私有云搭建Discourse 博客系统
私有云搭建 Discourse 博客系统
1. 前期准备
- 一台配置合适的服务器(笔记本也可), 装有Ubuntu1804。机器配置局域网 IP: 192.168.10.XXX, 机器的ip 对应配置域名:discourse.test.com
hostname | ip地址 | cpu | 内存 | 磁盘 | 系统版本 | 域名 |
---|---|---|---|---|---|---|
discourse | 192.168.0.175 | 4c | 4g | 20g | ubuntu1804 | discourse.test.com |
登录到系统:
ssh discourse@192.168.0.175
sudo apt update
sudo apt upgrade -y
2. 准备部署文件
sudo -s #为root用户方便后续工作,因此首先切换到root shell
mkdir /var/discourse # 接下来,创建/var/discourse目录,所有与Discourse相关的文件都在此目录下。
git clone https://github.com/discourse/discourse_docker.git /var/discourse #将官方Discourse Docker Image复制到/var/discourse
cd /var/discourse
ls
3. 配置和引导Discourse
从这里,您可以启动安装脚本。
cd /var/discourse
./discourse-setup
您将被问到以下问题:
Discourse的主机名?
输入您要用于Discourse的主机名,例如,discourse.test.com
,其中discourse.test.com
可以用您的域名替换。您需要使用一个域名,因为发送电子邮件时不能用IP地址。
管理员帐户的电子邮件地址?
选择要用于Discourse管理员帐户的电子邮件地址。这个电子邮件地址可以与您的Discourse域名完全无关,可以是您的电子邮件地址。
请注意,当第一个用户注册该电子邮件时,此电子邮件地址将默认成为Discourse管理员。稍后当您从其网络控制面板设置Discourse时,您还需要此电子邮件地址。
Hostname for your Discourse? [discourse.example.com]:
Email address for admin account(s)? [me@example.com,you@example.com]:
SMTP server address? [smtp.example.com]:
SMTP port? [587]:
SMTP user name? [user@example.com]:
SMTP password? [pa$$word]:
Let's Encrypt account email? (ENTER to skip) [me@example.com]:
这里需要您填写您的邮箱相关信息,您可以参考您邮箱的相关设置。
最后,系统会要求您确认刚刚输入的所有设置。确认设置后,脚本将生成一个调用的配置文件app.yml,然后启动引导。
注意:如果您需要在引导后更改或修复这些设置,请编辑/containers/app.yml
文件并运行./launcher rebuild app
否则,您的更改将不会生效。
引导需要2-8分钟,之后将会运行。现在,让我们继续创建一个管理员帐户。
4. 注册管理员帐户
在您的浏览器中访问您的Discourse域名,你将看到下面的页面。
如果您收到502 Bad Gateway错误,请等一两分钟然后刷新重试,Discourse可能尚未完成安装。
页面加载时,单击蓝色注册按钮。您将看到一个名为“注册管理员帐户”的页面,其中包含以下字段:
电子邮件:从下拉菜单中选择您之前提供的电子邮件地址。
用户名:选择用户名。
密码:设置一个强密码。
然后单击表单上的蓝色“注册”按钮提交。您将看到一个对话框,显示确认您的电子邮件。检查收件箱中的确认电子邮件。如果您没有收到,请尝试单击“重新发送激活电子邮件”按钮。
注册管理员帐户后,安装向导将启动并引导您完成Discourse的基本配置。您现在可以浏览它或单击“稍后”跳过。
有时候由于邮件设置问题无法收到注册邮件可以如下操作:
后台创建admin账户
1.在cd /var/discourse
下执行:
./launcher enter app #进入容器
rake admin:create
Email: duanshuaixing@gmail.com
Password:
Repeat password:
Do you want to grant Admin privileges to this account? (Y/n) Y
创建成功,请记住设置的密码和邮箱,然后再次打开论坛网址,发现已经进入了论坛首页
5. 修改配置文件
## this is the all-in-one, standalone Discourse Docker container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild app
##
## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
# - "templates/web.ssl.template.yml" ## 没有开启 支持https
# - "templates/web.letsencrypt.ssl.template.yml" ## 没有开启 支持https
## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache or nginx,
## see https://meta.discourse.org/t/17247 for details
expose:
- "80:80" # http
- "443:443" # https
- "25:25" # SMTP
params:
db_default_text_search_config: "pg_catalog.english"
## Set db_shared_buffers to a max of 25% of the total memory.
## will be set automatically by bootstrap based on detected RAM, or you can override
db_shared_buffers: "4096MB"
## can improve sorting performance, but adds memory usage per-connection
#db_work_mem: "40MB"
## Which Git revision should this container use? (default: tests-passed)
#version: tests-passed
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
EMBER_CLI_PROD_ASSETS: 1
# DISCOURSE_DEFAULT_LOCALE: en
## How many concurrent web requests are supported? Depends on memory and CPU cores.
## will be set automatically by bootstrap based on detected CPUs, or you can override
UNICORN_WORKERS: 8
## TODO: The domain name this Discourse instance will respond to
## Required. Discourse will not work with a bare IP number.
DISCOURSE_HOSTNAME: discourse.test.com
## Uncomment if you want the container to be started with the same
## hostname (-h option) as specified above (default "$hostname-$config")
#DOCKER_USE_HOSTNAME: true
## TODO: List of comma delimited emails that will be made admin and developer
## on initial signup example 'user1@example.com,user2@example.com'
DISCOURSE_DEVELOPER_EMAILS: 'Discourse@test.com'
## TODO: The SMTP mail server used to validate new accounts and send notifications
# SMTP ADDRESS, username, and password are required
# WARNING the char '#' in SMTP password can cause problems!
DISCOURSE_SMTP_ADDRESS: mail.test.com
DISCOURSE_SMTP_PORT: 25
# DISCOURSE_SMTP_USER_NAME:
# DISCOURSE_SMTP_PASSWORD:
#DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
DISCOURSE_SMTP_ENABLE_START_TLS: false # (optional, default true)
#DISCOURSE_NOTIFICATION_EMAIL: noreply@discourse.test.com
DISCOURSE_NOTIFICATION_EMAIL: noreply@test.com
# DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
# DISCOURSE_SMTP_AUTHENTICATION: login
## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
## The http or https CDN address for this Discourse instance (configured to pull)
## see https://meta.discourse.org/t/14857 for details
#DISCOURSE_CDN_URL: https://discourse-cdn.example.com
## The maxmind geolocation IP address key for IP address lookup
## see https://meta.discourse.org/t/-/137387/23 for details
#DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456
## The Docker container is stateless; all data is stored in /shared
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
## Plugins go here
## see https://meta.discourse.org/t/19157 for details
hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
- git clone https://github.com/jonmbake/discourse-ldap-auth.git
- git clone https://github.com/discourse/discourse-solved.git
- git clone https://github.com/discourse/discourse-math.git
- git clone https://github.com/discourse/discourse-voting.git
- git clone https://github.com/discourse/discourse-push-notifications.git
- git clone https://github.com/discourse/discourse-spoiler-alert.git
- git clone https://github.com/discourse/discourse-graphviz.git
- git clone https://github.com/unfoldingWord-dev/discourse-mermaid.git
- git clone https://github.com/discourse/discourse-checklist.git
- git clone https://github.com/discourse/discourse-assign.git
- git clone https://github.com/discourse/discourse-linkify-words.git
- git clone https://github.com/communiteq/discourse-suppress-category-from-latest.git
- git clone https://github.com/discourse/discourse-prometheus.git
- git clone https://github.com/discourse/discourse-docs.git
- git clone https://github.com/discourse/discourse-docs-card-filter.git
- git clone https://github.com/discourse/discourse-translator.git
## Any custom commands to run after building
run:
- exec: echo "Beginning of custom commands"
## If you want to set the 'From' email address for your first registration, uncomment and change:
## After getting the first signup email, re-comment the line. It only needs to run once.
# - exec: rails r "SiteSetting.notification_email='noreply@discuss.streamcomputing.com'"
- exec:
cmd:
- sed -i 's/MinProtocol = TLSv1.2/\#MinProtocol = TLSv1.2/' /etc/ssl/openssl.cnf # 这个注释TLS 配置, 否则SMTP邮件协议不match,发不了邮件
- sed -i 's/CipherString = DEFAULT\@SECLEVEL=2/\#CipherString = DEFAULT\@SECLEVEL=2/' /etc/ssl/openssl.cnf#这个注释TLS 配置
- exec: echo "End of custom commands"
更改或修复这些设置,请编辑/var/discourse/containers/app.yml
文件并运行./launcher rebuild app
否则,您的更改将不会生效。
6. 支持https
- 修改app.yml
/var/discourse/containers/app.yml内修改打开这个注释
- "templates/web.ssl.template.yml"
- 生成证书并导入证书
生成证书参考Certbot自签Let’s Encrypt证书
mkdir -p /var/discourse/shared/standalone/ssl/
cp ssl.crt /var/discourse/shared/standalone/ssl/ssl.crt
cp ssl.key /var/discourse/shared/standalone/ssl/ssl.key
-
重建app
./launcher rebuild app
-
开启强制https
-
重启应用
./launcher restart app
7. 安装插件
./launcher enter app
cd /var/www/discourse/
rake plugin:install repo=https://github.com/unfoldingWord-dev/discourse-mermaid.git
rake plugin:install repo=https://github.com/albertchan/discourse-aliyun-oss.git
rake assets:precompile
exit
./launcher restart app
8. 备份和恢复
-
备份
-
恢复,下载的备份导入到另外一个环境
mkdir -p /var/discourse/shared/standalone/backups/default
scp root@192.168.0.175:/var/discourse/shared/standalone/backups/discourse-2021-04-21-151816-v20210328233843.tar.gz /var/discourse/shared/standalone/backups/default
cd /var/discourse
./launcher enter app
discourse enable_restore
discourse restore discourse-2021-04-21-151816-v20210328233843.tar.gz
9. 卸载
cd /var/discourse
./launcher destroy app
rm -rf /var/discourse/
10. FAQ
构建项目git clone慢可以通过给容器配置vpn或者代理方式解决,建议sshuttle 方式,比较方便
- 用sshuttle 配置连接香港精品线路ecs,-x是排除在隧道外的地址,47.57.14.232是香港ecs,172.17.188.0/24是香港ecs 主机网段、172.18.0.0/16是容器网段
sshuttle -l 0.0.0.0:0 -r root@47.57.14.232 -x 47.57.14.232 -x 127.0.0.1 -x 172.18.0.0/16 -x 172.17.188.0/24 0/0 --dns
docker配置代理
mkdir ~/.docker
cat ~/.docker/config.json
{
"proxies":
{
"default":
{
"httpProxy": "http://47.57.14.232:8080",
"httpsProxy": "http://47.57.14.232:8443",
"noProxy": "127.0.0.1,localhost,172.17.0.0/16,192.168.0.0/24,gems.ruby-china.com
}
}
}
systemctl daemon-reload
systemctl restart docker
cd /var/discourse
./launcher bootstrap app
./launcher start app
https://blog.csdn.net/cumian9828/article/details/108159501
https://blog.csdn.net/weixin_47003048/article/details/115541864
https://meta.discourse.org/t/e-mail-sending-not-working-after-upgrade/129094/4
https://segmentfault.com/a/1190000038571446
https://meta.discourse.org/t/discourse/197803
https://community.jenkins-zh.cn/t/discourse/202
https://meta.discourse.org/t/troubleshooting-email-on-a-new-discourse-install/16326/508
https://meta.discourse.org/t/installing-on-kubernetes/49329/18
https://github.com/discourse/discourse/blob/main/docs/INSTALL-cloud.md#email
https://blog.csdn.net/notsaltedfish/article/details/100058240
https://meta.discourse.org/t/setting-up-https-support-with-lets-encrypt/40709
https://www.bilibili.com/read/cv11701178
https://www.jianshu.com/p/cf793f70184b
https://juejin.cn/post/6933956151679647752
https://cloud.tencent.com/developer/article/1165121
https://blog.mimvp.com/article/38101.html
https://blog.csdn.net/weixin_47003048/article/details/118488357