1. Redis
version: '3'
services:
redis:
image: redis:6.2.12
container_name: redis
ports:
- "6379:6379"
environment:
TZ: Asia/Shanghai
volumes:
# 本地数据目录要先执行 chmod 777 /usr/local/docker/redis/data 赋予读写权限,否则将无法写入数据
- /usr/local/docker/redis/conf:/redis/config:rw
- /usr/local/docker/redis/data/:/redis/data/:rw
command: ["redis-server", "/redis/config/redis.conf"]
# 容器开机自启
restart: always
# 获取宿主机 root 权限
privileged: true
# 设置容器网络为本机网络
network_mode: "host"
2. Mysql
version: '3'
services:
mysql:
image: mysql:8.0.33
container_name: mysql
environment:
TZ: Asia/Shanghai
MYSQL_ROOT_PASSWORD: root
ports:
- "3306:3306"
volumes:
# 数据挂载
- /usr/local/docker/mysql/data/:/var/lib/mysql/
# 配置挂载
- /usr/local/docker/mysql/conf/my.cnf:/etc/my.cnf
command:
# 将 mysql8.0 默认密码策略修改为原先策略 (mysql8.0对其默认策略做了更改,会导致密码无法匹配)
--default-authentication-plugin=mysql_native_password
--character-set-server=utf8mb4
--collation-server=utf8mb4_general_ci
--explicit_defaults_for_timestamp=true
--lower_case_table_names=1
privileged: true
network_mode: "host"
my.cnf
[client]
default-character-set=utf8mb4
[mysql]
default-character-set=utf8mb4
[mysqld]
# 设置东八区时区
default-time_zone = '+8:00'
# 设置密码验证规则
authentication_policy=mysql_native_password
# 限制导入和导出的数据目录
# 为空,不限制导入到处的数据目录;
# 指定目录,必须从该目录导入到处,且MySQL不会自动创建该目录;
# 为NULL,禁止导入与导出功能
#secure_file_priv=/var/lib/mysql
secure_file_priv=
init_connect='SET collation_connection = utf8mb4_general_ci'
init_connect='SET NAMES utf8mb4'
character-set-server=utf8mb4
collation-server=utf8mb4_general_ci
skip-character-set-client-handshake
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'
skip-name-resolve
max_connections=1500
lower_case_table_names=1
skip-log-bin
3. Nginx
version: '3'
services:
nginx:
image: nginx:1.23.4
container_name: nginx-web
environment:
TZ: Asia/Shanghai
ports:
- "80:80"
- "443:443"
volumes:
# 配置文件映射
- /usr/local/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
- /usr/local/docker/nginx/conf:/etc/nginx/conf.d
# 页面目录
- /usr/local/docker/nginx/html:/usr/share/nginx/html
# 日志目录
- /usr/local/docker/nginx/log:/var/log/nginx
privileged: true
network_mode: "host"
单配置文件
# 工作进程数,通常设为 CPU 核心数
worker_processes 1;
# 错误日志路径
error_log /var/log/nginx/error.log warn;
# 存放 nginx 进程ID 的文件
pid /var/run/nginx.pid;
# 设置每个 worker 进程的最大连接数为1024
events {
worker_connections 1024;
}
http {
# 文件扩展名与文件类型映射表
include /etc/nginx/mime.types;
# 默认文件类型
default_type application/octet-stream;
# 开启高效文件传输模式
sendfile on;
# 限制 body 大小
client_max_body_size 2048m;
# 超时时间配置
send_timeout 6000;
proxy_connect_timeout 18000;
keepalive_timeout 600;
proxy_send_timeout 18000;
proxy_read_timeout 18000;
# 日志格式
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# 访问日志路径及格式
access_log var/log/nginx/access.log main;
# 定义一个服务器组,配置负载均衡策略
upstream appServer {
ip_hash;
server 192.168.1.1:8080;
}
# 配置 admin 服务
upstream cnbai-admin {
server 192.168.1.1:8888;
}
# 配置虚拟主机
server {
listen 80;
server_name localhost;
location / {
# docker映射路径
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
# 配置静态文件映射 - 方式一 , 不用给目录起别名时使用较方便
## 文件源路径: /usr/share/nginx/html/static/logo.jpg
## 配置 Nginx 代理后路径: http://localhost:80/static/logo.jpg
location /static/ {
root /usr/share/nginx/html;
}
# 配置静态文件映射 - 方式二 , 给目录起别名时使用较方便
## 文件源路径: /usr/share/nginx/html/image/logo.jpg
## 配置 Nginx 代理后路径: http://localhost:80/static/image/logo.jpg
location /static/ {
# 注意要加末尾 /
alias /usr/share/nginx/html/;
}
# 配置后端映射
location /api/ {
proxy_pass http://appServer/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# websocket 参数,没有删除此配置
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# 配置 admin 映射
location /admin/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://cnbai-admin/admin/;
}
# 配置后端虚拟路径映射
## 文件源路径:/usr/local/upload/logo.jpg
## 设置虚拟路径后访问路径:http://192.168.1.1:8080/upload/logo.jpg
## 配置 nginx 代理后路径:http://localhost:80/upload/logo.jpg
location /upload/ {
proxy_pass http://appServer/upload/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 配置反向代理 - 方式一
## http://localhost/data/test -> http://www.cnbai.com/api/test
location /data/ {
# 解决第三方接口跨域问题
proxy_ssl_server_name on;
proxy_ssl_session_reuse off;
proxy_pass http://www.cnbai.com/api/;
}
# 配置反向代理 - 方式二
## http://localhost/data/test -> http://www.cnbai.com/api/data/test
location /data/ {
proxy_pass http://www.cnbai.com/api;
}
# 配置反向代理 - 方式三
## http://localhost/data/test -> http://www.cnbai.com/api/test
location /data {
proxy_pass http://www.cnbai.com/api;
}
# 自定义404页面
error_page 404 /404.html;
location = /40x.html {
}
# 自定义50x错误页面
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
附:geoserver 跨域处理
server {
listen 80;
server_name geoserver.example.com; # 修改为你的GeoServer域名
location /geoserver {
proxy_pass http://localhost:8080/geoserver; # 修改为你的GeoServer实际运行地址
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 添加跨域配置
add_header 'Access-Control-Allow-Origin' '*'; # 允许所有域,也可以指定特定域
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
# 预检请求响应
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
}
多配置文件
conf
- nginx.conf
conf.d
cret
- xxx.pem
- xxx.key
- appOne.conf
- appTwo.conf
- ... ...
配置 nginx.conf
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
client_max_body_size 2048m;
send_timeout 6000;
proxy_connect_timeout 18000;
keepalive_timeout 600;
proxy_send_timeout 18000;
proxy_read_timeout 18000;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log var/log/nginx/access.log main;
# 配置导入多个 conf 文件所在路径
include /etc/nginx/conf.d/*.conf;
}
配置 conf.d - 无域名
appOne.conf
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /api/ {
proxy_pass http://127.0.0.1:8888/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
appTwo.conf
server {
listen 80;
server_name localhost;
location /admin/ {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /admin-api/ {
proxy_pass http://127.0.0.1:9999/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
配置 conf.d - 有域名
appOne.conf
server {
listen 80;
server_name www.appOne.com;
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /api/ {
proxy_pass http://127.0.0.1:8888/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# HTTPS server
server {
listen 443 ssl;
server_name www.appOne.com;
ssl_certificate /etc/nginx/conf.d/cert/xxx.pem;
ssl_certificate_key /etc/nginx/conf.d/cert/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /api/{
proxy_pass http://127.0.0.1:8888/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
}
}
appTwo.conf
upstream cnbai.com {
server 127.0.0.1:9999;
}
server {
listen 80;
server_name a.www.appTwo.com;
location /admin/ {
alias /usr/share/nginx/html/test_admin/;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /admin-api/{
proxy_pass http://cnbai.com/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
}
}
server {
listen 80;
server_name b.www.appTwo.com;
location /web/ {
alias /usr/share/nginx/html/test_web/;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /web-api/{
proxy_pass http://cnbai.com/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
}
}
# HTTPS server
server {
listen 443 ssl;
server_name a.www.appTwo.com;
ssl_certificate /etc/nginx/conf.d/cert/xxx.pem;
ssl_certificate_key /etc/nginx/conf.d/cert/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
location /admin/ {
alias /usr/share/nginx/html/test_admin/;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /admin-api/{
proxy_pass http://cnbai.com/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
}
}
# HTTPS server
server {
listen 443 ssl;
server_name b.www.appTwo.com;
ssl_certificate /etc/nginx/conf.d/cert/xxx.pem;
ssl_certificate_key /etc/nginx/conf.d/cert/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
location /web/ {
alias /usr/share/nginx/html/test_web/;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /web-api/{
proxy_pass http://cnbai.com/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
}
}
4. Minio
version: '3'
services:
minio:
image: minio/minio:RELEASE.2023-04-13T03-08-07Z
container_name: minio
ports:
# api 端口
- "9000:9000"
# 控制台端口
- "9001:9001"
environment:
TZ: Asia/Shanghai
# 管理后台用户名
MINIO_ROOT_USER: cnbai
# 管理后台密码,最小8个字符
MINIO_ROOT_PASSWORD: 12345678
# https需要指定域名
# MINIO_SERVER_URL: "https://xxx.com:9000"
# MINIO_BROWSER_REDIRECT_URL: "https://xxx.com:9001"
# 开启压缩 on 开启 off 关闭
MINIO_COMPRESS: "off"
# 扩展名 .pdf,.doc 为空 所有类型均压缩
MINIO_COMPRESS_EXTENSIONS: ""
# mime 类型 application/pdf 为空 所有类型均压缩
MINIO_COMPRESS_MIME_TYPES: ""
volumes:
# 映射文件目录
- /usr/local/docker/minio/data:/data
# 映射配置目录
- /usr/local/docker/minio/config:/root/.minio/
# 指定容器中的目录 /data
command: server --address ':9000' --console-address ':9001' /data
privileged: true
network_mode: "host"
5. Jar 服务
version: '3'
services:
app:
image: app:1.0
container_name: app
environment:
TZ: Asia/Shanghai
SERVER_PORT: 8080
volumes:
- /usr/local/docker/app/logs/:/app/logs/
- /usr/local/docker/app/config/:/app/config/
restart: always
privileged: true
network_mode: "host"
cnbai-admin:
image: cnbai-admin:1.0
container_name: cnbai-admin
environment:
TZ: Asia/Shanghai
SERVER_PORT: 8888
volumes:
- /usr/local/docker/admin/logs/:/admin/logs/
- /usr/local/docker/admin/config/:/admin/config/
restart: always
privileged: true
network_mode: "host"
cnbai-web:
image: cnbai-web:1.0
container_name: cnbai-web
environment:
TZ: Asia/Shanghai
SERVER_PORT: 9999
volumes:
- /usr/local/docker/web/logs/:/web/logs/
- /usr/local/docker/web/config/:/web/config/
restart: always
privileged: true
network_mode: "host"
扫一扫
3769
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
