I have trouble for quite a while now to get my docker setup running to run a wordpress blog on nginx.
I have reinstalled the droplet on digitalocean and set up the server from scratch, but I don't see any obvious mistake in my configuration. The wordpress installation page does not load when calling the website. The domain points to the correct IP
I checked the complete path: when I enter retronexus.net/wp-admin/index.php it does work, but not when I just enter the domain itself.
The docker-compose file I created:
version : '3'
services:
db:
image: mysql:8.0
container_name: wordpress_db
restart: unless-stopped
env_file: .env
environment:
- MYSQL_DATABASE=wordpress
volumes:
- rn_dbdata:/var/lib/mysql
command: '--default-authentication-plugin=mysql_native_password'
# command: mysqld --initialize-insecure --user=mysql
networks:
- rn-network
wordpress:
depends_on:
- db
image: wordpress:6.6.2-fpm-alpine
container_name: wordpress
restart: unless-stopped
env_file: .env
environment:
- WORDPRESS_DB_HOST=db:3306
- WORDPRESS_DB_USER=$MYSQL_USER
- WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
- WORDPRESS_DB_NAME=wordpress
volumes:
- rn_wordpress:/var/www/html
networks:
- rn-network
webserver:
depends_on:
- wordpress
image: nginx:1.27.2-alpine
container_name: webserver
restart: unless-stopped
ports:
- "80:80"
volumes:
- rn_wordpress:/var/www/html
- ./nginx-conf:/etc/nginx/conf.d
- certbot-etc:/etc/letsencrypt
networks:
- rn-network
certbot:
depends_on:
- webserver
image: certbot/certbot
container_name: certbot
volumes:
- certbot-etc:/etc/letsencrypt
- rn_wordpress:/var/www/html
command: certonly --webroot --webroot-path=/var/www/html --email EMAIL --agree-tos --no-eff-email --staging -d retronexus.net -d www.retronexus.net
volumes:
certbot-etc:
rn_wordpress:
rn_dbdata:
networks:
rn-network:
driver: bridge
the nginx.conf
# Default server block to handle all unspecified domains and specify it as default. This block returns an 404 error or redirect to different page.
server {
listen 80;
listen [::]:80 default_server;
server_name _;
return 404;
}
server {
# listen on specified ports
listen 80;
listen [::]:80;
# define server names.
server_name www.retronexus.net retronexus.net
# defines the files that will be used as indexes when processing requests to the server.
index index.php index.html index.htm;
# root directory for requests to the server. the directory also is created as a mount point at build time for docker
root /var/www/html;
# Handle requests to the well-known dir, where certbot will place a temp file to validate that the DNS for the domain resolves to the server.
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
# try_files is used to check for files that match individual URI requests. Instead of 404 status as default, control is passed to wordpress index.php file with request arguments
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
# Handles PHP processing and proxy these requests to the wordpress container. as the wordpress container will be based on php fpm image, also uncluding config options for FastCGI.
# NGINX requires an independent PHP processor for PHP requests. In this case, these requests will be handled by the PHP-fprm processor thats included with the wordpress image.
# FastCGI specific directives, vars and options that will proxy requests to the wordpress app running on the wordpress container, set preferred index for the parsed URI and parse URI requests.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
# Handle htaccess files since nginx won't serve them. deny-all ensures that htaccess files will never be served to users.
location ~ /\.ht {
deny all;
}
# ensure that requests to favicon will not be logged
location = /favicon.ico {
log_not_found off; access_log off;
}
# ensure that requests to robots will not be logged
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
# turns off logging for static asset requets and and ensures assets being cacheable
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
I did set up everything from scratch on digital ocean but i still don't get access to the website and it returns a 403 error.
I believe ./nginx-conf should be a directory containing nginx.conf file, not a file itself. You may try to comment out the - ./nginx-conf:/etc/nginx/conf.d line to see if you can then reach the default nginx home page. If yes, then that's the root cause.
Please also check the docker logs, for example with docker-compose logs command to get more info.