I’ve installed a new instance of WordPress on TrueNas scale. The process of installing wordpress has been relatively painless. I have been able to use the admin console, edit the site, install plugins, and create a nice landing page, along with some blog content.
I had a previously purchased domain name via godaddy, and I’ve gotten my dns setup within godaddy to point to my WAN address, and verified this using dig.
Inside of PFsense, I’ve created a new certificate for the site using ACME, and I’ve created entries for frontend and backend using HAproxy, Applied the cert, and am using SSL offloading to keep the cert application simple.
With all of that being said, I can easily access wordpress from my lan using the server IP and Port, although when I attempt to access the site from the Domain URL, from either inside of or outside of LAN I get a 503, unfortunately with no other information.
I understand that this is likely a server side problem as it appears to be hitting my HAproxy instance without issue, I’m just not getting anything in response from the wordpress site.
Does anyone have suggestions or experience getting this working? (I have attempted to change site URL inside of wordpress, it did not work.)
There are a few places this can fall down, it kind of depends on your configuration. Easy stuff first: did you do the appropriate firewall rules to make ports 80 and 443 available on your WAN and forwarded to whatever IP is running HAProxy?
The next thing I’d do is check your HAProxy stats page and see if the backend is showing as UP. If not, try turning off health checks. If the site fails a health check HAProxy will just assume it doesn’t work.
After that, you’ll have to get a little more nuanced in looking at your config. @LTS_Tom has some great videos on this, so definitely watch through those and compare your own setup to his.
I’ve verified that the necessary PHP code is inserted and xforwardedfor is still not working for this site. Not really sure where to go from here. I’ve tried with a secondary domain using cloud flare tunnels that I also own and now am receiving a 502 error. I’m not really sure where to go from here aside form asking if anyone has any alternative options beyond WordPress to use for a basic webpage.
WordPress standalone isn’t really designed to be accessed in multiple ways: IP address(es), multiple domain names, etc. Also WordPress itself doesn’t care much if it’s behind a proxy. X-Forwarded-For is mainly used for logging purposes at Apache/Nginx level as well as if you have any security plugin that bans IP addresses so you don’t end up with your proxy being banned.
With that being said, here are a few options in wp-config.php that might help depending on your particular setup:
I strongly suggest you only access your WordPress instance using the public facing domain name, especially when doing any sort of content management, as the way you accessed it when uploading images, creating posts or pages, etc. is stored in several places in the database and depending on installed plugins can cause all sorts of issues, especially in a HTTPS environment.
I host a couple of wordpress sites here at home, and I make them public using Cloudflare tunnels. I appreciate the page caching and other speed enhancements that Cloudflare makes available to my sites. Two things that I have found is that, first if you are running wordpress in docker, the cloudflare connector needs to run on the same host, and needs to be on the same bridge network as the wordpress docker instance. Second, the wordpress URL and the site URL need to point to the domain you use for the front end of the wordpress tunnel (as DrHeat referred to above).
Thanks for the reply, I’ll continue to tinker with these settings, I have verified that the 3 settings in wp-config you’d mentioned above are set to the correct values using a secondary test instance of the wordpress container, although based on the response from Louie1961 it seems that it should just work using the cloudflare tunnels option, though it unfortunately is simply not lol
I’m running into the same issue with HAproxy as well.
I think my next course of action is going to be just setting up a standalone server/vm for WordPress as the native truenas container doesn’t seem to like me.
So I was able to resolve the issue, but you were correct on the Public facing domain issue.
I found that the config for HAproxy, and my wp-config were correct, although the site was broken/wouldn’t serve as I had previously logged in and setup the site using the direct IP address on the local network, and so none of the content would serve over the connection to the URL.
Thanks for the help on that.
The solution was to destroy the old instance, and start a fresh container, access, login, and setup via the URL rather than the IP and now everything is working!
@ppmcclappins I’m trying to setup a wordpress site too… have a question about a recommended way to organize folders and additional storage. I’m installing workdpress on TrueNAS Scale as well and have pointed the Wordpress storage to a apps-config dataset and the MariaDB and backup to a wordpress folder on my fileserver (figured this way I separate the site files from the app files unlinking upgrades problems etc). Should I mount additional storage? What should the mount path be for Wordpress? And what will it be used for? Is this where I download plugins and themes etc?
An even more basic question… I initially installed using ixVolume (Dataset created automatically by the system) for the Wordpress Data and MariaDB entries and I was able to start to work in Wordpress web Portal. But I deleted that and tried to install designating Host Paths… hoping to separate the config files from the data/content files making backup and upgrades easier. But when I separate these I can’t seem to access the webportal? Guess it’s a permission problem but the User - apps has Allow | Modify permission on the dataset where the Wordpress data and MariaDB files are.
trying to install WordPress on my TrueNAS Scale server which already hosts my file server. When installing I’m setting:
Wordpress Data Storage to a new Dataset (apps-configs/wordpress).
MariaDB and MariaDB backup I have mapped to my FileServer (fileserver/WordPress/MariaDB and fileserver/z-backups/Wordpress/MariaDB)
My thinking (which could be flawed is my backup processes that pickup folders from fileserver will naturally take care of the website… and wordpress update doesn’t touch those content/data folders). But I think I’m having issues with permissions and neither the Admin or Web Portal are working after install.
I’ve given the user apps Allow | Modify access.
Sorry I missed this, I haven’t been on the forum in a while.
I’ll have to dive into my configuration again as I haven’t really messed with it much since I got this fixed.
I will say that ultimately, I ended up using the IP and proxying it, when setting up wordpress I literally kept things as simple as I possibly could.
I deployed the container using default IXvolumes since it’s a basic personal site just for doing things like placing my resume, and project blogs, etc..
I ended up creating a cloudflare tunnel for access and using the internal http url and port for the url in the tunnel, setting the root of the domain as the url for the tunnel.
The most important thing that you need to remember if setting up a simple site like this is to access the site and set everything up from the external url initially, because of the way that PHP works, things can get really garbled if you access the site via the IP address and upload items and content. It’s like a relational DB and so when you upload an image for example at http:192.168.1.20 and then later try to access the site over example.domain you might notice that the image won’t load properly, and things will break.
As for the additional storage and other questions I honestly didn’t go that far with it as I’m not really a PHP wizard, sorry if I didn’t answer your question.
also see the above comment from DR HEAT, he’s saying the same thing as me just in a more nuanced way.
Basically as for your storage stuff, kind of on your own as I wasn’t interested in going that far with it, but for the access issue, need to ensure that you setup the container and the domain name/proxy for it at the same time, and then ONLY access and upload/administer the site using the domain name.
This has served me well for almost a full year at this point.