Skip to content

Deployment Overview of WordPress on Server

Prerequisites and Basic Requirements

The deployment requires a Linux server with the following specifications: - Root privileges are required to manage directories, permissions, and Docker services. - Docker and Docker Compose must be installed and running on the host system. - A valid domain name configured to point to the server's IP address (e.g., wp{server_id}.hostkey.in). - Network ports 80 and 443 must be open for HTTP and HTTPS traffic. - Port 9000 is used internally for the PHP-FPM service, bound to 127.0.0.1.

File and Directory Structure

The application utilizes the following directory structure on the host server: - /root/wordpress/: Contains the compose.yml file used to orchestrate the Docker containers. - /data/: The root directory for persistent data storage. - /data/nginx/: Stores Nginx environment variables and configuration files. - /data/nginx/user_conf.d/: Contains the specific Nginx server block configurations. - /data/wordpress/: The mounted volume where WordPress files and content are stored. - /etc/letsencrypt/: The location where SSL certificates are stored by the Nginx container.

Docker Containers and Their Deployment

The application is deployed using Docker Compose with three primary services defined in /root/wordpress/compose.yml:

  1. MariaDB:

    • Image: docker.io/bitnami/mariadb:latest
    • Purpose: Stores the WordPress database.
    • Data Persistence: Uses a named volume mariadb_data mounted to /bitnami/mariadb.
    • Environment Variables: Configured with MARIADB_USER, MARIADB_DATABASE, MARIADB_PASSWORD, and MARIADB_ROOT_PASSWORD.

  2. WordPress:

    • Image: docker.io/wordpress:php8.2-fpm
    • Purpose: Runs the PHP-FPM application server.
    • Port Mapping: Exposes port 9000 only on the localhost interface (127.0.0.1:9000:9000).
    • Data Persistence: Mounts the host directory /data/wordpress to /var/www/html inside the container.
    • Dependencies: Starts after the MariaDB service.
    • Environment Variables: Configured with database connection details including WORDPRESS_DB_HOST, WORDPRESS_DB_USER, WORDPRESS_DB_NAME, and passwords.

  3. Nginx:

    • Image: jonasal/nginx-certbot:latest
    • Purpose: Acts as the web server and reverse proxy, handling SSL termination and Let's Encrypt certificate management.
    • Network Mode: Runs in host network mode.
    • Dependencies: Starts after the WordPress service.
    • Environment Variables: Includes CERTBOT_EMAIL and loads additional settings from /data/nginx/nginx-certbot.env.
    • Volumes:
      • nginx_secrets mounted to /etc/letsencrypt for certificate storage.
      • /data/nginx/user_conf.d mounted to /etc/nginx/user_conf.d for custom configurations.
      • /data/wordpress mounted to /var/www/html to serve static and dynamic content.

Proxy Servers

The Nginx container serves as the reverse proxy and handles SSL/TLS encryption. The configuration is defined in /data/nginx/user_conf.d/wp{server_id}.hostkey.in.conf.

  • HTTP Server Block:

    • Listens on port 80.
    • Serves the domain wp{server_id}.hostkey.in.
    • Handles the ACME challenge for Let's Encrypt at /.well-known/acme-challenge/.
    • Routes all other requests to the PHP-FPM service via FastCGI.

  • HTTPS Server Block:

    • Listens on port 443 with SSL and HTTP/2 enabled.
    • Uses SSL certificates located at /etc/letsencrypt/live/wp{server_id}.hostkey.in/.
    • Routes requests to the PHP-FPM service running on 127.0.0.1:9000.
    • Configures fastcgi_pass and SCRIPT_FILENAME to process PHP scripts.

Databases

The database is managed by the Bitnami MariaDB container. - Connection Method: The WordPress container connects to the database using the internal Docker network service name mariadb. - Database Name: wordpress - Database User: wordpress - Storage: Data is persisted in the Docker volume mariadb_data. - Authentication: Passwords for the root user and the application user are set via environment variables in the compose.yml file.

Starting, Stopping, and Updating

The application lifecycle is managed through Docker Compose commands executed from the /root/wordpress directory.

  • Start the Application: 

    cd /root/wordpress
docker compose up -d

  • Stop the Application: 

    cd /root/wordpress
docker compose down

  • Update the Application: To update the application, pull the latest images and restart the containers: 

    cd /root/wordpress
docker compose pull
docker compose up -d

  • View Logs: 

    cd /root/wordpress
docker compose logs -f

Permission Settings

The host directories and files are configured with the following permissions: - /data, /data/nginx, /data/nginx/user_conf.d, and /root/wordpress are owned by root:root. - Directory permissions for /data, /data/nginx, /data/nginx/user_conf.d, and /root/wordpress are set to 0755. - The compose.yml file and Nginx configuration files are set to 0644. - The nginx-certbot.env file is set to 0644. - The user.conf template is set to 0640 during creation but the final rendered file follows the standard configuration permissions.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×