Cài đặt ban đầu cho server
- Server CentOS 8: 8GB Ram, 16 cpu
- Cài docker
# Cài docker
yum install -y yum-utils
sudo yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo systemctl start docker
sudo systemctl status docker
sudo systemctl enable docker
docker --version
# Cài docker compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version- Cài nginx
sudo dnf install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl status nginx- Sinh cặp ssh key để pull code từ github về. Key nằm trong ~/.ssh/id_rsa.pub
ssh-keygen- Tạo user, directory chứa code
adduser
adduser doc5s
passwd doc5s
su doc5s
sudoer
visudo
su doc5s
cd /home/doc5s/doc5s/code- Pull code
git fetch
git branch
# Nếu chưa ở main
git checkout main
git pull- Check container có chạy lên ko. Nếu trạng thái là Exited thì phải dùng lệnh check log để check, còn ko sao thì ok.
docker ps -aKết quả các container sẽ show ra như này
- Sử dụng nginx làm reverse proxy về các port của container. Port api sẽ forward về 3001 (NestJS), port client sẽ forward về 3000 (NextJS). Cấu hình nằm trong thư mục /etc/nginx/conf.d/
- Nội dung file nginx /etc/nginx/conf.d/nhaplieu.com.conf
server { if ($host = nhaplieu.com) { return 301 https://$host$request_uri; } # managed by Certbot # Redirect HTTP to HTTPS listen 80; server_name nhaplieu.com; return 301 https://$host$request_uri; } server { listen 443 ssl; server_name nhaplieu.com; proxy_read_timeout 3600; proxy_connect_timeout 3600; proxy_send_timeout 3600; # SSL configuration # ssl_certificate /opt/ssl_sohoa.online/sohoa_online_certificate.crt; # ssl_certificate_key /opt/ssl_sohoa.online/sohoa_online_privkey.key; # ssl_trusted_certificate /opt/ssl_sohoa.online/sohoa_online_rootca.crt; # ssl_protocols TLSv1.2 TLSv1.3; # ssl_ciphers HIGH:!aNULL:!MD5; # Reverse proxy to NestJS backend location /api { proxy_pass http://localhost:3001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } # Reverse proxy to fe location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } # Optional: Add error logging error_log /var/log/nginx/nhaplieu_com_error.log; access_log /var/log/nginx/nhaplieu_com_access.log; ssl_certificate /etc/letsencrypt/live/nhaplieu.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/nhaplieu.com/privkey.pem; # managed by Certbot }
- Nội dung file nginx /etc/nginx/conf.d/nhaplieu.com.conf
- Một vài câu lệnh khác
# Check log nginx
sudo tail -f /var/log/nginx/error.log
systemctl restart nginx
sudo tail -f /var/log/nginx/error.log
journalctl -xe
# Check log container
docker logs -f --tail 100 code-api-1
docker logs code-api-1- Docker compose Staging
version: '3'
services:
api-staging:
build:
context: ./api
dockerfile: Dockerfile
args:
- NODE_ENV=staging
ports:
- 4001:3001
depends_on:
- redis-staging
worker-staging:
build:
context: ./api
args:
- NODE_ENV=staging
command: npm run start:worker
env_file:
- ./api/.env.production
depends_on:
- redis-staging
client-staging:
build:
context: ./client
dockerfile: Dockerfile
args:
- NODE_ENV=staging
ports:
- 4000:3000
redis-staging:
image: redis:7.2-alpine
container_name: redis-staging
restart: unless-stopped
ports:
- "6379:6379"
volumes:
- redis_data-staging:/data
volumes:
redis_data-staging:
No Comments