Can I install mutable Wordpress in NixOS?

henrycrutcher · December 29, 2023, 4:26pm

I want to have a Wordpress installation under NixOS, with the ability to add and remove plugins, and themes, and upgrade wordpress, through the Wordpress admin interface. Is that possible under NixOS?

aanderse · December 29, 2023, 8:20pm

yes. pretty similar to any other linux distro.

create a dedicated user and group for your web application, something like www-wordpress:

  users.users.www-wordpress= {
    isNormalUser = true;
    group = "www-wordpress";
    packages = with pkgs; [
      git # maybe you want or need this
      php82 # specify whatever version you want
      php82.packages.composer
    ];
  };

  users.groups.www-wordpress = { };

create a folder to host the wordpress code, like /srv/www/wordpress//var/www/wordpress/whatever, set the ownership to the user/group you created, permissions of 0755 would be a good choice as we will want our web server to have read access into this folder
create a php-fpm engine to run the wordpress code:

  services.phpfpm.pools.wordpress = {
    phpPackage = pkgs.php82;
    user = "www-wordpress";
    group = "www-wordpress";
    settings = {
      "listen.owner" = config.services.caddy.user; # or nginx, httpd, etc...
      "listen.group" = config.services.caddy.group;
      "pm" = "dynamic"; # tweak the below options as needed, though the can be a decent start depending on your work load
      "pm.max_children" = 16;
      "pm.start_servers" = 4;
      "pm.min_spare_servers" = 2;
      "pm.max_spare_servers" = 4;
      "pm.max_requests" = 2000;
    };
  };

install a database, like mariadb, and create a database that your www-wordpress user has appropriate permissions on (wordpress documentation can explain exactly what permissions are required):

  services.mysql.enable = true;
  services.mysql.package = pkgs.mariadb;
  services.mysql.ensureDatabases = [ "wordpress" ];
  services.mysql.ensureUsers = [
    { name = "www-wordpress";
      ensurePermissions = {
        # whatever wordpress requires you can put here
      };
    }
  ];

from here you will have to configure your web server according to which one you choose… i believe wordpress has an explanation for each of the major web servers. you can take advantage of our security.acme module to get yourself a free SSL certificate while you’re at it

sure, there are a few steps involved, but no more than on a regular linux distribution and you’ll at least have a decent record of what you mostly did to get the site up and running should you ever want to do it again

if there are any parts here that aren’t clear and/or you want some additional help please don’t hesitate to ask