feat: use official docker images for wp and mariadb

files/inception/srcs/docker-compose.yml

@@ -22,7 +22,7 @@ services:
 
   mariadb :
     container_name : mariadb
-    build : ./mariadb/
+    image: mariadb:latest
     networks :
       - inception
     restart: always
@@ -31,32 +31,48 @@ services:
     env_file:
       - .env
     environment :
-      - DB_USER=${DB_USER:-wp}
-      - DB_PWD=${DB_PWD:-password123}
-      - DB_ROOT_PWD=${DB_ROOT_PWD:-rootpassword}
+      - MARIADB_DATABASE=wp-db
+      - MARIADB_USER=${MARIADB_USER:-wp}
+      - MARIADB_PASSWORD=${MARIADB_PASSWORD:-password123}
+      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD:-rootpassword}
 
   wordpress :
     container_name: wordpress
-    build : ./wordpress/
+    image: wordpress:latest
     networks :
       - inception
-    hostname : wordpress
     depends_on :
       - mariadb
     restart: always
     volumes :
-      - site_data:/var/www/wordpress
+      - site_data:/var/www/html
     env_file:
       - .env
     environment :
-      - DB_USER=${DB_USER:-wp}
-      - DB_PWD=${DB_PWD:-password123}
-      - WP_USER=${WP_USER:-rralambo}
-      - WP_PWD=${WP_PWD:-password123}
-      - WP_EMAIL=${WP_EMAIL:-email@email.com}
-      - WP_ADMIN=${WP_ADMIN:-obama}
-      - WP_ADMIN_PWD=${WP_ADMIN_PWD:-thepresidentpassword}
-      - WP_ADMIN_EMAIL=${WP_ADMIN_EMAIL:-obama@obamail.com}
+      - WORDPRESS_DB_HOST=mariadb
+      - WORDPRESS_DB_USER=${MARIADB_USER:-wp}
+      - WORDPRESS_DB_PASSWORD=${MARIADB_PASSWORD:-password123}
+      - WORDPRESS_DB_NAME=wp-db
+
+  wp-cli:
+    container_name: wp-cli
+    image: wordpress:cli
+    networks :
+      - inception
+    env_file:
+      - .env
+    environment :
+      - WORDPRESS_DB_HOST=mariadb
+      - WORDPRESS_DB_USER=${MARIADB_USER:-wp}
+      - WORDPRESS_DB_PASSWORD=${MARIADB_PASSWORD:-password123}
+      - WORDPRESS_DB_NAME=wp-db
+    volumes:
+      - site_data:/var/www/html
+    depends_on:
+      - wordpress
+    working_dir: /var/www/html
+    command: > 
+      /bin/sh -c 'sleep 10; wp core install --url=https://$APP_DOMAIN --title="Le Noctambule" --admin_name=$WP_ADMIN --admin_password=$WP_ADMIN_PWD --admin_email=$WP_ADMIN_EMAIL; wp user create $WP_USER $WP_EMAIL --user_pass=$WP_PWD --role=author'
 
   nginx:
     container_name: nginx

files/inception/srcs/mariadb/Dockerfile

@@ -1,12 +0,0 @@
-FROM    debian:bullseye
-
-RUN     apt update -y && apt upgrade -y
-RUN     apt install mariadb-common mariadb-server mariadb-client -y
-ADD     ./conf/config.cnf    /etc/mysql/my.cnf
-RUN     mkdir /var/run/mysqld
-RUN     chmod 777 /var/run/mysqld
-
-ADD         ./entrypoint.sh /entrypoint.sh
-RUN         chmod +x /entrypoint.sh
-EXPOSE      3306
-ENTRYPOINT  /entrypoint.sh

files/inception/srcs/mariadb/conf/config.cnf

@@ -1,192 +0,0 @@
-# MariaDB database server configuration file.
-#
-# You can copy this file to one of:
-# - "/etc/mysql/my.cnf" to set global options,
-# - "~/.my.cnf" to set user-specific options.
-# 
-# One can use all long options that the program supports.
-# Run program with --help to get a list of available options and with
-# --print-defaults to see which it would actually understand and use.
-#
-# For explanations see
-# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
-
-# This will be passed to all mysql clients
-# It has been reported that passwords should be enclosed with ticks/quotes
-# escpecially if they contain "#" chars...
-# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
-[client]
-port		= 3306
-socket		= /var/run/mysqld/mysqld.sock
-
-# Here is entries for some specific programs
-# The following values assume you have at least 32M ram
-
-# This was formally known as [safe_mysqld]. Both versions are currently parsed.
-[mysqld_safe]
-socket		= /var/run/mysqld/mysqld.sock
-nice		= 0
-
-[mysqld]
-#
-# * Basic Settings
-#
-user		= mysql
-pid-file	= /var/run/mysqld/mysqld.pid
-socket		= /var/run/mysqld/mysqld.sock
-
-port		= 3306
-basedir		= /usr
-datadir		= /var/lib/mysql
-log-error   = /var/log/mysql/error.err
-tmpdir		= /tmp
-lc_messages_dir	= /usr/share/mysql
-lc_messages	= en_US
-skip-external-locking
-#
-# Instead of skip-networking the default is now to listen only on
-# localhost which is more compatible and is not less secure.
-bind-address		= 0.0.0.0
-#
-# * Fine Tuning
-#
-max_connections		= 100
-connect_timeout		= 5
-wait_timeout		= 600
-max_allowed_packet	= 16M
-thread_cache_size       = 128
-sort_buffer_size	= 4M
-bulk_insert_buffer_size	= 16M
-tmp_table_size		= 32M
-max_heap_table_size	= 32M
-#
-# * MyISAM
-#
-# This replaces the startup script and checks MyISAM tables if needed
-# the first time they are touched. On error, make copy and try a repair.
-myisam_recover_options = BACKUP
-key_buffer_size		= 128M
-#open-files-limit	= 2000
-table_open_cache	= 400
-myisam_sort_buffer_size	= 512M
-concurrent_insert	= 2
-read_buffer_size	= 2M
-read_rnd_buffer_size	= 1M
-#
-# * Query Cache Configuration
-#
-# Cache only tiny result sets, so we can fit more in the query cache.
-query_cache_limit		= 128K
-query_cache_size		= 64M
-# for more write intensive setups, set to DEMAND or OFF
-#query_cache_type		= DEMAND
-#
-# * Logging and Replication
-#
-# Both location gets rotated by the cronjob.
-# Be aware that this log type is a performance killer.
-# As of 5.1 you can enable the log at runtime!
-#general_log_file        = /var/log/mysql/mysql.log
-#general_log             = 1
-#
-# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
-#
-# we do want to know about network errors and such
-log_warnings		= 2
-#
-# Enable the slow query log to see queries with especially long duration
-#slow_query_log[={0|1}]
-slow_query_log_file	= /var/log/mysql/mariadb-slow.log
-long_query_time = 10
-#log_slow_rate_limit	= 1000
-log_slow_verbosity	= query_plan
-
-#log-queries-not-using-indexes
-#log_slow_admin_statements
-#
-# The following can be used as easy to replay backup logs or for replication.
-# note: if you are setting up a replication slave, see README.Debian about
-#       other settings you may need to change.
-#server-id		= 1
-#report_host		= master1
-#auto_increment_increment = 2
-#auto_increment_offset	= 1
-log_bin			= /var/log/mysql/mariadb-bin
-log_bin_index		= /var/log/mysql/mariadb-bin.index
-# not fab for performance, but safer
-#sync_binlog		= 1
-expire_logs_days	= 10
-max_binlog_size         = 100M
-# slaves
-#relay_log		= /var/log/mysql/relay-bin
-#relay_log_index	= /var/log/mysql/relay-bin.index
-#relay_log_info_file	= /var/log/mysql/relay-bin.info
-#log_slave_updates
-#read_only
-#
-# If applications support it, this stricter sql_mode prevents some
-# mistakes like inserting invalid dates etc.
-#sql_mode		= NO_ENGINE_SUBSTITUTION,TRADITIONAL
-#
-# * InnoDB
-#
-# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
-# Read the manual for more InnoDB related options. There are many!
-default_storage_engine	= InnoDB
-# you can't just change log file size, requires special procedure
-#innodb_log_file_size	= 50M
-innodb_buffer_pool_size	= 256M
-innodb_log_buffer_size	= 8M
-innodb_file_per_table	= 1
-innodb_open_files	= 400
-innodb_io_capacity	= 400
-innodb_flush_method	= O_DIRECT
-#
-# * Security Features
-#
-# Read the manual, too, if you want chroot!
-# chroot = /var/lib/mysql/
-#
-# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
-#
-# ssl-ca=/etc/mysql/cacert.pem
-# ssl-cert=/etc/mysql/server-cert.pem
-# ssl-key=/etc/mysql/server-key.pem
-
-#
-# * Galera-related settings
-#
-[galera]
-# Mandatory settings
-#wsrep_on=ON
-#wsrep_provider=
-#wsrep_cluster_address=
-#binlog_format=row
-#default_storage_engine=InnoDB
-#innodb_autoinc_lock_mode=2
-#
-# Allow server to accept connections on all interfaces.
-#
-#bind-address=0.0.0.0
-#
-# Optional setting
-#wsrep_slave_threads=1
-#innodb_flush_log_at_trx_commit=0
-
-[mysqldump]
-quick
-quote-names
-max_allowed_packet	= 16M
-
-[mysql]
-#no-auto-rehash	# faster start of mysql but no tab completion
-
-[isamchk]
-key_buffer		= 16M
-
-#
-# * IMPORTANT: Additional settings that can override those from this file!
-#   The files must end with '.cnf', otherwise they'll be ignored.
-#
-#!include /etc/mysql/mariadb.cnf
-#!includedir /etc/mysql/conf.d/

files/inception/srcs/mariadb/entrypoint.sh

@@ -1,13 +0,0 @@
-#!/bin/bash
-echo "[Starting Mariadb]"
-service mariadb start
-echo "[Initialising database for Wordpress]"
-echo "CREATE DATABASE wp_db; \
-               CREATE USER \"$DB_USER\"@\"%\"; \
-               SET password FOR \"$DB_USER\"@\"%\" = password(\"$DB_PWD\"); \
-               ALTER USER \"root\"@\"localhost\" IDENTIFIED BY \"$DB_ROOT_PWD\"; \
-               GRANT ALL PRIVILEGES ON wp_db.* TO \"$DB_USER\"@\"%\" IDENTIFIED BY \"$DB_PWD\"; \
-               FLUSH PRIVILEGES" | mysql
-service mariadb stop
-echo "[Starting checks on mariadb]"
-mysqld --bind-address=0.0.0.0

files/inception/srcs/nginx/secure/default.conf.template

@@ -27,13 +27,13 @@ server {
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
-    location ~ \.php$ {
-        try_files $uri =404;
-        fastcgi_split_path_info  ^(.+\.php)(/.+)$;
-        fastcgi_index            index.php;
-        fastcgi_pass             wordpress:9000;
-        include                  fastcgi_params;
-        fastcgi_param   PATH_INFO       $fastcgi_path_info;
-        fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    location / {
+        proxy_pass         http://wordpress;
+        proxy_redirect     off;
+        proxy_set_header   Host $host;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Host $server_name;
+        proxy_set_header   X-Forwarded-Proto $scheme;
     }
 }

files/inception/srcs/wordpress/Dockerfile

@@ -1,15 +0,0 @@
-FROM    debian:bullseye
-
-RUN     apt update -y && apt upgrade -y
-RUN     apt install curl wget php-cli php-mysql php-curl php-gd php-intl php-fpm -y
-
-RUN     wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
-            && mv wp-cli.phar /usr/bin/wp \
-            && chmod +x /usr/bin/wp
-RUN     mkdir -p /var/www/wordpress
-
-ADD         ./conf/wordpress.conf /wordpress.conf
-ADD         ./entrypoint.sh /entrypoint.sh
-RUN         chmod +x /entrypoint.sh
-EXPOSE      9000
-ENTRYPOINT  /entrypoint.sh

files/inception/srcs/wordpress/conf/wordpress.conf

@@ -1,19 +0,0 @@
-[www]
-
-user = www-data
-group = www-data
-
-listen = 9000
-
-listen.owner = www-data
-listen.group = www-data
-
-pm = dynamic
-
-pm.max_children = 5
-
-pm.start_servers = 2
-
-pm.min_spare_servers = 1
-
-pm.max_spare_servers = 3

files/inception/srcs/wordpress/entrypoint.sh

@@ -1,32 +0,0 @@
-#!/bin/bash
-
-function gen_wpconfig()
-{
-    echo "<?php define( 'DB_NAME', 'wp_db' );" >> wp-config.php
-    echo "define( 'DB_USER', '$DB_USER' );" >> wp-config.php
-    echo "define( 'DB_PASSWORD', '$DB_PWD' );" >> wp-config.php
-    echo "define( 'DB_HOST', 'mariadb' );" >> wp-config.php
-    echo "define( 'DB_CHARSET', 'utf8' );" >> wp-config.php
-    echo "define( 'DB_COLLATE', '' );" >> wp-config.php
-    echo "define( 'WP_DEBUG', false );" >> wp-config.php
-    echo '$table_prefix = '"'wp_'"';' >> wp-config.php
-    curl https://api.wordpress.org/secret-key/1.1/salt/ >> wp-config.php
-    echo "if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); }" >> wp-config.php
-    echo "require_once ABSPATH . 'wp-settings.php';" >> wp-config.php
-}
-
-cd /var/www/wordpress
-wp core download --allow-root
-if [ ! -f wp-config.php ]; then
-    gen_wpconfig
-fi
-wp core install --url="https://rralambo.42.fr" \
-                --title="Le Noctambule Co." \
-                --admin_email=$WP_ADMIN_EMAIL \
-                --admin_user=$WP_ADMIN \
-                --admin_password=$WP_ADMIN_PWD \
-                --allow-root
-wp user create $WP_USER $WP_EMAIL --user_pass=$WP_PWD --role=author --allow-root
-
-echo '[Starting PHP-FPM]'
-php-fpm7.4 -F -y /wordpress.conf

templates/.env.j2

@@ -1,6 +1,6 @@
-DB_USER={{DB_USER}}
-DB_PWD={{DB_PWD}}
-DB_ROOT_PWD={{DB_ROOT_PWD}}
+MARIADB_USER={{MARIADB_USER}}
+MARIADB_PASSWORD={{MARIADB_PASSWORD}}
+MARIADB_ROOT_PASSWORD={{MARIADB_ROOT_PASSWORD}}
 WP_USER={{WP_USER}}
 WP_PWD={{WP_PWD}}
 WP_EMAIL={{WP_EMAIL}}

vars.yml

@@ -6,9 +6,9 @@ dest_dir: /var/app/
 cert_path: "{{ dest_dir }}/srcs/nginx/certbot/conf/live/{{ cert_domain }}"
 
 
-DB_USER: wp
-DB_PWD: password123
-DB_ROOT_PWD: rootpassword
+MARIADB_USER: wp
+MARIADB_PASSWORD: password123
+MARIADB_ROOT_PASSWORD: rootpassword
 WP_USER: rralambo
 WP_PWD: password123
 WP_EMAIL: email@email.com