diff --git a/Makefile b/Makefile index 919d5e9..83976ee 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ RESET = "\e[0m" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # -COMPOSE = ./srcs/docker-compose.yml +COMPOSE_FILE = ./srcs/docker-compose.yml # in makefile you can use an env variable directly as a make variable : # -> https://ftp.gnu.org/old-gnu/Manuals/make-3.79.1/html_chapter/make_6.html#SEC68 @@ -90,6 +90,7 @@ VOLUMES = $(shell docker volume ls -q) # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # all: require build up +logs: require build_logs up require: # remove all the lines starting with "HOST_VOLUME_" in .env @@ -101,9 +102,6 @@ require: # create the volumes directories @echo $(B_PURPLE)"create the volumes directories"$(RESET) @mkdir -p $(VOLUMES_D) -# create the ssl folder to avoid pbm at nginx docker creation - @echo $(B_PURPLE)"create the ssl folder"$(RESET) - @mkdir -p ./srcs/requirements/nginx/conf/ssl # verify if the wordpress url is added to the local path @echo $(B_PURPLE)"verify if the wordpress url is added to the local path"$(RESET) @- if ! grep "127.0.0.1 $(WP_URL)" /etc/hosts 2> /dev/null; then \ @@ -112,14 +110,18 @@ require: fi build: - docker compose -f $(COMPOSE) build + docker compose -f $(COMPOSE_FILE) build +# --progress plain : everything will be output at build time, you can see commands like "echo" or "ls" in RUN command in dockerfile +# --no-cache : this will prevent builder to use previous cached action, so it rebuild everything +build_logs: + docker compose -f $(COMPOSE_FILE) build --progress plain --no-cache up: - docker compose -f $(COMPOSE) up -d + docker compose -f $(COMPOSE_FILE) up -d @echo $(B_PURPLE)"you can now connect at "$(B_YELLOW)"https://$(WP_URL)"$(B_PURPLE)" or 127.0.0.1"$(RESET) down: - docker compose -f $(COMPOSE) down + docker compose -f $(COMPOSE_FILE) down # list images, containers, volumes list: diff --git a/README.md b/README.md index c560ac7..68b246e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,9 @@ +debug : +- **docker ps** : to see all the containers running +- **docker logs ** : to see if there is logs of errors + +--- + # toc : - 1. MAP diff --git a/notes.md b/notes.md new file mode 100644 index 0000000..b1feebe --- /dev/null +++ b/notes.md @@ -0,0 +1,303 @@ +# toc : + +- 1. MAP + - 1.1. v2 2023 + - 1.2. todo + - 1.3. temps de travail +- 2. docker + - 2.1. install docker + - 2.2. docker ressources +- 3. old versions + - 3.1. v1 2022 + - 3.1.1. todo + - 3.1.2. verifications + - 3.1.3. improvement suggestions + - 3.1.4. questions traitees + - 3.1.5. todo + +--- + +- I made a script that goes through all posts each time the map is loaded, + extracts the right info, creates the "locations" object as a global variable, + and serves it to the front end js. It also get the coordinates, but only + when a post is published, and it adds them in the meta field of the post + - that's absurd, all the info should be added to the meta field, and only + reevaluated when post is saved or change status +- I made a rapid check of some errors in plugin menu, but that would be much + better to add the errors to a common place, maybe a post meta fiel, during + the processing of the data + +--- + +# 1. MAP + +## 1.1. v2 2023 + +## 1.2. todo + +- [/] create wp plugin menu +- [/] add infos in menu + - [/] gmaps api key + - [/] missing addresses +- [/] error strlen +- [/] add counter +- [/] menu select published posts +- [/] menu show error format in categories + +## 1.3. temps de travail + +30€/h * 8h = 240€/j + +- 03/09/23 + - begin: 14h30 + - mes: "setting up docker" + - end: 16h00 + - len: 1h30 + - begin: 16h30 + - mes: "launch worpdress" + - end: 18h00 + - len: 1h30 + - total: 3h00 + - money: 90€ + +- 09/09/23 + - begin: 16h30 + - mes: "trying to copy wp site" + - end: 17h30 + - len: 1h00 + - total: 1h00 + - money: 30€ + +- 10/09/23 + - begin: 10h00 + - mes: "trying to fix makefile and .env volume variable" + - end: 12h00 + - len: 2h00 + - total: 2h00 + - money: 60€ + +- 11/09/23 + - begin: 10h00 + - mes: "fixed volume variable" + - end: 13h30 + - len: 3h30 + - total: 3h30 + - money: 105€ + +- 12/09/23 + - begin: 9h30 + - mes: "resolve some env var pbm" + - end: 12h15 + - len: 2h45 + - total: 2h45 + - money: 82€50 + +- 14/09/23 + - begin: 11h30 + - mes: "resolve env pbm with sudo" + - end: 12h00 + - len: 0h30 + - begin: 13h00 + - mes: "env pbm with sudo resolved" + - end: 13h45 + - len: 0h45 + - begin: 13h45 + - mes: "launch process duplicator" + - end: 14h30 + - len: 0h45 + - begin: 14h45 + - mes: "copy site duplicator" + - end: 15h30 + - len: 0h45 + - total: 2h45 + - money: 82€50 + +- 18/09/23 + - begin: 10h00 + - mes: "rediscover plugin" + - end: 12h00 + - len: 2h00 + - begin: 13h00 + - mes: "try to get acf fields" + - end: 15h45 + - len: 2h45 + - total: 4h45 + - money: 142€50 + +- 20/09/23 + - begin: 14h00 + - mes: "pbm api keys and acf7 form" + - end: 15h30 + - len: 1h30 + - total: 1h30 + - money: 45€ + +- 21/09/23 + - begin: 9h45 + - mes: "understand how custom fields works" + - end: 12h45 + - len: 3h00 + - begin: 15h15 + - mes: "create plugin menu" + - end: 19h30 + - len: 4h15 + - total: 7h15 + - money: 217€50 + +- 21/09/23 + - begin: 11h30 + - mes: "" + - end: h + - len: h + - total: h + - money: € + + +#### total : 90 + 30 = 120€ + +## 1.4. duplicator wordpress + +- https://duplicator.com/knowledge-base/classic-install/ +- installer.php has two errors : + - delete first blank line + - close last line comment + +--- + +# 2. docker : + +## 2.1. install docker + +- [install docker engine](https://docs.docker.com/engine/install/ubuntu/) +- [uninstall docker engine](https://docs.docker.com/engine/install/ubuntu/#uninstall-docker-engine) +- [docker engine vs docker desktop](https://docs.docker.com/desktop/faqs/linuxfaqs/#what-is-the-difference-between-docker-desktop-for-linux-and-docker-engine) +- [manage docker as non root user](https://docs.docker.com/engine/install/linux-postinstall/) + +## 2.2. docker ressources + +- [docker compose man](https://docs.docker.com/compose/compose-file/#volumes) +- [Dockerfile man](https://docs.docker.com/engine/reference/builder/) +- [determine the parent image](https://forums.docker.com/t/determine-the-parent-image/48611) +- [docker image from scratch](https://codeburst.io/docker-from-scratch-2a84552470c8) +- [build context and image context](https://stackoverflow.com/questions/55108649/what-is-app-working-directory-for-a-dockerfile/55109065#55109065) +- [run without sudo on linux](https://docs.docker.com/engine/install/linux-postinstall/) +- [run docker deamon rootless](https://docs.docker.com/engine/security/rootless/) +- [dangling images ''](https://projectatomic.io/blog/2015/07/what-are-docker-none-none-images/) +- [go inside docker to debug it](https://docs.docker.com/engine/reference/commandline/container_exec/) +- [docker debug image with "docker run -it"](https://blog.devgenius.io/how-to-debug-docker-build-6c2588401188) +- `docker exec -ti bash` to run bash inside a running container +- [docker CMD vs ENTRYPOINT](https://phoenixnap.com/kb/docker-cmd-vs-entrypoint) +- [use env variable with compose](https://docs.docker.com/compose/environment-variables/) +- [using DEBIAN_FRONTEND=noninteractive disouraged in dockerfile](https://bobcares.com/blog/debian_frontendnoninteractive-docker/) +- [docker network](https://docs.docker.com/network/) +- [depends_on](https://docs.docker.com/compose/compose-file/#depends_on) +- [compose and env var](https://docs.docker.com/compose/environment-variables/) +- [specify path to named volumes](https://docs.docker.com/compose/compose-file/#volumes-top-level-element) +- [pass secret to container](https://medium.com/@zdk/simple-and-secure-way-to-pass-secrets-and-credentials-into-docker-containers-c2f66175b0a4) + + +--- + +# 3. old versions + +## 3.1. v1 2022 + +### 3.1.1. todo + +- [/] copy recent site version +- [/] create links +- [/] make links having map +- [/] transform filter list in inputs +- [/] zoom in +- [/] style input filters +- [x] enlever le bandeau de scroll des menus +- [/] effacer -> bouton carre, fond violet, ecriture blanche, en capitale, arrondis de 3px sur les coins +- [/] ne pas ouvrir sur un nouvel onglet +- [/] "effacer" au lieu de "sans filtre" +- [/] accents et majuscules : "Effacer", "Pays" et "Categories" +- [/] responsive + - pays + - categories + - irl / online + - effacer +- [/] sur ordi carte hauteur 600px, sur telephone 500px +- [/] make two infowindow size +- [/] infowindow with date in background color purple, and croice white +- [/] check errors on real site +- [/] create action to publish all +- [/] deal with multiplication of filters +- [/] deal with window size +- [/] la carte ne s'affiche pas sur les pages +- [/] filtres sur chrome +- [/] infowindow new design +- [/] infowindow enlever scroll border + +- [/] hide filters before css ready +- [x] reduire hauteur du select menu +- [/] dans categories, placer "autres" en bas +- [/] dans categories, transformer fleches en "autres" +- [/] effacer les fenetres, au moins sur le bouton effacer, ou sur mouvement +- [/] zoom sur cluster problem +- [/] transform names without space +- [/] change appearance of filter according to other filters +- [/] change title of select options that appears on cursor hover +- [ ] deal with error double event irl and online + +### 3.1.2. verifications: + +- api only for this site on fabien's google account +- erased tmp css on site headers + +### 3.1.3. improvement suggestions: + +- add a field "more infos" to address +- localise on map when form is filled + +### 3.1.4. questions traitees: + +- zoom : toujours zoomer, pour un seul marqueur pas trop, et enlever les villes +- resoudre probleme mauvais markers de pays +- faire un bouton select (afficher la seletion plutot que le nom du menu) + +- bound la carte limite pour ne pas voir la zone grise +- quelles infos on mets dans les infowindow + - adresse en haut (surtout pour les markers avec plusieurs evenements) +- filtres: au dessus de la carte +- zoom : on reste avec le fonctionnement par defaut + - est-ce qu'on peut changer la phrase "ctrl + scroll" pour un truc en francais ? +- comment gerer les mauvaises adresses + - verifier la maniere dont je les recuperes, tous les posts devraient avoir un pays +- comportement des infowindows + - centrees, c nickel +- markers avec plusieurs evenements a la meme adresse + - utiliser uniquement les markers qui servent actuellement pour les clusters + - quand c'est un cluster, on zoom, + - quand c'est plusieurs evenements au meme endroit, on les affiche + +### 3.1.5. todo: + +- add info-window +- add filter options +- deal with bad address +- redsign + and - for zoom -> color and thickness +- how to put the map on other pages +- how to send plugin to fabien +- [changed plugin directory in wp](https://wordpress.stackexchange.com/questions/120075/how-to-change-location-of-the-plugins-wordpress-themes-folder) +- googlemap api key : AIzaSyCvdGV2ssD4ov4a9CuIlQhoJyz5gWWiSvE +- [discussion on googlemap wp implementation](https://wordpress.org/support/topic/google-maps-where-to-place-api-key/) +- [exemple of googlemap plugin creation](https://www.inkthemes.com/implement-google-map-plugin-for-wordpress/) + - [Error: not a valid JSON response](https://wordpress.org/support/topic/publishing-failed-error-message-the-response-is-not-a-valid-json-response-2/) + - [permalink broken](https://wordpress.org/support/topic/permalinks-change-breaks-all-links/) +- [console.log in php](https://stackify.com/how-to-log-to-console-in-php/) +- [plugins_url with symlink pbm](https://wordpress.stackexchange.com/questions/102681/plugins-url-file-wp-plugin-url-with-sym-links) +- [make nginx follow symlinks](https://unix.stackexchange.com/questions/157022/make-nginx-follow-symlinks) +- [nginx not following symlink maybe due to permissions](https://stackoverflow.com/questions/12624358/nginx-not-following-symlinks) +- [symlink pbm with php-fpm](https://joshtronic.com/2019/07/29/symlinks-with-nginx-and-php-fpm/) +- [my post on unix stack](https://unix.stackexchange.com/questions/722503/symlink-doent-works-with-nginx-and-php-fpm-and-docker/722511#722511) +- [my post on wordpress stack](https://wordpress.stackexchange.com/questions/410735/i-dont-understand-how-symlinks-in-plugin-work) +- [maps api in php](http://www.learningaboutelectronics.com/Articles/Google-maps-API-JSON-PHP.php) +- [google maps api url parameters](https://developers.google.com/maps/documentation/javascript/url-params) +- [google maps api references](https://developers.google.com/maps/documentation/javascript/reference) +- [remove marker cluster](https://googlemaps.github.io/js-markerclusterer/classes/MarkerClusterer.html#removeMarker) + + diff --git a/srcs/.env b/srcs/.env index c0e1292..6397325 100644 --- a/srcs/.env +++ b/srcs/.env @@ -2,6 +2,7 @@ # NGINX SETUP NG_VOLUME_CERTS=/etc/ssl +MAX_UPLOAD_SIZE=512 # MARIADB SETUP @@ -27,7 +28,6 @@ WP_USER_EMAIL=moehu36@42.fr # MAP -MAX_UPLOAD_SIZE=512 EXECUTION_TIME=300 # env file does not have expension capacity, so we simulate it with makefile : @@ -40,10 +40,8 @@ EXECUTION_TIME=300 #EXPEND_HOST_VOLUME_WP=$HOME_PATH/data/lejourduprof/wp_volume #EXPEND_HOST_VOLUME_DB=$HOME_PATH/data/lejourduprof/db_volume #EXPEND_HOST_VOLUME_PLUGINS=$PWD_PATH/srcs/plugins -#EXPEND_HOST_VOLUME_CERTS=$PWD_PATH/srcs/requirements/nginx/conf/ssl # EXPENDED LINES : -HOST_VOLUME_CERTS=/home/asususus/nextcloud_backup/backup_planethoster_server/nextclouddata/hugogogo/files/informatique/lejourduprof/srcs/requirements/nginx/conf/ssl -HOST_VOLUME_PLUGINS=/home/asususus/nextcloud_backup/backup_planethoster_server/nextclouddata/hugogogo/files/informatique/lejourduprof/srcs/plugins +HOST_VOLUME_PLUGINS=/home/asususus/nextcloud_backup/backup_planethoster_server/nextclouddata/hugogogo/files/informatique/wordpress_docker/srcs/plugins HOST_VOLUME_DB=/home/asususus/data/lejourduprof/db_volume HOST_VOLUME_WP=/home/asususus/data/lejourduprof/wp_volume diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml index a31e998..7803118 100644 --- a/srcs/docker-compose.yml +++ b/srcs/docker-compose.yml @@ -8,24 +8,16 @@ version: "3.8" services: -# --------------------------------- -# test: -# build: -# context: ./requirements/test -# dockerfile: Dockerfile -# image: test -# container_name: test_container # --------------------------------- nginx: restart: on-failure networks: - inception ports: - - "443:443" + - "443":"443" volumes: - wp_volume:${WP_VOLUME_DIR} - wp_plugins:${WP_VOLUME_PLUGINS} - - ng_certs:${NG_VOLUME_CERTS} build: context: ./requirements/nginx args: @@ -64,7 +56,7 @@ services: # --------------------------------- wordpress: restart: on-failure - env_file: ./.env + env_file: .env networks: - inception volumes: @@ -103,12 +95,6 @@ volumes: type: none o: "bind" device: ${HOST_VOLUME_PLUGINS} - ng_certs: - driver: local - driver_opts: - type: none - o: "bind" - device: ${HOST_VOLUME_CERTS} networks: inception: diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index 2a0f672..47cda04 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -9,8 +9,8 @@ RUN apk update && apk add \ rm -rf /var/cache/apk* # nginx conf -COPY ./conf/nginx.conf.alpine /etc/nginx/nginx.conf -COPY ./conf/inception_nginx.conf /etc/nginx/http.d/ +COPY ./conf/nginx_main.conf.alpine /etc/nginx/nginx.conf +COPY ./conf/nginx_http_server.conf /etc/nginx/http.d/ # dir for logs RUN mkdir -p /var/log/nginx/ @@ -20,31 +20,38 @@ RUN adduser -S www-data && \ adduser www-data nginx && \ chmod +rwx /var/lib/nginx/tmp +# ARG variables are not persistent after the build process, in opposite to ENV ARG WP_URL ARG MAX_UPLOAD_SIZE ARG WP_VOLUME_DIR ARG WP_VOLUME_PLUGINS ARG NG_VOLUME_CERTS -# create and empty volumes dir -RUN mkdir -p ${WP_VOLUME_DIR} ${WP_VOLUME_PLUGINS} ${NG_VOLUME_CERTS} && \ - rm -rf ${WP_VOLUME_DIR}/* ${WP_VOLUME_PLUGINS}/* ${NG_VOLUME_CERTS}/* - # replace WP_URL -RUN sed -i "s/\${WP_URL}/${WP_URL}/g" /etc/nginx/http.d/inception_nginx.conf - +RUN sed -i "s/\${WP_URL}/${WP_URL}/g" /etc/nginx/http.d/nginx_http_server.conf # replace max file size upload RUN sed -i "s/\(client_max_body_size \).*\(m;\)/\1${MAX_UPLOAD_SIZE}\2/g" /etc/nginx/nginx.conf -# create ssl certificate -COPY ./conf/ssl ${NG_VOLUME_CERTS} -RUN if [ -z "$(ls -A ${NG_VOLUME_CERTS} 2>/dev/null)" ]; then \ - mkdir ${NG_VOLUME_CERTS}/private ${NG_VOLUME_CERTS}/certs; \ +# create ssl certificates +# command openssl : +# - req : create a certificate signing request (CSR) or a self-signed certificate +# - newkey rsa:2048 : generate a new RSA key pair with a key length of 2048 bits +# - nodes : the private key should not be encrypted with a passphrase. This is useful for automated processes where entering a passphrase is not practical +# - x509 : a self-signed certificate should be created +# - days 365 : sets the validity period of the certificate to 365 days +# - subj : sets the subject, information about the entity the certificate is issued to +# - C, ST, L, O, OU, CN : country, state, locality, organization, organizational unit, and common name +# - keyout : the filename for the private key file +# - out : the filename for the output certificate file +ARG SSL_KEY=${NG_VOLUME_CERTS}/private/${WP_URL}.key +ARG SSL_CERT=${NG_VOLUME_CERTS}/certs/${WP_URL}.crt +RUN mkdir -p ${NG_VOLUME_CERTS}; \ + cd ${NG_VOLUME_CERTS}; \ + mkdir private certs; \ openssl req -newkey rsa:2048 -nodes -x509 -days 365 \ - -subj "/C=fr/ST=ile-de-france/L=paris/O=ljdp/OU=lejourdesprofs/CN=${WP_URL}" \ - -keyout ${NG_VOLUME_CERTS}/private/${WP_URL}.key \ - -out ${NG_VOLUME_CERTS}/certs/${WP_URL}.crt; \ - fi + -subj "/C=fr/ST=ile-de-france/L=paris/O=wp/OU=wp_local/CN=${WP_URL}" \ + -keyout ${SSL_KEY} \ + -out ${SSL_CERT}; ENTRYPOINT [ "nginx", "-g", "daemon off;" ] diff --git a/srcs/requirements/nginx/conf/default b/srcs/requirements/nginx/conf/default deleted file mode 100644 index c841ceb..0000000 --- a/srcs/requirements/nginx/conf/default +++ /dev/null @@ -1,91 +0,0 @@ -## -# You should look at the following URL's in order to grasp a solid understanding -# of Nginx configuration files in order to fully unleash the power of Nginx. -# https://www.nginx.com/resources/wiki/start/ -# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ -# https://wiki.debian.org/Nginx/DirectoryStructure -# -# In most cases, administrators will remove this file from sites-enabled/ and -# leave it as reference inside of sites-available where it will continue to be -# updated by the nginx packaging team. -# -# This file will automatically load configuration files provided by other -# applications, such as Drupal or Wordpress. These applications will be made -# available underneath a path with that package name, such as /drupal8. -# -# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. -## - -# Default server configuration -# -server { - listen 80 default_server; - listen [::]:80 default_server; - - # SSL configuration - # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; - # - # Note: You should disable gzip for SSL traffic. - # See: https://bugs.debian.org/773332 - # - # Read up on ssl_ciphers to ensure a secure configuration. - # See: https://bugs.debian.org/765782 - # - # Self signed certs generated by the ssl-cert package - # Don't use them in a production server! - # - # include snippets/snakeoil.conf; - - root /var/www/html; - - # Add index.php to the list if you are using PHP - index index.html index.htm index.nginx-debian.html; - - server_name _; - - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. - try_files $uri $uri/ =404; - } - - # pass PHP scripts to FastCGI server - # - #location ~ \.php$ { - # include snippets/fastcgi-php.conf; - # - # # With php-fpm (or other unix sockets): - # fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; - # # With php-cgi (or other tcp sockets): - # fastcgi_pass 127.0.0.1:9000; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - - -# Virtual Host configuration for example.com -# -# You can move that to a different file under sites-available/ and symlink that -# to sites-enabled/ to enable it. -# -#server { -# listen 80; -# listen [::]:80; -# -# server_name example.com; -# -# root /var/www/example.com; -# index index.html; -# -# location / { -# try_files $uri $uri/ =404; -# } -#} diff --git a/srcs/requirements/nginx/conf/inception_nginx.conf b/srcs/requirements/nginx/conf/inception_nginx.conf deleted file mode 100644 index b03cccb..0000000 --- a/srcs/requirements/nginx/conf/inception_nginx.conf +++ /dev/null @@ -1,48 +0,0 @@ -# doc : https://nginx.org/en/docs/dirindex.html - -server { - listen 443 ssl; # for ipv4, on port 443, specifying that accepted connections should works in ssl mode - listen [::]:443 ssl; # for ipv6 - server_name ${WP_URL}; - ssl_certificate /etc/ssl/certs/${WP_URL}.crt; # specifies the file with the ssl certificate (self signed here) generated by openssl - ssl_certificate_key /etc/ssl/private/${WP_URL}.key; # specifies the file with the secret key of the certificate - - root /var/www/html/; # contains default nginx index.nginx-debian.html - index index.html index.php; # defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html) - - access_log /var/log/nginx/${WP_URL}.access.log; - error_log /var/log/nginx/${WP_URL}.error.log; - - # use fastcgi for all php files - location ~ \.php$ { - fastcgi_pass wordpress:9000; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - -# followings are from : -# https://www.farinspace.com/wordpress-nginx-rewrite-rules/ - - # unless the request is for a valid file, send to bootstrap - # without this, permalinks changes don't work - if (!-e $request_filename) { - rewrite ^(.+)$ /index.php?q=$1 last; - } - - ## enforce NO www - #if ($host ~* ^www\.(.*)) { - # set $host_without_www $1; - # rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent; - #} - - ## catch all - #error_page 404 /index.php; - - ## deny access to apache .htaccess files - #location ~ /\.ht { - # deny all; - #} - -} - diff --git a/srcs/requirements/nginx/conf/nginx.conf.debian b/srcs/requirements/nginx/conf/nginx.conf.debian deleted file mode 100644 index c4c0837..0000000 --- a/srcs/requirements/nginx/conf/nginx.conf.debian +++ /dev/null @@ -1,98 +0,0 @@ -# inception modifications : -# -# ssl_protocols : -# < ssl_protocols TLSv1.3; # Dropping SSLv3, ref: POODLE -# > ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE -# gzip : -# < gzip off; -# > gzip on; -# sites-enabled : -# < # include /etc/nginx/sites-enabled/*; -# > include /etc/nginx/sites-enabled/*; - # doc : https://nginx.org/en/docs/dirindex.html - -user www-data; # process owner name, can be anything -worker_processes auto; # a worker is a process that handles incoming requests, auto to automatically adjust the number of processes available -pid /run/nginx.pid; # defines a file that will store the process id of the main process -include /etc/nginx/modules-enabled/*.conf; # include a file - -events { # section for connection processing directives - worker_connections 768; # max number of connection that can be opened by a worker process - # multi_accept on; -} - -http { # section for http server directives - ## - # Basic Settings - ## - - sendfile on; # enable the use of linux sendfil() function, that transfer data directly betzeen fd, so withour copying to intermediate memory buffer, it increases performances in most cases (https://stackoverflow.com/questions/58066785/always-use-sendfile-with-nginx-on-linux) - tcp_nopush on; # enables the socket option TCP_CORK/TCP_NOPUSH, that allows to send packets filled with more datas (https://baus.net/on-tcp_cork/) - tcp_nodelay on; # opposit of TCP_CORK, TCP_NODELAY says the application to send datas as soon as it receives it, both options are exclusives but can work together in modern kernel (https://stackoverflow.com/questions/3761276/when-should-i-use-tcp-nodelay-and-when-tcp-cork) - keepalive_timeout 65; # in seconds, defines time before closing a connexion without activity - types_hash_max_size 2048; # maximum size for the list that stores duplicates of the hash table, size of the hash table is chosen accordingly (https://nginx.org/en/docs/hash.html, hash table : https://www.youtube.com/watch?v=KyUTuwz_b7Q) - # server_tokens off; - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; # include a file - default_type application/octet-stream; # defines the default MIME type (default is text/plain) - - ## - # SSL Settings - ## - - ssl_protocols TLSv1.3; # Dropping SSLv3, ref: POODLE # enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters works only when OpenSSL 1.0.1 or higher is used, and the TLSv1.3 only when OpenSSL 1.1.1 or higher is used - ssl_prefer_server_ciphers on; # Specifies that server ciphers should be preferred over client ciphers when using the SSLv3 and TLS protocols (a cipher is "an algorithm for performing encryption or decryption, a series of [...] steps that can be followed as a procedure" https://en.wikipedia.org/wiki/Cipher_suite) - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access.log; # defines where to write the access logs. if gzip is used, the log will be buffered - error_log /var/log/nginx/error.log; # defines where to write the error logs. if gzip is used, the log will be buffered - - ## - # Gzip Settings - ## - - gzip off; # enable gzipping of responses. gzip is an algorithm that compress the data (disabled for security reasons : https://bugs.debian.org/773332) - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # Virtual Host Configs - ## - - include /etc/nginx/conf.d/*.conf; # include the *.conf files found in conf.d folder. do the same as "sites-enabled" with another approach : you put your .conf files for the site inside this folder, and if you want to disable a config file you just rename it to no have a .conf suffix - # include /etc/nginx/sites-enabled/*; # include all the (symlink) files found in sites-enabled folder. do the same as "conf.d" with another approach : you put all your configurations files into a "/etc/nginx/sites-available/" folder, and you put symlinks of a selection of thoses files that you want to use for the site, into "/etc/nginx/sites-enabled/" folder (bad practice : https://serverfault.com/questions/527630/difference-in-sites-available-vs-sites-enabled-vs-conf-d-directories-nginx#answer-870709) -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#} - diff --git a/srcs/requirements/nginx/conf/nginx_http_server.conf b/srcs/requirements/nginx/conf/nginx_http_server.conf new file mode 100644 index 0000000..07e71ca --- /dev/null +++ b/srcs/requirements/nginx/conf/nginx_http_server.conf @@ -0,0 +1,52 @@ +# doc : +# https://nginx.org/en/docs/dirindex.html +# https://www.nginx.com/resources/wiki/start/ +# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ +# https://wiki.debian.org/Nginx/DirectoryStructure + +server { + listen 443 ssl; # for ipv4, on port 443, specifying that accepted connections should works in ssl mode + listen [::]:443 ssl; # for ipv6 + server_name ${WP_URL}; + ssl_certificate /etc/ssl/certs/${WP_URL}.crt; # specifies the file with the ssl certificate (self signed here) generated by openssl + ssl_certificate_key /etc/ssl/private/${WP_URL}.key; # specifies the file with the secret key of the certificate + + root /var/www/html/; # contains default nginx index.nginx-debian.html + index index.html index.php; # defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html) + + access_log /var/log/nginx/${WP_URL}.access.log; + error_log /var/log/nginx/${WP_URL}.error.log; + + # use fastcgi for all php files + location ~ \.php$ { + fastcgi_pass wordpress:9000; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } + +# followings are from : +# https://www.farinspace.com/wordpress-nginx-rewrite-rules/ + + # unless the request is for a valid file, send to bootstrap + # without this, permalinks changes don't work + if (!-e $request_filename) { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + ## enforce NO www + #if ($host ~* ^www\.(.*)) { + # set $host_without_www $1; + # rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent; + #} + + ## catch all + #error_page 404 /index.php; + + ## deny access to apache .htaccess files + #location ~ /\.ht { + # deny all; + #} + +} + diff --git a/srcs/requirements/nginx/conf/nginx.conf.alpine b/srcs/requirements/nginx/conf/nginx_main.conf.alpine similarity index 99% rename from srcs/requirements/nginx/conf/nginx.conf.alpine rename to srcs/requirements/nginx/conf/nginx_main.conf.alpine index 1cdac83..bc4dfe0 100644 --- a/srcs/requirements/nginx/conf/nginx.conf.alpine +++ b/srcs/requirements/nginx/conf/nginx_main.conf.alpine @@ -1,4 +1,4 @@ -# inception modifications : +# modifications from original : # # user : # < user www-data diff --git a/srcs/requirements/wordpress/Dockerfile b/srcs/requirements/wordpress/Dockerfile index b460fce..1ac4399 100644 --- a/srcs/requirements/wordpress/Dockerfile +++ b/srcs/requirements/wordpress/Dockerfile @@ -31,10 +31,6 @@ ARG WP_VOLUME_PLUGINS ARG MAX_UPLOAD_SIZE ARG EXECUTION_TIME -# create and empty volumes dir -RUN mkdir -p ${WP_VOLUME_DIR} ${WP_VOLUME_PLUGINS} && \ - rm -rf ${WP_VOLUME_DIR}/* ${WP_VOLUME_PLUGINS}/* - # replace max file size upload and execution time RUN sed -i "s/\(upload_max_filesize = \).*\(M\)/\1${MAX_UPLOAD_SIZE}\2/g" /etc/php7/php.ini && \ sed -i "s/\(post_max_size = \).*\(M\)/\1${MAX_UPLOAD_SIZE}\2/g" /etc/php7/php.ini && \ diff --git a/srcs/requirements/wordpress/conf/wp_entrypoint.sh b/srcs/requirements/wordpress/conf/wp_entrypoint.sh index 6fe66a3..ac086bb 100644 --- a/srcs/requirements/wordpress/conf/wp_entrypoint.sh +++ b/srcs/requirements/wordpress/conf/wp_entrypoint.sh @@ -10,6 +10,8 @@ CYAN="\e[0;36m" WHITE="\e[0;37m" RESET="\e[0m" +# it gets the ENV variables from .env because specified in the docker-compose.yml file + # install wordpress with cli : https://make.wordpress.org/cli/handbook/how-to-install/ # commands : https://developer.wordpress.org/cli/commands/ # bug with wp commands : https://github.com/wp-cli/config-command/issues/31