Update Nov 24, 2022
So, I have moved away from this approach at this time as I have found direct access to my ip and then using HAProxy in pfSense is much faster. See my article for more info on this option. Also, I will write and updated series starting with my servers and moving through the entire setup.
Original Is Below
Hello all, welcome to LXC containered WordPress running on my ProxMox server. So, this is probably the easiest setup I have had for self-hosted WordPress running behind my own ISP’s DHCP ip’s. Someday, I will shell out the money to get a static ip. Anyway, for now here is how to run a full WordPress behind a secure non static ip. Oh, yes I just got fiber in my neighborhood. So, that really made this all possible having 1GB/s symmetrical speeds really was the gamechanger for me to revisit this setup. Before, I just ran my WordPress on VPS’s. So, for blog on the cheap. Look into hosted WordPress and save yourself the bother. However, if learning is somthing you would like to do then read on…
So, how is this all setup? Well, for starters you need this configuration:
50,000 Foot View
- ProxMox – This acts as the hypervisor to run the containers
- TurnKey WordPress – This is the container running in ProxMox
- VPS server – Currently I am using crowncloud.net to host the VPS as I need a static ip and currently have a ip that would not handle mail traffic well as it is blacklisted. Why, well because I am using a normal ISP dhcp connection for my WAN side.
- OpnSense – This is my router running in ProxMox
- WireGuard – This creates a secure tunnel between my VPS and OpnSense
- Firewall – On both VPS and my opnsense router.
- HAProxy – This is installed on my VPS server and routes all traffic according to my needs.
- LetsEncrypt Certs – Currently, configured web based https via a nice little script that I am still working through based of info from wordpress-behind-haproxy-with-tls-termination on OXCRAG.NET
Get the entire config here on GitLab
Get HAProxy Acme Plugin here on GitHub