From 3929d0ae4275c99c1e3c29f4d305b163c52d567f Mon Sep 17 00:00:00 2001 From: root Date: Thu, 21 May 2020 17:01:37 +0000 Subject: [PATCH] =?UTF-8?q?Actualizacion=20de=20los=20ficheros=20de=20conf?= =?UTF-8?q?iguraci=C3=B3n=20y=20testeo=20en=20txirbil.=20A=C3=B1aado=20tam?= =?UTF-8?q?bi=C3=A9n=20el=20README?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 44 ++++++++++++++ docker-compose.yml | 13 ++-- mariadb/50-server.cnf | 133 +++++++++++++++++++++++++++++++++++++++++ mariadb/Dockerfile | 10 +++- mariadb/entrypoint.sh | 3 + nginx/Dockerfile | 4 +- nginx/fastcgi_params | 25 ++++++++ nginx/sd.conf | 11 ++-- php-fpm/Dockerfile | 15 +++-- php-fpm/wordpress.conf | 2 - php-fpm/wp-config.php | 58 ++++++++++++++++++ 11 files changed, 294 insertions(+), 24 deletions(-) create mode 100644 README.md create mode 100644 mariadb/50-server.cnf create mode 100755 mariadb/entrypoint.sh create mode 100644 nginx/fastcgi_params diff --git a/README.md b/README.md new file mode 100644 index 0000000..dbe9874 --- /dev/null +++ b/README.md @@ -0,0 +1,44 @@ += WORDPRESS MULTISITE SINDOMINIO = + +La versión del wordpress multisite de Sindomnio usando Docker. + +Está dividido en tres containers: + + * NGINX : El servidor que ofrece la web. Expone el puerto 80 y lo redirigimos al 8085 para tener acceso en **txirbilenea**. Tiene acceso al volumen de datos. Los datos de configuración son los que se están usando en **patio** + * PHP-FPM: Expone el puerto 9000 para las peticiones de fastcgi desde el container NGINX. Creamos un usuario **wordpress** para el acceso a los datos del volumen compartido + * MARIADB: Base de datos con volumen propio. Deberemos configurar la base de datos y el usuario del wordpress. + +Y dos volumenes: + + * DATA : Con los archivos PHP, documentos, ... necesarios para usar Wordpress + * DB : Los archivos de la base de datos MariaDB + +== WP-CONFIG : Configuración de Wordpress == + +Editar correctamente los datos de la base de datos en el wp-config.php situado en **php-fmp** + +== CREACIÓN DE BASE DE DATOS == + +Con los datos de wp-config.php debermos crear la base de datos en nuestro container. + +``` + # docker exec -it sd_wp_db bash + + # mysql -u root -p + + CREATE DATABASE wordpress; + + GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%' IDENTIFIED BY 'wordpress'; +``` + +== MIGRACIÓN == + +Deberemos copiar los archivos de wp-content (plugins/themes/files) de la vieja instalación al nuevo volumen. + +Deberemos hacer un **mysqldump** de la base de datos vieja e importarlos en nuestro nuevo container de base de datos **wordpress** a través de un **docker exec -it sd_wp_db mysql -u root -p wordpress < database_vieja.sql** + +Para finalizar, deberemos reconfigurar el proxypass de **labo03** para que apunte a **txirbilenea** al puerto **8085** que es el puerto expuesto en el docker-compose para el acceso al NGINX. + +== TODO == + +Configurar el **wp-cli** en la maquina de **php-fpm** para automatizar la actualización de plugins/themes/core de Wordpress. diff --git a/docker-compose.yml b/docker-compose.yml index df2ec48..b00d7f2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,10 +9,9 @@ services: links: - php-fpm:wp ports: - - "80:80" - - "443:443" + - "8085:80" volumes: - - sd-wp-data:/var/www/html + - data:/sindominio/wordpress php-fpm: build: "./php-fpm/" @@ -23,14 +22,14 @@ services: depends_on: - mariadb volumes: - - sd-wp-data:/sindominio/wordpress + - data:/sindominio/wordpress mariadb: build: "./mariadb/" container_name: sd_wp_db restart: always volumes: - - sd-wp-db:/var/lib/mysql + - db:/var/lib/mysql volumes: - sd-wp-data: - sd-wp-db: + data: + db: diff --git a/mariadb/50-server.cnf b/mariadb/50-server.cnf new file mode 100644 index 0000000..c3bf210 --- /dev/null +++ b/mariadb/50-server.cnf @@ -0,0 +1,133 @@ +# +# These groups are read by MariaDB server. +# Use it for options that only the server (but not clients) should see +# +# See the examples of server my.cnf files in /usr/share/mysql + +# this is read by the standalone daemon and embedded servers +[server] + +# this is only for the mysqld standalone daemon +[mysqld] + +# +# * Basic Settings +# +user = mysql +pid-file = /run/mysqld/mysqld.pid +socket = /run/mysqld/mysqld.sock +#port = 3306 +basedir = /usr +datadir = /var/lib/mysql +tmpdir = /tmp +lc-messages-dir = /usr/share/mysql +#skip-external-locking + +# Instead of skip-networking the default is now to listen only on +# localhost which is more compatible and is not less secure. +bind-address = 0.0.0.0 + +# +# * Fine Tuning +# +#key_buffer_size = 16M +#max_allowed_packet = 16M +#thread_stack = 192K +#thread_cache_size = 8 +# This replaces the startup script and checks MyISAM tables if needed +# the first time they are touched +#myisam_recover_options = BACKUP +#max_connections = 100 +#table_cache = 64 +#thread_concurrency = 10 + +# +# * Query Cache Configuration +# +#query_cache_limit = 1M +query_cache_size = 16M + +# +# * Logging and Replication +# +# Both location gets rotated by the cronjob. +# Be aware that this log type is a performance killer. +# As of 5.1 you can enable the log at runtime! +#general_log_file = /var/log/mysql/mysql.log +#general_log = 1 +# +# Error log - should be very few entries. +# +log_error = /var/log/mysql/error.log +# +# Enable the slow query log to see queries with especially long duration +#slow_query_log_file = /var/log/mysql/mariadb-slow.log +#long_query_time = 10 +#log_slow_rate_limit = 1000 +#log_slow_verbosity = query_plan +#log-queries-not-using-indexes +# +# The following can be used as easy to replay backup logs or for replication. +# note: if you are setting up a replication slave, see README.Debian about +# other settings you may need to change. +#server-id = 1 +#log_bin = /var/log/mysql/mysql-bin.log +expire_logs_days = 10 +#max_binlog_size = 100M +#binlog_do_db = include_database_name +#binlog_ignore_db = exclude_database_name + +# +# * Security Features +# +# Read the manual, too, if you want chroot! +#chroot = /var/lib/mysql/ +# +# For generating SSL certificates you can use for example the GUI tool "tinyca". +# +#ssl-ca = /etc/mysql/cacert.pem +#ssl-cert = /etc/mysql/server-cert.pem +#ssl-key = /etc/mysql/server-key.pem +# +# Accept only connections using the latest and most secure TLS protocol version. +# ..when MariaDB is compiled with OpenSSL: +#ssl-cipher = TLSv1.2 +# ..when MariaDB is compiled with YaSSL (default in Debian): +#ssl = on + +# +# * Character sets +# +# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full +# utf8 4-byte character set. See also client.cnf +# +character-set-server = utf8mb4 +collation-server = utf8mb4_general_ci + +# +# * InnoDB +# +# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. +# Read the manual for more InnoDB related options. There are many! + +# +# * Unix socket authentication plugin is built-in since 10.0.22-6 +# +# Needed so the root database user can authenticate without a password but +# only when running as the unix root user. +# +# Also available for other users if required. +# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/ + +# this is only for embedded server +[embedded] + +# This group is only read by MariaDB servers, not by MySQL. +# If you use the same .cnf file for MySQL and MariaDB, +# you can put MariaDB-only options here +[mariadb] + +# This group is only read by MariaDB-10.3 servers. +# If you use the same .cnf file for MariaDB of different versions, +# use this group for options that older servers don't understand +[mariadb-10.3] diff --git a/mariadb/Dockerfile b/mariadb/Dockerfile index 114a4e9..9179dda 100644 --- a/mariadb/Dockerfile +++ b/mariadb/Dockerfile @@ -4,7 +4,15 @@ RUN apt-get update && \ apt-get -qy install mariadb-server &&\ apt-get clean +COPY 50-server.cnf /etc/mysql/mariadb.conf.d/50-server.cnf + VOLUME /var/lib/mysql -CMD ["/usr/bin/mysqld_safe"]] +EXPOSE 3306 + +CMD ["/usr/bin/mysqld_safe"] +#CMD ["/usr/bin/mysqld_safe","--log-error=/tmp/mysql.error.log"] +#CMD ["/usr/bin/mysqld_safe"] + + diff --git a/mariadb/entrypoint.sh b/mariadb/entrypoint.sh new file mode 100755 index 0000000..f8a0f35 --- /dev/null +++ b/mariadb/entrypoint.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +#/usr/bin/mysqladmin -u root password SECRET diff --git a/nginx/Dockerfile b/nginx/Dockerfile index cd58a09..84a7419 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -5,12 +5,12 @@ RUN apt-get update && \ apt-get clean COPY sd.conf /etc/nginx/sites-available/sd.conf +COPY fastcgi_params /etc/nginx/fastcgi_params RUN rm /etc/nginx/sites-enabled/default RUN ln -s /etc/nginx/sites-available/sd.conf /etc/nginx/sites-enabled/sd.conf -VOLUME /var/www/html +VOLUME /sindominio/wordpress -EXPOSE 443 EXPOSE 80 CMD /usr/sbin/nginx -g "daemon off; master_process off;" diff --git a/nginx/fastcgi_params b/nginx/fastcgi_params new file mode 100644 index 0000000..a22940f --- /dev/null +++ b/nginx/fastcgi_params @@ -0,0 +1,25 @@ +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/nginx/sd.conf b/nginx/sd.conf index 2b947bf..7836f8e 100644 --- a/nginx/sd.conf +++ b/nginx/sd.conf @@ -9,15 +9,12 @@ map $blogname $blogid{ } server { - listen 23080; - listen [::]:23080; + listen 80; + listen [::]:80; - server_name _default_; - server_name wp.sindominio.net; - server_name yyvaclqpmkx22jraecxtv5bt5ukqkjmygvhw2wk3ee5zl7jkavhs7rid.onion; - server_name sindominio.net; + server_name default_server; - root /var/www/html; + root /sindominio/wordpress; index index.php; client_max_body_size 25M; diff --git a/php-fpm/Dockerfile b/php-fpm/Dockerfile index 214994d..2637809 100644 --- a/php-fpm/Dockerfile +++ b/php-fpm/Dockerfile @@ -2,24 +2,29 @@ FROM registry.sindominio.net/debian RUN apt-get update && \ apt-get -qy install \ - php-fpm php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \ - ghostscript wget openssl && \ + php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \ + ghostscript wget curl openssl && \ apt-get clean RUN useradd -lMs /sbin/nologin wordpress -WORKDIR sindominio COPY wordpress.conf /etc/php/7.3/fpm/pool.d/www.conf RUN mkdir /run/php/ RUN mkdir logs +WORKDIR sindominio + RUN wget -O wordpress.tar.gz "https://wordpress.org/latest.tar.gz" RUN tar -xzf wordpress.tar.gz RUN rm wordpress.tar.gz -COPY wp-config.php /sindominio/wordpress/wp-config.php -RUN chown -R www-data:www-data /sindominio/wordpress +ADD wp-config.php /sindominio/wordpress/wp-config.php +RUN chown -R wordpress:wordpress /sindominio/wordpress + +RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar +RUN chmod +x wp-cli.phar +RUN mv wp-cli.phar /usr/local/bin/wp EXPOSE 9000 VOLUME /sindominio/ diff --git a/php-fpm/wordpress.conf b/php-fpm/wordpress.conf index e0e8f95..9dac4be 100644 --- a/php-fpm/wordpress.conf +++ b/php-fpm/wordpress.conf @@ -12,5 +12,3 @@ pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 - -php_admin_value[error_log] = /wordpress/logs/fpm-php.log diff --git a/php-fpm/wp-config.php b/php-fpm/wp-config.php index e69de29..6d19c65 100644 --- a/php-fpm/wp-config.php +++ b/php-fpm/wp-config.php @@ -0,0 +1,58 @@ +,|E7)C(:8v'); +define('LOGGED_IN_SALT', 'x&2H?)-BUUQlVmOF0$7Mdi]l@!l$sei=mHPSAwO)|El- :?=J-_hP$B^2(+jN]^i'); +define('NONCE_SALT', 'pt|N-?XvTdoRvA)cO`WC|lao[&zLVE^C4)V6?@bnv]BaF36_ss+WDQvU!cdFG$f.'); + +$table_prefix = 'wp_'; + +define ('WPLANG', 'es_ES'); + +define( 'WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] ); +define( 'WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] ); +define('WP_ALLOW_MULTISITE', true); //activa el menu de network + +define( 'MULTISITE', true ); +define( 'SUBDOMAIN_INSTALL', false ); // Blogs NO en subdominios sino en subpcarpetas +$base = '/'; // Carpeta base. La raiz del dominio de instalacion (o subdominio), si no es barra no funciona el plugin domain-mapping +define( 'DOMAIN_CURRENT_SITE', 'wp.sindominio.net' ); // dominio/subdominio principal. +define( 'PATH_CURRENT_SITE', '/' ); +define( 'SITE_ID_CURRENT_SITE', 1 ); +define( 'BLOG_ID_CURRENT_SITE', 1 ); + +define( 'SUNRISE', 'on' ); + +define ( 'FORCE_SSL_ADMIN', true); + +if ($_SERVER['HTTP_X_FORWARD_PROTO'] == 'https') + $_SERVER['HTTPS']='on'; + +define('WP_FAIL2BAN_LOG_PINGBACKS',true); + +define('DISALLOW_FILE_EDIT',true); + +define('WP_MEMORY_LIMIT', '512M'); +define( 'EMPTY_TRASH_DAYS', 0 ); + +/* ¡Eso es todo, deja de editar! Feliz blogging */ + +/** WordPress absolute path to the Wordpress directory. */ +if ( !defined('ABSPATH') ) + define('ABSPATH', dirname(__FILE__) . '/'); + +/** Sets up WordPress vars and included files. */ +require_once(ABSPATH . 'wp-settings.php'); +?> +