Friday, May 20, 2022
Build wordpress with docker-compose and cloudflare
Build wordpress with docker-compose and cloudflare
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg –dearmor -o /etc/apt/keyrings/docker.gpg
echo
“deb [arch=$(dpkg –print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu
$(lsb_release -cs) stable” | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update sudo apt -y upgrade sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose vim sudo systemctl enable docker –now sudo mkdir -p /opt/wordpress/nginx
cd /opt/wordpress
sudo vim docker-compose.yml
version: '3'
services:
db:
image: mysql:latest
container_name: db
restart: always
environment:
MYSQL_ROOT_PASSWORD: verysecurepassword
MYSQL_DATABASE: wordpress
MYSQL_USER: wpuser
MYSQL_PASSWORD: P@SSword
volumes:
- dbdata:/var/lib/mysql
wordpress:
image: wordpress:5-fpm-alpine
depends_on:
- db
container_name: wordpress
restart: always
volumes:
- wordpress:/var/www/html
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wpuser
WORDPRESS_DB_PASSWORD: P@SSword
WORDPRESS_DB_NAME: wordpress
webserver:
depends_on:
- wordpress
image: nginx:mainline-alpine
container_name: webserver
restart: always
ports:
- "443:443"
volumes:
- wordpress:/var/www/html
- /opt/wordpress/nginx/:/etc/nginx/conf.d
volumes:
wordpress:
dbdata:
sudo vim nginx/cert.pem sudo vim nginx/key.pem sudo vim nginx/nginx.conf
server {
listen 443 ssl http2;
ssl_certificate conf.d/cert.pem;
ssl_certificate_key conf.d/key.pem;
server_name wp-docker.winglab.net;
root /var/www/html;
index index.php index.html index.htm;
server_tokens off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off; access_log off;
}
location = /favicon.svg {
log_not_found off; access_log off;
}
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
docker-compose up -d