I use several Worpress instance on my TrueNAS scale. So far I’m using NPM (from TrueNAS) to reverse proxy to the different Wordpress. It’s working without any special configuration in Wordpress nor the environnement parameter in the Wordpress install setting on TrueNAS.
But now I want to use the real nginx, hosted on a separate machine (a VPS connected with Wireguard). I did it successfully with other apps like Nextcloud, Paperless or Jellyfin, but Wordpress refuse to work.
The existing wordpress instance is still running behind NPM with another domain.
The nginx on the VPS is working fine with another domain on the others app listed above, so it’s not a wireguard or DNS issues, the certbot did get the letsencrypt certification without issue.
I even try to change the site already in the WP setting, replace the NAS IP+WPport by the domain name, but it just block me to access the WP from local IP, so now I’m stuck outside of it.
Here is what I tried for my nginx configuration, I edited it based on what certbot prepared for me, like I did on the other domain for the other apps with success.
server {
root /var/www/domain.tld;
index index.php;
server_name domain.tld www.domain.tld;
location / {
proxy_pass http://nas_ip_in_wireguard_tunnel:port_of_wp_on_nas;
include proxy_params;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 128;
# proxy_set_header Host $http_host;
# proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
proxy_http_version 1.1;
try_files $uri $uri/ /index.php?$args ;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain.tld) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.tld) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain.tld www.domain.tld;
return 404; # managed by Certbot
}
What is super strange, is that if I test it, it fails to reach the wordpress page, but after the timeout, it rewrite the URL like https://domain.tld:port_of_wp_on_nas
It adds the port I specified in the nginx, proof that something is still happening.
Do you see anything strange in the nginx config? I try to comment or not the root /var/www/domain.tld part, but it should have no effect with the proxy_pass anyway.