"Setting Up WordPress Behind a Traefik Reverse Proxy: A Detailed Dive"
In the fast-paced world of modern web development, there’s nothing quite like the exhilaration of bringing a project to life. And when the journey from concept to completion is a marathon, the sense of accomplishment at the finish line is all the sweeter. Today, I invite you to embark on a thrilling adventure: setting up WordPress within a Docker container, secured snugly behind a Traefik reverse proxy. This dynamic trio – WordPress, Docker, and Traefik – is your ticket to building, deploying, and safeguarding web projects with finesse and precision.
But before we dive into the intricacies of this setup, let me introduce you to the bedrock of this endeavor—a repository I’ve lovingly forked and meticulously tailored to my specifications. You can explore the inner workings of this repository right here. Together, we’ll dissect the docker-compose.yml file, peeling back the layers to understand the ‘why’ and ‘how’ behind its configurations and its seamless integration with Traefik.
Decoding the docker-compose.yml File
Now, let’s delve into the heart of this operation—the docker-compose.yml file. It’s the blueprint that orchestrates our WordPress journey, connecting all the dots and ensuring smooth sailing. We won’t get lost in technical jargon; instead, we’ll demystify each part:
version: '3'
# This file is designed to work with Traefik.
# It is a reverse proxy that is used on the server host several services.
# If you need to dev locally, copy this file under a new name and adapt it.
# To do so, add the port numbers and remove the tags
networks:
# enable connection with Traefik
traefik-proxy:
external: true
# network for the app
wp-network:
services:
# The WordPress CMS itself
wp-blog:
build:
# call the Dockerfile in ./wordpress
context: ./wordpress
restart: always
logging:
# Configure the logs retention according to your needs
options:
max-size: "10m"
max-file: "3"
env_file:
- ./.env
environment:
# Connect WordPress to the database
WORDPRESS_DB_HOST: wp-db:3306
WORDPRESS_DB_USER: ${WORDPRESS_DB_USER}
WORDPRESS_DB_PASSWORD: ${WORDPRESS_DB_PASSWORD}
WORDPRESS_DB_NAME: ${WORDPRESS_DB_NAME}
volumes:
# link the content of WordPress in a directory to enable local modifications
- ./wordpress/data:/var/www/html
networks:
- traefik-proxy
- wp-network
depends_on:
- wp-db
- wp-redis
labels:
# The labels are usefull for Traefik only
- "traefik.enable=true"
- "traefik.docker.network=traefik"
# Get the routes from http
- "traefik.http.routers.wordpress.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.wordpress.entrypoints=web"
# Redirect these routes to https
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.wordpress.middlewares=redirect-to-https@docker"
# Get the routes from https
- "traefik.http.routers.wordpress-secured.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.wordpress-secured.entrypoints=websecure"
# Apply autentificiation with http challenge
- "traefik.http.routers.wordpress-secured.tls=true"
- "traefik.http.routers.wordpress-secured.tls.certresolver=production"
# The MySQL database
wp-db:
# this is the database used by WordPress
image: mysql:5.7
restart: always
logging:
# Configure the logs retention according to your needs
options:
max-size: "10m"
max-file: "3"
env_file:
- ./.env
environment:
# Connect WordPrerss to the database
MYSQL_DATABASE: ${WORDPRESS_DB_NAME}
MYSQL_USER: ${WORDPRESS_DB_USER}
MYSQL_PASSWORD: ${WORDPRESS_DB_PASSWORD}
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
volumes:
# Here, the database files are linked into a directory for direct access
# You probably prefer to use a docker volume instead
- ./db:/var/lib/mysql
networks:
- wp-network
# Redis, used as a cache engine, drastically improve page load times
# Install a WordPress plugin like "W3 Total Cache" to get it working
wp-redis:
image: redis:6
restart: always
logging:
# Configure the logs retention according to your needs
options:
max-size: "10m"
max-file: "3"
env_file:
- ./.env
ports:
- "6379:6379"
networks:
- wp-network
# launch Redis in cache mode with :
# - max memory up to 50% of your RAM if needed (--maxmemory 512mb)
# - deleting oldest data when max memory is reached (--maxmemory-policy allkeys-lru)
entrypoint: ["redis-server", "--maxmemory", "512mb", "--maxmemory-policy", "allkeys-lru"]
# Graphical interface to the database
# Can be useful for debug
phpmyadmin:
image: phpmyadmin/phpmyadmin
networks:
- wp-network
- traefik-proxy
depends_on:
- wp-db
restart: always
logging:
# Configure the logs retention according to your needs
options:
max-size: "10m"
max-file: "3"
env_file:
- ./.env
environment:
- PMA_ARBITRARY=1
- PMA_HOST=db
- PMA_PORT=3306
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
volumes:
- /sessions
labels:
# The labels are usefull for Traefik only
- "traefik.enable=true"
- "traefik.docker.network=traefik"
# Get the data from port xxxx instead of port 80
# - "traefik.http.services.phpmyadmin.loadbalancer.server.port=8081"
# Get the routes from http
- "traefik.http.routers.phpmyadmin.rule=Host(`${PHPMYADMIN_DOMAIN}`)"
- "traefik.http.routers.phpmyadmin.entrypoints=web"
# Redirect these routes to https
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.phpmyadmin.middlewares=redirect-to-https@docker"
# Get the routes from https
- "traefik.http.routers.phpmyadmin-secured.rule=Host(`${PHPMYADMIN_DOMAIN}`)"
- "traefik.http.routers.phpmyadmin-secured.entrypoints=websecure"
# Apply autentificiation with http challenge
- "traefik.http.routers.phpmyadmin-secured.tls=true"
- "traefik.http.routers.phpmyadmin-secured.tls.certresolver=production"
WordPress CMS
Imagine this as the show-stopping front-end of your web project. It’s like the main attraction, the WordPress CMS, crafted with love and care. This container is built from a Dockerfile tucked away in the ./wordpress directory. It’s the beating heart of your website, always ready to serve. It connects seamlessly to both the traefik-proxy and wp-network networks, ensuring secure and efficient communication.
MySQL Database
Meet your behind-the-scenes hero, MySQL. It’s the database where all your WordPress data resides, providing the backbone for your website. This container is self-contained, and its data is meticulously mapped to ./db for direct access. It connects to the wp-network network, forming a vital part of your web project.
Redis for Speed
Now, picture Redis as your trusty speed booster. It’s like the caffeine shot for your website, caching data to enhance page loading times. Redis is the secret sauce that keeps your site lightning-fast. It eagerly joins the wp-network network, ready to turbocharge your WordPress site whenever needed.
Database Management with phpMyAdmin
Last but not least, phpMyAdmin. Think of it as your control center for managing your database with ease. It’s your graphical interface to the database, making complex database tasks a breeze. However, it seems that, even while the web app is running, successful login remains elusive. Nevertheless, it’s a handy tool in your web development arsenal.
Networks: Connecting the Dots
To keep things organized and efficient, we’ve established two networks. One is for WordPress, allowing all four of these services to communicate seamlessly. The other, named traefik, is dedicated to our traffic cop, Traefik. It ensures that incoming requests are directed to the right destination, whether it’s the wp-blog CMS or phpMyAdmin.
In a nutshell, this Docker Compose file is the backbone of your WordPress project, bridging connections between various containers and utilizing Traefik as your digital traffic controller. It transforms what could be a complex web hosting setup into a structured, efficient, and secure environment. With this setup, you’re well on your way to mastering the art of hosting WordPress with Traefik – an essential skill for modern web developers.
This concludes my quick little mini series. We set up our WordPress instance behind our Traefik reverse proxy. Now we can go ahead and spin up other web apps (and give each their own subdomain), try different stacks, and document the process.