The problem
Build a complete production-style infrastructure entirely with containers — no managed services, no pre-built images for the core services. The challenge: every container must run a single PID 1 process, with TLS termination, persistent volumes, and a dedicated bridge network.
What I built
A 5-service Docker Compose stack:
- Nginx — TLS termination (TLS 1.2+ only), reverse proxy to WordPress
- WordPress + PHP-FPM — application container talking to MariaDB
- MariaDB — database with persistent volume
- Redis — object cache plugged into WordPress
- Static site — bonus container serving a personal landing page
Custom Dockerfiles built from scratch (Alpine / Debian base only), no wordpress:latest shortcuts. Self-signed certs generated at build time. Persistent data volumes mounted to host paths.
Architecture decisions
✏️ TODO:
- Why a custom bridge network instead of
hostmode- Init system trade-offs: tini vs. supervisord vs.
execpatterns- Volume strategy and how data survives container rebuilds
- Healthchecks and startup order with
depends_on+condition
What I'd do differently
✏️ TODO
Tech stack
Docker · Docker Compose · Nginx · MariaDB · WordPress · PHP-FPM · Redis · Alpine Linux