 index 93584b4..0000000 --- a/elasticsearch/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM docker.elastic.co/elasticsearch/elasticsearch:7.17.0 - -LABEL maintainer="ogenes.yi@gmail.com" - -# 复制时区配置 -ENV TZ=Asia/Shanghai -RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - -# 安装基础 -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - apt-utils \ - curl \ - sudo \ - git \ - vim \ - wget \ - net-tools \ - && rm -rf /var/lib/apt/lists/* diff --git a/kibana/Dockerfile b/kibana/Dockerfile deleted file mode 100644 index daecea0..0000000 --- a/kibana/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM docker.elastic.co/kibana/kibana:7.17.0 - -LABEL maintainer="ogenes.yi@gmail.com" diff --git a/nginx/Dockerfile b/nginx/Dockerfile index 633cd45..c76d636 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -16,7 +16,8 @@ RUN apt-get update \ vim \ wget \ net-tools \ - && rm -rf /var/lib/apt/lists/* + && rm -rf /var/lib/apt/lists/* \ + # 更改权限 RUN mkdir /var/www \ diff --git a/nginx/conf.d/fpm/php56-fpm b/nginx/conf.d/fpm/php56-fpm index e69de29..53b6aa2 100644 --- a/nginx/conf.d/fpm/php56-fpm +++ b/nginx/conf.d/fpm/php56-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php56:9056; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +} diff --git a/nginx/conf.d/fpm/php71-fpm b/nginx/conf.d/fpm/php71-fpm index e69de29..40f31c2 100644 --- a/nginx/conf.d/fpm/php71-fpm +++ b/nginx/conf.d/fpm/php71-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php71:9071; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +} diff --git a/nginx/conf.d/fpm/php72-fpm b/nginx/conf.d/fpm/php72-fpm index e69de29..ccc4621 100644 --- a/nginx/conf.d/fpm/php72-fpm +++ b/nginx/conf.d/fpm/php72-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php72:9072; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +} diff --git a/nginx/conf.d/fpm/php73-fpm b/nginx/conf.d/fpm/php73-fpm index e69de29..5a5b89f 100644 --- a/nginx/conf.d/fpm/php73-fpm +++ b/nginx/conf.d/fpm/php73-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php73:9073; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +} diff --git a/nginx/conf.d/fpm/php80-fpm b/nginx/conf.d/fpm/php80-fpm index e69de29..614cdba 100644 --- a/nginx/conf.d/fpm/php80-fpm +++ b/nginx/conf.d/fpm/php80-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php80:9080; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +} diff --git a/nginx/conf.d/fpm/php81-fpm b/nginx/conf.d/fpm/php81-fpm index e69de29..3304f5f 100644 --- a/nginx/conf.d/fpm/php81-fpm +++ b/nginx/conf.d/fpm/php81-fpm @@ -0,0 +1,11 @@ +location ~ \.php$ { + index index.html index.htm index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php81:9081; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; +}