forked from coop-cloud/wordpress
Compare commits
12 Commits
e29109d081
...
015c7d6f0c
Author | SHA1 | Date |
---|---|---|
|
015c7d6f0c | |
|
81dbeca30d | |
|
245b800439 | |
|
540d526914 | |
|
df32ba5141 | |
|
8d8418a6c0 | |
|
a8d67b063c | |
|
da0f503960 | |
|
6767d5ee65 | |
|
d5227cc534 | |
|
45a36ba7b4 | |
|
ed77855e7d |
15
.env.sample
15
.env.sample
|
@ -20,8 +20,8 @@ LETS_ENCRYPT_ENV=production
|
|||
# Every new user is per default subscriber, uncomment to change it
|
||||
#DEFAULT_USER_ROLE=administrator
|
||||
|
||||
# Uncomment to install PHP Composer
|
||||
#COMPOSER=1
|
||||
# PHP composer for plugin installation
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.composer.yml"
|
||||
|
||||
#WORDPRESS_DEBUG=true
|
||||
|
||||
|
@ -34,13 +34,8 @@ SECRET_DB_PASSWORD_VERSION=v1
|
|||
# Mostly for compatibility with existing database dumps...
|
||||
#WORDPRESS_TABLE_PREFIX=wp_
|
||||
|
||||
# Multisite
|
||||
#WORDPRESS_CONFIG_EXTRA="\
|
||||
#define('WP_CACHE', false);\
|
||||
#define('WP_ALLOW_MULTISITE', true );"
|
||||
|
||||
# Multisite phase 2 (see README)
|
||||
#WORDPRESS_CONFIG_EXTRA="define('MULTISITE', true); define('SUBDOMAIN_INSTALL', true); define('DOMAIN_CURRENT_SITE', '${DOMAIN}'); define('PATH_CURRENT_SITE', '/'); define('SITE_ID_CURRENT_SITE', 1); define('BLOG_ID_CURRENT_SITE', 1); define('FORCE_SSL_ADMIN', true ); define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
# Multisite (see README)
|
||||
#MULTISITE=enable # either 'enable', 'subdomain' or 'subfolder'
|
||||
|
||||
# Local SMTP relay
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml"
|
||||
|
@ -48,7 +43,7 @@ SECRET_DB_PASSWORD_VERSION=v1
|
|||
#MAIL_FROM="wordpress@example.com"
|
||||
|
||||
# Remote SMTP relay
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml:compose.smtp.yml"
|
||||
#SMTP_HOST="mail.example.com"
|
||||
#MAIL_FROM="wordpress@example.com"
|
||||
#SMTP_USER="wordpress@example.com" # optional, defaults to MAIL_FROM
|
||||
|
|
|
@ -47,16 +47,12 @@ AUTHENTIK_ID_NAME=authentik_example_com_wordpress_id_v1 # the same as in authen
|
|||
|
||||
## Network (Multi-site)
|
||||
|
||||
_(Only tested using subdomains)_
|
||||
|
||||
1. Set up as above
|
||||
2. `abra app config <app-name>`, and uncomment the first `# Multisite` section
|
||||
2. `abra app config <app-name>`, and uncomment `#MULTISITE=enable`
|
||||
3. `abra app deploy <app-name>`
|
||||
4. Log into the Wordpress admin dashboard, go to Tools » Network Setup
|
||||
5. Don't worry about the suggested file changes
|
||||
6. `abra app config <app-name>` again - comment out the first `# Multisite`
|
||||
section in `.envrc`, uncomment the `# Multisite phase 2` section, and add
|
||||
your multisite subdomain(s) to `EXTRA_DOMAINS` (beware the weird syntax..)
|
||||
6. `abra app config <app-name>` again and set `MULTISITE` to either `subdomain` or `subfolder` depending on your setup.
|
||||
7. `abra app deploy <app-name>`
|
||||
|
||||
## Installing a custom theme
|
||||
|
|
79
abra.sh
79
abra.sh
|
@ -1,7 +1,8 @@
|
|||
export PHP_UPLOADS_CONF_VERSION=v3
|
||||
export ENTRYPOINT_CONF_VERSION=v5
|
||||
export ENTRYPOINT_CONF_VERSION=v6
|
||||
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
||||
export MSMTP_CONF_VERSION=v4
|
||||
export HTACCESS_CONF_VERSION=v1
|
||||
|
||||
wp() {
|
||||
su -p www-data -s /bin/bash -c "/usr/local/bin/wp $@"
|
||||
|
@ -19,7 +20,7 @@ core_install(){
|
|||
wp "site switch-language $LOCALE"
|
||||
wp "rewrite structure '/%year%/%monthnum%/%day%/%postname%/'"
|
||||
wp "plugin install --activate disable-update-notifications"
|
||||
wp 'option update dwcun_setting on'
|
||||
wp "option update disable_notification_setting --format=json '{\"dpun_setting\":false,\"dwtu_setting\":false,\"dwcun_setting\":true}'"
|
||||
if [ -n "$DEFAULT_USER_ROLE" ]
|
||||
then
|
||||
wp "option set default_role $DEFAULT_USER_ROLE"
|
||||
|
@ -75,77 +76,3 @@ set_authentik(){
|
|||
fix_mysql() {
|
||||
echo "ALTER TABLE mysql.column_stats MODIFY histogram longblob; ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');" | mysql -u root -p$(cat /run/secrets/db_root_password)
|
||||
}
|
||||
|
||||
sub_wp() {
|
||||
CONTAINER=$(docker container ls -f "Name=${STACK_NAME}_app" --format '{{ .ID }}')
|
||||
if [ -z "$CONTAINER" ]; then
|
||||
error "Can't find a container for ${STACK_NAME}_app"
|
||||
exit
|
||||
fi
|
||||
debug "Using Container ID ${CONTAINER}"
|
||||
|
||||
# FIXME 3wc: we're fighting the Wordpress image, which recommends a named
|
||||
# volume for /var/www/html -- this used to work fine using --volumes-from
|
||||
# because the actual MySQL password was inserted into the generated
|
||||
# wp-config.php -- but as of Wordpress 5.7.0, wp-config loads data straight
|
||||
# from the environment, which requires Docker secrets to work, which only work
|
||||
# in swarm services (not one-off `docker run` commands). Defining a `cli`
|
||||
# service in compose.yml almost works, but there's no volumes_from: in Compose
|
||||
# V3, and without it then the `cli` service can't access Wordpress core.
|
||||
# See https://git.autonomic.zone/coop-cloud/wordpress/issues/21
|
||||
warning "Slowly looking up MySQL password..."
|
||||
silence
|
||||
abra__service_="app"
|
||||
DB_PASSWORD="$(sub_app_run cat "/run/secrets/db_password")"
|
||||
unsilence
|
||||
|
||||
# shellcheck disable=SC2154,SC2086
|
||||
docker run -it \
|
||||
--volumes-from "$CONTAINER" \
|
||||
--network "container:$CONTAINER" \
|
||||
-u xfs:xfs \
|
||||
-e WORDPRESS_DB_HOST=db \
|
||||
-e WORDPRESS_DB_USER=wordpress \
|
||||
-e WORDPRESS_DB_PASSWORD="${DB_PASSWORD}" \
|
||||
-e WORDPRESS_DB_NAME=wordpress \
|
||||
-e WORDPRESS_CONFIG_EXTRA="${WORDPRESS_CONFIG_EXTRA}" \
|
||||
wordpress:cli wp ${abra__args_[*]}
|
||||
}
|
||||
|
||||
abra_backup_app() {
|
||||
_abra_backup_dir "app:/var/www/html/wp-content"
|
||||
}
|
||||
|
||||
abra_backup_db() {
|
||||
_abra_backup_mysql "db" "wordpress"
|
||||
}
|
||||
|
||||
abra_backup() {
|
||||
abra_backup_app && abra_backup_db
|
||||
}
|
||||
|
||||
abra_restore_app() {
|
||||
# shellcheck disable=SC2034
|
||||
{
|
||||
abra__src_="-"
|
||||
abra__dst_="app:/var/www/html/"
|
||||
}
|
||||
|
||||
zcat "$@" | sub_app_cp
|
||||
|
||||
success "Restored 'app'"
|
||||
}
|
||||
|
||||
abra_restore_db() {
|
||||
# 3wc: unlike abra_backup_db, we can assume abra__service_ will be 'db' if we
|
||||
# got this far..
|
||||
|
||||
# shellcheck disable=SC2034
|
||||
abra___no_tty="true"
|
||||
|
||||
DB_ROOT_PASSWORD=$(sub_app_run cat /run/secrets/db_root_password)
|
||||
|
||||
zcat "$@" | sub_app_run mysql -u root -p"$DB_ROOT_PASSWORD" wordpress
|
||||
|
||||
success "Restored 'db'"
|
||||
}
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
volumes:
|
||||
- "composer:/var/www/html/composer"
|
||||
environment:
|
||||
- ENABLE_COMPOSER=1
|
||||
- COMPOSER=composer/composer.json
|
||||
- COMPOSER_VENDOR_DIR=composer/vendor
|
||||
|
||||
volumes:
|
||||
composer:
|
17
compose.yml
17
compose.yml
|
@ -3,7 +3,7 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: "wordpress:6.3.0"
|
||||
image: "wordpress:6.4.1"
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
networks:
|
||||
|
@ -31,6 +31,8 @@ services:
|
|||
- source: entrypoint_conf
|
||||
target: /docker-entrypoint.sh
|
||||
mode: 0555
|
||||
- source: htaccess_conf
|
||||
target: /var/www/html/.htaccess
|
||||
entrypoint: /docker-entrypoint.sh
|
||||
depends_on:
|
||||
- db
|
||||
|
@ -58,10 +60,10 @@ services:
|
|||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/var/www/html"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.5.1+6.3.0"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.6.2+6.4.1"
|
||||
|
||||
db:
|
||||
image: "mariadb:11.0"
|
||||
image: "mariadb:11.2"
|
||||
volumes:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
networks:
|
||||
|
@ -77,10 +79,11 @@ services:
|
|||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: "mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz"
|
||||
backupbot.backup.pre-hook: "sh -c 'mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz'"
|
||||
backupbot.backup.path: "/var/lib/mysql/dump.sql.gz"
|
||||
backupbot.backup.post-hook: "rm -f /var/lib/mysql/dump.sql.gz"
|
||||
backupbot.restore: "true"
|
||||
backupbot.restore.post-hook: "sh -c 'mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dbdump.sql && rm -f /var/lib/mysql/dbdump.sql'"
|
||||
backupbot.restore.post-hook: "sh -c 'gzip -d /var/lib/mysql/dump.sql.gz && mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dump.sql && rm -f /var/lib/mysql/dump.sql'"
|
||||
|
||||
networks:
|
||||
backend:
|
||||
|
@ -107,3 +110,7 @@ configs:
|
|||
php_uploads_conf:
|
||||
name: ${STACK_NAME}_php_uploads_conf_${PHP_UPLOADS_CONF_VERSION}
|
||||
file: uploads.ini
|
||||
htaccess_conf:
|
||||
name: ${STACK_NAME}_htaccess_conf_${HTACCESS_CONF_VERSION}
|
||||
file: htaccess.tmpl
|
||||
template_driver: golang
|
||||
|
|
|
@ -7,9 +7,9 @@ docker-php-ext-install {{ env "PHP_EXTENSIONS" }}
|
|||
curl -z /usr/local/bin/wp -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
||||
chmod +x /usr/local/bin/wp
|
||||
|
||||
{{ if eq (env "COMPOSER") "1" }}
|
||||
{{ if eq (env "ENABLE_COMPOSER") "1" }}
|
||||
mkdir -p /var/www/.composer
|
||||
chown www-data:www-data /var/www/.composer
|
||||
chown www-data:www-data /var/www/.composer /var/www/html/composer
|
||||
|
||||
curl https://getcomposer.org/installer -o /tmp/composer-setup.php
|
||||
php -r "if (hash_file('sha384', '/tmp/composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
|
@ -24,6 +24,24 @@ a2enmod headers
|
|||
sed -ri -e 's/^([ \t]*)(<\/VirtualHost>)/\1\tHeader set Access-Control-Allow-Origin "*"\n\1\2/g' /etc/apache2/sites-available/*.conf
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "MULTISITE") "enable" }}
|
||||
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||
define('WP_CACHE', false);
|
||||
define('WP_ALLOW_MULTISITE', true );"
|
||||
{{ end }}
|
||||
|
||||
{{ if or (eq (env "MULTISITE") "subdomain") (eq (env "MULTISITE") "subfolder") }}
|
||||
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||
define('MULTISITE', true);
|
||||
define('SUBDOMAIN_INSTALL', true);
|
||||
define('DOMAIN_CURRENT_SITE', '${DOMAIN}');
|
||||
define('PATH_CURRENT_SITE', '/');
|
||||
define('SITE_ID_CURRENT_SITE', 1);
|
||||
define('BLOG_ID_CURRENT_SITE', 1);
|
||||
define('FORCE_SSL_ADMIN', true );
|
||||
define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
{{ end }}
|
||||
|
||||
if [ -n "$@" ]; then
|
||||
"$@"
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
{{ if eq (env "MULTISITE") "" -}}
|
||||
# BEGIN WordPress
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule . /index.php [L]
|
||||
|
||||
# END WordPress
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq (env "MULTISITE") "subfolder" -}}
|
||||
# BEGIN WordPress Multisite
|
||||
# Using subfolder network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
|
||||
# add a trailing slash to /wp-admin
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
|
||||
|
||||
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||
RewriteCond %{REQUEST_FILENAME} -d
|
||||
RewriteRule ^ - [L]
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
|
||||
RewriteRule . index.php [L]
|
||||
|
||||
# END WordPress Multisite
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq (env "MULTISITE") "subdomain" -}}
|
||||
# BEGIN WordPress Multisite
|
||||
# Using subdomain network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
|
||||
# add a trailing slash to /wp-admin
|
||||
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
|
||||
|
||||
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||
RewriteCond %{REQUEST_FILENAME} -d
|
||||
RewriteRule ^ - [L]
|
||||
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
|
||||
RewriteRule ^(.*\.php)$ $1 [L]
|
||||
RewriteRule . index.php [L]
|
||||
|
||||
# END WordPress Multisite
|
||||
{{- end }}
|
|
@ -0,0 +1 @@
|
|||
The authentik secrets need to be inserted again, as wordpress is not sharing the secret with authentik any more.
|
|
@ -1 +1 @@
|
|||
The authentik secrets need to be inserted again, as wordpress is not sharing the secret with authentik any more.
|
||||
Multisite now also works with subpaths instead of subdomains. Also Multisite support was simplified. If you are using a subdomain multisite setup you can remove the `WORDPRESS_CONFIG_EXTRA="define('MULTISITE', true);...` from your config and instead set MULTISITE=subdomain.
|
||||
|
|
Loading…
Reference in New Issue