How to Set Up a WordPress Website on AWS EC2 Instance Using Docker
Deploying a WordPress website on AWS can be streamlined using Docker Compose, which simplifies the setup and management of the environment. In this guide, we’ll walk you through deploying a WordPress site on an EC2 instance using Docker Compose, configuring Nginx as a reverse proxy, and securing your site with Let’s Encrypt SSL certificates. Let’s get started!
Set Up Security Group
Go to the AWS Management Console, navigate to EC2, and create a new security group. Allow inbound traffic for:
- HTTP (port 80) from anywhere IPv4 and IPv6
- HTTPS (port 443) from anywhere IPv4 and IPv6
- SSH (port 22) for Instance Connect
Launch an EC2 Instance
In the EC2 Dashboard, launch a new instance.
- Select an Ubuntu 22.04 AMI (Amazon Machine Image).
- Choose an instance type (e.g., t2.micro for a free tier).
- Attach the security group created above.
- Ensure the instance is assigned a public IP address.
🌟 Master AWS Fundamentals! 🌟
Ready to dive into the world of cloud computing? Check out this comprehensive course on Coursera: AWS Fundamentals Specialization
This certification course covers everything you need to know about Amazon Web Services, from the basics to advanced concepts, making it perfect for both beginners and those looking to enhance their cloud skills. Enroll now and elevate your career with in-demand AWS expertise! 📚🚀
Install Docker
# Update existing list of packages: sudo apt update # Install a few prerequisite packages which let apt use packages over HTTPS: sudo apt install apt-transport-https ca-certificates curl software-properties-common # Add the GPG key for the official Docker repository to your system: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - # Add the Docker repository to APT sources: sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" # Ensure we will install from the Docker repo instead of the default Ubuntu repo: apt-cache policy docker-ce # Install docker sudo apt install docker-ce # Check docker is running sudo systemctl status docker # Run docker without sudo # Add ubuntu user to docker group sudo usermod -aG docker ubuntu # Apply new group membership sudo su - ubuntu # Confirm ubuntu user is now added to docker group groups
Install Nginx and Configure as Reverse Proxy
# Install Nginx sudo apt install nginx # Check Nginx status systemctl status nginx
Configure Nginx as reverse proxy:
# Create configuration file
sudo nano /etc/nginx/sites-available/my-blog.alexrusin.com
# Put the code below in configuration file
server {
listen 80;
listen [::]:80;
server_name my-blog.alexrusin.com;
location / {
proxy_pass http://127.0.0.1:8080;
include proxy_params;
}
}
# Proxy parameters are defined in the following file. You can take a look at them by running:
sudo nano /etc/nginx/proxy_params
# Enable this configuration file by creating a link from it to the sites-enabled directory sudo ln -s /etc/nginx/sites-available/my-blog.alexrusin.com /etc/nginx/sites-enabled/ # Check configuration sudo nginx -t # Restart Nginx sudo systemctl restart nginx
Create a Docker Compose File for WordPress and MySQL
Create directory and open compose.yaml file:
mkdir -p www/html/my-blog.alexrusin.com nano www/html/my-blog.alexrusin.com/compose.yaml
Put the content below in compose.yaml file:
services:
db:
# We use a mariadb image which supports both amd64 & arm64 architecture
# image: mariadb:10.6.4-focal
# If you really want to use MySQL, uncomment the following line
image: mysql:8.0.27
command: "--default-authentication-plugin=mysql_native_password"
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
- MYSQL_ROOT_PASSWORD=StrongPassword!
- MYSQL_DATABASE=wordpress
- MYSQL_USER=wpuser
- MYSQL_PASSWORD=StrongPassword!
expose:
- 3306
- 33060
ports:
- 33060:3306
wordpress:
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports:
- 8080:80
restart: always
environment:
- WORDPRESS_DB_HOST=db
- WORDPRESS_DB_USER=wpuser
- WORDPRESS_DB_PASSWORD=StrongPassword!
- WORDPRESS_DB_NAME=wordpress
volumes:
db_data:
wordpress_data:
Start docker compose:
cd www/html/blog.alexrusin.com docker compose up -d
Point Your Subdomain to the EC2 Instance’s Public IP Address (Go Daddy)
Log in to your GoDaddy account.
- Go to the DNS management section for your domain.
- Add an A record pointing to the EC2 instance’s public IP address.
Install Let’s Encrypt
# Use snap package to install Let's Encrypt. Ensure snapd core is up to date on Ubuntu sudo snap install core; sudo snap refresh core # Remove old installs of certbot if any sudo apt remove certbot # Install certbot package sudo snap install --classic certbot # Link the certbot command from the snap install directory to your path sudo ln -s /snap/bin/certbot /usr/bin/certbot # Obtain an SSL certificate sudo certbot --nginx -d my-blog.alexrusin.com
Let’s Encrypt certificates only last for 90 days, so it’s important to renew them regularly. This encourages users to set up automatic renewals. Luckily, the certbot package we installed handles this automatically by setting up a timer that runs twice a day. If a certificate is about to expire within 30 days, it will renew it automatically.
# Query the status of the timer sudo systemctl status snap.certbot.renew.service # Test the renewal process sudo certbot renew --dry-run
Test the Setup
- Visit
http://my-blog.yourdomain.comto ensure it redirects tohttps://my-blog.yourdomain.com. - Check that the WordPress site is loading properly with SSL enabled.
Conclusion
Deploying WordPress on an EC2 instance with Docker Compose, Nginx as a reverse proxy, and securing it with Let’s Encrypt is a robust approach to managing your web presence on AWS. By following these steps, you’ll have a scalable and secure WordPress site up and running in no time.
Resources
How To Install and Use Docker on Ubuntu 20.04
How To Configure Nginx as a Reverse Proxy on Ubuntu 22.04
