From 5afd237bbd22028b85532b8c0b3fcead49a00764 Mon Sep 17 00:00:00 2001 From: Charles Date: Thu, 9 Jan 2020 18:38:59 +0100 Subject: SSL and cleaner Dockerfile with setup scripts --- Dockerfile | 27 ++++++++++------------- srcs/nginx_conf/ft_server.com | 41 +++++++++++++++++++++++++++++++++++ srcs/nginx_conf/test.com | 30 ------------------------- srcs/scripts/docker_entrypoint.sh | 7 ++++++ srcs/scripts/generate_certificates.sh | 10 +++++++++ srcs/scripts/wordpress_setup.sql | 5 +++++ srcs/wordpress/wp-config.php | 4 ++-- 7 files changed, 77 insertions(+), 47 deletions(-) create mode 100644 srcs/nginx_conf/ft_server.com delete mode 100644 srcs/nginx_conf/test.com create mode 100755 srcs/scripts/docker_entrypoint.sh create mode 100755 srcs/scripts/generate_certificates.sh create mode 100755 srcs/scripts/wordpress_setup.sql diff --git a/Dockerfile b/Dockerfile index d6a48cf..4018114 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,27 +4,24 @@ RUN apt update && \ apt install -y nginx \ php-fpm \ mariadb-server \ - php-mysql - # php-mbstring \ - # php-gettext - -COPY srcs/nginx_conf /etc/nginx/sites-available/ + php-mysql \ + php-mbstring \ + curl RUN mkdir /var/www/wordpress /var/www/phpmyadmin COPY srcs/wordpress /var/www/wordpress COPY srcs/phpmyadmin /var/www/phpmyadmin -RUN ln -fs /etc/nginx/sites-available/test.com /etc/nginx/sites-enabled/default +COPY srcs/nginx_conf /etc/nginx/sites-available/ +RUN rm /etc/nginx/sites-enabled/default && \ + ln -fs /etc/nginx/sites-available/ft_server.com /etc/nginx/sites-enabled/ft_server.com -EXPOSE 80 +COPY srcs/scripts /root/scripts RUN service mysql start && \ - echo "CREATE DATABASE testdb;" | mysql -u root && \ - echo "CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';" | mysql -u root && \ - echo "GRANT ALL PRIVILEGES ON testdb.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';" | mysql -u root && \ - echo "FLUSH PRIVILEGES;" | mysql -u root + mysql -u root < /root/scripts/wordpress_setup.sql && \ + sh /root/scripts/generate_certificates.sh + +EXPOSE 80 -CMD service php7.3-fpm start && \ - service mysql start && \ - service nginx start && \ - sleep infinity & wait +CMD ["/root/scripts/docker_entrypoint.sh"] diff --git a/srcs/nginx_conf/ft_server.com b/srcs/nginx_conf/ft_server.com new file mode 100644 index 0000000..b04e470 --- /dev/null +++ b/srcs/nginx_conf/ft_server.com @@ -0,0 +1,41 @@ +server { + listen 443 ssl; + listen [::]:443 ssl; + + ssl_certificate /root/ssl/localhost.pem; + ssl_certificate_key /root/ssl/localhost-key.pem; + + server_name localhost; + index index.php; + root /var/www/wordpress; + + location / { + try_files $uri $uri/ =404; # if uri or uri/ not valid, 404 error + } + + # phpmyadmin path, change root + location /phpmyadmin { + root /var/www; + index index.php; + location ~ ^/phpmyadmin/(.+\.php)$ { + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + } + location ~ ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /var/www; + } + } + + # php files + location ~ \.php$ { + include snippets/fastcgi-php.conf; # include php fpm settings + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; # socket where php fpm is running + } +} + +server { + listen 80; + listen [::]:80; + server_name localhost; + return 301 https://$host$request_uri; +} diff --git a/srcs/nginx_conf/test.com b/srcs/nginx_conf/test.com deleted file mode 100644 index b9d9de2..0000000 --- a/srcs/nginx_conf/test.com +++ /dev/null @@ -1,30 +0,0 @@ -server { - listen 80; - server_name localhost; - index index.php; - root /var/www/wordpress; - - location / { - try_files $uri $uri/ =404; # if uri or uri/ not valid, 404 error - } - - # phpmyadmin path, change root - location /phpmyadmin { - root /var/www; - index index.php; - location ~ ^/phpmyadmin/(.+\.php)$ { - include snippets/fastcgi-php.conf; - fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; - } - location ~ ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { - root /var/www; - } - } - - # php files - location ~ \.php$ { - include snippets/fastcgi-php.conf; # include php fpm settings - fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; # socket where php fpm is running - } -} - diff --git a/srcs/scripts/docker_entrypoint.sh b/srcs/scripts/docker_entrypoint.sh new file mode 100755 index 0000000..ebcd5a2 --- /dev/null +++ b/srcs/scripts/docker_entrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +service mysql start +service php7.3-fpm start +service nginx start +sleep infinity & +wait diff --git a/srcs/scripts/generate_certificates.sh b/srcs/scripts/generate_certificates.sh new file mode 100755 index 0000000..29afef7 --- /dev/null +++ b/srcs/scripts/generate_certificates.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +cd /root +mkdir ssl +cd ssl + +curl -L https://github.com/FiloSottile/mkcert/releases/download/v1.1.2/mkcert-v1.1.2-linux-amd64 > mkcert +chmod +x mkcert +./mkcert -install +./mkcert localhost diff --git a/srcs/scripts/wordpress_setup.sql b/srcs/scripts/wordpress_setup.sql new file mode 100755 index 0000000..b0fc867 --- /dev/null +++ b/srcs/scripts/wordpress_setup.sql @@ -0,0 +1,5 @@ +CREATE DATABASE wordpressdb; +CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'wordpresspass'; +GRANT ALL PRIVILEGES ON wordpressdb.* TO 'wordpressuser'@'localhost' + IDENTIFIED BY 'wordpresspass'; +FLUSH PRIVILEGES; diff --git a/srcs/wordpress/wp-config.php b/srcs/wordpress/wp-config.php index d15cf83..2c45c2d 100644 --- a/srcs/wordpress/wp-config.php +++ b/srcs/wordpress/wp-config.php @@ -20,13 +20,13 @@ // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ -define( 'DB_NAME', 'testdb' ); +define( 'DB_NAME', 'wordpressdb' ); /** MySQL database username */ define( 'DB_USER', 'wordpressuser' ); /** MySQL database password */ -define( 'DB_PASSWORD', 'password' ); +define( 'DB_PASSWORD', 'wordpresspass' ); /** MySQL hostname */ define( 'DB_HOST', 'localhost' ); -- cgit