安装Docker

# Update the apt package index and install packages to allow apt to use a repository over HTTPS:
sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
    
# Add Docker’s official GPG key:
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

# Use the following command to set up the stable repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  
# Install Docker Engine
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

# Verify that Docker Engine is installed correctly by running the hello-world image
docker run hello-world

安装 Docker Compose

mkdir -p /usr/local/lib/docker/cli-plugins

# 下载Docker Compose （可根据当前版本修改路径）
curl -SL https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose

# 加权限
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

# 确认安装并验证Docker Compose版本号
docker compose version

# 要卸载Docker Compose，您只需删除目录 /usr/local/lib/docker/cli-plugins/docker-compose
sudo rm /usr/local/lib/docker/cli-plugins/docker-compose

使用 ACME 获取 SSL 证书

# Register account
acme.sh  --register-account  -m myemail@example.com --server zerossl

# If you already have an account at www.zerossl.com, 
# you can also register your acme account with External Account Binding(EAB) credentials.
# 1. Generate your EAB credentials at: https://app.zerossl.com/developer
# 2. Register acme account:
docker exec -it acme.sh  --register-account  --server zerossl \
		--eab-kid  xxxxxxxxxxxx  \
		--eab-hmac-key  xxxxxxxxx

# Issue the certificate
docker exec -it acme.sh --issue --dns dns_cf \
		-d example.com \
		-d *.example.com \
		-k ec-256
		
# Install the certificate
docker exec -it acme.sh --install-cert --ecc \
		-d example.com \
		-d *.example.com \
		--key-file /etc/ssl_cert/example.com.key \
		--fullchain-file /etc/ssl_cert/example.com.crt

SSL 证书更新后 利用脚本自动重启

# 加可执行
chmod +x restart.sh

利用相关Docker Compose 配置文件配置

到此就可以用相关 YAML 文件部署了