buzzkillb Posted June 20, 2020 Report Share Posted June 20, 2020 I really like this guide I found so just rewriting pieces of it and adding some more stuff. Very good blog so check it out. https://tech.aufomm.com/2020/04/16/deploy-wordpress-with-docker-and-traefik-2/ Install Docker and docker-compose. Then we want to generate a hashed password for the traefik panel. sudo apt-get install apache2-utils then we get the user:hashedpassword like this htpasswd -nbB <USER> "<PASSWORD>" example for the above htpasswd -nbB admin "StrongPasswordHere" Copy somewhere to use for setting up traefik shortly. Start setting up the system. touch docker-compose.yml mkdir data mkdir data/configurations touch data/traefik.yml touch data/acme.json touch data/configurations/dynamic.yml chmod 600 data/acme.json ~/docker-compose.yml edit traefik.yourdomain to whatever subdomain you want to use to access the control panel like traefik.example.com version: '3.3' services: traefik: image: traefik:latest container_name: traefik restart: always security_opt: - no-new-privileges:true ports: - 80:80 - 443:443 volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./data/traefik.yml:/traefik.yml:ro - ./data/acme.json:/acme.json # Add folder with dynamic configuration yml - ./data/configurations:/configurations networks: - proxy labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - "traefik.http.routers.traefik-secure.entrypoints=https" - "traefik.http.routers.traefik-secure.rule=Host(`traefik.yourdomain`)" - "traefik.http.routers.traefik-secure.middlewares=user-auth@file" - "traefik.http.routers.traefik-secure.service=api@internal" networks: proxy: external: true ~/data/traefik.yml update your email address below. api: dashboard: true entryPoints: http: address: ":80" http: redirections: entryPoint: to: https https: address: ":443" http: middlewares: - secureHeaders@file tls: certResolver: letsencrypt providers: docker: endpoint: "unix:///var/run/docker.sock" exposedByDefault: false file: filename: /configurations/dynamic.yml certificatesResolvers: letsencrypt: acme: email: admin@yourdomain storage: acme.json keyType: EC384 httpChallenge: entryPoint: http buypass: acme: email: admin@yourdomain storage: acme.json caServer: https://api.buypass.com/acme/directory keyType: EC256 httpChallenge: entryPoint: http ~/data/configurations/dynamic.yml in the users: line change to your user:hashedpassword copied earlier # Dynamic configuration http: middlewares: secureHeaders: headers: frameDeny: true sslRedirect: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 31536000 user-auth: basicAuth: users: - "admin:$apr1$tm53ra6x$FntXd6jcvxYM/YH0P2hcc1" tls: options: default: cipherSuites: - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 minVersion: VersionTLS12 Now make a directory like ~/blog or ~/wordpressblog or something where your wordpress data folder will be stored. I will use ~/blog since that's pretty simple to type. ~/blog/docker-compose.yml version: '3.7' services: db: image: mariadb container_name: wp-db volumes: - db-data:/var/lib/mysql networks: - default restart: always environment: MYSQL_ROOT_PASSWORD: supersecretpassword MYSQL_DATABASE: db MYSQL_USER: dbuser MYSQL_PASSWORD: dbpassword wordpress: depends_on: - db image: wordpress:latest container_name: wordpress environment: WORDPRESS_DB_HOST: db:3306 WORDPRESS_DB_NAME: db WORDPRESS_DB_USER: dbuser WORDPRESS_DB_PASSWORD: dbpassword volumes: - ./wp-data:/var/www/html networks: - proxy - default restart: always labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - "traefik.http.routers.wordpress-secure.entrypoints=https" - "traefik.http.routers.wordpress-secure.rule=Host(`blog.yourdomain`)" # - "traefik.http.routers.wordpress-secure.service=wordpress-service" # - "traefik.http.services.wordpress-service.loadbalancer.server.port=80" volumes: db-data: name: wp-db-data networks: proxy: external: true Change the passwords and usernames to whatever you want. And also change blog.yourdomain to example -> blog.example.com The above will store your wordpress data folder in the same docker-compose.yml folder. The trick to adding a second wordpress is make another folder like ~/blog2 and stick the same docker-compose.yml in. Then modify the container names, user, passwords, the volumes: / db-data: / name to the new container name. And then modify this line per wordpress. - "traefik.http.routers.wordpress-blog2-secure.rule=Host(`blog2.example.com`)" Now to spin everything up. Go back to your ~/ directory and type docker-compose up -d We get a network error like this. docker-compose up -d ERROR: Network proxy declared as external, but could not be found. Please create the network manually using `docker network create proxy` and try again. Start the network. docker network create proxy Run docker-compose again to start traefik. docker-compose up -d Now try your traefik subdomain. Then spin up your docker-compose.yml in the blog folder. docker-compose up -d And that's it. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.