/ Ghost

Ghost: 用Docker搭建博客Ghost1.18.0和Nginx的详细过程

【概述】

  • 简单docker搭建Ghost
  • 复杂docker-compose搭建Ghost+Nginx

简单docker:

  • 解析域名(1/2)
  • 安装docker
  • 拉取ghost
  • 启动docker容器(2/2)
  • 就可以访问网页了

复杂docker:

  • 解析域名(1/9)
  • 给ghost预设好用户权限和超级命令
  • 安装docker
  • 安装docker-compose
  • docker容器创建网络(2/9),提供给ghost和nginx组网
  • 拉取ghost镜像
  • 配置ghost的映射目录和配置文件(3/9)
  • 编写ghost快速容器配置(4/9)
  • 启动ghost(5/9)
  • 拉取nginx镜像
  • 配置nginx映射目录和配置文件(6/9)
  • 添加conf.d的ghost服务代理文件(7/9)
  • 编写nginx快速容器配置(8/9)
  • 启动nginx(9/9)
  • 然后就可以访问了

下面就开始一个折腾的部署过程

【1.购买Linode服务器】

  • Linode注册充值
    官网:www.linode.com
    推荐码:注册充值时,填写推荐码,可以获得20美金赠送。
    推荐码:acd1469162f9392327ba6850077ea3512a521ec3

  • Linode创建多个实例

Linode Status Plan IP Location Backups Options
linode4667699_frankfurt Running Linode 1024 172.104.239.24 Frankfurt, DE No - Enable Dashboard Remove
linode4667982_uk Running Linode 1024 151.236.217.235 London, England, UK No - Enable Dashboard Remove
linode4668027_Tokyo Running Linode 1024 172.104.117.82 Tokyo 2, JP No - Enable Dashboard Remove
--
Manage Volumes Manage Images Manage StackScripts Add a Linode
  • ping一番,考察下哪里的服务器快。
    最后我全都删了,
    重新选择tokyo2服务器创建实例,linode4669841_tokyo

【2.部署CentOS7系统】

  • deploy部署系统
linode4669841_tokyo » Dashboard » Deploy an Image 
» 选择CentOS7/硬盘大小/管理员密码 » boot启动系统
ping 172.104.86.145
看看响应时间,不出意外在200左右,
想快的话,可以选择阿里云,为什么不选阿里云呢?略过。
  • 服务器远程登录
    用你设的Root密码
linode4669841_tokyo » Remote Access 
» ssh root@172.104.86.145

【3.准备用户和docker】

  • 创建ghost用户
[root@li1696-145 ~]# adduser ghost -c "Ghost Blog User"
adduser: user 'ghost' already exists
[root@li1696-145 ~]# passwd ghost
Changing password for user ghost.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@li1696-145 ~]# sudo su ghost
[ghost@li1696-145 root]$exit
[root@li1696-145 /]# mkdir -p /www/ghost/content
[root@li1696-145 /]# chown -R ghost /www/ghost
[root@li1696-145 /]# ll /www | grep ghost
drwxr-xr-x 3 ghost root 4096 Dec 17 12:51 ghost
  • 设置ghost用户的docker执行权限
[root@li1696-145 ghost]# chmod +w /etc/sudoers;vi /etc/sudoers;chmod -w /etc/sudoers;
#修改sudoers文件,
#使得用户ghost执行docker相关命令时,不需要密码
ghost ALL=(ALL) NOPASSWD: /usr/bin/docker,/usr/bin/docker-compose,/usr/bin/yum 
[root@li1696-145 ghost]# sudo su ghost
[ghost@li1696-145 ghost]$ cd ~
[ghost@li1696-145 ~]$ ls
[ghost@li1696-145 ~]$ ls -a
.  ..  .bash_history  .bash_logout  .bash_profile  .bashrc
[ghost@li1696-145 ~]$ vi .bashrc
alias docker="sudo /usr/bin/docker"  
alias docker-compose="sudo /usr/bin/docker-compose"
alias apt-get="sudo /usr/bin/yum" 
[ghost@li1696-145 ~]$ source ~/.bashrc 
  • yum更新所有包
Last login: Sun Dec 17 09:10:09 2017 from 120.7.241.125
[root@li1696-145 ghost]# sudo su ghost
[ghost@li1696-145 ~]$ yum update
Loaded plugins: fastestmirror ...     
Determining fastest mirrors ...
Resolving Dependencies
    [...一堆需要更新的包名...]
Dependencies Resolved
    Installing:	[...一堆包...]
    Updating:	[...一堆包...]  
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating:    [...一堆包...]    97/97 
Installed:   [...一堆包...]             
Updated:  [...一堆包...]            
Replaced:  [...一堆包...] 
Complete!
  • yum安装epel源
[ghost@li1696-145 ~]$  yum install -y epel-release
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile ...
Installed:
  epel-release.noarch 0:7-9
Complete!
  • docker安装
[ghost@li1696-145 ~]$  yum -y install docker
Loaded plugins: fastestmirror ...
Resolving Dependencies ...
Dependencies Resolved ...
Transaction Summary ...
Install  1 Package (+22 Dependent packages)
Downloading packages: ...
Running transaction ...
Installed:
  docker.x86_64 2:1.12.6-68.gitec8512b.el7.centos
Dependency Installed: ...
Complete!
  • docker启动服务
[root@li1696-145 ~]# service docker start
Redirecting to /bin/systemctl start docker.service
[root@li1696-145 ~]# service docker status
Redirecting to /bin/systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Sun 2017-12-17 11:24:02 UTC; 25s ago
     Docs: http://docs.docker.com
 Main PID: 31075 (dockerd-current)
   CGroup: /system.slice/docker.service
           ├─31075 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --...
           └─31081 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-...
#设置为开机自启:docker.service; disabled->enable
[ghost@li1696-145 ghost]$ sudo systemctl enable docker.service
[sudo] password for ghost: 
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[ghost@li1696-145 ghost]$ sudo systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2017-12-17 19:24:02 CST; 2 days ago
  • docker容器信息
[ghost@li1696-145 ~]$  docker info
...
Server Version: 1.12.6
Storage Driver: devicemapper
 ...
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.140-RHEL7 (2017-05-03)
 ...
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
 Volume: local
 Network: null host bridge overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 4.9.68-x86_64-linode89
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 1
Total Memory: 989.3 MiB
Name: li1696-145.members.linode.com
ID: 3CVC:DMSA:GICC:AE6A:ZF5J:KZUK:KLGC:2VX3:MLO3:S4XF:7RAS:J57Z
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries: 127.0.0.0/8
Registries: docker.io (secure) 
  • docker-compose安装容器管理器
[ghost@li1696-145 ~]$  yum install -y python-pip
Loaded plugins: fastestmirror ...
      Successfully uninstalled pip-8.1.2
Successfully installed pip-9.0.1
[root@li1696-145 ~]# pip install docker-compose
Collecting docker-compose
...
Successfully installed PyYAML-3.12 backports.ssl-match-hostname-3.5.0.1
cached-property-1.3.1 docker-2.6.1 docker-compose-1.17.1 docker-pycreds-0.2.1
dockerpty-0.4.1 docopt-0.6.2 enum34-1.1.6 functools32-3.2.3.post2 ipaddress-1.0.19
jsonschema-2.6.0 requests-2.11.1 six-1.11.0 texttable-0.9.1 websocket-client-0.44.0
[root@li1696-145 ~]# docker-compose --version
docker-compose version 1.17.1, build 6d101fb

【4. 安装ghost】

  • 拉取ghost镜像
    • https://hub.docker.com/_/ghost/
    • 信息显示现在最新的版本有 1.19.0, 1.19, 1, latest
    • 等下还需要试能否延用配置和数据进行ghost版本升级,
    • 所以选择拉取1.18.0旧版
[root@li1696-145 ~]# docker pull ghost:1.18.0
Trying to pull repository docker.io/library/ghost ... 
1.18.0: Pulling from docker.io/library/ghost
85b1f47fba49: Pull complete 
ba6bd283713a: Pull complete 
b9968e24de01: Pull complete 
838ee1f471db: Pull complete 
0fdc242cad3b: Pull complete 
832bbed4fceb: Pull complete 
4236193d6cb9: Pull complete 
9c3433cef9d7: Pull complete 
0e652596fea5: Pull complete 
810424414685: Pull complete 
a6518055b5e3: Pull complete 
Digest: sha256:6880ba5e34294ca93d6034489d553f9531a6672d1c8e759374beb86794d14d27
[root@li1696-145 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/ghost     1.18.0              bb41cd57e0d8        3 weeks ago         599.1 MB
  • ghost1.18.0镜像的信息
[root@li1696-145 ~]# docker inspect docker.io/ghost:1.18.0
[
    {
        "Id": "sha256:bb41cd57e0d8efccb1c94e083c942f563ec873abfa462d58756ffb959c1aefd5",
        "RepoTags": [
            "docker.io/ghost:1.18.0"
        ],
        "RepoDigests": [
            "docker.io/ghost@sha256:6880ba5e34294ca93d6034489d553f9531a6672d1c8e759374beb86794d14d27"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2017-11-23T01:34:23.286970119Z",
        "Container": "998418003c5d156a3ce602326fad9c77b465f101fdda3377f1cbedfccf94395f",
        "ContainerConfig": {
            "Hostname": "998418003c5d",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "2368/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/var/lib/ghost/current/node_modules/knex-migrator/bin",
                "NODE_VERSION=6.12.0",
                "YARN_VERSION=1.3.2",
                "GOSU_VERSION=1.10",
                "NODE_ENV=production",
                "GHOST_CLI_VERSION=1.3.0",
                "GHOST_INSTALL=/var/lib/ghost",
                "GHOST_CONTENT=/var/lib/ghost/content",
                "GHOST_VERSION=1.18.0"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "CMD [\"node\" \"current/index.js\"]"
            ],
            "ArgsEscaped": true,
            "Image": "sha256:61b845d031daaaa16d91b688e8a1e7b7b9b9ba521795f12e9f62ba0c31de068f",
            "Volumes": {
                "/var/lib/ghost/content": {}
            },
            "WorkingDir": "/var/lib/ghost",
            "Entrypoint": [
                "docker-entrypoint.sh"
            ],
            "OnBuild": [],
            "Labels": {}
        },
        "DockerVersion": "17.06.2-ce",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "2368/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/var/lib/ghost/current/node_modules/knex-migrator/bin",
                "NODE_VERSION=6.12.0",
                "YARN_VERSION=1.3.2",
                "GOSU_VERSION=1.10",
                "NODE_ENV=production",
                "GHOST_CLI_VERSION=1.3.0",
                "GHOST_INSTALL=/var/lib/ghost",
                "GHOST_CONTENT=/var/lib/ghost/content",
                "GHOST_VERSION=1.18.0"
            ],
            "Cmd": [
                "node",
                "current/index.js"
            ],
            "ArgsEscaped": true,
            "Image": "sha256:61b845d031daaaa16d91b688e8a1e7b7b9b9ba521795f12e9f62ba0c31de068f",
            "Volumes": {
                "/var/lib/ghost/content": {}
            },
            "WorkingDir": "/var/lib/ghost",
            "Entrypoint": [
                "docker-entrypoint.sh"
            ],
            "OnBuild": [],
            "Labels": null
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 599079643,
        "VirtualSize": 599079643,
        "GraphDriver": {
            "Name": "devicemapper",
            "Data": {
                "DeviceId": "12",
                "DeviceName": "docker-8:0-258105-877e3ba605ae152fc7fe8fea23e7f901417b385c15b9b70af76778e842becab3",
                "DeviceSize": "10737418240"
            }
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:c01c63c6823dd8a296c2134ea94d31121069f1c52f8f8789836bc7ea2e5cdc93",
                "sha256:d9a5f9b8d5c253a3bf7251335cc6a2f244de04b86900fd5939274dddeb908490",
                "sha256:db1abf136033a87f25579cf95320aed38153ee6b90024773870daf3bb67eb46b",
                "sha256:daa2fed7f12c085e4cfe4d173329d53cbf1acb48f61496d789e5a300126470da",
                "sha256:569947ac5694d11d50c8fa805167db456e10b3593af0532ebb76cc0eac89a75c",
                "sha256:f15eb3a93546f0e99c6f2f3ab1dc66d17432fefc993fc563dbb40b09d57ae135",
                "sha256:122b9050ef07f5aaf5d0ff41944d5367cc426e42e19dc09642c17830f2f11910",
                "sha256:c5c99b94f91dbb9eb89b07dc793715f747ef81a9536df27dbafff323b2df74de",
                "sha256:fab4807ca3467b94e32b30c1fa089c294e8784ef86d712f5d3aca109e4c3b795",
                "sha256:7f1880051f384be5d0533af145d673cfd8330e34e7bafcc633f4a5b200816b7b",
                "sha256:75cf7c8a8cea76b020efe2226e92c73ec97fc7d320f3cb289334daf6ceb37a18"
            ]
        }
    }
]

【5.启动Ghost博客】

  • 使用ghost用户启动ghost容器
[ghost@li1696-145 ghost]$ docker run -d 
 --name ghost01 -p 80:2368 
 -v /www/ghost/content:/var/lib/ghost/content
 ghost:1.18.0
#执行命令后获得一个容器ID
2f39ba468f2f9b770b5ae9c5a367d23cd139e0ff5685d4115cb4502ea00e3e5f
[ghost@li1696-145 ghost]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
2f39ba468f2f        ghost:1.18.0        "docker-entrypoint.sh"   5 seconds ago       Up 4 seconds        0.0.0.0:80->2368/tcp   ghost01
  • 顺手把json配置文件弄出来,等会映射用
[ghost@li1696-145 ghost]$ docker cp ghost01:/var/lib/ghost/config.production.json ./
[ghost@li1696-145 ghost]$ docker cp ghost01:/var/lib/ghost/config.development.json ./
[ghost@li1696-145 ghost]$ sudo chown -R ghost /www/ghost
[ghost@li1696-145 ghost]$ ll
total 8
lrwxrwxrwx 1 ghost root   22 Nov 23 01:34 config.development.json -> config.production.json
-rw-r--r-- 1 ghost root  430 Nov 23 01:34 config.production.json
drwxr-xr-x 7 ghost root 4096 Dec 17 13:21 content
[ghost@nginx current]$ docker cp ghost:/var/lib/ghost/current/content /www/ghost/current/
[ghost@nginx current]$ sudo chown ghost -R content
  • 把拷出来的ghost配置文件设置一下域名
[ghost@li1696-145 ghost]$ cat config.production.json 
{
  #定义你的域名,否则邮件通知内容会变成localhost
  "url": "http://ghost.atibm.com/", 
  "server": {
    #没做宿主机映射,加入组docker network,
    #开外nginx的80端口作为唯一入口
    "port": 2368,
    #0ip可以让nginx容器访问,
    #如果做端口映射同时也可以让宿主机访问
    "host": "0.0.0.0"
  },
  "database": {
    "client": "sqlite3",
    "connection": {
      "filename": "/var/lib/ghost/content/data/ghost.db"
    }
  },
  "mail": {
    "transport": "SMTP",
    "from":"AT<cheanty@sina.com>",
    "options": {
        #临时配了一个email,网上攻略很坑,最后host设在这里通了
        "host": "smtp.sina.com",
        "port": 465,
        "secureConnection": true,
        "requiresAuth": true,
        "auth": {
            "user": "cheanty@sina.com",
            "pass": "***"
        }
    }
  },
  "logging": {
    "transports": [
      "file",
      "stdout"
    ]
  },
  "process": "systemd",
  "paths": {
    "contentPath": "/var/lib/ghost/content"
  }
}
  • 用本地volume映射来启动ghost
[ghost@li1696-145 ghost]$ docker stop ghost01
ghost01
[ghost@li1696-145 ghost]$ docker rm ghost01
ghost01
[ghost@li1696-145 ghost]$ docker run -d --name ghost01 -p 80:2368 -v /www/ghost/content/config.production.json:/var/lib/ghost/content/config.production.json -v /www/ghost/content:/var/lib/ghost/content ghost:1.18.0
b6d5471ce2149d1ef5b25c23ca17cf32b100674edf1c363dba4eda2f1c842137
[ghost@li1696-145 ghost]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
b6d5471ce214        ghost:1.18.0        "docker-entrypoint.sh"   11 seconds ago      Up 10 seconds       0.0.0.0:80->2368/tcp   ghost01

【6.docker-compose启动ghost】

就是把之前的启动命令,封装成docker-compose配置文件,
用docker-compose方式启动ghost
好处是每次不用在启动命令里写一堆参数,
并且配置文件便于编写更复杂的容器参数
而且配置文件非常便于维护

  • 先创建一个ghost network
    用于后续的ghost和nginx组网互联
[ghost@li1696-145 ghost] docker network create ghost_net
357ce62c00f1365c4ad6c57c5f232d71a74beb8d5e15168cc180a348df4d5ab0
[ghost@li1696-145 ghost] docker network inspect ghost_net
[
    {
        "Name": "ghost_net",
        "Id": "357ce62c00f1365c4ad6c57c5f232d71a74beb8d5e15168cc180a348df4d5ab0",
        "Created": "2017-12-20T13:27:22.702481135+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
  • 把之前命令合成Ghost的docker-compose配置文件
[ghost@li1696-145 ghost]$ vi docker-compose.yml
ghost:
  container_name: ghost
  restart: unless-stopped
  image: ghost:1.18.0
  #需先建docker network
  #才能加入,实现容器互联
  #网上方法很多,踩一遍,这个最靠谱
  net: ghost_net
  volumes:
    - /www/ghost/config.production.json:/var/lib/ghost/config.production.json
    - /www/ghost/content:/var/lib/ghost/content
	- /www/ghost/current/content:/var/lib/ghost/current/content
  restart: always
  • docker-compose启动ghost
    需要在yml配置文件所在路径执行,或者加参数指定yml文件
[ghost@li1696-145 docker-compose]$ docker-compose up -d
Creating dockercompose_ghost_1 ... 
Creating dockercompose_ghost_1 ... done
[ghost@li1696-145 docker-compose]$ docker-compose ps 
        Name                       Command               State          Ports        
-------------------------------------------------------------------------------------
dockercompose_ghost_1   docker-entrypoint.sh node  ...   Up      0.0.0.0:80->2368/tcp
[ghost@li1696-145 docker-compose]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
9a329a73af83        ghost:1.18.0        "docker-entrypoint.sh"   37 seconds ago      Up 36 seconds       0.0.0.0:80->2368/tcp   dockercompose_ghost_1
[ghost@li1696-145 docker-compose]$ docker-compose logs -f
Attaching to dockercompose_ghost_1
ghost_1  | [2017-12-17 14:22:07] INFO Finished database migration! 
ghost_1  | [2017-12-17 14:22:10] INFO Ghost is running in production... 
ghost_1  | [2017-12-17 14:22:10] INFO Your blog is now available on http://localhost:2368/ 
ghost_1  | [2017-12-17 14:22:10] INFO Ctrl+C to shut down 
ghost_1  | [2017-12-17 14:22:10] INFO Ghost boot 2.858s 

【7.Nginx代理域名访问Ghost博客】

  • name.com域名解析
#用于nginx自身访问
A	nginx.atibm.com	172.104.86.145	300	N/A  
#用于ghost博客访问,临时用子域名,后续会加入blog、www等
A	ghost.atibm.com	172.104.86.145	300	N/A  
  • nginx部署,反向代理
    实现处理域名访问进来的请求,指向ghost端口
[ghost@li1696-145 nginx]$ docker pull nginx:1.12.2
Trying to pull repository docker.io/library/nginx ... 
1.12.2: Pulling from docker.io/library/nginx
e7bb522d92ff: Pull complete 
bc725ecf00bb: Pull complete 
0e2bcc95a4b7: Pull complete 
Digest: sha256:3ea26021eb3d3da8a945db56ca2fc81a922cddaca47959ea944248be4040fbc5
[ghost@li1696-145 nginx]$ docker run -d --name nginx -p 80:80 nginx:1.12.2
6bcf2ee1ad4d7a76fda0c4a2beab74295cdb19928e744951745d844501273623
[ghost@li1696-145 nginx]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
6bcf2ee1ad4d        nginx:1.12.2        "nginx -g 'daemon off"   4 seconds ago       Up 3 seconds        0.0.0.0:80->80/tcp       nginx
a342b3d0d8c5        ghost:1.18.0        "docker-entrypoint.sh"   6 minutes ago       Up 6 minutes        0.0.0.0:2368->2368/tcp   ghost_ghost_1
  • 同样顺手拿到nginx一些文件
[ghost@li1696-145 nginx]$ docker cp nginx:/usr/share/nginx/html ./
[ghost@li1696-145 nginx]$ docker cp nginx:/etc/nginx/conf.d ./
[ghost@li1696-145 nginx]$ docker cp nginx:/etc/nginx/nginx.conf ./
[ghost@li1696-145 nginx]$ ls
conf.d  docker-compose.yml  html  logs  nginx.conf
  • 添加ghost服务的代理配置
[ghost@li1696-145 nginx]$ cat conf.d/ghost.conf
server {
    #listen 443;
    listen 80;
    # 我的nginx支持*.atibm.com访问,
    # 在下文的nginx容器组网会解释
    server_name ghost.atibm.com;
    #ssl on;
    access_log /var/log/nginx/ghost-access.log;
    error_log /var/log/nginx/ghost-error.log;
    location / {
        # 为什么可以这样访问,在下文的nginx容器组网会解释
        proxy_pass         http://ghost:2368;
        proxy_set_header     Host $host;
        proxy_set_header     X-Real-IP $remote_addr;
        proxy_set_header    X-Forwarded-Proto https;
        proxy_set_header     X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout     150;
        proxy_send_timeout     100;
        proxy_read_timeout    100;
        proxy_buffers        4 32k;
        client_max_body_size    10m;
        client_body_buffer_size    128;    
    }
}
  • nginx默认配置文件不用动
[ghost@li1696-145 nginx]$ cat nginx.conf 

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}
  • 编写Nginx的docker-compose配置文件
[ghost@li1696-145 nginx]$ cat docker-compose.yml 
nginx:
  container_name: "nginx"
  image: nginx:1.12.2
  restart: unless-stopped
  volumes:
    - /www/nginx/nginx.conf:/etc/nginx/nginx.conf
    - /www/nginx/conf.d:/etc/nginx/conf.d
    - /www/nginx/html:/usr/share/nginx/html
    - /www/nginx/logs:/var/log/nginx
  # 这个参数让nginx加入docker network:ghost_net,
  # 与ghost组网互联,比如访问ghost:2368
  net: ghost_net
  ports:
    #将nginx的80端口开放给宿主机外网
    - "80:80"
  #网上攻略坑,已放弃的links容器互联方式
  #external_links:
  #  - ghost:ghost
  environment:
    #设置nginx支持*.atibm.com的所有域名可以访问进行代理
    - NGINX_HOST=*.atibm.com
    - NGINX_PORT=80
  • docker-compose方式启动Nginx服务
[ghost@li1696-145 nginx]$ docker-compose up -d
Creating nginx ... 
Creating nginx ... done
[ghost@li1696-145 nginx]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
041e2c6f2f22        nginx:1.12.2        "nginx -g 'daemon off"   5 seconds ago       Up 4 seconds        0.0.0.0:80->80/tcp   nginx
3b5863a4381c        ghost:1.18.0        "docker-entrypoint.sh"   5 hours ago         Up 36 minutes       2368/tcp             ghost

【8.部署成果】

  • 经过一番折腾,
  • 现在我们访问【ghost.atibm.com】
  • 会由【linode实例服务器】
  • 里的【nginx docker服务】
  • 代理访问至【docker network:ghost_net】
  • 同网下的【ghost docker容器】
  • 2368端口的【ghost博客服务】
  • 产生数据将存在ghost容器映射的宿主机/www/ghost目录下,
  • 实现了代理、程序、数据全部分离,
  • 便于后续维护,比如升级ghost,备份数据等等。

后续还要编写一键安装脚本,便于迁移复制
还要编写一键备份脚本,免费实现数据安全
还要编写https的ssl证书更新脚本,免费维护ssl证书
当然还有一些别的项目部署计划,比如wiki、ss、leanote
有了vps挺爽的,可以随便玩,加上docker的易维护,不怕服务器搞坏
同时也可以在linode再次新增一个实例出来调试,不影响现有网站
每小时0.0075美元,毫无感觉