服务地址
前情提要
搭建动机
主流的共享编辑器有很多,这里安利一个我个人比较喜欢的:Hackmd的Codimd
上述的链接需要翻墙,非常不方便,所以我想在自己的服务器里面也造一个……
前期准备
1
2
3
4
5
| sudo apt install docker
sudo apt install docker.io
sudo apt install docker-compose
sudo service docker start
|
部署方式
- 官方推荐通过容器部署,这里也是介绍容器部署方式,同时添加
nginx代理
- 其他部署方式可以参考官方文档
编写yml文件
创建一个空目录,在该目录中创建docker-compose.yml。
内容直接利用官方的:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
| version: "3"
services:
database:
image: postgres:11.6-alpine
environment:
- POSTGRES_USER=codimd
- POSTGRES_PASSWORD=change_password
- POSTGRES_DB=codimd
volumes:
- "database-data:/var/lib/postgresql/data"
restart: always
codimd:
image: hackmdio/hackmd:2.4.1
environment:
- CMD_DB_URL=postgres://codimd:change_password@database/codimd
- CMD_USECDN=false
depends_on:
- database
ports:
- "3000:3000"
volumes:
- upload-data:/home/hackmd/app/public/uploads
restart: always
volumes:
database-data: {}
upload-data: {}
|
此时通过docker-compose up -d启动容器,这个服务默认端口是3000。在浏览器输入你的域名和端口http://xxxx.xxx.xxx:3000就能看到这个编辑器了。
如果看不到的话记得检查一下云服务器厂商的防火墙关没关……
当然,这个是最基础的版本,我们可以继续优化一下。
添加Nginx代理
目录结构:
1
2
3
4
5
| .
├── docker-compose.yml
└── proxy
└── conf.d
└── hackmd.conf
|
在docker-compose.yml中添加关于nginx相关内容,大致内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
| version: "3"
services:
database:
image: postgres:11.6-alpine
environment:
- POSTGRES_USER=codimd
- POSTGRES_PASSWORD=change_password
- POSTGRES_DB=codimd
volumes:
- "database-data:/var/lib/postgresql/data"
restart: always
codimd:
image: hackmdio/hackmd:latest
environment:
- CMD_DB_URL=postgres://codimd:change_password@database/codimd
- CMD_USECDN=false
depends_on:
- database
volumes:
- upload-data:/home/hackmd/app/public/uploads
restart: always
proxy:
image: nginx
restart: unless-stopped
expose:
- "80"
ports:
- 3000:80
volumes:
- ./proxy/conf.d:/etc/nginx/conf.d:ro
links:
- codimd:codimd
depends_on:
- codimd
volumes:
database-data: {}
upload-data: {}
|
同时配置hackmd.conf,作为nginx的配置文件,大致内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| upstream @codimd {
server codimd:3000;
keepalive 300;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
server_name xxx.xxx.xx;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_pass http://@codimd;
}
}
|
然后再重新部署容器:
1
2
3
4
5
| docker-compose down
docker-compose up -d
|
此时我们的nginx代理已经开始运行了:
启用SSL(可选)
参考官方文档。
注册SSL证书,并将目录放置到proxy目录中:
1
2
3
4
5
6
7
8
9
| .
├── docker-compose.yml
└── proxy
├── conf.d
│ └── hackmd.conf
└── ssl_certs
├── cert.cer
├── cert.key
└── fullchain.cer
|
修改docker-compose.yml:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
| version: "3"
services:
database:
image: postgres:11.6-alpine
environment:
- POSTGRES_USER=codimd
- POSTGRES_PASSWORD=change_password
- POSTGRES_DB=codimd
volumes:
- "database-data:/var/lib/postgresql/data"
restart: always
codimd:
image: hackmdio/hackmd:latest
environment:
- CMD_DB_URL=postgres://codimd:change_password@database/codimd
- CMD_USECDN=false
depends_on:
- database
volumes:
- upload-data:/home/hackmd/app/public/uploads
restart: always
proxy:
image: nginx
restart: unless-stopped
expose:
- "80"
ports:
- 3000:443
volumes:
- ./proxy/conf.d:/etc/nginx/conf.d:ro
- ./proxy/ssl_certs:/etc/nginx/ssl_certs:ro
links:
- codimd:codimd
depends_on:
- codimd
volumes:
database-data: {}
upload-data: {}
|
修改hackmd.conf
把域名和证书设置为自己的:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
upstream @codimd {
server codimd:3000;
keepalive 300;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name your.domain.name;
return 301 https://$server_name:443$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name your.domain.name;
ssl_certificate /etc/nginx/ssl_certs/cert.cer;
ssl_certificate_key /etc/nginx/ssl_certs/cert.key;
location / {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
client_max_body_size 8192m;
proxy_buffers 8 32k;
proxy_buffer_size 32k;
proxy_busy_buffers_size 64k;
proxy_max_temp_file_size 8192m;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_pass http://@codimd;
}
}
|
然后重新构造容器:
1
2
3
4
5
6
7
8
| docker-compose down
docker-compose up -d
docker-compose restart
|
此时已经可以https访问了:
一些BUG
证书相关
如果http能访问,但是https不能访问,可以检查一下证书路径是否设置正确、nginx监听端口是否正确等。多看docker-compose logs,看看具体报错
1
2
3
| docker-compose logs
docker-compose logs --tail 10
docker-compose logs --tail 10 | grep proxy
|
代理相关
检查一下nginx的配置文件有没有写错……
之前我本人写的xxx.conf就有bug,一直登录不上
主页能访问,但是无法登陆
再次检查一下nginx的配置文件有没有写错……
如果完全不会写,可以直接抄这篇博客里面的,修改一个个人信息配置就行。
