diff --git a/.gitignore b/.gitignore index f5829c7..8781088 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ -result* result -resutlt/* -wordpress \ No newline at end of file +result* +wordpress +wordpress* +wordpress/* \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index e69e54e..877149b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.8' services: wordpress: # image: ghcr.io/avunu/wordpress:latest-php83 - image: localhost/avunu-wordpress:latest-php83 + image: wordpress-php82:latest ports: - "8080:80" volumes: @@ -13,8 +13,14 @@ services: - WORDPRESS_DB_USER=wordpress - WORDPRESS_DB_PASSWORD=wordpresspassword - WORDPRESS_DB_NAME=wordpress - # override cmd with busybox - command: /usr/bin/sh + - WORDPRESS_AUTH_KEY=$AUTH_KEY + - WORDPRESS_SECURE_AUTH_KEY=$SECURE_AUTH_KEY + - WORDPRESS_LOGGED_IN_KEY=$LOGGED_IN_KEY + - WORDPRESS_NONCE_KEY=$NONCE_KEY + - WORDPRESS_AUTH_SALT=$AUTH_SALT + - WORDPRESS_SECURE_AUTH_SALT=$SECURE_AUTH_SALT + - WORDPRESS_LOGGED_IN_SALT=$LOGGED_IN_SALT + - WORDPRESS_NONCE_SALT=$NONCE_SALT depends_on: - db @@ -30,4 +36,4 @@ services: - MYSQL_PASSWORD=wordpresspassword volumes: - db_data: + db_data: \ No newline at end of file diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 02de46b..49ce0b3 100644 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/sh -set -euo pipefail +set -e # Default WordPress URL if not provided WORDPRESS_SOURCE_URL=${WORDPRESS_SOURCE_URL:-"https://wordpress.org/latest.zip"} @@ -7,18 +7,18 @@ WORDPRESS_SOURCE_URL=${WORDPRESS_SOURCE_URL:-"https://wordpress.org/latest.zip"} # Function to download and install WordPress install_wordpress() { echo "WordPress not found. Downloading and installing from: $WORDPRESS_SOURCE_URL" - curl -o wordpress.zip "$WORDPRESS_SOURCE_URL" + wget -O wordpress.zip "$WORDPRESS_SOURCE_URL" # Create a temporary directory for extraction - TEMP_DIR="/tmp/wp_install_$(date +%s)" + TEMP_DIR="/tmp/wordpress" mkdir -p "$TEMP_DIR" + unzip wordpress.zip -d "$TEMP_DIR" # Find WordPress files WP_ROOT=$(find "$TEMP_DIR" -name wp-config-sample.php -exec dirname {} \; | head -n 1) if [ -z "$WP_ROOT" ]; then echo "Error: WordPress files not found in the downloaded archive." - rm -rf "$TEMP_DIR" exit 1 fi @@ -27,13 +27,13 @@ install_wordpress() { # Clean up rm -rf "$TEMP_DIR" wordpress.zip - chown -R nobody:nobody /var/www/html + # chown -R nobody:nobody /var/www/html # Import database if WORDPRESS_DB_URL is set if [ -n "${WORDPRESS_DB_URL:-}" ]; then - if command -v wp &> /dev/null; then + if command -v wp >/dev/null 2>&1; then import_db_wp_cli - elif command -v mysql &> /dev/null; then + elif command -v mysql >/dev/null 2>&1; then import_db_mysql else echo "Error: Neither wp-cli nor mysql cli are available. Cannot import database." @@ -44,7 +44,7 @@ install_wordpress() { # Function to import database using wp-cli import_db_wp_cli() { echo "Importing database using wp-cli from: $WORDPRESS_DB_URL" - curl -o db_dump.sql "$WORDPRESS_DB_URL" + wget -O db_dump.sql "$WORDPRESS_DB_URL" wp db import db_dump.sql --allow-root rm db_dump.sql } @@ -52,21 +52,24 @@ import_db_wp_cli() { # Function to import database using mysql cli import_db_mysql() { echo "Importing database using mysql from: $WORDPRESS_DB_URL" - curl -o db_dump.sql "$WORDPRESS_DB_URL" + wget -O db_dump.sql "$WORDPRESS_DB_URL" mysql -h"$WORDPRESS_DB_HOST" -u"$WORDPRESS_DB_USER" -p"$WORDPRESS_DB_PASSWORD" "$WORDPRESS_DB_NAME" < db_dump.sql rm db_dump.sql } # Always copy the custom wp-config.php echo "Copying custom wp-config.php" -cp /opt/wp-config.php /var/www/html/wp-config.php -# chown nobody:nobody /var/www/html/wp-config.php +cp /wp-config.php /var/www/html/wp-config.php chmod 644 /var/www/html/wp-config.php - # Check if WordPress is installed if [ ! -f /var/www/html/wp-includes/version.php ]; then install_wordpress fi +# # Always copy the custom mu-plugins +# echo "Copying custom mu-plugins" +# cp -r /mu-plugins /var/www/html/wp-content/mu-plugins +# chmod 755 /var/www/html/wp-content/mu-plugins + exec "$@" \ No newline at end of file diff --git a/flake.lock b/flake.lock index a8901da..b6be346 100644 --- a/flake.lock +++ b/flake.lock @@ -18,52 +18,13 @@ "type": "github" } }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "nix2container": { - "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1724996935, - "narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=", - "owner": "nlewo", - "repo": "nix2container", - "rev": "fa6bb0a1159f55d071ba99331355955ae30b3401", - "type": "github" - }, - "original": { - "owner": "nlewo", - "repo": "nix2container", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1725634671, - "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", + "lastModified": 1725983898, + "narHash": "sha256-4b3A9zPpxAxLnkF9MawJNHDtOOl6ruL0r6Og1TEDGCE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", + "rev": "1355a0cbfeac61d785b7183c0caaec1f97361b43", "type": "github" }, "original": { @@ -76,7 +37,6 @@ "root": { "inputs": { "flake-utils": "flake-utils", - "nix2container": "nix2container", "nixpkgs": "nixpkgs" } }, @@ -94,21 +54,6 @@ "repo": "default", "type": "github" } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/test.sh b/test.sh new file mode 100755 index 0000000..11b3356 --- /dev/null +++ b/test.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +# Generate random keys and salts +export WORDPRESS_AUTH_KEY=$(openssl rand -base64 32) +export WORDPRESS_SECURE_AUTH_KEY=$(openssl rand -base64 32) +export WORDPRESS_LOGGED_IN_KEY=$(openssl rand -base64 32) +export WORDPRESS_NONCE_KEY=$(openssl rand -base64 32) +export WORDPRESS_AUTH_SALT=$(openssl rand -base64 32) +export WORDPRESS_SECURE_AUTH_SALT=$(openssl rand -base64 32) +export WORDPRESS_LOGGED_IN_SALT=$(openssl rand -base64 32) +export WORDPRESS_NONCE_SALT=$(openssl rand -base64 32) + +# Run docker-compose +docker-compose up \ No newline at end of file diff --git a/wordpress.nix b/wordpress.nix index fddea87..247b284 100644 --- a/wordpress.nix +++ b/wordpress.nix @@ -43,28 +43,26 @@ pkgs.dockerTools.buildLayeredImage { tag = "latest"; contents = [ phpBuild - pkgs.bashInteractive + pkgs.busybox pkgs.cacert - pkgs.coreutils - pkgs.curl - pkgs.findutils pkgs.frankenphp pkgs.ghostscript - pkgs.gnused pkgs.imagemagick pkgs.mysql.client - pkgs.unzip pkgs.vips + pkgs.wp-cli ]; config = { - Entrypoint = [ "/bin/bash" "/docker-entrypoint.sh" ]; - Cmd = [ "frankenphp" "php-server" "--root" "/var/www/html" "--listen" "0.0.0.0:80" ]; + Entrypoint = [ "${pkgs.busybox}/bin/sh" "/docker-entrypoint.sh" ]; + Cmd = [ "${pkgs.lib.getExe pkgs.frankenphp}" "php-server" "--root" "/var/www/html" "--listen" "0.0.0.0:80" ]; ExposedPorts = { - "80/tcp" = {}; + "80/tcp" = { }; }; Env = [ + "SERVER_NAME=0.0.0.0:80" "WORDPRESS_SOURCE_URL=https://wordpress.org/latest.zip" + "WORDPRESS_DB_URL=" "WORDPRESS_DB_HOST=localhost" "WORDPRESS_DB_USER=wordpress" "WORDPRESS_DB_PASSWORD=wordpress" @@ -81,10 +79,13 @@ pkgs.dockerTools.buildLayeredImage { }; extraCommands = '' + # Copy WordPress files mkdir -p var/www/html cp ${./wp-config.php} wp-config.php cp ${./docker-entrypoint.sh} docker-entrypoint.sh chmod +x docker-entrypoint.sh + + # Symlink CA certificates ln -s ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt etc/ssl/certs/ca-certificates.crt ''; }