Actualizacion de los ficheros de configuración y testeo en txirbil. Añaado también el README

2024-11-10 05:11:07 +01:00 · 2020-05-21 17:01:37 +00:00 · 2020-05-21 17:01:37 +00:00 · 3929d0ae42
commit 3929d0ae42
parent aa8045a55d
11 changed files with 294 additions and 24 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,44 @@
 = WORDPRESS MULTISITE SINDOMINIO =
 La versión del wordpress multisite de Sindomnio usando Docker.
 Está dividido en tres containers:
 * NGINX : El servidor que ofrece la web. Expone el puerto 80 y lo redirigimos al 8085 para tener acceso en **txirbilenea**. Tiene acceso al volumen de datos.  Los datos de configuración son los que se están usando en **patio**
 * PHP-FPM: Expone el puerto 9000 para las peticiones de fastcgi desde el container NGINX. Creamos un usuario **wordpress** para el acceso a los datos del volumen compartido
 * MARIADB: Base de datos con volumen propio. Deberemos configurar la base de datos y el usuario del wordpress.
 Y dos volumenes:
 * DATA : Con los archivos PHP, documentos, ... necesarios para usar Wordpress
 * DB : Los archivos de la base de datos MariaDB 
 == WP-CONFIG : Configuración de Wordpress ==
 Editar correctamente los datos de la base de datos en el wp-config.php situado en **php-fmp**
 == CREACIÓN DE BASE DE DATOS ==
 Con los datos de wp-config.php debermos crear la base de datos en nuestro container.
 ```
 # docker exec -it sd_wp_db bash
 # mysql -u root -p
 CREATE DATABASE wordpress;
 GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%' IDENTIFIED BY 'wordpress';
 ```
 == MIGRACIÓN ==
 Deberemos copiar los archivos de wp-content (plugins/themes/files) de la vieja instalación al nuevo volumen.
 Deberemos hacer un **mysqldump** de la base de datos vieja e importarlos en nuestro nuevo container de base de datos **wordpress** a través de un **docker exec -it sd_wp_db mysql -u root -p wordpress < database_vieja.sql**
 Para finalizar, deberemos reconfigurar el proxypass de **labo03** para que apunte a **txirbilenea** al puerto **8085** que es el puerto expuesto en el docker-compose para el acceso al NGINX.
 == TODO ==
 Configurar el **wp-cli** en la maquina de **php-fpm** para automatizar la actualización de plugins/themes/core de Wordpress.
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,10 +9,9 @@ services:
    links:
        - php-fpm:wp
    ports:
-        - "80:80"
+        - "8085:80"
        - "443:443"
    volumes:
-            - sd-wp-data:/var/www/html
+            - data:/sindominio/wordpress
  php-fpm:
    build: "./php-fpm/"
@ -23,14 +22,14 @@ services:
    depends_on:
      - mariadb
    volumes:
-            - sd-wp-data:/sindominio/wordpress
+            - data:/sindominio/wordpress
  mariadb:
    build: "./mariadb/"
    container_name: sd_wp_db
    restart: always
    volumes:
-            - sd-wp-db:/var/lib/mysql
+            - db:/var/lib/mysql
 volumes:
-  sd-wp-data:
+ data:
-  sd-wp-db:
+ db:
--- a/mariadb/50-server.cnf
+++ b/mariadb/50-server.cnf
@ -0,0 +1,133 @@
 #
 # These groups are read by MariaDB server.
 # Use it for options that only the server (but not clients) should see
 #
 # See the examples of server my.cnf files in /usr/share/mysql
 # this is read by the standalone daemon and embedded servers
 [server]
 # this is only for the mysqld standalone daemon
 [mysqld]
 #
 # * Basic Settings
 #
 user                    = mysql
 pid-file                = /run/mysqld/mysqld.pid
 socket                  = /run/mysqld/mysqld.sock
 #port                   = 3306
 basedir                 = /usr
 datadir                 = /var/lib/mysql
 tmpdir                  = /tmp
 lc-messages-dir         = /usr/share/mysql
 #skip-external-locking
 # Instead of skip-networking the default is now to listen only on
 # localhost which is more compatible and is not less secure.
 bind-address            = 0.0.0.0
 #
 # * Fine Tuning
 #
 #key_buffer_size        = 16M
 #max_allowed_packet     = 16M
 #thread_stack           = 192K
 #thread_cache_size      = 8
 # This replaces the startup script and checks MyISAM tables if needed
 # the first time they are touched
 #myisam_recover_options = BACKUP
 #max_connections        = 100
 #table_cache            = 64
 #thread_concurrency     = 10
 #
 # * Query Cache Configuration
 #
 #query_cache_limit      = 1M
 query_cache_size        = 16M
 #
 # * Logging and Replication
 #
 # Both location gets rotated by the cronjob.
 # Be aware that this log type is a performance killer.
 # As of 5.1 you can enable the log at runtime!
 #general_log_file       = /var/log/mysql/mysql.log
 #general_log            = 1
 #
 # Error log - should be very few entries.
 #
 log_error = /var/log/mysql/error.log
 #
 # Enable the slow query log to see queries with especially long duration
 #slow_query_log_file    = /var/log/mysql/mariadb-slow.log
 #long_query_time        = 10
 #log_slow_rate_limit    = 1000
 #log_slow_verbosity     = query_plan
 #log-queries-not-using-indexes
 #
 # The following can be used as easy to replay backup logs or for replication.
 # note: if you are setting up a replication slave, see README.Debian about
 #       other settings you may need to change.
 #server-id              = 1
 #log_bin                = /var/log/mysql/mysql-bin.log
 expire_logs_days        = 10
 #max_binlog_size        = 100M
 #binlog_do_db           = include_database_name
 #binlog_ignore_db       = exclude_database_name
 #
 # * Security Features
 #
 # Read the manual, too, if you want chroot!
 #chroot = /var/lib/mysql/
 #
 # For generating SSL certificates you can use for example the GUI tool "tinyca".
 #
 #ssl-ca = /etc/mysql/cacert.pem
 #ssl-cert = /etc/mysql/server-cert.pem
 #ssl-key = /etc/mysql/server-key.pem
 #
 # Accept only connections using the latest and most secure TLS protocol version.
 # ..when MariaDB is compiled with OpenSSL:
 #ssl-cipher = TLSv1.2
 # ..when MariaDB is compiled with YaSSL (default in Debian):
 #ssl = on
 #
 # * Character sets
 #
 # MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
 # utf8 4-byte character set. See also client.cnf
 #
 character-set-server  = utf8mb4
 collation-server      = utf8mb4_general_ci
 #
 # * InnoDB
 #
 # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
 # Read the manual for more InnoDB related options. There are many!
 #
 # * Unix socket authentication plugin is built-in since 10.0.22-6
 #
 # Needed so the root database user can authenticate without a password but
 # only when running as the unix root user.
 #
 # Also available for other users if required.
 # See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
 # this is only for embedded server
 [embedded]
 # This group is only read by MariaDB servers, not by MySQL.
 # If you use the same .cnf file for MySQL and MariaDB,
 # you can put MariaDB-only options here
 [mariadb]
 # This group is only read by MariaDB-10.3 servers.
 # If you use the same .cnf file for MariaDB of different versions,
 # use this group for options that older servers don't understand
 [mariadb-10.3]
--- a/mariadb/Dockerfile
+++ b/mariadb/Dockerfile
@ -4,7 +4,15 @@ RUN apt-get update && \
    apt-get -qy install mariadb-server &&\
    apt-get clean
 COPY 50-server.cnf /etc/mysql/mariadb.conf.d/50-server.cnf
 VOLUME /var/lib/mysql
-CMD ["/usr/bin/mysqld_safe"]]
+EXPOSE 3306
 CMD ["/usr/bin/mysqld_safe"]
 #CMD ["/usr/bin/mysqld_safe","--log-error=/tmp/mysql.error.log"]
 #CMD ["/usr/bin/mysqld_safe"]
--- a/mariadb/entrypoint.sh
+++ b/mariadb/entrypoint.sh
@ -0,0 +1,3 @@
 #!/bin/sh
 #/usr/bin/mysqladmin -u root password SECRET
--- a/nginx/Dockerfile
+++ b/nginx/Dockerfile
@ -5,12 +5,12 @@ RUN apt-get update && \
    apt-get clean
 COPY sd.conf /etc/nginx/sites-available/sd.conf
 COPY fastcgi_params /etc/nginx/fastcgi_params
 RUN rm /etc/nginx/sites-enabled/default
 RUN ln -s /etc/nginx/sites-available/sd.conf /etc/nginx/sites-enabled/sd.conf
-VOLUME /var/www/html
+VOLUME /sindominio/wordpress
 EXPOSE 443
 EXPOSE 80
 CMD /usr/sbin/nginx -g "daemon off; master_process off;"
--- a/nginx/fastcgi_params
+++ b/nginx/fastcgi_params
@ -0,0 +1,25 @@
 fastcgi_param  QUERY_STRING       $query_string;
 fastcgi_param  REQUEST_METHOD     $request_method;
 fastcgi_param  CONTENT_TYPE       $content_type;
 fastcgi_param  CONTENT_LENGTH     $content_length;
 fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
 fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
 fastcgi_param  REQUEST_URI        $request_uri;
 fastcgi_param  DOCUMENT_URI       $document_uri;
 fastcgi_param  DOCUMENT_ROOT      $document_root;
 fastcgi_param  SERVER_PROTOCOL    $server_protocol;
 fastcgi_param  REQUEST_SCHEME     $scheme;
 fastcgi_param  HTTPS              $https if_not_empty;
 fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
 fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
 fastcgi_param  REMOTE_ADDR        $remote_addr;
 fastcgi_param  REMOTE_PORT        $remote_port;
 fastcgi_param  SERVER_ADDR        $server_addr;
 fastcgi_param  SERVER_PORT        $server_port;
 fastcgi_param  SERVER_NAME        $server_name;
 # PHP only, required if PHP was built with --enable-force-cgi-redirect
 fastcgi_param  REDIRECT_STATUS    200;
--- a/nginx/sd.conf
+++ b/nginx/sd.conf
@ -9,15 +9,12 @@ map $blogname $blogid{
 }
 server {
-    listen 23080;
+    listen 80;
-    listen [::]:23080;
+    listen [::]:80;
-	server_name _default_;
+	server_name default_server;
    server_name wp.sindominio.net;
    server_name yyvaclqpmkx22jraecxtv5bt5ukqkjmygvhw2wk3ee5zl7jkavhs7rid.onion;
    server_name sindominio.net;
-    root /var/www/html;
+    root /sindominio/wordpress;
    index index.php;
    client_max_body_size 25M;
--- a/php-fpm/Dockerfile
+++ b/php-fpm/Dockerfile
@ -2,24 +2,29 @@ FROM registry.sindominio.net/debian
 RUN apt-get update && \
                apt-get -qy install \
-                        php-fpm php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \
+                        php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \
-                        ghostscript wget openssl && \
+                        ghostscript wget curl openssl && \
    apt-get clean
 RUN useradd -lMs /sbin/nologin wordpress
 WORKDIR sindominio
 COPY wordpress.conf /etc/php/7.3/fpm/pool.d/www.conf
 RUN mkdir /run/php/
 RUN mkdir logs
 WORKDIR sindominio
 RUN wget -O wordpress.tar.gz "https://wordpress.org/latest.tar.gz"
 RUN tar -xzf wordpress.tar.gz
 RUN rm wordpress.tar.gz
-COPY wp-config.php /sindominio/wordpress/wp-config.php
+ADD wp-config.php /sindominio/wordpress/wp-config.php
-RUN chown -R www-data:www-data /sindominio/wordpress
+RUN chown -R wordpress:wordpress /sindominio/wordpress
 RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
 RUN chmod +x wp-cli.phar
 RUN mv wp-cli.phar /usr/local/bin/wp
 EXPOSE 9000
 VOLUME /sindominio/
--- a/php-fpm/wordpress.conf
+++ b/php-fpm/wordpress.conf
@ -12,5 +12,3 @@ pm.max_children = 5
 pm.start_servers = 2
 pm.min_spare_servers = 1
 pm.max_spare_servers = 3
 php_admin_value[error_log] = /wordpress/logs/fpm-php.log
--- a/php-fpm/wp-config.php
+++ b/php-fpm/wp-config.php
@ -0,0 +1,58 @@
 <?php
 define('DB_NAME', 'wordpress');
 define('DB_USER', 'wordpress');
 define('DB_PASSWORD', 'wordpress');
 define('DB_HOST', 'db');
 define('DB_CHARSET', 'utf8');
 define('DB_COLLATE', '');
 define('AUTH_KEY',         '#3xrpBKOpg(!!.@j+-]JX;OScI+Hb97P[V)u]KSF)gE)-i7^}p|w[@=h8@^8ecy[');
 define('SECURE_AUTH_KEY',  '_F7=cxiB@~~sQT]g0Bo/7zrN;+}T*g4w?!v3qK{mz|yIN|esAOyFX83`.!kZ#7KR');
 define('LOGGED_IN_KEY',    '`{{OPY/vJBJuPjk]9Thm.Yu51b?c$[*{Syv!gxd/a|sAl-K*kx|Tx!^-a&q)lzRe');
 define('NONCE_KEY',        '|,C-M-C6VBO&G8T6Nb5/$&.apBs-|Q6,*/@dFA6PQ~}O07D .=X-x!Dw,V3_F!pV');
 define('AUTH_SALT',        'SwKBu2e&`/zg)o 6[ao(qwW:(I6)N-7PeO/MTdf/F9&l,Ajw&I+ $1vs|/)ZY~mW');
 define('SECURE_AUTH_SALT', '+dKtXo]AId;,+[E[=6;R#84,&|!J?^|_1u8cocyI0c6wivPO|;-bQ>,|E7)C(:8v');
 define('LOGGED_IN_SALT',   'x&2H?)-BUUQlVmOF0$7Mdi]l@!l$sei=mHPSAwO)|El- :?=J-_hP$B^2(+jN]^i');
 define('NONCE_SALT',       'pt|N-?XvTdoRvA)cO`WC|lao[&zLVE^C4)V6?@bnv]BaF36_ss+WDQvU!cdFG$f.');
 $table_prefix  = 'wp_';
 define ('WPLANG', 'es_ES');
 define( 'WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] );
 define( 'WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] );
 define('WP_ALLOW_MULTISITE', true); //activa el menu de network
 define( 'MULTISITE', true );
 define( 'SUBDOMAIN_INSTALL', false ); // Blogs NO en subdominios sino en subpcarpetas
 $base = '/'; // Carpeta base. La raiz del dominio de instalacion (o subdominio), si no es barra no funciona el plugin domain-mapping
 define( 'DOMAIN_CURRENT_SITE', 'wp.sindominio.net' ); // dominio/subdominio principal.
 define( 'PATH_CURRENT_SITE', '/' );
 define( 'SITE_ID_CURRENT_SITE', 1 );
 define( 'BLOG_ID_CURRENT_SITE', 1 );
 define( 'SUNRISE', 'on' );
 define ( 'FORCE_SSL_ADMIN', true);
 if ($_SERVER['HTTP_X_FORWARD_PROTO'] == 'https')
  $_SERVER['HTTPS']='on';
 define('WP_FAIL2BAN_LOG_PINGBACKS',true);
 define('DISALLOW_FILE_EDIT',true);
 define('WP_MEMORY_LIMIT', '512M');
 define( 'EMPTY_TRASH_DAYS', 0 );
 /* ¡Eso es todo, deja de editar! Feliz blogging */
 /** WordPress absolute path to the Wordpress directory. */
 if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/');
 /** Sets up WordPress vars and included files. */
 require_once(ABSPATH . 'wp-settings.php');
 ?>
		`@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`#/usr/bin/mysqladmin -u root password SECRET`