diff --git a/.env.simple b/.env.simple new file mode 100644 index 0000000..bba4c6a --- /dev/null +++ b/.env.simple @@ -0,0 +1,4 @@ +# 运行用户,默认root用户,生产环境建议更改为其它普通用户 +USER=root +# MySQL初始化密码,默认3306,运行前请修改为其它复杂密码 +MYSQL_ROOT_PASSWORD=root3306 \ No newline at end of file diff --git a/dnmp.sh b/dnmp.sh new file mode 100644 index 0000000..ddca02e --- /dev/null +++ b/dnmp.sh @@ -0,0 +1,194 @@ +#!/bin/bash + +##### name:dnmp管理脚本 ##### +##### update:2023/11/23 ##### + +# 获取当前运行目录 +CURRENT_DIR=$PWD + +# 检查环境变量是否存在,存在就加载 +if [ -f "${CURRENT_DIR}/.env" ] +then + source ${CURRENT_DIR}/.env + # 根据.env里面的变量,设置用户ID和组ID + USER_ID=$(id -u ${USER}) + GROUP_ID=$(id -g ${USER}) +fi + +# 服务列表 +services=(nginx mysql php74) + + +# 初始化运行 +init(){ + # 拷贝环境变量 + cp ${CURRENT_DIR}/.env.simple ${CURRENT_DIR}/.env + # 询问用户使用哪个用户运行,如果为空,则默认使用root用户 + read -p "Please enter the running user (default root):" USER + # 如果为空,则USER=root + if [ "${USER}" = "" ] + then + USER="root" + fi + # 替换.env文件中的USER变量 + sed -i "s/USER=root/USER=${USER}/g" ${CURRENT_DIR}/.env + + # 询问用户MySQL初始化密码,默认root3306,运行前请修改为其它复杂密码,密码如果为空,则设置为root3306,且密码不能低于8位字符 + read -p "Please set the MySQL root password (default: root3306)" MYSQL_ROOT_PASSWORD + # 如果密码为空 + if [ "${MYSQL_ROOT_PASSWORD}" = "" ] + then + MYSQL_ROOT_PASSWORD="root3306" + fi + # 如果密码长度小于8位 + if [ ${#MYSQL_ROOT_PASSWORD} -lt 8 ] + then + echo "The password length cannot be less than 8 characters" + exit + fi + # 替换.env文件中的MYSQL_ROOT_PASSWORD变量 + sed -i "s/MYSQL_ROOT_PASSWORD=root3306/MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}/g" ${CURRENT_DIR}/.env + # 加载环境变量 + source ${CURRENT_DIR}/.env +} + +# 服务运行前必要检查 +run_check(){ + # 检查docker是否安装 + if [ ! -x "$(command -v docker)" ] + then + echo "Docker is not installed, please install it first." + exit + fi + # 检查docker-compose是否安装 + if [ ! -x "$(command -v docker-compose)" ] + then + echo "Docker-compose is not installed, please install it first." + exit + fi + # 检查.env文件是否存在 + if [ ! -f "${CURRENT_DIR}/.env" ] + then + echo "The .env file does not exist, please run the init command first." + exit + fi +} + +# 运行docker服务 +start(){ + # 运行前检查 + run_check + # 获取用户传递的第二个参数 + service=$2 + # 如果service为空,或者为all,则运行所有服务 + if [ "${service}" = "" ] || [ "${service}" = "all" ] + then + # 遍历服务列表 + for service in ${services[@]} + do + # 拼接当前目录 + service,判断目录是否存在 + if [ -d "${CURRENT_DIR}/${service}" ] + then + # 进入到service目录 + cd ${CURRENT_DIR}/${service} + # 运行docker-compose + docker-compose up -d + echo '------------------------------------------------------' + echo "The ${service} service start success." + echo '------------------------------------------------------' + # 回到当前目录 + cd ${CURRENT_DIR} + else + # 目录不存在,则直接提示服务不存在 + echo "The ${service} service does not exist." + fi + done + exit + fi + + # 拼接当前目录 + service,判断目录是否存在 + if [ -d "${CURRENT_DIR}/${service}" ] + then + # 进入到service目录 + cd ${CURRENT_DIR}/${service} + # 运行docker-compose + docker-compose up -d + echo '------------------------------------------------------' + echo "The ${service} service start success." + echo '------------------------------------------------------' + # 回到当前目录 + cd ${CURRENT_DIR} + else + # 目录不存在,则直接提示服务不存在 + echo "The service does not exist." + exit + fi + +} + +# 停止docker服务 +stop(){ + # 运行前检查 + run_check + # 获取用户传递的第二个参数 + service=$2 + # 如果service为空,或者为all,则停止所有服务 + if [ "${service}" = "" ] || [ "${service}" = "all" ] + then + # 遍历服务列表 + for service in ${services[@]} + do + # 拼接当前目录 + service,判断目录是否存在 + if [ -d "${CURRENT_DIR}/${service}" ] + then + # 进入到service目录 + cd ${CURRENT_DIR}/${service} + # 停止docker-compose + docker-compose stop + echo '------------------------------------------------------' + echo "The ${service} service stop success." + echo '------------------------------------------------------' + # 回到当前目录 + cd ${CURRENT_DIR} + else + # 目录不存在,则直接提示服务不存在 + echo "The ${service} service does not exist." + fi + done + exit + fi + + # 拼接当前目录 + service,判断目录是否存在 + if [ -d "${CURRENT_DIR}/${service}" ] + then + # 进入到service目录 + cd ${CURRENT_DIR}/${service} + # 停止docker-compose + docker-compose stop + echo '------------------------------------------------------' + echo "The ${service} service stop success." + echo '------------------------------------------------------' + # 回到当前目录 + cd ${CURRENT_DIR} + else + # 目录不存在,则直接提示服务不存在 + echo "The service does not exist." + exit + fi +} + +# 通过case判断用户输入的第一个参数,然后执行对应函数的动作 +case $1 in + 'init') + init + ;; + 'start') + start + ;; + 'stop') + stop + ;; + *) + echo "Usage: $0 {init|run|stop}" + ;; +esac \ No newline at end of file diff --git a/mysql/docker-compose.yaml b/mysql/docker-compose.yaml index c2cb370..68783df 100644 --- a/mysql/docker-compose.yaml +++ b/mysql/docker-compose.yaml @@ -6,6 +6,7 @@ services: env_file: .env restart: always network_mode: host + user: "${USER_ID}:${GROUP_ID}" volumes: - './data:/var/lib/mysql' - './my.cnf:/etc/mysql/my.cnf' \ No newline at end of file diff --git a/nginx/conf/vhost/site.conf.example b/nginx/conf/vhost/site.conf.example new file mode 100644 index 0000000..0631b2c --- /dev/null +++ b/nginx/conf/vhost/site.conf.example @@ -0,0 +1,78 @@ +server { + listen 80; + + server_name domain.com www.domain.com; + # 日志路径建议/usr/local/nginx/logs/ + access_log /usr/local/nginx/logs/www.domain.com_nginx.log combined; + index index.html index.htm index.php; + root /var/www/html/wordpress; + + + location ~ \.php$ { + include fastcgi_params; + fastcgi_pass 127.0.0.1:9074; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + } + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { + expires 30d; + access_log off; + } + location ~ .*\.(js|css)?$ { + expires 7d; + access_log off; + } + location ~ /\.ht { + deny all; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + ssl_certificate /usr/local/nginx/conf/ssl/domain.com.crt; + ssl_certificate_key /usr/local/nginx/conf/ssl/domain.com.key; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; # about 40000 sessions + ssl_session_tickets off; + + + # intermediate configuration + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305; + ssl_prefer_server_ciphers off; + + # OCSP stapling + ssl_stapling on; + ssl_stapling_verify on; + + server_name domain.com www.domain.com; + # 日志路径建议/usr/local/nginx/logs/ + access_log /usr/local/nginx/logs/www.domain.com_nginx.log combined; + index index.html index.htm index.php; + root /var/www/html/wordpress; + + + location ~ \.php$ { + include fastcgi_params; + fastcgi_pass 127.0.0.1:9074; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + } + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { + expires 30d; + access_log off; + } + location ~ .*\.(js|css)?$ { + expires 7d; + access_log off; + } + location ~ /\.ht { + deny all; + } +} \ No newline at end of file diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml index ce2735f..4f71e3f 100644 --- a/nginx/docker-compose.yml +++ b/nginx/docker-compose.yml @@ -3,6 +3,7 @@ services: nginx: image: helloz/nginx:alpine-1.24.0 container_name: nginx + user: "${USER_ID}:${GROUP_ID}" #environment: network_mode: "host" diff --git a/php74/docker-compose.yaml b/php74/docker-compose.yaml index fbc70c0..ee7a9b8 100644 --- a/php74/docker-compose.yaml +++ b/php74/docker-compose.yaml @@ -6,7 +6,7 @@ services: network_mode: host container_name: php-7.4 # Specify User ID and User Group - # user: "1000:1000" + user: "${USER_ID}:${GROUP_ID}" volumes: - ./www.conf:/usr/local/etc/php-fpm.d/www.conf - ./php.ini:/usr/local/etc/php/conf.d/php.ini