docker打包nginx版wordpress

官方打包的wordpress的docker版是基于apache，在低配的机器上容易挂掉。所以考虑nginx

Dockerfile

# 更改基础镜像为PHP 8.x FPM Alpine
FROM php:8.2-fpm-alpine

# 更新并安装PHP依赖，注意检查扩展与PHP 8.x的兼容性
# 这里不用php8.3 因为安装imagick有问题，参考https://github.com/Imagick/imagick/issues/643
RUN apk update && \
    apk add zlib-dev libpng-dev jpeg-dev expat-dev libzip-dev icu-libs icu-dev libtool imagemagick-dev && \
    apk add m4 autoconf make gcc g++ linux-headers && \
    docker-php-ext-install pdo_mysql opcache mysqli && \
    docker-php-ext-install gd && \
    docker-php-ext-install exif zip intl && \
    pecl install imagick && docker-php-ext-enable imagick && \
    apk del m4 autoconf make gcc g++ linux-headers

# 安装时区
RUN apk add --no-cache tzdata

# 安装nginx依赖
RUN apk add nginx && \
    if [ ! -d "/run/nginx" ]; then mkdir /run/nginx; fi && \
    touch /run/nginx/nginx.pid

# nginx配置文件和初始静态文件
ADD default.conf /etc/nginx/http.d/default.conf
ADD index.html /var/www/html/index.html

# 安装wget unzip tar 后续下载wordpress使用
RUN apk add --no-cache wget unzip tar
# 中文版下载 https://cn.wordpress.org/wordpress-latest-zh_CN.tar.gz https://cn.wordpress.org/wordpress-6.7-zh_CN.tar.gz
# 英文版下载 https://wordpress.org/latest.tar.gz
# 下载并解压 WordPress
RUN wget https://cn.wordpress.org/wordpress-latest-zh_CN.tar.gz -O /tmp/wordpress.tar.gz && \
    tar zxvf /tmp/wordpress.tar.gz -C /tmp/ && \
    mv /tmp/wordpress/* /var/www/html && \
    rm /tmp/wordpress.tar.gz

# 拷贝源代码到容器内
COPY src /var/www/html/

# 官方wordpress镜像还使用了wp-config-docker.php 并用shell脚本执行后把wp-config.php文件进行更改
# 文件的作用是可以使用docker环境变量配置数据库参数
# 官方镜像多出来的两个文件路径
# /usr/src/wordpress/wp-config-docker.php
# /usr/local/bin/docker-entrypoint.sh

ADD wp-config-docker.php /var/www/html/wp-config-docker.php

# 添加自定义脚本
ADD generate_wp_config.sh /
RUN chmod 755 /generate_wp_config.sh

# 更改/var/www/html目录的所有权
RUN apk add coreutils  && \
    chown www-data:www-data /var/www/html  && \
    chmod 1777 /var/www/html  && \
    chown -R www-data:www-data /var/www/html/wp-content  && \
    chmod -R 1777 /var/www/html/wp-content

# 下面处理更新版本升级权限
# wp-admin授权用户www-data:www-data可以防止网页更新版本报错
# 另一更新正在运行 执行sql DELETE FROM wp_options WHERE option_name='core_updater.lock';
RUN chown -R www-data:www-data /var/www/html/wp-admin && \
    chown -R www-data:www-data /var/www/html/wp-includes  && \
    cd /var/www/html/ && \
    chown www-data:www-data wp-login.php wp-cron.php wp-trackback.php wp-config-sample.php wp-settings.php wp-mail.php


# 添加自定义脚本
ADD run.sh /
RUN chmod 755 /run.sh

# 暴露端口
EXPOSE 80
EXPOSE 9000

# 入口点设置为自定义脚本
ENTRYPOINT ["/run.sh"]

dockerfile使用到的文件

wp-config-docker.php

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the installation.
 * You don't have to use the website, you can copy this file to "wp-config.php"
 * and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * Database settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * This has been slightly modified (to read environment variables) for use in Docker.
 *
 * @link https://developer.wordpress.org/advanced-administration/wordpress/wp-config/
 *
 * @package WordPress
 */

// IMPORTANT: this file needs to stay in-sync with https://github.com/WordPress/WordPress/blob/master/wp-config-sample.php
// (it gets parsed by the upstream wizard in https://github.com/WordPress/WordPress/blob/f27cb65e1ef25d11b535695a660e7282b98eb742/wp-admin/setup-config.php#L356-L392)

// a helper function to lookup "env_FILE", "env", then fallback
if (!function_exists('getenv_docker')) {
	// https://github.com/docker-library/wordpress/issues/588 (WP-CLI will load this file 2x)
	function getenv_docker($env, $default) {
		if ($fileEnv = getenv($env . '_FILE')) {
			return rtrim(file_get_contents($fileEnv), "\r\n");
		}
		else if (($val = getenv($env)) !== false) {
			return $val;
		}
		else {
			return $default;
		}
	}
}

// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', getenv_docker('WORDPRESS_DB_NAME', 'wordpress') );

/** Database username */
define( 'DB_USER', getenv_docker('WORDPRESS_DB_USER', 'example username') );

/** Database password */
define( 'DB_PASSWORD', getenv_docker('WORDPRESS_DB_PASSWORD', 'example password') );

/**
 * Docker image fallback values above are sourced from the official WordPress installation wizard:
 * https://github.com/WordPress/WordPress/blob/1356f6537220ffdc32b9dad2a6cdbe2d010b7a88/wp-admin/setup-config.php#L224-L238
 * (However, using "example username" and "example password" in your database is strongly discouraged.  Please use strong, random credentials!)
 */

/** Database hostname */
define( 'DB_HOST', getenv_docker('WORDPRESS_DB_HOST', 'mysql') );

/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', getenv_docker('WORDPRESS_DB_CHARSET', 'utf8') );

/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', getenv_docker('WORDPRESS_DB_COLLATE', '') );

/**#@+
 * Authentication unique keys and salts.
 *
 * Change these to different unique phrases! You can generate these using
 * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
 *
 * You can change these at any point in time to invalidate all existing cookies.
 * This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define( 'AUTH_KEY',         getenv_docker('WORDPRESS_AUTH_KEY',         'put your unique phrase here') );
define( 'SECURE_AUTH_KEY',  getenv_docker('WORDPRESS_SECURE_AUTH_KEY',  'put your unique phrase here') );
define( 'LOGGED_IN_KEY',    getenv_docker('WORDPRESS_LOGGED_IN_KEY',    'put your unique phrase here') );
define( 'NONCE_KEY',        getenv_docker('WORDPRESS_NONCE_KEY',        'put your unique phrase here') );
define( 'AUTH_SALT',        getenv_docker('WORDPRESS_AUTH_SALT',        'put your unique phrase here') );
define( 'SECURE_AUTH_SALT', getenv_docker('WORDPRESS_SECURE_AUTH_SALT', 'put your unique phrase here') );
define( 'LOGGED_IN_SALT',   getenv_docker('WORDPRESS_LOGGED_IN_SALT',   'put your unique phrase here') );
define( 'NONCE_SALT',       getenv_docker('WORDPRESS_NONCE_SALT',       'put your unique phrase here') );
// (See also https://wordpress.stackexchange.com/a/152905/199287)

/**#@-*/

/**
 * WordPress database table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 *
 * At the installation time, database tables are created with the specified prefix.
 * Changing this value after WordPress is installed will make your site think
 * it has not been installed.
 *
 * @link https://developer.wordpress.org/advanced-administration/wordpress/wp-config/#table-prefix
 */
$table_prefix = getenv_docker('WORDPRESS_TABLE_PREFIX', 'wp_');

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the documentation.
 *
 * @link https://developer.wordpress.org/advanced-administration/debug/debug-wordpress/
 */
define( 'WP_DEBUG', !!getenv_docker('WORDPRESS_DEBUG', '') );

/* Add any custom values between this line and the "stop editing" line. */

// If we're behind a proxy server and using HTTPS, we need to alert WordPress of that fact
// see also https://wordpress.org/support/article/administration-over-ssl/#using-a-reverse-proxy
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false) {
	$_SERVER['HTTPS'] = 'on';
}
// (we include this by default because reverse proxying is extremely common in container environments)

if ($configExtra = getenv_docker('WORDPRESS_CONFIG_EXTRA', '')) {
	eval($configExtra);
}

/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
	define( 'ABSPATH', __DIR__ . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';

generate_wp_config.sh

#!/usr/bin/env sh

set -eu

# 获取当前用户的 UID 和 GID
uid="$(id -u)"
gid="$(id -g)"

# 获取所有以 WORDPRESS_ 开头的环境变量名称
wpEnvs=$(env | grep ^WORDPRESS_ | cut -d= -f1)

# 检查 wp-config.php 是否存在且不为空
if [ ! -s wp-config.php ] && [ -n "$wpEnvs" ]; then
    for wpConfigDocker in \
        wp-config-docker.php \
        /usr/src/wordpress/wp-config-docker.php \
    ; do
        if [ -s "$wpConfigDocker" ]; then
            echo >&2 "No 'wp-config.php' found in $PWD, but 'WORDPRESS_...' variables supplied; copying '$wpConfigDocker' ($wpEnvs)"
            # 使用 awk 替换所有 "put your unique phrase here" 为唯一的字符串
            awk '
                /put your unique phrase here/ {
                    cmd = "head -c1m /dev/urandom | sha1sum | cut -d\\  -f1"
                    cmd | getline str
                    close(cmd)
                    gsub("put your unique phrase here", str)
                }
                { print }
            ' "$wpConfigDocker" > wp-config.php

            if [ "$uid" = '0' ]; then
                # 尝试确保 wp-config.php 由运行用户拥有
                # 可能在某些文件系统上不允许 chown（例如某些 NFS 设置）
                chown "$(id -un):$(id -gn)" wp-config.php || true
            fi
            break
        fi
    done
fi

docker里的环境变量主要靠上面两个文件实现。

run.sh

#!/bin/sh

# 切换到 /var/www/html 目录
cd /var/www/html
# 调用生成 wp-config.php 的脚本
/generate_wp_config.sh

# 后台启动php-fpm
php-fpm -D
# 关闭后台启动，hold住进程
nginx -g 'daemon off;'

default.conf

server {
  listen 80;
  server_name localhost;

  root /var/www/html;
  index index.php index.html index.htm index.nginx-debian.html;

  error_log  /var/log/nginx/error.log;
  access_log /var/log/nginx/access.log;

  location / {
      try_files $uri $uri/ /index.php?$args;
  }

  location ~ \.php$ {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    # 添加以下行来传递客户端 IP 和协议信息
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

  # 新增规则来保护以点号开头的隐藏文件
  location ~ /\. {
      deny all;
  }

  location ~ /\.ht {
      deny all;
  }

  location = /favicon.ico {
      log_not_found off;
      access_log off;
  }

  location = /robots.txt {
      allow all;
      log_not_found off;
      access_log off;
  }

  location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
      expires max;
      log_not_found off;
      access_log off;
  }
}

index.html

<!DOCTYPE html>
<html>
<head>
    <title>Welcome to nginx!</title>
    <style>
        body {
            width: 35em;
            margin: 0 auto;
            font-family: Tahoma, Verdana, Arial, sans-serif;
        }
    </style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.</p>

<p>For online documentation and support please refer to
    <a href="http://nginx.org/">nginx.org</a>.<br/>
    Commercial support is available at
    <a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

src/info.php

<?php
   phpinfo();
?>

构建完成后，相比官方版减少200M,负载也减轻了。这个打包完是简体中文版，不用再下载语言包了