Summary
The world witnessed the popularity of containerized applications. Docker provides good isolation and is of good portability. It also could be the basic item in a distributed system. In this post, I introduced
- how to create a WordPress site in docker;
- how to migration WordPress;
- how to make the site secure via SSL;
- how to make database connection secure;
Conclusion
The official docker image of WordPress provides a good end-to-end solution. If you get an external database,
docker run --name tech-blog -p 80:80 -p 443:443 -v ${PWD}/wp-data:/var/www/html -d wordpressVisit http://SERVER-ADDRESS to install a fresh WordPress instance. If you are using Duplicator, copy the two files into the mounted folder on the host and visit http://DOCKER_ADDRESS/installer.php.
The installer will let you configure the credentials of your external database, extract the data (posts, categories, etc), and load them into the new database. You can do the same thing using mysqldump directly. The installer will also help you restore site data not in database, like plugins, themes, etc.
If you want to deploy a MySQL instance as well. Keep reading.
Create a LAMP Container
WordPress lies on the LAMP stack: Linux, Apache, MySQL, PHP. We are lucky that there is a good open-sourced image available.
sudo docker run -it \
-p "80:80" -p "443:443" -p "3306:3306" \
-v ${PWD}/var/www/html:/var/www/html \
-v ${PWD}/mysql:/var/lib/mysql \
--name tech-blog-container mattrayner/lamp:latestIt is a common practice that not store data in containers. Thus, the CMD script in this image will create the corresponding folders. app will be your WordPress folder. mysql will store the persisted data of your database. You can also use docker Volumn and NFS from cloud providers to increase the availability and reliability of your data.
You will get a random password for the user admin. Modify it by phpmyadmin. Visit the site http://DOCKER_ADDRESS/phpmyadmin using the initial password and follow this post to modify password.
Create a WordPress Database
As we know, WordPress uses the relational database. We need to provide an accessible database and user. Use phpmyadmin to create a table and edit the privilege of the user admin to grant all operations.
Create a Fresh WordPress or Migrate from Old Sites
We have two choices here.
Create a Fresh WordPress
Download the compressed file. Unzip them into the app folder. Visit http://DOCKER_ADDRESS/. Then follow the instruction of WordPress to finish the installation.
Migrate from Old Sites
Use the great plugin Duplicator to firstly create a package and an installing script. Then copy these two files into app. Visit http://DOCKER_ADDRESS/installer.php and follow the instruction of duplication.
Install Certificates and Enable SSL
I have a previous post for CentOS and Apache 1. There are some changes on Ubuntu and Apache 2.
- Apply for an SSL certificate. I applied a free personal SSL certificate from Tencent Cloud.
- Download the certificate and sent it to the server; copy the certificates into the container;
- Attach to the container, enable SSL
a2enmod ssl; - Modify the default configuration (
/etc/apache2/sites-enabled/000-default.conf) and add the443virtual host (remove80only after443works); - Restart Apache2
service apache2 restart; - Finally use the handy plugin Really Simple SSL to enable encryption of your site.
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
SSLCertificateFile /path/to/2_www.domain-name.com.crt
SSLCertificateKeyFile /path/to/3_www.domain-name.com.key
SSLCertificateChainFile /path/to/1_root_bundle.crt
</VirtualHost>Secure DB Connection
If your database enables TLS/SSL, it is better to let the php MySQL client use TLS as well. This is done by modifying the wp-config.php.
# add this line in front of your db configurations
define('MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT);