From 512956d3890ebf41142cb2e44df37526eaef8144 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Thu, 14 Nov 2019 01:52:11 +0000 Subject: [PATCH 01/15] Ensure components installed before collecting static files --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 3f9ba40..bc5fb4f 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -165,7 +165,7 @@ done case "$1" in database-setup) force=yes create_config && setup_database "${@:2}" ;; install-setup) create_config && setup_components ;; - collect-static) create_config && collect_static ;; + collect-static) create_config && setup_components && collect_static ;; run-cron) create_config && run_cron ;; php-fpm) create_config -- GitLab From d033f081a76543c8cf8eebc0fce2f6a4b7b0f56f Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Thu, 14 Nov 2019 17:50:28 +0000 Subject: [PATCH 02/15] Fix build stage caching when scripts are changed --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 40d7432..996b6fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,10 +7,10 @@ COPY nginx.conf /etc/nginx/conf.d/default.conf FROM php:7.3-fpm-alpine as deps -RUN --mount=type=bind,source=scripts,target=/scripts /scripts/install-deps.sh +RUN --mount=type=bind,source=scripts/install-deps.sh,target=/stage /stage FROM deps as compile -RUN --mount=type=bind,source=scripts,target=/scripts /scripts/compile.sh +RUN --mount=type=bind,source=scripts/compile.sh,target=/stage /stage FROM deps @@ -25,8 +25,8 @@ ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \ COPY wp.sh /usr/local/bin/wp COPY --from=compile /usr/local/etc/php /usr/local/etc/php COPY --from=compile /usr/local/lib/php /usr/local/lib/php -RUN --mount=type=bind,source=scripts,target=/scripts \ - /scripts/install-wp.sh ${wp_version} +RUN --mount=type=bind,source=scripts/install-wp.sh,target=/stage \ + /stage ${wp_version} COPY opcache.ini /usr/local/etc/php/conf.d/opcache-recommended.ini COPY wp-config.php /usr/share/wordpress/wp-config.php -- GitLab From fd3601b2ca80f00cb5f14fbf4b678e19e3feabe0 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Thu, 14 Nov 2019 17:51:50 +0000 Subject: [PATCH 03/15] Move WP-CLI install to scripts/install-wp.sh --- Dockerfile | 2 -- scripts/install-wp.sh | 4 ++++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 996b6fe..0c793b3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,8 +20,6 @@ ARG wp_version=latest WORKDIR /app ENV WORDPRESS_ROOT=/app -ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \ - /usr/local/lib/wp-cli.phar COPY wp.sh /usr/local/bin/wp COPY --from=compile /usr/local/etc/php /usr/local/etc/php COPY --from=compile /usr/local/lib/php /usr/local/lib/php diff --git a/scripts/install-wp.sh b/scripts/install-wp.sh index 3ccbe50..2342a80 100755 --- a/scripts/install-wp.sh +++ b/scripts/install-wp.sh @@ -3,6 +3,10 @@ set -eux WP_PASSWORD_HASH=https://raw.githubusercontent.com/Ayesh/WordPress-Password-Hash/1.5.1 +# Install WP-CLI +curl -sSL ${WP_CLI_URL} \ + >/usr/local/lib/wp-cli.phar + # Install Wordpress core wp core download --skip-content --locale=en_GB --version=$1 -- GitLab From 78471e001cb9b0cf21aa7ba7482d09ba7d808e0c Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Thu, 14 Nov 2019 17:58:29 +0000 Subject: [PATCH 04/15] Change database configuration in entrypoint --- entrypoint.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index bc5fb4f..8b4cc25 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -45,7 +45,7 @@ declare -a WP_CONFIGS=( create_config() { if [[ -e wp-config.php ]]; then - [[ -v force ]] && unlink wp-config.php || return 0 + [[ -v FORCE_CONFIGURE ]] && unlink wp-config.php || return 0 fi local IFS=$'\n' @@ -61,10 +61,20 @@ create_config() --dbuser="${DB_USER? Please set DB_USER in /etc/wordpress/}" \ ${DB_HOST+--dbhost="${DB_HOST}"} \ ${DB_PASS+--dbpass="${DB_PASS}"} + + wp config set WP_SITEURL "${SCHEME:=https}://${SITE_DOMAIN? Please set SITE_DOMAIN in /etc/wordpress/}" + wp config set WP_HOME "${SCHEME}://$SITE_DOMAIN" } setup_database() { - wp core install "$@" + wp core is-installed && return + + wp core install \ + --url=${SCHEME}://$SITE_DOMAIN \ + --title="${SITE_TITLE:-New Wordpress Site}" \ + --admin_user="${SITE_ADMIN:-admin}" \ + --admin_email="${SITE_ADMIN_EMAIL:-admin@$SITE_DOMAIN}" \ + ${SITE_ADMIN_PASSWORD+--admin_password="${SITE_ADMIN_PASSWORD}"} # Start with a pretty, restful permalink structure, instead of the plain, # ugly default. The user can change this as they please through the admin @@ -73,6 +83,8 @@ setup_database() { } setup_components() { + setup_database + # Update pre-installed components wp core update --minor wp plugin update --all @@ -163,7 +175,7 @@ for directive in "${PHP_DIRECTIVES[@]}"; do done case "$1" in - database-setup) force=yes create_config && setup_database "${@:2}" ;; + database-setup) FORCE_CONFIGURE=yes create_config && setup_database ;; install-setup) create_config && setup_components ;; collect-static) create_config && setup_components && collect_static ;; run-cron) create_config && run_cron ;; -- GitLab From 9b9f1c771f3b5d072f76dad47845f625dff27049 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Mon, 17 Feb 2020 21:53:07 +0000 Subject: [PATCH 05/15] Fix missing URL constant in build script --- scripts/install-wp.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/install-wp.sh b/scripts/install-wp.sh index 2342a80..bf3a818 100755 --- a/scripts/install-wp.sh +++ b/scripts/install-wp.sh @@ -1,6 +1,7 @@ #!/bin/bash set -eux +WP_CLI_URL=https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar WP_PASSWORD_HASH=https://raw.githubusercontent.com/Ayesh/WordPress-Password-Hash/1.5.1 # Install WP-CLI -- GitLab From 2e938fe34fb0729a593db3a10a71a8d046c466b0 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Mon, 17 Feb 2020 21:53:41 +0000 Subject: [PATCH 06/15] Add UID+GID correction on /app/media to entrypoint --- entrypoint.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 8b4cc25..414d341 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -14,6 +14,7 @@ enable -f /usr/lib/bash/head head enable -f /usr/lib/bash/unlink unlink declare -r DEFAULT_THEME=twentynineteen +declare -r WORKER_USER=www-data declare DB_HOST DB_NAME DB_USER DB_PASS declare -a THEMES=( ${THEMES-} ) @@ -110,6 +111,13 @@ setup_components() { return 0 } +setup_media() +{ + # UID values change on every run, ensure the owner and group are set + # correctly on ./media + chown -R $WORKER_USER:$WORKER_USER ./media +} + collect_static() { local IFS=, @@ -182,6 +190,7 @@ case "$1" in php-fpm) create_config setup_components + setup_media collect_static run_background_cron exec "$@" "${extra_args[@]}" -- GitLab From 1cc80f11d190211326de166fdba378ea4c50cb03 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Mon, 17 Feb 2020 23:18:23 +0000 Subject: [PATCH 07/15] Replace SCHEME & SITE_DOMAIN with SITE_URL & HOME_URL --- doc/configuration.md | 20 ++++++++++++++++++++ entrypoint.sh | 11 ++++++++--- 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/doc/configuration.md b/doc/configuration.md index 190621e..131a4bb 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -90,6 +90,15 @@ database. The hostname of the MySQL server providing the database. +### HOME_URL + +**Type**: string\ +**Required**: no\ +**Default**: [**SITE_URL**](#SITE_URL) with path components removed + +The URL where visitors should first be directed to when accessing the web site. It defaults +to the root path of [**SITE_URL**](#SITE_URL). + ### LANGUAGES **Type**: array\ @@ -138,6 +147,17 @@ An array of "key=value" strings declaring [PHP directives][]. > arguments preceded by the '-d' flag: > `-d upload_max_filesize=20M -d post_max_size=20M` +### SITE_URL + +**Type**: string\ +**Required**: yes\ +**Example**: "https://my.example.org/blog" + +The base URL where the Wordpress app is hosted externally. This MUST include at least +a protocol scheme (e.g. "https://") and a host name; it MAY contain a port, when external +access is via a non-standard port; if MAY contain a path component, when the Wordpress app +is not accessed at the root path. + ### STATIC_PATTERNS **Type**: array\ diff --git a/entrypoint.sh b/entrypoint.sh index 414d341..4082449 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -17,6 +17,7 @@ declare -r DEFAULT_THEME=twentynineteen declare -r WORKER_USER=www-data declare DB_HOST DB_NAME DB_USER DB_PASS +declare HOME_URL SITE_URL declare -a THEMES=( ${THEMES-} ) declare -a PLUGINS=( ${PLUGINS-} ) declare -a LANGUAGES=( ${LANGUAGES-} ) @@ -63,15 +64,19 @@ create_config() ${DB_HOST+--dbhost="${DB_HOST}"} \ ${DB_PASS+--dbpass="${DB_PASS}"} - wp config set WP_SITEURL "${SCHEME:=https}://${SITE_DOMAIN? Please set SITE_DOMAIN in /etc/wordpress/}" - wp config set WP_HOME "${SCHEME}://$SITE_DOMAIN" + local site_url=${SITE_URL? Please set SITE_URL} + local site_path=${site_url#*://*/} + local home_url=${HOME_URL:-${site_url%$site_path}} + + wp config set WP_SITEURL "${site_url%/}" + wp config set WP_HOME "${home_url%/}" } setup_database() { wp core is-installed && return wp core install \ - --url=${SCHEME}://$SITE_DOMAIN \ + --url="${SITE_URL%/}" \ --title="${SITE_TITLE:-New Wordpress Site}" \ --admin_user="${SITE_ADMIN:-admin}" \ --admin_email="${SITE_ADMIN_EMAIL:-admin@$SITE_DOMAIN}" \ -- GitLab From 445a3645c54f05f0f1a86a955976f2f40289427c Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 01:10:32 +0000 Subject: [PATCH 08/15] Fix HOME_URL default when SITE_URL has no trailing slash --- entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 4082449..513b9da 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -8,7 +8,7 @@ # set -eu -o pipefail -shopt -s nullglob globstar +shopt -s nullglob globstar extglob enable -f /usr/lib/bash/head head enable -f /usr/lib/bash/unlink unlink @@ -65,7 +65,7 @@ create_config() ${DB_PASS+--dbpass="${DB_PASS}"} local site_url=${SITE_URL? Please set SITE_URL} - local site_path=${site_url#*://*/} + local site_path=${site_url##*://*([^/])} local home_url=${HOME_URL:-${site_url%$site_path}} wp config set WP_SITEURL "${site_url%/}" -- GitLab From 22add8dfecf0dd554b82d1b1823d1236191f111c Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 02:36:29 +0000 Subject: [PATCH 09/15] Always rebuild *wp-config.php* --- entrypoint.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 513b9da..eaf4ead 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -46,10 +46,6 @@ declare -a WP_CONFIGS=( create_config() { - if [[ -e wp-config.php ]]; then - [[ -v FORCE_CONFIGURE ]] && unlink wp-config.php || return 0 - fi - local IFS=$'\n' sort -u <<-END_LIST | /usr/share/wordpress/wp-config.php @@ -188,7 +184,7 @@ for directive in "${PHP_DIRECTIVES[@]}"; do done case "$1" in - database-setup) FORCE_CONFIGURE=yes create_config && setup_database ;; + database-setup) create_config && setup_database ;; install-setup) create_config && setup_components ;; collect-static) create_config && setup_components && collect_static ;; run-cron) create_config && run_cron ;; -- GitLab From 11f6910debbec859d4830a988a80e19e732b70da Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 02:44:30 +0000 Subject: [PATCH 10/15] Remove legacy *-setup commands from entrypoint.sh --- entrypoint.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index eaf4ead..d033e70 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -184,8 +184,6 @@ for directive in "${PHP_DIRECTIVES[@]}"; do done case "$1" in - database-setup) create_config && setup_database ;; - install-setup) create_config && setup_components ;; collect-static) create_config && setup_components && collect_static ;; run-cron) create_config && run_cron ;; php-fpm) -- GitLab From 196b47bb5970023935641892e368896037fea167 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 02:56:55 +0000 Subject: [PATCH 11/15] Add documentation for first-time setup SITE_ configs --- doc/configuration.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/doc/configuration.md b/doc/configuration.md index 131a4bb..d5413de 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -147,6 +147,50 @@ An array of "key=value" strings declaring [PHP directives][]. > arguments preceded by the '-d' flag: > `-d upload_max_filesize=20M -d post_max_size=20M` +### SITE_ADMIN + +**Type**: string\ +**Required**: no\ +**Default**: "admin" + +A user name for the initial administrator account. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_ADMIN_EMAIL + +**Type**: string\ +**Required**: no\ +**Default**: "admin@{DOMAIN}" where *DOMAIN* is extracted from [**SITE_URL**](#SITE_URL) + +An email address for the new administrator account (see [**SITE_ADMIN**](#SITE_ADMIN)). + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_ADMIN_PASSWORD + +**Type**: string\ +**Required**: no + +A password for the new administrator account (see [**SITE_ADMIN**](#SITE_ADMIN)). +If left unset a new password will be prompted for when first accessing the admin interface. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + +### SITE_TITLE + +**Type**: string\ +**Required**: no\ +**Default**: "New Wordpress Site" + +A title for the web site, displayed in various strategic locations. + +> **Note:** This is only used for first-run setup; it can be changed from the admin +> interface. + ### SITE_URL **Type**: string\ -- GitLab From 390a557bc5ff248bbdfd29d1d7e8f9a40afc6c6a Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 03:02:41 +0000 Subject: [PATCH 12/15] Get SITE_ADMIN_EMAIL default's domain from SITE_URL --- entrypoint.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index d033e70..9e8ed24 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -71,11 +71,14 @@ create_config() setup_database() { wp core is-installed && return + local domain=${SITE_URL#*://} + domain=${domain%%[:/]*} + wp core install \ --url="${SITE_URL%/}" \ --title="${SITE_TITLE:-New Wordpress Site}" \ --admin_user="${SITE_ADMIN:-admin}" \ - --admin_email="${SITE_ADMIN_EMAIL:-admin@$SITE_DOMAIN}" \ + --admin_email="${SITE_ADMIN_EMAIL:-admin@$domain}" \ ${SITE_ADMIN_PASSWORD+--admin_password="${SITE_ADMIN_PASSWORD}"} # Start with a pretty, restful permalink structure, instead of the plain, -- GitLab From 65c64f25511e69d60ddf77fce0f990abc52fb7bd Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 03:08:05 +0000 Subject: [PATCH 13/15] Fix anchor links in doc/configuration.md --- doc/configuration.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/configuration.md b/doc/configuration.md index d5413de..867d8c7 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -94,10 +94,10 @@ The hostname of the MySQL server providing the database. **Type**: string\ **Required**: no\ -**Default**: [**SITE_URL**](#SITE_URL) with path components removed +**Default**: [**SITE_URL**](#site_url) with path components removed The URL where visitors should first be directed to when accessing the web site. It defaults -to the root path of [**SITE_URL**](#SITE_URL). +to the root path of [**SITE_URL**](#site_url). ### LANGUAGES @@ -162,9 +162,9 @@ A user name for the initial administrator account. **Type**: string\ **Required**: no\ -**Default**: "admin@{DOMAIN}" where *DOMAIN* is extracted from [**SITE_URL**](#SITE_URL) +**Default**: "admin@{DOMAIN}" where *DOMAIN* is extracted from [**SITE_URL**](#site_url) -An email address for the new administrator account (see [**SITE_ADMIN**](#SITE_ADMIN)). +An email address for the new administrator account (see [**SITE_ADMIN**](#site_admin)). > **Note:** This is only used for first-run setup; it can be changed from the admin > interface. @@ -174,7 +174,7 @@ An email address for the new administrator account (see [**SITE_ADMIN**](#SITE_A **Type**: string\ **Required**: no -A password for the new administrator account (see [**SITE_ADMIN**](#SITE_ADMIN)). +A password for the new administrator account (see [**SITE_ADMIN**](#site_admin)). If left unset a new password will be prompted for when first accessing the admin interface. > **Note:** This is only used for first-run setup; it can be changed from the admin -- GitLab From 8cfeb619300622fcb7b084bc431d127ea52687fd Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 09:20:31 +0000 Subject: [PATCH 14/15] Correct an assumption in configuration docs --- doc/configuration.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/configuration.md b/doc/configuration.md index 867d8c7..95e9887 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -175,7 +175,8 @@ An email address for the new administrator account (see [**SITE_ADMIN**](#site_a **Required**: no A password for the new administrator account (see [**SITE_ADMIN**](#site_admin)). -If left unset a new password will be prompted for when first accessing the admin interface. +If left unset a random password will be generated and reported in stderr logging; after +sign-in the user SHOULD then create a new password through the user management interface. > **Note:** This is only used for first-run setup; it can be changed from the admin > interface. -- GitLab From 8f3ba7c4f37763d311c0ba5006879ccaa6a7bcf5 Mon Sep 17 00:00:00 2001 From: Dom Sekotill Date: Tue, 18 Feb 2020 09:31:32 +0000 Subject: [PATCH 15/15] Use only:changes to suppress unnecessary builds --- .gitlab-ci.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b4fefbc..9b8fb57 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,6 +16,15 @@ before_script: .build: &build stage: build + only: &build-only + changes: + - Dockerfile + - entrypoint.sh + - nginx.conf + - opcache.ini + - scripts/* + - wp-config.php + - wp.sh script: - docker build . --pull=true @@ -35,7 +44,9 @@ build-nginx: .push-tags: &push-tags stage: deploy - only: [master, develop] + only: + <<: *build-only + refs: [master, develop] script: | BUILD_REPO=${CI_REGISTRY_IMAGE}/${CI_JOB_NAME#push-}/build:${CI_PIPELINE_ID} DEPLOY_REPO=${CI_REGISTRY_IMAGE}/${CI_JOB_NAME#push-} -- GitLab