docker/wordpress-docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

# dev 20260309

Browse Source
This commit is contained in:
Gilles Mouchet 2026-03-09 08:19:04 +01:00
parent 334fd84ba6
commit 05f0cae110
6 changed files with 169 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
README.md
View File

@ -7,6 +7,7 @@ This docker compose run wordpress on docker
* GMoTech/GMoLab/VdGLab Linux environment
* Rocky Linux 10
* Redhat 10
* Docker with traefik
* Certificats
* Copy crt and key files on `/home/docker/certs/`
* Environment file
@ -34,105 +35,11 @@ Copy `env-dist` to `env-<environment_name>` file and adapt as your needs
The database is a dump of wp first install
The script adapt the sql file with data from environment file
## Apache
### http-wp-dev.conf
```
<VirtualHost *:80>
ServerName wp-dev.gmolab.net
ServerAlias wp-dev
CustomLog logs/wp-dev_access_log common
ErrorLog logs/wp-dev_error_log
# redirect to https
RewriteEngine on
RewriteCond %{SERVER_NAME} =wp-dev [OR]
RewriteCond %{SERVER_NAME} =wp-devp.gmolab.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
```
### https-wp-dev.conf
```
##
## SSL Virtual Host Context
##
# General setup for the virtual host
<VirtualHost *:443>
ServerName wp-dev.gmolab.net
ServerAlias wp-dev
CustomLog logs/wp-dev_access_log common
ErrorLog logs/wp-dev_error_log
# SSL
SSLEngine on
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
# Enable HTTP/2, if available
Protocols h2 http/1.1
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
# certificats
SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt"
SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key"
SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt"
# proxy
SSLProxyEngine On
ProxyPreserveHost On
ProxyRequests off
ProxyPass "/" "http://127.0.0.1:8080/"
ProxyPassReverse "/" "https://127.0.0.1:8080/"
</VirtualHost>
```
### http-phpmyadmin-dev.conf
```
<VirtualHost *:80>
ServerName phpmyadmin-dev.gmolab.net
ServerAlias phpmyadmin-dev
CustomLog logs/phpmyadmin-dev_access_log common
ErrorLog logs/phpmyadmin-dev_error_log
# redirect to https
RewriteEngine on
RewriteCond %{SERVER_NAME} =wp-dev [OR]
RewriteCond %{SERVER_NAME} =phpmyadmin-dev.gmolab.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
```
### https-phpmyadmin-dev.conf
```
# General setup for the virtual host
<VirtualHost *:443>
ServerName phpmyadmin-dev.gmolab.net
ServerAlias phpmyadmin-dev
CustomLog logs/phpmyadmin-dev_access_log common
ErrorLog logs/phpmyadmin-dev_error_log
# SSL
SSLEngine on
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
# Enable HTTP/2, if available
Protocols h2 http/1.1
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
# certificats
SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt"
SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key"
SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt"
# proxy
RequestHeader set X-Forwarded-Proto "https"
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:8180/"
ProxyPassReverse "/" "http://127.0.0.1:8180/"
</VirtualHost>
```
## Access
https://wp-dev.gmolab.net
https://phpmyadmin-dev.gmolab.net
https://pma-dev.gmolab.net
### [1.0.0] - 2026-02-06
### [1.0.0] - 2026-03-08
#### Added
- initial version by [GMo](mailto:gilles.mouchet@gmail.com)

163
docker-compose.yaml
View File

@ -1,60 +1,187 @@
name: wp-gmo
services:
wordpress:
image: wordpress:latest
extra_hosts:
- "${HOST_NAME}:${HOST_IP}"
container_name: ${WP_SITE}
restart: always
volumes:
- /home/docker/wp/wp-site:/var/www/html
- ./config/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_NAME: wordpress
WORDPRESS_DB_USER: wpuser
WORDPRESS_DB_PASSWORD: wppassword
WORDPRESS_TABLE_PREFIX: wp_
depends_on:
- db
- phpmyadmin
restart: always
ports:
- 8080:80
db:
condition: service_healthy
networks:
- traefik-net
- wp-net
labels:
- "traefik.enable=true"
- "traefik.http.routers.wp-site.rule=Host(`${HOST_NAME}`)"
- "traefik.http.routers.wp-site.entrypoints=websecure"
- "traefik.http.routers.wp-site.tls=true"
- "traefik.docker.network=traefik-net"
- "traefik.http.services.wp-site.loadbalancer.server.port=80"
# Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique
- "traefik.http.routers.wp-pma.tls.options=default"
db:
image: mysql:8.4.8
image: mysql:8.4
container_name: ${WP_DB}
restart: always
volumes:
- /home/docker/wp/wp-db:/var/lib/mysql
# This is optional!!!
- ./dump-db/:/docker-entrypoint-initdb.d
environment:
MYSQL_DATABASE: wordpress
MYSQL_USER: wpuser
MYSQL_PASSWORD: wppassword
MYSQL_ROOT_PASSWORD: rootpassword
restart: always
ports:
- 3306:3306
networks:
- wp-net
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
test: ["CMD","mysqladmin","ping","-h","localhost","-prootpassword"]
interval: 10s
timeout: 5s
retries: 10
phpmyadmin:
image: phpmyadmin:latest
container_name: ${WP_PMA}
restart: always
depends_on:
- db
image: ${PHPADMIN_IMAGE}
container_name: wp-phpmyadmin
restart: always
ports:
- 8180:80
environment:
PMA_HOST: db
PMA_USER: root
PMA_PASSWORD: rootpassword
# ports:
# - 8180:80
networks:
- traefik-net
- wp-net
labels:
- "traefik.enable=true"
- "traefik.http.routers.wp-pma.rule=Host(`${HOST_PMA}`)"
- "traefik.http.routers.wp-pma.entrypoints=websecure"
- "traefik.http.routers.wp-pma.tls=true"
- "traefik.docker.network=traefik-net"
- "traefik.http.services.wp-pma.loadbalancer.server.port=80"
# Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique
- "traefik.http.routers.wp-pma.tls.options=default"
networks:
traefik-net:
external: true
wp-net:
#volumes:
# db_data:
#name: wp-gmo
#services:
# wordpress:
# image: wordpress:latest
# extra_hosts:
# - "${HOST_NAME}:${HOST_IP}"
# container_name: ${WP_SITE}
# volumes:
# - /home/docker/wp/wp-site:/var/www/html
# - ./config/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
# environment:
# WORDPRESS_DB_HOST: db
# WORDPRESS_DB_NAME: wordpress
# WORDPRESS_DB_USER: wpuser
# WORDPRESS_DB_PASSWORD: wppassword
# WORDPRESS_TABLE_PREFIX: wp_
# depends_on:
# - db
# - phpmyadmin
# restart: always
# ports:
# - 8080:80
# networks:
# - traefik-net
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.wp-site.rule=Host(`${HOST_NAME}`)"
# - "traefik.docker.network=traefik-net"
# - "traefik.http.routers.wp-site.entrypoints=websecure"
# - "traefik.http.routers.wp-site.tls=true"
## # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique
# - "traefik.http.routers.wp-site.tls.options=default"
# - "traefik.http.services.wp-site.loadbalancer.server.port=80"
#
# db:
# image: mysql:8.4.8
# container_name: ${WP_DB}
# volumes:
# - /home/docker/wp/wp-db:/var/lib/mysql
# # This is optional!!!
# - ./dump-db/:/docker-entrypoint-initdb.d
# environment:
# MYSQL_DATABASE: wordpress
# MYSQL_USER: wpuser
# MYSQL_PASSWORD: wppassword
# MYSQL_ROOT_PASSWORD: rootpassword
# restart: always
# ports:
# - 3306:3306
#
# healthcheck:
# test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
# timeout: 5s
# retries: 10
#
# phpmyadmin:
# depends_on:
# - db
# image: ${PHPADMIN_IMAGE}
# container_name: wp-phpmyadmin
# restart: always
# ports:
# - 8180:80
# environment:
# PMA_HOST: db
# PMA_USER: root
# PMA_PASSWORD: rootpassword
# networks:
# - traefik-net
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.wp-phpmyadm.rule=Host(`${HOST_PHPMYADM}`)"
# - "traefik.docker.network=traefik-net"
# - "traefik.http.routers.wp-phpmyadm.entrypoints=websecure"
# - "traefik.http.routers.wp-phpmyadm.tls=true"
## # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique
# - "traefik.http.routers.wp-phpmyadm.tls.options=default"
# - "traefik.http.services.wp-phpmyadm.loadbalancer.server.port=80"
#
#networks:
# traefik-net:
# external: true
# wp-net:
##volumes:
## db_data:

9
env-dist
View File

@ -5,9 +5,11 @@ SITE_TITLE="GMo Lab"
# container
WP_SITE=wp-site
WP_DB=wp-db
WP_PMA=wp-pma
# host
HOST_NAME=wp-dev.gmolab.net
HOST_IP=172.31.10.15
HOST_IP=172.31.10.16
HOST_PMA=pma-dev.gmolab.net
# phpadmin image
PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest
#PHPADMIN_IMAGE=amd64/phpmyadmin:latest
@ -15,4 +17,7 @@ PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest
WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
WP_CLI=wp-cli.phar
# gantry theme
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip
GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip

7
env-gmolab
View File

@ -5,13 +5,16 @@ SITE_TITLE="GMo Lab"
# container
WP_SITE=wp-site
WP_DB=wp-db
WP_PMA=wp-pma
# host
HOST_NAME=wp-dev.gmolab.net
HOST_IP=172.31.10.15
HOST_IP=172.31.10.16
HOST_PMA=pma-dev.gmolab.net
# phpadmin image
PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest
# wp client URL
WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
WP_CLI=wp-cli.phar
# gantry theme
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip
GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip

5
env-vdglab
View File

@ -5,13 +5,16 @@ SITE_TITLE="VdG Lab"
# container
WP_SITE=wp-site
WP_DB=wp-db
WP_PMA=wp-pma
# host
HOST_NAME=wp.vdglab.net
HOST_IP=10.10.8.104
HOST_PMA=pma.vdglab.net
# phpadmin image
PHPADMIN_IMAGE=amd64/phpmyadmin:latest
# wp client URL
WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
WP_CLI=wp-cli.phar
# gantry theme
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip
GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip
GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip

5
manage.sh
View File

@ -217,7 +217,7 @@ case "$MODE" in
echo " "
inst-wpcli
docker exec "$WP_SITE" ./wp-cli.phar plugin install gantry5 --activate --allow-root
docker exec "$WP_SITE" ./wp-cli.phar theme install $GANTRY_THEME_HYDROGEN_URL --activate --allow-root
docker exec "$WP_SITE" ./wp-cli.phar theme install $GANTRY_THEME_HELIUM_URL --activate --allow-root
sudo chown 33:33 $WP_SITE_FOLDER -R
docker compose stop
;;
@ -228,7 +228,7 @@ case "$MODE" in
;;
delete)
echo -e "${RED}-----------------------------------------------------------------------------------------------------"
echo -e "Do you really want to delete the contents of the /home/docker/${root_app} folder [y/N]?"
echo -e "Do you really want to delete the contents of the ${WP_ROOT_FOLDER} folder [y/N]?"
echo -e "----------------------------------------------------------------------------------------------------- ${NC}"
unset answer
@ -240,6 +240,7 @@ case "$MODE" in
docker compose down
#sleep 5
sudo rm -rf $WP_ROOT_FOLDER
sudo rm -rf /root/.wp-cli
exit
;;
down)