docker-compose.yml

version: '3.5'

services:

  php:
    image: easyengine/php:v4.0.0
    restart: always
    labels:
      - "io.easyengine.site=${VIRTUAL_HOST}"
    volumes:
      - "htdocs:/var/www"
      - "config_php:/usr/local/etc"
      - "log_php:/var/log/php"
    environment:
      - WORDPRESS_DB_HOST
      - WORDPRESS_DB_NAME
      - WORDPRESS_DB_USER
      - WORDPRESS_DB_PASSWORD
      - USER_ID
      - GROUP_ID
      - VIRTUAL_HOST
    external_links:
      - services_global-nginx-proxy_1:${VIRTUAL_HOST}
    networks:
      site-network:
        aliases:
          - ${VIRTUAL_HOST}_php
      global-backend-network:

  nginx:
    image: easyengine/nginx:v4.0.0
    depends_on:
      - php
    restart: always
    labels:
      - "io.easyengine.site=${VIRTUAL_HOST}"
    volumes:
      - "htdocs:/var/www"
      - "config_nginx:/usr/local/openresty/nginx/conf"
      - "log_nginx:/var/log/nginx"
    environment:
      - VIRTUAL_HOST
      - VIRTUAL_PATH=/
      - HSTS=off
    external_links:
      - services_global-nginx-proxy_1:${VIRTUAL_HOST}
    networks:
      global-frontend-network:
      site-network:

  mailhog:
    image: easyengine/mailhog:v4.0.0
    restart: always
    command: ["-invite-jim=false"]
    labels:
      - "io.easyengine.site=${VIRTUAL_HOST}"
    environment:
      - VIRTUAL_HOST
      - VIRTUAL_PATH=/ee-admin/mailhog/
      - VIRTUAL_PORT=8025
    external_links:
      - services_global-nginx-proxy_1:${VIRTUAL_HOST}
    networks:
      site-network:
      global-frontend-network:

  postfix:
    image: easyengine/postfix:v4.0.0
    hostname: ${VIRTUAL_HOST}
    restart: always
    labels:
      - "io.easyengine.site=${VIRTUAL_HOST}"
    volumes:
      - "/dev/log:/dev/log"
      - "data_postfix:/var/spool/postfix"
      - "ssl_postfix:/etc/ssl/postfix"
      - "config_postfix:/etc/postfix"
    external_links:
      - services_global-nginx-proxy_1:${VIRTUAL_HOST}
    networks:
      site-network:


volumes:
  htdocs:
    external:
      name: exoticospet_htdocs
  config_nginx:
    external:
      name: exoticospet_config_nginx
  config_php:
    external:
      name: exoticospet_config_php
  log_php:
    external:
      name: exoticospet_log_php
  log_nginx:
    external:
      name: exoticospet_log_nginx
  data_postfix:
    external:
      name: exoticospet_data_postfix
  ssl_postfix:
    external:
      name: exoticospet_ssl_postfix
  config_postfix:
    external:
      name: exoticospet_config_postfix

networks:
  site-network:
    name: ${VIRTUAL_HOST}
    labels:
     - "org.label-schema.vendor=EasyEngine"
     - "io.easyengine.site=${VIRTUAL_HOST}"
  global-frontend-network:
    external:
      name: ee-global-frontend-network
  global-backend-network:
    external:
      name: ee-global-backend-network

main.conf

# Add your custom config in custom/user.conf
# ALL CHANGES IN THIS FILE WILL BE LOST AFTER EasyEngine Update

upstream php {
	server exoticos.pet_php:9000;
}


server {
	access_log   /var/log/nginx/access.log;
	error_log    /var/log/nginx/error.log;

	root /var/www/htdocs;

	server_name exoticos.pet;

	index index.php index.html index.htm;



	# PHP NGINX CONFIGURATION
	location / {
		try_files $uri $uri/ /index.php?$args;
	}
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include fastcgi_params;
		fastcgi_pass php;
	}

	# WordPress COMMON SETTINGS
	# Limit access to avoid brute force attack
	location = /wp-login.php {
		limit_req zone=one burst=1 nodelay;
		include fastcgi_params;
		fastcgi_pass php;
	}
	# Disable wp-config.txt
	location = /wp-config.txt {
		deny all;
		access_log off;
		log_not_found off;
	}
	# Disallow php in upload folder
	location /wp-content/uploads/ {
		location ~ \.php$ {
			#Prevent Direct Access Of PHP Files From Web Browsers
			deny all;
		}
	}

	# NGINX CONFIGURATION FOR COMMON LOCATION
	# Basic locations files
	location = /favicon.ico {
		access_log off;
		log_not_found off;
		expires max;
	}

	location = /robots.txt {
	# Some WordPress plugin gererate robots.txt file
	# Refer #340 issue
		try_files $uri $uri/ /index.php?$args;
		access_log off;
		log_not_found off;
	}
	# Cache static files
	location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
		add_header "Access-Control-Allow-Origin" "*";
		access_log off;
		log_not_found off;
		expires max;
	}
	# Security settings for better privacy
	# Allow LetsEncrypt HTTP challenge URL
	location ^~ /.well-known/acme-challenge/ {
		auth_basic off;
		allow all;
		try_files $uri =404;
		break;
	}
	# Deny hidden files
	location ~ /\. {
		deny all;
		access_log off;
		log_not_found off;
	}

	# Deny backup extensions & log files
	location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
		deny all;
		access_log off;
		log_not_found off;
	}
	# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
	if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
		return 403;
	}
	# Status pages
	location = /ee-admin/nginx_status {
		stub_status on;
		access_log off;
	}
	location = /ee-admin/status {
		include fastcgi_params;
		fastcgi_pass php;
	}
	location = /ee-admin/ping {
		include fastcgi_params;
		fastcgi_pass php;
	}
	location ~*  \.(css|js)$ {
		expires 1d;
		add_header Cache-Control "public, must-revalidate";
	}


	client_max_body_size 100m;

	include /usr/local/openresty/nginx/conf/custom/*.conf;
}