services: bunkerweb: image: bunkerity/bunkerweb:1.6.5-rc4 container_name: bunkerweb ports: - "80:8080/tcp" - "443:8443/tcp" - "443:8443/udp" # for QUIC environment: API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24" restart: "unless-stopped" networks: - bw-universe - bw-services bw-scheduler: image: bunkerity/bunkerweb-scheduler:1.6.5-rc4 container_name: bw-scheduler depends_on: - bunkerweb volumes: - bw-storage:/data environment: BUNKERWEB_INSTANCES: "bunkerweb" SERVER_NAME: "www.example.com" # replace with your domain API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24" AUTO_LETS_ENCRYPT: "yes" DISABLE_DEFAULT_SERVER: "yes" MAX_CLIENT_SIZE: "50m" USE_CLIENT_CACHE: "yes" USE_GZIP: "yes" USE_REVERSE_PROXY: "yes" REVERSE_PROXY_URL: "/" REVERSE_PROXY_HOST: "http://mywp" MODSECURITY_CRS_PLUGINS: "wordpress-rule-exclusions" # This is a CRS plugin specific to WordPress restart: "unless-stopped" networks: - bw-universe mywp: image: wordpress:6-apache volumes: - wp-data:/var/www/html environment: WORDPRESS_DB_HOST: "mydb" WORDPRESS_DB_NAME: "wp" WORDPRESS_DB_USER: "user" WORDPRESS_DB_PASSWORD: "db-user-pwd" # set a stronger password in a .env file (must match MYSQL_PASSWORD) WORDPRESS_TABLE_PREFIX: "prefix_" # best practice : replace with a random prefix networks: - bw-services mydb: image: mariadb:11 volumes: - db-data:/var/lib/mysql environment: MYSQL_ROOT_PASSWORD: "db-root-pwd" # replace with a stronger password MYSQL_DATABASE: "wp" MYSQL_USER: "user" MYSQL_PASSWORD: "db-user-pwd" # replace with a stronger password (must match WORDPRESS_DB_PASSWORD) networks: - bw-services volumes: bw-storage: wp-data: db-data: networks: bw-universe: name: bw-universe ipam: driver: default config: - subnet: 10.20.30.0/24 bw-services: name: bw-services