diff --git a/README.md b/README.md index 1f4e2fb..08cff0c 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,8 @@ --- ## questions -- ? what means mounted in "a file or directory on the host machine is mounted into a container" ? +- ? why http to https redirection doesn't works ? +- ? what means "a file or directory on the host machine is mounted into a container" ? - ? why the volumes cannot be modify outside docker ? - ? `rm -rf /var/lib/apt/lists/*` ? @@ -82,6 +83,7 @@ - [using DEBIAN_FRONTEND=noninteractive disouraged in dockerfile](https://bobcares.com/blog/debian_frontendnoninteractive-docker/) - [docker network](https://docs.docker.com/network/) - [depends_on](https://docs.docker.com/compose/compose-file/#depends_on) +- [compose and env var](https://docs.docker.com/compose/environment-variables/) ###### docker pid 1 - nginx by default will create some child process (a master and some workers), then it quits (doc ?) @@ -153,6 +155,7 @@ - [command line parameters](https://nginx.org/en/docs/switches.html) - `sudo nginx -t` will launch a test to evaluate config file - [configuring nginx with php-fpm](https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/#connecting-nginx-to-php-fpm) +- [configuring nginx with alpine](https://wiki.alpinelinux.org/wiki/Nginx) #### openssl - [openssl faq](https://www.openssl.org/docs/faq.html) diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml index 9831b03..10ef313 100644 --- a/srcs/docker-compose.yml +++ b/srcs/docker-compose.yml @@ -13,40 +13,41 @@ services: #restart: on-failure ports: - "443:443" + - "80:80" build: context: ./requirements/nginx dockerfile: Dockerfile image: nginx container_name: mynginx # --------------------------------- -# mariadb: -# #restart: on-failure -# networks: -# - inception-network -# env_file: .env -# build: -# context: ./requirements/mariadb -# args: -# - DB_NAME=${DB_NAME} -# - DB_USER=${DB_USER} -# - DB_PSWD=${DB_PSWD} -# image: mariadb -# container_name: mymariadb + mariadb: + #restart: on-failure + networks: + - inception-network + env_file: .env + build: + context: ./requirements/mariadb + args: + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - DB_PSWD=${DB_PSWD} + image: mariadb + container_name: mymariadb # --------------------------------- -# wordpress: -# #restart: on-failure + wordpress: + #restart: on-failure # networks: # - inception-network -# env_file: .env -# build: + env_file: ./.env + build: ./requirements/wordpress # context: ./requirements/wordpress # args: # - WP_DIR=${WP_DIR} -## depends_on: -## mariadb: -## condition: service_completed_successfully -# image: wordpress -# container_name: mywordpress +# depends_on: +# mariadb: +# condition: service_completed_successfully + image: wordpress + container_name: mywordpress networks: inception-network: diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index fe87f93..337cb5d 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -11,6 +11,7 @@ # # # nginx conf # COPY ./conf/nginx_debian.conf /etc/nginx/nginx.conf +# COPY ./conf/inception_nginx.conf /etc/nginx/conf.d/ # alpine (~ 45s) --------------------------------------------- @@ -25,11 +26,11 @@ # nginx conf COPY ./conf/nginx_alpine.conf /etc/nginx/nginx.conf + COPY ./conf/inception_nginx.conf /etc/nginx/http.d/ # common ----------------------------------------------------- -# inception conf & personalized index.html -COPY ./conf/inception_nginx.conf /etc/nginx/conf.d/ +# personalized index.html COPY ./conf/index.html /data/www/ # create ssl certificate diff --git a/srcs/requirements/nginx/conf/inception_nginx.conf b/srcs/requirements/nginx/conf/inception_nginx.conf index 2d7de8b..b98343c 100644 --- a/srcs/requirements/nginx/conf/inception_nginx.conf +++ b/srcs/requirements/nginx/conf/inception_nginx.conf @@ -1,5 +1,13 @@ # doc : https://nginx.org/en/docs/dirindex.html +# WIP redirect http to https +server { + listen 80; + listen [::]:80; + server_name _; + return 301 https://$host$request_uri; +} + server { listen 443 ssl; # for ipv4, on port 443, specifying that accepted connections should works in ssl mode listen [::]:443 ssl; # for ipv6 @@ -7,23 +15,23 @@ server { ssl_certificate /etc/ssl/certs/hulamy.42.fr.crt; # specifies the file with the ssl certificate (self signed here) generated by openssl ssl_certificate_key /etc/ssl/private/hulamy.42.fr.key; # specifies the file with the secret key of the certificate - root /var/www/html/; # contains default nginx index.nginx-debian.html - index index.html index.php; # defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html) + root /var/www/html/; # contains default nginx index.nginx-debian.html + index index.html index.php; # defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html) location / { - try_files $uri $uri/ =404; # from /etc/nginx/sites-enabled/default : First attempt to serve request as file, then as directory, then fall back to displaying a 404 - root /data/www/; + try_files $uri $uri/ =404; # from /etc/nginx/sites-enabled/default : First attempt to serve request as file, then as directory, then fall back to displaying a 404 + root /data/www/; } # pass PHP scripts to FastCGI (PHP-FPM) server location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - include /etc/nginx/fastcgi.conf; + try_files $uri =404; + include fastcgi_params; + include /etc/nginx/fastcgi.conf; fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - # fastcgi_pass wordpress:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + #fastcgi_pass wordpress:9000; } } diff --git a/srcs/requirements/wordpress/Dockerfile b/srcs/requirements/wordpress/Dockerfile index 7799f06..2345590 100644 --- a/srcs/requirements/wordpress/Dockerfile +++ b/srcs/requirements/wordpress/Dockerfile @@ -1,20 +1,18 @@ - FROM debian:buster +# bash and vim for debug RUN apt update && apt install -y \ php7.3 \ php7.3-fpm \ php7.3-mysqli \ mariadb-client \ - curl + curl \ + bash vim RUN rm -rf /var/lib/apt/lists/* -# config change address to accept FastCGI requests, to worpress:9000 +# fpm config COPY ./conf/www.conf /etc/php/7.3/fpm/pool.d/ RUN mkdir /run/php/ -## run service once to initialize -#RUN service php7.3-fpm start && \ -# service php7.3-fpm stop # install wp-cli : https://make.wordpress.org/cli/handbook/guides/installing/ RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar &&\ diff --git a/srcs/requirements/wordpress/conf/wp_entrypoint.sh b/srcs/requirements/wordpress/conf/wp_entrypoint.sh index 091afe9..9fb752f 100644 --- a/srcs/requirements/wordpress/conf/wp_entrypoint.sh +++ b/srcs/requirements/wordpress/conf/wp_entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/sh -# install wordpress with cli : https://make.wordpress.org/cli/handbook/how-to-install/ +## install wordpress with cli : https://make.wordpress.org/cli/handbook/how-to-install/ mkdir -p ${WP_DIR} wp core download --path="${WP_DIR}" --allow-root @@ -21,10 +21,14 @@ wp core install \ --admin_password="${WP_ADMIN_PSWD}" \ --skip-email \ --path="${WP_DIR}" --allow-root + +## create user : wp user create \ ${WP_USER} ${WP_USER_EMAIL} \ --user_pass=${WP_USER_PSWD} \ --path=${WP_DIR} --allow-root -chown -R www-data:www-data /var/www/* +chown -R nginx:nginx /var/www/* chmod 755 -R /var/www/* +exec php-fpm7.3 -F +#exec php-fpm7.3 --nodaemonize diff --git a/srcs/requirements/wordpress/conf/www.conf b/srcs/requirements/wordpress/conf/www.conf index e3e99b2..211f62c 100644 --- a/srcs/requirements/wordpress/conf/www.conf +++ b/srcs/requirements/wordpress/conf/www.conf @@ -1,3 +1,9 @@ +; inception modifications : +; listen : +; < listen = wordpress:9000 +; > listen = /run/php/php7.3-fpm.sock + + ; Start a new pool named 'www'. ; the variable $pool can be used in any directive and will be replaced by the ; pool name ('www' here)