forked from coop-cloud/wordpress
Compare commits
12 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| cf54575187 | |||
| b4db12f09c | |||
| e4b87c8ab9 | |||
| 7e170adbb4 | |||
| 66e0687456 | |||
| 9209f007cb | |||
| 69cf451b98 | |||
| 73a2e98d2e | |||
| 0e229168fc | |||
| 332ab0b97d | |||
3b598e82dd
|
|||
|
8e81f3f81c
|
@ -28,6 +28,9 @@ LETS_ENCRYPT_ENV=production
|
||||
# PHP composer for plugin installation
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.composer.yml"
|
||||
|
||||
# Self managed Wordpress for automatic updates
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.selfmanaged.yml"
|
||||
|
||||
#WORDPRESS_DEBUG=true
|
||||
|
||||
## Additional extensions
|
||||
@ -81,7 +84,6 @@ SECRET_DB_PASSWORD_VERSION=v1
|
||||
# 🚩🚩 dangerous, use only for development sites!
|
||||
#CORS_ALLOW_ALL=1
|
||||
|
||||
|
||||
# FTP
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp.yml"
|
||||
#SECRET_FTP_PASS_VERSION=v1
|
||||
|
||||
21
.gitignore
vendored
21
.gitignore
vendored
@ -1 +1,22 @@
|
||||
# direnv
|
||||
/.envrc
|
||||
|
||||
# Environment files (may contain secrets)
|
||||
.env
|
||||
|
||||
# Logs
|
||||
*.log
|
||||
|
||||
# OS metadata
|
||||
.DS_Store
|
||||
Thumbs.db
|
||||
|
||||
# Editor/IDE
|
||||
*.swp
|
||||
*.swo
|
||||
*~
|
||||
*.bak
|
||||
.idea/
|
||||
.vscode/
|
||||
.project
|
||||
.classpath
|
||||
|
||||
21
abra.sh
21
abra.sh
@ -1,8 +1,8 @@
|
||||
export PHP_UPLOADS_CONF_VERSION=v4
|
||||
export ENTRYPOINT_CONF_VERSION=v7
|
||||
export ENTRYPOINT_CONF_VERSION=v8
|
||||
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
||||
export MSMTP_CONF_VERSION=v4
|
||||
export HTACCESS_CONF_VERSION=v2
|
||||
export HTACCESS_CONF_VERSION=v3
|
||||
export USERS_CONF_VERSION=v1
|
||||
|
||||
wp() {
|
||||
@ -31,8 +31,6 @@ core_install(){
|
||||
wp "language core install $LOCALE"
|
||||
wp "site switch-language $LOCALE"
|
||||
wp "rewrite structure '/%year%/%monthnum%/%day%/%postname%/'"
|
||||
wp "plugin install --activate disable-update-notifications"
|
||||
wp "option update disable_notification_setting --format=json '{\"dpun_setting\":false,\"dwtu_setting\":false,\"dwcun_setting\":true}'"
|
||||
if [ -n "$DEFAULT_USER_ROLE" ]
|
||||
then
|
||||
wp "option set default_role $DEFAULT_USER_ROLE"
|
||||
@ -40,7 +38,20 @@ core_install(){
|
||||
wp "option set default_role subscriber"
|
||||
fi
|
||||
wp "theme auto-updates enable --all"
|
||||
wp 'plugin auto-updates enable --all' || exit 0
|
||||
wp 'plugin auto-updates enable --all' || true
|
||||
}
|
||||
|
||||
enable_auto_updates(){
|
||||
wp "plugin deactivate disable-update-notifications --allow-root"
|
||||
wp "plugin uninstall disable-update-notifications --allow-root"
|
||||
wp "option delete disable_notification_setting --allow-root"
|
||||
wp "plugin auto-updates enable --all --allow-root"
|
||||
wp "theme auto-updates enable --all --allow-root"
|
||||
}
|
||||
|
||||
disable_auto_updates(){
|
||||
wp "plugin install --activate disable-update-notifications"
|
||||
wp "option update disable_notification_setting --format=json '{\"dpun_setting\":false,\"dwtu_setting\":false,\"dwcun_setting\":true}'"
|
||||
}
|
||||
|
||||
set_authentik(){
|
||||
|
||||
21
compose.selfmanaged.yml
Normal file
21
compose.selfmanaged.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "wordpress:latest"
|
||||
volumes:
|
||||
- "wordpress:/var/www/html/"
|
||||
environment:
|
||||
WORDPRESS_CONFIG_EXTRA: |
|
||||
define( 'AUTOMATIC_UPDATER_DISABLED', false );
|
||||
define( 'WP_AUTO_UPDATE_CORE', true );
|
||||
define( 'FS_METHOD', 'direct' );
|
||||
${WORDPRESS_CONFIG_EXTRA}
|
||||
|
||||
ftp:
|
||||
volumes:
|
||||
- "wordpress:/home/ftp_user/"
|
||||
|
||||
volumes:
|
||||
wordpress:
|
||||
@ -62,7 +62,7 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.19.1+6.9.4"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.19.2+6.9.4"
|
||||
|
||||
db:
|
||||
image: "mariadb:12.2"
|
||||
|
||||
@ -42,6 +42,20 @@ define('FORCE_SSL_ADMIN', true );
|
||||
define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
{{ end }}
|
||||
|
||||
|
||||
UPLOADS_HTACCESS=/var/www/html/wp-content/uploads/.htaccess
|
||||
if [ ! -f "$UPLOADS_HTACCESS" ]; then
|
||||
mkdir -p /var/www/html/wp-content/uploads
|
||||
cat > "$UPLOADS_HTACCESS" <<'EOF'
|
||||
# Prevent PHP execution in uploads directory
|
||||
<FilesMatch "\.(?i:php|phtml|phar)$">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
EOF
|
||||
fi
|
||||
|
||||
chown -R --from=root:root www-data:www-data /var/www/html/wp-content/
|
||||
|
||||
if [ -n "$@" ]; then
|
||||
"$@"
|
||||
fi
|
||||
|
||||
@ -1,3 +1,8 @@
|
||||
# Protect sensitive files from direct access
|
||||
<FilesMatch "^(wp-config\.php|\.htaccess|\.htpasswd|readme\.html|license\.txt)$">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
{{ if eq (env "MULTISITE") "" -}}
|
||||
# BEGIN WordPress
|
||||
|
||||
|
||||
Reference in New Issue
Block a user