Wordpress docker-compose config with Traefik reverse proxy
This is my docker-compose config for a Wordpress site with a Traefik reverse proxy.
See Simple Traefik docker-compose setup with Lets Encrypt Cloudflare DNS-01 & TLS-ALPN-01 & HTTP-01 challenges for my Traefik config.
services:
mariadb:
image: mariadb:latest
environment:
- MYSQL_DATABASE=wordpress
- MYSQL_USER=wordpress
- MYSQL_PASSWORD=${MARIADB_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
- MARIADB_AUTO_UPGRADE=1
volumes:
- ./mariadb_data:/var/lib/mysql
restart: unless-stopped
healthcheck:
test: mysqladmin -p${MARIADB_ROOT_PASSWORD} ping -h localhost
interval: 20s
start_period: 10s
timeout: 10s
retries: 3
wordpress:
image: wordpress:6-apache
depends_on:
- mariadb
ports:
- 24354:80
restart: always
environment:
- WORDPRESS_DB_HOST=mariadb:3306
- WORDPRESS_DB_USER=wordpress
- WORDPRESS_DB_NAME=wordpress
- WORDPRESS_DB_PASSWORD=${MARIADB_PASSWORD}
volumes:
- ./wordpress:/var/www/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.wordpress-my-domain.rule=Host(`my-domain.com`) || Host(`www.my-domain.com`)"
- "traefik.http.routers.wordpress-my-domain.entrypoints=websecure"
- "traefik.http.routers.wordpress-my-domain.tls.certresolver=cloudflare-ec384"
- "traefik.http.routers.wordpress-my-domain.tls.domains[0].main=my-domain.com"
- "traefik.http.routers.wordpress-my-domain.tls.domains[0].sans=*.my-domain.com"
wpcli:
depends_on:
- wordpress
image: wordpress:cli
user: 1000:1000
command: tail -f /dev/null
volumes:
- ./wordpress:/var/www/html
environment:
- WORDPRESS_DB_HOST=mariadb:3306
- WORDPRESS_DB_USER=wordpress
- WORDPRESS_DB_NAME=wordpress
- WORDPRESS_DB_PASSWORD=${MARIADB_PASSWORD}
This depends on a .env file like this:
MARIADB_PASSWORD=random-password
MARIADB_ROOT_PASSWORD=another-random-password
You can generate the passwords e.g. using pwgen 30. I recommend to choose unique passwords