Update for Current Exciting Sep 2020 Best-Practice
This commit is contained in:
3wc
parent
77e1eb38e6
commit
70e9c4355a
|
|
@ -1,2 +1,6 @@
|
|||
# The path to our pass credentials store
|
||||
export PASSWORD_STORE_DIR=$(pwd)/../infrastructure/credentials/password-store
|
||||
export DOMAIN=wordpress.example.com
|
||||
export STACK_NAME=wordpress
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
export DB_ROOT_PASSWORD_VERSION=v1
|
||||
export DB_PASSWORD_VERSION=v1
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
/.envrc
|
||||
21
README.md
21
README.md
|
|
@ -1,5 +1,22 @@
|
|||
# wordpress
|
||||
|
||||
> https://wordpress.org
|
||||
|
||||
**Work In Progress.**
|
||||
Coöp Cloud + [Wordpress](https://wordpress.org) = 🥳
|
||||
|
||||
1. Set up Docker Swarm and [`abra`][abra]
|
||||
2. Deploy [`compose-stacks/traefik`][compose-traefik]
|
||||
3. `cp .envrc.sample .envrc`
|
||||
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
5. `direnv allow` (or `. .envrc`)
|
||||
6. Generate secrets:
|
||||
```
|
||||
abra secret_generate db_password v1
|
||||
abra secret_generate db_root_password v1
|
||||
```
|
||||
|
||||
7. `abra deploy`
|
||||
8. Open the configured domain in your browser to finish set-up
|
||||
|
||||
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||
[compose-traefik]: https://git.autonomic.zone/compose-stacks/traefik
|
||||
|
|
|
|||
|
|
@ -0,0 +1,67 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
image: "wordpress:5.4.1"
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
networks:
|
||||
- backend
|
||||
- proxy
|
||||
environment:
|
||||
- WORDPRESS_DB_HOST=mariadb
|
||||
- WORDPRESS_DB_USER=wordpress
|
||||
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/db_password
|
||||
- WORDPRESS_DB_NAME=wordpress
|
||||
secrets:
|
||||
- db_password
|
||||
deploy:
|
||||
#mode: replicated
|
||||
#replicas: 1
|
||||
#update_config:
|
||||
# failure_action: rollback
|
||||
#placement:
|
||||
# constraints:
|
||||
# - node.role == manager
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
volumes:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
networks:
|
||||
- backend
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
|
||||
- MYSQL_DATABASE=wordpress
|
||||
- MYSQL_USER=wordpress
|
||||
- MYSQL_PASSWORD_FILE=/run/secrets/db_password
|
||||
secrets:
|
||||
- db_password
|
||||
- db_root_password
|
||||
|
||||
networks:
|
||||
backend:
|
||||
driver: overlay
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
mariadb:
|
||||
wordpress_content:
|
||||
|
||||
secrets:
|
||||
db_root_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}
|
||||
db_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_password_${DB_ROOT_PASSWORD_VERSION}
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
---
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
image: "wordpress:5.4.1"
|
||||
ports:
|
||||
- "3050:80"
|
||||
volumes:
|
||||
- "wp:/var/www/html"
|
||||
networks:
|
||||
- backend
|
||||
- proxy
|
||||
environment:
|
||||
- WORDPRESS_DB_HOST=mariadb
|
||||
- WORDPRESS_DB_USER=wordpress
|
||||
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/wp-db-passwd-v1
|
||||
- WORDPRESS_DB_NAME=wordpress
|
||||
secrets:
|
||||
- wp-db-passwd-v1
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
||||
labels:
|
||||
traefik.enable: "true"
|
||||
traefik.http.services.wordpress.loadbalancer.server.port: "80"
|
||||
traefik.http.routers.wordpress.rule: "Host(`wp.swarm.autonomic.zone`)"
|
||||
traefik.http.routers.wordpress.entrypoints: "web-secure"
|
||||
traefik.http.routers.wordpress.tls.certresolver: "staging"
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
volumes:
|
||||
- "db:/var/lib/mysql"
|
||||
networks:
|
||||
- backend
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root-passwd-v1
|
||||
- MYSQL_DATABASE=wordpress
|
||||
- MYSQL_USER=wordpress
|
||||
- MYSQL_PASSWORD_FILE=/run/secrets/mysql-user-passwd-v1
|
||||
secrets:
|
||||
- mysql-root-passwd-v1
|
||||
- mysql-user-passwd-v1
|
||||
|
||||
networks:
|
||||
backend:
|
||||
driver: overlay
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
db:
|
||||
wp:
|
||||
|
||||
secrets:
|
||||
wp-db-passwd-v1:
|
||||
external: true
|
||||
mysql-root-passwd-v1:
|
||||
external: true
|
||||
mysql-user-passwd-v1:
|
||||
external: true
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
---
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
image: "wordpress:5.4.1"
|
||||
ports:
|
||||
- "8010:80"
|
||||
depends_on:
|
||||
- mariadb
|
||||
environment:
|
||||
WORDPRESS_DB_HOST: mariadb
|
||||
WORDPRESS_DB_USER: wordpress
|
||||
WORDPRESS_DB_PASSWORD: wordpress
|
||||
WORDPRESS_DB_NAME: wordpress
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: somewordpress
|
||||
MYSQL_DATABASE: wordpress
|
||||
MYSQL_USER: wordpress
|
||||
MYSQL_PASSWORD: wordpress
|
||||
Loading…
Reference in New Issue