Closed7
さくらVPS / Ubuntu / Docker / SSL化 / サブドメイン割り当てまで
plaincode_jp初期設定
ubuntu 20.04 をインストール
スタートアップスクリプトを一緒に入れる。
開放ポート指定やパスワードログイン禁止、ssh key登録など、一括でやる。
docker / docker compose
複数のスクリプトを管理画面で実行はできないので、
さくら公式 docker / docker compose インストールスクリプト をコピペ
!/bin/bash
set -x
. /etc/os-release
if [ "$NAME" == "Ubuntu" ]; then
# enable alias
shopt -s expand_aliases
alias apt-get="apt-get -o 'Acquire::Retries=3' -o 'Acquire::https::Timeout=60' -o 'Acquire::http::Timeout=60' -o 'Acquire::ftp::Timeout=60'"
# package update
apt-get -y update || exit 1
# set up the repository
apt-get -y install apt-transport-https ca-certificates curl software-properties-common || exit 1
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - || exit 1
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" || exit 1
# disable install packages autostart
cat <<EOF >/usr/sbin/policy-rc.d
#!/bin/sh
exit 101
EOF
chmod 755 /usr/sbin/policy-rc.d
# install docker ce
apt-get clean
apt-get -y update || exit 1
apt-get -y install docker-ce docker-ce-cli containerd.io || dpkg --configure -a
usermod -a -G docker ubuntu || exit 1
# install latest Docker Compose
mkdir -p /home/ubuntu/.docker/cli-plugins
curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m) >/home/ubuntu/.docker/cli-plugins/docker-compose || exit 1
chmod +x /home/ubuntu/.docker/cli-plugins/docker-compose
chown -R ubuntu:ubuntu /home/ubuntu/.docker
rm /usr/sbin/policy-rc.d
reboot
fi
function el7() {
check_first
echo_start
yum update -y || echo_finish "1"
# set up the repository
yum install -y yum-utils device-mapper-persistent-data lvm2 jq || echo_finish "1"
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo || V
# install docker ce
yum install -y docker-ce || echo_finish "1"
service_check "docker"
# install latest Docker Compose
mkdir -p /root/.docker/cli-plugins
curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m) >/root/.docker/cli-plugins/docker-compose || exit 1
chmod +x /root/.docker/cli-plugins/docker-compose
echo_finish
reboot
}
function check_first() {
LOGFILE="/root/.sakuravps/startup.log"
CRONFILE="/etc/cron.d/dockercompose-install"
if [ ! -f ${CRONFILE} ]; then
CRON_PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
echo -e "PATH=${CRON_PATH}\n* * * * * root rm -f ${LOGFILE}; /bin/bash $0 2>&1 | tee -a ${LOGFILE}" >${CRONFILE}
exit 0
else
rm -f ${CRONFILE}
fi
}
function echo_start() {
set +x
echo "======================================================================"
echo " STARTUP SCRIPTS START "
echo "======================================================================"
set -x
}
function echo_finish() {
EXITCODE=$1
set +x
echo "======================================================================"
echo " STARTUP SCRIPTS END "
echo "======================================================================"
set -x
if [ "${EXITCODE}" = "" ]; then
return
else
exit ${EXITCODE}
fi
}
function retry_command() {
COMMAND=$1
sleep 3
FAIL_COUNT=0
while [ ${FAIL_COUNT} -lt 5 ]; do
dnf clean all
rm -rf /var/cache/dnf/*
${COMMAND}
if [ "$?" = "0" ]; then
break
else
FAIL_COUNT=$((FAIL_COUNT + 1))
sleep 3
fi
done
if [ ${FAIL_COUNT} -eq 5 ]; then
echo "Command failed five times. So exit."
echo_finish "1"
fi
}
function service_check() {
SERVICE=$1
systemctl status ${SERVICE}.service | grep -q running >/dev/null 2>&1 || systemctl start ${SERVICE}
for i in {1..5}; do
sleep 1
systemctl status ${SERVICE}.service | grep -q running && break
[ "$i" -lt 5 ] || exit 1
done
systemctl enable ${SERVICE}.service || echo_finish "1"
}
### main ###
. /etc/os-release
if [[ "$ID_LIKE" =~ "rhel" ]]; then
test ${VERSION_ID%.*} -eq 7 && el7
test ${VERSION_ID%.*} -eq 8 && el7
test ${VERSION_ID%.*} -eq 9 && el7
fi
↑を任意ファイル名で保存して、sudo で実行
sudo bash install.sh
サーバ再起動かかり、ログアウトさせられる
再ログインして、それぞれインストールされたことを確認
$ docker version
Client: Docker Engine - Community
Version: 20.10.18
$ docker compose version
Docker Compose version v2.11.2
- サーバからgithubにssh接続できるようにkey登録
- リポジトリclone
plaincode_jpnode npm インストール
sudo apt update
sudo apt install nodejs
node -v
sudo apt install npm
npm -v
さくらコンソール - パケットフィルタ設定で、ポート3000を許可
サーバにcloneしてきた、node + docker アプリを起動して、http://[ip]:3000 で接続を確認
plaincode_jpnginx proxy
plaincode_jpサーバにあてたいサブドメインをDNS設定しておく。
ムームードメイン - ムームーDNSの場合
任意ディレクトリに、nginxリバースプロキシ+ssl 用のdocker-compose.ymlを配置。
docker compose up で起動
docker-compose.yml
version: '3'
services:
nginx-proxy:
image: jwilder/nginx-proxy
restart: on-failure
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=jwilder/nginx-proxy
ports:
- 80:80
- 443:443
volumes:
- proxy:/etc/nginx/vhost.d
- proxy:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./certs:/etc/nginx/certs:ro
network_mode: bridge
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: on-failure
depends_on:
- nginx-proxy
volumes:
- proxy:/etc/nginx/vhost.d
- proxy:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./certs:/etc/nginx/certs:rw
network_mode: bridge
volumes:
proxy:
アプリのコンテナの docker-composeファイルに追記し、up で起動。
docker-compose.yml
version: "3.7"
services:
app:
・・・
environment:
VIRTUAL_HOST: xxx.example.com
LETSENCRYPT_HOST: xxx.example.com
LETSENCRYPT_EMAIL: mail@example.com
network_mode: bridge
・・・
https://サブドメイン でアクセスを確認
このスクラップは2022/10/05にクローズされました