Last active
August 30, 2018 10:32
-
-
Save edmondyip/540e9e790acd4c999bbf8d79d66e81ae to your computer and use it in GitHub Desktop.
WordPress + PHP7 + MariaDB + Nginx + Let's Encrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '2' | |
services: | |
# Nginx Proxy Server, ports 都由他管理 | |
nginx-proxy: | |
container_name: nginx-proxy | |
image: jwilder/nginx-proxy | |
restart: always | |
ports: | |
- "80:80" | |
- "443:443" | |
volumes: | |
- '/var/run/docker.sock:/tmp/docker.sock:ro' | |
- '~/nginx/certs:/etc/nginx/certs:ro' | |
- 'nginx-conf:/etc/nginx/conf.d' | |
- 'nginx-vhost:/etc/nginx/vhost.d' | |
- 'nginx-www:/usr/share/nginx/html' | |
environment: | |
- ENABLE_IPV6=true | |
networks: | |
- nginx-proxy | |
# 自動申請 Let's Encrypt | |
ssl-companion: | |
container_name: ssl-companion | |
image: jrcs/letsencrypt-nginx-proxy-companion | |
volumes_from: | |
- nginx-proxy | |
volumes: | |
- '~/nginx/certs:/etc/nginx/certs:rw' | |
- '/var/run/docker.sock:/var/run/docker.sock:ro' | |
networks: | |
- nginx-proxy | |
# http server,要設定網址 | |
web: | |
container_name: nginx | |
image: nginx:alpine | |
restart: always | |
depends_on: | |
- wordpress | |
volumes: | |
- '~/app/nginx/conf.d:/etc/nginx/conf.d' | |
- '~/app/wordpress:/var/www/html' | |
- '~/nginx/certs:/etc/nginx/certs:ro' | |
environment: | |
- VIRTUAL_HOST=yourdomain.com,sub.yourdomain.com | |
- LETSENCRYPT_HOST=yourdomain.com,sub.yourdomain.com | |
- LETSENCRYPT_EMAIL=youremail@gmail.com | |
networks: | |
- nginx-proxy | |
# MariaDB,MySQL的取代品,密碼要跟 WordPress 一樣 | |
db: | |
container_name: db | |
image: mariadb:10.3.8 | |
restart: always | |
volumes: | |
- wp-db:/var/lib/mysql | |
environment: | |
- MYSQL_ROOT_PASSWORD=password | |
networks: | |
- nginx-proxy | |
# WordPress本體,使用PHP-fpm | |
wordpress: | |
container_name: wordpress | |
image: wordpress:fpm | |
depends_on: | |
- db | |
restart: always | |
volumes: | |
- ./app/wordpress:/var/www/html | |
- ./app/php/conf.d/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini | |
environment: | |
- WORDPRESS_DB_HOST=db:3306 | |
- WORDPRESS_DB_PASSWORD=password | |
networks: | |
- nginx-proxy | |
volumes: | |
wp-db: | |
nginx-conf: | |
nginx-vhost: | |
nginx-www: | |
networks: | |
nginx-proxy: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
file_uploads = On | |
memory_limit = 300M | |
upload_max_filesize = 256M | |
post_max_size = 256M | |
date.timezone = UTC | |
max_execution_time = 600 | |
max_input_time = 600 | |
max_input_vars = 5000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
listen [::]:80; | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
server_name yourdomain.com; | |
root /var/www/html; | |
index index.php; | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
location ~ \.php$ { | |
try_files $uri =404; | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_pass wordpress:9000; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param PATH_INFO $fastcgi_path_info; | |
} | |
server_tokens off; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | |
ssl_ecdh_curve secp384r1; | |
ssl_session_cache shared:SSL:10m; | |
ssl_session_timeout 5m; | |
ssl_buffer_size 1400; | |
ssl_session_tickets off; | |
ssl_certificate /etc/nginx/certs/yourdomain.com/fullchain.pem; | |
ssl_certificate_key /etc/nginx/certs/yourdomain.com/key.pem; | |
ssl_dhparam /etc/nginx/certs/dhparam.pem; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment