commit 515ebc1f770ee5e18e1b1581baaa688b34bb5dda Author: 3wc <3wc@doesthisthing.work> Date: Tue Dec 7 11:48:57 2021 +0200 Initial import diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..4992397 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,55 @@ +--- +kind: pipeline +name: deploy to swarm-test.autonomic.zone +steps: + - name: deployment + image: decentral1se/stack-ssh-deploy:latest + settings: + host: swarm-test.autonomic.zone + stack: wordpress-bedrock + purge: true + deploy_key: + from_secret: drone_ssh_swarm_test + environment: + DOMAIN: wordpress-bedrock.swarm-test.autonomic.zone + LETS_ENCRYPT_ENV: production + + - name: notify coopcloud-dev on failure + image: plugins/matrix + settings: + homeserver: https://matrix.autonomic.zone + roomid: "IFazIpLtxiScqbHqoa:autonomic.zone" + userid: "@autono-bot:autonomic.zone" + accesstoken: + from_secret: autono_bot_access_token + depends_on: + - deployment + when: + status: + - failure +trigger: + branch: + - main + +--- +kind: pipeline +name: recipe release +steps: + - name: release a new version + image: decentral1se/drone-abra:latest + settings: + command: recipe wordpress-bedrock release + deploy_key: + from_secret: abra_bot_deploy_key + + - name: trigger downstream builds + image: plugins/downstream + settings: + server: https://drone.autonomic.zone + token: + from_secret: decentral1se_token + fork: true + repositories: + - coop-cloud/auto-apps-json + depends_on: + - release a new version diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..a47dce9 --- /dev/null +++ b/.env.sample @@ -0,0 +1,7 @@ +TYPE=wordpress-bedrock + +DOMAIN=wordpress-bedrock.example.com + +## Domain aliases +#EXTRA_DOMAINS=', `www.wordpress-bedrock.example.com`' +LETS_ENCRYPT_ENV=production diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7a6353d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.envrc diff --git a/README.md b/README.md new file mode 100644 index 0000000..9abcad5 --- /dev/null +++ b/README.md @@ -0,0 +1,31 @@ +# wordpress-bedrock + +TODO + + + +* **Category**: +* **Status**: +* **Image**: +* **Healthcheck**: +* **Backups**: +* **Email**: +* **Tests**: +* **SSO**: + + + +## Basic usage + +1. Set up Docker Swarm and [`abra`] +2. Deploy [`coop-cloud/traefik`] +3. `abra app new ${REPO_NAME} --secrets` (optionally with `--pass` if you'd like + to save secrets in `pass`) +4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to + your Docker swarm box +5. `abra app YOURAPPDOMAIN deploy` +6. Open the configured domain in your browser to finish set-up + +[`abra`]: https://git.coopcloud.tech/coop-cloud/abra +[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik +traefik diff --git a/abra.sh b/abra.sh new file mode 100644 index 0000000..0a5b1d5 --- /dev/null +++ b/abra.sh @@ -0,0 +1 @@ +export NGINX_CONF_VERSION=v1 diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..35f9f1b --- /dev/null +++ b/compose.yml @@ -0,0 +1,77 @@ +--- +version: "3.8" + +services: + app: + image: nginx:alpine + working_dir: /app + volumes: + - wordpress:/app:cached + networks: + - proxy + - backend + configs: + - source: nginx_conf + target: /etc/nginx/conf.d/default.conf:cached + deploy: + restart_policy: + condition: on-failure + labels: + - "traefik.enable=true" + - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" + - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" + - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" + ## Redirect from EXTRA_DOMAINS to DOMAIN + #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" + #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" + #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" + # healthcheck: + # test: ["CMD", "curl", "-f", "http://localhost"] + # interval: 30s + # timeout: 10s + # retries: 10 + # start_period: 1m + + php: + image: "thecoopcloud/wordpress:5.8.2-php8.0-fpm-bedrock" + working_dir: /app + environment: + - DB_NAME=wordpress + - DB_USER=wordpress + - DB_PASSWORD=wordpress + - WP_ENV=production + - WP_HOME=https://${DOMAIN} + networks: + - backend + volumes: + - wordpress:/app:cached + + db: + image: mariadb:10.4 + networks: + - backend + volumes: + - "mariadb:/var/lib/mysql" + environment: + - MYSQL_ROOT_PASSWORD=wordpress + - MYSQL_DATABASE=wordpress + - MYSQL_USER=wordpress + - MYSQL_PASSWORD=wordpress + image: nginx:1.19.2 + networks: + - proxy + +networks: + proxy: + external: true + backend: + +volumes: + wordpress: + mariadb: + +configs: + nginx_conf: + name: ${STACK_NAME}_nginx_conf_${NGINX_CONF_VERSION} + file: nginx.conf diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..40442dd --- /dev/null +++ b/nginx.conf @@ -0,0 +1,48 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + server_name _; + + client_max_body_size 128M; + + gzip on; + gzip_proxied any; + gzip_types text/plain text/xml text/css application/x-javascript; + gzip_vary on; + gzip_disable "MSIE [1-6]\.(?!.*SV1)"; + + sendfile on; + sendfile_max_chunk 512k; + + root /app/web; + + access_log off; + + location / { + include /etc/nginx/mime.types; + + root /app/web; + index index.html index.htm index.php; + + try_files $uri $uri/ /index.php?q=$uri&$args; + } + + location ~ .php$ { + include fastcgi.conf; + + fastcgi_read_timeout 300; + fastcgi_pass php:9000; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /app/web/$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_script_name; + + fastcgi_param PHP_VALUE "error_log=/var/log/nginx/application_php_errors.log"; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + + include fastcgi_params; + } +} +