2021-02-08 14:02:53 +00:00
|
|
|
export PHP_UPLOADS_CONF_VERSION=v3
|
2023-10-17 21:29:23 +00:00
|
|
|
export ENTRYPOINT_CONF_VERSION=v4
|
2022-03-30 23:24:33 +00:00
|
|
|
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
2023-10-23 09:26:10 +00:00
|
|
|
export MSMTP_CONF_VERSION=v4
|
2021-02-08 14:02:53 +00:00
|
|
|
|
2022-03-30 23:24:33 +00:00
|
|
|
wp() {
|
2023-03-30 14:57:44 +00:00
|
|
|
su -p www-data -s /bin/bash -c "/usr/local/bin/wp $@"
|
|
|
|
}
|
|
|
|
|
|
|
|
core_install(){
|
|
|
|
ADMIN=admin
|
2023-06-08 14:00:19 +00:00
|
|
|
if [ -n "$AUTHENTIK_DOMAIN" ]
|
2023-03-30 14:57:44 +00:00
|
|
|
then
|
|
|
|
ADMIN=akadmin
|
|
|
|
fi
|
2023-08-24 09:33:24 +00:00
|
|
|
chown www-data:www-data -R /var/www/html/wp-content
|
2023-03-30 14:57:44 +00:00
|
|
|
wp "core install --url=$DOMAIN --title=\"$TITLE\" --admin_user=$ADMIN --admin_email=$ADMIN_EMAIL --locale=$LOCALE --skip-email"
|
2023-04-20 18:38:42 +00:00
|
|
|
wp "language core install $LOCALE"
|
2023-04-20 18:44:38 +00:00
|
|
|
wp "site switch-language $LOCALE"
|
2023-03-30 14:57:44 +00:00
|
|
|
wp "rewrite structure '/%year%/%monthnum%/%day%/%postname%/'"
|
2023-06-01 14:59:09 +00:00
|
|
|
wp "plugin install --activate disable-update-notifications"
|
|
|
|
wp 'option update dwcun_setting on'
|
2023-06-08 14:00:19 +00:00
|
|
|
if [ -n "$DEFAULT_USER_ROLE" ]
|
|
|
|
then
|
|
|
|
wp "option set default_role $DEFAULT_USER_ROLE"
|
|
|
|
else
|
|
|
|
wp "option set default_role subscriber"
|
|
|
|
fi
|
2023-08-24 09:33:24 +00:00
|
|
|
wp 'plugin auto-updates enable --all' || exit 0
|
2023-03-30 14:57:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
set_authentik(){
|
|
|
|
AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
|
|
|
|
AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
|
2023-04-06 17:34:05 +00:00
|
|
|
if [ -z $LOGIN_TYPE ]
|
2023-03-30 14:57:44 +00:00
|
|
|
then
|
|
|
|
LOGIN_TYPE='button'
|
|
|
|
fi
|
|
|
|
wp "user create akadmin admin@example.com --role=administrator"
|
|
|
|
wp "plugin install --activate daggerhart-openid-connect-generic"
|
|
|
|
wp "option update --format=json openid_connect_generic_settings '
|
|
|
|
{
|
|
|
|
\"login_type\":\"$LOGIN_TYPE\",
|
|
|
|
\"client_id\":\"$AUTHENTIK_ID\",
|
|
|
|
\"client_secret\":\"$AUTHENTIK_SECRET\",
|
|
|
|
\"scope\":\"email profile openid\",
|
|
|
|
\"endpoint_login\":\"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
|
|
|
|
\"endpoint_userinfo\":\"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
|
|
|
|
\"endpoint_token\":\"https://$AUTHENTIK_DOMAIN/application/o/token/\",
|
|
|
|
\"endpoint_end_session\":\"https://$AUTHENTIK_DOMAIN/application/o/wordpress/end-session/\",
|
|
|
|
\"acr_values\":\"\",
|
|
|
|
\"identity_key\":\"preferred_username\",
|
|
|
|
\"no_sslverify\":\"0\",
|
|
|
|
\"http_request_timeout\":\"30\",
|
|
|
|
\"enforce_privacy\":\"0\",
|
|
|
|
\"alternate_redirect_uri\":\"1\",
|
|
|
|
\"nickname_key\":\"preferred_username\",
|
|
|
|
\"email_format\":\"{email}\",
|
2023-04-06 17:34:05 +00:00
|
|
|
\"displayname_format\":\"\",
|
2023-03-30 14:57:44 +00:00
|
|
|
\"identify_with_username\":\"1\",
|
|
|
|
\"state_time_limit\":\"\",
|
|
|
|
\"token_refresh_enable\":\"1\",
|
|
|
|
\"link_existing_users\":\"1\",
|
|
|
|
\"create_if_does_not_exist\":\"1\",
|
|
|
|
\"redirect_user_back\":\"0\",
|
|
|
|
\"redirect_on_logout\":\"1\",
|
|
|
|
\"enable_logging\":\"0\",
|
|
|
|
\"log_limit\":\"1000\"
|
|
|
|
}'"
|
|
|
|
wp "rewrite flush"
|
|
|
|
wp "cache flush"
|
|
|
|
|
2022-03-30 23:24:33 +00:00
|
|
|
}
|
|
|
|
|
2022-12-15 16:26:51 +00:00
|
|
|
fix_mysql() {
|
|
|
|
echo "ALTER TABLE mysql.column_stats MODIFY histogram longblob; ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');" | mysql -u root -p$(cat /run/secrets/db_root_password)
|
|
|
|
}
|
|
|
|
|
2020-12-14 10:31:17 +00:00
|
|
|
sub_wp() {
|
2021-03-14 12:28:11 +00:00
|
|
|
CONTAINER=$(docker container ls -f "Name=${STACK_NAME}_app" --format '{{ .ID }}')
|
2020-12-14 10:31:17 +00:00
|
|
|
if [ -z "$CONTAINER" ]; then
|
|
|
|
error "Can't find a container for ${STACK_NAME}_app"
|
|
|
|
exit
|
|
|
|
fi
|
2021-03-14 12:28:11 +00:00
|
|
|
debug "Using Container ID ${CONTAINER}"
|
2021-04-02 19:18:17 +00:00
|
|
|
|
2021-03-14 12:28:11 +00:00
|
|
|
# FIXME 3wc: we're fighting the Wordpress image, which recommends a named
|
|
|
|
# volume for /var/www/html -- this used to work fine using --volumes-from
|
|
|
|
# because the actual MySQL password was inserted into the generated
|
|
|
|
# wp-config.php -- but as of Wordpress 5.7.0, wp-config loads data straight
|
|
|
|
# from the environment, which requires Docker secrets to work, which only work
|
|
|
|
# in swarm services (not one-off `docker run` commands). Defining a `cli`
|
|
|
|
# service in compose.yml almost works, but there's no volumes_from: in Compose
|
|
|
|
# V3, and without it then the `cli` service can't access Wordpress core.
|
|
|
|
# See https://git.autonomic.zone/coop-cloud/wordpress/issues/21
|
|
|
|
warning "Slowly looking up MySQL password..."
|
|
|
|
silence
|
|
|
|
abra__service_="app"
|
|
|
|
DB_PASSWORD="$(sub_app_run cat "/run/secrets/db_password")"
|
|
|
|
unsilence
|
|
|
|
|
2021-03-02 16:36:51 +00:00
|
|
|
# shellcheck disable=SC2154,SC2086
|
2021-03-14 12:28:11 +00:00
|
|
|
docker run -it \
|
|
|
|
--volumes-from "$CONTAINER" \
|
|
|
|
--network "container:$CONTAINER" \
|
2021-05-25 07:28:57 +00:00
|
|
|
-u xfs:xfs \
|
2021-03-14 12:28:11 +00:00
|
|
|
-e WORDPRESS_DB_HOST=db \
|
|
|
|
-e WORDPRESS_DB_USER=wordpress \
|
2021-05-25 07:28:57 +00:00
|
|
|
-e WORDPRESS_DB_PASSWORD="${DB_PASSWORD}" \
|
2021-03-14 12:28:11 +00:00
|
|
|
-e WORDPRESS_DB_NAME=wordpress \
|
2021-05-25 07:28:57 +00:00
|
|
|
-e WORDPRESS_CONFIG_EXTRA="${WORDPRESS_CONFIG_EXTRA}" \
|
2021-03-14 12:28:11 +00:00
|
|
|
wordpress:cli wp ${abra__args_[*]}
|
2020-12-14 10:31:17 +00:00
|
|
|
}
|
2021-01-01 16:58:55 +00:00
|
|
|
|
|
|
|
abra_backup_app() {
|
2021-03-02 16:36:51 +00:00
|
|
|
_abra_backup_dir "app:/var/www/html/wp-content"
|
2021-01-01 16:58:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
abra_backup_db() {
|
2021-03-02 16:36:51 +00:00
|
|
|
_abra_backup_mysql "db" "wordpress"
|
2021-01-01 16:58:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
abra_backup() {
|
|
|
|
abra_backup_app && abra_backup_db
|
|
|
|
}
|
2021-01-01 20:29:16 +00:00
|
|
|
|
|
|
|
abra_restore_app() {
|
|
|
|
# shellcheck disable=SC2034
|
|
|
|
{
|
|
|
|
abra__src_="-"
|
|
|
|
abra__dst_="app:/var/www/html/"
|
|
|
|
}
|
|
|
|
|
2021-04-02 19:18:17 +00:00
|
|
|
zcat "$@" | sub_app_cp
|
2021-01-01 20:29:16 +00:00
|
|
|
|
|
|
|
success "Restored 'app'"
|
|
|
|
}
|
|
|
|
|
|
|
|
abra_restore_db() {
|
|
|
|
# 3wc: unlike abra_backup_db, we can assume abra__service_ will be 'db' if we
|
|
|
|
# got this far..
|
|
|
|
|
|
|
|
# shellcheck disable=SC2034
|
|
|
|
abra___no_tty="true"
|
|
|
|
|
|
|
|
DB_ROOT_PASSWORD=$(sub_app_run cat /run/secrets/db_root_password)
|
|
|
|
|
|
|
|
zcat "$@" | sub_app_run mysql -u root -p"$DB_ROOT_PASSWORD" wordpress
|
|
|
|
|
|
|
|
success "Restored 'db'"
|
|
|
|
}
|