From f8a48ee181a63dac5b30ec77256041a1b0dc9404 Mon Sep 17 00:00:00 2001 From: Lenoctambule <106790775+lenoctambule@users.noreply.github.com> Date: Thu, 2 Apr 2026 12:04:23 +0200 Subject: [PATCH] feat: add app files --- Vagrantfile | 2 + files/inception/.gitignore | 1 + files/inception/Makefile | 32 +++ files/inception/srcs/docker-compose.yml | 74 +++++++ files/inception/srcs/mariadb/Dockerfile | 12 ++ files/inception/srcs/mariadb/conf/config.cnf | 192 ++++++++++++++++++ files/inception/srcs/mariadb/entrypoint.sh | 13 ++ files/inception/srcs/nginx/Dockerfile | 14 ++ files/inception/srcs/nginx/conf/nginx.conf | 84 ++++++++ .../inception/srcs/nginx/conf/wordpress.conf | 34 ++++ files/inception/srcs/wordpress/Dockerfile | 15 ++ .../srcs/wordpress/conf/wordpress.conf | 19 ++ files/inception/srcs/wordpress/entrypoint.sh | 32 +++ 13 files changed, 524 insertions(+) create mode 100644 files/inception/.gitignore create mode 100644 files/inception/Makefile create mode 100644 files/inception/srcs/docker-compose.yml create mode 100644 files/inception/srcs/mariadb/Dockerfile create mode 100644 files/inception/srcs/mariadb/conf/config.cnf create mode 100644 files/inception/srcs/mariadb/entrypoint.sh create mode 100644 files/inception/srcs/nginx/Dockerfile create mode 100644 files/inception/srcs/nginx/conf/nginx.conf create mode 100644 files/inception/srcs/nginx/conf/wordpress.conf create mode 100644 files/inception/srcs/wordpress/Dockerfile create mode 100644 files/inception/srcs/wordpress/conf/wordpress.conf create mode 100644 files/inception/srcs/wordpress/entrypoint.sh diff --git a/Vagrantfile b/Vagrantfile index 3546e0e..e3b569c 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,5 +1,7 @@ Vagrant.configure("2") do |config| config.vm.box = "bento/ubuntu-24.04" + config.vm.network "forwarded_port", guest: 80, host: 8080 + config.vm.network "forwarded_port", guest: 443, host: 4443 config.vm.provision "shell" do |s| ssh_pub_key = File.readlines("/home/rralambo/.ssh/id_rsa.pub").first.strip s.inline = <<-SHELL diff --git a/files/inception/.gitignore b/files/inception/.gitignore new file mode 100644 index 0000000..4c49bd7 --- /dev/null +++ b/files/inception/.gitignore @@ -0,0 +1 @@ +.env diff --git a/files/inception/Makefile b/files/inception/Makefile new file mode 100644 index 0000000..938f594 --- /dev/null +++ b/files/inception/Makefile @@ -0,0 +1,32 @@ +CMPS = -f ./srcs/docker-compose.yml +DATA_DIR = /data + + +all: run + +${DATA_DIR}: + @mkdir -p ${DATA_DIR}/db_data + @mkdir -p ${DATA_DIR}/site_data + +check_env: + @if [ ! -f ./srcs/.env ]; then \ + echo "[\e[0;31mERROR\e[0m] No .env file provided. Unset credentials will be set to default" ; \ + exit 1; \ + fi + +run : build + @docker compose $(CMPS) up -d -y + +build : check_env ${DATA_DIR} + @docker compose $(CMPS) build + +stop : check_env + @docker compose $(CMPS) down + +fclean : check_env + @docker compose $(CMPS) down + @sudo rm -rf ${DATA_DIR} + +re : fclean all + +.PHONY: all re stop run fclean diff --git a/files/inception/srcs/docker-compose.yml b/files/inception/srcs/docker-compose.yml new file mode 100644 index 0000000..7950376 --- /dev/null +++ b/files/inception/srcs/docker-compose.yml @@ -0,0 +1,74 @@ +networks: + inception: + name: inception + +volumes: + db_data: + name: db_data + driver: local + driver_opts: + type: 'none' + o: 'bind' + device: '/data/db_data' + site_data: + name: site_data + driver: local + driver_opts: + type: 'none' + o: 'bind' + device: '/data/site_data' + +services: + + mariadb : + container_name : mariadb + build : ./mariadb/ + networks : + - inception + restart: always + volumes : + - db_data:/var/lib/mysql + env_file: + - .env + environment : + - DB_USER=${DB_USER:-wp} + - DB_PWD=${DB_PWD:-password123} + - DB_ROOT_PWD=${DB_ROOT_PWD:-rootpassword} + + wordpress : + container_name : wordpress + build : ./wordpress/ + networks : + - inception + hostname : wordpress + depends_on : + - mariadb + restart: always + volumes : + - site_data:/var/www/wordpress + env_file: + - .env + environment : + - DB_USER=${DB_USER:-wp} + - DB_PWD=${DB_PWD:-password123} + - WP_USER=${WP_USER:-rralambo} + - WP_PWD=${WP_PWD:-password123} + - WP_EMAIL=${WP_EMAIL:-email@email.com} + - WP_ADMIN=${WP_ADMIN:-obama} + - WP_ADMIN_PWD=${WP_ADMIN_PWD:-thepresidentpassword} + - WP_ADMIN_EMAIL=${WP_ADMIN_EMAIL:-obama@obamail.com} + + nginx: + container_name : nginx + build : ./nginx/ + ports : + - 0.0.0.0:443:443 + - 0.0.0.0:80:80 + networks : + - inception + depends_on : + - wordpress + restart: always + volumes : + - site_data:/var/www/wordpress + - ./certs/:/certs/ diff --git a/files/inception/srcs/mariadb/Dockerfile b/files/inception/srcs/mariadb/Dockerfile new file mode 100644 index 0000000..7ee76e7 --- /dev/null +++ b/files/inception/srcs/mariadb/Dockerfile @@ -0,0 +1,12 @@ +FROM debian:bullseye + +RUN apt update -y && apt upgrade -y +RUN apt install mariadb-common mariadb-server mariadb-client -y +ADD ./conf/config.cnf /etc/mysql/my.cnf +RUN mkdir /var/run/mysqld +RUN chmod 777 /var/run/mysqld + +ADD ./entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh +EXPOSE 3306 +ENTRYPOINT /entrypoint.sh \ No newline at end of file diff --git a/files/inception/srcs/mariadb/conf/config.cnf b/files/inception/srcs/mariadb/conf/config.cnf new file mode 100644 index 0000000..fa86acf --- /dev/null +++ b/files/inception/srcs/mariadb/conf/config.cnf @@ -0,0 +1,192 @@ +# MariaDB database server configuration file. +# +# You can copy this file to one of: +# - "/etc/mysql/my.cnf" to set global options, +# - "~/.my.cnf" to set user-specific options. +# +# One can use all long options that the program supports. +# Run program with --help to get a list of available options and with +# --print-defaults to see which it would actually understand and use. +# +# For explanations see +# http://dev.mysql.com/doc/mysql/en/server-system-variables.html + +# This will be passed to all mysql clients +# It has been reported that passwords should be enclosed with ticks/quotes +# escpecially if they contain "#" chars... +# Remember to edit /etc/mysql/debian.cnf when changing the socket location. +[client] +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +# Here is entries for some specific programs +# The following values assume you have at least 32M ram + +# This was formally known as [safe_mysqld]. Both versions are currently parsed. +[mysqld_safe] +socket = /var/run/mysqld/mysqld.sock +nice = 0 + +[mysqld] +# +# * Basic Settings +# +user = mysql +pid-file = /var/run/mysqld/mysqld.pid +socket = /var/run/mysqld/mysqld.sock + +port = 3306 +basedir = /usr +datadir = /var/lib/mysql +log-error = /var/log/mysql/error.err +tmpdir = /tmp +lc_messages_dir = /usr/share/mysql +lc_messages = en_US +skip-external-locking +# +# Instead of skip-networking the default is now to listen only on +# localhost which is more compatible and is not less secure. +bind-address = 0.0.0.0 +# +# * Fine Tuning +# +max_connections = 100 +connect_timeout = 5 +wait_timeout = 600 +max_allowed_packet = 16M +thread_cache_size = 128 +sort_buffer_size = 4M +bulk_insert_buffer_size = 16M +tmp_table_size = 32M +max_heap_table_size = 32M +# +# * MyISAM +# +# This replaces the startup script and checks MyISAM tables if needed +# the first time they are touched. On error, make copy and try a repair. +myisam_recover_options = BACKUP +key_buffer_size = 128M +#open-files-limit = 2000 +table_open_cache = 400 +myisam_sort_buffer_size = 512M +concurrent_insert = 2 +read_buffer_size = 2M +read_rnd_buffer_size = 1M +# +# * Query Cache Configuration +# +# Cache only tiny result sets, so we can fit more in the query cache. +query_cache_limit = 128K +query_cache_size = 64M +# for more write intensive setups, set to DEMAND or OFF +#query_cache_type = DEMAND +# +# * Logging and Replication +# +# Both location gets rotated by the cronjob. +# Be aware that this log type is a performance killer. +# As of 5.1 you can enable the log at runtime! +#general_log_file = /var/log/mysql/mysql.log +#general_log = 1 +# +# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. +# +# we do want to know about network errors and such +log_warnings = 2 +# +# Enable the slow query log to see queries with especially long duration +#slow_query_log[={0|1}] +slow_query_log_file = /var/log/mysql/mariadb-slow.log +long_query_time = 10 +#log_slow_rate_limit = 1000 +log_slow_verbosity = query_plan + +#log-queries-not-using-indexes +#log_slow_admin_statements +# +# The following can be used as easy to replay backup logs or for replication. +# note: if you are setting up a replication slave, see README.Debian about +# other settings you may need to change. +#server-id = 1 +#report_host = master1 +#auto_increment_increment = 2 +#auto_increment_offset = 1 +log_bin = /var/log/mysql/mariadb-bin +log_bin_index = /var/log/mysql/mariadb-bin.index +# not fab for performance, but safer +#sync_binlog = 1 +expire_logs_days = 10 +max_binlog_size = 100M +# slaves +#relay_log = /var/log/mysql/relay-bin +#relay_log_index = /var/log/mysql/relay-bin.index +#relay_log_info_file = /var/log/mysql/relay-bin.info +#log_slave_updates +#read_only +# +# If applications support it, this stricter sql_mode prevents some +# mistakes like inserting invalid dates etc. +#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL +# +# * InnoDB +# +# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. +# Read the manual for more InnoDB related options. There are many! +default_storage_engine = InnoDB +# you can't just change log file size, requires special procedure +#innodb_log_file_size = 50M +innodb_buffer_pool_size = 256M +innodb_log_buffer_size = 8M +innodb_file_per_table = 1 +innodb_open_files = 400 +innodb_io_capacity = 400 +innodb_flush_method = O_DIRECT +# +# * Security Features +# +# Read the manual, too, if you want chroot! +# chroot = /var/lib/mysql/ +# +# For generating SSL certificates I recommend the OpenSSL GUI "tinyca". +# +# ssl-ca=/etc/mysql/cacert.pem +# ssl-cert=/etc/mysql/server-cert.pem +# ssl-key=/etc/mysql/server-key.pem + +# +# * Galera-related settings +# +[galera] +# Mandatory settings +#wsrep_on=ON +#wsrep_provider= +#wsrep_cluster_address= +#binlog_format=row +#default_storage_engine=InnoDB +#innodb_autoinc_lock_mode=2 +# +# Allow server to accept connections on all interfaces. +# +#bind-address=0.0.0.0 +# +# Optional setting +#wsrep_slave_threads=1 +#innodb_flush_log_at_trx_commit=0 + +[mysqldump] +quick +quote-names +max_allowed_packet = 16M + +[mysql] +#no-auto-rehash # faster start of mysql but no tab completion + +[isamchk] +key_buffer = 16M + +# +# * IMPORTANT: Additional settings that can override those from this file! +# The files must end with '.cnf', otherwise they'll be ignored. +# +#!include /etc/mysql/mariadb.cnf +#!includedir /etc/mysql/conf.d/ diff --git a/files/inception/srcs/mariadb/entrypoint.sh b/files/inception/srcs/mariadb/entrypoint.sh new file mode 100644 index 0000000..80bdeea --- /dev/null +++ b/files/inception/srcs/mariadb/entrypoint.sh @@ -0,0 +1,13 @@ +#!/bin/bash +echo "[Starting Mariadb]" +service mariadb start +echo "[Initialising database for Wordpress]" +echo "CREATE DATABASE wp_db; \ + CREATE USER \"$DB_USER\"@\"%\"; \ + SET password FOR \"$DB_USER\"@\"%\" = password(\"$DB_PWD\"); \ + ALTER USER \"root\"@\"localhost\" IDENTIFIED BY \"$DB_ROOT_PWD\"; \ + GRANT ALL PRIVILEGES ON wp_db.* TO \"$DB_USER\"@\"%\" IDENTIFIED BY \"$DB_PWD\"; \ + FLUSH PRIVILEGES" | mysql +service mariadb stop +echo "[Starting checks on mariadb]" +mysqld --bind-address=0.0.0.0 \ No newline at end of file diff --git a/files/inception/srcs/nginx/Dockerfile b/files/inception/srcs/nginx/Dockerfile new file mode 100644 index 0000000..45a0b91 --- /dev/null +++ b/files/inception/srcs/nginx/Dockerfile @@ -0,0 +1,14 @@ +FROM debian:bullseye + +RUN apt update -y && apt upgrade -y +RUN apt install nginx openssl -y + +ADD ./conf/wordpress.conf /etc/nginx/sites-available/wordpress.conf +ADD ./conf/nginx.conf /etc/nginx/ +RUN ln -s /etc/nginx/sites-available/wordpress.conf /etc/nginx/sites-enabled/ +RUN rm -f /etc/nginx/sites-enabled/default +RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/certs/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt -subj '/CN=rralambo.42.fr /O=Lenoctambule Dev./C=FR' +RUN openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + +EXPOSE 443 +ENTRYPOINT nginx diff --git a/files/inception/srcs/nginx/conf/nginx.conf b/files/inception/srcs/nginx/conf/nginx.conf new file mode 100644 index 0000000..8764b3e --- /dev/null +++ b/files/inception/srcs/nginx/conf/nginx.conf @@ -0,0 +1,84 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; +daemon off; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + types_hash_max_size 2048; + # server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # SSL Settings + ## + + ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + ## + # Gzip Settings + ## + + gzip on; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + + +#mail { +# # See sample authentication script at: +# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript +# +# # auth_http localhost/auth.php; +# # pop3_capabilities "TOP" "USER"; +# # imap_capabilities "IMAP4rev1" "UIDPLUS"; +# +# server { +# listen localhost:110; +# protocol pop3; +# proxy on; +# } +# +# server { +# listen localhost:143; +# protocol imap; +# proxy on; +# } +#} diff --git a/files/inception/srcs/nginx/conf/wordpress.conf b/files/inception/srcs/nginx/conf/wordpress.conf new file mode 100644 index 0000000..04aaa1a --- /dev/null +++ b/files/inception/srcs/nginx/conf/wordpress.conf @@ -0,0 +1,34 @@ +ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; +ssl_certificate_key /etc/ssl/certs/nginx-selfsigned.key; +ssl_dhparam /etc/ssl/certs/dhparam.pem; + +server +{ + listen 80 default_server; + server_name _; + return 301 https://$host$request_uri; +} + +server +{ + listen 443 ssl default_server; + return 301 https://rralambo.42.fr$request_uri; +} + +server +{ + listen 443 ssl; + server_name rralambo.42.fr; + index index.php index.html index.htm; + root /var/www/wordpress; + + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + fastcgi_pass wordpress:9000; + include fastcgi_params; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} diff --git a/files/inception/srcs/wordpress/Dockerfile b/files/inception/srcs/wordpress/Dockerfile new file mode 100644 index 0000000..2b87e9f --- /dev/null +++ b/files/inception/srcs/wordpress/Dockerfile @@ -0,0 +1,15 @@ +FROM debian:bullseye + +RUN apt update -y && apt upgrade -y +RUN apt install curl wget php-cli php-mysql php-curl php-gd php-intl php-fpm -y + +RUN wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \ + && mv wp-cli.phar /usr/bin/wp \ + && chmod +x /usr/bin/wp +RUN mkdir -p /var/www/wordpress + +ADD ./conf/wordpress.conf /wordpress.conf +ADD ./entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh +EXPOSE 9000 +ENTRYPOINT /entrypoint.sh \ No newline at end of file diff --git a/files/inception/srcs/wordpress/conf/wordpress.conf b/files/inception/srcs/wordpress/conf/wordpress.conf new file mode 100644 index 0000000..bd4c66c --- /dev/null +++ b/files/inception/srcs/wordpress/conf/wordpress.conf @@ -0,0 +1,19 @@ +[www] + +user = www-data +group = www-data + +listen = 9000 + +listen.owner = www-data +listen.group = www-data + +pm = dynamic + +pm.max_children = 5 + +pm.start_servers = 2 + +pm.min_spare_servers = 1 + +pm.max_spare_servers = 3 diff --git a/files/inception/srcs/wordpress/entrypoint.sh b/files/inception/srcs/wordpress/entrypoint.sh new file mode 100644 index 0000000..2d711f7 --- /dev/null +++ b/files/inception/srcs/wordpress/entrypoint.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +function gen_wpconfig() +{ + echo "> wp-config.php + echo "define( 'DB_USER', '$DB_USER' );" >> wp-config.php + echo "define( 'DB_PASSWORD', '$DB_PWD' );" >> wp-config.php + echo "define( 'DB_HOST', 'mariadb' );" >> wp-config.php + echo "define( 'DB_CHARSET', 'utf8' );" >> wp-config.php + echo "define( 'DB_COLLATE', '' );" >> wp-config.php + echo "define( 'WP_DEBUG', false );" >> wp-config.php + echo '$table_prefix = '"'wp_'"';' >> wp-config.php + curl https://api.wordpress.org/secret-key/1.1/salt/ >> wp-config.php + echo "if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); }" >> wp-config.php + echo "require_once ABSPATH . 'wp-settings.php';" >> wp-config.php +} + +cd /var/www/wordpress +wp core download --allow-root +if [ ! -f wp-config.php ]; then + gen_wpconfig +fi +wp core install --url="https://rralambo.42.fr" \ + --title="Le Noctambule Co." \ + --admin_email=$WP_ADMIN_EMAIL \ + --admin_user=$WP_ADMIN \ + --admin_password=$WP_ADMIN_PWD \ + --allow-root +wp user create $WP_USER $WP_EMAIL --user_pass=$WP_PWD --role=author --allow-root + +echo '[Starting PHP-FPM]' +php-fpm7.4 -F -y /wordpress.conf \ No newline at end of file