Halo博客服务器晋升玩法
说明:halo2.11+推荐的mysql版本是8.1,这边使用5.7版本是因为个人喜好
服务器的采购,环境的搭建,docker和docker-compose的安装,这边就不细说了,有需求的小伙伴,可以看我之前的文章:从0-1搭建自己的博客
本文关键词:
Halo,Mysql,Nginx-Proxy-Manager
前提准备:
服务器:2核2G3M
二级域名一个且已解析到服务器IP地址:www.southxs.com
服务器开放端口(安全组):80/443/81/8090
一、创建网络
创建容器网络,并设置ip池
[root@south ~]# docker network create --driver bridge --subnet 10.0.0.0/16 mynetwork二、安装数据库(Mysql5.7)
在系统根目录下面建立一个文件夹software,以及mysql相关文件夹
[root@south ~]# mkdir /software
[root@south ~]# mkdir /software/mysql
[root@south ~]# mkdir /software/mysql/data
[root@south ~]# mkdir /software/mysql/backup
[root@south ~]# mkdir /software/mysql/logs给文件夹赋予权限(使用root权限可以不操作授权)
[root@south ~]# chmod -R 777 /software/mysql
[root@south ~]# chmod -R 777 /software/mysql/data
[root@south ~]# chmod -R 777 /software/mysql/backup
[root@south ~]# chmod -R 777 /software/mysql/logs在目录:/software/mysql,下新增一个docker-compose.yaml
version: "3"
services:
mysql:
image: mysql:5.7.44
container_name: mysql
restart: on-failure:3
hostname: mysql
#privileged: true
environment:
MYSQL_ROOT_PASSWORD: 123456
TZ: Asia/Shanghai
command:
- --default-authentication-plugin=mysql_native_password
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_general_ci
- --explicit_defaults_for_timestamp=true
ports:
- "3306:3306"
volumes:
- /software/mysql/data:/var/lib/mysql
- /software/mysql/backup:/data/mysqlBackup
- /software/mysql/logs:/var/log/mysql
healthcheck:
test: ["CMD", "mysql", "-uroot", "-p123456", "-e", "select 1", "mysql"]
interval: 3s
retries: 5
start_period: 30s
deploy:
resources:
limits:
memory: 512M
networks:
south-online:
ipv4_address: 10.0.0.8
networks:
south-online:
external: true
name: mynetwork
ipam:
config:
- subnet: 10.0.0.0/16运行&测试
[root@south halo]# docker-compose up -d查看日志
[root@south halo]# docker-compose logs -f mysql三、安装Halo(配置IP,数据库等参数)
在系统根目录下面建立一个文件夹
[root@south ~]# mkdir /software/halo
[root@south ~]# mkdir /software/halo/data给文件夹赋予权限(使用root权限可以不操作授权)
[root@south ~]# chmod -R 777 /software/halo
[root@south ~]# chmod -R 777 /software/halo/data在目录:/software/halo,下新增一个docker-compose.yaml
[root@south halo]# vim docker-compose.yamlversion: "3"
services:
halo:
image: halohub/halo:2.11
container_name: halo
restart: on-failure:3
volumes:
- /software/halo/data:/root/.halo2
ports:
- "8090:8090"
healthcheck:
test: ["CMD", "curl", "-f", "https://www.southxs.com/actuator/health/readiness"]
interval: 30s
timeout: 5s
retries: 5
start_period: 30s
command:
- --spring.r2dbc.url=r2dbc:pool:mysql://10.0.0.8:3306/halo
- --spring.r2dbc.username=root
# MySQL 的密码,请保证与下方 MYSQL_ROOT_PASSWORD 的变量值一致。
- --spring.r2dbc.password=123456
- --spring.sql.init.platform=mysql
# 外部访问地址,请根据实际需要修改
- --halo.external-url=https://www.southxs.com/
environment:
TZ: Asia/Shanghai
INSTALL4J_ADD_VM_PARAMS: "-Xms256m -Xmx1024m -XX:MaxDirectMemorySize=512m"
deploy:
resources:
limits:
memory: 1024M
networks:
south-online:
ipv4_address: 10.0.0.10
networks:
south-online:
external: true
name: mynetwork
ipam:
config:
- subnet: 10.0.0.0/16
运行&测试
[root@south halo]# docker-compose up -d查看日志
[root@south halo]# docker-compose logs -f halo四、安装Nginx Proxy Manager(配置IP,数据库等参数)
登录刚刚搭建的数据库,新建一个数据库:npm
# 查看容器
[root@south ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
76d3b6c0d391 halohub/halo:2.11 "sh -c 'java ${JVM_O…" 3 days ago Up 3 days (healthy) 0.0.0.0:8090->8090/tcp, :::8090->8090/tcp halo
f450fbb26cd8 mysql:5.7.44 "docker-entrypoint.s…" 6 days ago Up 6 days (healthy) 33060/tcp, 0.0.0.0:3205->3306/tcp, :::3205->3306/tcp mysql
# 登录容器 mysql
[root@south ~]# docker exec -it mysql /bin/bash
# 登录数据库
[root@mysql /]# mysql -uroot -p123456
# 创建数据库
mysql> CREATE DATABASE npm
-> CHARACTER SET utf8mb4
-> COLLATE utf8mb4_general_ci;在系统根目录下面建立一个文件夹
[root@south ~]# mkdir /software/npm
[root@south ~]# mkdir /software/npm/data
[root@south ~]# mkdir /software/npm/letsencrypt给文件夹赋予权限(使用root权限可以不操作授权)
[root@south ~]# chmod -R 777 /software/npm
[root@south ~]# chmod -R 777 /software/npm/data
[root@south ~]# chmod -R 777 /software/npm/letsencrypt在目录:/software/npm,下新增一个docker-compose.yaml
[root@south npm]# vim docker-compose.yamlversion: "3"
services:
npm:
image: jc21/nginx-proxy-manager:latest
container_name: npm
restart: unless-stopped
environment:
TZ: Asia/Shanghai
DB_MYSQL_HOST: "10.0.0.8"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "root"
DB_MYSQL_PASSWORD: "123456"
DB_MYSQL_NAME: "npm"
ports:
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
volumes:
- /software/npm/data:/data
- /software/npm/letsencrypt:/etc/letsencrypt
deploy:
resources:
limits:
memory: 256M
networks:
south-online:
ipv4_address: 10.0.0.81
networks:
south-online:
external: true
name: xs-network
ipam:
config:
- subnet: 10.0.0.0/16运行&测试
[root@south npm]# docker-compose up -d查看日志
[root@south npm]# docker-compose logs -f npm登录nginx proxy manager,默认初始账号密码:admin@example.com,changeme
设置用户名,修改登录密码
新增代理Proxy Host:
1. Details:配置
Details:Domain Names * :www.southxs.com (自己配置的域名,要注意先解析到服务器端的公网IP)
Scheme* :http(基本都是HTTP,除非你做外网代理)
Forward Hostname / IP* : 10.0.0.10 (Halo容器在服务器的内网IP,不知道的可以查询一下)
Forward Port * :8090 (Halo容器对外暴露的端口,在配置文件中
docker-compose.yaml有设置:8090)推荐勾选:Cache Assets (缓存) 和 Block Common Exploits (阻止常见漏洞)
2. SSL:配置
SSL Certificate : Request a new SSL Certificate (除非自己花钱买了SSL证书,其他的可以选择这个:免费的)
推荐勾选:Force SSL (强制使用SSL) 和 HTTP/2 Support (HTTP2协议) 和 HSTS Enable (安全传输协议)
Email Address for Let's Encrypt * : south@southxs.com (输入自己的邮箱)
勾选一下协议:I Agree to the Let's Encrypt Terms of Service*
3. Save确认,当STATUS状态为Online的时候,代表解析成功
五、访问Halo,https://www.southxs.com
六、Docker常见操作:
查看docker所有容器:docker ps
[root@south ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1156dbacbfbc halohub/halo:2.11 "sh -c 'java ${JVM_O…" 28 hours ago Up 28 hours (healthy) 0.0.0.0:8090->8090/tcp, :::8090->8090/tcp halo
024e37f556b4 jc21/nginx-proxy-manager:latest "/init" 28 hours ago Up 28 hours 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp npm
f450fbb26cd8 mysql:5.7.44 "docker-entrypoint.s…" 7 days ago Up 7 days (healthy) 33060/tcp, 0.0.0.0:3205->3306/tcp, :::3205->3306/tcp mysql查看容器运行日志:docker logs -f
#容器NAMES
[root@south ~]# docker logs -f halo
# 这条命令需要在容器:docker-compose.yaml 所在目录执行
[root@south halo]# docker-compose logs -f halo 进入容器:docker exec -it
#容器NAMES/bin/bash
[root@south ~]# docker exec -it halo /bin/bash
# 这条命令需要在容器:docker-compose.yaml 所在目录执行
[root@south halo]# docker-compose exec -it halo /bin/bash
