diff --git a/Makefile b/Makefile index 304cdb3..b962e90 100644 --- a/Makefile +++ b/Makefile @@ -25,9 +25,7 @@ RESET = "\e[0m" COMPOSE = ./srcs/docker-compose.yml VOLUMES_D = $(shell grep "^HOST_VOLUME" ./srcs/.env | cut -d "=" -f 2) -#VOLUME_PATH = $(shell grep "^HOST_VOLUME" ./srcs/.env | cut -d "=" -f 2) -#VOLUMES_D = $(VOLUME_PATH)/wp_volume \ -# $(VOLUME_PATH)/db_volume + WP_URL = $(shell grep "WP_URL" ./srcs/.env | cut -d "=" -f 2) # list of running containers, see : https://stackoverflow.com/questions/10024279/how-to-use-shell-commands-in-makefile @@ -47,13 +45,13 @@ build: - if ! grep "127.0.0.1 $(WP_URL)" /etc/hosts 2> /dev/null; then \ bash -c 'echo -e "\n# adding for inception (you can delete it)\n127.0.0.1 $(WP_URL)" >> /etc/hosts'; \ fi - docker-compose -f $(COMPOSE) build + docker compose -f $(COMPOSE) build up: - docker-compose -f $(COMPOSE) up -d + docker compose -f $(COMPOSE) up -d down: - docker-compose -f $(COMPOSE) down + docker compose -f $(COMPOSE) down # list images, containers, volumes list: @@ -85,10 +83,6 @@ fclean: fclean-images fclean-volumes re: fclean all -# !! remove everything everything -erase_v: - - rm -rf $(VOLUMES_D) -new: erase_v re -.PHONY : all $(VOLUMES_D) build up list clean fclean re erase_v new +.PHONY : all $(VOLUMES_D) build up list clean fclean re diff --git a/README.md b/README.md index 50f4684..593c3b6 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,96 @@ -# MAP +# toc : + +- 1. MAP + - 1.1. v2 2023 + - 1.2. todo +- 2. docker + - 2.1. install docker + - 2.2. docker ressources + - 2.3. docker pid 1 +- 3. old versions + - 3.1. v1 2022 + - 3.1.1. todo + - 3.1.2. verifications + - 3.1.3. improvement suggestions + - 3.1.4. questions traitees + - 3.1.5. todo + +--- + +# 1. MAP + +## 1.1. v2 2023 + +## 1.2. todo + +- [ ] + +## 1.3. heures de travail + +- 03/09 + - 14h30 + - mise en place docker + - 16h + - 16h30 + - lancer le site + +--- + +# 2. docker : + +## 2.1. install docker + +- [install docker engine](https://docs.docker.com/engine/install/ubuntu/) +- [uninstall docker engine](https://docs.docker.com/engine/install/ubuntu/#uninstall-docker-engine) +- [docker engine vs docker desktop](https://docs.docker.com/desktop/faqs/linuxfaqs/#what-is-the-difference-between-docker-desktop-for-linux-and-docker-engine) +- [manage docker as non root user](https://docs.docker.com/engine/install/linux-postinstall/) + + + +## 2.2. docker ressources + +- [docker compose man](https://docs.docker.com/compose/compose-file/#volumes) +- [Dockerfile man](https://docs.docker.com/engine/reference/builder/) +- [determine the parent image](https://forums.docker.com/t/determine-the-parent-image/48611) +- [docker image from scratch](https://codeburst.io/docker-from-scratch-2a84552470c8) +- [build context and image context](https://stackoverflow.com/questions/55108649/what-is-app-working-directory-for-a-dockerfile/55109065#55109065) +- [run without sudo on linux](https://docs.docker.com/engine/install/linux-postinstall/) +- [run docker deamon rootless](https://docs.docker.com/engine/security/rootless/) +- [dangling images ''](https://projectatomic.io/blog/2015/07/what-are-docker-none-none-images/) +- [go inside docker to debug it](https://docs.docker.com/engine/reference/commandline/container_exec/) +- [docker debug image with "docker run -it"](https://blog.devgenius.io/how-to-debug-docker-build-6c2588401188) +- `docker exec -ti bash` to run bash inside a running container +- [docker CMD vs ENTRYPOINT](https://phoenixnap.com/kb/docker-cmd-vs-entrypoint) +- [use env variable with compose](https://docs.docker.com/compose/environment-variables/) +- [using DEBIAN_FRONTEND=noninteractive disouraged in dockerfile](https://bobcares.com/blog/debian_frontendnoninteractive-docker/) +- [docker network](https://docs.docker.com/network/) +- [depends_on](https://docs.docker.com/compose/compose-file/#depends_on) +- [compose and env var](https://docs.docker.com/compose/environment-variables/) +- [specify path to named volumes](https://docs.docker.com/compose/compose-file/#volumes-top-level-element) +- [pass secret to container](https://medium.com/@zdk/simple-and-secure-way-to-pass-secrets-and-credentials-into-docker-containers-c2f66175b0a4) + + +## 2.3. docker pid 1 + +- nginx by default will create some child process (a master and some workers), then it quits (doc ?) +- when the first process of a docker container exit, the container exit (doc ?) +- so we must tell nginx to not go background : "-g 'daemon off'" +- [pid1 docker problem](https://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-reaping-problem/) +- [official nginx docker image](https://hub.docker.com/_/nginx/) +- "If you add a custom CMD in the Dockerfile, be sure to include -g daemon off; in the CMD in order for nginx to stay in the foreground, so that Docker can track the process properly (otherwise your container will stop immediately after starting)!" +- [SO discussion on "-g 'daemon off'"](https://stackoverflow.com/questions/18861300/how-to-run-nginx-within-a-docker-container-without-halting) +- "When PID 1 exits, the container will exit" (where is says in the doc ?) +- ["By design, containers started in detached mode exit when the root process used to run the container exits"](https://docs.docker.com/engine/reference/run/#detached--d) + + +--- + +# 3. old versions + +## 3.1. v1 2022 + +### 3.1.1. todo -#### todo - [/] copy recent site version - [/] create links - [/] make links having map @@ -40,15 +130,18 @@ - [/] change title of select options that appears on cursor hover - [ ] deal with error double event irl and online -#### verifications: +### 3.1.2. verifications: + - api only for this site on fabien's google account - erased tmp css on site headers -#### improvement suggestions: +### 3.1.3. improvement suggestions: + - add a field "more infos" to address - localise on map when form is filled -#### questions traitees: +### 3.1.4. questions traitees: + - zoom : toujours zoomer, pour un seul marqueur pas trop, et enlever les villes - resoudre probleme mauvais markers de pays - faire un bouton select (afficher la seletion plutot que le nom du menu) @@ -68,14 +161,14 @@ - quand c'est un cluster, on zoom, - quand c'est plusieurs evenements au meme endroit, on les affiche -#### todo: +### 3.1.5. todo: + - add info-window - add filter options - deal with bad address - redsign + and - for zoom -> color and thickness - how to put the map on other pages - how to send plugin to fabien - - [changed plugin directory in wp](https://wordpress.stackexchange.com/questions/120075/how-to-change-location-of-the-plugins-wordpress-themes-folder) - googlemap api key : AIzaSyCvdGV2ssD4ov4a9CuIlQhoJyz5gWWiSvE - [discussion on googlemap wp implementation](https://wordpress.org/support/topic/google-maps-where-to-place-api-key/) @@ -93,222 +186,3 @@ - [google maps api url parameters](https://developers.google.com/maps/documentation/javascript/url-params) - [google maps api references](https://developers.google.com/maps/documentation/javascript/reference) - [remove marker cluster](https://googlemaps.github.io/js-markerclusterer/classes/MarkerClusterer.html#removeMarker) - - ---- ---- -# inception - -- change host file in virtual machine to connect to hulamy.42.fr instead of localhost -- need to put the virtual machine on sgoinfre/goinfre/user/hulamy - ---- -## questions - -- ? will healthcheck continue after success, every 1 secondes ? -- ? why http to https redirection doesn't works ? - ---- -#### docker : -- [docker compose man](https://docs.docker.com/compose/compose-file/#volumes) -- [Dockerfile man](https://docs.docker.com/engine/reference/builder/) -- [determine the parent image](https://forums.docker.com/t/determine-the-parent-image/48611) -- [docker image from scratch](https://codeburst.io/docker-from-scratch-2a84552470c8) -- [build context and image context](https://stackoverflow.com/questions/55108649/what-is-app-working-directory-for-a-dockerfile/55109065#55109065) -- [run without sudo on linux](https://docs.docker.com/engine/install/linux-postinstall/) -- [run docker deamon rootless](https://docs.docker.com/engine/security/rootless/) -- [dangling images ''](https://projectatomic.io/blog/2015/07/what-are-docker-none-none-images/) -- [go inside docker to debug it](https://docs.docker.com/engine/reference/commandline/container_exec/) -- [docker debug image with "docker run -it"](https://blog.devgenius.io/how-to-debug-docker-build-6c2588401188) -- `docker exec -ti bash` to run bash inside a running container -- [docker CMD vs ENTRYPOINT](https://phoenixnap.com/kb/docker-cmd-vs-entrypoint) -- [use env variable with compose](https://docs.docker.com/compose/environment-variables/) -- [using DEBIAN_FRONTEND=noninteractive disouraged in dockerfile](https://bobcares.com/blog/debian_frontendnoninteractive-docker/) -- [docker network](https://docs.docker.com/network/) -- [depends_on](https://docs.docker.com/compose/compose-file/#depends_on) -- [compose and env var](https://docs.docker.com/compose/environment-variables/) -- [specify path to named volumes](https://docs.docker.com/compose/compose-file/#volumes-top-level-element) -- [pass secret to container](https://medium.com/@zdk/simple-and-secure-way-to-pass-secrets-and-credentials-into-docker-containers-c2f66175b0a4) - - ###### Docker basics - - the container posess its own filesystem - - we need to copy the files it uses inside this filesystem - - we can do that with COPY - - ###### build and run a docker image - - `sudo docker build --tag .` - - `sudo docker run ` - - `sudo docker images` to list docker images - - `sudo docker image rm ` - - `sudo docker ps` to list docker processes - - `sudo docker ps rm ` - - ###### execute a docker-compose file - - `sudo docker-compose up` - - or `sudo docker-compose -f ./path up` to specify a path - - ###### docker pid 1 - - nginx by default will create some child process (a master and some workers), then it quits (doc ?) - - when the first process of a docker container exit, the container exit (doc ?) - - so we must tell nginx to not go background : "-g 'daemon off'" - - [pid1 docker problem](https://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-reaping-problem/) - - [official nginx docker image](https://hub.docker.com/_/nginx/) - - "If you add a custom CMD in the Dockerfile, be sure to include -g daemon off; in the CMD in order for nginx to stay in the foreground, so that Docker can track the process properly (otherwise your container will stop immediately after starting)!" - - [SO discussion on "-g 'daemon off'"](https://stackoverflow.com/questions/18861300/how-to-run-nginx-within-a-docker-container-without-halting) - - "When PID 1 exits, the container will exit" (where is says in the doc ?) - - ["By design, containers started in detached mode exit when the root process used to run the container exits"](https://docs.docker.com/engine/reference/run/#detached--d) - - ###### install and use docker and compose - - [how to install docker engine](https://docs.docker.com/engine/install/ubuntu/) - - [github releases](https://github.com/docker/compose/releases) - - [install last version of compose manually](https://docs.docker.com/compose/install/compose-plugin/#install-the-plugin-manually) - - [install manually SO discussion](https://stackoverflow.com/questions/57456212/error-version-in-docker-compose-yml-is-unsupported) - - [correct release version name for download with a 'v'](https://stackoverflow.com/questions/58747879/docker-compose-usr-local-bin-docker-compose-line-1-not-command-not-found) - - the version installed with apt is 1.17.1, way out of date - - ###### remove old versions - - `sudo apt remove docker docker-engine docker.io containerd runc` - - ###### preparing directory - - `sudo apt update` - - `sudo apt install ca-certificates curl gnupg lsb-release` - - `sudo mkdir -p /etc/apt/keyrings` - - `curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg` - - `echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null` - - ###### installing docker engine - - `sudo apt update` - - `sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin` - - ###### check if installation worked - - `sudo docker run hello-world` - - ###### installing docker compose (checked version on github release, see above) - - notice the 'v' below, before the version name (docker doc has it wong) - - `sudo curl -L "https://github.com/docker/compose/releases/download/v2.10.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose` - - `sudo chmod +x /usr/local/bin/docker-compose` - - ###### run docker without sudo on linux (https://docs.docker.com/engine/install/linux-postinstall/) - - `sudo groupadd docker` - - `sudo usermod -aG docker $USER` - - `newgrp docker` - - ###### volumes vs bind mounts : - - [docker doc: use volumes](https://docs.docker.com/storage/volumes/) - - [docker doc: use bind mounts](https://docs.docker.com/storage/bind-mounts/) - - [comparison volume vs bind mounts](https://devopscook.com/docker-volumes-vs-bind-mounts/) - - [fundamentals use of volumes and bind mounts](https://medium.com/dlt-labs-publication/bind-mounts-volumes-in-docker-81523303cbb4) - - [how volumes and bind mounts are really differents](https://serverfault.com/questions/996785/docker-volumes-vs-mount-binds-what-are-the-use-cases) - - bind mounts are normal files anywhere on the computer, that docker container can access with absolut path and modify. They can also be modified without docker, since they are juste files - - volumes are only modifiable by docker, they don't need an absolut path, and they are not dependent of host architecture - - ###### use password in container : - - [with env variables in compose](https://docs.docker.com/compose/environment-variables/) - - [it's not safe to use arg to pass secret, since they are available through "docker history"](https://docs.docker.com/engine/reference/builder/#arg) - - [better use docker build --secret tag](https://docs.docker.com/develop/develop-images/build_enhancements/#new-docker-build-secret-information) - - [so discussion](https://stackoverflow.com/questions/22651647/docker-and-securing-passwords) - - [engine ref secret](https://docs.docker.com/engine/reference/commandline/secret/) - - [compose secret](https://docs.docker.com/compose/compose-file/compose-file-v3/#secrets) - - [use secret with docker](https://www.rockyourcode.com/using-docker-secrets-with-docker-compose/) - - [use secret with docker SO](https://stackoverflow.com/questions/42139605/how-do-you-manage-secret-values-with-docker-compose-v3-1) - - [four ways to use secrets](https://blog.mikesir87.io/2017/05/using-docker-secrets-during-development/) - - it seems that using "secrets" only improve security for a swarm, when you must share your secrets with others, but if not the case, .env is as much secure ? - - to use secret in docker-compose, we need to use swarm, but it doesn't allow to use build, or up, so everything is different then and I don't have time to understand it fully - ---- -#### nginx -- [nginx begginer guide](https://hub.docker.com/_/nginx/) -- [nginx all directives for conf file](https://nginx.org/en/docs/dirindex.html) -- [conf file in conf.d or sites-available ?](https://serverfault.com/questions/527630/difference-in-sites-available-vs-sites-enabled-vs-conf-d-directories-nginx#answer-870709) -- [command line parameters](https://nginx.org/en/docs/switches.html) -- `sudo nginx -t` will launch a test to evaluate config file -- [configuring nginx with php-fpm](https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/#connecting-nginx-to-php-fpm) -- [configuring nginx with alpine](https://wiki.alpinelinux.org/wiki/Nginx) - - ###### nginx basics - - `sudo netstat -tulpn` to print network connections and see if nginx is running - - or : `ps -ax | grep nginx` - - `sudo nginx -s quit` to stop it - - `sudo docker system prune -af --volumes` -> `-a` also unused images, `-f` without prompt for confirmation - - remove stopped containers - - remove unused networks - - remove unused images - - remove build cache - - `sudo docker ps -q` all runnings containers - - `sudo docker stop $(sudo docker ps -q)` stop all runnings containers - ---- -#### openssl -- [openssl faq](https://www.openssl.org/docs/faq.html) -- [openssl req man](https://www.openssl.org/docs/man1.0.2/man1/openssl-req.html) -- [SO discussion about ssl self signed certificate and becoming a CA](https://stackoverflow.com/questions/10175812/how-to-generate-a-self-signed-ssl-certificate-using-openssl) - ---- -#### mariadb -- [mariadb tutorial](https://www.mariadbtutorial.com/) -- server vs client : - - "server" runs in the background and listen for inputs - - "client" interpret the commands to communicate with "server" -- sudo apt install mariadb-client mariadb-server -- [wiki ubuntu mariadb](https://doc.ubuntu-fr.org/mariadb) -- [list of directives](https://mariadb.com/kb/en/sql-statements/) -- [ERROR 1698 (28000): Access denied for user 'root'@'localhost'](https://stackoverflow.com/questions/39281594/error-1698-28000-access-denied-for-user-rootlocalhost) -- [ERROR 1698 (28000): Access denied for user 'root'@'localhost' 2](https://askubuntu.com/questions/763336/cannot-enter-phpmyadmin-as-root-mysql-5-7#answer-1003892) -- [meaning of % SO](https://stackoverflow.com/questions/12931991/mysql-what-does-stand-for-in-host-column-and-how-to-change-users-password) -- [meaning of % doc](https://doc.ubuntu-fr.org/mysql#connexions_entrantes) -- `%` means all entrant connections, while `localhost` means only localhost connections -- [mysql commande line](https://mariadb.com/kb/en/mysql-command-line-client/) -- [use mysql in script](https://stackoverflow.com/questions/59608632/mariadb-create-database-and-execute-sql-script-without-character-from-the) -- [no need to use FLUSH PRIVILEGES after GRANT](https://stackoverflow.com/questions/36463966/mysql-when-is-flush-privileges-in-mysql-really-needed) - -- [can't connect to local server through socket](]https://stackoverflow.com/questions/11990708/error-cant-connect-to-local-mysql-server-through-socket-var-run-mysqld-mysq#23485424) -``` -Can't connect to local server through socket '/run/mysqld/mysqld.sock' - -sudo / find -type s -/var/lib/mysql/mysql.sock -``` -- [mysqld](https://dev.mysql.com/doc/refman/8.0/en/mysqld.html) - - ###### mariadb basic commands : - - create user : - ``` - # mysql -u root - use mysql; - CREATE USER 'some_user'@'%' IDENTIFIED BY 'some_pass'; - GRANT ALL PRIVILEGES ON *.* TO 'some_user'@'%' WITH GRANT OPTION; - ``` - - show users : - ``` - SELECT User, Host, plugin FROM mysql.user; - ``` - - delete user : - ``` - DROP USER ; - ``` - - show databases : - ``` - SHOW DATABASES; - ``` - - delete database : - ``` - DROP DATABASE ; - ``` ---- -#### wordpress -- [install wp](https://wordpress.org/support/article/how-to-install-wordpress/#detailed-instructions) - - ###### install wp - - wget https://wordpress.org/latest.tar.gz - - tar -xzvf latest.tar.gz - -- [php-fpm : Fastcgi Process Manager](https://en.wikipedia.org/wiki/FastCGI) -- [install wp-cli](https://wp-cli.org/#installing) -- [alternatives install](https://make.wordpress.org/cli/handbook/guides/installing/) -- [exemple install with composer](https://github.com/aestetype/alpine-wp-cli/blob/master/Dockerfile) -- [cli commands](https://developer.wordpress.org/cli/commands/) -- [cli install wordpress](https://make.wordpress.org/cli/handbook/how-to-install/) -- `/wp-admin` -- [alias localhost](https://stackoverflow.com/questions/19425086/alias-hostname-for-localhost) -- `sudo /etc/hosts` -> `127.0.0.1 hulamy.42.fr` - diff --git a/docs/inception_correction.png b/docs/inception_correction.png deleted file mode 100644 index 6a4709d..0000000 Binary files a/docs/inception_correction.png and /dev/null differ diff --git a/docs/inception_en.subject.pdf b/docs/inception_en.subject.pdf deleted file mode 100644 index 996e8b2..0000000 Binary files a/docs/inception_en.subject.pdf and /dev/null differ diff --git a/docs/inception_fr.subject.pdf b/docs/inception_fr.subject.pdf deleted file mode 100644 index f613f57..0000000 Binary files a/docs/inception_fr.subject.pdf and /dev/null differ diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index 19c82f6..f4d7420 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -39,7 +39,7 @@ COPY ./conf/ssl ${NG_VOLUME_CERTS} RUN if [ -z "$(ls -A ${NG_VOLUME_CERTS} 2>/dev/null)" ]; then \ mkdir ${NG_VOLUME_CERTS}/private ${NG_VOLUME_CERTS}/certs; \ openssl req -newkey rsa:2048 -nodes -x509 -days 365 \ - -subj "/C=fr/ST=ile-de-france/L=paris/O=42/OU=inception/CN=${WP_URL}" \ + -subj "/C=fr/ST=ile-de-france/L=paris/O=42/OU=lejourdesprofs/CN=${WP_URL}" \ -keyout ${NG_VOLUME_CERTS}/private/${WP_URL}.key \ -out ${NG_VOLUME_CERTS}/certs/${WP_URL}.crt; \ fi