Bilal TAS

Team Leader, JavaScript Lover, WordPress Engineer

NGINX + Bedrock & Sage with Docker Compose

docker-compose.yml:

version: "3.8"

services:
    wordpress:
        container_name: ${PROJECT:-project}_wp
        image: ${PROJECT:-project}_wp:${IMAGE_TAG:-production}
        build: .
        restart: always
        working_dir: /project/web
        volumes:
            # - ./common/uploads/:/project/web/app/uploads/
            - ./common/db/:/project/common/db/
        networks:
            - backend
        env_file: .env
        security_opt:
            - no-new-privileges

    database:
        container_name: ${PROJECT:-project}_db
        platform: linux/x86_64
        image: mysql:5.7
        restart: always
        environment:
            MYSQL_DATABASE: ${DB_NAME:-database_name}
            MYSQL_USER: ${DB_USER:-database_user}
            MYSQL_PASSWORD: ${DB_PASSWORD:-database_password}
            MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-database_root_password}
        volumes:
            - database:/var/lib/mysql
        networks:
            - backend
        security_opt:
            - no-new-privileges

    # phpmyadmin:
    #     container_name: ${PROJECT:-project}_phpmyadmin
    #     image: phpmyadmin:5.1
    #     restart: unless-stopped
    #     ports:
    #         - 8082:80
    #     environment:
    #         PMA_HOST: ${DB_HOST:-database}
    #         PMA_USER: ${DB_USER:-database_user}
    #         PMA_PASSWORD: ${DB_PASSWORD:-database_password}
    #         MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-database_root_password}
    #         UPLOAD_LIMIT: 64M
    #     networks:
    #         - backend
    #     security_opt:
    #         - no-new-privileges

networks:
    backend: {}

volumes:
    database: {}Code language: YAML (yaml)

Dockerfile:

#
# PHP Dependencies
#
FROM composer:2.0 as builder

# Bedrock
COPY ./composer.json composer.json
COPY ./composer.lock composer.lock
COPY ./auth.json auth.json
RUN mkdir -p /app/web/app/mu-plugins
RUN composer install --no-dev

# Sage
RUN mkdir -p /app/theme
COPY ./web/app/themes/theme-name/ /app/theme
RUN composer install -d /app/theme/ --ignore-platform-reqs
RUN composer test -d /app/theme/


#
# Sage Node
#
FROM node:12-alpine as frontend

RUN mkdir -p /app/theme
COPY ./web/app/themes/theme-name/ /app/theme
WORKDIR /app/theme
RUN yarn install --ignore-optional --frozen-lockfile && yarn build:production
RUN yarn lint:js
RUN yarn lint:css


#
# Application
#
FROM wordpress:php7.4-fpm-alpine

# Install WPCLI
RUN curl -sS -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
	chmod +x /usr/local/bin/wp

# Install NGINX and MySQL Client(For WPCLI)
RUN apk update && apk add -f nginx mysql-client

# NGINX configurations
COPY ./config/nginx/ /etc/nginx/

# Validate NGINX configurations
RUN nginx -t

# Early create nginx.pid file to change its permission
RUN touch /var/run/nginx.pid

# Update NGINX temp folders permissions
RUN chown -R www-data:www-data /var/lib/nginx/ && \
	chown -R www-data:www-data /var/run/

# Forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log
RUN ln -sf /dev/stderr /var/log/nginx/error.log

# Source files
ADD ./common /project/common
ADD ./config /project/config
ADD ./web /project/web

# Bedrock built files
COPY --from=builder /app/vendor /project/vendor
COPY --from=builder /app/web/wp /project/web/wp
COPY --from=builder /app/web/app/plugins/ /project/web/app/plugins/
COPY --from=builder /app/web/app/mu-plugins/ /project/web/app/mu-plugins/

# Sage built files
COPY --from=builder /app/theme/vendor /project/web/app/themes/netsparker/vendor

# Sage built frontend files
COPY --from=frontend /app/theme/public /project/web/app/themes/netsparker/public

# Update the permissions
RUN chown -R www-data:www-data /project/ && \
    find /project/ -type f -exec chmod 644 {} \; && \
    find /project/ -type d -exec chmod 755 {} \;

# Project folder is working directory
WORKDIR /project

# Expose both secure & insecure
EXPOSE 80 443

# Run PHP + NGINX
CMD php-fpm | nginx -g 'daemon off;'

# Switch to 'www-data'
USER www-data
Code language: Dockerfile (dockerfile)

NGINX default.conf:

server {

    listen 80;
    listen [::]:80;
    listen 443 http2;
    listen [::]:443 http2;

    server_name _;


	client_body_timeout 3s;
	client_header_timeout 3s;


    root /project/web;
    index index.php index.htm index.html;


    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
       deny all;
    }

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    # Pass PHP scripts to FastCGI server
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass localhost:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTP_PROXY "";
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }

        fastcgi_buffer_size 128k;
        fastcgi_buffers 256 16k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }

}Code language: Nginx (nginx)

Posted

in

, , ,

by

Bilal TAŞ

Tags:

, , , ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.