Docker runs WordPress through Nginx reverse proxy to open HTTPS binding domain name
This article uses docker-compose to run wordpress, uses the existing mysql database, and the external nginx opens https reverse proxy to wordpress. If your domain name has not been filed, please file it first.
startup files
Write wordpress.yml,Then execute docker-compose -f wordpress.yml up -d to start the container
172.18.0.1:3308 is my own mysql address
version: "3"
services:
wordpress:
image: wordpress:latest
ports:
- "8000:80"
restart: always
volumes:
- /opt/wordpress:/var/www/html
environment:
- WORDPRESS_DB_HOST=172.18.0.1:3308
- WORDPRESS_DB_USER=wordpress
- WORDPRESS_DB_PASSWORD=wordpressIf you do not have a ready-made mysql database before, you can write the configuration file according to the tutorial on the official website
version: '3.1'
services:
wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
- /opt/wordpress:/var/www/html
db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- /opt/mysql:/var/lib/mysqlHere you need to go to the wordpress backend to configure the address and modify it to our last address with the domain name.
Access ip:8000/wp-admin
Configure Nginx
Here, use nginx to open https and reverse proxy to worpress. If nginx is not installed, please install nginx first. HTTPS certificate can go to Alibaba Cloud to apply for a free SSL certificate. There are many pits here. Please pay attention to the configuration file.
Our case domain name is aispider.cc, we redirect all domain names to https://www.aispider.cc
vi /etc/nginx/nginx.conf
server {
listen 80;
server_name aispider.cc;
location / {
if ($host !~* ^www) {
set $name_www www.$host;
rewrite ^(.*) https://$name_www$1 permanent;
}
rewrite ^(.*) https://$host$1 permanent;
}
}
server {
listen 80;
server_name www.aispider.cc;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443 ssl http2 default_server;
server_name www.aispider.cc;
ssl_certificate "/opt/cer/aispider.cc.pem";
ssl_certificate_key "/opt/cer/aispider.cc.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers PROFILE=SYSTEM;
ssl_prefer_server_ciphers on;
location / {
if ($host !~* ^www) {
set $name_www www.$host;
rewrite ^(.*) https://$name_www$1 permanent;
}
proxy_pass http://localhost:8000;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
}Modify wordpress configuration file
If the proxy passes directly, there will be many problems, such as circular redirection and forwarding, resources such as js, css, etc. go through http requests, and the address is redirected to localhost. I also stepped on a lot of pits to configure it.
Modify /opt/wordpress/wp-config.php, this is the volume mounted by the docker container, add the following content
vi /opt/wordpress/wp-config.php
define('FORCE_SSL_ADMIN', true);
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false){
$_SERVER['HTTPS'] = 'on';
$_SERVER['SERVER_PORT'] = 443;
}
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}
define('WP_HOME','https://www.aispider.cc/');
define('WP_SITEURL','https://www.aispider.cc/');
It is best to restart the container after modification,docker-compose -f wordpress.yml restart
Finally visit the configured address https://www.aispider.cc/
The theme I use here is RK blogger. If you like, download and install it by Google. Remember to modify the display of the record information at the bottom of the theme configuration.
发表评论