目录准备
mkdir -p /www/mariadb/data/mariadb
挂载初始化脚本
-- ./data/init.sql
-- mysql -u root -p
-- root用户
CREATE USER IF NOT EXISTS 'root'@'172.%' IDENTIFIED BY '123456';
CREATE USER IF NOT EXISTS 'root'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'172.%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION;
-- 创建数据库
CREATE DATABASE IF NOT EXISTS forgejo_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE DATABASE IF NOT EXISTS kc_portfolio CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-- ghost用户
CREATE USER IF NOT EXISTS 'ghost'@'172.%' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON forgejo_db.* TO 'ghost'@'172.%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON kc_portfolio.* TO 'ghost'@'172.%' WITH GRANT OPTION;
-- 刷新生效
FLUSH PRIVILEGES;docker-compose.yml - 官方
services:
mariadb:
image: mariadb:12.2.2-noble
container_name: mariadb
restart: unless-stopped
environment:
- MARIADB_ROOT_PASSWORD=123456
volumes:
- ./data/mariadb:/var/lib/mysql
- ./data/init.sql:/docker-entrypoint-initdb.d/init.sql:ro
- /etc/localtime:/etc/localtime:ro
networks:
- ghost_net
networks:
ghost_net:
external: truemariadb.stream
# MariaDB TCP 代理(生产增强版)
# limit_conn_zone只能由一个,不能共存
limit_conn_zone $binary_remote_addr zone=addr:10m;
upstream mariadb_backend {
server mariadb:3306 max_fails=3 fail_timeout=30s;
}
server {
listen 3306 so_keepalive=on;
proxy_pass mariadb_backend;
proxy_connect_timeout 5s;
proxy_timeout 600s;
proxy_buffer_size 16k;
proxy_socket_keepalive on;
limit_conn addr 50;
limit_conn_log_level warn;
}