docker部署typecho+雷池waf

安装docker
yum install yum-utils epel-release -y
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin unzip screen vim wget telnet lrzsz nload iftop htop iotop sysstat tree mlocate net-tools
systemctl enable docker
systemctl start docker

安装docker-compose
curl -L https://github.com/docker/compose/releases/download/v2.21.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
chmod x /usr/local/bin/docker-compose

安装雷池waf
bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"

部署nginx php
mkdir -p /www/wwwroot/default.com
mkdir /www/{nginx,logs,php}

vim /www/docker-compose.yml

version: "3"


services:
nginx:
image: nginx
ports:
- "8223:80" # 左边可以改成任意没使用的端口
restart: always
environment:
- TZ=Asia/Shanghai
volumes:
- /www/wwwroot/default.com:/var/www/html
- /www/nginx:/etc/nginx/conf.d
- /www/logs:/var/log/nginx
depends_on:
- php
networks:
- web


php:
build: php
restart: always
expose:
- "9000" # 不暴露公网，故没有写9000:9000
volumes:
- /www/wwwroot/default.com:/var/www/html
environment:
- TZ=Asia/Shanghai
networks:
- web


networks:
web:

vim /www/nginx/default.conf

server {
listen 80 default_server;
root /var/www/html;
index index.php;


access_log /var/log/nginx/typecho_access.log main;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php$1 last;
}
location / {
index index.php index.html index.htm;


if (!-e $request_filename) {
rewrite . /index.php last;
}
}


location ~ \.php(.*)$ {
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_split_path_info ^((?U). \.php)(/?. )$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}

vim /www/php/Dockerfile

FROM php:7.3.29-fpm
RUN apt-get update \
&& docker-php-ext-install pdo_mysql \
&& echo "output_buffering = 4096" > /usr/local/etc/php/conf.d/php.ini \
&& echo "date.timezone = PRC" >> /usr/local/etc/php/conf.d/php.ini

cd /www
docker-compose up -d

登陆雷池,添加站点

简单的配置一些策略
![Image [2].png][2]
![Image [3].png][3]

注意路径要填写容器内路径
![Image [4].png][4]