hmilyld 发布的文章

从github换到flarum,捣鼓了下,记录一些问题。

使用的docker安装的,比较省事,直接pull下来处理就行了,下面是相关配置文件

docker-compose.yml

version: "3"

services:
  flarum:
    image: registry.cn-hangzhou.aliyuncs.com/flarumchina/nginx-flarum:latest
    container_name: flarum
    ports:
      - 80:8888
      - 443:443
    env_file:
      - ./flarum.env
    volumes:
      - ./assets:/flarum/app/public/assets
      - ./extensions:/flarum/app/extensions
      - ./nginx:/etc/nginx/conf.d
      - ./cert:/etc/nginx/cert
      - ./nginx.conf:/etc/nginx/nginx.conf
    depends_on:
      - mysql
    restart: always

  mysql:
    image: mysql:5.7
    container_name: flarum-mysql
    ports:
      - 3306:3306
    environment:
      - MYSQL_ROOT_PASSWORD=root password
      - MYSQL_DATABASE=flarum
      - MYSQL_USER=flarum
      - MYSQL_PASSWORD=your password
    volumes:
      - ./db:/var/lib/mysql
    restart: always

- 阅读剩余部分 -

version: '3'

services:
  mysql:
    container_name: jjit_mysql
    restart: always
    image: mysql:5.7
    ports:
      - 3306:3306
    volumes:
      - ./mysql/data:/var/lib/mysql
      - ./mysql/my.cnf:/etc/my.cnf
    environment:
      MYSQL_ROOT_PASSWORD: password

  nginx:
    container_name: jjit_nginx
    restart: always
    image: nginx:latest
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx/www:/usr/share/nginx/html
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./nginx/cert:/etc/nginx/cert
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
      - ./nginx/log/error.log:/var/log/nginx/error.log
    links:
      - tomcat:t1

  tomcat:
    container_name: jjit_tomcat
    restart: always
    image: tomcat:latest
    ports:
      - 8080:8080
      - 8009:8009
      - 8443:8443
    volumes:
      - ./tomcat/webapps:/usr/local/tomcat/webapps
      - ./tomcat/conf:/usr/local/tomcat/conf
      - ./tomcat/logs:/usr/local/tomcat/logs
    links:
      - mysql:m1

host 配置多域名访问

多域名直接修改 server.xml 文件就行了,类似如下配置:

<Engine name="Catalina" defaultHost="www.default.com">
    <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />
    </Realm>
    <Host name="www.default.com" appBase="/路径" unpackWARs="true" autoDeploy="true">
        <Alias>default.com</Alias>
        <Context path="" docBase="/路径" debug="0" reloadable="true" />
    </Host>
    <Host name="www.abc.com" appBase="/路径" unpackWARs="true" autoDeploy="true">
        <Alias>abc.com</Alias>
        <Context path="" docBase="/路径" debug="0" reloadable="true" />
    </Host>
    <Host name="www.123.com" appBase="/路径" unpackWARs="true" autoDeploy="true">
        <Alias>123.com</Alias>
        <Context path="" docBase="/路径" debug="0" reloadable="true" />
    </Host>
</Engine>

开启 https 访问

生产环境的话,证书还是用正规机构颁发的证书,要不然像微信这种后台校验 https 访问会通过不了,阿里云有免费的证书,一年期,后面再续就行了。申请方式及地址:https://yq.aliyun.com/articles/637307

证书申请后,从控制台下载证书,然后放到服务器上,而后修改 server.xml,增加如下配置:

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" keystoreFile="证书路径" keystorePass="证书密码" keystoreType="PKCS12"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />

搞定,另外如果服务器在阿里云,记得安全组打开 443 端口,默认 443 是不允许访问的。

[DllImport("wininet.dll", CharSet = CharSet.Auto, SetLastError = true)]
static extern bool InternetGetCookieEx(string pchURL, string pchCookieName, StringBuilder pchCookieData, ref int pcchCookieData, int dwFlags, object lpReserved);

private static string GetCookieString(string url)
{
    int datasize = 256;
    StringBuilder cookieData = new StringBuilder(datasize);
    if (!InternetGetCookieEx(url, null, cookieData, ref datasize, 0x00002000, null))
    {
        if (datasize < 0)
            return null;
        cookieData = new StringBuilder(datasize);
        if (!InternetGetCookieEx(url, null, cookieData, ref datasize, 0x00002000, null))
            return null;
    }
    return cookieData.ToString();
}