使用 Ghost 搭建博客
所需环境⌗
- CentOS 7.x
- Docker
- Ghost
- MySQL 5.7
安装 Docker⌗
sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce -y
sudo systemctl start docker
docker network create ghost --subnet 10.0.0.0/24
ghost 可以替换成你自己自定义的网路名称。
创建博客数据的相关目录⌗
mkdir -p \
/var/local/blog \
/var/local/nginx \
/var/local/mysql \
/var/local/web/sites \
/var/local/web/logs
/var/local/blog用于存放博客图片等媒体数据;/var/local/nginx用于保存nginx配置文件;/var/local/mysql用于存放数据库文件;/var/local/web/sites用于后期如果你需要在nginx中部署其他网站时使用;/var/local/web/logs用于存储日志。
数据库⌗
docker run --name mysql \
-h mysql \
-v /var/local/mysql:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=Ghost@2019 \
--net ghost \
--ip 10.0.0.2 \
--network-alias mysql \
-d mysql:5.7
运行一个 Ghost 服务容器⌗
docker run --name george \
-h george \
--net ghost \
--ip 10.0.0.3 \
--network-alias george \
-e database__client=mysql \
-e database__connection__host=mysql \
-e database__connection__user=root \
-e database__connection__password=George@1994 \
-e database__connection__database=george \
-e url=https://george.betterde.com \
-v /var/local/blog/george:/var/lib/ghost/content \
-d ghost:latest
url 根据自己的网站域名填写对应的域名即可。
运行一个 Nginx 容器⌗
Nginx 用来代理客户端请求,到 Ghost 的指定端口。开始之前先用 Nginx 的镜像生成默认配置文件.
docker run --name nginx \
-v /var/local/nginx:/var/nginx \
--rm nginx sh -c 'cp -Rf /etc/nginx/* /var/nginx' \
nginx:latest
运行完成后回自动删除容器,如果不出意外的话,此时 /var/local/nginx 这个目录应该就有了nginx的默认配置文件,接下来运行 nginx 容器。
docker run \
-p 80:80 \
-p 443:443 \
--name nginx \
-h nginx \
--net betterde \
--ip 10.0.0.4 \
--network-alias nginx \
-v /var/local/web/sites:/web/sites \
-v /var/local/nginx:/etc/nginx \
-v /var/local/web/logs:/web/logs \
-d nginx:latest
此时访问你的域名或主机IP,应该能看到nginx 的欢迎页面。
mv /var/local/nginx/conf.d/default.conf yourdomain.conf
vim yourdomain.conf
server {
listen 80;
server_name yourdomain;
location / {
proxy_pass http://george:2368/; #这里填写你在运行Ghost镜像时指定的 hostname即可,端口号默认是2368
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
}
server {
listen 80;
server_name yourdomain.com;
return 308 https://$host$request_uri;
}
server {
listen 443 ssl;
server_tokens off;
server_name yourdomain.com;
ssl_certificate /etc/nginx/cert/fullchain.cer;
ssl_certificate_key /etc/nginx/cert/betterde.com.key;
# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
# disable any limits to avoid HTTP 413 for large image uploads
client_max_body_size 0;
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location / {
proxy_pass http://george:2368/; #这里填写你在运行Ghost镜像时指定的 hostname即可,端口号默认是2368
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
}
如何获取HTTPS证书请看我的另一片文章:《为你的域名申请统配证书》
将获得的证书拷贝到 /var/local/nginx/cert 目录下,再将对应的文件名改为你自己的证书名称!
docker restart nginx
重启 Nginx 容器后,试着访问你的域名如 https://yourdomain.com/ghost或http://yourdomain.com/ghost,如果不出意外的话,将能看到Ghost 的初始化管理后台。
I hope this is helpful, Happy hacking…