x-wordpress-configuration-env: &wordpress-configuration-env WORDPRESS_PLUGIN_LIST: "maintenance redis-cache" WORDPRESS_REDIS_HOST: redis WORDPRESS_CACHE: 1 WORDPRESS_CACHE_KEY_SALT: 'Wp-' WORDPRESS_TABLE_PREFIX: 'wp_' WORDPRESS_DEBUG: 0 DEFAULT_EMAIL: "webmaster@example.com" WORDPRESS_DB_USER: wordpress WORDPRESS_DB_NAME: wordpress WORDPRESS_DB_HOST: database WORDPRESS_CONFIG_EXTRA: | define('WP_AUTO_UPDATE_CORE', false); define('WP_SITEURL', 'http://localhost'); define('WP_HOME', 'http://localhost'); define('WP_CACHE', true); define('WP_CACHE_KEY_SALT', 'Wp-'); define('WP_REDIS_HOST', "cache"); define('DISABLE_WP_CRON', true); $$_SERVER['HTTP_UPGRADE_INSECURE_REQUESTS'] = false; # Required since nginx unit will not pass environment variables s6-envdir loads. wp-config.php has docker_getenv() x-wordpress-secrets-files: &wordpress-secrets-files-env WORDPRESS_AUTH_KEY_FILE: /run/secrets/wordpress_auth_key WORDPRESS_SECURE_AUTH_KEY_FILE: /run/secrets/wordpress_secure_auth_key WORDPRESS_LOGGED_IN_KEY_FILE: /run/secrets/wordpress_logged_in_key WORDPRESS_NONCE_KEY_FILE: /run/secrets/wordpress_nonce_key WORDPRESS_AUTH_SALT_FILE: /run/secrets/wordpress_auth_salt WORDPRESS_SECURE_AUTH_SALT_FILE: /run/secrets/wordpress_secure_auth_salt WORDPRESS_LOGGED_IN_SALT_FILE: /run/secrets/wordpress_logged_in_salt WORDPRESS_NONCE_SALT_FILE: /run/secrets/wordpress_nonce_salt WORDPRESS_DB_PASSWORD_FILE: /run/secrets/wordpress_db_password x-wordpress-init-env: &wordpress-init-env WORDPRESS_INIT_ENABLE: "true" WORDPRESS_INIT_ADMIN_USER: admin # WORDPRESS_INIT_ADMIN_PASSWORD is defined in secrets WORDPRESS_INIT_ADMIN_EMAIL: admin@example.com WORDPRESS_INIT_SITE_TITLE: "Your Example Site" WORDPRESS_INIT_SITE_URL: "http://localhost" networks: default: secrets: database_root_password: file: ./.secrets/database_root_password.txt wordpress_database_password: file: ./.secrets/wordpress_database_password.txt wordpress_db_password: file: ./.secrets/wordpress_database_password.txt wordpress_auth_key: file: ./.secrets/wordpress_auth_key wordpress_secure_auth_key: file: ./.secrets/wordpress_secure_auth_key wordpress_logged_in_key: file: ./.secrets/wordpress_logged_in_key wordpress_nonce_key: file: ./.secrets/wordpress_nonce_key wordpress_auth_salt: file: ./.secrets/wordpress_auth_salt wordpress_secure_auth_salt: file: ./.secrets/wordpress_secure_auth_salt wordpress_logged_in_salt: file: ./.secrets/wordpress_logged_in_salt wordpress_nonce_salt: file: ./.secrets/wordpress_nonce_salt wordpress_init_admin_password: file: ./.secrets/wordpress_init_admin_password services: wordpress: image: ghcr.io/n0rthernl1ghts/wordpress:6.6.2 deploy: restart_policy: condition: any healthcheck: # See: src/wp-utils/healthcheck test: [ "CMD", "/usr/local/bin/healthcheck" ] interval: 30s timeout: 5s retries: 3 secrets: - wordpress_db_password - wordpress_auth_key - wordpress_secure_auth_key - wordpress_logged_in_key - wordpress_nonce_key - wordpress_auth_salt - wordpress_secure_auth_salt - wordpress_logged_in_salt - wordpress_nonce_salt - wordpress_init_admin_password environment: <<: [ *wordpress-configuration-env, *wordpress-secrets-files-env, *wordpress-init-env ] CRON_ENABLED: "false" labels: # This configures traefik - if you have it. You also need to make sure that this service is in the same network with Traefik instance - "traefik.enable=true" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-http.rule=Host(`example.com`)" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-http.entrypoints=web" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.tls=true" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.tls.certresolver=le" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.rule=Host(`example.com`)" - "traefik.http.routers.${COMPOSE_PROJECT_NAME}-https.entrypoints=websecure" - "traefik.http.services.${COMPOSE_PROJECT_NAME}.loadbalancer.server.port=80" volumes: - ./data/wordpress/wp-content:/var/www/html/wp-content networks: default: # It's a good idea to have a separate service for the cron job cron: extends: service: wordpress image: ghcr.io/n0rthernl1ghts/wordpress-cron:6.6.2 deploy: resources: limits: memory: 512M # Limit the memory for the cron job to 512 MB. This is a good practice to avoid memory leaks. environment: CRON_ENABLED: "true" # Redis is optional, but it works really well for caching. If removed, please update x-wordpress-configuration-env cache: image: redis:alpine init: true healthcheck: test: ["CMD", "/usr/local/bin/redis-cli", "PING"] interval: 20s timeout: 3s retries: 3 deploy: restart_policy: condition: any resources: limits: memory: 64M networks: default: # Please update environment accordingly database: image: 'ghcr.io/n0rthernl1ghts/mariadb:10.11' deploy: replicas: 1 restart_policy: condition: any resources: limits: memory: 512M # Should be adjusted accordingly to the website size. 512MB is usually enough for small website healthcheck: test: ["CMD", "/usr/bin/healthcheck"] interval: 30s timeout: 20s retries: 3 environment: PUID: 1000 PGID: 1000 MARIADB_INIT_DATABASES: wordpress MARIADB_INIT_USERS: wordpress FILE__MARIADB_ROOT_PASSWORD: /run/secrets/database_root_password FILE__MARIADB_USER_wordpress_PASSWORD: /run/secrets/wordpress_database_password FORCE_CONFIG_OVERWRITE: 1 volumes: - ./data/database/config:/config - ./data/database/data:/var/lib/mysql secrets: - database_root_password - wordpress_database_password networks: default: