Actualizacion de los ficheros de configuración y testeo en txirbil. Añaado también el README

README.md

@@ -0,0 +1,44 @@
+= WORDPRESS MULTISITE SINDOMINIO =
+
+La versión del wordpress multisite de Sindomnio usando Docker.
+
+Está dividido en tres containers:
+
+ * NGINX : El servidor que ofrece la web. Expone el puerto 80 y lo redirigimos al 8085 para tener acceso en **txirbilenea**. Tiene acceso al volumen de datos.  Los datos de configuración son los que se están usando en **patio**
+ * PHP-FPM: Expone el puerto 9000 para las peticiones de fastcgi desde el container NGINX. Creamos un usuario **wordpress** para el acceso a los datos del volumen compartido
+ * MARIADB: Base de datos con volumen propio. Deberemos configurar la base de datos y el usuario del wordpress.
+
+Y dos volumenes:
+
+ * DATA : Con los archivos PHP, documentos, ... necesarios para usar Wordpress
+ * DB : Los archivos de la base de datos MariaDB 
+
+== WP-CONFIG : Configuración de Wordpress ==
+
+Editar correctamente los datos de la base de datos en el wp-config.php situado en **php-fmp**
+
+== CREACIÓN DE BASE DE DATOS ==
+
+Con los datos de wp-config.php debermos crear la base de datos en nuestro container.
+
+```
+ # docker exec -it sd_wp_db bash
+
+ # mysql -u root -p
+
+ CREATE DATABASE wordpress;
+
+ GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%' IDENTIFIED BY 'wordpress';
+```
+
+== MIGRACIÓN ==
+
+Deberemos copiar los archivos de wp-content (plugins/themes/files) de la vieja instalación al nuevo volumen.
+
+Deberemos hacer un **mysqldump** de la base de datos vieja e importarlos en nuestro nuevo container de base de datos **wordpress** a través de un **docker exec -it sd_wp_db mysql -u root -p wordpress < database_vieja.sql**
+
+Para finalizar, deberemos reconfigurar el proxypass de **labo03** para que apunte a **txirbilenea** al puerto **8085** que es el puerto expuesto en el docker-compose para el acceso al NGINX.
+
+== TODO ==
+
+Configurar el **wp-cli** en la maquina de **php-fpm** para automatizar la actualización de plugins/themes/core de Wordpress.

docker-compose.yml

@@ -9,10 +9,9 @@ services:
     links:
         - php-fpm:wp
     ports:
-        - "80:80"
+        - "8085:80"
-        - "443:443"
     volumes:
-            - sd-wp-data:/var/www/html
+            - data:/sindominio/wordpress
 
   php-fpm:
     build: "./php-fpm/"
@@ -23,14 +22,14 @@ services:
     depends_on:
       - mariadb
     volumes:
-            - sd-wp-data:/sindominio/wordpress
+            - data:/sindominio/wordpress
 
   mariadb:
     build: "./mariadb/"
     container_name: sd_wp_db
     restart: always
     volumes:
-            - sd-wp-db:/var/lib/mysql
+            - db:/var/lib/mysql
 volumes:
-  sd-wp-data:
+ data:
-  sd-wp-db:
+ db:

mariadb/50-server.cnf

@@ -0,0 +1,133 @@
+#
+# These groups are read by MariaDB server.
+# Use it for options that only the server (but not clients) should see
+#
+# See the examples of server my.cnf files in /usr/share/mysql
+
+# this is read by the standalone daemon and embedded servers
+[server]
+
+# this is only for the mysqld standalone daemon
+[mysqld]
+
+#
+# * Basic Settings
+#
+user                    = mysql
+pid-file                = /run/mysqld/mysqld.pid
+socket                  = /run/mysqld/mysqld.sock
+#port                   = 3306
+basedir                 = /usr
+datadir                 = /var/lib/mysql
+tmpdir                  = /tmp
+lc-messages-dir         = /usr/share/mysql
+#skip-external-locking
+
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address            = 0.0.0.0
+
+#
+# * Fine Tuning
+#
+#key_buffer_size        = 16M
+#max_allowed_packet     = 16M
+#thread_stack           = 192K
+#thread_cache_size      = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+#myisam_recover_options = BACKUP
+#max_connections        = 100
+#table_cache            = 64
+#thread_concurrency     = 10
+
+#
+# * Query Cache Configuration
+#
+#query_cache_limit      = 1M
+query_cache_size        = 16M
+
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file       = /var/log/mysql/mysql.log
+#general_log            = 1
+#
+# Error log - should be very few entries.
+#
+log_error = /var/log/mysql/error.log
+#
+# Enable the slow query log to see queries with especially long duration
+#slow_query_log_file    = /var/log/mysql/mariadb-slow.log
+#long_query_time        = 10
+#log_slow_rate_limit    = 1000
+#log_slow_verbosity     = query_plan
+#log-queries-not-using-indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+#       other settings you may need to change.
+#server-id              = 1
+#log_bin                = /var/log/mysql/mysql-bin.log
+expire_logs_days        = 10
+#max_binlog_size        = 100M
+#binlog_do_db           = include_database_name
+#binlog_ignore_db       = exclude_database_name
+
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+#chroot = /var/lib/mysql/
+#
+# For generating SSL certificates you can use for example the GUI tool "tinyca".
+#
+#ssl-ca = /etc/mysql/cacert.pem
+#ssl-cert = /etc/mysql/server-cert.pem
+#ssl-key = /etc/mysql/server-key.pem
+#
+# Accept only connections using the latest and most secure TLS protocol version.
+# ..when MariaDB is compiled with OpenSSL:
+#ssl-cipher = TLSv1.2
+# ..when MariaDB is compiled with YaSSL (default in Debian):
+#ssl = on
+
+#
+# * Character sets
+#
+# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
+# utf8 4-byte character set. See also client.cnf
+#
+character-set-server  = utf8mb4
+collation-server      = utf8mb4_general_ci
+
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+
+#
+# * Unix socket authentication plugin is built-in since 10.0.22-6
+#
+# Needed so the root database user can authenticate without a password but
+# only when running as the unix root user.
+#
+# Also available for other users if required.
+# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
+
+# this is only for embedded server
+[embedded]
+
+# This group is only read by MariaDB servers, not by MySQL.
+# If you use the same .cnf file for MySQL and MariaDB,
+# you can put MariaDB-only options here
+[mariadb]
+
+# This group is only read by MariaDB-10.3 servers.
+# If you use the same .cnf file for MariaDB of different versions,
+# use this group for options that older servers don't understand
+[mariadb-10.3]

mariadb/Dockerfile

@@ -4,7 +4,15 @@ RUN apt-get update && \
     apt-get -qy install mariadb-server &&\
     apt-get clean
 
+COPY 50-server.cnf /etc/mysql/mariadb.conf.d/50-server.cnf
+
 VOLUME /var/lib/mysql
 
-CMD ["/usr/bin/mysqld_safe"]]
+EXPOSE 3306
+
+CMD ["/usr/bin/mysqld_safe"]
+#CMD ["/usr/bin/mysqld_safe","--log-error=/tmp/mysql.error.log"]
+#CMD ["/usr/bin/mysqld_safe"]
+
+
 

mariadb/entrypoint.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+#/usr/bin/mysqladmin -u root password SECRET

nginx/Dockerfile

@@ -5,12 +5,12 @@ RUN apt-get update && \
     apt-get clean
 
 COPY sd.conf /etc/nginx/sites-available/sd.conf
+COPY fastcgi_params /etc/nginx/fastcgi_params
 RUN rm /etc/nginx/sites-enabled/default
 RUN ln -s /etc/nginx/sites-available/sd.conf /etc/nginx/sites-enabled/sd.conf
 
-VOLUME /var/www/html
+VOLUME /sindominio/wordpress
 
-EXPOSE 443
 EXPOSE 80
 
 CMD /usr/sbin/nginx -g "daemon off; master_process off;"

nginx/fastcgi_params

@@ -0,0 +1,25 @@
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;

nginx/sd.conf

@@ -9,15 +9,12 @@ map $blogname $blogid{
 }
 
 server {
-    listen 23080;
+    listen 80;
-    listen [::]:23080;
+    listen [::]:80;
 
-	server_name _default_;
+	server_name default_server;
-    server_name wp.sindominio.net;
-    server_name yyvaclqpmkx22jraecxtv5bt5ukqkjmygvhw2wk3ee5zl7jkavhs7rid.onion;
-    server_name sindominio.net;
 
-    root /var/www/html;
+    root /sindominio/wordpress;
     index index.php;
 
     client_max_body_size 25M;

php-fpm/Dockerfile

@@ -2,24 +2,29 @@ FROM registry.sindominio.net/debian
 
 RUN apt-get update && \
                 apt-get -qy install \
-                        php-fpm php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \
+                        php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip \
-                        ghostscript wget openssl && \
+                        ghostscript wget curl openssl && \
     apt-get clean
 
 RUN useradd -lMs /sbin/nologin wordpress
 
-WORKDIR sindominio
 
 COPY wordpress.conf /etc/php/7.3/fpm/pool.d/www.conf
 RUN mkdir /run/php/
 RUN mkdir logs
 
 
+WORKDIR sindominio
+
 RUN wget -O wordpress.tar.gz "https://wordpress.org/latest.tar.gz"
 RUN tar -xzf wordpress.tar.gz
 RUN rm wordpress.tar.gz
-COPY wp-config.php /sindominio/wordpress/wp-config.php
+ADD wp-config.php /sindominio/wordpress/wp-config.php
-RUN chown -R www-data:www-data /sindominio/wordpress
+RUN chown -R wordpress:wordpress /sindominio/wordpress
+
+RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
+RUN chmod +x wp-cli.phar
+RUN mv wp-cli.phar /usr/local/bin/wp
 
 EXPOSE 9000
 VOLUME /sindominio/

php-fpm/wordpress.conf

@@ -12,5 +12,3 @@ pm.max_children = 5
 pm.start_servers = 2
 pm.min_spare_servers = 1
 pm.max_spare_servers = 3
-
-php_admin_value[error_log] = /wordpress/logs/fpm-php.log

php-fpm/wp-config.php

@@ -0,0 +1,58 @@
+<?php
+
+define('DB_NAME', 'wordpress');
+define('DB_USER', 'wordpress');
+define('DB_PASSWORD', 'wordpress');
+define('DB_HOST', 'db');
+define('DB_CHARSET', 'utf8');
+define('DB_COLLATE', '');
+
+define('AUTH_KEY',         '#3xrpBKOpg(!!.@j+-]JX;OScI+Hb97P[V)u]KSF)gE)-i7^}p|w[@=h8@^8ecy[');
+define('SECURE_AUTH_KEY',  '_F7=cxiB@~~sQT]g0Bo/7zrN;+}T*g4w?!v3qK{mz|yIN|esAOyFX83`.!kZ#7KR');
+define('LOGGED_IN_KEY',    '`{{OPY/vJBJuPjk]9Thm.Yu51b?c$[*{Syv!gxd/a|sAl-K*kx|Tx!^-a&q)lzRe');
+define('NONCE_KEY',        '|,C-M-C6VBO&G8T6Nb5/$&.apBs-|Q6,*/@dFA6PQ~}O07D .=X-x!Dw,V3_F!pV');
+define('AUTH_SALT',        'SwKBu2e&`/zg)o 6[ao(qwW:(I6)N-7PeO/MTdf/F9&l,Ajw&I+ $1vs|/)ZY~mW');
+define('SECURE_AUTH_SALT', '+dKtXo]AId;,+[E[=6;R#84,&|!J?^|_1u8cocyI0c6wivPO|;-bQ>,|E7)C(:8v');
+define('LOGGED_IN_SALT',   'x&2H?)-BUUQlVmOF0$7Mdi]l@!l$sei=mHPSAwO)|El- :?=J-_hP$B^2(+jN]^i');
+define('NONCE_SALT',       'pt|N-?XvTdoRvA)cO`WC|lao[&zLVE^C4)V6?@bnv]BaF36_ss+WDQvU!cdFG$f.');
+
+$table_prefix  = 'wp_';
+
+define ('WPLANG', 'es_ES');
+
+define( 'WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] );
+define( 'WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] );
+define('WP_ALLOW_MULTISITE', true); //activa el menu de network
+
+define( 'MULTISITE', true );
+define( 'SUBDOMAIN_INSTALL', false ); // Blogs NO en subdominios sino en subpcarpetas
+$base = '/'; // Carpeta base. La raiz del dominio de instalacion (o subdominio), si no es barra no funciona el plugin domain-mapping
+define( 'DOMAIN_CURRENT_SITE', 'wp.sindominio.net' ); // dominio/subdominio principal.
+define( 'PATH_CURRENT_SITE', '/' );
+define( 'SITE_ID_CURRENT_SITE', 1 );
+define( 'BLOG_ID_CURRENT_SITE', 1 );
+
+define( 'SUNRISE', 'on' );
+
+define ( 'FORCE_SSL_ADMIN', true);
+
+if ($_SERVER['HTTP_X_FORWARD_PROTO'] == 'https')
+  $_SERVER['HTTPS']='on';
+
+define('WP_FAIL2BAN_LOG_PINGBACKS',true);
+
+define('DISALLOW_FILE_EDIT',true);
+
+define('WP_MEMORY_LIMIT', '512M');
+define( 'EMPTY_TRASH_DAYS', 0 );
+
+/* ¡Eso es todo, deja de editar! Feliz blogging */
+
+/** WordPress absolute path to the Wordpress directory. */
+if ( !defined('ABSPATH') )
+        define('ABSPATH', dirname(__FILE__) . '/');
+
+/** Sets up WordPress vars and included files. */
+require_once(ABSPATH . 'wp-settings.php');
+?>
+