Compare commits
14 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 69551175d5 | |||
| ef27645a30 | |||
| 5d3c019b83 | |||
| f450f2e6ba | |||
| c75c18f185 | |||
| 7e170adbb4 | |||
| 66e0687456 | |||
| 9209f007cb | |||
| 69cf451b98 | |||
| 73a2e98d2e | |||
| 0e229168fc | |||
| 332ab0b97d | |||
3b598e82dd
|
|||
|
8e81f3f81c
|
54
.drone.yml
54
.drone.yml
@ -1,30 +1,30 @@
|
||||
---
|
||||
kind: pipeline
|
||||
name: deploy to swarm-test.autonomic.zone
|
||||
steps:
|
||||
- name: deployment
|
||||
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||
settings:
|
||||
host: swarm-test.autonomic.zone
|
||||
stack: wordpress
|
||||
generate_secrets: true
|
||||
purge: true
|
||||
deploy_key:
|
||||
from_secret: drone_ssh_swarm_test
|
||||
networks:
|
||||
- proxy
|
||||
environment:
|
||||
DOMAIN: wordpress.swarm-test.autonomic.zone
|
||||
STACK_NAME: wordpress
|
||||
LETS_ENCRYPT_ENV: production
|
||||
SECRET_DB_PASSWORD_VERSION: v1
|
||||
SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
||||
PHP_UPLOADS_CONF_VERSION: v1
|
||||
ENTRYPOINT_CONF_VERSION: v1
|
||||
HTACCESS_CONF_VERSION: v1
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
# ---
|
||||
# kind: pipeline
|
||||
# name: deploy to swarm-test.autonomic.zone
|
||||
# steps:
|
||||
# - name: deployment
|
||||
# image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||
# settings:
|
||||
# host: swarm-test.autonomic.zone
|
||||
# stack: wordpress
|
||||
# generate_secrets: true
|
||||
# purge: true
|
||||
# deploy_key:
|
||||
# from_secret: drone_ssh_swarm_test
|
||||
# networks:
|
||||
# - proxy
|
||||
# environment:
|
||||
# DOMAIN: wordpress.swarm-test.autonomic.zone
|
||||
# STACK_NAME: wordpress
|
||||
# LETS_ENCRYPT_ENV: production
|
||||
# SECRET_DB_PASSWORD_VERSION: v1
|
||||
# SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
||||
# PHP_UPLOADS_CONF_VERSION: v1
|
||||
# ENTRYPOINT_CONF_VERSION: v1
|
||||
# HTACCESS_CONF_VERSION: v1
|
||||
# trigger:
|
||||
# branch:
|
||||
# - main
|
||||
---
|
||||
kind: pipeline
|
||||
name: generate recipe catalogue
|
||||
|
||||
12
abra.sh
12
abra.sh
@ -1,5 +1,5 @@
|
||||
export PHP_UPLOADS_CONF_VERSION=v4
|
||||
export ENTRYPOINT_CONF_VERSION=v7
|
||||
export ENTRYPOINT_CONF_VERSION=v9
|
||||
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
||||
export MSMTP_CONF_VERSION=v4
|
||||
export HTACCESS_CONF_VERSION=v3
|
||||
@ -42,11 +42,11 @@ core_install(){
|
||||
}
|
||||
|
||||
enable_auto_updates(){
|
||||
wp plugin deactivate disable-update-notifications --allow-root
|
||||
wp plugin uninstall disable-update-notifications --allow-root
|
||||
wp option delete disable_notification_setting --allow-root
|
||||
wp plugin auto-updates enable --all --allow-root
|
||||
wp theme auto-updates enable --all --allow-root
|
||||
wp "plugin deactivate disable-update-notifications --allow-root"
|
||||
wp "plugin uninstall disable-update-notifications --allow-root"
|
||||
wp "option delete disable_notification_setting --allow-root"
|
||||
wp "plugin auto-updates enable --all --allow-root"
|
||||
wp "theme auto-updates enable --all --allow-root"
|
||||
}
|
||||
|
||||
disable_auto_updates(){
|
||||
|
||||
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "wordpress:latest"
|
||||
image: "wordpress:7.0.0"
|
||||
volumes:
|
||||
- "wordpress:/var/www/html/"
|
||||
environment:
|
||||
|
||||
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "wordpress:6.9.4"
|
||||
image: "wordpress:7.0.0"
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
networks:
|
||||
@ -62,10 +62,10 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.19.1+6.9.4"
|
||||
- "coop-cloud.${STACK_NAME}.version=3.0.0+7.0.0"
|
||||
|
||||
db:
|
||||
image: "mariadb:12.2"
|
||||
image: "mariadb:12.3"
|
||||
volumes:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
networks:
|
||||
|
||||
@ -42,6 +42,20 @@ define('FORCE_SSL_ADMIN', true );
|
||||
define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
{{ end }}
|
||||
|
||||
|
||||
UPLOADS_HTACCESS=/var/www/html/wp-content/uploads/.htaccess
|
||||
if [ ! -f "$UPLOADS_HTACCESS" ]; then
|
||||
mkdir -p /var/www/html/wp-content/uploads
|
||||
cat > "$UPLOADS_HTACCESS" <<'EOF'
|
||||
# Prevent PHP execution in uploads directory
|
||||
<FilesMatch "\.(?i:php|phtml|phar)$">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
EOF
|
||||
fi
|
||||
|
||||
chown -R www-data:www-data /var/www/html/wp-content/uploads/
|
||||
|
||||
if [ -n "$@" ]; then
|
||||
"$@"
|
||||
fi
|
||||
|
||||
@ -3,13 +3,6 @@
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
# Prevent PHP execution in uploads directory
|
||||
<Directory /var/www/html/wp-content/uploads>
|
||||
<FilesMatch "\.(?i:php|phtml|phar)$">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
</Directory>
|
||||
|
||||
{{ if eq (env "MULTISITE") "" -}}
|
||||
# BEGIN WordPress
|
||||
|
||||
|
||||
6
release/3.0.0+7.0.0
Normal file
6
release/3.0.0+7.0.0
Normal file
@ -0,0 +1,6 @@
|
||||
- WordPress upgraded from 6.9.4 to 7.0 (major! test before deploying)
|
||||
- MariaDB upgraded from 10.x to 11.4 (major! SSL now enabled by default)
|
||||
- ENTRYPOINT_CONF_VERSION bumped to v9
|
||||
- Breaking: MariaDB 11.4 enables SSL by default — if clients don't support SSL, add --disable-ssl to db command
|
||||
- Breaking: WordPress 7.0 introduces new AI features and admin theme changes
|
||||
- Backup database and files before upgrading
|
||||
Reference in New Issue
Block a user