centOs配置Docker + Nginx + mongodb实现前后端项目部署

准备内容

阿里云轻量级服务器（CentOS Stream 9镜像）
打开防火墙端口：8080 443 3000 28078
域名

安装Docker:

lua 复制代码

sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable dockerÏ

安装Docker Compose V2:

bash 复制代码

sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

安装Git:

复制代码

sudo yum install git

创建项目结构:

lua 复制代码

/var/myapp
|-- docker-compose.yml
|-- www/          # Vue/React 前端项目
|-- koa/           # Koa.js 后端项目
|-- nginx/             # Nginx 配置文件```
|   `-- conf.d/
|       `-- default.conf
|-- data/              # MongoDB 数据存储

www/下为前端项目，使用git从代码仓库拉取<myapp-utils-vue>

koa/下为后端项目，使用git从代码仓库拉取<myapp-utils-koa>

配置Nginx：

nginx/conf.d/default.conf下写入内容：

ini 复制代码

server {
    listen 80 default_server;
    server_name yourdomain.cn www.yourdomain.cn;
    return 301 https://$host$request_uri;

}

server {
    listen 443 ssl;
    server_name yourdomain.cn www.yourdomain.cn;
    ssl_certificate /etc/letsencrypt/live/yourdomain.cn/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.cn/privkey.pem;
    location / {
        root /usr/share/nginx/html;
        index index.html;
        try_files $uri $uri/ /index.html;
    }
}

server {
    listen 80;
    server_name api.yourdomain.cn;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name api.yourdomain.cn;
  
    ssl_certificate /etc/letsencrypt/live/yourdomain.cn/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.cn/privkey.pem;
  
    location / {
        proxy_pass http://koa:3000/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

*二级域名需在对应域名商解析

*此conf文件配置了SSL内容，未添加SSL证书时将443代码块下location内容移至80下并注释return行

配置Docker Compose

在 /myapp 目录下创建 docker-compose.yml 文件，内容如下：

yaml 复制代码

services:
  www:
    image: node:18.20
    container_name: www
    working_dir: /app
    volumes:
      - ./www/myapp-utils-vue:/app
    ports:
      - "8080:8080"
    command: sh -c "npm install && npm run build"
    depends_on:
      - koa

  koa:
    image: node:18.20
    container_name: koa
    working_dir: /app
    volumes:
      - ./koa/myapp-utils-koa:/app
    ports:
      - "3000:3000"
    command: sh -c "npm install && node app.js"
    depends_on:
      - mongo

  mongo:
    image: mongo:5.0
    container_name: mongo
    volumes:
      - ./data/db:/data/db
    ports:
      - "28078:28078"
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: example

  nginx:
    image: nginx:1.21
    container_name: nginx
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./www/myapp-utils-vue/dist:/usr/share/nginx/html
      - /etc/letsencrypt:/etc/letsencrypt
    depends_on:
      - www
      - koa

在myapp/启动dokcer：

复制代码

docker compose up -d

Certbot配置SSL:

全局安装Certbot并获取证书

sql 复制代码

sudo yum install epel-release
sudo yum install certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

证书内容会存放在/etc/letsencrypt/live/yourdomain.cn/下，重启Nginx完成SSL配置验证自动续期

arduino 复制代码

sudo certbot renew --dry-run