forked from coop-cloud/wordpress
Compare commits
177 Commits
service-re
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 74282d5658 | |||
| ab7716bf1e | |||
| b0cc5a49a1 | |||
| 3cca5d2cf3 | |||
| f403648cf6 | |||
| 83f724a316 | |||
| e6b9f8117f | |||
| e7aef38d3b | |||
| e08838561d | |||
| 04d26a59a9 | |||
| 591019112e | |||
| 76e9b80fbd | |||
| f49fa05ded | |||
| 716e6df3cd | |||
| 457c2defaf | |||
| 37ff3e9b1b | |||
| c5443cc14b | |||
| 34f70889e3 | |||
| af04e30e36 | |||
| 17574fd3fe | |||
| 8b6983d240 | |||
| 6fb30c5bc1 | |||
| 929bfb4239 | |||
| 7e4ff5c075 | |||
| 564db5b63f | |||
| cf9b5f529e | |||
| 240b70a967 | |||
| 7f6b6a5ff2 | |||
| 4d99aae234 | |||
| 959484f5e5 | |||
| 7ef8e5515d | |||
| 770ef4932a | |||
| dcb8a9a3a9 | |||
| f3a9fad0a1 | |||
| ebbd41e612 | |||
| b45fca4a3f | |||
| 1a6b11c95b | |||
| de5455833e | |||
| 81dbeca30d | |||
| 245b800439 | |||
| 540d526914 | |||
| df32ba5141 | |||
| 8d8418a6c0 | |||
| a8d67b063c | |||
| da0f503960 | |||
| 6767d5ee65 | |||
| d5227cc534 | |||
| 45a36ba7b4 | |||
| ed77855e7d | |||
| 1c70a89ed4 | |||
| c6be9ecfcf | |||
| f2867c8359 | |||
| 4a7c468806 | |||
| 40d95417e9 | |||
| 37aa0649b9 | |||
| 5723405e51 | |||
| 650d531ed1 | |||
| 9077d0aa86 | |||
| 952044e590 | |||
| 1c03d854b2 | |||
| 38bc51f516 | |||
| 40cbb7d689 | |||
| 16ca5734d7 | |||
| 91335eac3a | |||
| dfaa04131d | |||
| b508b67752 | |||
| 8cc028fc00 | |||
| 55f00a482a | |||
| df821f5017 | |||
| 9b1e36f8c8 | |||
| f624ef2dc6 | |||
| 40e89c874a | |||
| 7c725fbf85 | |||
| ed587cd983 | |||
| 85d910f7ea | |||
| bcb911c6e0 | |||
| 7281edfd60 | |||
| 87406eb3ab | |||
| db1e7bc88a | |||
| 7962da376c | |||
| 6c97636698 | |||
| 72ff340927 | |||
| 369d962c40 | |||
| 5941680738 | |||
| 112c7a8f03 | |||
| 2550098aee | |||
| ef7bed62dd | |||
| 581cd72a9a | |||
50cd246597
|
|||
| a55be09951 | |||
| 5538ce9c3e | |||
| 981fe85910 | |||
| 1cedb08e46 | |||
| 37a6ff8d7a | |||
| 98f9a4f4d9 | |||
| 76b698bc30 | |||
| dcb3b410ff | |||
| ceffd9ba5d | |||
| 2d8c149b42 | |||
| 08c56a2ad9 | |||
| 2cb9b71e47 | |||
| 88ee8ae05e | |||
| 57122cd677 | |||
| ab3361f46d | |||
| 0771aae91c | |||
| 101864ce03 | |||
| 6ef2f30c0f | |||
| 26107257bc | |||
| 6b59677976 | |||
|
08fc5fe2c6 | ||
| de33fac3d3 | |||
|
d6125ba37a | ||
|
|
6551fd8f8c | ||
|
|
14d50b851e | ||
|
|
acd5e93a4b | ||
|
|
f7600b9bc8 | ||
|
|
febd2500b4 | ||
|
|
a330574682 | ||
|
|
be6cf302d0 | ||
|
|
8af9be6a40 | ||
|
|
a550017071 | ||
|
|
9fa2b2d1b7 | ||
|
|
8399631c81 | ||
|
|
e5c41fa027 | ||
|
0df2a556e8 | ||
| 4d4befc9e1 | |||
|
|
e8aa34c7e3 | ||
|
|
421c01e78a | ||
|
|
c99f35b5d9 | ||
|
36046c801e | ||
| d20b99b7b4 | |||
|
|
0b8c60c0f3 | ||
|
|
f2fff04c53 | ||
| bf4e9323f3 | |||
|
|
f28b9d69f6 | ||
|
|
8fc4c37e68 | ||
|
|
60b4398e92 | ||
|
|
08d9ac6e2f | ||
|
|
fb632799c9 | ||
|
|
f6dc0243f7 | ||
| 94459b7077 | |||
|
|
d27c4ed6f3 | ||
|
|
f2225be233 | ||
|
|
aae6b22d53 | ||
|
|
4eaa4de5ae | ||
| 064af9c04c | |||
|
|
38c4fe0246 | ||
|
|
990a58be81 | ||
| 923295aa91 | |||
|
|
479d061879 | ||
|
|
c28bb98e23 | ||
|
|
83130a482e | ||
|
|
925d5703a9 | ||
|
|
5d351b1ede | ||
|
|
5488d04c92 | ||
|
|
997707189e | ||
|
|
5c81094a82 | ||
|
|
26fa0bdfd3 | ||
|
|
ebb2036510 | ||
| b0055f587d | |||
|
|
a8d5e0553f | ||
|
|
6124c36f42 | ||
| 0e486d395d | |||
|
|
61bdd21085 | ||
|
|
21babc7bca | ||
|
|
0ac4c51b3b | ||
|
|
43cbfafb8a | ||
| c6039c3b54 | |||
|
|
bdabcce977 | ||
|
|
42c822f819 | ||
|
|
b5ac06c0cf | ||
|
|
6f10b0f3cc | ||
|
|
03bbf527fe | ||
| 25a98e6298 | |||
| c5beea3114 | |||
| 50a11700b4 | |||
| 65742d663d |
29
.drone.yml
29
.drone.yml
@ -3,7 +3,7 @@ kind: pipeline
|
||||
name: deploy to swarm-test.autonomic.zone
|
||||
steps:
|
||||
- name: deployment
|
||||
image: decentral1se/stack-ssh-deploy:latest
|
||||
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||
settings:
|
||||
host: swarm-test.autonomic.zone
|
||||
stack: wordpress
|
||||
@ -11,12 +11,33 @@ steps:
|
||||
purge: true
|
||||
deploy_key:
|
||||
from_secret: drone_ssh_swarm_test
|
||||
networks:
|
||||
- proxy
|
||||
environment:
|
||||
DOMAIN: wordpress.swarm-test.autonomic.zone
|
||||
STACK_NAME: wordpress
|
||||
LETS_ENCRYPT_ENV: production
|
||||
DB_PASSWORD_VERSION: v1
|
||||
DB_ROOT_PASSWORD_VERSION: v1
|
||||
SECRET_DB_PASSWORD_VERSION: v1
|
||||
SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
||||
PHP_UPLOADS_CONF_VERSION: v1
|
||||
ENTRYPOINT_CONF_VERSION: v1
|
||||
HTACCESS_CONF_VERSION: v1
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
- main
|
||||
---
|
||||
kind: pipeline
|
||||
name: generate recipe catalogue
|
||||
steps:
|
||||
- name: release a new version
|
||||
image: plugins/downstream
|
||||
settings:
|
||||
server: https://build.coopcloud.tech
|
||||
token:
|
||||
from_secret: drone_abra-bot_token
|
||||
fork: true
|
||||
repositories:
|
||||
- toolshed/auto-recipes-catalogue-json
|
||||
|
||||
trigger:
|
||||
event: tag
|
||||
|
||||
90
.env.sample
Normal file
90
.env.sample
Normal file
@ -0,0 +1,90 @@
|
||||
TYPE=wordpress
|
||||
TIMEOUT=300
|
||||
ENABLE_AUTO_UPDATE=true
|
||||
COMPOSE_FILE="compose.yml"
|
||||
ENABLE_BACKUPS=true
|
||||
|
||||
DOMAIN=wordpress.example.com
|
||||
## Domain aliases
|
||||
#EXTRA_DOMAINS=', `www.wordpress.example.com`'
|
||||
# Redirects
|
||||
# All redirect domains have to be added to EXTRA_DOMAINS as well)
|
||||
# multiple redirects can be added by seperating them with a | character
|
||||
#REDIRECTS=www.wordpress.example.com
|
||||
LETS_ENCRYPT_ENV=production
|
||||
|
||||
# Setup Wordpress settings on each deploy:
|
||||
#POST_DEPLOY_CMDS="app core_install"
|
||||
|
||||
# Optional settings, otherwise can be set in the installer
|
||||
# (Required for `app core_install`
|
||||
#TITLE="My Example Blog"
|
||||
#LOCALE="en_US" # de_DE
|
||||
#ADMIN_EMAIL=admin@example.com
|
||||
|
||||
# Every new user is per default subscriber, uncomment to change it
|
||||
#DEFAULT_USER_ROLE=administrator
|
||||
|
||||
# PHP composer for plugin installation
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.composer.yml"
|
||||
|
||||
#WORDPRESS_DEBUG=true
|
||||
|
||||
## Additional extensions
|
||||
#PHP_EXTENSIONS="calendar"
|
||||
|
||||
SECRET_DB_ROOT_PASSWORD_VERSION=v1
|
||||
SECRET_DB_PASSWORD_VERSION=v1
|
||||
|
||||
# Mostly for compatibility with existing database dumps...
|
||||
#WORDPRESS_TABLE_PREFIX=wp_
|
||||
|
||||
# Multisite (see README)
|
||||
#MULTISITE=enable # either 'enable', 'subdomain' or 'subfolder'
|
||||
|
||||
# File upload settings
|
||||
#UPLOAD_MAX_SIZE=256M
|
||||
#UPLOAD_MAX_TIME=30
|
||||
|
||||
# Local SMTP relay
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml"
|
||||
#SMTP_HOST="postfix_relay_app"
|
||||
#MAIL_FROM="wordpress@example.com"
|
||||
|
||||
# Remote SMTP relay
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mailrelay.yml:compose.smtp.yml"
|
||||
#SMTP_HOST="mail.example.com"
|
||||
#MAIL_FROM="wordpress@example.com"
|
||||
#SMTP_USER="wordpress@example.com" # optional, defaults to MAIL_FROM
|
||||
#SMTP_OVERRIDE_FROM=on # force "From" to MAIL_FROM, usually necessary
|
||||
#SMTP_PORT=587
|
||||
#SMTP_AUTH=on
|
||||
#SMTP_TLS=on
|
||||
#SECRET_SMTP_PASSWORD_VERSION=v1
|
||||
|
||||
# Authentik SSO
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
|
||||
#AUTHENTIK_DOMAIN=authentik.example.com
|
||||
#SECRET_AUTHENTIK_SECRET_VERSION=v1
|
||||
#SECRET_AUTHENTIK_ID_VERSION=v1
|
||||
#LOGIN_TYPE='auto'
|
||||
|
||||
# Allow remote connections to db
|
||||
# 🚩🚩 dangerous, use only for development sites!
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.public-db.yml
|
||||
|
||||
# Wide-open CORS
|
||||
# 🚩🚩 dangerous, use only for development sites!
|
||||
#CORS_ALLOW_ALL=1
|
||||
|
||||
|
||||
# FTP
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp.yml"
|
||||
#SECRET_FTP_PASS_VERSION=v1
|
||||
# You can use a Port between 2220-2225
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2220.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2221.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2222.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2223.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2224.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2225.yml"
|
||||
@ -1,36 +0,0 @@
|
||||
export DOMAIN=wordpress.example.com
|
||||
|
||||
export STACK_NAME=wordpress
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
export DB_ROOT_PASSWORD_VERSION=v1
|
||||
export DB_PASSWORD_VERSION=v1
|
||||
|
||||
# Multisite
|
||||
#export WORDPRESS_CONFIG_EXTRA="\
|
||||
# define('WP_CACHE', false);\
|
||||
# define('WP_ALLOW_MULTISITE', true );"
|
||||
|
||||
# Multisite phase 2 (see README)
|
||||
#export WORDPRESS_CONFIG_EXTRA="\
|
||||
# define('WP_CACHE', false);\
|
||||
# define('WP_ALLOW_MULTISITE', true );\
|
||||
# define('MULTISITE', true);\
|
||||
# define('SUBDOMAIN_INSTALL', true);\
|
||||
# define('DOMAIN_CURRENT_SITE', '${DOMAIN}');\
|
||||
# define('PATH_CURRENT_SITE', '/');\
|
||||
# define('SITE_ID_CURRENT_SITE', 1);\
|
||||
# define('BLOG_ID_CURRENT_SITE', 1);\
|
||||
# define('FORCE_SSL_ADMIN', true );\
|
||||
# define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
|
||||
# Backups
|
||||
#export COMPOSE_FILE="compose.yml:compose.backup.yml"
|
||||
|
||||
# SMTP
|
||||
#export COMPOSE_FILE="compose.yml:compose.mailrelay.yml"
|
||||
#export SMTP_HOST="postfix_relay_app"
|
||||
#export MAIL_FROM="wordpress@example.com"
|
||||
#
|
||||
#export MSMTP_CONF_VERSION=v1
|
||||
#export ENTRYPOINT_MAILRELAY_CONF_VERSION=v1
|
||||
105
README.md
105
README.md
@ -1,60 +1,79 @@
|
||||
# wordpress
|
||||
# Wordpress
|
||||
|
||||
[](https://drone.autonomic.zone/compose-stacks/wordpress)
|
||||
[](https://build.coopcloud.tech/coop-cloud/wordpress)
|
||||
|
||||
Coöp Cloud + [Wordpress](https://wordpress.org) = 🥳
|
||||
|
||||
1. Set up Docker Swarm and [`abra`][abra]
|
||||
2. Deploy [`compose-stacks/traefik`][compose-traefik]
|
||||
3. `cp .envrc.sample .envrc`
|
||||
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
5. `direnv allow` (or `. .envrc`)
|
||||
6. Generate secrets:
|
||||
```
|
||||
abra secret_generate db_password v1
|
||||
abra secret_generate db_root_password v1
|
||||
```
|
||||
<!-- metadata -->
|
||||
|
||||
7. `abra deploy`
|
||||
8. Open the configured domain in your browser to finish set-up
|
||||
9. `abra run wordpress chown www-data:www-data /var/www/html/wp-content` to fix
|
||||
file permissions (see #3)
|
||||
* **Category**: Apps
|
||||
* **Status**: 4
|
||||
* **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream
|
||||
* **Healthcheck**: Yes
|
||||
* **Backups**: Yes
|
||||
* **Email**: 3
|
||||
* **Tests**: 2
|
||||
* **SSO**: No
|
||||
|
||||
<!-- endmetadata -->
|
||||
|
||||
|
||||
## Quick start
|
||||
|
||||
|
||||
* `abra app new wordpress`
|
||||
* `abra app config <app-name>`
|
||||
* `abra app secret generate -a <app-name>`
|
||||
* `abra app deploy <app-name>`
|
||||
* `abra app cmd <app-name> app core_install`
|
||||
|
||||
### Authentik Integration
|
||||
|
||||
|
||||
`abra app config <app-name>`
|
||||
Configure the following envs:
|
||||
```
|
||||
COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
|
||||
AUTHENTIK_DOMAIN=authentik.example.com
|
||||
AUTHENTIK_SECRET_NAME=authentik_example_com_wordpress_secret_v1 # the same as in authentik
|
||||
AUTHENTIK_ID_NAME=authentik_example_com_wordpress_id_v1 # the same as in authentik
|
||||
```
|
||||
|
||||
`abra app cmd <app-name> app set_authentik`
|
||||
|
||||
## Running WP-CLI
|
||||
|
||||
`abra app cmd <app-name> app wp -- core check-update --major`
|
||||
|
||||
## Network (Multi-site)
|
||||
|
||||
_(Only tested using subdomains)_
|
||||
|
||||
1. Set up as above
|
||||
2. Uncomment the first `# Multisite` section in `.envrc`
|
||||
3. `direnv allow` (or re-run `source .envrc`)
|
||||
4. `abra deploy`
|
||||
5. Log into the Wordpress admin dashboard, go to Tools » Network Setup
|
||||
6. Don't worry about the suggested file changes
|
||||
7. Comment out the first `# Multisite` section in `.envrc` and uncomment the
|
||||
`# Multisite phase 2` section
|
||||
8. `direnv allow` (or re-run `source .envrc`)
|
||||
9. `abra deploy`
|
||||
10. FIXME setting up SSL / routing
|
||||
2. `abra app config <app-name>`, and uncomment `#MULTISITE=enable`
|
||||
3. `abra app deploy <app-name>`
|
||||
4. Log into the Wordpress admin dashboard, go to Tools » Network Setup
|
||||
5. Don't worry about the suggested file changes
|
||||
6. `abra app config <app-name>` again and set `MULTISITE` to either `subdomain` or `subfolder` depending on your setup.
|
||||
7. `abra app deploy <app-name>`
|
||||
|
||||
## Installing a custom theme
|
||||
|
||||
`abra cp ~/path/to/local/theme wordpress:/var/www/html/wp-content/themes/`
|
||||
|
||||
## Backups
|
||||
|
||||
1. Edit `.envrc` and uncomment the `export COMPOSE_FILE="compose.yml:compose.backup.yml"` line
|
||||
2. `direnv allow`
|
||||
3. `abra deploy`
|
||||
`abra app cp <app-name> ~/path/to/local/theme wordpress:/var/www/html/wp-content/themes/`
|
||||
|
||||
## Email
|
||||
|
||||
1. Deploy `postfix-relay`
|
||||
2. Edit `.envrc` and uncomment the email lines; change `MAIL_FROM` to make sure
|
||||
the domain is the same as `postfix-relay`'s `$DOMAIN` or in its
|
||||
`$EXTRA_SENDER_DOMAINS`
|
||||
3. `direnv allow` (or `source .envrc`)
|
||||
7. `abra deploy`
|
||||
There is a local or remote SMTP relay configuration available.
|
||||
|
||||
* **local**: `COMPOSE_FILE=compose.yml:compose.mailrelay.yml`
|
||||
* **remote**: `COMPOSE_FILE=compose.yml:compose.mailrelay.yml:compose.smtp.yml`
|
||||
|
||||
Below are the instructions for the local relay.
|
||||
|
||||
1. Deploy [`postfix-relay`][cc-postfix-relay]
|
||||
2. `abra app config <app-name>`, and uncomment the email lines; change
|
||||
`MAIL_FROM` to make sure the domain is the same as `postfix-relay`'s
|
||||
`$DOMAIN` or in its `$EXTRA_SENDER_DOMAINS`
|
||||
3. `abra app deploy <app-name>`
|
||||
|
||||
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||
[compose-traefik]: https://git.autonomic.zone/compose-stacks/traefik
|
||||
[cc-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
||||
[cc-postfix-relay]: https://git.autonomic.zone/coop-cloud/traefik
|
||||
|
||||
96
abra.sh
Normal file
96
abra.sh
Normal file
@ -0,0 +1,96 @@
|
||||
export PHP_UPLOADS_CONF_VERSION=v4
|
||||
export ENTRYPOINT_CONF_VERSION=v7
|
||||
export ENTRYPOINT_MAILRELAY_CONF_VERSION=v2
|
||||
export MSMTP_CONF_VERSION=v4
|
||||
export HTACCESS_CONF_VERSION=v2
|
||||
export USERS_CONF_VERSION=v1
|
||||
|
||||
wp() {
|
||||
su -p www-data -s /bin/bash -c "/usr/local/bin/wp $@"
|
||||
}
|
||||
|
||||
update() {
|
||||
wp "core update-db"
|
||||
wp "plugin update --all"
|
||||
wp "plugin auto-updates enable --all"
|
||||
wp "theme update --all"
|
||||
wp "theme auto-updates enable --all"
|
||||
wp "language core update"
|
||||
wp "language plugin update --all"
|
||||
wp "language theme update --all"
|
||||
}
|
||||
|
||||
core_install(){
|
||||
ADMIN=admin
|
||||
if [ -n "$AUTHENTIK_DOMAIN" ]
|
||||
then
|
||||
ADMIN=akadmin
|
||||
fi
|
||||
chown www-data:www-data -R /var/www/html/wp-content
|
||||
wp "core install --url=$DOMAIN --title=\"$TITLE\" --admin_user=$ADMIN --admin_email=$ADMIN_EMAIL --locale=$LOCALE --skip-email"
|
||||
wp "language core install $LOCALE"
|
||||
wp "site switch-language $LOCALE"
|
||||
wp "rewrite structure '/%year%/%monthnum%/%day%/%postname%/'"
|
||||
wp "plugin install --activate disable-update-notifications"
|
||||
wp "option update disable_notification_setting --format=json '{\"dpun_setting\":false,\"dwtu_setting\":false,\"dwcun_setting\":true}'"
|
||||
if [ -n "$DEFAULT_USER_ROLE" ]
|
||||
then
|
||||
wp "option set default_role $DEFAULT_USER_ROLE"
|
||||
else
|
||||
wp "option set default_role subscriber"
|
||||
fi
|
||||
wp "theme auto-updates enable --all"
|
||||
wp 'plugin auto-updates enable --all' || exit 0
|
||||
}
|
||||
|
||||
set_authentik(){
|
||||
AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
|
||||
AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
|
||||
if [ -z $LOGIN_TYPE ]
|
||||
then
|
||||
LOGIN_TYPE='button'
|
||||
fi
|
||||
wp "user create akadmin admin@example.com --role=administrator"
|
||||
wp "plugin install --activate daggerhart-openid-connect-generic"
|
||||
wp 'plugin auto-updates enable daggerhart-openid-connect-generic'
|
||||
wp "option update --format=json openid_connect_generic_settings '
|
||||
{
|
||||
\"login_type\":\"$LOGIN_TYPE\",
|
||||
\"client_id\":\"$AUTHENTIK_ID\",
|
||||
\"client_secret\":\"$AUTHENTIK_SECRET\",
|
||||
\"scope\":\"email profile openid\",
|
||||
\"endpoint_login\":\"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
|
||||
\"endpoint_userinfo\":\"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
|
||||
\"endpoint_token\":\"https://$AUTHENTIK_DOMAIN/application/o/token/\",
|
||||
\"endpoint_end_session\":\"https://$AUTHENTIK_DOMAIN/application/o/wordpress/end-session/\",
|
||||
\"acr_values\":\"\",
|
||||
\"identity_key\":\"preferred_username\",
|
||||
\"no_sslverify\":\"0\",
|
||||
\"http_request_timeout\":\"30\",
|
||||
\"enforce_privacy\":\"0\",
|
||||
\"alternate_redirect_uri\":\"1\",
|
||||
\"nickname_key\":\"preferred_username\",
|
||||
\"email_format\":\"{email}\",
|
||||
\"displayname_format\":\"\",
|
||||
\"identify_with_username\":\"1\",
|
||||
\"state_time_limit\":\"\",
|
||||
\"token_refresh_enable\":\"1\",
|
||||
\"link_existing_users\":\"1\",
|
||||
\"create_if_does_not_exist\":\"1\",
|
||||
\"redirect_user_back\":\"0\",
|
||||
\"redirect_on_logout\":\"1\",
|
||||
\"enable_logging\":\"0\",
|
||||
\"log_limit\":\"1000\"
|
||||
}'"
|
||||
wp "rewrite flush"
|
||||
wp "cache flush"
|
||||
|
||||
}
|
||||
|
||||
fix_mysql() {
|
||||
echo "ALTER TABLE mysql.column_stats MODIFY histogram longblob; ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');" | mysql -u root -p$(cat /run/secrets/db_root_password)
|
||||
}
|
||||
|
||||
show_plugins() {
|
||||
wp "plugin list --fields=name,status,wporg_status,version,update_version,auto_update,tested_up_to,wporg_last_updated"
|
||||
}
|
||||
12
alaconnect.yml
Normal file
12
alaconnect.yml
Normal file
@ -0,0 +1,12 @@
|
||||
authentik:
|
||||
uncomment:
|
||||
- compose.authentik.yml
|
||||
- AUTHENTIK_DOMAIN
|
||||
- SECRET_AUTHENTIK_SECRET_VERSION
|
||||
- SECRET_AUTHENTIK_ID_VERSION
|
||||
- LOGIN_TYPE
|
||||
inital-hooks:
|
||||
- app set_authentik
|
||||
shared_secrets:
|
||||
wordpress_secret: authentik_secret
|
||||
wordpress_id: authentik_id
|
||||
@ -1,3 +0,0 @@
|
||||
# Notes
|
||||
|
||||
- The only thing different between [fr_singlesite_wordpress.yml](./fr_singlesite_wordpress.yml) and [fr_microsites_wordpress.yml](./fr_microsites_wordpress.yml) is the `BORGBASE_REPO` environment variable and the `backup_bot_singlesite_passwd_v1`/`backup_bot_multisite_passwd_v1` secret. These are the two details which are needed for Borgmatic to know how to differentiate between each repository on the Borgbase side (where our backups are stored). Sooo, there could most definitely be a reduction in boilerplate here but I was just moving super fast and wanted to get the backup work done.
|
||||
@ -1,36 +0,0 @@
|
||||
location:
|
||||
source_directories:
|
||||
- /var/www/html/wp-content
|
||||
repositories:
|
||||
- {{ env "BORGBASE_REPO" }}
|
||||
|
||||
storage:
|
||||
compression: auto,zstd
|
||||
encryption_passphrase: {{ secret "backup_bot_password" }}
|
||||
archive_name_format: "{hostname}-{now}"
|
||||
ssh_command: "ssh -o 'StrictHostKeyChecking no' -i /run/secrets/backup_bot_ssh_key"
|
||||
|
||||
retention:
|
||||
keep_daily: 3
|
||||
keep_weekly: 4
|
||||
keep_monthly: 12
|
||||
keep_yearly: 2
|
||||
prefix: "{hostname}-"
|
||||
|
||||
consistency:
|
||||
checks:
|
||||
- disabled
|
||||
check_last: 3
|
||||
prefix: "{hostname}-"
|
||||
|
||||
hooks:
|
||||
before_backup:
|
||||
- echo "`date` - Starting backup"
|
||||
after_backup:
|
||||
- echo "`date` - Finished backup"
|
||||
mysql_databases:
|
||||
- name: {{ env "DB_TABLE" }}
|
||||
hostname: {{ env "DB_HOST" }}
|
||||
port: 3306
|
||||
username: {{ env "DB_USER" }}
|
||||
password: {{ secret "db_password" }}
|
||||
@ -1,47 +0,0 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
backupbot:
|
||||
image: "decentral1se/backup-bot:latest"
|
||||
networks:
|
||||
- backend
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
secrets:
|
||||
- source: backup_bot_ssh_key
|
||||
mode: 0400
|
||||
- backup_bot_password
|
||||
- db_password
|
||||
configs:
|
||||
- source: borgmatic_config_yml
|
||||
target: /etc/borgmatic/config.yaml
|
||||
environment:
|
||||
- BORGBASE_REPO="bp5oj726@bp5oj726.repo.borgbase.com:repo"
|
||||
- DB_HOST=mariadb
|
||||
- DB_TABLE=wordpress
|
||||
- DB_USER=wordpress
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 0
|
||||
labels:
|
||||
- "swarm.cronjob.enable=true"
|
||||
- "swarm.cronjob.schedule=0 2 * * *" # At 02:00
|
||||
restart_policy:
|
||||
condition: none
|
||||
networks:
|
||||
- backend
|
||||
|
||||
configs:
|
||||
borgmatic_config_yml:
|
||||
name: borgmatic_config_yml_v1
|
||||
file: backup.d/borgmatic.yml
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
backup_bot_ssh_key:
|
||||
name: backup_bot_ssh_key_v1
|
||||
external: true
|
||||
backup_bot_password:
|
||||
name: backup_bot_multisite_passwd_v1
|
||||
external: true
|
||||
@ -1,47 +0,0 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
backupbot:
|
||||
image: "decentral1se/backup-bot:latest"
|
||||
networks:
|
||||
- backend
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
secrets:
|
||||
- source: backup_bot_ssh_key
|
||||
mode: 0400
|
||||
- backup_bot_password
|
||||
- db_password
|
||||
configs:
|
||||
- source: borgmatic_config_yml
|
||||
target: /etc/borgmatic/config.yaml
|
||||
environment:
|
||||
- BORGBASE_REPO="l32s99em@l32s99em.repo.borgbase.com:repo"
|
||||
- DB_HOST=mariadb
|
||||
- DB_TABLE=wordpress
|
||||
- DB_USER=wordpress
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 0
|
||||
labels:
|
||||
- "swarm.cronjob.enable=true"
|
||||
- "swarm.cronjob.schedule=0 2 * * *" # At 02:00
|
||||
restart_policy:
|
||||
condition: none
|
||||
networks:
|
||||
- backend
|
||||
|
||||
configs:
|
||||
borgmatic_config_yml:
|
||||
name: borgmatic_config_yml_v1
|
||||
file: backup.d/borgmatic.yml
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
backup_bot_ssh_key:
|
||||
name: backup_bot_ssh_key_v1
|
||||
external: true
|
||||
backup_bot_password:
|
||||
name: backup_bot_singlesite_passwd_v1
|
||||
external: true
|
||||
@ -1,65 +0,0 @@
|
||||
# #############################################################################
|
||||
# NOTE(decentral1se): this is a test compose.yml to test abra based deployments
|
||||
# #############################################################################
|
||||
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
image: "wordpress:5.5.1"
|
||||
networks:
|
||||
- backend
|
||||
- proxy
|
||||
environment:
|
||||
- WORDPRESS_DB_HOST=mariadb
|
||||
- WORDPRESS_DB_USER=wordpress
|
||||
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/db_password
|
||||
- WORDPRESS_DB_NAME=wordpress
|
||||
secrets:
|
||||
- db_password
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.routers.${NAME}.tls=true"
|
||||
- "traefik.http.services.${NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.${NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${NAME}.tls.certresolver=production"
|
||||
- "traefik.http.routers.${NAME}.entrypoints=web-secure"
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
volumes:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
networks:
|
||||
- backend
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
|
||||
- MYSQL_DATABASE=wordpress
|
||||
- MYSQL_USER=wordpress
|
||||
- MYSQL_PASSWORD_FILE=/run/secrets/db_password
|
||||
secrets:
|
||||
- db_password
|
||||
- db_root_password
|
||||
|
||||
networks:
|
||||
backend:
|
||||
driver: overlay
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
mariadb:
|
||||
wordpress_content:
|
||||
|
||||
secrets:
|
||||
db_root_password:
|
||||
external: true
|
||||
name: ${DB_ROOT_PASSWD}
|
||||
db_password:
|
||||
external: true
|
||||
name: ${DB_PASSWD}
|
||||
14
compose.authentik.yml
Normal file
14
compose.authentik.yml
Normal file
@ -0,0 +1,14 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
secrets:
|
||||
- authentik_secret
|
||||
- authentik_id
|
||||
|
||||
secrets:
|
||||
authentik_secret:
|
||||
external: true
|
||||
name: ${STACK_NAME}_authentik_secret_${SECRET_AUTHENTIK_SECRET_VERSION}
|
||||
authentik_id:
|
||||
external: true
|
||||
name: ${STACK_NAME}_authentik_id_${SECRET_AUTHENTIK_ID_VERSION}
|
||||
14
compose.composer.yml
Normal file
14
compose.composer.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
volumes:
|
||||
- "composer:/var/www/html/composer"
|
||||
environment:
|
||||
- ENABLE_COMPOSER=1
|
||||
- COMPOSER=composer/composer.json
|
||||
- COMPOSER_VENDOR_DIR=composer/vendor
|
||||
|
||||
volumes:
|
||||
composer:
|
||||
7
compose.ftp-2220.yml
Normal file
7
compose.ftp-2220.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2220:22
|
||||
7
compose.ftp-2221.yml
Normal file
7
compose.ftp-2221.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2221:22
|
||||
7
compose.ftp-2222.yml
Normal file
7
compose.ftp-2222.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2222:22
|
||||
7
compose.ftp-2223.yml
Normal file
7
compose.ftp-2223.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2223:22
|
||||
7
compose.ftp-2224.yml
Normal file
7
compose.ftp-2224.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2224:22
|
||||
7
compose.ftp-2225.yml
Normal file
7
compose.ftp-2225.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
ports:
|
||||
- 2220:22
|
||||
24
compose.ftp.yml
Normal file
24
compose.ftp.yml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
ftp:
|
||||
image: atmoz/sftp
|
||||
secrets:
|
||||
- ftp_pass
|
||||
volumes:
|
||||
- "wordpress_content:/home/ftp_user/wp-content"
|
||||
configs:
|
||||
- source: users_conf
|
||||
target: /etc/sftp/users.conf
|
||||
|
||||
secrets:
|
||||
ftp_pass:
|
||||
name: ${STACK_NAME}_ftp_pass_${SECRET_FTP_PASS_VERSION}
|
||||
external: true
|
||||
|
||||
configs:
|
||||
users_conf:
|
||||
name: ${STACK_NAME}_users_conf_${USERS_CONF_VERSION}
|
||||
file: users.conf.tmpl
|
||||
template_driver: golang
|
||||
@ -2,30 +2,25 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
entrypoint: /docker-entrypoint.sh
|
||||
app:
|
||||
entrypoint: /docker-entrypoint.mailrelay.sh
|
||||
environment:
|
||||
- SMTP_HOST=${SMTP_HOST}
|
||||
- SMTP_PORT=${SMTP_PORT:-25}
|
||||
- MAIL_FROM=${MAIL_FROM}
|
||||
networks:
|
||||
- mail
|
||||
configs:
|
||||
- source: mstmp_conf
|
||||
target: /etc/msmtprc
|
||||
- source: entrypoint_conf
|
||||
target: /docker-entrypoint.sh
|
||||
- source: entrypoint_mailrelay_conf
|
||||
target: /docker-entrypoint.mailrelay.sh
|
||||
mode: 0555
|
||||
|
||||
networks:
|
||||
mail:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
mstmp_conf:
|
||||
name: ${STACK_NAME}_mstmp_conf_${MSMTP_CONF_VERSION}
|
||||
file: msmtp.conf.tmpl
|
||||
template_driver: golang
|
||||
entrypoint_conf:
|
||||
entrypoint_mailrelay_conf:
|
||||
name: ${STACK_NAME}_entrypoint_mailrelay_${ENTRYPOINT_MAILRELAY_CONF_VERSION}
|
||||
file: entrypoint.mailrelay.sh.tmpl
|
||||
template_driver: golang
|
||||
|
||||
9
compose.public-db.yml
Normal file
9
compose.public-db.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
db:
|
||||
ports:
|
||||
- target: 3306
|
||||
published: 3306
|
||||
mode: host
|
||||
19
compose.smtp.yml
Normal file
19
compose.smtp.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
secrets:
|
||||
- smtp_password
|
||||
environment:
|
||||
- SMTP_HOST
|
||||
- SMTP_PORT=${SMTP_PORT:-25}
|
||||
- SMTP_AUTH
|
||||
- SMTP_TLS
|
||||
- MAIL_FROM
|
||||
- SMTP_OVERRIDE_FROM
|
||||
|
||||
secrets:
|
||||
smtp_password:
|
||||
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
||||
external: true
|
||||
78
compose.yml
78
compose.yml
@ -2,21 +2,46 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
wordpress:
|
||||
image: "wordpress:5.5.1"
|
||||
app:
|
||||
image: "wordpress:6.8.1"
|
||||
volumes:
|
||||
- "wordpress_content:/var/www/html/wp-content/"
|
||||
networks:
|
||||
- backend
|
||||
- proxy
|
||||
environment:
|
||||
- WORDPRESS_DB_HOST=mariadb
|
||||
- WORDPRESS_DB_USER=wordpress
|
||||
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/db_password
|
||||
- WORDPRESS_DB_NAME=wordpress
|
||||
- WORDPRESS_CONFIG_EXTRA=${WORDPRESS_CONFIG_EXTRA}
|
||||
WORDPRESS_CONFIG_EXTRA: |
|
||||
define( 'AUTOMATIC_UPDATER_DISABLED', false );
|
||||
define( 'WP_AUTO_UPDATE_CORE', false );
|
||||
${WORDPRESS_CONFIG_EXTRA}
|
||||
PAGER: more
|
||||
WORDPRESS_DB_HOST: db
|
||||
WORDPRESS_DB_USER: wordpress
|
||||
WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_password
|
||||
WORDPRESS_DB_NAME: wordpress
|
||||
WORDPRESS_TABLE_PREFIX: ${WORDPRESS_TABLE_PREFIX:-wp_}
|
||||
PHP_EXTENSIONS: ${PHP_EXTENSIONS}
|
||||
CORS_ALLOW_ALL:
|
||||
COMPOSER:
|
||||
secrets:
|
||||
- db_password
|
||||
configs:
|
||||
- source: php_uploads_conf
|
||||
target: /usr/local/etc/php/conf.d/uploads.ini
|
||||
- source: entrypoint_conf
|
||||
target: /docker-entrypoint.sh
|
||||
mode: 0555
|
||||
- source: htaccess_conf
|
||||
target: /var/www/html/.htaccess
|
||||
entrypoint: /docker-entrypoint.sh
|
||||
depends_on:
|
||||
- db
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 1m
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
@ -26,15 +51,21 @@ services:
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`ch.${DOMAIN}`, `${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||
# 3wc: this rule works for routing, but not for generating certificates
|
||||
# see https://git.autonomic.zone/compose-stacks/planning/issues/14
|
||||
# see https://git.autonomic.zone/coop-cloud/planning/issues/14
|
||||
#- "traefik.http.routers.${STACK_NAME}.rule=HostRegexp(`{subdomain:.+}.${DOMAIN}`, `${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.regex=^https://(${REDIRECTS})/(.*)"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.16.0+6.8.1"
|
||||
|
||||
mariadb:
|
||||
image: "mariadb:10.5"
|
||||
db:
|
||||
image: "mariadb:11.7"
|
||||
volumes:
|
||||
- "mariadb:/var/lib/mysql"
|
||||
networks:
|
||||
@ -47,10 +78,15 @@ services:
|
||||
secrets:
|
||||
- db_password
|
||||
- db_root_password
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "${ENABLE_BACKUPS:-true}"
|
||||
backupbot.backup.pre-hook: "mariadb-dump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress | gzip > /var/lib/mysql/dump.sql.gz"
|
||||
backupbot.backup.volumes.mariadb.path: "dump.sql.gz"
|
||||
backupbot.restore.post-hook: "gzip -d /var/lib/mysql/dump.sql.gz && mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" wordpress < /var/lib/mysql/dump.sql && rm -f /var/lib/mysql/dump.sql"
|
||||
|
||||
networks:
|
||||
backend:
|
||||
driver: overlay
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
@ -61,7 +97,21 @@ volumes:
|
||||
secrets:
|
||||
db_root_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}
|
||||
name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
|
||||
db_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
|
||||
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
||||
|
||||
configs:
|
||||
entrypoint_conf:
|
||||
name: ${STACK_NAME}_entrypoint_conf_${ENTRYPOINT_CONF_VERSION}
|
||||
file: entrypoint.sh.tmpl
|
||||
template_driver: golang
|
||||
php_uploads_conf:
|
||||
name: ${STACK_NAME}_php_uploads_conf_${PHP_UPLOADS_CONF_VERSION}
|
||||
file: uploads.ini.tmpl
|
||||
template_driver: golang
|
||||
htaccess_conf:
|
||||
name: ${STACK_NAME}_htaccess_conf_${HTACCESS_CONF_VERSION}
|
||||
file: htaccess.tmpl
|
||||
template_driver: golang
|
||||
|
||||
@ -4,6 +4,4 @@ apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y msmtp && rm
|
||||
|
||||
echo "sendmail_path = /usr/bin/msmtp -t -i" > /usr/local/etc/php/conf.d/sendmail.ini
|
||||
|
||||
# Upstream ENTRYPOINT
|
||||
# https://github.com/docker-library/wordpress/blob/master/php7.4/apache/Dockerfile#L120
|
||||
/usr/local/bin/docker-entrypoint.sh apache2-foreground "$@"
|
||||
/docker-entrypoint.sh
|
||||
|
||||
51
entrypoint.sh.tmpl
Normal file
51
entrypoint.sh.tmpl
Normal file
@ -0,0 +1,51 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{ if (env "PHP_EXTENSIONS") }}
|
||||
docker-php-ext-install {{ env "PHP_EXTENSIONS" }}
|
||||
{{ end }}
|
||||
|
||||
curl -z /usr/local/bin/wp -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
||||
chmod +x /usr/local/bin/wp
|
||||
|
||||
{{ if eq (env "ENABLE_COMPOSER") "1" }}
|
||||
mkdir -p /var/www/.composer
|
||||
chown www-data:www-data /var/www/.composer /var/www/html/composer
|
||||
|
||||
curl https://getcomposer.org/installer -o /tmp/composer-setup.php
|
||||
php -r "if (hash_file('sha384', '/tmp/composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
php /tmp/composer-setup.php
|
||||
rm /tmp/composer-setup.php
|
||||
|
||||
mv /var/www/html/composer.phar /usr/local/bin/composer
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "CORS_ALLOW_ALL") "1" }}
|
||||
a2enmod headers
|
||||
sed -ri -e 's/^([ \t]*)(<\/VirtualHost>)/\1\tHeader set Access-Control-Allow-Origin "*"\n\1\2/g' /etc/apache2/sites-available/*.conf
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "MULTISITE") "enable" }}
|
||||
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||
define('WP_CACHE', false);
|
||||
define('WP_ALLOW_MULTISITE', true );"
|
||||
{{ end }}
|
||||
|
||||
{{ if or (eq (env "MULTISITE") "subdomain") (eq (env "MULTISITE") "subfolder") }}
|
||||
export WORDPRESS_CONFIG_EXTRA="$WORDPRESS_CONFIG_EXTRA
|
||||
define('MULTISITE', true);
|
||||
define('SUBDOMAIN_INSTALL', true);
|
||||
define('DOMAIN_CURRENT_SITE', '${DOMAIN}');
|
||||
define('PATH_CURRENT_SITE', '/');
|
||||
define('SITE_ID_CURRENT_SITE', 1);
|
||||
define('BLOG_ID_CURRENT_SITE', 1);
|
||||
define('FORCE_SSL_ADMIN', true );
|
||||
define('COOKIE_DOMAIN', \$_SERVER['HTTP_HOST']);"
|
||||
{{ end }}
|
||||
|
||||
if [ -n "$@" ]; then
|
||||
"$@"
|
||||
fi
|
||||
|
||||
# Upstream ENTRYPOINT
|
||||
# https://github.com/docker-library/wordpress/blob/master/php7.4/apache/Dockerfile#L120
|
||||
/usr/local/bin/docker-entrypoint.sh apache2-foreground
|
||||
57
htaccess.tmpl
Normal file
57
htaccess.tmpl
Normal file
@ -0,0 +1,57 @@
|
||||
{{ if eq (env "MULTISITE") "" -}}
|
||||
# BEGIN WordPress
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule . /index.php [L]
|
||||
|
||||
# END WordPress
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq (env "MULTISITE") "subfolder" -}}
|
||||
# BEGIN WordPress Multisite
|
||||
# Using subfolder network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
|
||||
# add a trailing slash to /wp-admin
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
|
||||
|
||||
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||
RewriteCond %{REQUEST_FILENAME} -d
|
||||
RewriteRule ^ - [L]
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
|
||||
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
|
||||
RewriteRule . index.php [L]
|
||||
|
||||
# END WordPress Multisite
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq (env "MULTISITE") "subdomain" -}}
|
||||
# BEGIN WordPress Multisite
|
||||
# Using subdomain network type: https://wordpress.org/documentation/article/htaccess/#multisite
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
|
||||
# add a trailing slash to /wp-admin
|
||||
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
|
||||
|
||||
RewriteCond %{REQUEST_FILENAME} -f [OR]
|
||||
RewriteCond %{REQUEST_FILENAME} -d
|
||||
RewriteRule ^ - [L]
|
||||
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
|
||||
RewriteRule ^(.*\.php)$ $1 [L]
|
||||
RewriteRule . index.php [L]
|
||||
|
||||
# END WordPress Multisite
|
||||
{{- end }}
|
||||
@ -1,3 +1,19 @@
|
||||
account default
|
||||
host {{ env "SMTP_HOST" }}
|
||||
from {{ env "MAIL_FROM" }}
|
||||
user {{ or (env "SMTP_USER") (env "MAIL_FROM") }}
|
||||
port {{ env "SMTP_PORT" }}
|
||||
|
||||
{{ if eq (env "SMTP_OVERRIDE_FROM") "on" }}
|
||||
set_from_header on
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "SMTP_AUTH") "on" }}
|
||||
auth {{ env "SMTP_AUTH" }}
|
||||
passwordeval "cat /run/secrets/smtp_password"
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "SMTP_TLS") "on" }}
|
||||
tls {{ env "SMTP_TLS" }}
|
||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||
{{ end }}
|
||||
|
||||
17
package.yml
17
package.yml
@ -1,17 +0,0 @@
|
||||
---
|
||||
name: Wordpress
|
||||
description: Open source software you can use to create a beautiful website, blog, or app
|
||||
arguments:
|
||||
name:
|
||||
description: The name of your Wordpress application
|
||||
example: my-cool-project
|
||||
domain:
|
||||
description: The domain name where your Wordpress will be available on the web
|
||||
example: my-cool-project.com
|
||||
secrets:
|
||||
db_passwd:
|
||||
description: The normal user database password
|
||||
length: 8
|
||||
db_root_passwd:
|
||||
description: The root user database password
|
||||
length: 8
|
||||
1
release/2.10.0+6.5.5
Normal file
1
release/2.10.0+6.5.5
Normal file
@ -0,0 +1 @@
|
||||
Adds redirects and alakazam integration
|
||||
1
release/2.13.2+6.7.1
Normal file
1
release/2.13.2+6.7.1
Normal file
@ -0,0 +1 @@
|
||||
Breaking change for ftp container: you need to uncomment COMPOSE_FILE="$COMPOSE_FILE:compose.ftp-2222.yml" to open port 2222 again. You can also select between port 2220-2225.
|
||||
1
release/2.4.0+6.3.0
Normal file
1
release/2.4.0+6.3.0
Normal file
@ -0,0 +1 @@
|
||||
The authentik secrets need to be inserted again, as wordpress is not sharing the secret with authentik any more.
|
||||
1
release/2.7.0+6.4.2
Normal file
1
release/2.7.0+6.4.2
Normal file
@ -0,0 +1 @@
|
||||
Multisite now also works with subpaths instead of subdomains. Also Multisite support was simplified. If you are using a subdomain multisite setup you can remove the `WORDPRESS_CONFIG_EXTRA="define('MULTISITE', true);...` from your config and instead set MULTISITE=subdomain.
|
||||
11
uploads.ini.tmpl
Normal file
11
uploads.ini.tmpl
Normal file
@ -0,0 +1,11 @@
|
||||
{{ $upload_max_size := "256M" }}
|
||||
{{ if ne (env "UPLOAD_MAX_SIZE") "" }} {{ $upload_max_size = env "UPLOAD_MAX_SIZE" }} {{ end }}
|
||||
{{ $upload_max_time := "30" }}
|
||||
{{ if ne (env "UPLOAD_MAX_TIME") "" }} {{ $upload_max_time = env "UPLOAD_MAX_TIME" }} {{ end }}
|
||||
|
||||
file_uploads = On
|
||||
upload_max_filesize = {{ $upload_max_size }}
|
||||
post_max_size = {{ $upload_max_size }}
|
||||
memory_limit = {{ $upload_max_size }}
|
||||
max_execution_time = {{ $upload_max_time }}
|
||||
max_input_time = {{ $upload_max_time }}
|
||||
1
users.conf.tmpl
Normal file
1
users.conf.tmpl
Normal file
@ -0,0 +1 @@
|
||||
ftp_user:{{ secret "ftp_pass" }}:33:33
|
||||
Loading…
x
Reference in New Issue
Block a user