51工具盒子部署应用
参考官方给出的示例仓库(前往GitHub查看)
services:
wordpress:
image: wpeverywhere/frankenwp:latest-php8.3
restart: always
ports:
- "8100:80" # HTTP
environment:
SERVER_NAME: ${SERVER_NAME:-:80}
WORDPRESS_DB_HOST: ${DB_HOST:-db}
WORDPRESS_DB_USER: ${DB_USER:-exampleuser}
WORDPRESS_DB_PASSWORD: ${DB_PASSWORD:-examplepass}
WORDPRESS_DB_NAME: ${DB_NAME:-exampledb}
WORDPRESS_DEBUG: ${WP_DEBUG:-true}
WORDPRESS_TABLE_PREFIX: ${DB_TABLE_PREFIX:-wp_}
CACHE_LOC: ${CACHE_LOC:-/var/www/html/wp-content/cache}
TTL: ${TTL:-80000}
PURGE_PATH: ${PURGE_PATH:-/__cache/purge}
PURGE_KEY: ${PURGE_KEY:-}
BYPASS_HOME: ${BYPASS_HOME:-false}
BYPASS_PATH_PREFIXES: ${BYPASS_PATH_PREFIXES:-/wp-admin,/wp-content,/wp-includes,/wp-json,/feed}
CACHE_RESPONSE_CODES: ${CACHE_RESPONSE_CODES:-000}
CADDY_GLOBAL_OPTIONS: |
email myemail@sample.com
auto_https disable_redirects
debug
WORDPRESS_CONFIG_EXTRA: |
define('WP_SITEURL', 'http://localhost:8100');
define('WP_HOME', 'http://localhost:8100');
volumes:
# - ./wp-content:/var/www/html/wp-content
depends_on:
- db
tty: true
db:
image: mariadb:latest
restart: always
ports:
- ${LOCAL_DB_PORT:-3311}:3306
environment:
MYSQL_DATABASE: ${DB_NAME:-exampledb}
MYSQL_USER: ${DB_USER:-exampleuser}
MYSQL_PASSWORD: ${DB_PASSWORD:-examplepass}
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-examplepass}
volumes:
- dbwp:/var/lib/mysql
phpmyadmin:
image: phpmyadmin/phpmyadmin
restart: always
ports:
- ${LOCAL_PHPMYADMIN_PORT:-8086}:80
environment:
PMA_HOST: db
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-examplepass}
depends_on:
- db
`volumes:
dbwp:`
一般来说,你直接使用这个compose文件是可以直接运行起来的,但是这只是个例子,直接使用这个作为生产环境的话,会有安全问题,例如它默认的MySQL用户名和密码都是弱密码,更何况这个compose还将MySQL的端口映射到容器外部了,虽说默认的端口不再是3306,但仍然有很大的安全隐患
为此,我们可以在当前目录下创建一个.env文件来进行配置,这样在部署的时候就可以自定义很多参数
BYPASS_PATH_PREFIX=/wp-admin,/wp-includes,/wp-content
DB_NAME=mysitename
DB_USER=mysitename
DB_PASSWORD=soineoinxAsx
DB_PREFIX=mywp_
如果你一切都准备就绪,那么可以通过此命令部署应用
docker compose up -d
它会自动拉取镜像并启动容器,此时你只需要访问服务器IP:端口即可访问,例如123.1.1.1:8100
如果你只想运行这一个网站,那么可以这样修compose的第一段改节省反代的步骤
ports:
- "80:80" # HTTP
修改之后也建议修改一下WORDPRESS_CONFIG_EXTRA中的内容
当然,由于FrankenPHP是使用Caddy作为Web服务器的,所以你可以使用它的自动HTPPS功能
首先你需要同时映射出80和443两个端口
ports:
- "80:80" # HTTP
- "443:443" # HTTPS
并且在.env文件中新增一行写入以下内容
SERVER_NAME=你的域名
之后务必要修改WORDPRESS_CONFIG_EXTRA中的内容
本站正在使用FrankenPHP作为后端,测试下来很稳定,性能也确实有提升
自己编译镜像
如果要进一步优化性能,你可能会需要用到Redis,Mencached等,这时候就需要给PHP安装对应的扩展,但是直接exec进容器安装后不方便持久化,所以建议自己构建Docker镜像
自己构建镜像需要一定基础,因此本文在某些众所周知的细节上将不会提及
首先如果你的目的是新建站点而不是将已有的站点换一个后端,那么使用官方的DockerFile做一些修改就好,如果你是给已有站点换一个后端,建议参考我的DockerFile
先放上我自己改了的DockerFile,由于我不需要数据库和phpmyadmin(已经部署过了),所以我注释掉了这些
ARG WORDPRESS_VERSION=latest
ARG PHP_VERSION=8.3
ARG USER=1000
FROM dunglas/frankenphp:latest-builder-php${PHP_VERSION} AS builder
Copy xcaddy in the builder image
================================
COPY --from=caddy:builder /usr/bin/xcaddy /usr/bin/xcaddy
CGO must be enabled to build FrankenPHP
=======================================
ENV CGO_ENABLED=1 XCADDY_SETCAP=1 XCADDY_GO_BUILD_FLAGS='-ldflags="-w -s" -trimpath'
COPY ./sidekick/middleware/cache ./cache
RUN xcaddy build
--output /usr/local/bin/frankenphp
--with github.com/dunglas/frankenphp=./
--with github.com/dunglas/frankenphp/caddy=./caddy/
--with github.com/dunglas/caddy-cbrotli
# Add extra Caddy modules here
--with github.com/stephenmiracle/frankenwp/sidekick/middleware/cache=./cache
FROM wordpress:$WORDPRESS_VERSION AS wp
FROM dunglas/frankenphp:latest-php${PHP_VERSION} AS base
LABEL org.opencontainers.image.title=FrankenWP
LABEL org.opencontainers.image.description="Optimized WordPress containers to run everywhere. Built with FrankenPHP \& Caddy."
LABEL org.opencontainers.image.url=https://wpeverywhere.com
LABEL org.opencontainers.image.source=https://github.com/StephenMiracle/frankenwp
LABEL org.opencontainers.image.licenses=MIT
LABEL org.opencontainers.image.vendor="Stephen Miracle"
Replace the official binary by the one contained your custom modules
====================================================================
COPY --from=builder /usr/local/bin/frankenphp /usr/local/bin/frankenphp
ENV WP_DEBUG=${DEBUG:+1}
ENV FORCE_HTTPS=0
ENV PHP_INI_SCAN_DIR=$PHP_INI_DIR/conf.d
RUN apt-get update \&\& apt-get install -y --no-install-recommends
ca-certificates
ghostscript
curl
libonig-dev
libxml2-dev
libcurl4-openssl-dev
libssl-dev
libzip-dev
unzip
git
libjpeg-dev
libwebp-dev
libzip-dev
libmemcached-dev
zlib1g-dev
install the PHP extensions we need (https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions)
============================================================================================================================
RUN install-php-extensions
bcmath
redis
fileinfo
exif
gd
intl
mysqli
zip
curl
# See https://github.com/Imagick/imagick/issues/640#issuecomment-2077206945
imagick/imagick@master
opcache
RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
COPY php.ini $PHP_INI_DIR/conf.d/wp.ini
#COPY --from=wp /usr/src/wordpress /usr/src/wordpress
COPY --from=wp /usr/local/etc/php/conf.d /usr/local/etc/php/conf.d/
COPY --from=wp /usr/local/bin/docker-entrypoint.sh /usr/local/bin/
set recommended PHP.ini settings
================================
see https://secure.php.net/manual/en/opcache.installation.php
=============================================================
RUN set -eux;
{
echo 'opcache.memory_consumption=128';
echo 'opcache.interned_strings_buffer=8';
echo 'opcache.max_accelerated_files=4000';
echo 'opcache.revalidate_freq=2';
} \> $PHP_INI_DIR/conf.d/opcache-recommended.ini
https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging
====================================================================================
RUN {
# https://www.php.net/manual/en/errorfunc.constants.php
# https://github.com/docker-library/wordpress/issues/420#issuecomment-517839670
echo 'error_reporting = E_ERROR \| E_WARNING \| E_PARSE \| E_CORE_ERROR \| E_CORE_WARNING \| E_COMPILE_ERROR \| E_COMPILE_WARNING \| E_RECOVERABLE_ERROR';
echo 'display_errors = Off';
echo 'display_startup_errors = Off';
echo 'log_errors = On';
echo 'error_log = /dev/stderr';
echo 'log_errors_max_len = 1024';
echo 'ignore_repeated_errors = On';
echo 'ignore_repeated_source = Off';
echo 'html_errors = Off';
} \> $PHP_INI_DIR/conf.d/error-logging.ini
WORKDIR /var/www/html
#VOLUME /var/www/html/wp-content
COPY wp-content/mu-plugins /var/www/html/wp-content/mu-plugins
RUN mkdir /var/www/html/wp-content/cache
RUN sed -i
-e 's/\[ "$1" = '''php-fpm''' \]/\[\[ "$1" == frankenphp\* \]\]/g'
-e 's/php-fpm/frankenphp/g'
/usr/local/bin/docker-entrypoint.sh
Add $_SERVER\['ssl'\] = true; when env USE_SSL = true is set to the wp-config.php file here: /usr/local/bin/wp-config-docker.php
================================================================================================================================
#RUN sed -i 's/\<?php/\<?php if (!!getenv("FORCE_HTTPS")) { $_SERVER\["HTTPS"\] = "on"; } define( "FS_METHOD", "direct" ); set_time_limit(300); /g' /usr/src/wordpress/wp-config-docker.php
Adding WordPress CLI
====================
RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \&\&
chmod +x wp-cli.phar \&\&
mv wp-cli.phar /usr/local/bin/wp
COPY Caddyfile /etc/caddy/Caddyfile
Caddy requires an additional capability to bind to port 80 and 443
==================================================================
RUN useradd -D ${USER} \&\&
setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/frankenphp
Caddy requires write access to /data/caddy and /config/caddy
============================================================
RUN chown -R ${USER}:${USER} /data/caddy \&\&
chown -R ${USER}:${USER} /config/caddy \&\&
chown -R ${USER}:${USER} /var/www/html \&\&
#chown -R ${USER}:${USER} /usr/src/wordpress \&\&
chown -R ${USER}:${USER} /usr/local/bin/docker-entrypoint.sh
USER $USER
`ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
CMD ["frankenphp", "run", "--config", "/etc/caddy/Caddyfile"]
`
如果你只是想加几个扩展,那么直接修改RUN install-php-extensions下面的内容就可以,如果你想更多的自定义,可以参考我的来,这里不做过多的解释
