├── sample ├── wordpress │ ├── plugins │ │ ├── security │ │ └── base │ └── wp-config.php ├── themes │ └── my-theme │ │ ├── functions.php │ │ └── style.css ├── kubernetes │ ├── wordpress-service.yml │ ├── cloudsql-service.json │ ├── cluster.md │ ├── cloudsql.md │ └── wordpress-deployment.yml ├── plugins │ └── my-plugin │ │ └── my-plugin.php ├── docker-compose.yml └── Dockerfile ├── cli ├── wpcli.sh ├── wp-completion.bash ├── README.md ├── entrypoint.sh └── Dockerfile ├── nginx ├── README.md ├── entrypoint.sh ├── default.conf ├── restrictions.conf ├── Dockerfile └── wordpress.conf ├── base ├── entrypoint.sh ├── README.md ├── vars.sh ├── Dockerfile └── plugins.sh ├── .gitignore ├── setup ├── wp-cli.yml ├── README.md └── setup.sh └── README.md /sample/wordpress/plugins/security: -------------------------------------------------------------------------------- 1 | better-wp-security 2 | -------------------------------------------------------------------------------- /cli/wpcli.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # wrap wpcli command 5 | sudo -u www-data wpcli "$@" 6 | -------------------------------------------------------------------------------- /sample/wordpress/plugins/base: -------------------------------------------------------------------------------- 1 | # WP-stateless 2 | wp-stateless 1.9.0 3 | 4 | # WP AMP Plugin from Github 5 | https://github.com/Automattic/amp-wp/archive/master.zip 6 | -------------------------------------------------------------------------------- /nginx/README.md: -------------------------------------------------------------------------------- 1 | 2 | # Wordpress Stateless Nginx 3 | 4 | Runs Wordpress with Nginx via PHP-FPM. 5 | 6 | ## Build Container 7 | > docker build -t wp-stateless-nginx:wp- . 8 | -------------------------------------------------------------------------------- /nginx/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | echo "=> Starting NGINX.. " 5 | # start nginx daemonless in background 6 | nginx -g "daemon off;" & 7 | 8 | # execute base entrypoint and pass params 9 | /entrypoint.sh $@ 10 | -------------------------------------------------------------------------------- /sample/themes/my-theme/functions.php: -------------------------------------------------------------------------------- 1 | 7 | -------------------------------------------------------------------------------- /nginx/default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80 default_server; 3 | server_name _; 4 | 5 | root /var/www/html; 6 | 7 | index index.php; 8 | 9 | include global/restrictions.conf; 10 | include global/wordpress.conf; 11 | } 12 | -------------------------------------------------------------------------------- /sample/kubernetes/wordpress-service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: wordpress-service 5 | labels: 6 | app: public-webservice 7 | spec: 8 | type: LoadBalancer 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | selector: 13 | app: my-wordpress 14 | -------------------------------------------------------------------------------- /base/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # Setup Wordpress Vars 5 | /vars.sh 6 | 7 | # Change Group of Themes Folder if mapped to local folder for dev 8 | sudo chgrp -R www-data /var/www/html/wp-content/themes/ 9 | 10 | # Execute PHP-FPM 11 | echo "=> Executing PHP FPM" 12 | exec php-fpm 13 | -------------------------------------------------------------------------------- /sample/kubernetes/cloudsql-service.json: -------------------------------------------------------------------------------- 1 | { 2 | "type": "service_account", 3 | "project_id": "", 4 | "private_key_id": "", 5 | "private_key": "", 6 | "client_email": "", 7 | "client_id": "", 8 | "auth_uri": "", 9 | "token_uri": "", 10 | "auth_provider_x509_cert_url": "", 11 | "client_x509_cert_url": "" 12 | } 13 | -------------------------------------------------------------------------------- /base/README.md: -------------------------------------------------------------------------------- 1 | 2 | # Wordpress Stateless Base 3 | 4 | ## Build Container 5 | > docker build -t wp-stateless-base:wp- . 6 | 7 | ## Run Container 8 | > docker run --name wp_stateless --rm \ 9 | -e WORDPRESS_DEV='true' \ 10 | -e WORDPRESS_DB_HOST='10.0.0.1:3306' \ 11 | -e WORDPRESS_DB_USER='root' \ 12 | -e WORDPRESS_DB_PASSWORD='root' \ 13 | -e WORDPRESS_DB_NAME='wordpress' \ 14 | -------------------------------------------------------------------------------- /sample/plugins/my-plugin/my-plugin.php: -------------------------------------------------------------------------------- 1 | docker run --name wp_stateless_setup --rm --interactive \ 11 | -v $(pwd)/output:/var/config \ 12 | -v $(pwd)/wp-cli.yml:/var/www/html/wp-cli.yml \ 13 | -v $(pwd)/setup.sh:/var/www/html/setup.sh \ 14 | wp-stateless-cli:wp-4.7.5 /var/www/html/setup.sh 15 | -------------------------------------------------------------------------------- /sample/themes/my-theme/style.css: -------------------------------------------------------------------------------- 1 | /* 2 | Theme Name: My Twenty Seventeen Child 3 | Theme URI: http://example.com/twenty-seventeen-child/ 4 | Description: Twenty Seventeen Child Theme 5 | Author: Example 6 | Author URI: http://example.com 7 | Template: twentyseventeen 8 | Version: 1.0.0 9 | License: GNU General Public License v2 or later 10 | License URI: http://www.gnu.org/licenses/gpl-2.0.html 11 | Tags: light, dark, two-columns, right-sidebar, responsive-layout, accessibility-ready 12 | Text Domain: twenty-seventeen-child 13 | */ 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | # Wordpress Stateless 3 | 4 | Dockerfiles for a custom Wordpress Setup that is fully Stateless. 5 | 6 | ## base 7 | 8 | Contains the Wordpress installation and some additional scripts for plugins setup and variable config filtering. 9 | Includes PHP-FPM. 10 | 11 | ## cli 12 | 13 | Adds WP-CLI to the Dockerfile to use for maintainance operations on the Wordpress installation Database. 14 | 15 | ## nginx 16 | 17 | Installs NGINX and adds configuration to call PHP-FPM. 18 | 19 | ## setup 20 | 21 | Setup Script for a fresh wordpress setup via the WP-CLI docker container. 22 | -------------------------------------------------------------------------------- /cli/wp-completion.bash: -------------------------------------------------------------------------------- 1 | # bash completion for the `wp` command 2 | 3 | _wp_complete() { 4 | local OLD_IFS="$IFS" 5 | local cur=${COMP_WORDS[COMP_CWORD]} 6 | 7 | IFS=$'\n'; # want to preserve spaces at the end 8 | local opts="$(wpcli cli completions --allow-root --line="$COMP_LINE" --point="$COMP_POINT")" 9 | 10 | if [[ "$opts" =~ \\s* ]] 11 | then 12 | COMPREPLY=( $(compgen -f -- $cur) ) 13 | elif [[ $opts = "" ]] 14 | then 15 | COMPREPLY=( $(compgen -f -- $cur) ) 16 | else 17 | COMPREPLY=( ${opts[*]} ) 18 | fi 19 | 20 | IFS="$OLD_IFS" 21 | return 0 22 | } 23 | complete -o nospace -F _wp_complete wp 24 | -------------------------------------------------------------------------------- /cli/README.md: -------------------------------------------------------------------------------- 1 | 2 | # Wordpress Stateless CLI 3 | 4 | Runs wp-cli for Wordpress maintainance operations. 5 | 6 | ## Build Container 7 | > docker build -t wp-stateless-cli:wp- . 8 | 9 | ## Run Container 10 | 11 | ### Provide all settings via wp-config 12 | > docker run --name wp_stateless --rm --interactive \ 13 | -v /config:/var/config \ 14 | wp-stateless-cli:wp 15 | 16 | ## filter wp-config.php with different db connection details for different environments 17 | > docker run --name wp_stateless --rm --interactive \ 18 | -e WORDPRESS_DEV='true' \ 19 | -e WORDPRESS_DB_HOST='10.0.0.1:3306' \ 20 | -e WORDPRESS_DB_USER='root' \ 21 | -e WORDPRESS_DB_PASSWORD='root' \ 22 | -e WORDPRESS_DB_NAME='wordpress' \ 23 | -v /config:/var/config \ 24 | wp-stateless-cli 25 | -------------------------------------------------------------------------------- /nginx/restrictions.conf: -------------------------------------------------------------------------------- 1 | # Global restrictions configuration file. 2 | # Designed to be included in any server {} block. 3 | location = /favicon.ico { 4 | log_not_found off; 5 | access_log off; 6 | } 7 | 8 | location = /robots.txt { 9 | allow all; 10 | log_not_found off; 11 | access_log off; 12 | try_files $uri /index.php?$args; 13 | } 14 | 15 | # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). 16 | # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) 17 | location ~ /\. { 18 | deny all; 19 | } 20 | 21 | # Deny access to any files with a .php extension in the uploads directory 22 | # Works in sub-directory installs and also in multisite network 23 | # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) 24 | location ~* /(?:uploads|files)/.*\.php$ { 25 | deny all; 26 | } -------------------------------------------------------------------------------- /nginx/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wp-stateless-cli:wp-4.9.1 2 | 3 | # install nginx 4 | RUN apt-get update && apt-get install -y nginx && rm -rf /var/lib/apt/lists/* 5 | 6 | 7 | ############################################################################################## 8 | # NGINX SETUP 9 | ############################################################################################## 10 | RUN rm -r /etc/nginx/sites-enabled/* 11 | ADD default.conf /etc/nginx/sites-enabled/default.conf 12 | ADD wordpress.conf /etc/nginx/global/wordpress.conf 13 | ADD restrictions.conf /etc/nginx/global/restrictions.conf 14 | 15 | 16 | ############################################################################################## 17 | # CUSTOM ENTRYPOINT 18 | ############################################################################################## 19 | ADD entrypoint.sh /entrypoint_nginx.sh 20 | RUN chmod +x /entrypoint_nginx.sh 21 | 22 | # reset entrypoint from parent cli 23 | ENTRYPOINT [] 24 | CMD ["/entrypoint_nginx.sh"] 25 | -------------------------------------------------------------------------------- /sample/kubernetes/cluster.md: -------------------------------------------------------------------------------- 1 | # gcloud create new container cluster 2 | 3 | - List the available zones 4 | 5 | For easier command line use, we set our desired compute zone. This dictates in which data center the cluster is going to be started in. 6 | > gcloud compute zones list 7 | 8 | - Select a zone from the list 9 | > gcloud config set compute/zone $zone 10 | 11 | - Create new cluster 12 | 13 | To save costs we do provide some additional settings like image type and node count. 14 | > gcloud container clusters create example-cluster --machine-type g1-small --num-nodes 2 --no-enable-cloud-endpoints --no-enable-cloud-monitoring 15 | 16 | - Fetch credentials to allow to control the cluster via kubectl command line tool 17 | > gcloud container clusters get-credentials example-cluster 18 | 19 | # gcloud clean up 20 | - To temporary stop the cluster 21 | > gcloud container clusters resize example-cluster --size=0 22 | 23 | - To delete the cluster 24 | > gcloud container clusters delete example-cluster 25 | -------------------------------------------------------------------------------- /cli/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # Check if a config is provided 5 | if [ -e /var/config/wp-config.php ]; then 6 | 7 | echo "=> Found config using provided wp-config.php... " 8 | 9 | cp /var/config/wp-config.php ./wp-config.php 10 | 11 | # Setup Wordpress Vars 12 | /vars.sh 13 | 14 | # Handle Search Replace 15 | [ "$SEARCH_REPLACE" ] && \ 16 | BEFORE_URL=$(echo "$SEARCH_REPLACE" | cut -d ',' -f 1) && \ 17 | AFTER_URL=$(echo "$SEARCH_REPLACE" | cut -d ',' -f 2) || \ 18 | SEARCH_REPLACE=false 19 | 20 | if [ "$SEARCH_REPLACE" != false ]; then 21 | printf "=> Replacing URLs... " 22 | REPLACEMENTS=$(wp search-replace "$BEFORE_URL" "$AFTER_URL" --network --skip-columns=guid | grep replacement) 23 | echo -ne "$REPLACEMENTS\n" 24 | fi 25 | 26 | # @TODO MultiSite Domain change : https://wpengine.com/support/how-to-change-a-multi-site-primary-domain/ 27 | 28 | 29 | else 30 | 31 | echo "=> No config provided at /var/config/wp-config.php " 32 | fi 33 | 34 | echo "=> Executing command $@" 35 | exec $@ 36 | -------------------------------------------------------------------------------- /cli/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wp-stateless-base:wp-4.9.1 2 | 3 | ############################################################################################## 4 | # WORDPRESS CLI SETUP 5 | ############################################################################################## 6 | 7 | # install less for wp-cli support , and xterm for terminal support 8 | RUN apt-get update && apt-get install -y less 9 | ENV TERM=xterm 10 | 11 | # install wp-cli 12 | RUN curl -o /usr/local/bin/wpcli https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \ 13 | && chmod +x /usr/local/bin/wpcli 14 | 15 | # add wpcli wrapper 16 | ADD wpcli.sh /usr/local/bin/wp 17 | RUN chmod +x /usr/local/bin/wp 18 | 19 | # add tab completion 20 | ADD wp-completion.bash /wp-completion.bash 21 | RUN echo "source /wp-completion.bash" >> ~/.bashrc 22 | 23 | ############################################################################################## 24 | # CUSTOM ENTRYPOINT 25 | ############################################################################################## 26 | ADD entrypoint.sh /entrypoint_cli.sh 27 | RUN chmod +x /entrypoint_cli.sh 28 | 29 | ENTRYPOINT ["/entrypoint_cli.sh"] 30 | -------------------------------------------------------------------------------- /nginx/wordpress.conf: -------------------------------------------------------------------------------- 1 | # WordPress single site rules. 2 | # Designed to be included in any server {} block. 3 | 4 | # This order might seem weird - this is attempted to match last if rules below fail. 5 | # http://wiki.nginx.org/HttpCoreModule 6 | location / { 7 | try_files $uri $uri/ /index.php?$args; 8 | } 9 | 10 | # Add trailing slash to */wp-admin requests. 11 | rewrite /wp-admin$ $scheme://$host$uri/ permanent; 12 | 13 | # Directives to send expires headers and turn off 404 error logging. 14 | location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { 15 | access_log off; log_not_found off; expires max; 16 | } 17 | 18 | # Pass all .php files onto a php-fpm/php-fcgi server. 19 | location ~ [^/]\.php(/|$) { 20 | fastcgi_split_path_info ^(.+?\.php)(/.*)$; 21 | if (!-f $document_root$fastcgi_script_name) { 22 | return 404; 23 | } 24 | # This is a robust solution for path info security issue and works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default) 25 | 26 | include fastcgi_params; 27 | fastcgi_index index.php; 28 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 29 | fastcgi_pass 0.0.0.0:9000; 30 | } 31 | -------------------------------------------------------------------------------- /sample/kubernetes/cloudsql.md: -------------------------------------------------------------------------------- 1 | 2 | # Setup Kubernetes to connect to the Cloud SQL instance 3 | 4 | [Link to Docs](https://cloud.google.com/sql/docs/mysql/connect-container-engine) 5 | 6 | - Enable Cloud SQL API 7 | 8 | [Link to UI](https://console.cloud.google.com/flows/enableapi?apiid=sqladmin) 9 | 10 | - Create Service Account 11 | 12 | [Link to UI](https://console.cloud.google.com/iam-admin/serviceaccounts/) 13 | 14 | As Role select Cloud SQL > Cloud SQL Client. 15 | Select "Furnish a new private key" with JSON format. 16 | Download your private key. 17 | 18 | - Create a custom User for access via the Container Engine Cluster 19 | 20 | [Link to UI](https://console.cloud.google.com/sql/instances) select your database -> Access Control -> Users 21 | Create a user "kubernetes" and choose a password. 22 | 23 | - Register the Private Key as a secret in the Container Engine Cluster 24 | > kubectl create secret generic cloudsql-instance-credentials --from-file=credentials.json=downloaded-privatekey.json 25 | 26 | - Register User/Password as a secrets in the Container Engine Cluster 27 | > kubectl create secret generic cloudsql --from-literal=username=kubernetes --from-literal=password=kubernetes 28 | 29 | - List saved secrets for control 30 | > kubectl get secrets 31 | 32 | -------------------------------------------------------------------------------- /sample/docker-compose.yml: -------------------------------------------------------------------------------- 1 | 2 | version: '2' 3 | services: 4 | # Wordpress Image 5 | wordpress: 6 | build: 7 | context: . # dockerfile acccess to full folder 8 | dockerfile: ./Dockerfile 9 | image: my-wordpress # tag as 10 | links: 11 | - db:mysql 12 | ports: 13 | - 80:80 14 | - 443:443 15 | volumes: 16 | # - ./wp-content/uploads:/var/www/html/wp-content/uploads # Save Media uploads 17 | - ./plugins/my-plugin:/var/www/html/wp-content/plugins/my-plugin # Plugin development 18 | - ./themes/my-theme:/var/www/html/wp-content/themes/my-theme # Blog Theme development 19 | environment: 20 | WORDPRESS_DEV: "true" 21 | WORDPRESS_DB_HOST: mysql 22 | WORDPRESS_DB_USER: root 23 | WORDPRESS_DB_PASSWORD: root 24 | WORDPRESS_DB_NAME: wordpress 25 | WORDPRESS_CURRENT_HOST: www.mywordpress.local 26 | 27 | 28 | # Dev Database 29 | db: 30 | image: mysql:5.7 31 | ports: 32 | - 3306:3306 33 | volumes: 34 | - my-wordpress-db-new:/var/lib/mysql 35 | environment: 36 | MYSQL_ROOT_PASSWORD: root 37 | # Dev Mysql Admin 38 | phpmyadmin: 39 | image: phpmyadmin/phpmyadmin 40 | links: 41 | - db 42 | ports: 43 | - 8090:80 44 | environment: 45 | MYSQL_USERNAME: root 46 | MYSQL_ROOT_PASSWORD: root 47 | 48 | 49 | # Stored Named Data Volumes ( default /var/lib/docker/volumes/ ) 50 | # List volumes via docker volume ls 51 | volumes: 52 | my-wordpress-db-new : {} 53 | -------------------------------------------------------------------------------- /base/vars.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | ############################################################################################## 5 | # WORDPRESS DYNAMIC VARS 6 | ############################################################################################## 7 | 8 | if [ "$WORDPRESS_DB_NAME" ]; then 9 | sed "/DB_NAME/s/'[^']*'/'$WORDPRESS_DB_NAME'/2" -i wp-config.php 10 | fi 11 | 12 | if [ "$WORDPRESS_DB_USER" ]; then 13 | sed "/DB_USER/s/'[^']*'/'$WORDPRESS_DB_USER'/2" -i wp-config.php 14 | fi 15 | 16 | if [ "$WORDPRESS_DB_PASSWORD" ]; then 17 | sed "/DB_PASSWORD/s/'[^']*'/'$WORDPRESS_DB_PASSWORD'/2" -i wp-config.php 18 | fi 19 | 20 | if [ "$WORDPRESS_DB_HOST" ]; then 21 | sed "/DB_HOST/s/'[^']*'/'$WORDPRESS_DB_HOST'/2" -i wp-config.php 22 | fi 23 | 24 | if [ "$WORDPRESS_CURRENT_HOST" ]; then 25 | sed "/DOMAIN_CURRENT_SITE/s/'[^']*'/'$WORDPRESS_CURRENT_HOST'/2" -i wp-config.php 26 | fi 27 | 28 | # DEV TRUE FALSE SED REPLACES DIFFERENT THAN STRING FORM ABOVE 29 | if [ "$WORDPRESS_DEV" == "true" ]; then 30 | printf "=> Disabling PHP OPCACHE \n" 31 | # php fpm cache gets triggered by opcache.enable_cli=1 32 | rm /usr/local/etc/php/conf.d/opcache-recommended.ini || true 33 | 34 | sed "/'WP_DEBUG'/s/false/true/g" -i wp-config.php 35 | sed "/'WP_DEBUG_LOG'/s/false/true/g" -i wp-config.php 36 | # show debug/error output 37 | sed "/'WP_DEBUG_DISPLAY'/s/false/true/g" -i wp-config.php 38 | else 39 | sed "/'WP_DEBUG'/s/false/true/g" -i wp-config.php 40 | sed "/'WP_DEBUG_LOG'/s/false/true/g" -i wp-config.php 41 | # just disable debug/error output 42 | sed "/'WP_DEBUG_DISPLAY'/s/true/false/g" -i wp-config.php 43 | fi 44 | -------------------------------------------------------------------------------- /sample/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM wp-stateless-nginx:wp-4.7.5 2 | 3 | ############################################################################################## 4 | # CUSTOM PHP CONFIG 5 | ############################################################################################## 6 | RUN { \ 7 | echo 'upload_max_filesize=10M'; \ 8 | echo 'post_max_size=10M'; \ 9 | } > /usr/local/etc/php/conf.d/upload.ini 10 | 11 | ############################################################################################## 12 | # WORDPRESS Config 13 | ############################################################################################## 14 | ADD ./wordpress/wp-config.php /var/www/html/wp-config.php 15 | # chown wp-config.php to root 16 | RUN chown root:root /var/www/html/wp-config.php 17 | 18 | ############################################################################################## 19 | # WORDPRESS Plugins Setup 20 | ############################################################################################## 21 | RUN mkdir /plugins 22 | 23 | # Add All Plugin Files but 24 | ADD ./wordpress/plugins/ /plugins 25 | 26 | # Execute each on its own for better caching support 27 | RUN /plugins.sh /plugins/base 28 | RUN /plugins.sh /plugins/security 29 | 30 | # Delete Plugins script and folder 31 | RUN rm /plugins.sh && rm /plugins -r 32 | 33 | # ADD OWN CUSTOM PLUGINS 34 | ADD ./plugins/my-plugin /var/www/html/wp-content/plugins/my-plugin 35 | 36 | ############################################################################################## 37 | # WORDPRESS Themes Setup 38 | ############################################################################################## 39 | ADD ./themes/my-theme /var/www/html/wp-content/themes/my-theme 40 | -------------------------------------------------------------------------------- /base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:7.1-fpm 2 | 3 | # install the PHP extensions we need 4 | RUN apt-get update && apt-get install -y sudo wget unzip vim mysql-client libpng-dev libjpeg-dev && rm -rf /var/lib/apt/lists/* \ 5 | && docker-php-ext-configure gd --with-png-dir=/usr --with-jpeg-dir=/usr \ 6 | && docker-php-ext-install gd mysqli opcache 7 | 8 | 9 | # set recommended PHP.ini settings 10 | # see https://secure.php.net/manual/en/opcache.installation.php 11 | RUN { \ 12 | echo 'opcache.memory_consumption=128'; \ 13 | echo 'opcache.interned_strings_buffer=8'; \ 14 | echo 'opcache.max_accelerated_files=4000'; \ 15 | echo 'opcache.revalidate_freq=60'; \ 16 | echo 'opcache.fast_shutdown=1'; \ 17 | echo 'opcache.enable_cli=1'; \ 18 | } > /usr/local/etc/php/conf.d/opcache-recommended.ini 19 | 20 | # wordpress version from : https://github.com/docker-library/wordpress/blob/master/php7.0/fpm/Dockerfile 21 | ENV WORDPRESS_VERSION 4.9.7 22 | ENV WORDPRESS_SHA1 7bf349133750618e388e7a447bc9cdc405967b7d 23 | 24 | # upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress 25 | RUN curl -o wordpress.tar.gz -SL https://wordpress.org/wordpress-${WORDPRESS_VERSION}.tar.gz \ 26 | && echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c - \ 27 | && tar -xzf wordpress.tar.gz -C /usr/src/ \ 28 | && rm wordpress.tar.gz \ 29 | && chown -R www-data:www-data /usr/src/wordpress 30 | 31 | 32 | ############################################################################################## 33 | # WORDPRESS CUSTOM SETUP 34 | ############################################################################################## 35 | 36 | # extract wordpress on build 37 | RUN tar cf - --one-file-system -C /usr/src/wordpress . | tar xf - 38 | 39 | # add custom scripts 40 | ADD vars.sh /vars.sh 41 | ADD entrypoint.sh /entrypoint.sh 42 | ADD plugins.sh /plugins.sh 43 | RUN chmod +x /entrypoint.sh /vars.sh /plugins.sh 44 | 45 | 46 | # execute custom entrypoint script 47 | CMD ["/entrypoint.sh"] 48 | -------------------------------------------------------------------------------- /base/plugins.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | ############################################################################################## 5 | # WORDPRESS PLUGINS 6 | ############################################################################################## 7 | 8 | # Chown Contnet Folder 9 | sudo chown -R www-data:www-data /var/www/html/wp-content 10 | 11 | if [ "$1" ]; then 12 | printf "=> Checking plugins...\n" 13 | 14 | while read line; do 15 | # ignore commented and empty lines 16 | case $line in 17 | ''|\#*) continue ;; # skip blank lines and lines starting with # 18 | esac 19 | 20 | plugin=$(echo $line | awk '{print $1}') 21 | version=$(echo $line | awk '{print $2}') 22 | 23 | printf "=> Downloading $plugin" 24 | 25 | download="$plugin" 26 | 27 | # Download from URL 28 | if [[ $download =~ .*https.* ]]; then 29 | # get the filename to extract ( handles github download where the filename is master.zip ) 30 | plugindirname="${download##*/}" 31 | # download and unzip 32 | wget $download && unzip -o $plugindirname -d /var/www/html/wp-content/plugins/ 33 | 34 | # delete zip file 35 | rm $plugindirname 36 | 37 | # Download from Wordpress 38 | else 39 | 40 | if [ ! "$version" ]; then 41 | printf " [latest] ...\n" 42 | download="$download.zip" 43 | else 44 | printf " $version ...\n" 45 | download="$download.$version.zip" 46 | fi 47 | # download and unzip 48 | wget https://downloads.wordpress.org/plugin/$download && unzip -o $download -d /var/www/html/wp-content/plugins/ 49 | 50 | # delete zip file 51 | rm $download 52 | fi 53 | 54 | 55 | 56 | printf "=> Extracted Plugin to /var/www/html/wp-content/plugins/$plugin \n" 57 | 58 | done <$1 59 | 60 | else 61 | printf "=> No plugin dependencies listed. SKIPPING...\n" 62 | fi 63 | 64 | # Chown Contnet Folder Again 65 | sudo chown -R www-data:www-data /var/www/html/wp-content 66 | -------------------------------------------------------------------------------- /setup/setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | ############################################################################################## 5 | # SETUP WP-CONFIG 6 | ############################################################################################## 7 | 8 | # Parse needed vars from wp-cli.yml config to avoid duplication 9 | WORDPRESS_DB_HOST=$(grep "dbhost" wp-cli.yml | cut -d ' ' -f 4) 10 | WORDPRESS_DB_NAME=$(grep "dbname" wp-cli.yml | cut -d ' ' -f 4) 11 | WORDPRESS_DB_PASSWORD=$(grep "dbpass" wp-cli.yml | cut -d ' ' -f 4) 12 | 13 | echo "=> Connecting to Database $WORDPRESS_DB_HOST .." 14 | 15 | # Check if no config is provided 16 | if [ ! -e /var/config/wp-config.php ]; then 17 | 18 | # Wait for MySQL 19 | echo "=> Waiting for Database to initialize... " 20 | while ! mysqladmin ping --host=$(echo "$WORDPRESS_DB_HOST" | cut -d ':' -f 1) --port=$(echo "$WORDPRESS_DB_HOST" | cut -d ':' -f 2) --password=$WORDPRESS_DB_PASSWORD --silent; do 21 | sleep 1 22 | done 23 | 24 | 25 | echo "=> Generating wp-config.php file..." 26 | #sudo -u www-data wp core config 27 | wp core config 28 | 29 | echo "=> Adding reverse proxy config to wp-config.php file... " 30 | cat <<'EOPHP' >> /tmp/proxy.txt 31 | // If we're behind a proxy server and using HTTPS, we need to alert Wordpress of that fact 32 | // see also http://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy 33 | if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { 34 | $_SERVER['HTTPS'] = 'on'; 35 | } 36 | EOPHP 37 | 38 | sed -i '/stop editing/ r /tmp/proxy.txt' wp-config.php && rm /tmp/proxy.txt 39 | echo "Done!" 40 | 41 | ############################################################################################## 42 | # SETUP WORDPRESS DATABASE 43 | ############################################################################################## 44 | echo "=> Checking database $WORDPRESS_DB_NAME... " 45 | if [ ! "$(wp core is-installed --allow-root >/dev/null 2>&1 && echo $?)" ]; then 46 | #sudo -u www-data wp db create 47 | wp db create 48 | echo "Done!" 49 | 50 | echo "=> Initializing new multisite database... " 51 | #sudo -u www-data wp core multisite-install 52 | wp core multisite-install 53 | echo "Done!" 54 | else 55 | echo "=> !! Wordpress already installed !!" 56 | fi 57 | 58 | cp wp-config.php /var/config/wp-config.php 59 | echo "=> Copied wp-config.php into volume at /var/config/" 60 | 61 | 62 | else 63 | 64 | echo "=> Found /var/config/wp-config.php doing nothing" 65 | fi 66 | -------------------------------------------------------------------------------- /sample/kubernetes/wordpress-deployment.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: my-wordpress 5 | spec: 6 | replicas: 1 7 | revisionHistoryLimit: 3 8 | template: 9 | metadata: 10 | labels: 11 | app: my-wordpress 12 | spec: 13 | containers: 14 | - image: $IMAGE_URL 15 | name: my-web 16 | env: 17 | - name: WORDPRESS_DEV 18 | # Show Error Logs 19 | value: "true" 20 | - name: WORDPRESS_DB_HOST 21 | # Connect to the SQL proxy over the local network on a fixed port. 22 | value: 127.0.0.1:3306 23 | - name: WORDPRESS_DB_NAME 24 | value: $WORDPRESS_DB_NAME 25 | # These secrets are required to start the pod. 26 | # [START cloudsql_secrets] 27 | - name: WORDPRESS_DB_PASSWORD 28 | valueFrom: 29 | secretKeyRef: 30 | name: cloudsql 31 | key: password 32 | - name: WORDPRESS_DB_USER 33 | valueFrom: 34 | secretKeyRef: 35 | name: cloudsql 36 | key: username 37 | # [END cloudsql_secrets] 38 | ports: 39 | - containerPort: 80 40 | name: wordpress-nginx 41 | # Change $INSTANCE here to include your GCP 42 | # project, the region of your Cloud SQL instance and the name 43 | # of your Cloud SQL instance. The format is 44 | # -instances=$PROJECT:$REGION:INSTANCE=tcp:3306. 45 | # [START proxy_container] 46 | - image: gcr.io/cloudsql-docker/gce-proxy 47 | name: cloudsql-proxy 48 | command: ["/cloud_sql_proxy", "--dir=/cloudsql", 49 | "-instances=$INSTANCE=tcp:3306", 50 | "-credential_file=/secrets/cloudsql/credentials.json"] 51 | volumeMounts: 52 | - name: cloudsql-instance-credentials 53 | mountPath: /secrets/cloudsql 54 | readOnly: true 55 | - name: ssl-certs 56 | mountPath: /etc/ssl/certs 57 | - name: cloudsql 58 | mountPath: /cloudsql 59 | # [END proxy_container] 60 | # [START volumes] 61 | volumes: 62 | - name: cloudsql-instance-credentials 63 | secret: 64 | secretName: cloudsql-instance-credentials 65 | - name: ssl-certs 66 | hostPath: 67 | path: /etc/ssl/certs 68 | - name: cloudsql 69 | emptyDir: 70 | # [END volumes] 71 | -------------------------------------------------------------------------------- /sample/wordpress/wp-config.php: -------------------------------------------------------------------------------- 1 | wrLsvab XU_~TI2H&Y8fKlF'); 50 | define('SECURE_AUTH_KEY', 'QA|B:hd~CG]G|s|Q=W#L*;vNmaKhG*;sqt8=y|+Kki]rlL)vMOk|5x7P