Deploying WordPress with Docker Compose and Nginx Reverse Proxy
Utilizing Docker containerization is one of the most efficient methods for installing and managing a WordPress website. Docker acts as a powerful platform designed to package and run software components within isolated environments called containers. In this instructional guide, we will step through the process of deploying a full WordPress stack inside separate Docker containers and securing the infrastructure for production use.
Why Choose Docker for WordPress Deployments?
The primary advantage of this approach centers around operational simplicity. Managing your site becomes significantly cleaner, alongside several key technical benefits:
- Streamlined Management: Initial installations, completely removing instances, starting, stopping, and auditing live system logs can be executed with single-line terminal statements.
- Enhanced Infrastructure Security: Because each software element runs within an isolated container environment, cross-contaminations are prevented. If one container faces an issue, the breakdown remains contained without affecting the host environment.
- Effortless Version Controls: Upgrading or rolling back system image tags to previous stable versions is fast and minimizes downtime risk.
"WordPress is a completely free, open-source content management system (CMS) and blogging infrastructure running on top of PHP and MySQL database processes. Its widespread utility is driven by an extensive modular plugin architectural style and a customizable template system."
— Verified via DockerHub WordPress Official Distribution
System Prerequisites Before Initialization
Before launching the environment scripts, ensure that your Virtual Private Server (VPS) matches the resource allocation thresholds required for stable operational container orchestration.
Recommended Server Specification
- Processor Allocation: 1 vCPU Core
- Memory Allocation: 1 GB RAM
- Storage Volume: 10 GB Available Disk Space
- Network Port Allowances: 80, 8080, and 443
- Supported Base OS: Ubuntu 22.04 LTS or Ubuntu 24.04 LTS
Alternative Setup Guide: Deploying WordPress on Ubuntu 24.04 Powered Natively by Nginx.
High-Level Deployment Workflow
This tutorial breaks down the system provisioning process into the following logical steps:
- Deploying the Docker runtime engine onto the host machine.
- Engineering configuration environments for
docker-compose.yml,nginx.conf, andphp.ini. - Initializing the backend container ecosystem.
- Configuring network DNS record mapping.
- Structuring a host-level Nginx reverse proxy service.
- Requesting and enforcing cryptographic SSL certificates.
- Completing the primary web browser initialization setup.
Step 1: Installing the Docker Engine Platform
Because the web stack operates entirely inside a containerized structure, the core Docker engine environment must reside on the host system. Skip this step if your terminal environment already identifies the system engine variables.
sudo apt-get update && \
sudo apt-get install -y ca-certificates curl && \
sudo install -m 0755 -d /etc/apt/keyrings && \
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc && \
sudo chmod a+r /etc/apt/keyrings/docker.asc
Inject the official stable distribution storage repositories into your local APT software resource directory indexes:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null && \
sudo apt-get update
Execute the core installation block to provision the stable system packages alongside the compose orchestration utilities:
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Validate that the binaries are responding properly by confirming the installation version:
docker --version
Step 2: Constructing Orchestration and Configuration Files
To declare our runtime multi-container app infrastructure smoothly, we will deploy a docker-compose.yaml stack manifest coupled with an internal nginx.conf rules web block and a customized php.ini environment file. Follow the commands below to construct these structural elements.
1. Creating the Targeted Project Working Path
Generate a separate root environment path to house your container configurations and data persistence links, then change directories into that space:
cd ~
mkdir wordpress-docker
cd wordpress-docker
2. Assembling the Main Docker Compose Specification File
Initialize a new stack configuration document. This manifests our internal requirements for independent database layers (MariaDB), runtime app blocks (WordPress FPM), and the internal Nginx routing engine:
nano docker-compose.yaml
Inject the structural ecosystem declarations below into the text editor:
version: "3.8"
services:
db:
container_name: wordpress_db
image: mariadb:latest
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: wordpress_pasdw
MYSQL_DATABASE: wordpress_db
MYSQL_USER: wordpressuser
MYSQL_PASSWORD: your_password
networks:
- network
wordpress:
depends_on:
- db
container_name: wordpress_app
image: wordpress:fpm
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpressuser
WORDPRESS_DB_PASSWORD: your_password
WORDPRESS_DB_NAME: wordpress_db
volumes:
- wp_data:/var/www/html
- ./php.ini:/usr/local/etc/php/conf.d/custom.ini
networks:
- network
nginx:
container_name: wordpress_webserver
image: nginx:latest
restart: always
ports:
- "8080:80"
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf
- wp_data:/var/www/html
depends_on:
- wordpress
networks:
- network
volumes:
db_data:
wp_data:
networks:
network:
3. Compiling the Internal Nginx Server Blocks Path Rules
The internal nginx.conf layout delegates server file queries down into the running PHP-FPM process tracking channel. Open the workspace configuration file:
nano nginx.conf
Populate the config document with the following processing parameters:
server {
listen 80;
server_name _;
root /var/www/html;
index index.php index.html;
client_max_body_size 5M;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location ~ /\. {
deny all;
}
location ~ ~$ {
deny all;
}
location ~ \.user\.ini$ {
deny all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}4. Constructing Custom PHP Performance Properties
To avoid processing limits when handling media files or loading plugins, initialize a local php.ini script file:
nano php.ini
Input these baseline performance configuration parameters to step up execution resource ceilings:
upload_max_filesize = 64M
post_max_size = 64M
memory_limit = 128M
Step 3: Initializing the Environment Containers Stack
With all configuration files properly mapped out in the workspace, trigger the runtime compilation layer background processes using the orchestration binary:
docker compose up -d
This action forces Docker to declare independent persistence volumes, map network pipelines, pull missing component images from the server registry, and bind active container processes seamlessly.
Step 4: Executing Initial Web Browser Validations
To verify the baseline app functions before moving to custom naming layers, test connectivity by directing a local web browser interface to your physical hardware's IP address mapped across the non-standard port configuration block (e.g., http://[YOUR_PUBLIC_VPS_IP]:8080).
Step 5: Mapping Infrastructure to Your Live Domain Name
To transform the environment layout into a production infrastructure accessible to public traffic, point your target root domain name or subdomain to your server's infrastructure. Ensure you construct a standard DNS A Record mapping within your management dashboard, pointing directly to your VPS public network address.
Configuring the Host Nginx Reverse Proxy Server
Because your public domain queries route through standard port 80, we will establish an edge proxy routing system on the main host server. This transparently handles and shifts incoming site queries back down to your hidden internal Docker container port 8080.
Install the system-level web platform engine, clean up any default configurations, and create an isolated site block file:
sudo apt install nginx -y
sudo rm -rf /etc/nginx/sites-enabled/default
sudo nano /etc/nginx/conf.d/wordpress.conf
Input the following configuration guidelines, making sure to replace YourDomainName.com with your live web domain name:
server {
listen 80;
server_name YourDomainName.com;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}Verify that your structural adjustments do not contain typos, then refresh the system-level daemon parameters:
sudo nginx -t
sudo systemctl restart nginx
Requesting and Enforcing Let's Encrypt SSL Security
To encrypt data transmissions, install the core automation scripts provided by the Certbot client library tool alongside its native Nginx configuration modules:
sudo apt install -y certbot python3-certbot-nginx
Trigger the interactive automatic validation request to obtain your free security keys and inject HTTPS traffic rule parameters:
sudo certbot --nginx --agree-tos --redirect --email admin@yourdomain.com -d YourDomainName.com
Ensure that the terminal logs confirm successful certificate deployment before proceeding.
Your self-hosted containerized workspace is now running securely under an updated TLS/HTTPS certificate wrapper. Reload your domain portal in any browser to finish the canonical WordPress core database configuration wizard steps safely.