chore: initialize dockerized wordpress stack
This commit is contained in:
48
README.md
Normal file
48
README.md
Normal file
@@ -0,0 +1,48 @@
|
||||
# DigitechFlow WordPress Stack
|
||||
|
||||
This repository contains a hardened Docker Compose stack for the DigitechFlow WordPress deployment. It runs MySQL, WordPress (PHP-FPM), Nginx, and Valkey (Redis-compatible cache) with sensible defaults.
|
||||
|
||||
## Prerequisites
|
||||
- Docker Engine + Docker Compose V2
|
||||
- Traefik network (`traefik_default`) already present for routing/SSL
|
||||
- Host directories writable for `db_data/`, `wordpress_data/`, and `redis_data/`
|
||||
|
||||
## Getting Started
|
||||
1. Copy the environment template and fill in secrets:
|
||||
```bash
|
||||
cp .env.example .env
|
||||
# Edit .env to use strong unique values (DB creds, salts)
|
||||
```
|
||||
2. Bring up the stack:
|
||||
```bash
|
||||
docker compose up -d
|
||||
```
|
||||
3. Access WordPress via the configured Traefik domain (e.g., https://digitechflow.com).
|
||||
|
||||
## Services
|
||||
- **db**: `mysql:latest` with persistent volume `db_data/`.
|
||||
- **wordpress**: `wordpress:php8.3-fpm` serving PHP over FastCGI.
|
||||
- **wordpress_nginx**: `nginx:latest` front-end with custom config tuned for Traefik and FastCGI.
|
||||
- **redis**: `valkey/valkey:latest` for object caching with persistence and healthcheck.
|
||||
|
||||
## Configuration Highlights
|
||||
- Secrets and database settings sourced from `.env`; the template (`.env.example`) documents required keys.
|
||||
- `config/nginx/default.conf` contains gzip, caching, and FastCGI tuning. Adjust if you need custom routes.
|
||||
- `wordpress.ini` sets PHP limits and Opcache recommendations.
|
||||
- Local data directories (`db_data/`, `wordpress_data/`, `redis_data/`) plus `wp-config.php` are gitignored to prevent leaking content/secrets.
|
||||
|
||||
## Operations
|
||||
- Update images: `docker compose pull && docker compose up -d`.
|
||||
- View logs: `docker compose logs -f <service>`.
|
||||
- Run WordPress CLI tasks: `docker compose exec wordpress wp <command>` (install WP-CLI first if needed).
|
||||
|
||||
## Security Notes
|
||||
- Always use unique, strong passwords in `.env` and rotate them periodically.
|
||||
- Regenerate WordPress auth salts via https://api.wordpress.org/secret-key/1.1/salt/ and store them in `.env`.
|
||||
- Ensure Traefik enforces HTTPS and apply rate limiting/WAF middleware as needed.
|
||||
- Schedule backups (database dumps + `wordpress_data`) off-host; the stack does not include automated backups by default.
|
||||
|
||||
## Troubleshooting
|
||||
- Bad gateway from Nginx usually means PHP-FPM isn’t reachable; check `docker compose logs wordpress wordpress_nginx`.
|
||||
- If Compose warns about `version: '3'`, you can remove that line—it’s optional with Compose V2.
|
||||
- Ensure the Traefik network exists: `docker network ls | grep traefik_default`.
|
||||
Reference in New Issue
Block a user