chore: initialize dockerized wordpress stack

docker-compose.yaml

@@ -0,0 +1,99 @@
+services:
+  # MySQL Service
+  db:
+    image: mysql:latest
+    container_name: digitechflow_db
+    volumes:
+      - ./db_data:/var/lib/mysql
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
+      MYSQL_DATABASE: ${MYSQL_DATABASE}
+      MYSQL_USER: ${MYSQL_USER}
+      MYSQL_PASSWORD: ${MYSQL_PASSWORD}
+    networks:
+      - wordpress_network
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+
+  # WordPress PHP-FPM Service
+  wordpress:
+    depends_on:
+      db:
+        condition: service_healthy
+    image: wordpress:php8.3-fpm
+    container_name: digitechflow_wordpress
+    restart: unless-stopped
+    volumes:
+      - ./wordpress_data:/var/www/html
+      - ./wordpress.ini:/usr/local/etc/php/conf.d/wordpress.ini
+    expose:
+      - "9000"
+    environment:
+      WORDPRESS_DB_HOST: ${WORDPRESS_DB_HOST}
+      WORDPRESS_DB_USER: ${WORDPRESS_DB_USER}
+      WORDPRESS_DB_PASSWORD: ${WORDPRESS_DB_PASSWORD}
+      WORDPRESS_DB_NAME: ${WORDPRESS_DB_NAME}
+      WORDPRESS_REDIS_HOST: ${WORDPRESS_REDIS_HOST}
+    networks:
+      - wordpress_network
+    extra_hosts:
+      - "host.docker.internal:host-gateway" # For crowdsec plugin to connect to host crowdsec api
+# Nginx front-end for WordPress (Traefik faces this container)
+  wordpress_nginx:
+    depends_on:
+      wordpress:
+        condition: service_started
+    image: nginx:latest
+    container_name: digitechflow_nginx
+    restart: unless-stopped
+    volumes:
+      - ./wordpress_data:/var/www/html:ro
+      - ./config/nginx/default.conf:/etc/nginx/conf.d/default.conf:ro
+    networks:
+      - wordpress_network
+      - traefik_default
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.digitechflow.rule=Host(`digitechflow.com`)"
+      - "traefik.http.routers.digitechflow.entrypoints=websecure"
+      - "traefik.http.routers.digitechflow.middlewares=crowdsec@file,retry-fast@file"
+      - "traefik.http.routers.digitechflow.tls.certresolver=letsencrypt"
+      - "traefik.http.services.digitechflow.loadbalancer.server.port=80"
+      - "traefik.http.services.digitechflow.loadbalancer.serversTransport=fast-upstreams@file"
+      - "traefik.docker.network=traefik_default"
+  
+  redis:
+    image: valkey/valkey:latest
+    container_name: digitechflow_valkey
+    restart: unless-stopped
+    volumes:
+      - ./redis_data:/data
+      - ./config/redis.conf:/usr/local/etc/redis/redis.conf:ro
+    command: ["valkey-server", "/usr/local/etc/redis/redis.conf"]
+    networks:
+      - wordpress_network
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+# Volumes for persistent data
+volumes:
+  db_data:
+  wordpress_data:
+  redis_data:
+
+# Network for communication between services
+networks:
+  wordpress_network:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.21.0.0/16
+          gateway: 172.21.0.1
+  traefik_default:
+    external: true  # Assumes Traefik uses an existing network