How to run Wordpress behind a reverse nginx proxy with HTTPS and Docker

Basically what we follow is: this amazing tutorial with some additional steps outlined below. You can start by the steps below, I will tell you when to switch to the tutorial above.

Wordpress Duplicator

Steps to transfer your website:

1. Go to your old website that you want to transfer

2. Install plugin Wordpress Duplicator

   • Optional: deactivate and remove caching plugins

3. Go to Duplicator tab and create a new package:

   • accept conditions and run

4. Download the <...>package.zip and installer.php to your local machine

5. Transfer both <...>package.zip and installer.php to your new host website dir.

   • IMPORTANT: package.zip will have a long name with numbers and dates etc. Don't change the name of it. Otherwise it won't work

   • The new host's website dir, is the parent of your wordpress public dir / document root. The public dir does not exist yet, it will be created by docker-compose (internally by create-wordpress-app)

   • To send the files do (assuming you have setup public ssh key login):

     sftp -i .ssh/id_rsa <username>@<host_name_or_ip>
     # now you should be logged in, so at the "sftp>" prompt do
     cd <my/website/dir>
     put <drag the zip file from your machine to get the path and press enter>
     put <drag the installer.php and press enter>
     bye
     

6. Login to your new host:

   ssh -i .ssh/id_rsa <username>@<host_name_or_ip>
   

7. There are two ways here depending on whether you use gbili/dotfiles or not:

   • Without gbili/dotfiles:

     1. follow the steps outlined in the post from before.

     2. Remove everything in the <wordpress_public_dir> created by composer

     3. Place the package.zip and installer.php in the <wordpress_public_dir>, so these two files should be the only ones.

     4. Go to your browser and type <my_new_host_name>/installer.php and follow the steps there by providing the database connection info that you specified in the docker-compose.yml

     5. In the final step when they ask you to login in the admin area, you will likely not be able to, and get an error:

        ERR too many redirects
        

     6. IMPORTANT: if you end up in a redirect loop (and you did not use gbili/dotfiles), you will find the solution below ("the most important step").

   • Within new host after you have installed gbili/dotfiles and linked the properly as explained in the README.md or the /dofiles post follow the steps below

Using gbili/dotfiles

We are continuing from step 7 above. Make sure to have installed gbili/dotfiles and set it up properly so you can execute the scripts below.

WARNING: if you do the link-dotfiles step above, you will replace your .bashrc, .bash_aliases, .vimrc with gbili ones. The goal here is to run ./dotfiles/scripts/create-wordpress-app/ scripts, so you can simply cd there and call them with the .bash extension. I definitely need to separate both projects to avoid this inconvenience, sorry.

create-wordpress-app -r com_example -d example.com -p <mysql_wp_pass> -m <mysql_root_pass>
cwa-dup -r com_example

# now do the actual installation by going to example.com/installer.php
# follow the steps there, insert the data:
# db host: com_example_wp_db:3306
# db name: com_example_wp_db_name
# db user: com_example_wp_db_user
# db pass: <mysql_wp_pass>

# then prepare for HTTPS
cwa-dup-post -r com_example

The most important step (when you don't gbili/dotfiles)

When running the docker Wordpress container, here is the single most important step, especially when you are migrating an existing wordpress.

IMPORTANT: if you use gbili/dotfiles you did this step already when calling cwa-dup-post -r com_example, so you can skip the next step.

We got a redirection loop because we need to tell wordpress that it is behind a reverse proxy such as nginx providing tls / https / ssl

To do so, insert these lines in your wp-config.php:

// If we're behind a proxy server and using HTTPS, we need to alert WordPress of that fact$
// see also http://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy$
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
  $_SERVER['HTTPS'] = 'on';
}

Conclusion

The next step is to redirect www.example.com to example.com. This is achieved within the nginx conf files.

sudo vim /var/lib/docker/volumes/nginx-proxy_conf/_data/default.conf

We need to add an entry where it does a 301 redirection when the server_name www.example.com is requested. The problem is that we need to integrate it with our nginx docker image, otherwise every time we docker-compose up -d we will overwrite these 301 redirections. And you will need to run that for every new site, so they will get overwritten.