forked from coop-cloud/wordpress
Compare commits
87 Commits
2.2.0+6.1.
...
main
Author | SHA1 | Date | |
---|---|---|---|
cf2a5077c9
|
|||
74282d5658 | |||
ab7716bf1e | |||
b0cc5a49a1 | |||
3cca5d2cf3 | |||
f403648cf6 | |||
83f724a316 | |||
e6b9f8117f | |||
e7aef38d3b | |||
e08838561d | |||
04d26a59a9 | |||
591019112e | |||
76e9b80fbd | |||
f49fa05ded | |||
716e6df3cd | |||
457c2defaf | |||
37ff3e9b1b | |||
c5443cc14b | |||
34f70889e3 | |||
af04e30e36 | |||
17574fd3fe | |||
8b6983d240 | |||
6fb30c5bc1 | |||
929bfb4239 | |||
7e4ff5c075 | |||
564db5b63f | |||
cf9b5f529e | |||
240b70a967 | |||
7f6b6a5ff2 | |||
4d99aae234 | |||
959484f5e5 | |||
7ef8e5515d | |||
770ef4932a | |||
dcb8a9a3a9 | |||
f3a9fad0a1 | |||
ebbd41e612 | |||
b45fca4a3f | |||
1a6b11c95b | |||
de5455833e | |||
81dbeca30d | |||
245b800439 | |||
540d526914 | |||
df32ba5141 | |||
8d8418a6c0 | |||
a8d67b063c | |||
da0f503960 | |||
6767d5ee65 | |||
d5227cc534 | |||
45a36ba7b4 | |||
ed77855e7d | |||
1c70a89ed4 | |||
c6be9ecfcf | |||
f2867c8359 | |||
4a7c468806 | |||
40d95417e9 | |||
37aa0649b9 | |||
5723405e51 | |||
650d531ed1 | |||
9077d0aa86 | |||
952044e590 | |||
1c03d854b2 | |||
38bc51f516 | |||
40cbb7d689 | |||
16ca5734d7 | |||
91335eac3a | |||
dfaa04131d | |||
b508b67752 | |||
8cc028fc00 | |||
55f00a482a | |||
df821f5017 | |||
9b1e36f8c8 | |||
f624ef2dc6 | |||
40e89c874a | |||
7c725fbf85 | |||
ed587cd983 | |||
85d910f7ea | |||
bcb911c6e0 | |||
7281edfd60 | |||
87406eb3ab | |||
db1e7bc88a | |||
7962da376c | |||
6c97636698 | |||
72ff340927 | |||
369d962c40 | |||
5941680738 | |||
112c7a8f03 | |||
2550098aee |
.abra.sh.swp.compose.yml.swo.compose.yml.swp.drone.yml.env.sampleREADME.mdabra.shalaconnect.ymlcompose.authentik.ymlcompose.composer.ymlcompose.ftp-2220.ymlcompose.ftp-2221.ymlcompose.ftp-2222.ymlcompose.ftp-2223.ymlcompose.ftp-2224.ymlcompose.ftp-2225.ymlcompose.ftp.ymlcompose.matrix.ymlcompose.public-db.ymlcompose.smtp.ymlcompose.ymlentrypoint.sh.tmplhtaccess.tmplmsmtp.conf.tmpl
release
uploads.iniuploads.ini.tmplusers.conf.tmpl
BIN
.abra.sh.swp
BIN
.abra.sh.swp
Binary file not shown.
BIN
.compose.yml.swo
BIN
.compose.yml.swo
Binary file not shown.
BIN
.compose.yml.swp
BIN
.compose.yml.swp
Binary file not shown.
23
.drone.yml
23
.drone.yml
@ -3,7 +3,7 @@ kind: pipeline
|
|||||||
name: deploy to swarm-test.autonomic.zone
|
name: deploy to swarm-test.autonomic.zone
|
||||||
steps:
|
steps:
|
||||||
- name: deployment
|
- name: deployment
|
||||||
image: decentral1se/stack-ssh-deploy:latest
|
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||||
settings:
|
settings:
|
||||||
host: swarm-test.autonomic.zone
|
host: swarm-test.autonomic.zone
|
||||||
stack: wordpress
|
stack: wordpress
|
||||||
@ -11,6 +11,8 @@ steps:
|
|||||||
purge: true
|
purge: true
|
||||||
deploy_key:
|
deploy_key:
|
||||||
from_secret: drone_ssh_swarm_test
|
from_secret: drone_ssh_swarm_test
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
environment:
|
environment:
|
||||||
DOMAIN: wordpress.swarm-test.autonomic.zone
|
DOMAIN: wordpress.swarm-test.autonomic.zone
|
||||||
STACK_NAME: wordpress
|
STACK_NAME: wordpress
|
||||||
@ -19,16 +21,23 @@ steps:
|
|||||||
SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
||||||
PHP_UPLOADS_CONF_VERSION: v1
|
PHP_UPLOADS_CONF_VERSION: v1
|
||||||
ENTRYPOINT_CONF_VERSION: v1
|
ENTRYPOINT_CONF_VERSION: v1
|
||||||
|
HTACCESS_CONF_VERSION: v1
|
||||||
trigger:
|
trigger:
|
||||||
branch:
|
branch:
|
||||||
- master
|
- main
|
||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
name: recipe release
|
name: generate recipe catalogue
|
||||||
steps:
|
steps:
|
||||||
- name: release a new version
|
- name: release a new version
|
||||||
image: thecoopcloud/drone-abra:latest
|
image: plugins/downstream
|
||||||
settings:
|
settings:
|
||||||
command: recipe wordpress release
|
server: https://build.coopcloud.tech
|
||||||
deploy_key:
|
token:
|
||||||
from_secret: abra_bot_deploy_key
|
from_secret: drone_abra-bot_token
|
||||||
|
fork: true
|
||||||
|
repositories:
|
||||||
|
- toolshed/auto-recipes-catalogue-json
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
event: tag
|
||||||
|
73
.env.sample
73
.env.sample
@ -1,10 +1,35 @@
|
|||||||
TYPE=wordpress
|
TYPE=wordpress
|
||||||
|
TIMEOUT=300
|
||||||
|
ENABLE_AUTO_UPDATE=true
|
||||||
|
COMPOSE_FILE="compose.yml"
|
||||||
|
ENABLE_BACKUPS=true
|
||||||
|
|
||||||
DOMAIN=wordpress.example.com
|
DOMAIN=wordpress.example.com
|
||||||
## Domain aliases
|
## Domain aliases
|
||||||
#EXTRA_DOMAINS=', `www.wordpress.example.com`'
|
#EXTRA_DOMAINS=', `www.wordpress.example.com`'
|
||||||
|
# Redirects
|
||||||
|
# All redirect domains have to be added to EXTRA_DOMAINS as well)
|
||||||
|
# multiple redirects can be added by seperating them with a | character
|
||||||
|
#REDIRECTS=www.wordpress.example.com
|
||||||
LETS_ENCRYPT_ENV=production
|
LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
|
# Setup Wordpress settings on each deploy:
|
||||||
|
#POST_DEPLOY_CMDS="app core_install"
|
||||||
|
|
||||||
|
# Optional settings, otherwise can be set in the installer
|
||||||
|
# (Required for `app core_install`
|
||||||
|
#TITLE="My Example Blog"
|
||||||
|
#LOCALE="en_US" # de_DE
|
||||||
|
#ADMIN_EMAIL=admin@example.com
|
||||||
|
|
||||||
|
# Every new user is per default subscriber, uncomment to change it
|
||||||
|
#DEFAULT_USER_ROLE=administrator
|
||||||
|
|
||||||
|
# PHP composer for plugin installation
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.composer.yml"
|
||||||
|
|
||||||
|
#WORDPRESS_DEBUG=true
|
||||||
|
|
||||||
## Additional extensions
|
## Additional extensions
|
||||||
#PHP_EXTENSIONS="calendar"
|
#PHP_EXTENSIONS="calendar"
|
||||||
|
|
||||||
@ -14,24 +39,56 @@ SECRET_DB_PASSWORD_VERSION=v1
|
|||||||
# Mostly for compatibility with existing database dumps...
|
# Mostly for compatibility with existing database dumps...
|
||||||
#WORDPRESS_TABLE_PREFIX=wp_
|
#WORDPRESS_TABLE_PREFIX=wp_
|
||||||
|
|
||||||
# Multisite
|
# Multisite (see README)
|
||||||
#WORDPRESS_CONFIG_EXTRA="\
|
#MULTISITE=enable # either 'enable', 'subdomain' or 'subfolder'
|
||||||
# define('WP_CACHE', false);\
|
|
||||||
# define('WP_ALLOW_MULTISITE', true );"
|
|
||||||
|
|
||||||
# Multisite phase 2 (see README)
|
# File upload settings
|
||||||
# WORDPRESS_CONFIG_EXTRA="define('MULTISITE', true); define('SUBDOMAIN_INSTALL', true); define('DOMAIN_CURRENT_SITE', '${DOMAIN}'); define('PATH_CURRENT_SITE', '/'); define('SITE_ID_CURRENT_SITE', 1); define('BLOG_ID_CURRENT_SITE', 1); define('FORCE_SSL_ADMIN', true ); define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
#UPLOAD_MAX_SIZE=256M
|
||||||
|
#UPLOAD_MAX_TIME=30
|
||||||
|
|
||||||
# Local SMTP relay
|
# Local SMTP relay
|
||||||
#COMPOSE_FILE="compose.yml:compose.mailrelay.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml"
|
||||||
#SMTP_HOST="postfix_relay_app"
|
#SMTP_HOST="postfix_relay_app"
|
||||||
#MAIL_FROM="wordpress@example.com"
|
#MAIL_FROM="wordpress@example.com"
|
||||||
|
|
||||||
# Remote SMTP relay
|
# Remote SMTP relay
|
||||||
#COMPOSE_FILE="compose.yml:compose.mailrelay.yml:compose.smtp.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml:compose.smtp.yml"
|
||||||
#SMTP_HOST="mail.example.com"
|
#SMTP_HOST="mail.example.com"
|
||||||
#MAIL_FROM="wordpress@example.com"
|
#MAIL_FROM="wordpress@example.com"
|
||||||
|
#SMTP_USER="wordpress@example.com" # optional, defaults to MAIL_FROM
|
||||||
|
#SMTP_OVERRIDE_FROM=on # force "From" to MAIL_FROM, usually necessary
|
||||||
#SMTP_PORT=587
|
#SMTP_PORT=587
|
||||||
#SMTP_AUTH=on
|
#SMTP_AUTH=on
|
||||||
#SMTP_TLS=on
|
#SMTP_TLS=on
|
||||||
#SECRET_SMTP_PASSWORD_VERSION=v1
|
#SECRET_SMTP_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
|
# Authentik SSO
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
|
||||||
|
#AUTHENTIK_DOMAIN=authentik.example.com
|
||||||
|
#SECRET_AUTHENTIK_SECRET_VERSION=v1
|
||||||
|
#SECRET_AUTHENTIK_ID_VERSION=v1
|
||||||
|
#LOGIN_TYPE='auto'
|
||||||
|
|
||||||
|
# Matrix .well-known redirect
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
|
||||||
|
#MATRIX_DOMAIN=matrix.example.com
|
||||||
|
|
||||||
|
# Allow remote connections to db
|
||||||
|
# 🚩🚩 dangerous, use only for development sites!
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.public-db.yml
|
||||||
|
|
||||||
|
# Wide-open CORS
|
||||||
|
# 🚩🚩 dangerous, use only for development sites!
|
||||||
|
#CORS_ALLOW_ALL=1
|
||||||
|
|
||||||
|
|
||||||
|
# FTP
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp.yml"
|
||||||
|
#SECRET_FTP_PASS_VERSION=v1
|
||||||
|
# You can use a Port between 2220-2225
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2220.yml"
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2221.yml"
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2222.yml"
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2223.yml"
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2224.yml"
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2225.yml"
|
||||||
|
57
README.md
57
README.md
@ -1,13 +1,13 @@
|
|||||||
# Wordpress
|
# Wordpress
|
||||||
|
|
||||||
[](https://drone.autonomic.zone/coop-cloud/wordpress)
|
[](https://build.coopcloud.tech/coop-cloud/wordpress)
|
||||||
|
|
||||||
Coöp Cloud + [Wordpress](https://wordpress.org) = 🥳
|
Coöp Cloud + [Wordpress](https://wordpress.org) = 🥳
|
||||||
|
|
||||||
<!-- metadata -->
|
<!-- metadata -->
|
||||||
|
|
||||||
* **Category**: Apps
|
* **Category**: Apps
|
||||||
* **Status**: 3, stable
|
* **Status**: 4
|
||||||
* **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream
|
* **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream
|
||||||
* **Healthcheck**: Yes
|
* **Healthcheck**: Yes
|
||||||
* **Backups**: Yes
|
* **Backups**: Yes
|
||||||
@ -17,40 +17,47 @@ Coöp Cloud + [Wordpress](https://wordpress.org) = 🥳
|
|||||||
|
|
||||||
<!-- endmetadata -->
|
<!-- endmetadata -->
|
||||||
|
|
||||||
## Basic usage
|
|
||||||
|
|
||||||
1. Set up Docker Swarm and [`abra`][abra]
|
## Quick start
|
||||||
2. Deploy [`coop-cloud/traefik`][cc-traefik]
|
|
||||||
3. `abra app new wordpress --secrets` (optionally with `--pass` if you'd like
|
|
||||||
to save secrets in `pass`)
|
* `abra app new wordpress`
|
||||||
4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
|
* `abra app config <app-name>`
|
||||||
your Docker swarm box
|
* `abra app secret generate -a <app-name>`
|
||||||
5. `abra app YOURAPPDOMAIN deploy`
|
* `abra app deploy <app-name>`
|
||||||
6. Open the configured domain in your browser to finish set-up
|
* `abra app cmd <app-name> app core_install`
|
||||||
7. `abra app YOURAPPDOMAIN run app chown www-data:www-data /var/www/html/wp-content` to fix
|
|
||||||
file permissions (see #3)
|
### Authentik Integration
|
||||||
|
|
||||||
|
|
||||||
|
`abra app config <app-name>`
|
||||||
|
Configure the following envs:
|
||||||
|
```
|
||||||
|
COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
|
||||||
|
AUTHENTIK_DOMAIN=authentik.example.com
|
||||||
|
AUTHENTIK_SECRET_NAME=authentik_example_com_wordpress_secret_v1 # the same as in authentik
|
||||||
|
AUTHENTIK_ID_NAME=authentik_example_com_wordpress_id_v1 # the same as in authentik
|
||||||
|
```
|
||||||
|
|
||||||
|
`abra app cmd <app-name> app set_authentik`
|
||||||
|
|
||||||
## Running WP-CLI
|
## Running WP-CLI
|
||||||
|
|
||||||
`abra app cmd YOURAPPDOMAIN app wp -- core check-update --major`
|
`abra app cmd <app-name> app wp -- core check-update --major`
|
||||||
|
|
||||||
## Network (Multi-site)
|
## Network (Multi-site)
|
||||||
|
|
||||||
_(Only tested using subdomains)_
|
|
||||||
|
|
||||||
1. Set up as above
|
1. Set up as above
|
||||||
2. `abra app YOURAPPDOMAIN config`, and uncomment the first `# Multisite` section
|
2. `abra app config <app-name>`, and uncomment `#MULTISITE=enable`
|
||||||
3. `abra app YOURAPPDOMAIN deploy`
|
3. `abra app deploy <app-name>`
|
||||||
4. Log into the Wordpress admin dashboard, go to Tools » Network Setup
|
4. Log into the Wordpress admin dashboard, go to Tools » Network Setup
|
||||||
5. Don't worry about the suggested file changes
|
5. Don't worry about the suggested file changes
|
||||||
6. `abra app YOURAPPDOMAIN config` again - comment out the first `# Multisite`
|
6. `abra app config <app-name>` again and set `MULTISITE` to either `subdomain` or `subfolder` depending on your setup.
|
||||||
section in `.envrc`, uncomment the `# Multisite phase 2` section, and add
|
7. `abra app deploy <app-name>`
|
||||||
your multisite subdomain(s) to `EXTRA_DOMAINS` (beware the weird syntax..)
|
|
||||||
7. `abra app YOURAPPDOMAIN deploy`
|
|
||||||
|
|
||||||
## Installing a custom theme
|
## Installing a custom theme
|
||||||
|
|
||||||
`abra app YOURAPPDOMAIN cp ~/path/to/local/theme wordpress:/var/www/html/wp-content/themes/`
|
`abra app cp <app-name> ~/path/to/local/theme wordpress:/var/www/html/wp-content/themes/`
|
||||||
|
|
||||||
## Email
|
## Email
|
||||||
|
|
||||||
@ -62,10 +69,10 @@ There is a local or remote SMTP relay configuration available.
|
|||||||
Below are the instructions for the local relay.
|
Below are the instructions for the local relay.
|
||||||
|
|
||||||
1. Deploy [`postfix-relay`][cc-postfix-relay]
|
1. Deploy [`postfix-relay`][cc-postfix-relay]
|
||||||
2. `abra app YOURAPPDOMAIN config`, and uncomment the email lines; change
|
2. `abra app config <app-name>`, and uncomment the email lines; change
|
||||||
`MAIL_FROM` to make sure the domain is the same as `postfix-relay`'s
|
`MAIL_FROM` to make sure the domain is the same as `postfix-relay`'s
|
||||||
`$DOMAIN` or in its `$EXTRA_SENDER_DOMAINS`
|
`$DOMAIN` or in its `$EXTRA_SENDER_DOMAINS`
|
||||||
3. `abra app YOURAPPDOMAIN deploy`
|
3. `abra app deploy <app-name>`
|
||||||
|
|
||||||
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||||
[cc-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
[cc-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
||||||
|
162
abra.sh
162
abra.sh
@ -1,86 +1,96 @@
|
|||||||
export PHP_UPLOADS_CONF_VERSION=v3
|
export PHP_UPLOADS_CONF_VERSION=v4
|
||||||
export ENTRYPOINT_CONF_VERSION=v3
|
export ENTRYPOINT_CONF_VERSION=v7
|
||||||
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
||||||
export MSMTP_CONF_VERSION=v3
|
export MSMTP_CONF_VERSION=v4
|
||||||
|
export HTACCESS_CONF_VERSION=v2
|
||||||
|
export USERS_CONF_VERSION=v1
|
||||||
|
|
||||||
wp() {
|
wp() {
|
||||||
/usr/local/bin/wp $@
|
su -p www-data -s /bin/bash -c "/usr/local/bin/wp $@"
|
||||||
|
}
|
||||||
|
|
||||||
|
update() {
|
||||||
|
wp "core update-db"
|
||||||
|
wp "plugin update --all"
|
||||||
|
wp "plugin auto-updates enable --all"
|
||||||
|
wp "theme update --all"
|
||||||
|
wp "theme auto-updates enable --all"
|
||||||
|
wp "language core update"
|
||||||
|
wp "language plugin update --all"
|
||||||
|
wp "language theme update --all"
|
||||||
|
}
|
||||||
|
|
||||||
|
core_install(){
|
||||||
|
ADMIN=admin
|
||||||
|
if [ -n "$AUTHENTIK_DOMAIN" ]
|
||||||
|
then
|
||||||
|
ADMIN=akadmin
|
||||||
|
fi
|
||||||
|
chown www-data:www-data -R /var/www/html/wp-content
|
||||||
|
wp "core install --url=$DOMAIN --title=\"$TITLE\" --admin_user=$ADMIN --admin_email=$ADMIN_EMAIL --locale=$LOCALE --skip-email"
|
||||||
|
wp "language core install $LOCALE"
|
||||||
|
wp "site switch-language $LOCALE"
|
||||||
|
wp "rewrite structure '/%year%/%monthnum%/%day%/%postname%/'"
|
||||||
|
wp "plugin install --activate disable-update-notifications"
|
||||||
|
wp "option update disable_notification_setting --format=json '{\"dpun_setting\":false,\"dwtu_setting\":false,\"dwcun_setting\":true}'"
|
||||||
|
if [ -n "$DEFAULT_USER_ROLE" ]
|
||||||
|
then
|
||||||
|
wp "option set default_role $DEFAULT_USER_ROLE"
|
||||||
|
else
|
||||||
|
wp "option set default_role subscriber"
|
||||||
|
fi
|
||||||
|
wp "theme auto-updates enable --all"
|
||||||
|
wp 'plugin auto-updates enable --all' || exit 0
|
||||||
|
}
|
||||||
|
|
||||||
|
set_authentik(){
|
||||||
|
AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
|
||||||
|
AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
|
||||||
|
if [ -z $LOGIN_TYPE ]
|
||||||
|
then
|
||||||
|
LOGIN_TYPE='button'
|
||||||
|
fi
|
||||||
|
wp "user create akadmin admin@example.com --role=administrator"
|
||||||
|
wp "plugin install --activate daggerhart-openid-connect-generic"
|
||||||
|
wp 'plugin auto-updates enable daggerhart-openid-connect-generic'
|
||||||
|
wp "option update --format=json openid_connect_generic_settings '
|
||||||
|
{
|
||||||
|
\"login_type\":\"$LOGIN_TYPE\",
|
||||||
|
\"client_id\":\"$AUTHENTIK_ID\",
|
||||||
|
\"client_secret\":\"$AUTHENTIK_SECRET\",
|
||||||
|
\"scope\":\"email profile openid\",
|
||||||
|
\"endpoint_login\":\"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
|
||||||
|
\"endpoint_userinfo\":\"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
|
||||||
|
\"endpoint_token\":\"https://$AUTHENTIK_DOMAIN/application/o/token/\",
|
||||||
|
\"endpoint_end_session\":\"https://$AUTHENTIK_DOMAIN/application/o/wordpress/end-session/\",
|
||||||
|
\"acr_values\":\"\",
|
||||||
|
\"identity_key\":\"preferred_username\",
|
||||||
|
\"no_sslverify\":\"0\",
|
||||||
|
\"http_request_timeout\":\"30\",
|
||||||
|
\"enforce_privacy\":\"0\",
|
||||||
|
\"alternate_redirect_uri\":\"1\",
|
||||||
|
\"nickname_key\":\"preferred_username\",
|
||||||
|
\"email_format\":\"{email}\",
|
||||||
|
\"displayname_format\":\"\",
|
||||||
|
\"identify_with_username\":\"1\",
|
||||||
|
\"state_time_limit\":\"\",
|
||||||
|
\"token_refresh_enable\":\"1\",
|
||||||
|
\"link_existing_users\":\"1\",
|
||||||
|
\"create_if_does_not_exist\":\"1\",
|
||||||
|
\"redirect_user_back\":\"0\",
|
||||||
|
\"redirect_on_logout\":\"1\",
|
||||||
|
\"enable_logging\":\"0\",
|
||||||
|
\"log_limit\":\"1000\"
|
||||||
|
}'"
|
||||||
|
wp "rewrite flush"
|
||||||
|
wp "cache flush"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fix_mysql() {
|
fix_mysql() {
|
||||||
echo "ALTER TABLE mysql.column_stats MODIFY histogram longblob; ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');" | mysql -u root -p$(cat /run/secrets/db_root_password)
|
echo "ALTER TABLE mysql.column_stats MODIFY histogram longblob; ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');" | mysql -u root -p$(cat /run/secrets/db_root_password)
|
||||||
}
|
}
|
||||||
|
|
||||||
sub_wp() {
|
show_plugins() {
|
||||||
CONTAINER=$(docker container ls -f "Name=${STACK_NAME}_app" --format '{{ .ID }}')
|
wp "plugin list --fields=name,status,wporg_status,version,update_version,auto_update,tested_up_to,wporg_last_updated"
|
||||||
if [ -z "$CONTAINER" ]; then
|
|
||||||
error "Can't find a container for ${STACK_NAME}_app"
|
|
||||||
exit
|
|
||||||
fi
|
|
||||||
debug "Using Container ID ${CONTAINER}"
|
|
||||||
|
|
||||||
# FIXME 3wc: we're fighting the Wordpress image, which recommends a named
|
|
||||||
# volume for /var/www/html -- this used to work fine using --volumes-from
|
|
||||||
# because the actual MySQL password was inserted into the generated
|
|
||||||
# wp-config.php -- but as of Wordpress 5.7.0, wp-config loads data straight
|
|
||||||
# from the environment, which requires Docker secrets to work, which only work
|
|
||||||
# in swarm services (not one-off `docker run` commands). Defining a `cli`
|
|
||||||
# service in compose.yml almost works, but there's no volumes_from: in Compose
|
|
||||||
# V3, and without it then the `cli` service can't access Wordpress core.
|
|
||||||
# See https://git.autonomic.zone/coop-cloud/wordpress/issues/21
|
|
||||||
warning "Slowly looking up MySQL password..."
|
|
||||||
silence
|
|
||||||
abra__service_="app"
|
|
||||||
DB_PASSWORD="$(sub_app_run cat "/run/secrets/db_password")"
|
|
||||||
unsilence
|
|
||||||
|
|
||||||
# shellcheck disable=SC2154,SC2086
|
|
||||||
docker run -it \
|
|
||||||
--volumes-from "$CONTAINER" \
|
|
||||||
--network "container:$CONTAINER" \
|
|
||||||
-u xfs:xfs \
|
|
||||||
-e WORDPRESS_DB_HOST=db \
|
|
||||||
-e WORDPRESS_DB_USER=wordpress \
|
|
||||||
-e WORDPRESS_DB_PASSWORD="${DB_PASSWORD}" \
|
|
||||||
-e WORDPRESS_DB_NAME=wordpress \
|
|
||||||
-e WORDPRESS_CONFIG_EXTRA="${WORDPRESS_CONFIG_EXTRA}" \
|
|
||||||
wordpress:cli wp ${abra__args_[*]}
|
|
||||||
}
|
|
||||||
|
|
||||||
abra_backup_app() {
|
|
||||||
_abra_backup_dir "app:/var/www/html/wp-content"
|
|
||||||
}
|
|
||||||
|
|
||||||
abra_backup_db() {
|
|
||||||
_abra_backup_mysql "db" "wordpress"
|
|
||||||
}
|
|
||||||
|
|
||||||
abra_backup() {
|
|
||||||
abra_backup_app && abra_backup_db
|
|
||||||
}
|
|
||||||
|
|
||||||
abra_restore_app() {
|
|
||||||
# shellcheck disable=SC2034
|
|
||||||
{
|
|
||||||
abra__src_="-"
|
|
||||||
abra__dst_="app:/var/www/html/"
|
|
||||||
}
|
|
||||||
|
|
||||||
zcat "$@" | sub_app_cp
|
|
||||||
|
|
||||||
success "Restored 'app'"
|
|
||||||
}
|
|
||||||
|
|
||||||
abra_restore_db() {
|
|
||||||
# 3wc: unlike abra_backup_db, we can assume abra__service_ will be 'db' if we
|
|
||||||
# got this far..
|
|
||||||
|
|
||||||
# shellcheck disable=SC2034
|
|
||||||
abra___no_tty="true"
|
|
||||||
|
|
||||||
DB_ROOT_PASSWORD=$(sub_app_run cat /run/secrets/db_root_password)
|
|
||||||
|
|
||||||
zcat "$@" | sub_app_run mysql -u root -p"$DB_ROOT_PASSWORD" wordpress
|
|
||||||
|
|
||||||
success "Restored 'db'"
|
|
||||||
}
|
}
|
||||||
|
16
alaconnect.yml
Normal file
16
alaconnect.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
authentik:
|
||||||
|
uncomment:
|
||||||
|
- compose.authentik.yml
|
||||||
|
- AUTHENTIK_DOMAIN
|
||||||
|
- SECRET_AUTHENTIK_SECRET_VERSION
|
||||||
|
- SECRET_AUTHENTIK_ID_VERSION
|
||||||
|
- LOGIN_TYPE
|
||||||
|
inital-hooks:
|
||||||
|
- app set_authentik
|
||||||
|
shared_secrets:
|
||||||
|
wordpress_secret: authentik_secret
|
||||||
|
wordpress_id: authentik_id
|
||||||
|
matrix:
|
||||||
|
uncomment:
|
||||||
|
- compose.matrix.yml
|
||||||
|
- MATRIX_DOMAIN
|
14
compose.authentik.yml
Normal file
14
compose.authentik.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
version: "3.8"
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
secrets:
|
||||||
|
- authentik_secret
|
||||||
|
- authentik_id
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
authentik_secret:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_authentik_secret_${SECRET_AUTHENTIK_SECRET_VERSION}
|
||||||
|
authentik_id:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_authentik_id_${SECRET_AUTHENTIK_ID_VERSION}
|
14
compose.composer.yml
Normal file
14
compose.composer.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
volumes:
|
||||||
|
- "composer:/var/www/html/composer"
|
||||||
|
environment:
|
||||||
|
- ENABLE_COMPOSER=1
|
||||||
|
- COMPOSER=composer/composer.json
|
||||||
|
- COMPOSER_VENDOR_DIR=composer/vendor
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
composer:
|
7
compose.ftp-2220.yml
Normal file
7
compose.ftp-2220.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2220:22
|
7
compose.ftp-2221.yml
Normal file
7
compose.ftp-2221.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2221:22
|
7
compose.ftp-2222.yml
Normal file
7
compose.ftp-2222.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2222:22
|
7
compose.ftp-2223.yml
Normal file
7
compose.ftp-2223.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2223:22
|
7
compose.ftp-2224.yml
Normal file
7
compose.ftp-2224.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2224:22
|
7
compose.ftp-2225.yml
Normal file
7
compose.ftp-2225.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
ports:
|
||||||
|
- 2220:22
|
24
compose.ftp.yml
Normal file
24
compose.ftp.yml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
ftp:
|
||||||
|
image: atmoz/sftp
|
||||||
|
secrets:
|
||||||
|
- ftp_pass
|
||||||
|
volumes:
|
||||||
|
- "wordpress_content:/home/ftp_user/wp-content"
|
||||||
|
configs:
|
||||||
|
- source: users_conf
|
||||||
|
target: /etc/sftp/users.conf
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
ftp_pass:
|
||||||
|
name: ${STACK_NAME}_ftp_pass_${SECRET_FTP_PASS_VERSION}
|
||||||
|
external: true
|
||||||
|
|
||||||
|
configs:
|
||||||
|
users_conf:
|
||||||
|
name: ${STACK_NAME}_users_conf_${USERS_CONF_VERSION}
|
||||||
|
file: users.conf.tmpl
|
||||||
|
template_driver: golang
|
10
compose.matrix.yml
Normal file
10
compose.matrix.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
deploy:
|
||||||
|
labels:
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect-matrix-well-known"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2"
|
9
compose.public-db.yml
Normal file
9
compose.public-db.yml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
db:
|
||||||
|
ports:
|
||||||
|
- target: 3306
|
||||||
|
published: 3306
|
||||||
|
mode: host
|
@ -6,11 +6,12 @@ services:
|
|||||||
secrets:
|
secrets:
|
||||||
- smtp_password
|
- smtp_password
|
||||||
environment:
|
environment:
|
||||||
- SMTP_HOST=${SMTP_HOST}
|
- SMTP_HOST
|
||||||
- SMTP_PORT=${SMTP_PORT:-25}
|
- SMTP_PORT=${SMTP_PORT:-25}
|
||||||
- SMTP_AUTH=${SMTP_AUTH}
|
- SMTP_AUTH
|
||||||
- SMTP_TLS=${SMTP_TLS}
|
- SMTP_TLS
|
||||||
- MAIL_FROM=${MAIL_FROM}
|
- MAIL_FROM
|
||||||
|
- SMTP_OVERRIDE_FROM
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
smtp_password:
|
smtp_password:
|
||||||
|
53
compose.yml
53
compose.yml
@ -3,21 +3,26 @@ version: "3.8"
|
|||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: "wordpress:6.1.1"
|
image: "wordpress:6.8.1"
|
||||||
volumes:
|
volumes:
|
||||||
- "wordpress_content:/var/www/html/wp-content/"
|
- "wordpress_content:/var/www/html/wp-content/"
|
||||||
networks:
|
networks:
|
||||||
- backend
|
- backend
|
||||||
- proxy
|
- proxy
|
||||||
environment:
|
environment:
|
||||||
- PAGER=more
|
WORDPRESS_CONFIG_EXTRA: |
|
||||||
- WORDPRESS_DB_HOST=db
|
define( 'AUTOMATIC_UPDATER_DISABLED', false );
|
||||||
- WORDPRESS_DB_USER=wordpress
|
define( 'WP_AUTO_UPDATE_CORE', false );
|
||||||
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/db_password
|
${WORDPRESS_CONFIG_EXTRA}
|
||||||
- WORDPRESS_DB_NAME=wordpress
|
PAGER: more
|
||||||
- WORDPRESS_CONFIG_EXTRA=${WORDPRESS_CONFIG_EXTRA}
|
WORDPRESS_DB_HOST: db
|
||||||
- WORDPRESS_TABLE_PREFIX
|
WORDPRESS_DB_USER: wordpress
|
||||||
- PHP_EXTENSIONS
|
WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_password
|
||||||
|
WORDPRESS_DB_NAME: wordpress
|
||||||
|
WORDPRESS_TABLE_PREFIX: ${WORDPRESS_TABLE_PREFIX:-wp_}
|
||||||
|
PHP_EXTENSIONS: ${PHP_EXTENSIONS}
|
||||||
|
CORS_ALLOW_ALL:
|
||||||
|
COMPOSER:
|
||||||
secrets:
|
secrets:
|
||||||
- db_password
|
- db_password
|
||||||
configs:
|
configs:
|
||||||
@ -26,6 +31,8 @@ services:
|
|||||||
- source: entrypoint_conf
|
- source: entrypoint_conf
|
||||||
target: /docker-entrypoint.sh
|
target: /docker-entrypoint.sh
|
||||||
mode: 0555
|
mode: 0555
|
||||||
|
- source: htaccess_conf
|
||||||
|
target: /var/www/html/.htaccess
|
||||||
entrypoint: /docker-entrypoint.sh
|
entrypoint: /docker-entrypoint.sh
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
@ -50,12 +57,15 @@ services:
|
|||||||
#- "traefik.http.routers.${STACK_NAME}.rule=HostRegexp(`{subdomain:.+}.${DOMAIN}`, `${DOMAIN}`)"
|
#- "traefik.http.routers.${STACK_NAME}.rule=HostRegexp(`{subdomain:.+}.${DOMAIN}`, `${DOMAIN}`)"
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- "coop-cloud.${STACK_NAME}.version=2.2.0+6.1.1"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
- "backupbot.backup=true"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.regex=^https://(${REDIRECTS})/(.*)"
|
||||||
- "backupbot.backup.path=/var/www/html"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
|
||||||
|
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||||
|
- "coop-cloud.${STACK_NAME}.version=2.16.1+6.8.1"
|
||||||
|
|
||||||
db:
|
db:
|
||||||
image: "mariadb:10.8"
|
image: "mariadb:11.7"
|
||||||
volumes:
|
volumes:
|
||||||
- "mariadb:/var/lib/mysql"
|
- "mariadb:/var/lib/mysql"
|
||||||
networks:
|
networks:
|
||||||
@ -70,12 +80,10 @@ services:
|
|||||||
- db_root_password
|
- db_root_password
|
||||||
deploy:
|
deploy:
|
||||||
labels:
|
labels:
|
||||||
backupbot.backup: "true"
|
backupbot.backup: "${ENABLE_BACKUPS:-true}"
|
||||||
backupbot.backup.path: "/tmp/dump.sql.gz"
|
backupbot.backup.pre-hook: "mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz"
|
||||||
backupbot.backup.pre-hook: "sh -c 'mysqldump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /tmp/dump.sql.gz'"
|
backupbot.backup.volumes.mariadb.path: "dump.sql.gz"
|
||||||
backupbot.backup.post-hook: "rm -f /tmp/dump.sql.gz"
|
backupbot.restore.post-hook: "gzip -d /var/lib/mysql/dump.sql.gz && mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dump.sql && rm -f /var/lib/mysql/dump.sql"
|
||||||
backupbot.restore: "true"
|
|
||||||
backupbot.restore.post-hook: "sh -c 'mysql -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /tmp/dbdump.sql && rm -f /tmp/dbdump.sql'"
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
backend:
|
backend:
|
||||||
@ -101,4 +109,9 @@ configs:
|
|||||||
template_driver: golang
|
template_driver: golang
|
||||||
php_uploads_conf:
|
php_uploads_conf:
|
||||||
name: ${STACK_NAME}_php_uploads_conf_${PHP_UPLOADS_CONF_VERSION}
|
name: ${STACK_NAME}_php_uploads_conf_${PHP_UPLOADS_CONF_VERSION}
|
||||||
file: uploads.ini
|
file: uploads.ini.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
htaccess_conf:
|
||||||
|
name: ${STACK_NAME}_htaccess_conf_${HTACCESS_CONF_VERSION}
|
||||||
|
file: htaccess.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
@ -7,6 +7,41 @@ docker-php-ext-install {{ env "PHP_EXTENSIONS" }}
|
|||||||
curl -z /usr/local/bin/wp -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
curl -z /usr/local/bin/wp -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
||||||
chmod +x /usr/local/bin/wp
|
chmod +x /usr/local/bin/wp
|
||||||
|
|
||||||
|
{{ if eq (env "ENABLE_COMPOSER") "1" }}
|
||||||
|
mkdir -p /var/www/.composer
|
||||||
|
chown www-data:www-data /var/www/.composer /var/www/html/composer
|
||||||
|
|
||||||
|
curl https://getcomposer.org/installer -o /tmp/composer-setup.php
|
||||||
|
php -r "if (hash_file('sha384', '/tmp/composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||||
|
php /tmp/composer-setup.php
|
||||||
|
rm /tmp/composer-setup.php
|
||||||
|
|
||||||
|
mv /var/www/html/composer.phar /usr/local/bin/composer
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
|
{{ if eq (env "CORS_ALLOW_ALL") "1" }}
|
||||||
|
a2enmod headers
|
||||||
|
sed -ri -e 's/^([ \t]*)(<\/VirtualHost>)/\1\tHeader set Access-Control-Allow-Origin "*"\n\1\2/g' /etc/apache2/sites-available/*.conf
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
|
{{ if eq (env "MULTISITE") "enable" }}
|
||||||
|
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||||
|
define('WP_CACHE', false);
|
||||||
|
define('WP_ALLOW_MULTISITE', true );"
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
|
{{ if or (eq (env "MULTISITE") "subdomain") (eq (env "MULTISITE") "subfolder") }}
|
||||||
|
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||||
|
define('MULTISITE', true);
|
||||||
|
define('SUBDOMAIN_INSTALL', true);
|
||||||
|
define('DOMAIN_CURRENT_SITE', '${DOMAIN}');
|
||||||
|
define('PATH_CURRENT_SITE', '/');
|
||||||
|
define('SITE_ID_CURRENT_SITE', 1);
|
||||||
|
define('BLOG_ID_CURRENT_SITE', 1);
|
||||||
|
define('FORCE_SSL_ADMIN', true );
|
||||||
|
define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
if [ -n "$@" ]; then
|
if [ -n "$@" ]; then
|
||||||
"$@"
|
"$@"
|
||||||
fi
|
fi
|
||||||
|
57
htaccess.tmpl
Normal file
57
htaccess.tmpl
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
{{ if eq (env "MULTISITE") "" -}}
|
||||||
|
# BEGIN WordPress
|
||||||
|
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||||
|
RewriteBase /
|
||||||
|
RewriteRule ^index\.php$ - [L]
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
|
RewriteRule . /index.php [L]
|
||||||
|
|
||||||
|
# END WordPress
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if eq (env "MULTISITE") "subfolder" -}}
|
||||||
|
# BEGIN WordPress Multisite
|
||||||
|
# Using subfolder network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||||
|
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||||
|
RewriteBase /
|
||||||
|
RewriteRule ^index\.php$ - [L]
|
||||||
|
|
||||||
|
# add a trailing slash to /wp-admin
|
||||||
|
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
|
||||||
|
|
||||||
|
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||||
|
RewriteCond %{REQUEST_FILENAME} -d
|
||||||
|
RewriteRule ^ - [L]
|
||||||
|
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
|
||||||
|
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
|
||||||
|
RewriteRule . index.php [L]
|
||||||
|
|
||||||
|
# END WordPress Multisite
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if eq (env "MULTISITE") "subdomain" -}}
|
||||||
|
# BEGIN WordPress Multisite
|
||||||
|
# Using subdomain network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||||
|
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||||
|
RewriteBase /
|
||||||
|
RewriteRule ^index\.php$ - [L]
|
||||||
|
|
||||||
|
# add a trailing slash to /wp-admin
|
||||||
|
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
|
||||||
|
|
||||||
|
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||||
|
RewriteCond %{REQUEST_FILENAME} -d
|
||||||
|
RewriteRule ^ - [L]
|
||||||
|
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
|
||||||
|
RewriteRule ^(.*\.php)$ $1 [L]
|
||||||
|
RewriteRule . index.php [L]
|
||||||
|
|
||||||
|
# END WordPress Multisite
|
||||||
|
{{- end }}
|
@ -1,9 +1,13 @@
|
|||||||
account default
|
account default
|
||||||
host {{ env "SMTP_HOST" }}
|
host {{ env "SMTP_HOST" }}
|
||||||
from {{ env "MAIL_FROM" }}
|
from {{ env "MAIL_FROM" }}
|
||||||
user {{ env "MAIL_FROM" }}
|
user {{ or (env "SMTP_USER") (env "MAIL_FROM") }}
|
||||||
port {{ env "SMTP_PORT" }}
|
port {{ env "SMTP_PORT" }}
|
||||||
|
|
||||||
|
{{ if eq (env "SMTP_OVERRIDE_FROM") "on" }}
|
||||||
|
set_from_header on
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
{{ if eq (env "SMTP_AUTH") "on" }}
|
{{ if eq (env "SMTP_AUTH") "on" }}
|
||||||
auth {{ env "SMTP_AUTH" }}
|
auth {{ env "SMTP_AUTH" }}
|
||||||
passwordeval "cat /run/secrets/smtp_password"
|
passwordeval "cat /run/secrets/smtp_password"
|
||||||
|
1
release/2.10.0+6.5.5
Normal file
1
release/2.10.0+6.5.5
Normal file
@ -0,0 +1 @@
|
|||||||
|
Adds redirects and alakazam integration
|
1
release/2.13.2+6.7.1
Normal file
1
release/2.13.2+6.7.1
Normal file
@ -0,0 +1 @@
|
|||||||
|
Breaking change for ftp container: you need to uncomment COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2222.yml" to open port 2222 again. You can also select between port 2220-2225.
|
1
release/2.4.0+6.3.0
Normal file
1
release/2.4.0+6.3.0
Normal file
@ -0,0 +1 @@
|
|||||||
|
The authentik secrets need to be inserted again, as wordpress is not sharing the secret with authentik any more.
|
1
release/2.7.0+6.4.2
Normal file
1
release/2.7.0+6.4.2
Normal file
@ -0,0 +1 @@
|
|||||||
|
Multisite now also works with subpaths instead of subdomains. Also Multisite support was simplified. If you are using a subdomain multisite setup you can remove the `WORDPRESS_CONFIG_EXTRA="define('MULTISITE', true);...` from your config and instead set MULTISITE=subdomain.
|
@ -1,3 +0,0 @@
|
|||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 256M
|
|
||||||
post_max_size = 256M
|
|
11
uploads.ini.tmpl
Normal file
11
uploads.ini.tmpl
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{{ $upload_max_size := "256M" }}
|
||||||
|
{{ if ne (env "UPLOAD_MAX_SIZE") "" }} {{ $upload_max_size = env "UPLOAD_MAX_SIZE" }} {{ end }}
|
||||||
|
{{ $upload_max_time := "30" }}
|
||||||
|
{{ if ne (env "UPLOAD_MAX_TIME") "" }} {{ $upload_max_time = env "UPLOAD_MAX_TIME" }} {{ end }}
|
||||||
|
|
||||||
|
file_uploads = On
|
||||||
|
upload_max_filesize = {{ $upload_max_size }}
|
||||||
|
post_max_size = {{ $upload_max_size }}
|
||||||
|
memory_limit = {{ $upload_max_size }}
|
||||||
|
max_execution_time = {{ $upload_max_time }}
|
||||||
|
max_input_time = {{ $upload_max_time }}
|
1
users.conf.tmpl
Normal file
1
users.conf.tmpl
Normal file
@ -0,0 +1 @@
|
|||||||
|
ftp_user:{{ secret "ftp_pass" }}:33:33
|
Reference in New Issue
Block a user