-
Created by
虚拟的现实, last updated on Feb 25, 2026
7 minute read
1. 简介
容器的自定义操作参考自行创建 Docker 镜像
Confluence 的安装配置操作步骤繁琐,有很多需要注意的地方。不同版本间的配置都存在差异。利用 Docker 的功能实现配置项目的整合
2. 创建新镜像
2.1. 生成合适的版本
cat > opt/wiki/Dockfile << EOF FROM atlassian/confluence-server RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt RUN keytool -import -trustcacerts -alias proxy_root -file /tmp/marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt COPY --chown=confluence:confluence ./deps/mysql-connector-java-5.1.49.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/ COPY --chown=confluence:confluence ./deps/mysql-connector-java-8.0.28.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/ COPY ./deps/atlassian-agent.jar /var/atlassian/ RUN chmod +x /var/atlassian/atlassian-agent.jar COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc RUN mv /opt/atlassian/confluence/bin/setenv.sh /tmp COPY ./deps/setenv.sh /opt/atlassian/confluence/bin/ EOF docker build -t confluence:7.7 .
FROM atlassian/confluence:latest
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt
RUN openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt
RUN openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt
RUN keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt
RUN keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt
RUN keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
ENV JAVA_OPTS="-javaagent:/var/atlassian/atlassian-agent.jar ${JAVA_OPTS}"
USER root
COPY ./deps/atlassian-agent.jar /var/atlassian/
RUN chmod 755 /var/atlassian/atlassian-agent.jar
COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc
2.2. 解决时间戳不正确
默认 Confluence 使用的是东一区(零时区)的时间制式,想解决时区问题,需要先在 environment 字段内指定 CATALINA_OPTS 参数内容。也可以把对应的参数整合到 setenv.sh 文件中
environment: - 'CATALINA_OPTS= -Duser.timezone=GMT+08'
另外,为了避免容器和宿主机时间不一致,可以将本机的 localtime 挂载到容器中。
volumes: - /etc/localtime:/etc/localtime:ro
2.3. 解决应用卡顿
之前的完整配置将会使用 Confluence 默认资源运行服务,程序最大使用内存是 1GB,当团队人数和内容多了之后,由于资源不足,会让服务运行变慢,最简单的解决方案就是增加资源。只需要在 environment 字段内声明下面内容即可。
environment: - 'JVM_MINIMUM_MEMORY=4096m' - 'JVM_MAXIMUM_MEMORY=8192m'
2.4. 解决中文文档不能预览
由于默认容器镜像不包含中文字体,当我们想预览一个中文文档的时候,得到的结果会是一堆“口口口”方块。
解决这个问题的第一步是为镜像系统安装中文字体,下载一些中文字体 ( ttf/ttc ),比如宋体、楷体,将文件命名为:simsun.ttf、simkai.ttc,然后保存在 fonts 文件夹中,然后挂载到容器系统中。
environment: - 'CATALINA_OPTS= -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/usr/local/share/fonts/ '
2.5. 解决应用市场不能访问
keytool -import -trustcacerts -alias proxy_root -file marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
2.6. 解决 graphviz 无法显示
apt install graphviz
2.7. 解决 PlantUML 的中文乱码问题
原因是缺少中文字体,安装好中文字体即可。可以直接引用添加的中文字体 /var/confluence/fonts/simsun.ttc
apt install fontconfig xfonts-utils mkdir -p /usr/share/fonts/simsun cd /usr/share/fonts/simsun cp /var/confluence/fonts/simsun.ttc ./ mkfontscale mkfontdir fc-cache -fv
3. 全新创建 confluence 容器镜像
通过上面方式创建的容器镜像有几个问题:
- 直接引用官网文件,容器体积较大
- 只能使用官网自定义的路径
- 构建文件不够灵活,不同的版本需要调整的内容比较多
- 需要完成 confluence 后才能使用 docker-compose 配置文件的模式
全新创建的方式更具灵活性,考虑互联网的因素,这里采取先将对应的文件下载好在复制到容器镜像里的方式。同时数据库采用 MySQL 架构
3.1. Dockerfile
FROM openjdk:11-bullseye
LABEL maintainer="waringid <waringid@gmail.com>" version="8.8.1"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=8.8.1
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]
├── deps
│ ├── atlassian-agent.jar
│ ├── atlassian-confluence-8.8.1.tar.gz
│ ├── mysql-connector-java-8.0.28.jar
│ └── simsun.ttc
└── Dockerfile
4. Dockerfile-9.0.3
FROM openjdk:17-bullseye
LABEL maintainer="waringid <waringid@gmail.com>" version="9.0.3"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=9.0.3
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]
5. Dockerfile-9.2.0
FROM openjdk:17-bullseye
LABEL maintainer="waringid <waringid@gmail.com>" version="9.2.0"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=9.2.0
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt \
&& sed -i -e "s/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/" /etc/apt/sources.list \
&& sed -i -e "s/security.debian.org/mirrors.tuna.tsinghua.edu.cn/" /etc/apt/sources.list \
&& apt -y update \
&& apt -y install graphviz
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]
6. Dockfile-9.5.1
和上一个版本相比,该版本将 Java 环境调整为 Eclipse Temurin 21.0.7.6 ,详细的 Confluence 版本和 Java 版本的对应情况可以参考官网说明。这个 Dockfile 将原有镜像的 OpenJDK 调整为 Temurin 的版本主要有2个原因
- OpenJDK 的版本没有整合系统字体而 Temurin 的版本有,Confluence 依赖 java 环境的字体
- OpenJDK 的 java 版本信息只显示 21 的大版本信息(21),没有小版本的记录,Temurin 的 java 展示细致的版本信息(21.0.7.6)。Confluence 的健康检查在使用 OpenJDK 的版本会提示系统版本不兼容的警告
该版本的主要调整了以下内容
- 为系统增加了中文字体(simsum.ttc)
- 安装了字体配置组件和 graphviz ,确保 graphviz 和 plantUML 的图形展示正常
- 将 java 版本由 openjdk 调整为 Temurin
可以直接从这里下载:Dockerfile
7. 版本 9.5.4
9.5.4 承接 9.5.1 版本,和 9.5.1 版本主要的区别在于将相关的环境变量配置到基础镜像中,主要有以下的调整
- 基础镜像结合启动脚本集成环境变量,所有的调整基于环境变量实现。包括 setenv.sh 和 server.xml 文件的内容
- 数据库版本更新为 pgsql 17.8
- 添加 confluence 用户并以该用户运行(之前的版本以 root 用户执行)
- 增加 xmlstarlet 指令动态调整 server.xml 文件的内容
- 引入 tini 作为 init 启动的初始化指令(tini 作为 PID 1,能正确处理信号和回收僵尸进程,确保优雅关闭。)
- 通过自定义脚本的 processCatalinaDefaultConfiguration 将启动参数写入 setenv.sh
- 添加了 postgresql-client 用于数据库连接管理
- 增加等待脚本,集成数据库等待功能
- 增加了证书相关的配置和内容
7.1. Dockerfile-9.5.4
# 使用 Eclipse Temurin JDK 21 基于 Ubuntu Noble
FROM eclipse-temurin:21-noble
LABEL maintainer="waringid <waringid@gmail.com>" version="9.5.4"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=9.5.4
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
# 用户与组配置
ARG CONTAINER_UID=1001
ARG CONTAINER_GID=1001
ARG CONTAINER_USER=confluence
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib \
# 数据库连接环境变量(用于 wait-for-it)
CONFLUENCE_DB_HOST=db \
CONFLUENCE_DB_PORT=5432 \
# 日志路径自定义
CONFLUENCE_LOGFILE_LOCATION= \
# 定义 JRE_HOME 指向 JAVA_HOME(Temurin 镜像中 JAVA_HOME 已设置)
JRE_HOME=$JAVA_HOME
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
# 创建 confluence 用户和组
RUN addgroup --gid ${CONTAINER_GID} ${CONTAINER_USER} \
&& adduser --uid ${CONTAINER_UID} \
--gid ${CONTAINER_GID} \
--home /home/${CONTAINER_USER} \
--shell /bin/bash \
--disabled-password \
--gecos "" ${CONTAINER_USER}
# 复制依赖文件(全部从 deps 目录)
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
COPY ./deps/simsun.ttc /usr/share/fonts/simsun/
COPY ./deps/upm.properties /var/atlassian/confluence/upmconfig/upm.properties
COPY ./deps/confluence.cfg.xml.tpl ${CONFLUENCE_HOME}/confluence.cfg.xml
COPY ./deps/docker-entrypoint.sh /home/${CONTAINER_USER}/docker-entrypoint.sh
COPY ./deps/wait-for-it.sh /usr/local/bin/wait-for-it
COPY ./deps/custom_scripts.sh /usr/local/bin/custom_scripts.sh
# 替换 Ubuntu 源为清华源并安装系统依赖
RUN sed -i 's/archive.ubuntu.com/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list \
&& sed -i 's/security.ubuntu.com/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
graphviz \
fontconfig \
xfonts-utils \
xmlstarlet \
postgresql-client \
tini \
ghostscript \
ttf-mscorefonts-installer \
wget \
curl \
&& fc-cache -f \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# 导入 Atlassian 证书(保留 export KEYSTORE 和 SSLPoke 下载)
RUN export KEYSTORE=$JRE_HOME/lib/security/cacerts \
&& wget -O /home/${CONTAINER_USER}/SSLPoke.class https://confluence.atlassian.com/kb/files/779355358/779355357/1/1441897666313/SSLPoke.class \
&& openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt \
&& rm /tmp/*.crt
# 创建目录并解压 Confluence
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} /usr/share/fonts/simsun \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C ${CONFLUENCE_INSTALL} --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
# 配置中文字体
RUN cd /usr/share/fonts/simsun/ \
&& mkfontscale \
&& mkfontdir
# 配置 UPM(插件管理)以允许上传插件(权限已保持 root:root 只读)
RUN mkdir -p /var/atlassian/confluence/upmconfig/ \
&& chown root:root /var/atlassian/confluence/upmconfig
COPY ./deps/upm.properties /var/atlassian/confluence/upmconfig/upm.properties
RUN chmod u=r,g=r,o=r /var/atlassian/confluence/upmconfig/upm.properties \
&& chown root:root /var/atlassian/confluence/upmconfig/upm.properties
# 设置执行权限
RUN chmod +x /home/${CONTAINER_USER}/docker-entrypoint.sh \
&& chmod +x /usr/local/bin/wait-for-it \
&& chmod +x /usr/local/bin/custom_scripts.sh
# 调整目录权限给 confluence 用户
RUN chown -R ${CONTAINER_USER}:${CONTAINER_USER} ${CONFLUENCE_HOME} \
&& chown -R ${CONTAINER_USER}:${CONTAINER_USER} ${CONFLUENCE_INSTALL} \
&& chown -R ${CONTAINER_USER}:${CONTAINER_USER} ${AGENT_PATH} \
&& chown -R ${CONTAINER_USER}:${CONTAINER_USER} /home/${CONTAINER_USER} \
&& chown ${CONTAINER_USER}:${CONTAINER_USER} /usr/local/bin/wait-for-it \
&& chown ${CONTAINER_USER}:${CONTAINER_USER} /usr/local/bin/custom_scripts.sh
# 暴露端口
EXPOSE 8090 8091
# 切换到 confluence 用户
USER ${CONTAINER_USER}
# 设置工作目录
WORKDIR ${CONFLUENCE_HOME}
# 使用 tini 作为 init 系统,并启动入口脚本
ENTRYPOINT ["/usr/bin/tini", "--", "/home/confluence/docker-entrypoint.sh"]
# 默认命令
CMD ["confluence"]
7.2. wiki.yml
version: '3'
services:
db:
image: postgres:17.8-alpine
container_name: postgres
restart: always
environment:
- POSTGRES_USER=confluence
- POSTGRES_PASSWORD=www.password.com
- POSTGRES_DB=confluence
- POSTGRES_ENCODING=UTF8
- POSTGRES_COLLATE=C
- POSTGRES_COLLATE_TYPE=C
volumes:
- /data/wiki/pgsql:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
networks:
- wiki-net
wiki:
image: wiki:9.5.4
container_name: wiki1
restart: always
ports:
- 8090:8090
- 8091:8091
environment:
# 数据库连接(必须)
- CONFLUENCE_DB_HOST=db
- CONFLUENCE_DB_PORT=5432
# 代理配置(如果使用挂载的 server.xml,可不设,但建议保留以便脚本备用)
- CONFLUENCE_PROXY_NAME=wiki.example.com
- CONFLUENCE_PROXY_PORT=80
- CONFLUENCE_PROXY_SCHEME=http
# JVM 参数(内存、agent、时区、字体路径)
- CATALINA_OPTS=-XX:ReservedCodeCacheSize=512m -Xms2048m -Xmx4096m -javaagent:/var/agent/atlassian-agent.jar -Duser.timezone=Asia/Shanghai -Dconfluence.document.conversion.fontpath=/var/confluence/fonts/
# Agent 路径变量(如果镜像默认路径不一致,可覆盖)
- AGENT_PATH=/var/agent
- AGENT_FILENAME=atlassian-agent.jar
volumes:
- /data/wiki/data:/var/confluence
- /etc/localtime:/etc/localtime:ro
#- /data/wiki/deps/server.xml:/opt/confluence/conf/server.xml:ro # 建议改为 ro
depends_on:
- db
networks:
- wiki-net
networks:
wiki-net:
driver: bridge
7.3. 其它相关文件
构建前确保 /deps/ 目录包含以下文件:
- atlassian-agent.jar
- atlassian-confluence-9.5.4.tar.gz
- mysql-connector-java-8.0.28.jar
- simsun.ttc
- upm.properties
- confluence.cfg.xml.tpl(可从已有 Confluence 安装复制或创建模板)
- docker-entrypoint.sh
- wait-for-it.sh
- custom_scripts.sh
可以点击这里下载完整的文件 wiki-9.5.4.tar.gz
7.4. 启动
首次启用需要配置目录权限为容器用户的权限
sudo mkdir -pv /data/wiki/{data,pgsql}
sudo chown -R 1001:1001 /data/wiki/{data,pgsql}
sudo docker compose -f wiki.yml up -d
8. wiki-9.0.3.yml
version: '3'
services:
db:
image: chaitin/safeline-postgres:15.2
# image: postgres:14.2-alpine
container_name: postgres
restart:
always
environment:
- 'POSTGRES_USER=confluence'
- 'POSTGRES_PASSWORD=passwordcom'
- 'POSTGRES_DB=confluence'
- 'POSTGRES_ENCODING=UTF8'
- 'POSTGRES_COLLATE=C'
- 'POSTGRES_COLLATE_TYPE=C'
volumes:
- /data/wiki/pgsql:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
wiki:
image: wiki:9.0.3
container_name: wiki1
restart:
always
ports:
- 8090:8090
- 8091:8091
environment:
- 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
- 'CATALINA_OPTS= -XX:ReservedCodeCacheSize=512m -Xms2048m -Xmx4096m -javaagent:/var/agent/atlassian-agent.jar -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/var/confluence/fonts/'
- 'CATALINA_CONNECTOR_PROXYPORT=443'
- 'CATALINA_CONNECTOR_SCHEME=https'
volumes:
- /data/wiki/data:/var/confluence
- /etc/localtime:/etc/localtime:ro
- /data/wiki/deps/server_8.8.1.xml:/opt/confluence/conf/server.xml:rw
depends_on:
- db
9. 生成序列号
docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \ -p conf -d \ -m a@b.com \ -n name \ -o http://127.0.0.1:8090 \ -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \ -p com.mxgraph.confluence.plugins.diagramly \ -d -m a@b.com \ -n name \ -o http://127.0.0.1:8090 \ -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id docker exec wiki1 java -jar /var/agent/atlassian-agent.jar -p com.tensixtwo.conf.latexmath \ -d -m a@b.com -n name -o http://127.0.0.1:8090 -s BOOR-9D2Y-X97Z-GG1L
10. 备份数据库
pg_dump -U confluence -d confluence -f db_confluence_backup_2024_01_30.sql
1 Comment
Anonymous
Nov 17, 2025站长,confluence底部的版本号怎么隐藏?
Add Comment