目的: 将站点部署到外网无法访问的树莓派中.
可使用 lnmp 部署, 也可以使用 docker, 树莓派3B+不支持原版的 mysql docker 镜像. 故本次镜像使用: hypriot/rpi-mysql.
docker-compose 文件为:
version: '3.3'
services:
wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- /home/xxx/files/wwwroot/xxx:/var/www/html
ports:
- "81:80"
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: xxx
db:
image: hypriot/rpi-mysql
volumes:
- /home/wukt/files/wordpress_db/:/var/lib/mysql
ports:
- "3306:3306"
restart: always
environment:
MYSQL_ROOT_PASSWORD: xxx
MYSQL_DATABASE: wordpress
MYSQL_USER: xxx
MYSQL_PASSWORD: xxx
github: https://github.com/fatedier/frp 可在项目的 release 中下载响应的服务器和客户端版本, 具体配置方式可以参照文档, 本文记录本次部署配置.
服务端应配置的外网可以访问的服务器上.
[common]
bind_port = 8888
bind_addr = 0.0.0.0
bind_udp_port =
kcp_bind_port =
privilege_token = xxx
vhost_http_port = 88 ; 一般使用 http 即可, 因为浏览器到 nginx 可以走 https, 配置相对简单些.
vhost_https_port = 444
log_level = info
log_max_days = 3
max_pool_count = 20
tcp_mux = true
max_ports_per_client = 0
authentication_timeout = 900
客户端配置:
[common]
server_addr = ip ; 服务器端公网ip
server_port = 8888 ; 与服务器端 bindport 相同.
privilege_token = xxx
protocol = tcp
use_encryption = true
use_compression = true
log_level = info
log_max_days = 3
tcp_mux = true
login_fail_exit = false
[raspberrypi]
type = http
local_port = 81
custom_domains = blog.wktadmin.com ; 多域名使用逗号隔开.
如果不使用 nginx, 网站部署仍然是成功的, 但是为了网站可以使用80/443端口访问, 而又不影响服务端已存在的其他网站, 只好使用 nginx 反向代理, 将浏览器访问80/443端口的请求, 转发到 frp 的 http 服务监听的88端口上.
本站开启 https, 所以配置如下:
server
{
listen 443 ssl http2;
#listen [::]:80;
server_name blog.wktadmin.com;
ssl_certificate /etc/letsencrypt/live/blog.wktadmin.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.wktadmin.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass_header Server;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_pass http://127.0.0.1:88/;
}
}