From 7a00c7fc45fef2d5cabafd3ef38a0af5571a44b1 Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:52:05 +0200 Subject: [PATCH 01/10] build(make/clean): now using prune to clean --- Makefile | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/Makefile b/Makefile index 8c2650b..41de72d 100644 --- a/Makefile +++ b/Makefile @@ -34,10 +34,10 @@ all: header get_secret build footer build: docker compose -f $(MAIN)/docker-compose.yml up --build -d -stop: - @docker compose -f $(MAIN)/docker-compose.yml down +stop: header + @docker compose -f $(MAIN)/docker-compose.yml stop @if [ $(shell docker ps -q | wc -l) -ne 0 ]; then \ - docker stop $(docker ps -q); \ + docker stop $(shell docker ps -q); \ fi @printf '$(GREY)Stopping all the $(RED)Containers$(END)\n'; @@ -83,25 +83,23 @@ clean: stop fi fclean: clean - @if [ $(shell docker images -aq | wc -l) -ne 0 ]; then \ - docker rmi -f $(shell docker images -aq); \ - fi + docker image prune -f -a @printf '$(GREY)Suppressing all the $(RED)Images$(END)\n'; - @if [ $(shell docker volume ls -q | wc -l) -ne 0 ]; then \ - docker volume rm $(shell docker volume ls -q); \ - fi + docker volume prune -f @printf '$(GREY)Suppressing all the $(RED)Volumes$(END)\n'; - @if [ $(shell docker network ls | grep -v "bridge\|host\|none\|NETWORK" | awk '{print $1}' | wc -l) -ne 0 ]; then \ - docker network rm $(shell docker network ls | grep -v "bridge\|host\|none\|NETWORK" | awk '{print $1}'); \ - fi + docker system prune -f -a @printf '$(GREY)Suppressing all the $(RED)Network$(END)\n'; re: header fclean all footer setup_vm: - sudo $(PACK_MAN) docker docker-compose + echo "127.0.0.1 rparodi.42.fr" | sudo tee -a /etc/hosts &> /dev/null + @printf "$(GREY)Adding the custom host $(GREEN)rparodi.42.fr$(END)\n"; \ + sudo $(PACK_MAN) docker docker-compose docker-buildx + @printf "$(GREY)Install the $(GREEN)docker docker-compose docker-buildx packages$(END)\n"; \ sudo usermod -aG docker $(shell whoami) - @printf '$(GREY)Virtual Machine now$(GREEN)setuped$(END)\n'; \ + @printf "$(GREY)User add to the $(GOLD)docker's group$(END)\n"; \ + @printf "$(GREY)Virtual Machine now $(GOLD)setuped$(END)\n"; \ # Header header: From 971f30f8f1945d7c78c32fc72eed25af8eb09040 Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:52:49 +0200 Subject: [PATCH 02/10] feat(nginx/dockerfile): now dockerfile is finished --- srcs/requirements/nginx/Dockerfile | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index e69de29..fac9ac2 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -0,0 +1,19 @@ +FROM alpine:3.21 + +RUN apk update +RUN apk add nginx openssl bash + +RUN mkdir -p /run/nginx /etc/nginx/ssl + +COPY conf/nginx.conf /etc/nginx/nginx.conf +COPY tools/generate_ssl_certificate.sh /usr/bin/generate_ssl_certificate + +RUN chmod +x /usr/bin/generate_ssl_certificate + +RUN /usr/bin/generate_ssl_certificate + +USER nginx + +EXPOSE 443 + +CMD ["nginx", "-g", "daemon off;"] From 9383276ddcf189e64b3dd723784ceda83e35e61a Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:54:06 +0200 Subject: [PATCH 03/10] feat(nginx/tools): now setup a certificate to generate certificate if needed --- .../nginx/tools/generate_ssl_certificate.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 srcs/requirements/nginx/tools/generate_ssl_certificate.sh diff --git a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh new file mode 100644 index 0000000..3b8207a --- /dev/null +++ b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +GREEN = \033[32m +GREY = \033[0;90m +RED = \033[0;31m +GOLD = \033[38;5;220m +END = \033[0m + +if [ ! -f "$CERT_DIR/nginx.key" ]; then + @printf '$GREYGenerating the ssl$GREEN Certificate$END\n'; + openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=rparodi.42.fr" +else + @printf '$GREYGenerating the ssl certificate$RED already exist$END\n'; +fi From 3ca8a96aa7ccc24478516d561d04f22dc0f26e0c Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:54:53 +0200 Subject: [PATCH 04/10] feat(nginx/conf): configuration nginx done --- srcs/requirements/nginx/conf/nginx.conf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 srcs/requirements/nginx/conf/nginx.conf diff --git a/srcs/requirements/nginx/conf/nginx.conf b/srcs/requirements/nginx/conf/nginx.conf new file mode 100644 index 0000000..c0aa745 --- /dev/null +++ b/srcs/requirements/nginx/conf/nginx.conf @@ -0,0 +1,16 @@ +http { + server { + listen 443 ssl; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_certificate /etc/nginx/ssl/nginx.crt; + ssl_certificate_key /etc/nginx/ssl/nginx.key; + + root /var/www/html; + index index.html; + + location / { + try_files $uri $uri/ =404; + } + } +} From aaa7dc3e235dee7873d5f309a44826ee4707932b Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:55:41 +0200 Subject: [PATCH 05/10] feat(docker/compose): now docker compose seems good --- srcs/docker-compose.yml | 50 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 srcs/docker-compose.yml diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml new file mode 100644 index 0000000..727b6ef --- /dev/null +++ b/srcs/docker-compose.yml @@ -0,0 +1,50 @@ +services: + + mariadb: + build: ./requirements/mariadb + container_name: mariadb + image: mariadb + env_file: + - ../secrets/.env + volumes: + - wp_db:/var/lib/mysql + networks: + - inception + restart: always + + wordpress: + container_name: wordpress + image: wordpress + build: ./requirements/wordpress + env_file: + - ../secrets/.env + depends_on: + - mariadb + networks: + - inception + + nginx: + container_name: nginx + image: nginx + env_file: + - ../secrets/.env + build: ./requirements/nginx + extra_hosts: + - "rparodi.42.fr:127.0.0.1" + ports: + - 443:443 + volumes: + - wp_files:/var/www/html + depends_on: + - wordpress + networks: + - inception + restart: always + +volumes: + wp_files: + wp_db: + +networks: + inception: + driver: bridge From 5ea86b3b51f8eeca22f14af8d1b7ad9b729863cd Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:57:02 +0200 Subject: [PATCH 06/10] feat(nginx/ignore): adding the file to respect the structure given by the subject --- srcs/requirements/nginx/.dockerignore | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 srcs/requirements/nginx/.dockerignore diff --git a/srcs/requirements/nginx/.dockerignore b/srcs/requirements/nginx/.dockerignore new file mode 100644 index 0000000..e69de29 From 387238065d2a08632814432f891d2284db0a496e Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 18:59:36 +0200 Subject: [PATCH 07/10] docs(style/readme): now using markdown for the link --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index da17431..559ae2f 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ ### Usefull links -(Docker)[https://docs.docker.com/reference/] -(MariaDB)[https://mariadb.com/kb/en/creating-a-custom-container-image/] -(Nginx)[https://nginx.org/en/docs/beginners_guide.html] +- [Docker](https://docs.docker.com/reference/) +- [MariaDB](https://mariadb.com/kb/en/creating-a-custom-container-image/) +- [Nginx](https://nginx.org/en/docs/beginners_guide.html) From b20e81b0feaf65fb1e21887aedd2fbe4a9c54106 Mon Sep 17 00:00:00 2001 From: Raphael Date: Sat, 14 Jun 2025 20:06:36 +0200 Subject: [PATCH 08/10] feat(mariadb): starting the Dockerfile of mariadb --- srcs/requirements/mariadb/Dockerfile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/srcs/requirements/mariadb/Dockerfile b/srcs/requirements/mariadb/Dockerfile index e69de29..9f6c7ca 100644 --- a/srcs/requirements/mariadb/Dockerfile +++ b/srcs/requirements/mariadb/Dockerfile @@ -0,0 +1,5 @@ +FROM alpine:3.21 + +RUN apk update && apk add mariadb mariadb-client + +EXPOSE 3306 From 778e1a90565b1c75b25f8f11bd64ccf8cff10b3a Mon Sep 17 00:00:00 2001 From: Raphael Date: Wed, 25 Jun 2025 23:10:28 +0200 Subject: [PATCH 09/10] feat(inception imporing stuff (come back on the subject) --- Makefile | 22 ++++++++++--------- srcs/requirements/mariadb/Dockerfile | 12 +++++++++- srcs/requirements/nginx/Dockerfile | 2 -- .../nginx/tools/generate_ssl_certificate.sh | 2 +- srcs/requirements/wordpress/Dockerfile | 21 ++++++++++++++++++ srcs/requirements/wordpress/tools/install.sh | 19 ++++++++++++++++ 6 files changed, 64 insertions(+), 14 deletions(-) create mode 100644 srcs/requirements/wordpress/tools/install.sh diff --git a/Makefile b/Makefile index 41de72d..fb981c1 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ # By: rparodi +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2025/06/12 18:09:23 by rparodi #+# #+# # -# Updated: 2025/06/14 18:26:21 by rparodi ### ########.fr # +# Updated: 2025/06/17 00:07:38 by rparodi ### ########.fr # # # # **************************************************************************** # @@ -92,14 +92,16 @@ fclean: clean re: header fclean all footer -setup_vm: - echo "127.0.0.1 rparodi.42.fr" | sudo tee -a /etc/hosts &> /dev/null - @printf "$(GREY)Adding the custom host $(GREEN)rparodi.42.fr$(END)\n"; \ - sudo $(PACK_MAN) docker docker-compose docker-buildx - @printf "$(GREY)Install the $(GREEN)docker docker-compose docker-buildx packages$(END)\n"; \ - sudo usermod -aG docker $(shell whoami) - @printf "$(GREY)User add to the $(GOLD)docker's group$(END)\n"; \ - @printf "$(GREY)Virtual Machine now $(GOLD)setuped$(END)\n"; \ +setup_vm: header + @echo "127.0.0.1 rparodi.42.fr" | sudo tee -a /etc/hosts &> /dev/null + @printf "$(GREY)Adding the custom host $(GREEN)rparodi.42.fr$(END)\n"; + @sudo $(PACK_MAN) docker docker-compose docker-buildx &> /dev/null + @printf "$(GREY)Install the $(GREEN)docker docker-compose docker-buildx packages$(END)\n"; + @sudo usermod -aG docker $(shell whoami) + @printf "$(GREY)User add to the $(GREEN)docker's group$(END)\n"; + @printf "$(GREY)Virtual Machine now $(GOLD)setuped$(END)\n"; + +setup: setup_vm # Header header: @@ -133,4 +135,4 @@ footer: @printf ' $(GREY)The build is $(GOLD)finished$(END)\n $(GREY)Have a good $(GOLD)evaluation !$(END)\n' # Phony -.PHONY: all nginx mariadb wordpress get_secret clean fclean re +.PHONY: all nginx mariadb wordpress get_secret clean fclean re setup setup_vm diff --git a/srcs/requirements/mariadb/Dockerfile b/srcs/requirements/mariadb/Dockerfile index 9f6c7ca..c90c885 100644 --- a/srcs/requirements/mariadb/Dockerfile +++ b/srcs/requirements/mariadb/Dockerfile @@ -1,5 +1,15 @@ FROM alpine:3.21 -RUN apk update && apk add mariadb mariadb-client +RUN apk update && apk add mariadb mariadb-client bash + +RUN mkdir -p /run/mysqld && chown -R mysql:mysql /run/mysqld + +HEALTHCHECK --start-period=5m CMD mariadb -e 'SELECT @@datadir;' || exit 1 + +RUN mysql_install_db --user=$DB_USER --basedir=/usr --datadir=/var/lib/mysql + +USER mysql EXPOSE 3306 + +CMD ["mariadbd"] diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index fac9ac2..336b581 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -12,8 +12,6 @@ RUN chmod +x /usr/bin/generate_ssl_certificate RUN /usr/bin/generate_ssl_certificate -USER nginx - EXPOSE 443 CMD ["nginx", "-g", "daemon off;"] diff --git a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh index 3b8207a..2a081b0 100644 --- a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh +++ b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh @@ -8,7 +8,7 @@ END = \033[0m if [ ! -f "$CERT_DIR/nginx.key" ]; then @printf '$GREYGenerating the ssl$GREEN Certificate$END\n'; - openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=rparodi.42.fr" + openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=$DOMAIN" else @printf '$GREYGenerating the ssl certificate$RED already exist$END\n'; fi diff --git a/srcs/requirements/wordpress/Dockerfile b/srcs/requirements/wordpress/Dockerfile index e69de29..3de5cac 100644 --- a/srcs/requirements/wordpress/Dockerfile +++ b/srcs/requirements/wordpress/Dockerfile @@ -0,0 +1,21 @@ +FROM alpine:3.21 + +RUN apk update && apk add bash wget php82 php82-phar php82-mysqli php82-fpm mariadb-client + +# RUN wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz + +RUN mkdir -p /var/www/html + +RUN wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /bin/wp-cli.phar; +RUN chmod +x /bin/wp-cli.phar; +RUN mv /bin/wp-cli.phar /bin/wp; + +RUN ln -s /usr/bin/php82 /usr/bin/php; +RUN ln -s /usr/sbin/php-fpm82 /usr/sbin/php-fpm; +RUN export PHP_OPTIONS="-d memory_limit=512M" + +COPY tools/install.sh /usr/bin/install-wp + +RUN chmod +x /usr/bin/install-wp + +CMD ["install-wp", "php-fpm"] diff --git a/srcs/requirements/wordpress/tools/install.sh b/srcs/requirements/wordpress/tools/install.sh new file mode 100644 index 0000000..410b8eb --- /dev/null +++ b/srcs/requirements/wordpress/tools/install.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +cd /var/www/html + +mariadb-admin --host=mariadb --port=3306 --user="$DB_USER" --password="$DB_PASS" --wait status + +if ! [ -f wp-load.php ]; then + wp core download --locale=fr_FR --allow-root --path=/var/www/html +fi + +if ! [ -f wp-config.php ]; then + wp config create --dbname=$DB_NAME --dbuser=$DB_USER --dbpass=$DB_PASSWORD --dbhost=$DB_HOST --skip-check --path=/var/www/html --allow-root + wp core install --url=$DOMAIN --title=$WP_TITLE --admin_user=$WP_ADMIN --admin_password=$WP_PASS_ADMIN --admin_email=$WP_MAIL_ADMIN --skip-email --path=/var/www/html --allow-root +fi + +chown wordpress:wordpress -R /var/www/html +chmod -R +rw /var/www/html + +exec php-fpm --nodeamonize From 4a600575131e282c16580513ddbdd7fe0b335ac2 Mon Sep 17 00:00:00 2001 From: Raphael Date: Fri, 27 Jun 2025 17:37:29 +0200 Subject: [PATCH 10/10] trying to commit with my voyager is too complicated at the moment --- Makefile | 23 ++++---- srcs/docker-compose.yml | 4 ++ srcs/requirements/mariadb/Dockerfile | 20 ++++--- srcs/requirements/mariadb/tools/start_db.sh | 19 ++++++ srcs/requirements/nginx/Dockerfile | 5 +- srcs/requirements/nginx/conf/nginx.conf | 58 +++++++++++++++---- .../nginx/tools/generate_ssl_certificate.sh | 13 +---- srcs/requirements/wordpress/Dockerfile | 17 ++++-- srcs/requirements/wordpress/conf/php-fpm.conf | 14 +++++ srcs/requirements/wordpress/tools/install.sh | 19 ++---- 10 files changed, 130 insertions(+), 62 deletions(-) create mode 100644 srcs/requirements/mariadb/tools/start_db.sh create mode 100644 srcs/requirements/wordpress/conf/php-fpm.conf diff --git a/Makefile b/Makefile index fb981c1..5819928 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ # By: rparodi +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2025/06/12 18:09:23 by rparodi #+# #+# # -# Updated: 2025/06/17 00:07:38 by rparodi ### ########.fr # +# Updated: 2025/06/27 17:23:54 by rparodi ### ########.fr # # # # **************************************************************************** # @@ -66,15 +66,16 @@ wordpress: docker build -t wordpress-test $(WORDPRESS) get_secret: - @if [ ! -d $(SECRET) ]; then \ - printf "$(RED)The secrets home folder doesn't exist$(END)\n"; \ - exit 1; \ - elif [ ! -d $(shell pwd)/secrets ]; then \ - cp -r $(SECRET) $(shell pwd)/secrets; \ - printf '$(GREY)Creating the folder $(GREEN)$(shell pwd)/secrets$(END)\n'; \ - else \ - printf '$(GREY)The secrets is $(RED)already existing$(END)\n'; \ - fi + +#@if [ ! -d $(SECRET) ]; then \ +# printf "$(RED)The secrets home folder doesn't exist$(END)\n"; \ +# exit 1; \ +#elif [ ! -d $(shell pwd)/secrets ]; then \ +# cp -r $(SECRET) $(shell pwd)/secrets; \ +# printf '$(GREY)Creating the folder $(GREEN)$(shell pwd)/secrets$(END)\n'; \ +#else \ +# printf '$(GREY)The secrets is $(RED)already existing$(END)\n'; \ +#fi clean: stop @printf '$(GREY)Suppressing all the $(RED)Containers$(END)\n'; @@ -85,7 +86,7 @@ clean: stop fclean: clean docker image prune -f -a @printf '$(GREY)Suppressing all the $(RED)Images$(END)\n'; - docker volume prune -f + docker volume prune -fa @printf '$(GREY)Suppressing all the $(RED)Volumes$(END)\n'; docker system prune -f -a @printf '$(GREY)Suppressing all the $(RED)Network$(END)\n'; diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml index 727b6ef..3f93cd0 100644 --- a/srcs/docker-compose.yml +++ b/srcs/docker-compose.yml @@ -20,6 +20,10 @@ services: - ../secrets/.env depends_on: - mariadb + ports: + - 9000:9000 + volumes: + - wp_files:/var/www/html networks: - inception diff --git a/srcs/requirements/mariadb/Dockerfile b/srcs/requirements/mariadb/Dockerfile index c90c885..abf5035 100644 --- a/srcs/requirements/mariadb/Dockerfile +++ b/srcs/requirements/mariadb/Dockerfile @@ -1,15 +1,17 @@ FROM alpine:3.21 -RUN apk update && apk add mariadb mariadb-client bash +RUN apk update && apk add sudo mariadb mariadb-client bash; -RUN mkdir -p /run/mysqld && chown -R mysql:mysql /run/mysqld - -HEALTHCHECK --start-period=5m CMD mariadb -e 'SELECT @@datadir;' || exit 1 - -RUN mysql_install_db --user=$DB_USER --basedir=/usr --datadir=/var/lib/mysql - -USER mysql +RUN mkdir -p /var/lib/mysqld; +RUN mkdir -p /run/mysqld; +RUN chown -R mysql:mysql /run/mysqld; +RUN chown -R mysql:mysql /var/lib/mysqld; EXPOSE 3306 -CMD ["mariadbd"] +RUN /usr/bin/mysql_install_db --user=mysql --datadir=/var/lib/mysql; + +COPY tools/start_db.sh /usr/bin/start_db +RUN chmod +x /usr/bin/start_db; + +CMD ["start_db"] diff --git a/srcs/requirements/mariadb/tools/start_db.sh b/srcs/requirements/mariadb/tools/start_db.sh new file mode 100644 index 0000000..01d99f1 --- /dev/null +++ b/srcs/requirements/mariadb/tools/start_db.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +sudo -u mysql -s /bin/sh -c mysqld & +PID=$! + +mariadb-admin status --wait + +mariadb -e "CREATE DATABASE IF NOT EXISTS ${DB_NAME};" +mariadb -e "CREATE USER IF NOT EXISTS '${DB_USER}'@'%' IDENTIFIED BY '${DB_PASSWORD}';" +mariadb -e "GRANT ALL PRIVILEGES ON ${DB_NAME}.* TO '${DB_USER}'@'%';" +mariadb -e "FLUSH PRIVILEGES;" + +sudo -u mysql -s /bin/sh -c "mysqladmin shutdown" +wait "$PID" + +sed -i /etc/my.cnf.d/mariadb-server.cnf -e 's/^port=3307$/\0\nbind-address = 0.0.0.0/' +sed -i /etc/my.cnf.d/mariadb-server.cnf -e 's/^skip-networking$/;\0/' + +exec sudo -u mysql -s /bin/sh -c mysqld diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index 336b581..3ee3954 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -5,13 +5,12 @@ RUN apk add nginx openssl bash RUN mkdir -p /run/nginx /etc/nginx/ssl +RUN rm -rf /var/www/html; COPY conf/nginx.conf /etc/nginx/nginx.conf COPY tools/generate_ssl_certificate.sh /usr/bin/generate_ssl_certificate RUN chmod +x /usr/bin/generate_ssl_certificate -RUN /usr/bin/generate_ssl_certificate - EXPOSE 443 -CMD ["nginx", "-g", "daemon off;"] +CMD ["generate_ssl_certificate"] diff --git a/srcs/requirements/nginx/conf/nginx.conf b/srcs/requirements/nginx/conf/nginx.conf index c0aa745..d94d155 100644 --- a/srcs/requirements/nginx/conf/nginx.conf +++ b/srcs/requirements/nginx/conf/nginx.conf @@ -1,16 +1,52 @@ +# /etc/nginx/nginx.conf +# disable daemonization +daemon off; +# basically the default config. stolen from the container before overriting +error_log stderr info; +pcre_jit on; +# user wordpress; +worker_processes auto; +events { + worker_connections 1024; +} http { - server { - listen 443 ssl; + include /etc/nginx/mime.types; + default_type application/octet-stream; + server_tokens off; + client_max_body_size 1m; + sendfile on; + tcp_nopush on; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:2m; + ssl_session_timeout 1h; + ssl_session_tickets off; + gzip_vary on; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log stderr; + # end of default server + server { + listen 443 ssl; + listen [::]:443 ssl; + server_name rparodi.42.fr; - ssl_protocols TLSv1.2 TLSv1.3; ssl_certificate /etc/nginx/ssl/nginx.crt; ssl_certificate_key /etc/nginx/ssl/nginx.key; - - root /var/www/html; - index index.html; - - location / { - try_files $uri $uri/ =404; - } - } + ssl_protocols TLSv1.3; + index index.php; + root /var/www/html; + location ~ [^/]\.php(/|$) { + try_files $uri =404; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass wordpress:9000; + } + } } diff --git a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh index 2a081b0..3e5167d 100644 --- a/srcs/requirements/nginx/tools/generate_ssl_certificate.sh +++ b/srcs/requirements/nginx/tools/generate_ssl_certificate.sh @@ -1,14 +1,7 @@ #!/usr/bin/env bash -GREEN = \033[32m -GREY = \033[0;90m -RED = \033[0;31m -GOLD = \033[38;5;220m -END = \033[0m - if [ ! -f "$CERT_DIR/nginx.key" ]; then - @printf '$GREYGenerating the ssl$GREEN Certificate$END\n'; - openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=$DOMAIN" -else - @printf '$GREYGenerating the ssl certificate$RED already exist$END\n'; + openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=Paris/L=42/O=Students/OU=Inception/CN=rparodi.42.fr" fi + +exec nginx diff --git a/srcs/requirements/wordpress/Dockerfile b/srcs/requirements/wordpress/Dockerfile index 3de5cac..2be4b70 100644 --- a/srcs/requirements/wordpress/Dockerfile +++ b/srcs/requirements/wordpress/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:3.21 -RUN apk update && apk add bash wget php82 php82-phar php82-mysqli php82-fpm mariadb-client +RUN apk update && apk add php82-curl php82-gd php82-mbstring php82-session php82-opcache php82-zlib bash wget php82 php82-phar php82-mysqli php82-fpm mariadb-client; # RUN wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz -RUN mkdir -p /var/www/html +RUN mkdir -p /var/www/html; RUN wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /bin/wp-cli.phar; RUN chmod +x /bin/wp-cli.phar; @@ -12,10 +12,17 @@ RUN mv /bin/wp-cli.phar /bin/wp; RUN ln -s /usr/bin/php82 /usr/bin/php; RUN ln -s /usr/sbin/php-fpm82 /usr/sbin/php-fpm; -RUN export PHP_OPTIONS="-d memory_limit=512M" + +RUN adduser -D wordpress -g wordpress; +RUN chown wordpress:wordpress -R /var/www/html; +RUN chmod -R +rw /var/www/html; +RUN chmod -R +rw /var/log/php82/; COPY tools/install.sh /usr/bin/install-wp +RUN chmod +x /usr/bin/install-wp; -RUN chmod +x /usr/bin/install-wp +COPY ./conf/php-fpm.conf /etc/php82/php-fpm.d/www.conf +RUN sed -i 's/^memory_limit\s*=.*/memory_limit = 1024M/' /etc/php82/php.ini; +USER wordpress -CMD ["install-wp", "php-fpm"] +CMD ["install-wp"] diff --git a/srcs/requirements/wordpress/conf/php-fpm.conf b/srcs/requirements/wordpress/conf/php-fpm.conf new file mode 100644 index 0000000..f415f67 --- /dev/null +++ b/srcs/requirements/wordpress/conf/php-fpm.conf @@ -0,0 +1,14 @@ +[global] +daemonize = false +error_log = /dev/stderr + +[www] +listen = 0.0.0.0:9000 + +pm = dynamic +pm.max_children = 25 +pm.start_servers = 5 +pm.min_spare_servers = 1 +pm.max_spare_servers = 10 +access.log = /dev/stderr +catch_workers_output = yes diff --git a/srcs/requirements/wordpress/tools/install.sh b/srcs/requirements/wordpress/tools/install.sh index 410b8eb..744c920 100644 --- a/srcs/requirements/wordpress/tools/install.sh +++ b/srcs/requirements/wordpress/tools/install.sh @@ -1,19 +1,12 @@ #!/bin/sh +set -xe +mysqladmin --host=mariadb --port=3306 --user="$DB_USER" --password="$DB_PASSWORD" --wait status -cd /var/www/html - -mariadb-admin --host=mariadb --port=3306 --user="$DB_USER" --password="$DB_PASS" --wait status - -if ! [ -f wp-load.php ]; then +if ! [ -e /var/www/html/wp-config.php ]; then wp core download --locale=fr_FR --allow-root --path=/var/www/html -fi - -if ! [ -f wp-config.php ]; then wp config create --dbname=$DB_NAME --dbuser=$DB_USER --dbpass=$DB_PASSWORD --dbhost=$DB_HOST --skip-check --path=/var/www/html --allow-root - wp core install --url=$DOMAIN --title=$WP_TITLE --admin_user=$WP_ADMIN --admin_password=$WP_PASS_ADMIN --admin_email=$WP_MAIL_ADMIN --skip-email --path=/var/www/html --allow-root + wp core install --url=$DOMAIN --title="$WP_TITLE" --admin_user=$WP_ADMIN --admin_password=$WP_PASS_ADMIN --admin_email=$WP_MAIL_ADMIN --path=/var/www/html --allow-root + wp user create "$WP_USER" "$WP_MAIL" --user_pass="$WP_PASS" --role=editor --path=/var/www/html fi -chown wordpress:wordpress -R /var/www/html -chmod -R +rw /var/www/html - -exec php-fpm --nodeamonize +exec php-fpm -F