参考资料:
1、docker官方文档:https://docs.docker.com/engine/install/ubuntu/
2、wiki.js官方文档:https://docs.requarks.io/install/docker
wiki.js部署全攻略
如果已安装docker,则跳过步骤一。
一、安装docker
1.1、移除旧版本(可选)
sudo apt-get remove docker docker-engine docker.io containerd runc
1.2、添加docker官方仓库
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
1.3、添加GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
1.4、使用稳定版仓库
echo \
"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
1.5、安装docker
此方式默认安装最新版docker
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
如需指定版本docker,请参照以下方式
sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
1.6、安装docker-compose
sudo apt install docker-compose
二、安装Wiki
本次部署使用docker-compose方式,非常简单。
2.1、创建docker-compose文件
vim docker-compose.yml
2.2、复制粘帖
将以下内容复制到文件中即可
version: "3"
services:
db:
image: postgres:11-alpine
environment:
POSTGRES_DB: wiki
POSTGRES_PASSWORD: wikijsrocks
POSTGRES_USER: wikijs
logging:
driver: "none"
restart: unless-stopped
volumes:
- db-data:/var/lib/postgresql/data
wiki:
image: requarks/wiki:2
depends_on:
- db
environment:
DB_TYPE: postgres
DB_HOST: db
DB_PORT: 5432
DB_USER: wikijs
DB_PASS: wikijsrocks
DB_NAME: wiki
restart: unless-stopped
ports:
- "80:3000"
volumes:
db-data:
2.3、启动docker-compose
sudo docker-compose up -d
# 接着需要一段较长的时间来下载镜像,完成后自动启动
Recreating ubuntu_wiki_1 ... done
2.4、nginx反代
温馨提示:如果你没有域名用来解析,请跳过此步骤!!!
因为我服务器上有很多服务,80端口被占用,因为未在yml文件里映射88端口而不是80端口。
2.4.1、创建nginx配置文件
sudo vim /etc/nginx/conf.d/wiki.conf
2.4.2、添加配置
将以下配置添加进去后保存并退出,wiki.sanxi.info是我自己的域名,你们记得改成自己的域名,反代的端口得是前面docker-compose.yml里面指定的端口。
server {
server_name wiki.sanxi.info; # 记得把所有域名都改成你自己的域名
client_max_body_size 1024m;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:88/; # 端口是前面docker-compose.yml里面指定的端口
server_tokens off;
}
}
server {
if ($host = wiki.sanxi.info) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name wiki.sanxi.info;
return 404; # managed by Certbot
}
server {
if ($host = wiki.sanxi.info) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name wiki.sanxi.info;
listen 80;
return 404; # managed by Certbot
}
2.4.3、重载nginx配置
sudo nginx -s reload
至此,部署wiki的步骤已经全部完成,在浏览器输入你解析后的域名即可,没有域名则直接输入你的公网IP即可!
三、部署HTTPS服务(可选)
本文使用Let's Encrypt证书,由Certot提供支持服务!
3.1、安装Certbot
sudo apt install certbot python3-certbot-nginx -y
3.2、安装证书
如果安装上面的方式部署,则运行以下命令后按照提示操作即可,否则请自行查阅cerbot官方文档!
sudo certbot --nginx
以下为安装时的提示信息以及选择,仅供参考!!!
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: blog.sanxi.info
2: seafile.sanxi.info
3: test.sanxi.info
4: wiki.sanxi.info
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 4 # 选择要安装SSL的站点
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for wiki.sanxi.info
nginx: [warn] conflicting server name "test.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
Waiting for verification...
Cleaning up challenges
nginx: [warn] conflicting server name "test.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
Deploying Certificate to VirtualHost /etc/nginx/conf.d/wiki.conf
nginx: [warn] conflicting server name "test.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
# 是否强制重定向HTTP为HTTPS,当然选择是啦,不然我装SSL证书干嘛!
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/wiki.conf
nginx: [warn] conflicting server name "test.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wiki.sanxi.info" on 0.0.0.0:80, ignored
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wiki.sanxi.info
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=wiki.sanxi.info
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/wiki.sanxi.info/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/wiki.sanxi.info/privkey.pem
Your cert will expire on 2021-07-04. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
3.3、自动续签
这次不需要选择,等它运行完毕即可。
sudo certbot renew --dry-run