Docker Compose: Automating WordPress

Set up a WordPress site with MySQL using Docker Compose

In this blog post, we’ll explore how to set up a WordPress site with MySQL using Docker Compose, along with a reverse proxy Nginx server that automatically obtains and renews SSL/TLS certificates from Let’s Encrypt. This setup provides a secure, containerized environment for your WordPress site, making it easier to manage and scale.

Prerequisites

Before we begin, ensure that you have the following installed on your system:

• Docker
• Docker Compose

Step 1: Create the Docker Compose File

Create a new file named docker-compose.yml and add the following content:

version: '3'

services:

  wordpress:
    image: wordpress:latest
    restart: always
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: exampleuser
      WORDPRESS_DB_PASSWORD: examplepass
      WORDPRESS_DB_NAME: exampledb
    volumes:
      - wordpress:/var/www/html

  db:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_DATABASE: exampledb
      MYSQL_USER: exampleuser
      MYSQL_PASSWORD: examplepass
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db:/var/lib/mysql

  nginx:
    image: nginx:latest
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - wordpress:/var/www/html
      - certbot-etc:/etc/letsencrypt
      - certbot-var:/var/lib/letsencrypt
    depends_on:
      - wordpress

  certbot:
    image: certbot/certbot
    restart: unless-stopped
    volumes:
      - certbot-etc:/etc/letsencrypt
      - certbot-var:/var/lib/letsencrypt
      - ./data/certbot/conf:/etc/letsencrypt
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

volumes:
  wordpress:
  db:
  certbot-etc:
  certbot-var:

This Docker Compose file defines four services:

1. wordpress: The WordPress container, which depends on the db service for the MySQL database.
2. db: The MySQL database container for WordPress.
3. nginx: The Nginx reverse proxy server, which handles incoming HTTP and HTTPS traffic and forwards requests to the WordPress container. It also manages SSL/TLS certificates using Let’s Encrypt.
4. certbot: The Certbot container, which automatically obtains and renews SSL/TLS certificates from Let’s Encrypt.

Step 2: Configure Nginx

Create a new file named nginx.conf and add the following content:

events {
  worker_connections 1024;
}

http {
  server {
    listen 80;
    server_name example.com www.example.com;

    location /.well-known/acme-challenge/ {
      root /var/www/html;
    }

    location / {
      return 301 https://$server_name$request_uri;
    }
  }

  server {
    listen 443 ssl;
    server_name example.com www.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
      proxy_pass http://wordpress:80;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
  }
}

Replace example.com and www.example.com with your actual domain name. This Nginx configuration file sets up a reverse proxy server that listens on ports 80 and 443. It redirects HTTP traffic to HTTPS and forwards HTTPS requests to the WordPress container.

Step 3: Initialize the Containers

1. Create a directory named data with a subdirectory certbot/conf:

mkdir -p data/certbot/conf

2. Create an empty file named data/certbot/conf/options-ssl-nginx.conf to store additional Nginx SSL configuration options.
3. Run the following command to start the containers:

docker-compose up -d

This command will download the required Docker images, create the containers, and start the services.

Step 4: Obtain the SSL/TLS Certificate

1. Run the following command to obtain the initial SSL/TLS certificate from Let’s Encrypt:

docker-compose run --rm certbot certonly --webroot -w /var/www/html -d example.com -d www.example.com

Replace example.com and www.example.com with your actual domain name.

2. After the certificate is obtained, restart the Nginx container to apply the changes:

docker-compose restart nginx

Your WordPress site should now be accessible at https://example.com (replace example.com with your domain name) with a valid SSL/TLS certificate from Let’s Encrypt. The certificate will be automatically renewed every 90 days by the certbot container.

Conclusion

In this blog post, we’ve covered how to set up a WordPress site with MySQL using Docker Compose, along with a reverse proxy Nginx server that automatically obtains and renews SSL/TLS certificates from Let’s Encrypt. This setup provides a secure, containerized environment for your WordPress site, making it easier to manage and scale.

Remember to replace example.com and www.example.com with your actual domain name throughout the configuration files and commands. Additionally, ensure that your domain is properly configured with the correct DNS settings to point to your server’s IP address.