wordpress in docker behind nginx reverse proxy

  • I have read the docu on how to setup SSl for wordpress, but thats not quite what I am looking for. I want my wordpress in docker behind a reverse-proxy doing the SSL part.

    My nginx reverse proxy config looks like this:

    server {
    listen 443 ssl;
    listen [::]:443;

ssl_certificate /etc/letsencrypt/live/bardhome.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/bardhome.de/privkey.pem; # managed by Certbot   
server_name wordpress.bardhome.de;

location / {
    proxy_read_timeout    90;
    proxy_connect_timeout 90;
    proxy_redirect        off;
    proxy_pass https://wordpress;
    proxy_set_header      X-Real-IP $remote_addr;
    proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header      Host $host;
}

    Here is my docker-compose.yml:

    version: '3.1'

services:

  wordpress:
    image: wordpress
    networks:
      - nextcloudpi
    restart: always
    ports:
      - 8085:80
    environment:
      WORDPRESS_DB_HOST: wordpress_db
      WORDPRESS_DB_USER: simon
      WORDPRESS_DB_PASSWORD: sergeserge1!
      WORDPRESS_DB_NAME: exampledb
    volumes:
      - wordpress:/var/www/html

  wordpress_db:
    image: mysql:5.7
    networks:
      - nextcloudpi
    restart: always
    environment:
      MYSQL_DATABASE: exampledb
      MYSQL_USER: simon
      MYSQL_PASSWORD: sergeserge1!
      MYSQL_RANDOM_ROOT_PASSWORD: 'sergeserge1!'
    volumes:
      - wordpress_db:/var/lib/mysql

volumes:
  wordpress:
  wordpress_db:

networks:
  nextcloudpi:
    external: true

    The reverse proxy is working great for the other docker container:

    CONTAINER ID   IMAGE                     COMMAND                  CREATED          STATUS             PORTS                                                                      NAMES
7cc2abe37481   wordpress                 "docker-entrypoint.s…"   43 seconds ago   Up 40 seconds      0.0.0.0:8085->80/tcp, :::8085->80/tcp                                      wordpress-wordpress-1
91ca037ede27   mysql:5.7                 "docker-entrypoint.s…"   43 seconds ago   Up 40 seconds      3306/tcp, 33060/tcp                                                        wordpress-wordpress_db-1
d29eca2946a0   ownyourbits/nextcloudpi   "/run-parts.sh 192.1…"   2 days ago       Up 21 hours        80/tcp, 443/tcp, 0.0.0.0:4443->4443/tcp, :::4443->4443/tcp                 nextcloudpi
dd0161282066   nginxdemos/nginx-hello    "/docker-entrypoint.…"   2 days ago       Up 21 hours        80/tcp, 0.0.0.0:8086->8080/tcp, :::8086->8080/tcp                          testserver
049356de6e39   phpmyadmin                "/docker-entrypoint.…"   4 weeks ago      Up About an hour   0.0.0.0:8084->80/tcp, :::8084->80/tcp                                      phpmyadmin
6e3d35114f20   nginx                     "/docker-entrypoint.…"   5 weeks ago      Up 6 minutes       0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   reverse-proxy

    This is p.ex. the config for the test server, you can try by yourself to reach: test.bardhome.de

    server {
		listen 443 ssl;
		listen [::]:443;
		#include snippets/self-signed.conf;
		#include snippets/ssl-params.conf;
		ssl_certificate /etc/letsencrypt/live/bardhome.de/fullchain.pem; # managed by Certbot
		ssl_certificate_key /etc/letsencrypt/live/bardhome.de/privkey.pem; # managed by Certbot   

		server_name test.bardhome.de;

			location / {
				proxy_read_timeout 1800;
				proxy_connect_timeout 1800;
				proxy_send_timeout 1800;
				send_timeout 1800;

				proxy_buffering                      off;
				proxy_set_header Host                $http_host;
#                       proxy_set_header X-Real-IP           $remote_addr;
#                       proxy_set_header X-Forwarded-For     $proxy_add_x_forwarded_for;
				proxy_set_header X-Forwarded-Proto   https;
#                       proxy_set_header Host $http_host;
			   client_max_body_size 25G;
			   proxy_pass https://testserver:8080/;
			}
			

	}

    What settings do I have to use in wordpress?

    • This topic was modified 2 years, 4 months ago by godlich.
    • This topic was modified 2 years, 4 months ago by godlich.
    • This topic was modified 2 years, 4 months ago by godlich.
Viewing 1 replies (of 1 total)

  • Hi @godlich! While researching your question I came across this article: Running WordPress Behind SSL and NGINX Reverse Proxy. In it they share a similar setup to yours. There are a few things they have defined in their nginx config that I notice are different from yours:

    1. ssl on – it appears that this was made obselete with the ssl parameter of the “listen” directive. You have that parameter defined already so that should be good!
    2. proxy_set_header X-Forwarded-Proto $scheme; – I noticed that this is missing from the location declaration within the first nginx config in your post (although it does appear to be present in your test.bardhome.de example later in the post). Do you mind trying to add that to the configuration and see if that resolves your issue? According to the post, that appears to be what wp-config.php is looking for when setting HTTPS link referencing:

    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
  $_SERVER['HTTPS'] = 'on';
}

    Hopefully that second point addresses your issue, but if not please let us know!

Viewing 1 replies (of 1 total)
  • The topic ‘wordpress in docker behind nginx reverse proxy’ is closed to new replies.