docker-compose安装wordpress开启https
默认使用docker-compose安装wordpress后,就算开启了443端口,还是无法使用https的。为了解决这个问题,有了这个教程。
本教程参考了互联网的各种教程,再次表示感谢。
一、创建wordpress文件夹,例如:/etc/wordpress
使用以下文件内容创建docker-compose.yml
version: '3'
services:
db:
image: mysql:8.0
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress
wordpress:
depends_on:
- db
image: wordpress:latest
ports:
- "80:80"
- "443:443"
volumes:
- /etc/wordpress/ssl:/etc/apache2/cetrts
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
该文件内容与官方指导文件相比,新增了443端口,和挂载了ssl证书的目录,在/etc/wordpress/ssl
放进申请到的证书文件,包括pem和key。
启动安装
docker-compose up -d
二、在docker中安装vim
官方的docker版wordpress默认是ubuntu的,所以就算你虚拟机是centos,也无法在容器中使用yum来安装,只能使用apt-get 来安装。
进入容量docker 的命令:
docker exec -it container-name /bin/bash
进入容器后输入以下代码:
apt-get update
apt-get install vim
加载 OpenSSL 模块
进入 wordpress 容器,输入 openssl
,查看是否安装 ssl ,如果出现下面图情况说明已经安装过了
[root@test home]# docker exec -it blog bash
root@d38c40e54806:/var/www/html# openssl
OpenSSL>
# 输入 exit 退出 OpenSSL
加载 Apache SSL 模块
输入 a2enmod ssl
,第一次加载,会提示重启 Apache,简单粗暴直接重启 wordpress 容器
root@d38c40e54806:/var/www/html# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
service apache2 restart
root@d38c40e54806:/var/www/html#
三、备份一下容器中 /etc/apache2/sites-available/
的default-ssl.conf
文件
cd /etc/apache2/sites-available/
cp default-ssl.conf default-ssl.conf.bak
编辑default-ssl.conf
文件,修改证书指向正确的文件目录
vi default-ssl.conf
Apache 加载 SSL 模块后,会在 /etc/apache2/sites-available
下生成 default-ssl.conf
文件,编辑该文件
SSLCertificateFile /etc/apache2/certs/example.com.pem
SSLCertificateKeyFile /etc/apache2/certs/example.com.key
上述两行配置就是证书的存放位置,我们只需要把第三方第三方可信CA签发的证书相应的文件进行替换
从 apache 的配置文件 apache2.conf
可以看到,apache 只会读取 /etc/apache2/sites-enabled
目录的配置文件,所以需要把 /etc/apache2/sites-available
下的 default-ssl.conf
文件复制到 /etc/apache2/sites-enabled
目录下。
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ss.conf
四、http 请求强制跳转到 https
编辑 /etc/apache2/sites-available/000-default.conf
在 <VirtualHost *:80> </VirtualHost>
标签中增加下面的配置
<Directory "/var/www/html">
RewriteEngine on
RewriteBase /
# FORCE HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</Directory>
效果如下
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory "/var/www/html">
RewriteEngine on
RewriteCond %{HTTP_HOST} ^http3w.com [NC] #改成自己域名,实现去www访问
RewriteRule ^(.*)$ https://www.http3w.com/$1 [L,R=301]
RewriteBase /
# FORCE HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
修改完之后,重启 wordpress 容器,一切都变成了 https
docker-compose restart
大功告成!
2、本站文章部分来源注册用户发布或互联网收集而来,若有侵权,请邮件联系作者。
邮箱地址:wtao219@qq.com