WordPress Deployment: Docker, Nginx, Apache, and SSL
Simplify the deployment of your WordPress website with our easy-to-follow guide. Use Docker Compose, Nginx, Apache, and SSL for a seamless installation process.
We will also create volumes so the changes or updates will be preserved while the container restarts.
This setup is tested on Google cloud with an instance running Ubuntu 22.04 OS. You can also make this setup in any cloud services like AWS or, Azure or, DigitalOcean, or any dedicated or VPS servers.
Prerequisites
- Install Docker on Ubuntu 22.04
- Install Docker Compose on Ubuntu 22.04.
Please make sure you have completed all the steps mentioned above.
- Domain pointed to your server IP address.
- Docker installed and configured.
- Docker Compose installed and configured.
Once you have all the prerequisites done, you can proceed to make the setup and configure WordPress.
Create Project Directory
SSH to your server and start by creating a new project directory named wp-project. You can also name it whatever you need.
mkdir wp-projectCreate Docker Compose YML File
Now, navigate inside the project directory and create a new docker-compose.yml file with the following configuration.
cd wp-projectCreate a new docker-compose.yml file.
nano docker-compose.ymlCopy the entire contents below and paste it in the file.
Configure Docker Compose
Make sure to replace the below mentioned environment variables.
docker-compose.ymlversion: "3.9"
services:
wordpress:
container_name: wordpress
image: wordpress:php8.2-apache
restart: always
stdin_open: true
tty: true
environment:
WORDPRESS_DB_HOST: mariadb
WORDPRESS_DB_USER: db_user
WORDPRESS_DB_PASSWORD: db_user_pass
WORDPRESS_DB_NAME: db_name
volumes:
- wordpress_data:/var/www/html
mariadb:
container_name: mariadb
image: mariadb
restart: always
environment:
MYSQL_DATABASE: db_name
MYSQL_USER: db_user
MYSQL_PASSWORD: db_user_pass
MYSQL_RANDOM_ROOT_PASSWORD: 'root_pass'
volumes:
- db_data:/var/lib/mysql
nginx:
container_name: nginx
image: nginx:latest
restart: unless-stopped
ports:
- 80:80
- 443:443
volumes:
- ./nginx/conf:/etc/nginx/conf.d
- ./certbot/conf:/etc/nginx/ssl
- ./certbot/data:/var/www/html
certbot:
container_name: certbot
image: certbot/certbot:latest
command: certonly --webroot --webroot-path=/var/www/html --email youremail@domain.com --agree-tos --no-eff-email -d domain.com -d www.domain.com
volumes:
- ./certbot/conf:/etc/letsencrypt
- ./certbot/logs:/var/log/letsencrypt
- ./certbot/data:/var/www/html
volumes:
db_data:
wordpress_data:Hit CTRL-X followed by Y and ENTER to save and exit the file.
Docker Compose Configuration: Explanation
Here are the configuration details:
- Version: Compose a file version compatible with the Docker Engine. You can check compatibility here.
- Services: Here, we have four services named
WordPress,MariaDB,nginx, andcertbot. - Image: We use the latest WordPress with PHP 8.2, Apache, Mariadb, Nginx, and Certbotimages available in the Docker hub.
- Volumes:
wordpress_data: We have configured this directory to be synced with the directory we wish to use as the web root inside the container.conf: Here, we will place the Nginx configuration file to be synced with the default Nginx conf.d folder inside the container.cedtbot/conf: This is where we will receive the SSL certificate, and this will be synced with the folder we wish to inside the container.ports: Configure the container to listen upon the listed ports.command: The command used to receive the SSL certificate.
- Environment: Here, we list all the environment variables that are available for the WordPress image.
WORDPRESS_DB_HOST: Here, we use the service name of the MariaDB container.WORDPRESS_DB_USER: Same as the one we have configured in mariadb service.WORDPRESS_DB_PASSWORD: Same as the one we have configured in mariadb service.WORDPRESS_DB_NAME: Same as the one we have configured in mariadb service.
Configure Nginx
According to the docker-compose.yml configuration, we need to create the default.conf file inside the nginx/conf directory.
Create the directory besides your docker-compose.yml file to hold the configuration file.
mkdir -p nginx/confCreate a file named default.conf.
nano nginx/conf/default.confPlace the following configurations; here, we use reverse proxy configuration to the wordpress container running Apache.
nginx/conf/default.conf server {
listen [::]:80;
listen 80;
server_name domain.com www.domain.com;
root /var/www/html;
index index.php;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
location / {
try_files $uri @apache;
}
location ~ ^/.user.ini {
deny all;
}
location ~* .(svg|svgz)$ {
types {}
default_type image/svg+xml;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location @apache {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
location ~[^?]*/$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
location ~ .php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
} Hit CTRL-X followed by Y and ENTER to save and exit the file.
Now you have your docker-compose configuration and your Nginx configuration.
Deploy WordPress With Docker Compose
Start the containers using the following command; you will receive the SSL certificates once the containers are started.
docker-compose up -dOnce all containers are started, you will see two additional directories, certbotand WordPress, created alongside your docker-compose.yml file.
The directory wordpress holds all your WordPress website source code.
The directory certbot holds all the files related to your SSL certificates.
To view the containers, you can execute the following command.
docker-compose psConfigure Let’s Encrypt SSL With Nginx
As you have received the Let’s Encrypt SSL certificate, you can configure HTTPS and set up redirection to HTTPS.
Edit the default.conf and make the following changes.
nano nginx/conf/default.confnginx/conf/default.confserver {
listen [::]:80;
listen 80;
server_name domain.com www.domain;
return 301 https://www.domain.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name domain.com;
ssl_certificate /etc/nginx/ssl/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/domain.com/privkey.pem;
return 301 https://www.domain.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name www.domain.com;
ssl_certificate /etc/nginx/ssl/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/domain.com/privkey.pem;
root /var/www/html;
index index.php;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
location / {
try_files $uri @apache;
}
location ~ ^/.user.ini {
deny all;
}
location ~* .(svg|svgz)$ {
types {}
default_type image/svg+xml;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location @apache {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
location ~[^?]*/$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
location ~ .php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://wordpress:80;
}
} Hit CTRL-X followed by Y and ENTER to save and exit the file.
Now, you can restart the Nginx service to load the new configurations.
docker-compose restart nginxNow, you can check your domain name from your browser. You will get a redirection to HTTPS, and you will see the WordPress installation page to complete the installation.
Troubleshooting
Below are some tips for SSH to containers; see the error logs.
SSH to Docker Container
To SSH into the wordpress container, you can use the below command.
docker-compose exec wordpress /bin/bashTo SSH into the nginx container, you can use the below command.
docker-compose exec nginx /bin/bashCheck Container Logs
You can use the below command to check the logs of containers using docker-compose
docker-compose logs -fRestart Containers
You can restart the containers using the restart command easily.
docker-compose restart container_nameReplace container_name with your container name (wordpress, nginx, certbot)
Stop All Docker Containers
You can stop all docker containers using the below command.
docker-compose downRemove All Containers and Volumes
You can use docker-compose to remove all containers and their volumes with the below command.
docker compose rm -fvRemove All Docker Containers
Remove all containers using the following command.
docker rm -f $(docker ps -a -q)Delete All Volumes
You can also delete all volumes using the below command.
docker volume rm $(docker volume ls -q)Start All Containers
With a single Docker compose command, you can start all containers.
docker-compose up -dConclusion
Now you have learned how to install and set up WordPress with Nginx, Apache, PHP 8.2, MariaDB, and Let’s Encrypt with Docker and Docker Compose on Ubuntu 22.04.
Thanks for your time.
