feat: add app files

files/inception/srcs/docker-compose.yml

@@ -0,0 +1,74 @@
+networks:
+  inception:
+    name: inception
+
+volumes:
+  db_data:
+    name: db_data
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/data/db_data'
+  site_data:
+    name: site_data
+    driver: local
+    driver_opts:
+      type: 'none'
+      o: 'bind'
+      device: '/data/site_data'
+
+services:
+
+  mariadb :
+    container_name : mariadb
+    build : ./mariadb/
+    networks :
+      - inception
+    restart: always
+    volumes :
+      - db_data:/var/lib/mysql
+    env_file:
+      - .env
+    environment :
+      - DB_USER=${DB_USER:-wp}
+      - DB_PWD=${DB_PWD:-password123}
+      - DB_ROOT_PWD=${DB_ROOT_PWD:-rootpassword}
+
+  wordpress :
+    container_name : wordpress
+    build : ./wordpress/
+    networks :
+      - inception
+    hostname : wordpress
+    depends_on :
+      - mariadb
+    restart: always
+    volumes :
+      - site_data:/var/www/wordpress
+    env_file:
+      - .env
+    environment :
+      - DB_USER=${DB_USER:-wp}
+      - DB_PWD=${DB_PWD:-password123}
+      - WP_USER=${WP_USER:-rralambo}
+      - WP_PWD=${WP_PWD:-password123}
+      - WP_EMAIL=${WP_EMAIL:-email@email.com}
+      - WP_ADMIN=${WP_ADMIN:-obama}
+      - WP_ADMIN_PWD=${WP_ADMIN_PWD:-thepresidentpassword}
+      - WP_ADMIN_EMAIL=${WP_ADMIN_EMAIL:-obama@obamail.com}
+
+  nginx:
+    container_name : nginx
+    build : ./nginx/
+    ports :
+      - 0.0.0.0:443:443
+      - 0.0.0.0:80:80
+    networks :
+      - inception
+    depends_on :
+      - wordpress
+    restart: always
+    volumes :
+      - site_data:/var/www/wordpress
+      - ./certs/:/certs/

files/inception/srcs/mariadb/Dockerfile

@@ -0,0 +1,12 @@
+FROM    debian:bullseye
+
+RUN     apt update -y && apt upgrade -y
+RUN     apt install mariadb-common mariadb-server mariadb-client -y
+ADD     ./conf/config.cnf    /etc/mysql/my.cnf
+RUN     mkdir /var/run/mysqld
+RUN     chmod 777 /var/run/mysqld
+
+ADD         ./entrypoint.sh /entrypoint.sh
+RUN         chmod +x /entrypoint.sh
+EXPOSE      3306
+ENTRYPOINT  /entrypoint.sh

files/inception/srcs/mariadb/conf/config.cnf

@@ -0,0 +1,192 @@
+# MariaDB database server configuration file.
+#
+# You can copy this file to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+# 
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+[client]
+port		= 3306
+socket		= /var/run/mysqld/mysqld.sock
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+# This was formally known as [safe_mysqld]. Both versions are currently parsed.
+[mysqld_safe]
+socket		= /var/run/mysqld/mysqld.sock
+nice		= 0
+
+[mysqld]
+#
+# * Basic Settings
+#
+user		= mysql
+pid-file	= /var/run/mysqld/mysqld.pid
+socket		= /var/run/mysqld/mysqld.sock
+
+port		= 3306
+basedir		= /usr
+datadir		= /var/lib/mysql
+log-error   = /var/log/mysql/error.err
+tmpdir		= /tmp
+lc_messages_dir	= /usr/share/mysql
+lc_messages	= en_US
+skip-external-locking
+#
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address		= 0.0.0.0
+#
+# * Fine Tuning
+#
+max_connections		= 100
+connect_timeout		= 5
+wait_timeout		= 600
+max_allowed_packet	= 16M
+thread_cache_size       = 128
+sort_buffer_size	= 4M
+bulk_insert_buffer_size	= 16M
+tmp_table_size		= 32M
+max_heap_table_size	= 32M
+#
+# * MyISAM
+#
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched. On error, make copy and try a repair.
+myisam_recover_options = BACKUP
+key_buffer_size		= 128M
+#open-files-limit	= 2000
+table_open_cache	= 400
+myisam_sort_buffer_size	= 512M
+concurrent_insert	= 2
+read_buffer_size	= 2M
+read_rnd_buffer_size	= 1M
+#
+# * Query Cache Configuration
+#
+# Cache only tiny result sets, so we can fit more in the query cache.
+query_cache_limit		= 128K
+query_cache_size		= 64M
+# for more write intensive setups, set to DEMAND or OFF
+#query_cache_type		= DEMAND
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file        = /var/log/mysql/mysql.log
+#general_log             = 1
+#
+# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
+#
+# we do want to know about network errors and such
+log_warnings		= 2
+#
+# Enable the slow query log to see queries with especially long duration
+#slow_query_log[={0|1}]
+slow_query_log_file	= /var/log/mysql/mariadb-slow.log
+long_query_time = 10
+#log_slow_rate_limit	= 1000
+log_slow_verbosity	= query_plan
+
+#log-queries-not-using-indexes
+#log_slow_admin_statements
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+#       other settings you may need to change.
+#server-id		= 1
+#report_host		= master1
+#auto_increment_increment = 2
+#auto_increment_offset	= 1
+log_bin			= /var/log/mysql/mariadb-bin
+log_bin_index		= /var/log/mysql/mariadb-bin.index
+# not fab for performance, but safer
+#sync_binlog		= 1
+expire_logs_days	= 10
+max_binlog_size         = 100M
+# slaves
+#relay_log		= /var/log/mysql/relay-bin
+#relay_log_index	= /var/log/mysql/relay-bin.index
+#relay_log_info_file	= /var/log/mysql/relay-bin.info
+#log_slave_updates
+#read_only
+#
+# If applications support it, this stricter sql_mode prevents some
+# mistakes like inserting invalid dates etc.
+#sql_mode		= NO_ENGINE_SUBSTITUTION,TRADITIONAL
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+default_storage_engine	= InnoDB
+# you can't just change log file size, requires special procedure
+#innodb_log_file_size	= 50M
+innodb_buffer_pool_size	= 256M
+innodb_log_buffer_size	= 8M
+innodb_file_per_table	= 1
+innodb_open_files	= 400
+innodb_io_capacity	= 400
+innodb_flush_method	= O_DIRECT
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
+
+#
+# * Galera-related settings
+#
+[galera]
+# Mandatory settings
+#wsrep_on=ON
+#wsrep_provider=
+#wsrep_cluster_address=
+#binlog_format=row
+#default_storage_engine=InnoDB
+#innodb_autoinc_lock_mode=2
+#
+# Allow server to accept connections on all interfaces.
+#
+#bind-address=0.0.0.0
+#
+# Optional setting
+#wsrep_slave_threads=1
+#innodb_flush_log_at_trx_commit=0
+
+[mysqldump]
+quick
+quote-names
+max_allowed_packet	= 16M
+
+[mysql]
+#no-auto-rehash	# faster start of mysql but no tab completion
+
+[isamchk]
+key_buffer		= 16M
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+#   The files must end with '.cnf', otherwise they'll be ignored.
+#
+#!include /etc/mysql/mariadb.cnf
+#!includedir /etc/mysql/conf.d/

files/inception/srcs/mariadb/entrypoint.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+echo "[Starting Mariadb]"
+service mariadb start
+echo "[Initialising database for Wordpress]"
+echo "CREATE DATABASE wp_db; \
+               CREATE USER \"$DB_USER\"@\"%\"; \
+               SET password FOR \"$DB_USER\"@\"%\" = password(\"$DB_PWD\"); \
+               ALTER USER \"root\"@\"localhost\" IDENTIFIED BY \"$DB_ROOT_PWD\"; \
+               GRANT ALL PRIVILEGES ON wp_db.* TO \"$DB_USER\"@\"%\" IDENTIFIED BY \"$DB_PWD\"; \
+               FLUSH PRIVILEGES" | mysql
+service mariadb stop
+echo "[Starting checks on mariadb]"
+mysqld --bind-address=0.0.0.0

files/inception/srcs/nginx/Dockerfile

@@ -0,0 +1,14 @@
+FROM    debian:bullseye
+
+RUN     apt update -y && apt upgrade -y
+RUN     apt install nginx openssl -y
+
+ADD     ./conf/wordpress.conf     /etc/nginx/sites-available/wordpress.conf
+ADD     ./conf/nginx.conf    /etc/nginx/
+RUN     ln -s /etc/nginx/sites-available/wordpress.conf /etc/nginx/sites-enabled/
+RUN     rm -f /etc/nginx/sites-enabled/default
+RUN     openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/certs/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt -subj '/CN=rralambo.42.fr /O=Lenoctambule Dev./C=FR'
+RUN     openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
+
+EXPOSE      443
+ENTRYPOINT  nginx

files/inception/srcs/nginx/conf/nginx.conf

@@ -0,0 +1,84 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+daemon off;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+}
+
+
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+#
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}

files/inception/srcs/nginx/conf/wordpress.conf

@@ -0,0 +1,34 @@
+ssl_certificate     /etc/ssl/certs/nginx-selfsigned.crt;
+ssl_certificate_key /etc/ssl/certs/nginx-selfsigned.key;
+ssl_dhparam         /etc/ssl/certs/dhparam.pem;
+
+server
+{
+    listen      80 default_server;
+    server_name _;
+    return      301 https://$host$request_uri;
+}
+
+server
+{
+    listen      443 ssl default_server;
+    return 301  https://rralambo.42.fr$request_uri;
+}
+
+server
+{
+    listen      443 ssl;
+    server_name rralambo.42.fr;
+    index       index.php index.html index.htm;
+    root        /var/www/wordpress;
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_split_path_info  ^(.+\.php)(/.+)$;
+        fastcgi_index            index.php;
+        fastcgi_pass             wordpress:9000;
+        include                  fastcgi_params;
+        fastcgi_param   PATH_INFO       $fastcgi_path_info;
+        fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    }
+}

files/inception/srcs/wordpress/Dockerfile

@@ -0,0 +1,15 @@
+FROM    debian:bullseye
+
+RUN     apt update -y && apt upgrade -y
+RUN     apt install curl wget php-cli php-mysql php-curl php-gd php-intl php-fpm -y
+
+RUN     wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
+            && mv wp-cli.phar /usr/bin/wp \
+            && chmod +x /usr/bin/wp
+RUN     mkdir -p /var/www/wordpress
+
+ADD         ./conf/wordpress.conf /wordpress.conf
+ADD         ./entrypoint.sh /entrypoint.sh
+RUN         chmod +x /entrypoint.sh
+EXPOSE      9000
+ENTRYPOINT  /entrypoint.sh

files/inception/srcs/wordpress/conf/wordpress.conf

@@ -0,0 +1,19 @@
+[www]
+
+user = www-data
+group = www-data
+
+listen = 9000
+
+listen.owner = www-data
+listen.group = www-data
+
+pm = dynamic
+
+pm.max_children = 5
+
+pm.start_servers = 2
+
+pm.min_spare_servers = 1
+
+pm.max_spare_servers = 3

files/inception/srcs/wordpress/entrypoint.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+function gen_wpconfig()
+{
+    echo "<?php define( 'DB_NAME', 'wp_db' );" >> wp-config.php
+    echo "define( 'DB_USER', '$DB_USER' );" >> wp-config.php
+    echo "define( 'DB_PASSWORD', '$DB_PWD' );" >> wp-config.php
+    echo "define( 'DB_HOST', 'mariadb' );" >> wp-config.php
+    echo "define( 'DB_CHARSET', 'utf8' );" >> wp-config.php
+    echo "define( 'DB_COLLATE', '' );" >> wp-config.php
+    echo "define( 'WP_DEBUG', false );" >> wp-config.php
+    echo '$table_prefix = '"'wp_'"';' >> wp-config.php
+    curl https://api.wordpress.org/secret-key/1.1/salt/ >> wp-config.php
+    echo "if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); }" >> wp-config.php
+    echo "require_once ABSPATH . 'wp-settings.php';" >> wp-config.php
+}
+
+cd /var/www/wordpress
+wp core download --allow-root
+if [ ! -f wp-config.php ]; then
+    gen_wpconfig
+fi
+wp core install --url="https://rralambo.42.fr" \
+                --title="Le Noctambule Co." \
+                --admin_email=$WP_ADMIN_EMAIL \
+                --admin_user=$WP_ADMIN \
+                --admin_password=$WP_ADMIN_PWD \
+                --allow-root
+wp user create $WP_USER $WP_EMAIL --user_pass=$WP_PWD --role=author --allow-root
+
+echo '[Starting PHP-FPM]'
+php-fpm7.4 -F -y /wordpress.conf