centOs配置Docker + Nginx + mongodb实现前后端项目部署
准备内容
- 阿里云轻量级服务器(CentOS Stream 9镜像)
- 打开防火墙端口:8080 443 3000 28078
- 域名
安装Docker:
lua
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable dockerÏ
安装Docker Compose V2:
bash
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
安装Git:
sudo yum install git
创建项目结构:
lua
/var/myapp
|-- docker-compose.yml
|-- www/ # Vue/React 前端项目
|-- koa/ # Koa.js 后端项目
|-- nginx/ # Nginx 配置文件```
| `-- conf.d/
| `-- default.conf
|-- data/ # MongoDB 数据存储
www/
下为前端项目,使用git
从代码仓库拉取<myapp-utils-vue>
koa/
下为后端项目,使用git
从代码仓库拉取<myapp-utils-koa>
配置Nginx:
nginx/conf.d/default.conf
下写入内容:
ini
server {
listen 80 default_server;
server_name yourdomain.cn www.yourdomain.cn;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name yourdomain.cn www.yourdomain.cn;
ssl_certificate /etc/letsencrypt/live/yourdomain.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.cn/privkey.pem;
location / {
root /usr/share/nginx/html;
index index.html;
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name api.yourdomain.cn;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name api.yourdomain.cn;
ssl_certificate /etc/letsencrypt/live/yourdomain.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.cn/privkey.pem;
location / {
proxy_pass http://koa:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
*二级域名需在对应域名商解析
*此conf
文件配置了SSL
内容,未添加SSL证书
时将443代码块下location
内容移至80下并注释return
行
配置Docker Compose
在 /myapp
目录下创建 docker-compose.yml
文件,内容如下:
yaml
services:
www:
image: node:18.20
container_name: www
working_dir: /app
volumes:
- ./www/myapp-utils-vue:/app
ports:
- "8080:8080"
command: sh -c "npm install && npm run build"
depends_on:
- koa
koa:
image: node:18.20
container_name: koa
working_dir: /app
volumes:
- ./koa/myapp-utils-koa:/app
ports:
- "3000:3000"
command: sh -c "npm install && node app.js"
depends_on:
- mongo
mongo:
image: mongo:5.0
container_name: mongo
volumes:
- ./data/db:/data/db
ports:
- "28078:28078"
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
nginx:
image: nginx:1.21
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d
- ./www/myapp-utils-vue/dist:/usr/share/nginx/html
- /etc/letsencrypt:/etc/letsencrypt
depends_on:
- www
- koa
在myapp/
启动dokcer:
docker compose up -d
Certbot配置SSL:
全局安装Certbot并获取证书
sql
sudo yum install epel-release
sudo yum install certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
证书内容会存放在/etc/letsencrypt/live/yourdomain.cn/
下,重启Nginx
完成SSL
配置 验证自动续期
arduino
sudo certbot renew --dry-run