First of all, I am noob in this stuff so do not be harsh. I would like to share my experience, because there are some pitfals in the process of deploying this stack and I spent a lot of hours tinkering with the caddyfile and docker-compose. I do not want others to tear their hair out when whey will try to accomplish this.
I am building this whole stuff on raspberry pi, so if you plan to do it on a different platform, you will have to use different containers.
Varnish is a caching service that creates static pages out of your dynamic site. The problem is it uses HTTP. So we need to configure it behind Caddy. So that Caddy could manage all the HTTPS stuff.
The scheme for connection would be:
Caddy:443 => Varnish:8090 => Caddy:8091 => Wordpress:9000
I assume you already have Docker and Docker-compose installed.
folder setup:
. Caddyfile
. .env
. docker-compose.yml
. php.ini
./caddy/Dockerfile
./varnish/default.vcl
docker-compose.yml:
version: '3.3'
services:
# Database
database:
image: linuxserver/mariadb
container_name: database
volumes:
- ./db:/config
restart: always
env_file:
- .env
environment:
- MYSQL_DATABASE=blog_wp
- MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
- MYSQL_USER=$MYSQL_USER
- MYSQL_PASSWORD=$MYSQL_PASSWORD
networks:
- blog-network
# Wordpress
wordpress:
depends_on:
- database
image: wordpress:php7.4-fpm-alpine
container_name: wordpress
restart: always
user: "root:root"
env_file:
- .env
environment:
- WORDPRESS_DB_HOST=database:3306
- WORDPRESS_DB_USER=$MYSQL_USER
- WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
- WORDPRESS_DB_NAME=blog_wp
volumes:
- ./php.ini:/usr/local/etc/php/conf.d/custom.ini
- ./wordpress:/var/www/html
networks:
- blog-network
# Webserver
caddy:
container_name: webserver
build:
context: caddy
restart: always
ports:
- 80:80
- 443:443
volumes:
- ./wordpress:/var/www/html
- ./caddy_data:/data
- ./Caddyfile:/etc/caddy/Caddyfile
networks:
- blog-network
varnish:
container_name: varnish
image: viktorli/varnish_for_rpi:latest
volumes:
- ./varnish/default.vcl:/etc/varnish/default.vcl
ports:
- 8090:8090
networks:
- blog-network
networks:
blog-network:
driver: bridge
Caddyfile:
{
email you@mail.com
}
example.com {
reverse_proxy varnish:8090 #IP of Docker host with Varnish LISTENING port
}
:8091 {
@cachedFiles {
path *.jpg *.jpeg *.png *.gif *.ico *.js *.css *.woff *.woff2 *.ttf
}
header @cachedFiles Cache-Control "public, max-age=604800, must-revalidate"
encode gzip
php_fastcgi wordpress:9000
file_server
}
default.vcl
#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and https://www.varnish-cache.org/trac/wiki/VCLExamples for more examples.
# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "caddy";
.port = "8091";
}
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
if (req.restarts == 0) {
if (req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.http.Authorization || req.method == "POST") {
return (pass);
}
if (req.url ~ "/feed") {
return (pass);
}
set req.http.cookie = regsuball(req.http.cookie, "wp-settings-\d+=[^;]+(; )?", "");
set req.http.cookie = regsuball(req.http.cookie, "wp-settings-time-\d+=[^;]+(; )?", "");
if (req.http.cookie == "") {
unset req.http.cookie;
}
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
}
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}
ABOUT THE SETUP
As suggested by:
I did reconfigured docker-compose.yml and Caddyfile accordingly.
Now it is working.