diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b4fefbce4d502ca22b34a0cbf38a508d6859b361..9b8fb57add5b22188d2ded99a72f98a75c53b9f4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,6 +16,15 @@ before_script: .build: &build stage: build + only: &build-only + changes: + - Dockerfile + - entrypoint.sh + - nginx.conf + - opcache.ini + - scripts/* + - wp-config.php + - wp.sh script: - docker build . --pull=true @@ -35,7 +44,9 @@ build-nginx: .push-tags: &push-tags stage: deploy - only: [master, develop] + only: + <<: *build-only + refs: [master, develop] script: | BUILD_REPO=${CI_REGISTRY_IMAGE}/${CI_JOB_NAME#push-}/build:${CI_PIPELINE_ID} DEPLOY_REPO=${CI_REGISTRY_IMAGE}/${CI_JOB_NAME#push-} diff --git a/Dockerfile b/Dockerfile index 40d743260b12c76c191b5504dbdd297032f47c08..0c793b34eca32c80684f5e0fa508f79120df4734 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,10 +7,10 @@ COPY nginx.conf /etc/nginx/conf.d/default.conf FROM php:7.3-fpm-alpine as deps -RUN --mount=type=bind,source=scripts,target=/scripts /scripts/install-deps.sh +RUN --mount=type=bind,source=scripts/install-deps.sh,target=/stage /stage FROM deps as compile -RUN --mount=type=bind,source=scripts,target=/scripts /scripts/compile.sh +RUN --mount=type=bind,source=scripts/compile.sh,target=/stage /stage FROM deps @@ -20,13 +20,11 @@ ARG wp_version=latest WORKDIR /app ENV WORDPRESS_ROOT=/app -ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \ - /usr/local/lib/wp-cli.phar COPY wp.sh /usr/local/bin/wp COPY --from=compile /usr/local/etc/php /usr/local/etc/php COPY --from=compile /usr/local/lib/php /usr/local/lib/php -RUN --mount=type=bind,source=scripts,target=/scripts \ - /scripts/install-wp.sh ${wp_version} +RUN --mount=type=bind,source=scripts/install-wp.sh,target=/stage \ + /stage ${wp_version} COPY opcache.ini /usr/local/etc/php/conf.d/opcache-recommended.ini COPY wp-config.php /usr/share/wordpress/wp-config.php diff --git a/doc/configuration.md b/doc/configuration.md index 190621ef580e592e95549d60fc5e0581b65ca3e3..95e988749c10d60bef6cad95421fd5350acbdff4 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -90,6 +90,15 @@ database. The hostname of the MySQL server providing the database. +### HOME_URL + +**Type**: string\ +**Required**: no\ +**Default**: [**SITE_URL**](#site_url) with path components removed + +The URL where visitors should first be directed to when accessing the web site. It defaults +to the root path of [**SITE_URL**](#site_url). + ### LANGUAGES **Type**: array\ @@ -138,6 +147,62 @@ An array of "key=value" strings declaring [PHP directives][]. > arguments preceded by the '-d' flag: > `-d upload_max_filesize=20M -d post_max_size=20M` +### SITE_ADMIN + +**Type**: string\ +**Required**: no\ +**Default**: "admin" + +A user name for the initial administrator account. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_ADMIN_EMAIL + +**Type**: string\ +**Required**: no\ +**Default**: "admin@{DOMAIN}" where *DOMAIN* is extracted from [**SITE_URL**](#site_url) + +An email address for the new administrator account (see [**SITE_ADMIN**](#site_admin)). + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_ADMIN_PASSWORD + +**Type**: string\ +**Required**: no + +A password for the new administrator account (see [**SITE_ADMIN**](#site_admin)). +If left unset a random password will be generated and reported in stderr logging; after +sign-in the user SHOULD then create a new password through the user management interface. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_TITLE + +**Type**: string\ +**Required**: no\ +**Default**: "New Wordpress Site" + +A title for the web site, displayed in various strategic locations. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_URL + +**Type**: string\ +**Required**: yes\ +**Example**: "https://my.example.org/blog" + +The base URL where the Wordpress app is hosted externally. This MUST include at least +a protocol scheme (e.g. "https://") and a host name; it MAY contain a port, when external +access is via a non-standard port; if MAY contain a path component, when the Wordpress app +is not accessed at the root path. + ### STATIC_PATTERNS **Type**: array\ diff --git a/entrypoint.sh b/entrypoint.sh index 3f9ba402a51f3256949b422b329a19011557dbf0..9e8ed2444cc2e09868385852b2966330aa7b50a5 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -8,14 +8,16 @@ # set -eu -o pipefail -shopt -s nullglob globstar +shopt -s nullglob globstar extglob enable -f /usr/lib/bash/head head enable -f /usr/lib/bash/unlink unlink declare -r DEFAULT_THEME=twentynineteen +declare -r WORKER_USER=www-data declare DB_HOST DB_NAME DB_USER DB_PASS +declare HOME_URL SITE_URL declare -a THEMES=( ${THEMES-} ) declare -a PLUGINS=( ${PLUGINS-} ) declare -a LANGUAGES=( ${LANGUAGES-} ) @@ -44,10 +46,6 @@ declare -a WP_CONFIGS=( create_config() { - if [[ -e wp-config.php ]]; then - [[ -v force ]] && unlink wp-config.php || return 0 - fi - local IFS=$'\n' sort -u <<-END_LIST | /usr/share/wordpress/wp-config.php @@ -61,10 +59,27 @@ create_config() --dbuser="${DB_USER? Please set DB_USER in /etc/wordpress/}" \ ${DB_HOST+--dbhost="${DB_HOST}"} \ ${DB_PASS+--dbpass="${DB_PASS}"} + + local site_url=${SITE_URL? Please set SITE_URL} + local site_path=${site_url##*://*([^/])} + local home_url=${HOME_URL:-${site_url%$site_path}} + + wp config set WP_SITEURL "${site_url%/}" + wp config set WP_HOME "${home_url%/}" } setup_database() { - wp core install "$@" + wp core is-installed && return + + local domain=${SITE_URL#*://} + domain=${domain%%[:/]*} + + wp core install \ + --url="${SITE_URL%/}" \ + --title="${SITE_TITLE:-New Wordpress Site}" \ + --admin_user="${SITE_ADMIN:-admin}" \ + --admin_email="${SITE_ADMIN_EMAIL:-admin@$domain}" \ + ${SITE_ADMIN_PASSWORD+--admin_password="${SITE_ADMIN_PASSWORD}"} # Start with a pretty, restful permalink structure, instead of the plain, # ugly default. The user can change this as they please through the admin @@ -73,6 +88,8 @@ setup_database() { } setup_components() { + setup_database + # Update pre-installed components wp core update --minor wp plugin update --all @@ -98,6 +115,13 @@ setup_components() { return 0 } +setup_media() +{ + # UID values change on every run, ensure the owner and group are set + # correctly on ./media + chown -R $WORKER_USER:$WORKER_USER ./media +} + collect_static() { local IFS=, @@ -163,13 +187,12 @@ for directive in "${PHP_DIRECTIVES[@]}"; do done case "$1" in - database-setup) force=yes create_config && setup_database "${@:2}" ;; - install-setup) create_config && setup_components ;; - collect-static) create_config && collect_static ;; + collect-static) create_config && setup_components && collect_static ;; run-cron) create_config && run_cron ;; php-fpm) create_config setup_components + setup_media collect_static run_background_cron exec "$@" "${extra_args[@]}" diff --git a/scripts/install-wp.sh b/scripts/install-wp.sh index 3ccbe50d501849566d3a2e938a65dcdffa8c1f20..bf3a8186ad59dfa88edf07142e78b679c6bad2e4 100755 --- a/scripts/install-wp.sh +++ b/scripts/install-wp.sh @@ -1,8 +1,13 @@ #!/bin/bash set -eux +WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar WP_PASSWORD_HASH=https://raw.githubusercontent.com/Ayesh/WordPress-Password-Hash/1.5.1 +# Install WP-CLI +curl -sSL ${WP_CLI_URL} \ + >/usr/local/lib/wp-cli.phar + # Install Wordpress core wp core download --skip-content --locale=en_GB --version=$1