diff --git a/README.md b/README.md index e9642c1..113770c 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ This docker compose run wordpress on docker * GMoTech/GMoLab/VdGLab Linux environment * Rocky Linux 10 * Redhat 10 +* Docker with traefik * Certificats * Copy crt and key files on `/home/docker/certs/` * Environment file @@ -34,105 +35,11 @@ Copy `env-dist` to `env-` file and adapt as your needs The database is a dump of wp first install The script adapt the sql file with data from environment file -## Apache -### http-wp-dev.conf -``` - - ServerName wp-dev.gmolab.net - ServerAlias wp-dev - CustomLog logs/wp-dev_access_log common - ErrorLog logs/wp-dev_error_log - # redirect to https - RewriteEngine on - RewriteCond %{SERVER_NAME} =wp-dev [OR] - RewriteCond %{SERVER_NAME} =wp-devp.gmolab.net - RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] - -``` -### https-wp-dev.conf -``` -## -## SSL Virtual Host Context -## -# General setup for the virtual host - - ServerName wp-dev.gmolab.net - ServerAlias wp-dev - CustomLog logs/wp-dev_access_log common - ErrorLog logs/wp-dev_error_log - -# SSL - SSLEngine on - SSLHonorCipherOrder on - SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 - SSLHonorCipherOrder on - SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4 - # Enable HTTP/2, if available - Protocols h2 http/1.1 - # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds) - Header always set Strict-Transport-Security "max-age=63072000" -# certificats - SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt" - SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key" - SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt" -# proxy - SSLProxyEngine On - ProxyPreserveHost On - ProxyRequests off - ProxyPass "/" "http://127.0.0.1:8080/" - ProxyPassReverse "/" "https://127.0.0.1:8080/" - -``` -### http-phpmyadmin-dev.conf -``` - - ServerName phpmyadmin-dev.gmolab.net - ServerAlias phpmyadmin-dev - CustomLog logs/phpmyadmin-dev_access_log common - ErrorLog logs/phpmyadmin-dev_error_log - # redirect to https - RewriteEngine on - RewriteCond %{SERVER_NAME} =wp-dev [OR] - RewriteCond %{SERVER_NAME} =phpmyadmin-dev.gmolab.net - RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] - -``` -### https-phpmyadmin-dev.conf -``` -# General setup for the virtual host - - ServerName phpmyadmin-dev.gmolab.net - ServerAlias phpmyadmin-dev - CustomLog logs/phpmyadmin-dev_access_log common - ErrorLog logs/phpmyadmin-dev_error_log - -# SSL - SSLEngine on - SSLHonorCipherOrder on - SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 - SSLHonorCipherOrder on - SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4 - # Enable HTTP/2, if available - Protocols h2 http/1.1 - # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds) - Header always set Strict-Transport-Security "max-age=63072000" -# certificats - SSLCertificateFile "/etc/httpd/auth/cert/gmolab.net.crt" - SSLCertificateKeyFile "/etc/httpd/auth/cert/gmolab.net.key" - SSLCertificateChainFile "/etc/httpd/auth/cert/gmolabCA.crt" -# proxy - RequestHeader set X-Forwarded-Proto "https" - ProxyPreserveHost On - ProxyPass "/" "http://127.0.0.1:8180/" - ProxyPassReverse "/" "http://127.0.0.1:8180/" - -``` - ## Access https://wp-dev.gmolab.net -https://phpmyadmin-dev.gmolab.net +https://pma-dev.gmolab.net -### [1.0.0] - 2026-02-06 +### [1.0.0] - 2026-03-08 #### Added - initial version by [GMo](mailto:gilles.mouchet@gmail.com) diff --git a/docker-compose.yaml b/docker-compose.yaml index a55c410..1a34932 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,60 +1,187 @@ name: wp-gmo + services: + wordpress: image: wordpress:latest extra_hosts: - "${HOST_NAME}:${HOST_IP}" container_name: ${WP_SITE} + restart: always + volumes: - /home/docker/wp/wp-site:/var/www/html - ./config/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini + environment: - WORDPRESS_DB_HOST: db + WORDPRESS_DB_HOST: db:3306 WORDPRESS_DB_NAME: wordpress WORDPRESS_DB_USER: wpuser WORDPRESS_DB_PASSWORD: wppassword WORDPRESS_TABLE_PREFIX: wp_ + depends_on: - - db - - phpmyadmin - restart: always - ports: - - 8080:80 + db: + condition: service_healthy + + networks: + - traefik-net + - wp-net + + labels: + - "traefik.enable=true" + - "traefik.http.routers.wp-site.rule=Host(`${HOST_NAME}`)" + - "traefik.http.routers.wp-site.entrypoints=websecure" + - "traefik.http.routers.wp-site.tls=true" + - "traefik.docker.network=traefik-net" + - "traefik.http.services.wp-site.loadbalancer.server.port=80" + # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique + - "traefik.http.routers.wp-pma.tls.options=default" db: - image: mysql:8.4.8 + image: mysql:8.4 container_name: ${WP_DB} + restart: always + volumes: - /home/docker/wp/wp-db:/var/lib/mysql # This is optional!!! - ./dump-db/:/docker-entrypoint-initdb.d + environment: MYSQL_DATABASE: wordpress MYSQL_USER: wpuser MYSQL_PASSWORD: wppassword MYSQL_ROOT_PASSWORD: rootpassword - restart: always - ports: - - 3306:3306 - + + networks: + - wp-net + healthcheck: - test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] + test: ["CMD","mysqladmin","ping","-h","localhost","-prootpassword"] + interval: 10s timeout: 5s retries: 10 phpmyadmin: + image: phpmyadmin:latest + container_name: ${WP_PMA} + restart: always + depends_on: - db - image: ${PHPADMIN_IMAGE} - container_name: wp-phpmyadmin - restart: always - ports: - - 8180:80 + environment: PMA_HOST: db PMA_USER: root PMA_PASSWORD: rootpassword - +# ports: +# - 8180:80 + networks: + - traefik-net + - wp-net -#volumes: -# db_data: \ No newline at end of file + labels: + - "traefik.enable=true" + - "traefik.http.routers.wp-pma.rule=Host(`${HOST_PMA}`)" + - "traefik.http.routers.wp-pma.entrypoints=websecure" + - "traefik.http.routers.wp-pma.tls=true" + - "traefik.docker.network=traefik-net" + - "traefik.http.services.wp-pma.loadbalancer.server.port=80" + # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique + - "traefik.http.routers.wp-pma.tls.options=default" + +networks: + + traefik-net: + external: true + + wp-net: + + + +#name: wp-gmo +#services: +# wordpress: +# image: wordpress:latest +# extra_hosts: +# - "${HOST_NAME}:${HOST_IP}" +# container_name: ${WP_SITE} +# volumes: +# - /home/docker/wp/wp-site:/var/www/html +# - ./config/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini +# environment: +# WORDPRESS_DB_HOST: db +# WORDPRESS_DB_NAME: wordpress +# WORDPRESS_DB_USER: wpuser +# WORDPRESS_DB_PASSWORD: wppassword +# WORDPRESS_TABLE_PREFIX: wp_ +# depends_on: +# - db +# - phpmyadmin +# restart: always +# ports: +# - 8080:80 +# networks: +# - traefik-net +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.wp-site.rule=Host(`${HOST_NAME}`)" +# - "traefik.docker.network=traefik-net" +# - "traefik.http.routers.wp-site.entrypoints=websecure" +# - "traefik.http.routers.wp-site.tls=true" +## # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique +# - "traefik.http.routers.wp-site.tls.options=default" +# - "traefik.http.services.wp-site.loadbalancer.server.port=80" +# +# db: +# image: mysql:8.4.8 +# container_name: ${WP_DB} +# volumes: +# - /home/docker/wp/wp-db:/var/lib/mysql +# # This is optional!!! +# - ./dump-db/:/docker-entrypoint-initdb.d +# environment: +# MYSQL_DATABASE: wordpress +# MYSQL_USER: wpuser +# MYSQL_PASSWORD: wppassword +# MYSQL_ROOT_PASSWORD: rootpassword +# restart: always +# ports: +# - 3306:3306 +# +# healthcheck: +# test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] +# timeout: 5s +# retries: 10 +# +# phpmyadmin: +# depends_on: +# - db +# image: ${PHPADMIN_IMAGE} +# container_name: wp-phpmyadmin +# restart: always +# ports: +# - 8180:80 +# environment: +# PMA_HOST: db +# PMA_USER: root +# PMA_PASSWORD: rootpassword +# networks: +# - traefik-net +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.wp-phpmyadm.rule=Host(`${HOST_PHPMYADM}`)" +# - "traefik.docker.network=traefik-net" +# - "traefik.http.routers.wp-phpmyadm.entrypoints=websecure" +# - "traefik.http.routers.wp-phpmyadm.tls=true" +## # Facultatif mais propre : forcer l'usage du cert SSL défini dans le fichier dynamique +# - "traefik.http.routers.wp-phpmyadm.tls.options=default" +# - "traefik.http.services.wp-phpmyadm.loadbalancer.server.port=80" +# +#networks: +# traefik-net: +# external: true +# wp-net: +##volumes: +## db_data: \ No newline at end of file diff --git a/env-dist b/env-dist index 552803e..02722ec 100644 --- a/env-dist +++ b/env-dist @@ -5,9 +5,11 @@ SITE_TITLE="GMo Lab" # container WP_SITE=wp-site WP_DB=wp-db +WP_PMA=wp-pma # host HOST_NAME=wp-dev.gmolab.net -HOST_IP=172.31.10.15 +HOST_IP=172.31.10.16 +HOST_PMA=pma-dev.gmolab.net # phpadmin image PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest #PHPADMIN_IMAGE=amd64/phpmyadmin:latest @@ -15,4 +17,7 @@ PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar WP_CLI=wp-cli.phar # gantry theme -GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip +GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip +GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip + + diff --git a/env-gmolab b/env-gmolab index 43a2f3a..91f067b 100644 --- a/env-gmolab +++ b/env-gmolab @@ -5,13 +5,16 @@ SITE_TITLE="GMo Lab" # container WP_SITE=wp-site WP_DB=wp-db +WP_PMA=wp-pma # host HOST_NAME=wp-dev.gmolab.net -HOST_IP=172.31.10.15 +HOST_IP=172.31.10.16 +HOST_PMA=pma-dev.gmolab.net # phpadmin image PHPADMIN_IMAGE=arm64v8/phpmyadmin:latest # wp client URL WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar WP_CLI=wp-cli.phar # gantry theme -GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip +GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip +GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip \ No newline at end of file diff --git a/env-vdglab b/env-vdglab index 8f369cb..d2c80b9 100644 --- a/env-vdglab +++ b/env-vdglab @@ -5,13 +5,16 @@ SITE_TITLE="VdG Lab" # container WP_SITE=wp-site WP_DB=wp-db +WP_PMA=wp-pma # host HOST_NAME=wp.vdglab.net HOST_IP=10.10.8.104 +HOST_PMA=pma.vdglab.net # phpadmin image PHPADMIN_IMAGE=amd64/phpmyadmin:latest # wp client URL WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar WP_CLI=wp-cli.phar # gantry theme -GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.5.25/wordpress-tpl_g5_hydrogen_v5.5.25.zip +GANTRY_THEME_HYDROGEN_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_hydrogen_v5.6.0.zip +GANTRY_THEME_HELIUM_URL=https://github.com/gantry/gantry5/releases/download/5.6.0/wordpress-tpl_g5_helium_v5.6.0.zip diff --git a/manage.sh b/manage.sh index 961a456..c57a89a 100755 --- a/manage.sh +++ b/manage.sh @@ -217,7 +217,7 @@ case "$MODE" in echo " " inst-wpcli docker exec "$WP_SITE" ./wp-cli.phar plugin install gantry5 --activate --allow-root - docker exec "$WP_SITE" ./wp-cli.phar theme install $GANTRY_THEME_HYDROGEN_URL --activate --allow-root + docker exec "$WP_SITE" ./wp-cli.phar theme install $GANTRY_THEME_HELIUM_URL --activate --allow-root sudo chown 33:33 $WP_SITE_FOLDER -R docker compose stop ;; @@ -228,7 +228,7 @@ case "$MODE" in ;; delete) echo -e "${RED}-----------------------------------------------------------------------------------------------------" - echo -e "Do you really want to delete the contents of the /home/docker/${root_app} folder [y/N]?" + echo -e "Do you really want to delete the contents of the ${WP_ROOT_FOLDER} folder [y/N]?" echo -e "----------------------------------------------------------------------------------------------------- ${NC}" unset answer @@ -240,6 +240,7 @@ case "$MODE" in docker compose down #sleep 5 sudo rm -rf $WP_ROOT_FOLDER + sudo rm -rf /root/.wp-cli exit ;; down)