In this article, I'll walk you through how to use docker to install wordpress and related applications in a linux environment. Eventually, you'll have a secure, HTTPS-enabled one. Don't hesitate, come along with me!
In the previous article, we mentioned how to use the ssh command to log in to the cloud server we applied for in AWS, and here is a brief review:
1.Set permissions for the key file, using the chmod command, followed by the storage path of the PEM private key file from AWS to the local one.
sudo chmod 600 /users/techins/downloads/aws-wp.pem
2.Load the private key file using the ssh-add command, which is a program for managing ssh private keys that allows users to remotely log in with their private keys by entering their passwords once after logging in.
ssh-add -k /users/techins/downloads/aws-wp.pem
If the private key file is successfully loaded, an identity added message will be returned.
Next, you can log in directly with the following command:
ssh [email protected] (replace with your own server IP).
When you use this command to log in to the machine for the first time, you will be prompted to enter yes.
After the server login is successful, we use the following commands to install docker and docker-compose, the instructions for these two tools have been introduced in the previous article, if you haven't read it, it is recommended to go back and read this article, which can help you better understand these two tools.
1) Install docker
Make sure the yum package is updated to the latest: sudo yum update
View all docker versions in the repository and select a specific version to install: yum list docker --showduplicates | sort -r
Install docker: sudo yum install -y docker
Start the docker service and join the boot autostart: sudo systemctl start docker, sudo systemctl enable docker
Verify whether the installation is successful: docker version or docker ps
2) Install docker-compose
Because docker-compose has some pre-dependencies, one way is to use the following command to install the dependencies step by step and then install docker-compose, and there is another way to install docker-compose installation package directly.
Installation method 1:
1.Install the additional dependency package sudo yum install epel-release
2.Install python-pipsudo yum install -y python-pip
3.Install docker-composesudo pip install docker-compose
4.Verify that docker-compose version is successfully installed
Installation method 2:
1.**Installation package.
sudo curl -l "" -o /usr/local/bin/docker-compose
2.Add permissions.
sudo chmod +*/usr/local/bin/docker-compose
3.Create soft links.
sudo in -s /us/local/bin/docker-compose /usr/bin/docker-compose
Next, we will use docker-compose to install a few applications, and before installing, we will briefly introduce the role of several software to help you understand the relationship between them.
wordpress: This is an open-source content management system based on PHP and MySQL, which allows you to easily create and manage various types of ** such as blogs, stores, news, education, etc. The WordPress image contains the core files and dependencies of WordPress, and you only need to configure the database and domain name to quickly launch a WordPress site.
mysql: This is a popular open-source relational database management system that stores and processes large amounts of data, supports multiple operating systems and programming languages, and provides high performance, scalability, and security. The MySQL image contains the MySQL server and client programs that you can use to create and manage the databases you need for your WordPress site.
ddns-go: This is a simple and easy-to-use DDNS tool, which can automatically obtain your public IPv4 or IPv6 address and resolve it to the corresponding domain name service. The ddns-go image supports multiple domain name service providers and interface network card commands to obtain IP addresses, as well as multi-level domain names and webhook notifications. You can use it to implement dynamic domain name resolution and expose your WordPress site to the public network.
nginx-proxy-manager: This is a handy tool for managing hosting, it allows you to easily create and manage the reverse of your web services, provides free SSL certificates, supports multi-user and access control. The nginx-proxy-manager image is based on nginx and nodeJS provides a beautiful and secure admin interface that you can use to configure your WordPress site's domain name, port, certificates, etc. (For the sake of reducing the text description, hereinafter referred to as npm).
Select or create a directory on the server and create a new docker-compose. directoryyml file:
1.Create a folder with any name, such as containermkdir container
2.Go to the folder cd container
3.Create the docker-compose configuration file sudo vi docker-composeyml
Copy the following to docker-composeyml configuration file:
version: '3.8'
The following is the configuration item npm: image:, which defines the service definition services: nginx-proxy-manager to be installed'jc21/nginx-proxy-manager:latest' restart: always ports: -'80:80' - '81:81' - '443:443'volumes: The following is the mapping configuration of the storage volume, the path before the colon is the path of the server, and the path after the colon is the path of the file inside the docker container - npm data: data - npm letsencrypt: etc letsencrypt wordpress config wordpress: image: wordpress restart: always ports: - 8080:80 environment: wordpress db host: mysql wordpress db user: username wordpress db password: password wordpress db name: wordpress volumes: - wordpress: var www html mysql: image: mysql:5.7 restart: always environment: mysql_database: wordpress mysql_user: username mysql_password: password mysql_random_root_password: '1'volumes: - mysql: var lib mysql ddns-go ddns-go: image: jeessy ddns-go restart: always ports: -9876:9876 volumes: - ddns-go: root
Use the docker-compose up -d command to create and start a docker container, which has the following functions:
It can be based on docker-composeYML file, automatically build or pull the required docker image, and then create and start the corresponding docker containers, as well as the networks and volumes between them.
d means that it can run docker containers in the background and will not occupy the logs of your terminal or output containers, allowing you to continue executing other commands or operations.
It can also detect your docker-composeIf there is a change in the service in the yml file, if there is a change, it will automatically stop and rebuild the relevant docker container to ensure the latest state of your application, and if you have some configuration that needs to be modified, or a new image is added, you can use this command to make the configuration take effect.
sudo docker-compose up -d
As shown in the figure below, the above 4 apps were successfully installed:
The reverse command of the docker-compose up command is docker-compose down, which lets you stop and delete your docker containers, as well as the networks and volumes between them. The docker-compose down command does the following:
It can be based on docker-composeYML file, automatic stop and deletion of created docker containers, as well as the network between them.
It frees up system resources, avoids occupying memory and ports, and avoids conflicts and errors.
It keeps your docker image file in case you use the docker-compose up -d command again next time to create and start your docker container.
After the above operation, we have successfully installed the relevant applications on the server, and then I will introduce the configuration of these applications in detail, after the following configuration, you can use the https protocol and your own domain name in the browser to access the ** we built on AWS!
Hosting your domain with Cloudflare means that you'll need to leave your domain's DNS resolution services to Cloudflare instead of using your original domain registrar or other DNS resolution services. DNS resolution service is a service that maps domain names and IP addresses to each other, which allows users to access your domain name without knowing your IP address. Hosting a domain name with Cloudflare is mainly to take advantage of a series of optimization and security protection features provided by Cloudflare, such as CDN acceleration, DDoS protection, SSL certificates, firewalls, edge computing, etc. These features can make yours faster, more stable, safer, and smarter, improving your performance and user experience. To host your domain to Cloudflare, you can follow these steps:
Sign up and log in to your Cloudflare account: You'll need to sign up for an account on Cloudflare's website, then log in to your account and go to your dashboard.
Add your domain: You'll need to click on the "Add Site" button on the dashboard and enter the domain you want to host, such as examplecom。
The first step, choose: you need to choose the cloudflare you want to use, depending on your needs and budget, you can choose free, professional, business, or enterprise, each with different features and**. You can see the comparison and details of each ** here.
Step 2: Check the DNS records: You'll need to check the DNS records of your domain as Cloudflare shows them to make sure they match your original DNS records, and if there are any errors or omissions, you'll need to manually add or modify them. You can also choose which DNS records need to use Cloudflare's services and which don't, just click on the cloud icon to toggle the status. In general, you need to use the DNS records of Cloudflare's service, and the cloud icon should be orange, otherwise it should be gray.
At the end of the scanning, the following interface appears, because we have not added DNS records before, so no valid records have been scanned, you can manually add the mapping relationship between the domain name and IP, or you can choose to continue, and then we will use the automatic reporting capability of ddns-go to achieve automatic creation of DNS records.
Step 3: Modify the name servers: After selecting **, you need to modify the name servers of your own domain name to point them to the name servers provided by Cloudflare. You can see on the dashboard that Cloudflare assigns you two nameservers, such as Deckerns.cloudflare.com and McKinleyns.cloudflare.com, you need to copy them down, then log in to your domain registrar's **, find the domain's management page, modify the domain's nameservers, replace them with the nameservers given to you by Cloudflare, and save the changes.
For example, my previous domain name was namecom**注册, I logged in to the background and modified the nameservers assigned to Cloudflare.
Wait for DNS to propagate: After modifying your name servers, wait for the DNS changes to propagate globally, a process that can take anywhere from a few minutes to a few hours, depending on the speed of your domain registrar and DNS resolution service.
Complete domain hosting: After waiting for the DNS propagation to be completed, you can go back to the Cloudflare control panel and click the "Recheck Name Servers" button, if you see a green tick, then the domain hosting has been completed, or you can also be patient with Cloudflare's activation email, and you can enjoy Cloudflare's services after the activation is completed.
After successful activation, you will receive an email from Cloudflare.
Use ddns-go to automatically obtain the public IPv4 or IPv6 address of the server and resolve it to the corresponding domain name service, because the IP address of the server is not fixed, and the IP address will change after we restart the instance.
We add an inbound rule on AWS, located in the "Security Group" page under "Network and Security", select the security group policy corresponding to the instance, and click "Edit Inbound Rule", the purpose here is to allow us to access the DDNS-GO configuration page through the public network.
Add a custom TCP rule to allow the public network to access the backend of ddns-go through a specified port, the port we configured in docker-compose is 9876, as shown in the following figure.
After the configuration is completed, we can access it through "http: public IP:port", if everything goes well, you can see the following interface. The tool supports multiple DNS service providers, here we choose Cloudflare, and you need to fill in the token information.
The token here is the API token created on the Cloudflare platform, and let's tell you how to create an API token.
First, go to the Cloudflare console, enter the domain console from the home page, and click "Get your API token" in the bottom right corner.
Name the token, select the permissions as shown in the figure, and then select the regional resources that the token has permission to operate.
Finally, click submit to get the API token, please keep it properly, this token will only appear once, if you lose the token in the future, you can also recreate a token according to the above operation.
Copy the token into the token input box of DDNS and continue to fill in the following information. In the IPv4 configuration item, fill in the domain name information you want to register to Cloudflare in the domains input box, and separate multiple domain names by line breaks.
For security reasons, remember to set the username and password of the DDNS-GO backend in other settings, otherwise other users can also directly access the DDNS-GO configuration interface. Or you can also delete the rule added above in the AWS inbound rules after the settings are completed, so that the public network cannot access the backend, and the next time you need to modify the DDNS configuration, you can add the inbound rules to access.
After the settings are completed, click the "s**e" button at the bottom of the page to save the configuration, and you can go to the Cloudflare backend to check whether the DNS record has taken effect. Click on the domain name from Cloudflare's personal homepage to enter the domain management page, and click DNS on the left to view.
If all goes well, you can see the records of the domain name and server IP configured in DDNS-GO.
Referring to the previous operation, we added an inbound rule to the AWS backend to allow us to access the configuration backend of npm through the public network.
After the rule is added, you can access it through http: public IP:port, if everything goes well, you can see the following interface, and the initial username of npm is admin@examplecom, the password is: changeme, after the first entry, you will be prompted to change the email and password, please change it to your own information.
After successful login, the interface is as follows, and the configuration items we commonly use are "hosts" and "SSL certificates", which are reverse ** configuration and SSL certificate management, respectively.
First of all, we need to apply for an SSL certificate, which is used to ensure that the data transmission on ** is encrypted, which is essential to protect the user's personal information and sensitive data.
Because our domain is already hosted on Cloudflare, we can use npm to automatically apply for a free SSL certificate for Cloudflare's platform. Go to the "SSL Certificates" page in the npm backend and click "Add SSL Certificate" to apply for a let's encrypt free SSL certificate.
You need to fill in the following information:
Domain name: You can enter a wildcard domain name, that is, "*".Your domain name", so that the new second-level domain name can use this SSL certificate.
Email: The email address registered on the Cloudflare platform.
use a DNS challenge: Select this option.
DNS provider: Select Cloudflare from the drop-down list
Credentials file content: Change the value after the DNS Cloudflare API token to the API token created on the Cloudflare platform, and the token creation method has just been described above.
After filling in the information, select "I agree to..."You can click "S**E" to submit, and if everything goes well, you can successfully apply for a free SSL certificate, which is valid for 3 months, and will be automatically renewed when NPM expires.
After the SSL certificate application is completed, we need to add a reverse rule and click "Proxy Hosts" under "hosts".
Select Add Proxy Host to add a rule.
First, fill in the domain name and host information, which can be filled in by referring to the figure below.
Then select the SSL certificate, select the wildcard domain name certificate you applied for, check the first three options below to force SSL access to enhance security, and finally click "S**E" to save this ** rule.
At this point, the main configuration process is over, and you can access "https: your domain name" in the browser, such as "If everything goes well, you can see the following interface, proving that there is no problem with the installation and configuration." Swipe down, select the Chinese language, and then fill in the relevant information according to the prompts, such as the name of **, which can be modified. Please remember your username and password, which will be used often when logging in to the WordPress backend.
If you are using Chrome browser, you can click on the icon in front of the address bar to view the information of the SSL certificate, and "the connection is secure" proves that our SSL certificate is no problem!
After the WordPress initialization is completed, you will enter the admin background, where you can manage your ** settings and content, and then please explore it to your heart's content!
By the way, one more point, remember to change the IP address to the domain name configuration in Settings - General.
That's the end of this long tutorial, I hope it will be helpful to you