wordpress/docker-compose.yml

178 lines
6.3 KiB
YAML
Raw Normal View History

2024-05-23 20:06:00 +02:00
x-wordpress-configuration-env: &wordpress-configuration-env
WORDPRESS_PLUGIN_LIST: "maintenance redis-cache"
WORDPRESS_REDIS_HOST: redis
WORDPRESS_CACHE: 1
WORDPRESS_CACHE_KEY_SALT: 'Wp-'
WORDPRESS_TABLE_PREFIX: 'wp_'
WORDPRESS_DEBUG: 0
DEFAULT_EMAIL: "webmaster@example.com"
2024-10-29 19:17:44 +01:00
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_NAME: wordpress
WORDPRESS_DB_HOST: database
2024-05-23 20:06:00 +02:00
WORDPRESS_CONFIG_EXTRA: |
define('WP_AUTO_UPDATE_CORE', false);
define('WP_SITEURL', 'https://www.example.com');
define('WP_HOME', 'https://www.example.com');
define('WP_CACHE', true);
define('WP_CACHE_KEY_SALT', 'Wp-');
define('WP_REDIS_HOST', "cache");
define('DISABLE_WP_CRON', true);
$$_SERVER['HTTP_UPGRADE_INSECURE_REQUESTS'] = false;
$$_SERVER['HTTP_X_FORWARDED_PORT'] = 443;
$$_SERVER['HTTP_X_FORWARDED_SSL'] = 'on';
$$_SERVER['HTTPS'] = 'on';
$$_SERVER['SERVER_PORT'] = 443;
$$_SERVER['REQUEST_SCHEME'] = 'https';
# $_SERVER definitions above are set to trick WP that it's accessed over HTTPS. This is typically useful only behind reverse proxy and should be avoided in production
2024-10-29 19:17:44 +01:00
# Required since nginx unit will not pass environment variables s6-envdir loads. wp-config.php has docker_getenv()
x-wordpress-secrets-files: &wordpress-secrets-files-env
WORDPRESS_AUTH_KEY_FILE: /run/secrets/wordpress_auth_key
WORDPRESS_SECURE_AUTH_KEY_FILE: /run/secrets/wordpress_secure_auth_key
WORDPRESS_LOGGED_IN_KEY_FILE: /run/secrets/wordpress_logged_in_key
WORDPRESS_NONCE_KEY_FILE: /run/secrets/wordpress_nonce_key
WORDPRESS_AUTH_SALT_FILE: /run/secrets/wordpress_auth_salt
WORDPRESS_SECURE_AUTH_SALT_FILE: /run/secrets/wordpress_secure_auth_salt
WORDPRESS_LOGGED_IN_SALT_FILE: /run/secrets/wordpress_logged_in_salt
WORDPRESS_NONCE_SALT_FILE: /run/secrets/wordpress_nonce_salt
WORDPRESS_DB_PASSWORD_FILE: /run/secrets/wordpress_db_password
x-wordpress-init-env: &wordpress-init-env
WORDPRESS_INIT_ENABLE: "true"
WORDPRESS_INIT_ADMIN_USER: admin
2024-10-29 19:17:44 +01:00
# WORDPRESS_INIT_ADMIN_PASSWORD is defined in secrets
WORDPRESS_INIT_ADMIN_EMAIL: admin@example.com
WORDPRESS_INIT_SITE_TITLE: "Example.com"
WORDPRESS_INIT_SITE_URL: "https://www.example.com"
2024-05-23 20:06:00 +02:00
networks:
default:
2024-05-24 01:33:39 +02:00
secrets:
2024-10-29 19:17:44 +01:00
database_root_password:
file: ./.secrets/database_root_password.txt
wordpress_database_password:
file: ./.secrets/wordpress_database_password.txt
wordpress_db_password:
file: ./.secrets/wordpress_database_password.txt
wordpress_auth_key:
file: ./.secrets/wordpress_auth_key
wordpress_secure_auth_key:
file: ./.secrets/wordpress_secure_auth_key
wordpress_logged_in_key:
file: ./.secrets/wordpress_logged_in_key
wordpress_nonce_key:
file: ./.secrets/wordpress_nonce_key
wordpress_auth_salt:
file: ./.secrets/wordpress_auth_salt
wordpress_secure_auth_salt:
file: ./.secrets/wordpress_secure_auth_salt
wordpress_logged_in_salt:
file: ./.secrets/wordpress_logged_in_salt
wordpress_nonce_salt:
file: ./.secrets/wordpress_nonce_salt
wordpress_init_admin_password:
file: ./.secrets/wordpress_init_admin_password
2024-05-24 01:33:39 +02:00
2024-05-23 20:06:00 +02:00
services:
wordpress:
2024-10-29 19:17:44 +01:00
image: ghcr.io/n0rthernl1ghts/wordpress:6.6.2
2024-05-23 20:06:00 +02:00
deploy:
restart_policy:
condition: any
healthcheck: # See: src/wp-utils/healthcheck
test: [ "CMD", "/usr/local/bin/healthcheck" ]
interval: 30s
timeout: 5s
retries: 3
2024-10-29 19:17:44 +01:00
secrets:
- wordpress_db_password
- wordpress_auth_key
- wordpress_secure_auth_key
- wordpress_logged_in_key
- wordpress_nonce_key
- wordpress_auth_salt
- wordpress_secure_auth_salt
- wordpress_logged_in_salt
- wordpress_nonce_salt
- wordpress_init_admin_password
2024-05-23 20:06:00 +02:00
environment:
2024-10-29 19:17:44 +01:00
<<: [ *wordpress-configuration-env, *wordpress-secrets-files-env, *wordpress-init-env ]
2024-05-23 20:06:00 +02:00
CRON_ENABLED: "false"
labels: # This configures traefik - if you have it. You also need to make sure that this service is in the same network with Traefik instance
- "traefik.enable=true"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-http.rule=Host(`example.com`)"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-http.entrypoints=web"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.tls=true"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.tls.certresolver=le"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.rule=Host(`example.com`)"
- "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.entrypoints=websecure"
- "traefik.http.services.${COMPOSE_PROJECT_NAME}.loadbalancer.server.port=80"
volumes:
- ./data/wordpress/wp-content:/var/www/html/wp-content
networks:
default:
# It's a good idea to have a separate service for the cron job
cron:
extends:
service: wordpress
deploy:
resources:
limits:
memory: 512M # Limit the memory for the cron job to 512 MB. This is a good practice to avoid memory leaks.
environment:
CRON_ENABLED: "true"
# Redis is optional, but it works really well for caching. If removed, please update x-wordpress-configuration-env
cache:
image: redis:alpine
init: true
healthcheck:
test: ["CMD", "/usr/local/bin/redis-cli", "PING"]
interval: 20s
timeout: 3s
retries: 3
deploy:
restart_policy:
condition: any
resources:
limits:
memory: 64M
networks:
default:
# Please update environment accordingly
database:
image: 'ghcr.io/n0rthernl1ghts/mariadb:10.11'
deploy:
replicas: 1
restart_policy:
condition: any
resources:
limits:
memory: 512M # Should be adjusted accordingly to the website size. 512MB is usually enough for small website
healthcheck:
test: ["CMD", "/usr/bin/healthcheck"]
interval: 30s
timeout: 20s
retries: 3
environment:
PUID: 1000
PGID: 1000
MARIADB_INIT_DATABASES: wordpress
MARIADB_INIT_USERS: wordpress
2024-05-24 01:33:39 +02:00
FILE__MARIADB_ROOT_PASSWORD: /run/secrets/database_root_password
FILE__MARIADB_USER_wordpress_PASSWORD: /run/secrets/wordpress_database_password
2024-05-23 20:06:00 +02:00
FORCE_CONFIG_OVERWRITE: 1
volumes:
- ./data/database/config:/config
- ./data/database/data:/var/lib/mysql
2024-05-24 01:33:39 +02:00
secrets:
- database_root_password
- wordpress_database_password
2024-05-23 20:06:00 +02:00
networks:
default: