search

linuxserver / docker-letsencrypt

DEPRECATED: Please use linuxserver/swag instead
GNU General Public License v3.0
720 stars 172 forks source link

PHP Support for wordpress #32

Closed Markyb0y closed 7 years ago

Markyb0y commented 7 years ago

I see that certain PHP files have been added to this docker to support certain things however I dont appear to be able to run Wordpress from this docker, is more PHP required?

I have the reverse proxy working great, would just like to run wordpress from the same docker

thanks

CHBMB commented 7 years ago

@Markyb0y we're in the middle of rebasing this to Alpine 3.5 and PHP 7, and I'm running Wordpress on the test version, so should come to you downstream soonish.

jneljeff commented 7 years ago

Is this also why I get a 502 Bad Gateway error when I try to run PlexAuth within this container? Everything I've read directs me to verify php5-fpm is set to listen to 127.0.0.1:9000 but /etc/php5/fpm/pool.d/www.conf does not exist (same is true in php7).

aptalca commented 7 years ago

/etc/php7/php-fpm.d/www.conf

aptalca commented 7 years ago

Is http://127.0.0.1:8322 a different container? If so, the php requests should be handled in that container and not this one.

You also need more php proxy statements for wordpress.

See here for example: https://blog.chmouel.com/2016/09/22/the-trick-to-get-your-wordpress-behind-a-reverse-proxy/

NathanTheGr8 commented 7 years ago

Hi am having trouble with php-fpm with a 2 WordPress sites on secondary domains. Their configs look like

`server { listen 443 ssl http2; listen [::]:443 ssl http2; listen 80; listen [::]:80;

root /config/www;
index index.html index.htm index.php;

server_name nathandavis.io;

location ~ \.php$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    # With php7-cgi alone:
    fastcgi_pass 127.0.0.1:9000;
    # With php7-fpm:
    #fastcgi_pass unix:/var/run/php7-fpm.sock;
    fastcgi_index index.php;
    include /etc/nginx/fastcgi_params;
}

ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;

location / {
    proxy_pass        http://192.168.1.5:8322; #switched from 127.0.0.1
    include /config/nginx/proxy.conf;
    proxy_redirect http:// https://;
}`

The ssl cert works :) but I get the 502 bad gateway. I am assuming I am not forwarding this php-fpm thing correctly.

edit I realized I was redirecting to local host so I switched it to the docker hosts ip. Now I get a time out for too many redirects

aptalca commented 7 years ago

I don't think you're using the proxy_redirect correctly. If your intention is to redirect http users to https, create two server blocks in the letsencrypt site config (just like the default one), where you have a server block listening on port 80 and all it does is to redirect to https. Then you have your main server block listening on port 443 and it only deals with https.

Then your / location would proxy the other container through http.

The end users will be connected through https. The proxy connection from letsencrypt to the other container will be through http, but it's ok since it's a local connection. Then you need to add the parameter listed in the site I linked to earlier to your wp config, so that wordpress serves https content through the http proxy connection

NathanTheGr8 commented 7 years ago

@aptalca Thank you for your help. The setup I have is the lets encrypt-docker container as the main web server. The default url is mydomain.com. I then have two other secondary domains nathandavis.io and otherdomain.com. The two secondary domains are in WordPress docker containers. The primary domain is a static php site.

I don't think you're using the proxy_redirect correctly. I removed proxy_redirect http:// https://; and just used the block at the top of the default conf

server { listen 80; server_name _; return 301 https://$host$request_uri; }

The server block I posted above was just for my one of the secondary domains.

I am gonna try and edit the wp-config.php of the containers. I don't think that file is exposed by default so I will have to map it to a volume.

aptalca commented 7 years ago

Just so you know, wordpress works well inside the letsencrypt container. You can just create folders /config/wp1 and /config/wp2, drop the wordpress install files in those folders and create server blocks for each url with their root set to their respective folders.

Then all you do is run the install script for each at http://example.com/wp-admin/install.php

That way, you won't have to proxy anything