Docker runs WordPress through Nginx reverse proxy to open HTTPS binding domain name

头像
码农笔录
2021-10-13 运维 阅读量 7076

src=http___blog.orx.me_wpcontent_uploads_2013_12_wordpresslogo.jpgrefer=http___blog.orx.jpg

This article uses docker-compose to run wordpress, uses the existing mysql database, and the external nginx opens https reverse proxy to wordpress. If your domain name has not been filed, please file it first.

startup files

Write wordpress.yml,Then execute docker-compose -f wordpress.yml up -d to start the container

172.18.0.1:3308 is my own mysql address

version: "3"
services:
  wordpress:
     image: wordpress:latest
     ports:
       - "8000:80"
     restart: always
     volumes:
      - /opt/wordpress:/var/www/html
     environment:
       - WORDPRESS_DB_HOST=172.18.0.1:3308
       - WORDPRESS_DB_USER=wordpress
       - WORDPRESS_DB_PASSWORD=wordpress

If you do not have a ready-made mysql database before, you can write the configuration file according to the tutorial on the official website

version: '3.1'
services:
  wordpress:
    image: wordpress
    restart: always
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: wordpress
      WORDPRESS_DB_PASSWORD: wordpress
      WORDPRESS_DB_NAME: wordpress
    volumes:
      - /opt/wordpress:/var/www/html

  db:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: wordpress
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - /opt/mysql:/var/lib/mysql

Here you need to go to the wordpress backend to configure the address and modify it to our last address with the domain name.

Access ip:8000/wp-admin

image.png

Configure Nginx

Here, use nginx to open https and reverse proxy to worpress. If nginx is not installed, please install nginx first. HTTPS certificate can go to Alibaba Cloud to apply for a free SSL certificate. There are many pits here. Please pay attention to the configuration file.

Our case domain name is aispider.cc, we redirect all domain names to https://www.aispider.cc

vi /etc/nginx/nginx.conf

   server {
        listen  80;
        server_name     aispider.cc;
        location / {
           if ($host !~* ^www) {
                set $name_www www.$host;
                rewrite ^(.*) https://$name_www$1 permanent;
           }
           rewrite ^(.*) https://$host$1 permanent;
        }
    }
    server {
        listen  80;
        server_name  www.aispider.cc;
        rewrite ^(.*) https://$host$1 permanent;
    }
    server {
        listen       443 ssl http2 default_server;
        server_name  www.aispider.cc;
        ssl_certificate "/opt/cer/aispider.cc.pem";
        ssl_certificate_key "/opt/cer/aispider.cc.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;

        location / {
           if ($host !~* ^www) {
              set $name_www www.$host;
              rewrite ^(.*) https://$name_www$1 permanent;
           }
           proxy_pass  http://localhost:8000;
           proxy_redirect     off;
           proxy_set_header   Host $host;
           proxy_set_header   X-Real-IP $remote_addr;
           proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header   X-Forwarded-Host $server_name;
           proxy_set_header   X-Forwarded-Proto https;
           proxy_set_header   Upgrade $http_upgrade;
           proxy_set_header   Connection "upgrade";
           proxy_read_timeout 86400;
        }
    }

Modify wordpress configuration file

If the proxy passes directly, there will be many problems, such as circular redirection and forwarding, resources such as js, css, etc. go through http requests, and the address is redirected to localhost. I also stepped on a lot of pits to configure it.

Modify /opt/wordpress/wp-config.php, this is the volume mounted by the docker container, add the following content

vi /opt/wordpress/wp-config.php

define('FORCE_SSL_ADMIN', true);

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false){
    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
    $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}

define('WP_HOME','https://www.aispider.cc/');
define('WP_SITEURL','https://www.aispider.cc/');

It is best to restart the container after modification,docker-compose -f wordpress.yml restart

Finally visit the configured address https://www.aispider.cc/

The theme I use here is RK blogger. If you like, download and install it by Google. Remember to modify the display of the record information at the bottom of the theme configuration.

image.png