# wwwgmo stack
## Description 
Examples site with nginx, phpfpm, mysql, phpmyadmin, elasticsearch and kibana
## Build environment

|**folders**|**description**|
|:---|:---|
|docker.sh|files to build the docker image|
|docker/mariadb|env file|
|docker/phpmyadmin|config for phpmyadmin|
|docker/nginx|config file|
|docker/php-fpm|files to create docker image|
|docker/elasticsearch|env file + script for elasticsearch|
|docker/kibana|env file|
|src|site source|

## Docker
### Global environment variables

Copy file ALL `.env.dist` to `.env`  
Complete or modify the values according to your needs

### Build
The **docker.sh** script is use to manage docker image. See `./docker.sh -h` for more informations

#### Build image
```bash
./docker.sh build
```
or
```bash
./docker.sh build-no-cache
```
#### Build image multi-plaform (amd64 and amr64)
```bash
./docker.sh build-multi
```
or
```bash
./docker.sh build-multi-no-cache
```

### Start
```bash
./docker.sh start
```
#### Check
```bash
docker exec <COMPOSE_PROJECT_NAME>-mariadb-1  mysql -uroot -p<MYSQL_ROOT_PASSWORD> mysql -e 'SELECT user,host FROM mysql.user;'
```
```bash
docker exec <COMPOSE_PROJECT_NAME>-elasticsearch-1 curl -u elastic:<ELASTIC_PASSWORD> http://elasticsearch:9200/_cluster/health?pretty
```
```bash    
docker exec <COMPOSE_PROJECT_NAME>-php-fpm-1 curl  -u elastic:<ELASTIC_PASSWORD> http://wwwgmo-elasticsearch:9200/_cluster/health?pretty
```

#### Access
   
    https://<server_name>:<NGINX_PORT>
    



## kubernetes

|**folders**|**description**|
|:---|:---|
|helm|Chart root folder|
|Chart.yaml|Charts file|
|values-xxxx-configs.yml|configs file use for kubernetes manifest|
|values-xxxx-secrets.yaml|secrets file for kubernetes manifet (Must be encrypted with sops in a production environment)|
|templates/elasticsearch|manifests for elasticsearch|
|templates/kibana|manifests for kibana|
|templates/mariadb|manifests for mariadb|
|templates/phpmyadmin|manifests for phpmyadmin|
|templates/php-fpm|manifest for php-fpm|

### Secret registry (regcred)

You need credential to pull an image from private registry. 

Create or modify the secret
```bash
kubectl create secret docker-registry secret-regcred --dry-run=client \
  --docker-server=https://index.docker.io/v1/ \
  --docker-username=<username> \
  --docker-password=<secret> \
  --docker-email=<adress@sample.com> -o yaml > helm/template/secret-regcred.yaml
```
### Certificats
```bash
cat certs/tls.key | base64 -w0
```
copy the base64 result into file `values-xxxx-secrets.yaml` in ssl_key key
```bash
cat certs/tls.crt | base64 -w0
```
copy the base64 result into file `values-xxxx-config.yaml` in ssl_crt key

# Deployment
### Set kubesystem config
```bash
rm -f $HOME/.kube/config
```
for **kind**
```bash
sudo cp /root/.kube/config $HOME/.kube/config
```
for **k3s**
```bash
ln -s $HOME/.kube/k3s $HOST/.kube/config
```
for **k8s**
```bash
ln -s $HOST/.kube/k8s $HOST/.kube/config
```
### Set namespace and kube system
```bash
export NS=wwwgmo
export KUBE_SYS=kind|k3s|k8s
```
### Test template
```bash
helm template $NS ./helm --values=./helm/values-$KUBE_SYS-configs.yaml --values=./helm/values-$KUBE_SYS-secrets.yaml --namespace $NS
```
### Chart deployment 
```bash    
helm upgrade $NS ./helm --install --atomic --cleanup-on-fail --values=/helm/values-$KUBE_SYS-configs.yaml --values=./helm/values-$KUBE_SYS-secrets.yaml --namespace $NS --create-namespace
```

## Remove
```bash    
helm uninstall $NS -n $NS
kubectl delete namespaces $NS
```
## NOTES
### Cronjob
**No longer needed**. A job (`job-mariadb.yaml`), launched during deployment, has been created. We leave the procedure below for information
When we deploy manually (I do not why) you must trig manually the cronjob to make a DB backup to termine correctly the helm command
```bash
kubectl create job -n $NS --from=cronjob/cronjob-mariadb-backupdb dbbackup-$(date +%Y-%m-%d-%H-%M-%S)
```

## Database  
Not necessary because created during deployment. We leave the procedure below for information

First export NS environment variable
```bash
export NS=<your_namespace>
```
You can use `createDBOnKube.sh` or create manually with below commands

#### Create user
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"CREATE USER 'gmo_db'@'%' IDENTIFIED BY '<dbPass>';\""
```
#### Check user
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e 'SELECT user,host FROM mysql.user;'"
```
#### Create database
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"CREATE DATABASE gmo_db;\""
```
#### Check database
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e 'SHOW DATABASES;'"
```
#### Grants access
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootpass> -e \"GRANT ALL PRIVILEGES ON gmo_db.* TO 'gmo_db'@'%';FLUSH PRIVILEGES;\""
```
#### Check grants
```bash
kubectl -n $NS exec statefulset-mariadb-0  --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"SHOW GRANTS FOR 'gmo_db'@'%';\""
```
## Troubeshooting
### How to Fix "Pods stuck in Terminating status" Error
```bash
kubectl get pods --all-namespaces | grep Terminating | while read line; do
  pod_name=$(echo $line | awk '{print $2}' ) \
  name_space=$(echo $line | awk '{print $1}' ); \
  kubectl delete pods $pod_name -n $name_space --grace-period=0 --force
done
```

## Sources
[Elasticsearch-PHP](https://www.elastic.co/guide/en/elasticsearch/client/php-api/current/index.html)  
[Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/)  
[MariaDB Statefulset](https://mariadb.org/create-statefulset-mariadb-application-in-k8s/)  
[PHP-FPM, nginx, kubernetes and docker](https://matthewpalmer.net/kubernetes-app-developer/articles/php-fpm-nginx-kubernetes.html)



## Changelog

### 3.3.0 (2025-06-29)
**New Features:**
- Definition for vm-vdglab
- Displayed the Elasticsearch PHP client version on the `esinfo.php` page.  
- Removed the condition checking for **k8s** or **k3s** in Kubernetes deployment. 
- Added configuration and secret values for the `kind` system.
- Added configuration and secret values for the `k8s` system.
- Added build multi-platform docker image 

**Bug Fixes:**  
- Fixed somes bugs

---

### 3.2.5 (2024-04-14)

**New Features:**  
- Added **Elasticsearch** and **Kibana**.  
- Introduced `install` option in `docker.sh` script to install the PHP Elasticsearch module.  
- Created `deploy.sh` script for deployment.

**Bug Fixes:**  
- Fixed an issue with displaying environment variables in the PHP site.

**Updates:**  
- Enhanced `README.md` with new feature documentation.  
- Added a **Changelog** section to the `README.md`.

---

### 2.5.0 (2024-03-29)

**New Features:**  
- Added support for deploying on **k3s** or **k8s**.

**Bug Fixes:**  
- Various bug fixes.

**Updates:**  
- Updated `README.md`.

---

### 1.0.0 (2024-03-01)