{"id":1546,"date":"2025-11-08T19:02:58","date_gmt":"2025-11-08T16:02:58","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/docker-ile-wordpressi-vpste-nasil-yasatiriz-nginx-mariadb-redis-ve-lets-encrypt-ile-kalici-depolama-macerasi\/"},"modified":"2025-11-08T19:02:58","modified_gmt":"2025-11-08T16:02:58","slug":"docker-ile-wordpressi-vpste-nasil-yasatiriz-nginx-mariadb-redis-ve-lets-encrypt-ile-kalici-depolama-macerasi","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/docker-ile-wordpressi-vpste-nasil-yasatiriz-nginx-mariadb-redis-ve-lets-encrypt-ile-kalici-depolama-macerasi\/","title":{"rendered":"Docker ile WordPress\u2019i VPS\u2019te Nas\u0131l Ya\u015fat\u0131r\u0131z? Nginx, MariaDB, Redis ve Let\u2019s Encrypt ile Kal\u0131c\u0131 Depolama Maceras\u0131"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Kisa_Bir_Hikaye_ve_Yol_Haritasi_Neden_Docker_Neden_Simdi\"><span class=\"toc_number toc_depth_1\">1<\/span> K\u0131sa Bir Hik\u00e2ye ve Yol Haritas\u0131: Neden Docker, Neden \u015eimdi?<\/a><\/li><li><a href=\"#Neyi_Nereye_Koyuyoruz_Kalici_Depolama_Mantigini_Kafada_Oturtmak\"><span class=\"toc_number toc_depth_1\">2<\/span> Neyi Nereye Koyuyoruz? Kal\u0131c\u0131 Depolama Mant\u0131\u011f\u0131n\u0131 Kafada Oturtmak<\/a><\/li><li><a href=\"#VPSi_Hazirlama_Kucuk_Ama_Etkili_Dokunuslar\"><span class=\"toc_number toc_depth_1\">3<\/span> VPS\u2019i Haz\u0131rlama: K\u00fc\u00e7\u00fck Ama Etkili Dokunu\u015flar<\/a><\/li><li><a href=\"#docker-compose_ile_Yigin_Nginx_WordPress_FPM_MariaDB_Redis\"><span class=\"toc_number toc_depth_1\">4<\/span> docker-compose ile Y\u0131\u011f\u0131n: Nginx + WordPress (FPM) + MariaDB + Redis<\/a><\/li><li><a href=\"#Nginx_Yapilandirmasi_PHP-FPM_ACME_Dogrulamasi_ve_Guvenli_Trafik\"><span class=\"toc_number toc_depth_1\">5<\/span> Nginx Yap\u0131land\u0131rmas\u0131: PHP-FPM, ACME Do\u011frulamas\u0131 ve G\u00fcvenli Trafik<\/a><ul><li><a href=\"#nginxnginxconf\"><span class=\"toc_number toc_depth_2\">5.1<\/span> nginx\/nginx.conf<\/a><\/li><li><a href=\"#nginxconfdsiteconf\"><span class=\"toc_number toc_depth_2\">5.2<\/span> nginx\/conf.d\/site.conf<\/a><\/li><\/ul><\/li><li><a href=\"#Lets_Encrypt_Sertifika_Alma_ve_Otomatik_Yenileme\"><span class=\"toc_number toc_depth_1\">6<\/span> Let\u2019s Encrypt: Sertifika Alma ve Otomatik Yenileme<\/a><\/li><li><a href=\"#WordPressin_Incelikleri_Redis_Eklentiler_ve_Medya\"><span class=\"toc_number toc_depth_1\">7<\/span> WordPress\u2019in \u0130ncelikleri: Redis, Eklentiler ve Medya<\/a><\/li><li><a href=\"#Gunluk_Hayat_Yedekleme_Guncelleme_Gozlem_ve_Sorun_Giderme\"><span class=\"toc_number toc_depth_1\">8<\/span> G\u00fcnl\u00fck Hayat: Yedekleme, G\u00fcncelleme, G\u00f6zlem ve Sorun Giderme<\/a><\/li><li><a href=\"#Kapanis_Kucuk_Adimlarla_Saglam_Bir_Yapi\"><span class=\"toc_number toc_depth_1\">9<\/span> Kapan\u0131\u015f: K\u00fc\u00e7\u00fck Ad\u0131mlarla Sa\u011flam Bir Yap\u0131<\/a><\/li><li><a href=\"#Ek_Faydali_Kaynaklar_ve_Notlar\"><span class=\"toc_number toc_depth_1\">10<\/span> Ek: Faydal\u0131 Kaynaklar ve Notlar<\/a><\/li><\/ul><\/div>\n<h2 id=\"section-1\"><span id=\"Kisa_Bir_Hikaye_ve_Yol_Haritasi_Neden_Docker_Neden_Simdi\">K\u0131sa Bir Hik\u00e2ye ve Yol Haritas\u0131: Neden Docker, Neden \u015eimdi?<\/span><\/h2>\n<p>Hi\u00e7 ba\u015f\u0131n\u0131za geldi mi? K\u00fc\u00e7\u00fck bir blogu \u201cyar\u0131n ta\u015f\u0131r\u0131m\u201d diye erteleyip, bir sabah admin paneline giremedi\u011finiz\u2026 Ge\u00e7en ay ofiste aynen b\u00f6yle bir sabaha uyand\u0131m. Bir arkada\u015f\u0131n WordPress sitesi ta\u015f\u0131nacak, ama eski sunucuda konfig\u00fcrasyonlar kar\u0131\u015fm\u0131\u015f, PHP s\u00fcr\u00fcm\u00fc farkl\u0131, eklentiler da\u011f\u0131n\u0131k. O an d\u00fc\u015f\u00fcnd\u00fcm: Hem ta\u015f\u0131may\u0131 kolayla\u015ft\u0131ran hem de yar\u0131n de\u011fi\u015ftirmek istedi\u011fimde elim kolum ba\u011flanmayan bir d\u00fczen laz\u0131m. \u0130\u015fte bu y\u00fczden Docker\u2019\u0131 seviyorum; par\u00e7alar\u0131 birer kutu gibi bir araya getirip, s\u00f6k\u00fcp takabiliyorum. Bug\u00fcn sana, bu kutulardan olu\u015fan rahat bir evi nas\u0131l kurdu\u011fumu anlataca\u011f\u0131m.<\/p>\n<p>Plan basit: WordPress\u2019i PHP-FPM ile \u00e7al\u0131\u015ft\u0131raca\u011f\u0131z, \u00f6n\u00fcnde Nginx olacak. Veritaban\u0131 olarak MariaDB, \u00f6nbellek i\u00e7in Redis devreye girecek. \u00dcst\u00fcne Let\u2019s Encrypt ile \u00fccretsiz <a href=\"https:\/\/www.dchost.com\/tr\/ssl\">SSL sertifikas\u0131<\/a> ve docker-compose ile \u201cher \u015fey bir dosyada\u201d konforu. Bir de kal\u0131c\u0131 depolama meselesi var; g\u00fcncellemelerden sonra upload klas\u00f6r\u00fcn\u00fcn u\u00e7up gitmesi, veritaban\u0131n\u0131n buhar olmas\u0131 istemeyiz. Hepsini ad\u0131m ad\u0131m kuraca\u011f\u0131z, hatta birka\u00e7 ger\u00e7ek hayattan tuyo ile ufak p\u00fcr\u00fczlere de \u00f6nceden merhem s\u00fcrece\u011fiz. Haz\u0131rsan ba\u015flayal\u0131m.<\/p>\n<h2 id=\"section-2\"><span id=\"Neyi_Nereye_Koyuyoruz_Kalici_Depolama_Mantigini_Kafada_Oturtmak\">Neyi Nereye Koyuyoruz? Kal\u0131c\u0131 Depolama Mant\u0131\u011f\u0131n\u0131 Kafada Oturtmak<\/span><\/h2>\n<p>\u015e\u00f6yle d\u00fc\u015f\u00fcn: <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a>\u2019in mutfa\u011f\u0131 senin kal\u0131c\u0131 kilerindir. Kab\u0131 de\u011fi\u015ftirsen de i\u00e7indekiler kals\u0131n istersin. Docker\u2019da bu i\u015fi <strong>volumes<\/strong> ile yap\u0131yoruz. WordPress\u2019in kodlar\u0131 ve \u00f6zellikle <strong>wp-content<\/strong> klas\u00f6r\u00fc (yani temalar, eklentiler, y\u00fcklenen g\u00f6rseller) kal\u0131c\u0131 bir volume \u00fczerinde durmal\u0131. MariaDB\u2019nin veri dosyalar\u0131 da ayr\u0131 bir volume\u2019a. Redis\u2019in verilerini de saklamak isteyebilirsin; append-only ayar\u0131yla, yeniden ba\u015flat\u0131ld\u0131\u011f\u0131nda kald\u0131\u011f\u0131 yerden devam eder.<\/p>\n<p>Bir de SSL sertifikalar\u0131 var. Let\u2019s Encrypt ile alaca\u011f\u0131m\u0131z sertifikalar ve yenileme i\u015fi i\u00e7in ACME do\u011frulamas\u0131nda kullan\u0131lan dosyalar yine volume\u2019larda tutulmal\u0131. B\u00f6ylece nginx\u2019i g\u00fcncellesek, WordPress\u2019i yenilesek, hatta konteynerlar\u0131 tamamen de\u011fi\u015ftirsek bile veriler oldu\u011fu yerde durur. Bu kal\u0131c\u0131l\u0131k hissi ger\u00e7ekten insan\u0131 rahatlat\u0131yor. G\u00fcncellemeyi ak\u015fam yapars\u0131n, sabah sorunsuz uyan\u0131rs\u0131n.<\/p>\n<p>Bu noktada \u015funu da s\u00f6yleyeyim: Dosya izinleri \u00e7o\u011fu zaman ufak bir ta\u015f gibi ayakkab\u0131n\u0131n i\u00e7ine ka\u00e7\u0131p can s\u0131kar. WordPress konteynerindeki kullan\u0131c\u0131 genelde <strong>www-data<\/strong> olur. Volume\u2019\u0131 ilk kez doldurduktan sonra gerekirse izinleri kontrol et; y\u00fckleme sorunlar\u0131n\u0131n ciddi bir k\u0131sm\u0131 buradan \u00e7\u0131kar.<\/p>\n<h2 id=\"section-3\"><span id=\"VPSi_Hazirlama_Kucuk_Ama_Etkili_Dokunuslar\">VPS\u2019i Haz\u0131rlama: K\u00fc\u00e7\u00fck Ama Etkili Dokunu\u015flar<\/span><\/h2>\n<p>VPS\u2019te i\u015fe \u00f6nce basit bir temizlikle ba\u015flar\u0131m: Sistem g\u00fcncellemelerini al\u0131r\u0131m, bir kullan\u0131c\u0131 olu\u015fturur, SSH i\u00e7in ufak s\u0131k\u0131la\u015ft\u0131rmalar yapar\u0131m. Sonra Docker ve docker-compose\u2019u kurar\u0131m. Beni en \u00e7ok rahatlatan \u015fey, t\u00fcm y\u0131\u011f\u0131n\u0131n tek bir <strong>docker-compose.yml<\/strong> dosyas\u0131nda toplanmas\u0131. Tek komutla aya\u011fa kalkar, tek komutla kapan\u0131r. Kibrit kutusundan karton bir ev de\u011fil, gayet sa\u011flam bir d\u00fczen kurdu\u011fumu hissederim.<\/p>\n<p>DNS taraf\u0131n\u0131 unutma. Alan ad\u0131n\u0131n A\/AAAA kay\u0131tlar\u0131 VPS\u2019ini g\u00f6stermeli. E\u011fer IPv6 kullan\u0131yorsan ve bunun \u00fczerine oynamak istersen, daha \u00f6nce payla\u015ft\u0131\u011f\u0131m <a href=\"https:\/\/www.dchost.com\/blog\/ipv6%e2%80%91only-vps-uzerinde-web-sitesi-yayinlamak-nat64-dns64-ile-ipv4e-nasil-kopru-kurulur\/\">IPv6\u2011only VPS \u00fczerinde yay\u0131n yapma<\/a> deneyimi ilham verebilir. Ama bug\u00fcn i\u015fi sade tutaca\u011f\u0131z: Alan ad\u0131na www ve k\u00f6k domaini ayn\u0131 sunucuya y\u00f6nelt yeter.<\/p>\n<p>Son olarak ufak bir not: G\u00fcvenlik ayarlar\u0131na girmek istersen ve TLS taraf\u0131n\u0131 elden ge\u00e7irmek ho\u015funa gidiyorsa, Nginx i\u00e7in detayl\u0131 bir rehberim var; <a href=\"https:\/\/www.dchost.com\/blog\/nginxte-tls-1-3-ocsp-stapling-ve-brotli-nasil-kurulur-hizli-ve-guvenli-httpsnin-sicacik-rehberi\/\">TLS 1.3, OCSP Stapling ve Brotli<\/a> k\u0131sm\u0131n\u0131 kurarken yan\u0131na alman g\u00fczel olur. Birazdan Let\u2019s Encrypt ile sertifika alaca\u011f\u0131z, ama ince ayarlar\u0131 oradan y\u00fcr\u00fctmek ayr\u0131 bir keyif.<\/p>\n<h2 id=\"section-4\"><span id=\"docker-compose_ile_Yigin_Nginx_WordPress_FPM_MariaDB_Redis\">docker-compose ile Y\u0131\u011f\u0131n: Nginx + WordPress (FPM) + MariaDB + Redis<\/span><\/h2>\n<p>Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn: Her servis kendi odas\u0131nda. Kap\u0131lar a\u00e7\u0131k; Nginx \u00f6n kap\u0131, WordPress oturma odas\u0131, MariaDB k\u00fct\u00fcphane, Redis de not defteri. Hepsi bir a\u011fda konu\u015fuyor. A\u015fa\u011f\u0131daki \u00f6rnek <strong>docker-compose.yml<\/strong> bu d\u00fczeni kuruyor. De\u011ferleri kendi alan ad\u0131na, \u015fifrelerine g\u00f6re de\u011fi\u015ftirmeni bekliyor.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">version: &quot;3.9&quot;\n\nservices:\n  db:\n    image: mariadb:10.11\n    command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci\n    restart: unless-stopped\n    environment:\n      - MARIADB_DATABASE=wordpress\n      - MARIADB_USER=wpuser\n      - MARIADB_PASSWORD=degistir-bunu\n      - MARIADB_ROOT_PASSWORD=degistir-bunu-daha-da-guclu\n    volumes:\n      - db_data:\/var\/lib\/mysql\n    networks:\n      - wpnet\n\n  redis:\n    image: redis:7-alpine\n    command: [&quot;redis-server&quot;, &quot;--appendonly&quot;, &quot;yes&quot;]\n    restart: unless-stopped\n    volumes:\n      - redis_data:\/data\n    networks:\n      - wpnet\n\n  wordpress:\n    image: wordpress:php8.2-fpm\n    restart: unless-stopped\n    environment:\n      - WORDPRESS_DB_HOST=db:3306\n      - WORDPRESS_DB_USER=wpuser\n      - WORDPRESS_DB_PASSWORD=degistir-bunu\n      - WORDPRESS_DB_NAME=wordpress\n      # Basit Redis entegrasyonu i\u00e7in ek sabitler\n      - WORDPRESS_CONFIG_EXTRA=define('WP_REDIS_HOST','redis'); define('WP_REDIS_PORT',6379);\n    volumes:\n      - wp_data:\/var\/www\/html\n    depends_on:\n      - db\n      - redis\n    networks:\n      - wpnet\n\n  nginx:\n    image: nginx:1.25-alpine\n    restart: unless-stopped\n    ports:\n      - &quot;80:80&quot;\n      - &quot;443:443&quot;\n    volumes:\n      - wp_data:\/var\/www\/html:ro\n      - .\/nginx\/conf.d:\/etc\/nginx\/conf.d\n      - .\/nginx\/nginx.conf:\/etc\/nginx\/nginx.conf:ro\n      - certbot:\/etc\/letsencrypt\n      - certbot-challenges:\/var\/www\/certbot\n    depends_on:\n      - wordpress\n    networks:\n      - wpnet\n\n  certbot:\n    image: certbot\/certbot\n    # \u0130lk kurulum ve yenilemeler i\u00e7in \u00e7al\u0131\u015ft\u0131raca\u011f\u0131z; daimi a\u00e7\u0131k kalmas\u0131 gerekmiyor\n    volumes:\n      - certbot:\/etc\/letsencrypt\n      - certbot-challenges:\/var\/www\/certbot\n    networks:\n      - wpnet\n\nnetworks:\n  wpnet:\n    driver: bridge\n\nvolumes:\n  db_data:\n  redis_data:\n  wp_data:\n  certbot:\n  certbot-challenges:\n<\/code><\/pre>\n<p>Burada dikkat: WordPress\u2019i <strong>php-fpm<\/strong> imaj\u0131yla \u00e7al\u0131\u015ft\u0131r\u0131yoruz. Nginx, PHP i\u015flemlerini <em>fastcgi<\/em> \u00fczerinden WordPress konteynerine g\u00f6nderiyor. Nginx konfig\u00fcrasyonunu birazdan payla\u015faca\u011f\u0131m. Bu yolla Apache ile gelen \u201chepsi bir arada\u201d \u00e7\u00f6z\u00fcme g\u00f6re daha esnek davranabiliyorsun. Bu tercih hem kaynak kullan\u0131m\u0131nda esneklik veriyor hem de Nginx ayarlar\u0131na daha hakim olman\u0131 sa\u011fl\u0131yor.<\/p>\n<p>\u0130maj se\u00e7imlerinde karars\u0131z kal\u0131rsan WordPress\u2019in resmi Docker sayfas\u0131na g\u00f6z atmak iyi gelir; <a href=\"https:\/\/hub.docker.com\/_\/wordpress\" rel=\"nofollow noopener\" target=\"_blank\">WordPress Docker imaj\u0131n\u0131n a\u00e7\u0131klamalar\u0131<\/a> i\u015fini kolayla\u015ft\u0131r\u0131r. docker-compose yaz\u0131m\u0131nda tak\u0131l\u0131rsan da pratik \u00f6rneklerle dolu <a href=\"https:\/\/docs.docker.com\/compose\/\" rel=\"nofollow noopener\" target=\"_blank\">Compose belgeleri<\/a> elinin alt\u0131nda olsun.<\/p>\n<h2 id=\"section-5\"><span id=\"Nginx_Yapilandirmasi_PHP-FPM_ACME_Dogrulamasi_ve_Guvenli_Trafik\">Nginx Yap\u0131land\u0131rmas\u0131: PHP-FPM, ACME Do\u011frulamas\u0131 ve G\u00fcvenli Trafik<\/span><\/h2>\n<p>\u0130ki dosya haz\u0131rlayaca\u011f\u0131z: Genel ayarlar i\u00e7in <strong>nginx\/nginx.conf<\/strong> ve siteye \u00f6zel ayarlar i\u00e7in <strong>nginx\/conf.d\/site.conf<\/strong>. \u00d6rnekleri minimal tuttum; ek s\u0131k\u0131la\u015ft\u0131rmalar\u0131 kendi ihtiya\u00e7lar\u0131na g\u00f6re geni\u015fletebilirsin.<\/p>\n<h3><span id=\"nginxnginxconf\">nginx\/nginx.conf<\/span><\/h3>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">user  nginx;\nworker_processes  auto;\n\nerror_log  \/var\/log\/nginx\/error.log warn;\npid        \/var\/run\/nginx.pid;\n\nevents { worker_connections 1024; }\n\nhttp {\n  include       \/etc\/nginx\/mime.types;\n  default_type  application\/octet-stream;\n\n  sendfile        on;\n  keepalive_timeout  65;\n  server_tokens off;\n\n  # GZip'i hafif\u00e7e a\u00e7al\u0131m\n  gzip on;\n  gzip_types text\/plain text\/css application\/json application\/javascript application\/xml+rss application\/xml text\/javascript;\n\n  include \/etc\/nginx\/conf.d\/*.conf;\n}\n<\/code><\/pre>\n<h3><span id=\"nginxconfdsiteconf\">nginx\/conf.d\/site.conf<\/span><\/h3>\n<p>Burada <strong>example.com<\/strong> yerine kendi alan ad\u0131n\u0131 yaz. \u0130lk ba\u015fta SSL dosyalar\u0131 olmayaca\u011f\u0131 i\u00e7in 80 numaral\u0131 porttan ba\u015flayaca\u011f\u0131z. Let\u2019s Encrypt\u2019i ald\u0131ktan sonra 443 blo\u011funu da aktif hale getirece\u011fiz.<\/p>\n<pre class=\"language-nginx line-numbers\"><code class=\"language-nginx\">server {\n  listen 80;\n  server_name example.com www.example.com;\n\n  # ACME do\u011frulamas\u0131 i\u00e7in webroot\n  location ^~ \/.well-known\/acme-challenge\/ {\n    root \/var\/www\/certbot;\n  }\n\n  root \/var\/www\/html;\n  index index.php index.html index.htm;\n\n  location \/ {\n    try_files $uri $uri\/ \/index.php?$args;\n  }\n\n  location ~ .php$ {\n    include fastcgi_params;\n    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n    fastcgi_pass wordpress:9000;\n    fastcgi_read_timeout 300;\n  }\n\n  location ~* .(jpg|jpeg|gif|png|css|js|ico|webp|avif|svg)$ {\n    expires 30d;\n    access_log off;\n  }\n}\n\n# Sertifika al\u0131nd\u0131ktan sonra etkinle\u015ftir\n# server {\n#   listen 443 ssl http2;\n#   server_name example.com www.example.com;\n#   root \/var\/www\/html;\n#   index index.php index.html index.htm;\n#\n#   ssl_certificate \/etc\/letsencrypt\/live\/example.com\/fullchain.pem;\n#   ssl_certificate_key \/etc\/letsencrypt\/live\/example.com\/privkey.pem;\n#\n#   location \/ {\n#     try_files $uri $uri\/ \/index.php?$args;\n#   }\n#   location ~ .php$ {\n#     include fastcgi_params;\n#     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n#     fastcgi_pass wordpress:9000;\n#     fastcgi_read_timeout 300;\n#   }\n#   location ~* .(jpg|jpeg|gif|png|css|js|ico|webp|avif|svg)$ {\n#     expires 30d;\n#     access_log off;\n#   }\n# }\n<\/code><\/pre>\n<p>HTTP\/2 ve HTTP\/3 gibi yeni nesil protokoller site deneyimini g\u00f6zle g\u00f6r\u00fcl\u00fcr bi\u00e7imde ak\u0131c\u0131la\u015ft\u0131rabiliyor. Bu konuyu merak edersen <a href=\"https:\/\/www.dchost.com\/blog\/nginx-ve-cloudflareda-http-2-ve-http-3-quic-nasil-etkinlestirilir-wordpress-icin-uctan-uca-kurulum-ve-test-rehberi\/\">Nginx ve Cloudflare\u2019da HTTP\/2\u2011HTTP\/3<\/a> kurulumunu anlatt\u0131\u011f\u0131m rehbere g\u00f6z at. SSL taraf\u0131nda daha derine inmek istersen de az \u00f6nce payla\u015ft\u0131\u011f\u0131m TLS rehberi cebinde dursun.<\/p>\n<h2 id=\"section-6\"><span id=\"Lets_Encrypt_Sertifika_Alma_ve_Otomatik_Yenileme\">Let\u2019s Encrypt: Sertifika Alma ve Otomatik Yenileme<\/span><\/h2>\n<p>Gelelim \u015fapkan\u0131n i\u00e7inden tav\u015fan\u0131 \u00e7\u0131kard\u0131\u011f\u0131m\u0131z ana. Nginx ayakta, 80\u2019den yay\u0131n yap\u0131yor. Art\u0131k <strong>webroot<\/strong> y\u00f6ntemiyle Let\u2019s Encrypt\u2019ten sertifikam\u0131z\u0131 alabiliriz. Bunun i\u00e7in certbot konteynerini tek seferlik \u00e7al\u0131\u015ft\u0131raca\u011f\u0131z. A\u015fa\u011f\u0131daki komutta alan ad\u0131n\u0131 ve e\u2011postay\u0131 kendine g\u00f6re d\u00fczenle.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># \u0130lk defa sertifika almak i\u00e7in (webroot y\u00f6ntemi)\ndocker compose run --rm certbot certonly \n  --webroot -w \/var\/www\/certbot \n  -d example.com -d www.example.com \n  --email senin-email@ornek.com --agree-tos --no-eff-email\n\n# Nginx'i yeni sertifikalarla yeniden y\u00fckle\ndocker compose exec -T nginx nginx -s reload\n<\/code><\/pre>\n<p>Art\u0131k <strong>443<\/strong> blo\u011funu etkinle\u015ftirip siteyi tamamen HTTPS\u2019e ta\u015f\u0131yabilirsin. Uzun vadede yenilemeyi otomatikle\u015ftirmek en rahat\u0131. Sunucuda bir <strong>cron<\/strong> girdisi ile iki sat\u0131rl\u0131k bir rutin yeterli. G\u00fcn\u00fcn sakin bir saatini se\u00e7, yenile, sonra Nginx\u2019i sessizce reload et.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># crontab -e ile ekleyebilirsin (\u00f6rnek: her g\u00fcn 03:17'de dener)\n17 3 * * * cd \/path\/to\/proje &amp;&amp; \/usr\/bin\/docker compose run --rm certbot renew --quiet --webroot -w \/var\/www\/certbot &amp;&amp; \/usr\/bin\/docker compose exec -T nginx nginx -s reload\n<\/code><\/pre>\n<p>Kurulum s\u0131ras\u0131nda tak\u0131l\u0131rsan, resmi <a href=\"https:\/\/certbot.eff.org\/\" rel=\"nofollow noopener\" target=\"_blank\">Certbot belgeleri<\/a> net ad\u0131mlarla yard\u0131mc\u0131 oluyor. Alternatif ACME istemcileri de var ama bu d\u00fczen hem anla\u015f\u0131l\u0131r hem de ta\u015f\u0131nmas\u0131 kolay. Bu arada g\u00fcvenlik ba\u015fl\u0131klar\u0131n\u0131 derinle\u015ftirmek istersen, HSTS, OCSP Stapling gibi ayarlar\u0131 eklemek i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/tls-1-3-ve-modern-sifrelerin-sicacik-mutfagi-nginx-apachede-ocsp-stapling-hsts-preload-ve-pfs-nasil-kurulur\/\">modern TLS mutfa\u011f\u0131<\/a> yaz\u0131s\u0131n\u0131 kaynak alabilirsin.<\/p>\n<h2 id=\"section-7\"><span id=\"WordPressin_Incelikleri_Redis_Eklentiler_ve_Medya\">WordPress\u2019in \u0130ncelikleri: Redis, Eklentiler ve Medya<\/span><\/h2>\n<p>WordPress aya\u011fa kalkt\u0131ktan sonra \u00f6nbellekleme k\u0131sm\u0131na k\u00fc\u00e7\u00fck bir dokunu\u015f yaparsan nefes ald\u0131r\u0131rs\u0131n. Redis i\u00e7in pop\u00fcler bir eklentiyi kurup aktif edersin, <strong>WP_REDIS_HOST<\/strong> ve <strong>WP_REDIS_PORT<\/strong> zaten \u00e7evrede haz\u0131rd\u0131r. Dinamik sayfalar\u0131n hafiflemesi \u00f6zellikle yo\u011fun saatlerde g\u00fczel bir fark yarat\u0131r. Ayn\u0131 \u015fekilde g\u00f6rseller i\u00e7in ak\u0131ll\u0131 bir strateji kurmak uzun vadede en b\u00fcy\u00fck kazan\u00e7lardan biri olur.<\/p>\n<p>Medya taraf\u0131nda y\u00fckler b\u00fcy\u00fcd\u00fck\u00e7e depolama derdi can s\u0131kmaya ba\u015flar. O noktada \u201ci\u00e7erik ya\u015fam d\u00f6ng\u00fcs\u00fc\u201dn\u00fc d\u00fc\u015f\u00fcnmek iyi gelir. G\u00f6rselleri bir nesne depolamaya ta\u015f\u0131y\u0131p CDN ile sunmak hem VPS\u2019ini rahatlat\u0131r hem de d\u00fcnya genelinde h\u0131z kazand\u0131r\u0131r. Bu konuda ad\u0131m ad\u0131m bir y\u00fcr\u00fcy\u00fc\u015f istersen <a href=\"https:\/\/www.dchost.com\/blog\/wordpress-medyani-s3e-tasiyalim-mi-cdn-imzali-url-ve-onbellek-gecersizlestirme-adim-adim\/\">WordPress medyay\u0131 S3\u2019e ta\u015f\u0131ma ve CDN<\/a> rehberi, uygulama \u00f6rnekleriyle olduk\u00e7a pratik.<\/p>\n<p>Yine pratik bir not: Eklenti g\u00fcncellemeleri bazen s\u00fcrpriz yapar. docker-compose ile \u00e7al\u0131\u015f\u0131rken bir \u015feyleri bozarsan eski haline d\u00f6nmek iki komut s\u00fcrer, ama veritaban\u0131 ve wp-content g\u00fcvende oldu\u011fu i\u00e7in ruhun dinlenir. Yine de major g\u00fcncellemeler \u00f6ncesi h\u0131zl\u0131 bir yedek almak her zaman i\u00e7imi rahatlat\u0131r. Birazdan yedeklemeye dair pratik bir \u00f6neri b\u0131rakaca\u011f\u0131m.<\/p>\n<h2 id=\"section-8\"><span id=\"Gunluk_Hayat_Yedekleme_Guncelleme_Gozlem_ve_Sorun_Giderme\">G\u00fcnl\u00fck Hayat: Yedekleme, G\u00fcncelleme, G\u00f6zlem ve Sorun Giderme<\/span><\/h2>\n<p>Yedekleme dedi\u011fimde g\u00f6zlerin dolmas\u0131n, basit tutaca\u011f\u0131z. Veritaban\u0131 i\u00e7in mysqldump, dosyalar i\u00e7in tar veya restic gibi ara\u00e7lar i\u015f g\u00f6r\u00fcr. Uzaktaki bir S3 uyumlu depoya at\u0131p s\u00fcr\u00fcmleme a\u00e7t\u0131\u011f\u0131nda, ge\u00e7mi\u015fe d\u00f6nmek \u00e7ocuk oyunca\u011f\u0131na d\u00f6ner. Detayl\u0131 bir yakla\u015f\u0131m ar\u0131yorsan <a href=\"https:\/\/www.dchost.com\/blog\/restic-ve-borg-ile-s3-uyumlu-uzak-yedekleme-surumleme-sifreleme-ve-saklama-ne-zaman-nasil\/\">restic ve S3 uyumlu yedekleme<\/a> yaz\u0131m, \u015fifreleme ve saklama politikalar\u0131na kadar de\u011finiyor.<\/p>\n<p>G\u00fcncellemeye gelince, imajlar\u0131 tazeleyip yeniden aya\u011fa kald\u0131rmak i\u00e7in k\u00fc\u00e7\u00fck bir rit\u00fcelim var. Compose dosyas\u0131n\u0131 sakince g\u00f6zden ge\u00e7irir, sonra imajlar\u0131 \u00e7ekip hizmeti kesmeden yeniden yarat\u0131r\u0131m. Genellikle \u015funa benzer bir ak\u0131\u015f yeter: <em>docker compose pull<\/em>, ard\u0131ndan <em>docker compose up -d<\/em>. Bir \u015feyler ters giderse <em>docker compose logs<\/em> ile bakar\u0131m. Log\u2019lar\u0131 daha derli toplu g\u00f6rmek istersen, ileride merkezi bir sistem kurup rahatlamak g\u00fczel olur; bunun i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/merkezi-loglama-ve-gozlemlenebilirlik-vpste-loki-promtail-grafana-ile-sakin-kalan-bir-zihin\/\">Loki + Promtail + Grafana ile merkezi loglama<\/a> rehberini \u00f6nerebilirim.<\/p>\n<p>Performans ve sa\u011fl\u0131k g\u00f6stergelerini izlemek i\u00e7in hafif bir dashboard kurmak da i\u015fini ciddile\u015ftirir. CPU, RAM, disk ve ping grafikleri insan\u0131n i\u00e7ine su serper. Bu ba\u015fl\u0131kta yeniysen <a href=\"https:\/\/www.dchost.com\/blog\/vps-izleme-ve-alarm-kurulumu-prometheus-grafana-ve-uptime-kuma-ile-baslangic\/\">VPS izleme ve alarm kurulumuna giri\u015f<\/a> yaz\u0131s\u0131 iyi bir ba\u015flang\u0131\u00e7 noktas\u0131. K\u00fc\u00e7\u00fck uyar\u0131lar\u0131 erken fark edince, b\u00fcy\u00fck patlamalar genelde hi\u00e7 ya\u015fanmaz.<\/p>\n<p>Son olarak ufak hatalarla kar\u015f\u0131la\u015f\u0131rsan pani\u011fe gerek yok. 403 g\u00f6r\u00fcyorsan \u00e7o\u011funlukla dosya izinleri ya da Nginx\u2019in root yolu ile ilgilidir. 502 ise genellikle PHP-FPM\u2019e ula\u015famamak demektir; <em>fastcgi_pass<\/em> hedefini kontrol et. SSL hata veriyorsa sertifika yollar\u0131n\u0131 do\u011fru yaz\u0131p yazmad\u0131\u011f\u0131n\u0131 ve Nginx\u2019i reload edip etmedi\u011fini d\u00fc\u015f\u00fcn. Her seferinde bir par\u00e7ay\u0131 do\u011frulay\u0131p ilerlemek, t\u00fcm gizemi h\u0131zla \u00e7\u00f6zer.<\/p>\n<h2 id=\"section-9\"><span id=\"Kapanis_Kucuk_Adimlarla_Saglam_Bir_Yapi\">Kapan\u0131\u015f: K\u00fc\u00e7\u00fck Ad\u0131mlarla Sa\u011flam Bir Yap\u0131<\/span><\/h2>\n<p>Toparlayal\u0131m. Docker sayesinde WordPress\u2019i katman katman kurduk: Nginx \u00f6n y\u00fczde trafi\u011fi y\u00f6netti, WordPress FPM ile h\u0131zl\u0131ca cevap verdi, MariaDB verileri g\u00fcvenle saklad\u0131, Redis sayfalar\u0131 \u015fi\u015firmeden servis etti. Let\u2019s Encrypt ile SSL\u2019i cebimize att\u0131k, kal\u0131c\u0131 volume\u2019larla g\u00fcncellemelerden korkmadan ya\u015far hale geldik. B\u00fct\u00fcn bu kurgu, yar\u0131n ta\u015f\u0131man gerekti\u011finde de omzunu daha az a\u011fr\u0131t\u0131r; dosyalar bir kenarda, veritaban\u0131 bir kenarda, servisler dosdo\u011fru bir komutla yeniden aya\u011fa kalkar.<\/p>\n<p>Pratik bir tavsiye: \u00dcretime ge\u00e7meden \u00f6nce alan ad\u0131n\u0131 bir hosts kayd\u0131yla kendi makinen \u00fczerinden test et. K\u00fc\u00e7\u00fck bir log takibi yap, g\u00f6rseller d\u00fczg\u00fcn d\u00f6n\u00fcyor mu, admin paneli ak\u0131c\u0131 m\u0131 bak. Sonra DNS\u2019i \u00e7evir, SSL\u2019i yenilemeyi otomati\u011fe ba\u011fla, haftal\u0131k minik bir yedek plan\u0131 belirle. \u0130nan, bu \u00fc\u00e7l\u00fc kombinasyon sizi uzun s\u00fcre huzurlu tutar.<\/p>\n<p>Umar\u0131m bu rehber sana ilham olmu\u015ftur. Kurarken tak\u0131ld\u0131\u011f\u0131n yerde bir nefes al, bir par\u00e7ay\u0131 sadele\u015ftir, sonra devam et. Benim mutlu sonum genelde \u201cdocker compose up -d\u201d ile ba\u015fl\u0131yor. Senin de \u00f6yle olsun. Bir dahaki yaz\u0131da g\u00f6r\u00fc\u015fmek \u00fczere.<\/p>\n<h2 id=\"section-10\"><span id=\"Ek_Faydali_Kaynaklar_ve_Notlar\">Ek: Faydal\u0131 Kaynaklar ve Notlar<\/span><\/h2>\n<p>\u2013 Docker Compose\u2019un resmi dok\u00fcmantasyonu: <a href=\"https:\/\/docs.docker.com\/compose\/\" rel=\"nofollow noopener\" target=\"_blank\">Ad\u0131m ad\u0131m \u00f6rnekler<\/a><br \/>\u2013 WordPress\u2019in resmi Docker imaj sayfas\u0131: <a href=\"https:\/\/hub.docker.com\/_\/wordpress\" rel=\"nofollow noopener\" target=\"_blank\">etiketler, ortam de\u011fi\u015fkenleri ve varyantlar<\/a><br \/>\u2013 Sertifika y\u00f6netimi i\u00e7in: <a href=\"https:\/\/certbot.eff.org\/\" rel=\"nofollow noopener\" target=\"_blank\">Certbot belgeleri<\/a><\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 K\u0131sa Bir Hik\u00e2ye ve Yol Haritas\u0131: Neden Docker, Neden \u015eimdi?2 Neyi Nereye Koyuyoruz? Kal\u0131c\u0131 Depolama Mant\u0131\u011f\u0131n\u0131 Kafada Oturtmak3 VPS\u2019i Haz\u0131rlama: K\u00fc\u00e7\u00fck Ama Etkili Dokunu\u015flar4 docker-compose ile Y\u0131\u011f\u0131n: Nginx + WordPress (FPM) + MariaDB + Redis5 Nginx Yap\u0131land\u0131rmas\u0131: PHP-FPM, ACME Do\u011frulamas\u0131 ve G\u00fcvenli Trafik5.1 nginx\/nginx.conf5.2 nginx\/conf.d\/site.conf6 Let\u2019s Encrypt: Sertifika Alma ve Otomatik Yenileme7 WordPress\u2019in \u0130ncelikleri: [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1547,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-1546","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1546","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=1546"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1546\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/1547"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=1546"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=1546"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=1546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}