Lsky Pro(Docker)500 排障与NAS挂载笔记(从“UID/GID=33”开始)
目标:把图片与运行数据落到 /mnt/nas_lsky/lsky-data(CIFS/群晖),并解决首页 HTTP 500。以下从把 NAS 以 www-data(www=33:33) 映射开始整理。
0. 统一约定
- 容器名:
lsky - 容器内 Web 根:
/var/www/html 仅映射两处:
/mnt/nas_lsky/lsky-data/storage→/var/www/html/storage/mnt/nas_lsky/lsky-data/.env→/var/www/html/.env(必须是文件,不是目录)
1. CIFS 正确挂载(以 www-data 身份呈现)
/etc/fstab 增加一行:
//10.10.x.x/service /mnt/nas_lsky cifs credentials=/etc/samba/creds-nas,uid=33,gid=33,dir_mode=0775,file_mode=0664,iocharset=utf8,vers=3.0,sec=ntlmssp,_netdev,nofail,x-systemd.automount 0 0凭据文件示例:
sudo tee /etc/samba/creds-nas >/dev/null <<'EOF'
username=backup
password=你的密码
domain=WORKGROUP
EOF
sudo chmod 600 /etc/samba/creds-nas加载校验:
sudo systemctl daemon-reload
sudo mount -a
findmnt /mnt/nas_lsky
ls -ld /mnt/nas_lsky/lsky-data /mnt/nas_lsky/lsky-data/storage关键参数:uid=33,gid=33,dir_mode=0775,file_mode=0664。2. Compose 映射不要覆盖程序目录
services:
lsky:
image: dko0/lsky-pro:latest
container_name: lsky
ports:
- "8089:80"
environment:
- TZ=Asia/Shanghai
- APP_ENV=prod
volumes:
- /mnt/nas_lsky/lsky-data/storage:/var/www/html/storage
- /mnt/nas_lsky/lsky-data/.env:/var/www/html/.env
restart: unless-stopped.env必须是文件。若误挂成目录,请:rm -rf /mnt/nas_lsky/lsky-data/.env && touch /mnt/nas_lsky/lsky-data/.env。
3. 容器内“运行期四件套”修复
3.1 生成/修复 .env 与 APP_KEY
docker exec -it lsky sh -lc '
cd /var/www/html
[ -f .env ] || cp .env.example .env
php artisan key:generate --force
'3.2 必需目录与权限
docker exec -it lsky sh -lc '
cd /var/www/html
mkdir -p storage/logs storage/framework/{cache,sessions,views} bootstrap/cache
chown -R www-data:www-data storage bootstrap/cache
chmod -R 775 storage bootstrap/cache
'3.3 清缓存/重建缓存
docker exec -it lsky sh -lc "
cd /var/www/html
php artisan optimize:clear
php artisan config:cache
"4. 先用 SQLite 跑通
docker exec -it lsky sh -lc '
cd /var/www/html
touch database/database.sqlite
chown www-data:www-data database/database.sqlite
chmod 664 database/database.sqlite
'
docker exec -it lsky sh -lc '
php -r "
$f="/var/www/html/.env";
$s=file_get_contents($f);
function setkv(&$t,$k,$v){
if (preg_match("/^".$k."=.*/m", $t)) { $t=preg_replace("/^".$k."=.*/m", $k."=".$v, $t); }
else { $t .= "\n".$k."=".$v."\n"; }
}
setkv($s,"DB_CONNECTION","sqlite");
setkv($s,"DB_DATABASE","/var/www/html/database/database.sqlite");
foreach (["DB_HOST","DB_PORT","DB_USERNAME","DB_PASSWORD"] as $k) {
if (preg_match("/^".$k."=.*/m", $s)) { $s=preg_replace("/^".$k."=.*/m", $k."=", $s); }
}
file_put_contents($f,$s);
"
'
docker exec -it lsky sh -lc "
cd /var/www/html
php artisan optimize:clear
php artisan config:cache
"5. 常见 500 根因与对策
| 症状 | 原因 | 解决方式 |
|---|---|---|
| 空白页 / 500 | APP_KEY 缺失 | php artisan key:generate --force |
| storage 不可写 | 权限不足 | 确保 uid=33,gid=33 挂载,并 chmod 775 |
.env 是目录 | 误映射 | 删除目录改为文件 |
| sed -i 报错 | CIFS 不支持 rename | 用 PHP 覆盖写入 |
| 程序目录被映射空 | 映射错误 | 仅映射 storage 和 .env |
6. 诊断命令
docker logs --tail=200 lsky
docker exec -it lsky sh -lc 'tail -n 200 /var/www/html/storage/logs/laravel*.log || echo "no laravel log"'
docker exec -it lsky sh -lc '
cd /var/www/html
grep -n "^APP_KEY=" .env || echo NO_APP_KEY
grep -E "DB_CONNECTION|DB_DATABASE|DB_HOST|DB_PORT" -n .env
echo ok > storage/logs/test.txt && cat storage/logs/test.txt && rm storage/logs/test.txt
ls -ld storage bootstrap/cache storage/framework/{cache,sessions,views} 2>/dev/null
'7. 收尾与建议
- 启动顺序:NAS 挂载 → 启容器。
- 备份项:
storage/、.env、数据库。 - 用 Nginx/Caddy 反代开启 HTTPS、防盗链。
- 监控:可配合 Uptime Kuma 检测 HTTP / 容器存活。
8. 附加命令
docker exec -it lsky sh -lc 'echo "ServerName localhost" > /etc/apache2/conf-available/servername.conf && a2enconf servername && apachectl -k graceful'
docker exec -it lsky sh -lc 'php artisan optimize:clear && php artisan config:cache'
docker exec -it lsky sh -lc 'php artisan migrate --force || true'