Docker部署WordPress+Nginx开启HTTPS 踩坑总结

1、前提：
已部署mysql & db和账户都已设置好
nginx已安装，ssl证书也已申请下来

2、编写wordpress.yml

version: '3.1'
services:

  wordpress:
    image: wordpress:latest
    restart: always
    ports:
      - 8080:80 
    environment:
      WORDPRESS_DB_HOST: 1.1.1.1:10001
      WORDPRESS_DB_USER: user
      WORDPRESS_DB_PASSWORD: password
      WORDPRESS_DB_NAME: db_name
    volumes:
      - /data/wordpress:/var/www/html #/data/wordpress也可以改成你本地的自定义目录

volumes:
  wordpress:

3、拉取wordpress docker镜像 并使用docker-compose 启动容器
docker pull wordpress #拉镜像
docker-compose -f wordpress.yml up -d #起容器

4、进入wordpress配置用户并修改网站地址为个人域名

5、进入/data/wordpress 修改wp-config.php 以适配https

# 最后添加以下代码，目的是适配https 和ftp
define('FORCE_SSL_ADMIN', true);
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false){
    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
    $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}
define('WP_HOME','https://blog.moyiaomiao.com');
define('WP_SITEURL','https://blog.moyiaomiao.com');
define("FS_METHOD", "direct");
define("FS_CHMOD_DIR", 0777);
define("FS_CHMOD_FILE", 0777);

# 在 require_once ABSPATH . 'wp-settings.php';位置之上加如下代码，目的是解决 无法将上传的文件移动至wp-content/uploads/ 问题
define('CONCATENATE_SCRIPTS', false );

6、配置nginx的配置 nginx.conf

server {
                listen   80;
                server_name      blog.moyiaomiao.com;
                rewrite ^(.*) https://$host$1 permanent;
}

server {
                listen           443 ssl;

                server_name      blog.moyiaomiao.com;
                ssl_certificate       /path/cert.crt;
                ssl_certificate_key   /path/cert.key;
                ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
                ssl_ciphers           HIGH:!aNULL:!MD5;

                location / {
                         proxy_pass      http://1.1.1.1:8080; #这里配置的是 上面wordpress容器的ip地址+端口
                         proxy_redirect off;
                         proxy_set_header        Host $host;
                         proxy_set_header        X-Real-IP $remote_addr;
                         proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                         proxy_set_header        X-Forwarded-Host $server_name;
                         proxy_set_header        X-Forwarded-Proto https;
                         proxy_set_header        Upgrade $http_upgrade;
                         proxy_set_header        Connection "upgrade";
                         proxy_read_timeout 120;
                }
}

nginx -s reload 重启nginx

7、解决图片上传问题
上传图片显示：服务器无法处理图片。如果服务器繁忙或没有足够的资源来完成任务…
看nginx error日志如下
2023/01/02 17:42:33 [crit] 655#0: *12387 open() "/path/client_body_temp/0000000221" failed (13: Permission denied), client: 120.229.69.199, server: blog.moyiaomiao.com, request: "POST /wp-admin/async-upload.php HTTP/1.1", host: "blog.moyiaomiao.com", referrer: "https://blog.moyiaomiao.com/wp-admin/upload.php"

其实是nginx权限问题，配置nginx.conf 新增
user root;
然后reload

8、最后就可以访问了
http://blog.moyiaomiao.com

参考：
https://www.jianshu.com/p/22f1ceadf5bd