roro 0.3.22 → 0.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +99 -68
- data/.gitignore +31 -7
- data/.ruby-version +1 -0
- data/Gemfile +1 -1
- data/Guardfile +23 -13
- data/README.md +9 -10
- data/bin/console +1 -1
- data/bin/setup +1 -1
- data/docker-compose.yml +3 -3
- data/lib/roro/cli/generate/generate.rb +52 -1
- data/lib/roro/cli/generate/generate_containers.rb +23 -0
- data/lib/roro/cli/generate/generate_environments.rb +25 -0
- data/lib/roro/cli/generate/generate_exposed.rb +4 -11
- data/lib/roro/cli/generate/generate_keys.rb +7 -6
- data/lib/roro/cli/generate/generate_mise.rb +13 -0
- data/lib/roro/cli/generate/generate_obfuscated.rb +5 -25
- data/lib/roro/cli/roll_your_own.rb +12 -0
- data/lib/roro/cli/rollon.rb +11 -138
- data/lib/roro/cli.rb +30 -23
- data/lib/roro/common/file_reflection.rb +33 -0
- data/lib/roro/common/utilities.rb +185 -0
- data/lib/roro/configurator.rb +14 -14
- data/lib/roro/configurators/adventure_case_builder.rb +65 -0
- data/lib/roro/configurators/adventure_chooser.rb +46 -0
- data/lib/roro/configurators/adventure_picker.rb +68 -0
- data/lib/roro/configurators/adventure_writer.rb +34 -0
- data/lib/roro/configurators/catalog_builder.rb +17 -0
- data/lib/roro/configurators/configurator.rb +64 -0
- data/lib/roro/configurators/eligibility.rb +141 -0
- data/lib/roro/configurators/question_asker.rb +29 -0
- data/lib/roro/configurators/question_builder.rb +83 -0
- data/lib/roro/configurators/structure_builder.rb +34 -0
- data/lib/roro/configurators/utilities.rb +188 -0
- data/lib/roro/configurators/validator.rb +109 -0
- data/lib/roro/crypto/cipher.rb +35 -0
- data/lib/roro/crypto/exposer.rb +33 -0
- data/lib/roro/crypto/file_writer.rb +14 -0
- data/lib/roro/crypto/key_writer.rb +35 -0
- data/lib/roro/crypto/obfuscator.rb +25 -0
- data/lib/roro/error.rb +31 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/fatsufodo.yml +1 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/django.yml +38 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/templates/stage_one/Dockerfile.tt +7 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/templates/stage_one/docker-compose.yml.tt +20 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/templates/stage_one/requirements.txt.tt +2 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/templates/stage_two/settings.py +130 -0
- data/lib/roro/{templates/base/jumpstart → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/test/stage_one/dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/test/stage_one/stage_one_test.rb +37 -0
- data/lib/roro/{templates/base/roro → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/django/test/stage_two/dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/expressjs/expressjs.yml +8 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/expressjs/templates/stage_one/Dockerfile.tt +14 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/expressjs/templates/stage_one/docker-compose.yml.tt +21 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/flask.yml +14 -0
- data/lib/roro/{templates/base/roro/roro → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/templates/stage_one}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/templates/stage_one/Dockerfile +11 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/templates/stage_one/app.py +23 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/templates/stage_one/docker-compose.yml +8 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/templates/stage_one/requirements.txt +2 -0
- data/lib/roro/{templates/base/roro/roro/containers → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/test}/.keep +0 -0
- data/lib/roro/{templates/base/roro/roro/containers/app → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/test/stage_one}/.keep +0 -0
- data/lib/roro/{templates/base/roro/roro/containers/frontend → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/test/stage_one/stage_dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/flask/test/stage_one/stage_test.rb +37 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/rails.yml +12 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_one/Dockerfile.tt +16 -0
- data/lib/roro/{templates/base/roro/roro/keys/.keep → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_one/Gemfile.lock.tt} +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_one/Gemfile.tt +2 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_one/docker-compose.yml.tt +9 -0
- data/lib/roro/{templates/base/roro/roro/docker-entrypoint.sh.tt → stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_one/entrypoint.sh} +1 -1
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/rails/templates/stage_two/database.yml.tt +16 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/wordpress/templates/stage_one/docker-compose.yml.tt +31 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/fatsufodo/stories/wordpress/wordpress.yml +17 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/okonomi/okonomi.yml +1 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/roll_your_own.yml +23 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/%interpolated_story_name%.yml.tt +10 -0
- data/lib/roro/{templates/rails/.circleci → stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/templates/stage_one}/.keep +0 -0
- data/lib/roro/{templates/rails → stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/test}/.keep +0 -0
- data/lib/roro/{templates/rails/database/with_postgresql → stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/test/stage_one}/.keep +0 -0
- data/lib/roro/{templates/rails/dotenv → stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/test/stage_one/stage_dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/templates/stage_one/%interpolated_stack_path%/test/stage_one/stage_test.rb.tt +37 -0
- data/lib/roro/{templates/rails/roro → stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/test/stage_one/dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/okonomi/stories/roll_your_own/test/stage_one/stage_one_test.rb +58 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/omakase.yml +1 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/rails.yml +13 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_one/Dockerfile.tt +16 -0
- data/lib/roro/{templates/rails/roro/containers/.keep → stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_one/Gemfile.lock.tt} +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_one/Gemfile.tt +2 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_one/docker-compose.yml.tt +17 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_one/entrypoint.sh +8 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/rails/templates/stage_two/database.yml.tt +16 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/.env +38 -0
- data/lib/roro/{templates/rails/roro/containers/app → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/LICENSE +674 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/README.md +346 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/build.sh +39 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/config/nginx/cfg/nginx-custom-configs.conf +117 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/config/nginx/cfg/nginx-wp-hardening.conf +131 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/config/nginx/tpl/nginx-http.conf.template +103 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/config/nginx/tpl/nginx-https.conf.example +123 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/config/php.conf.ini +3 -0
- data/lib/roro/{templates/rails/roro/containers/frontend/.keep → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/data/certbot/conf/.placeholder} +0 -0
- data/lib/roro/{templates/rails/roro/keys/.keep → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/data/certbot/www/.placeholder} +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/docker-compose-build.yml +24 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/docker-compose-dev.yml +96 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/docker-compose-prod.yml +147 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/dump_mysql.sh +16 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/init_letsencrypt.sh +80 -0
- data/lib/roro/{templates/rails/roro/kube/.keep → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/mysql-dumps/.placeholder} +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/push.sh +22 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/wordpress/Dockerfile +14 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/wordpress/adduser.sh +15 -0
- data/lib/roro/{templates/rails/roro/kube/certificate.yml.tt → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/wordpress-sql/.placeholder} +0 -0
- data/lib/roro/{templates/rails/roro/kube/cluster-issuer.yml.tt → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/templates/stage_one/wordpress-src/.placeholder} +0 -0
- data/lib/roro/{templates/ruby_gem/.circleci → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/test}/.keep +0 -0
- data/lib/roro/{templates/ruby_gem/roro/containers → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/test/stage_one}/.keep +0 -0
- data/lib/roro/{templates/ruby_gem/roro/keys → stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/test/stage_one/stage_dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/test/stage_one/stage_test.rb +40 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/omakase/stories/wordpress/wordpress.yml +76 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/fatsufodo.yml +1 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/django.yml +36 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/templates/stage_one/Dockerfile.tt +7 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/templates/stage_one/docker-compose.yml.tt +20 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/templates/stage_one/requirements.txt.tt +2 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/templates/stage_two/settings.py +130 -0
- data/{roro/containers → lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/test/stage_one/dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/test/stage_one/stage_one_test.rb +37 -0
- data/{roro/keys → lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/django/test/stage_two/dummy}/.keep +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/expressjs/expressjs.yml +7 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/expressjs/templates/stage_one/Dockerfile.tt +14 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/expressjs/templates/stage_one/docker-compose.yml.tt +21 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/rails.yml +12 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_one/Dockerfile.tt +16 -0
- data/lib/roro/{templates/rails/roro/kube/ingress.yml.tt → stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_one/Gemfile.lock.tt} +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_one/Gemfile.tt +2 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_one/docker-compose.yml.tt +17 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_one/entrypoint.sh +8 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/rails/templates/stage_two/database.yml.tt +16 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/__MACOSX/scripts/._.DS_Store +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/.DS_Store +0 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/base/bundler.sh +22 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/base/git.sh +21 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/base/rvm.sh +38 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/base/utilities.sh +53 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/base.sh +6 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/initialize/clone_idea.sh +14 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/initialize/clone_repos.sh +33 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/initialize/install_correct_bundler.sh +21 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/initialize/install_rubies.sh +6 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/initialize.sh +18 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/roro.sh +15 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/source.sh +28 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/utility/bundle_all.sh +12 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/utility/git_pull_all.sh +15 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/utility/rvm_install_all.sh +12 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/roro/templates/scripts/utility/yarn_install_all.sh +10 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/wordpress/templates/stage_one/docker-compose.yml.tt +31 -0
- data/lib/roro/stacks/catalog/unstoppable/developer_styles/sashimi/stories/wordpress/wordpress.yml +16 -0
- data/{sandbox → lib/roro/stacks/library/roro}/.keep +0 -0
- data/lib/roro/stacks/library/roro/docker_compose/docker-compose.yml +22 -0
- data/lib/roro/stacks/library/roro/k8s/k8s.yml +15 -0
- data/lib/roro/{templates/rails/roro/kube/job-migrate.yml.tt → stacks/library/roro/plots/node/.keep} +0 -0
- data/lib/roro/stacks/library/roro/plots/node/node.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/php/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/php/php.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/django/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/django/django.yml +10 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/django/templates/Dockerfile +7 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/django/templates/docker-compose.yml +20 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/django/templates/requirements.txt +2 -0
- data/lib/roro/stacks/library/roro/plots/python/plots/flask/flask.yml +0 -0
- data/lib/roro/stacks/library/roro/plots/python/python.yml +1 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/databases/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/databases/mysql.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/databases/postgres.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails/rails.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails/templates/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails_react/rails_react.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails_react/templates/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails_vue/rails_vue.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/plots/rails_vue/templates/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/rails.yml +16 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/rails/templates/.keep +0 -0
- data/lib/roro/stacks/library/roro/plots/ruby/plots/ruby_gem/ruby_gem.yml +22 -0
- data/lib/roro/stacks/library/roro/plots/ruby/ruby.yml +22 -0
- data/lib/roro/stacks/library/roro/roro/roro.yml +15 -0
- data/lib/roro/{stories → stacks/stories_v1}/greenfield/rails.yml +2 -2
- data/lib/roro/stacks/stories_v1/greenfield/roro.yml +7 -0
- data/lib/roro/{stories → stacks/stories_v1}/greenfield.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/ci_cd/circleci.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/ci_cd.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/database/mysql.yml +1 -1
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/database/postgresql.yml +1 -1
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/database.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/kubernetes/postgresql/default.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/kubernetes/postgresql/edge.yml +0 -0
- data/lib/roro/stacks/stories_v1/rollon/rails/kubernetes/postgresql.yml +10 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails/kubernetes.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/rails.yml +7 -7
- data/lib/roro/stacks/stories_v1/rollon/roro.yml +5 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon/ruby_gem.yml +0 -0
- data/lib/roro/{stories → stacks/stories_v1}/rollon.yml +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/.circleci/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/.circleci/config.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/.circleci/jobs/_build.yml +1 -1
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/.circleci/jobs/_push.yml +1 -1
- data/lib/roro/stacks/stories_v1/templates/rails/.circleci/jobs/_test.yml +12 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/.circleci/setup-gem-credentials.sh +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/.circleci/workflows/_build_test_push.yml +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/Dockerfile.greenfield.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/config/database.mysql.yml +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/config/database.pg.yml +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/database/with_mysql/_service.yml +10 -0
- data/lib/roro/stacks/stories_v1/templates/rails/database/with_postgresql/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/database/with_postgresql/_service.yml +7 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/docker-compose.yml.tt +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/dotenv/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/dotenv/database.mysql.env.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/dotenv/database.pg.env.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/dotenv/web.env.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/kube.rake.tt +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/containers/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/containers/app/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/containers/app/Dockerfile.tt +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/containers/frontend/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/docker-entrypoint.sh +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/keys/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/kube/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/kube/certificate.yml.tt +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/kube/cluster-issuer.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/deployment.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/deployments/postgres_deploy.yaml +3 -3
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/deployments/rails_deploy.yaml +5 -5
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/deployments/redis_deploy.yaml +2 -2
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/deployments/sidekiq_deploy.yaml +3 -3
- data/lib/roro/stacks/stories_v1/templates/rails/roro/kube/ingress.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/ingresses/ingress.yaml +0 -0
- data/lib/roro/stacks/stories_v1/templates/rails/roro/kube/job-migrate.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/jobs/setup.yaml +1 -1
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/secret-digital-ocean.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/service.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/services/postgres_svc.yaml +2 -2
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/services/rails_svc.yaml +3 -3
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/services/redis_svc.yaml +2 -2
- data/lib/roro/{templates → stacks/stories_v1/templates}/rails/roro/kube/volumes/postgres_volumes.yaml +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/containers/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/containers/database/env/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/containers/database/scripts/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/env/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/keys/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/.keep +0 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/base/bundler.sh +22 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/base/git.sh +21 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/base/rvm.sh +38 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/base/utilities.sh +53 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/base.sh +6 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/initialize/clone_idea.sh +14 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/initialize/clone_repos.sh +33 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/initialize/install_correct_bundler.sh +21 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/initialize/install_rubies.sh +6 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/initialize.sh +18 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/roro.sh +15 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/source.sh +28 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/utility/bundle_all.sh +12 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/utility/git_pull_all.sh +15 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/utility/rvm_install_all.sh +12 -0
- data/lib/roro/stacks/stories_v1/templates/roro/scripts/utility/yarn_install_all.sh +10 -0
- data/lib/roro/stacks/stories_v1/templates/ruby_gem/.circleci/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/.circleci/config.yml.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/.circleci/jobs/_test.yml +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/.circleci/setup-gem-credentials.sh +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/docker-compose.yml +1 -1
- data/lib/roro/stacks/stories_v1/templates/ruby_gem/roro/containers/.keep +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/roro/containers/ruby_image/Dockerfile.tt +0 -0
- data/lib/roro/{templates → stacks/stories_v1/templates}/ruby_gem/roro/containers/ruby_image/ci.env.tt +0 -0
- data/lib/roro/stacks/stories_v1/templates/ruby_gem/roro/keys/.keep +0 -0
- data/lib/roro/version.rb +1 -1
- data/lib/roro.rb +59 -14
- data/mise/containers/ruby_gem/Dockerfile +16 -0
- data/{roro/containers/app/Dockerfile → mise/containers/ruby_gem/Dockerfile-app} +0 -0
- data/{roro/containers/ruby_image/Dockerfile → mise/containers/ruby_gem/Dockerfile-ruby_gem} +0 -0
- data/mise/containers/ruby_gem/env/.keep +0 -0
- data/mise/containers/ruby_gem/env/base.env.enc +1 -0
- data/mise/containers/ruby_gem/env/ci.env.enc +2 -0
- data/mise/containers/ruby_gem/env/development.env.enc +1 -0
- data/mise/containers/ruby_gem/env/production.env.enc +1 -0
- data/mise/containers/ruby_gem/scripts/.keep +0 -0
- data/mise/env/base.env.enc +1 -0
- data/mise/env/ci.env.enc +1 -0
- data/mise/env/development.env.enc +1 -0
- data/mise/env/production.env.enc +1 -0
- data/mise/mise.roro +0 -0
- data/process.yml +401 -0
- data/roro.gemspec +6 -1
- metadata +322 -118
- data/lib/roro/cli/generate/generate_story.rb +0 -18
- data/lib/roro/cli/greenfield/rails.rb +0 -14
- data/lib/roro/cli/rollon/rails/base/base.rb +0 -4
- data/lib/roro/cli/rollon/rails/base/insert_gems.rb +0 -23
- data/lib/roro/cli/rollon/rails/base/insertions.rb +0 -27
- data/lib/roro/cli/rollon/rails/database/with_mysql.rb +0 -22
- data/lib/roro/cli/rollon/rails/database/with_postgresql.rb +0 -20
- data/lib/roro/cli/rollon/rails/database.rb +0 -26
- data/lib/roro/cli/rollon/ruby_gem/with_ci_cd.rb +0 -45
- data/lib/roro/cli/rollon/ruby_gem.rb +0 -1
- data/lib/roro/cli/rollon/stories.rb +0 -2
- data/lib/roro/configurator/eligibility.rb +0 -137
- data/lib/roro/configurator/okonomi.rb +0 -28
- data/lib/roro/configurator/omakase.rb +0 -170
- data/lib/roro/crypto.rb +0 -113
- data/lib/roro/stories/rollon/rails/kubernetes/postgresql.yml +0 -10
- data/lib/roro/templates/base/.circleci/_aliases.yml +0 -8
- data/lib/roro/templates/base/.circleci/_commands.yml +0 -31
- data/lib/roro/templates/base/.circleci/_defaults.yml +0 -5
- data/lib/roro/templates/base/.circleci/_executors.yml +0 -11
- data/lib/roro/templates/base/.circleci/_major_only.yml +0 -4
- data/lib/roro/templates/base/.circleci/_version.yml +0 -1
- data/lib/roro/templates/base/.circleci/_workflow.yml +0 -2
- data/lib/roro/templates/base/.circleci/config.job-example.yml +0 -33
- data/lib/roro/templates/base/.circleci/jobs/_build.yml +0 -4
- data/lib/roro/templates/base/.circleci/jobs/_release.yml +0 -12
- data/lib/roro/templates/base/.circleci/workflows/_build_release.yml +0 -10
- data/lib/roro/templates/base/.dockerignore +0 -51
- data/lib/roro/templates/base/dotenv +0 -1
- data/lib/roro/templates/base/jumpstart/Dockerfile.tt +0 -30
- data/lib/roro/templates/base/jumpstart/docker-compose.yml +0 -59
- data/lib/roro/templates/base/jumpstart/docker-entrypoint.sh +0 -16
- data/lib/roro/templates/base/livereload/hosts.example +0 -7
- data/lib/roro/templates/rails/.circleci/jobs/_test.yml +0 -12
- data/lib/roro/templates/rails/database/with_mysql/_service.yml +0 -10
- data/lib/roro/templates/rails/database/with_postgresql/_service.yml +0 -7
- data/roro/containers/app/dotenv +0 -1
@@ -0,0 +1,346 @@
|
|
1
|
+
# wordpress-docker
|
2
|
+
|
3
|
+
[![Wordpress CI](https://github.com/garutilorenzo/wordpress-docker/actions/workflows/ci.yml/badge.svg)](https://github.com/garutilorenzo/wordpress-docker/actions/workflows/ci.yml)
|
4
|
+
[![GitHub issues](https://img.shields.io/github/issues/garutilorenzo/wordpress-docker)](https://github.com/garutilorenzo/wordpress-docker/issues)
|
5
|
+
![GitHub](https://img.shields.io/github/license/garutilorenzo/wordpress-docker)
|
6
|
+
[![GitHub forks](https://img.shields.io/github/forks/garutilorenzo/wordpress-docker)](https://github.com/garutilorenzo/wordpress-docker/network)
|
7
|
+
[![GitHub stars](https://img.shields.io/github/stars/garutilorenzo/wordpress-docker)](https://github.com/garutilorenzo/wordpress-docker/stargazers)
|
8
|
+
|
9
|
+
# Table of Contents
|
10
|
+
|
11
|
+
* [Requirements](#requirements)
|
12
|
+
* [Environment setup](#environment-setup)
|
13
|
+
* [Use the environment](#use-the-environment)
|
14
|
+
* [Import an existing WP site](#import-an-existing-wp-site)
|
15
|
+
* [WP Cli](#wp-cli)
|
16
|
+
* [Fix permission problem](#fix-permission-problem)
|
17
|
+
* [Nginx](#nginx)
|
18
|
+
* [SSL](#ssl)
|
19
|
+
* [Certbot/Let's encrypt](#certbotlets-encrypt)
|
20
|
+
* [Owned SSL certificates](#owned-ssl-certificates)
|
21
|
+
* [PhpMyAdmin](#phpmyadmin)
|
22
|
+
* [MySQL dump](#mysql-dump)
|
23
|
+
|
24
|
+
### Requirements
|
25
|
+
|
26
|
+
To use this environment you need [Docker](https://docs.docker.com/get-docker/) an [Docker compose](https://docs.docker.com/compose/install/) installed.
|
27
|
+
|
28
|
+
### Environment setup
|
29
|
+
|
30
|
+
You can find all the settings in the *.env* file in the root folder of this repository. The default settings are:
|
31
|
+
|
32
|
+
| Label | Required | Default | Description |
|
33
|
+
| ------- | -------- | ------- | ----------- |
|
34
|
+
| `ENV` | `yes` | `PROD` | Valid values are: PROD or DEV. Changing this varialbe the environment will use a different WP image. In DEV environment is used the docker image with embadded Apache, in prod env is used the php-fpm docker image |
|
35
|
+
| `WORDPRESS_IMAGE` | `yes` | `wordpress` | The [default](https://hub.docker.com/_/wordpress) docker image to use. |
|
36
|
+
| `WORDPRESS_PROD_VERSION` | `yes` | `php7.4-fpm` | Production docker image version (php-fpm)|
|
37
|
+
| `WORDPRESS_DEV_VERSION` | `yes` | `php7.4` | Development docker image version (embadded apache) |
|
38
|
+
| `WORDPRESS_CLI_VERSION` | `yes` | `cli-php7.4` | WP client docker image version |
|
39
|
+
| `WORDPRESS_DB_NAME` | `no` | `wordpress` | WP database name |
|
40
|
+
| `WORDPRESS_TABLE_PREFIX` | `no` | `wp_` | WP mysql table prefix |
|
41
|
+
| `WORDPRESS_DB_HOST` | `no` | `myslq` | MySQL container name |
|
42
|
+
| `WORDPRESS_DB_USER` | `no` | `wordpress` | MySQL WP user |
|
43
|
+
| `WORDPRESS_DB_PASSWORD` | `no` | `password` | MySQL WP user |
|
44
|
+
| `MARIADB_VERSION` | `no` | `latest` | MariaDB container version |
|
45
|
+
| `MYSQL_ROOT_PASSWORD` | `no` | `s3cretPassW0rd` | Development docker image version (embadded apache) |
|
46
|
+
| `MYSQL_DATA_DIR` | `no` | `./wordpress-sql` | Local path for MySQL backup/restore |
|
47
|
+
| `MYSQL_DUMP_DIR` | `no` | `./mysql-dumps` | Local where dump_mysql.sh store the MySQL dumps |
|
48
|
+
| `NGINX_VERSION` | `no` | `latest` | Nginx container version |
|
49
|
+
| `SERVER_NAME` | `yes` | `example.com` | Second level domain name (Example: example.com) |
|
50
|
+
| `SERVER_ALT_NAME` | `yes` | `www.example.com` | Third level domain name (Example: www.example.com) |
|
51
|
+
| `WP_CONTAINER_NAME` | `yes` | `wordpress` | WP container name (defined in docker-compose.yml) |
|
52
|
+
| `SECURE_SUBNET` | `no` | `192.168.0.0/16` | Secure subnet to allow traffic to wp-admin, wp-login.php and xmlrpc.php |
|
53
|
+
| `NGINX_CONF_DIR` | `no` | `./config/nginx/cfg/` | Nginx custom configuration path |
|
54
|
+
| `NGINX_TEMPLATE_DIR` | `no` | `./config/nginx/tpl/` | Nginx template configuration path |
|
55
|
+
| `WORDPRESS_UID` | `no` | `1000` | UID of the user running docker |
|
56
|
+
| `WORDPRESS_GID` | `no` | `1000` | GID of the user running docker |
|
57
|
+
| `WORDPRESS_USER` | `no` | `app` | Username used inside the WP docer container |
|
58
|
+
| `WORDPRESS_GROUP` | `no` | `app` | Group assigned to WORDPRESS_USER |
|
59
|
+
| `CUSTOM_WORDPRESS_IMAGE` | `no` | `my-wordpress` | WP custom docker image name |
|
60
|
+
|
61
|
+
### Use the environment
|
62
|
+
|
63
|
+
#### Development
|
64
|
+
|
65
|
+
If you would like to use this environment for local test or if you are developing a new plugin or theme you have to use the develompment version. To use this version create a symlink from docker-compose-dev.yml to docker-compose.yml
|
66
|
+
|
67
|
+
```
|
68
|
+
ln -s docker-compose-dev.yml docker-compose.yml
|
69
|
+
```
|
70
|
+
|
71
|
+
and change in the .env file the ENV value to DEV:
|
72
|
+
|
73
|
+
```
|
74
|
+
ENV=DEV
|
75
|
+
```
|
76
|
+
|
77
|
+
you can now start the environment with:
|
78
|
+
|
79
|
+
```
|
80
|
+
docker compose up -d
|
81
|
+
```
|
82
|
+
|
83
|
+
you can check the logs with:
|
84
|
+
|
85
|
+
```
|
86
|
+
docker compose logs -f
|
87
|
+
```
|
88
|
+
|
89
|
+
Now you have:
|
90
|
+
|
91
|
+
* wordpress listening on port 80 (with embadded Apache). Access your wordpress on http://localhost
|
92
|
+
* PhpMyAdmin listening on port 8080. Access PMA on http://localhost:8080 (see PhpMyAdmin section)
|
93
|
+
* MySQL running but is not listening on any interface
|
94
|
+
* Wordpress CLI container available (see WP Cli section)
|
95
|
+
|
96
|
+
If you are developing a new theme or plugin is possible that you're facing a permission problem, if you check the files permission under wordpress-src you see that the files are owned by www-data:
|
97
|
+
|
98
|
+
```
|
99
|
+
drwxr-xr-x 5 www-data www-data 4096 Oct 12 15:34 wordpress-src
|
100
|
+
```
|
101
|
+
|
102
|
+
To fix this issue see the "Fix permission problem" section
|
103
|
+
|
104
|
+
#### Production
|
105
|
+
|
106
|
+
If you are ready to spin up a production environment simply create a symlink from docker-compose-prod.yml to docker-compose.yml:
|
107
|
+
|
108
|
+
```
|
109
|
+
ln -s docker-compose-prod.yml docker-compose.yml
|
110
|
+
```
|
111
|
+
|
112
|
+
and check in the .env file that the ENV variable is set to PROD:
|
113
|
+
|
114
|
+
```
|
115
|
+
ENV=PROD
|
116
|
+
```
|
117
|
+
|
118
|
+
On production environment you have to configure also nginx. To do so, check the environment variables attached to the nginx container.
|
119
|
+
|
120
|
+
The environment variables are:
|
121
|
+
|
122
|
+
* SERVER_NAME: Second level domain name (Example: example.com)
|
123
|
+
* SERVER_ALT_NAME: Third level domain name (Example: www.example.com)
|
124
|
+
* WP_CONTAINER_NAME: WP container name (defined in docker-compose.yml)
|
125
|
+
* SECURE_SUBNET: Secure subnet to allow traffic to wp-admin, wp-login.php and xmlrpc.php (Default 192.168.0.0/16)
|
126
|
+
|
127
|
+
you can now start the environment with:
|
128
|
+
|
129
|
+
```
|
130
|
+
docker compose up -d
|
131
|
+
```
|
132
|
+
|
133
|
+
you can check the logs with:
|
134
|
+
|
135
|
+
```
|
136
|
+
docker compose logs -f
|
137
|
+
```
|
138
|
+
|
139
|
+
Now you have:
|
140
|
+
|
141
|
+
* nginx listening on ports 80 and 443 (optional). (see nignx section)
|
142
|
+
* wordpress running with php-fpm container
|
143
|
+
* PhpMyAdmin running, traffic to PhpMyAdmin is filtered by nginx (see PhpMyAdmin section)
|
144
|
+
* MySQL running but is not listening on any interface
|
145
|
+
* Wordpress CLI container available (see WP Cli section)
|
146
|
+
|
147
|
+
### Import an existing WP site
|
148
|
+
|
149
|
+
If you have a running WP site and you want to use this environment you have to extract your existing sources in *wordpress-src* directory and the MySQL dump in *wordpress-sql* directory.
|
150
|
+
|
151
|
+
**NOTE** before spin up the environment, check wordpress-src directory permission. If you have build a [custom image](#fix-permission-problem) remember to:
|
152
|
+
|
153
|
+
```
|
154
|
+
chown -R uid:gid wordpress-src/
|
155
|
+
```
|
156
|
+
|
157
|
+
if you use the standard wordpress image all files and directory must be owned by user and group (www-data). Your system might be have a different uid and git for the www-data user and group (or you might don't have this user and group), so to fix the permission problem use the uid and gid directly:
|
158
|
+
|
159
|
+
```
|
160
|
+
chown -R 33:33 wordpress-src/
|
161
|
+
```
|
162
|
+
|
163
|
+
**MySQL NOTE** dump can be in plain text or gzipped. The extension must be *.sql or *.gz
|
164
|
+
|
165
|
+
**MySQL NOTE2** dump will be restored only on the first startup. If you want to restore a new dump you have to:
|
166
|
+
|
167
|
+
* stop mysql container (docker-compose stop mysql)
|
168
|
+
* remove the mysql volume (docker volume rm wordpress-docker_mysql). **Tip** you can find the volume name with: *docker volume ls.*
|
169
|
+
* place the new dump in wordpress-sql
|
170
|
+
* start the container (docker-compose up -d)
|
171
|
+
|
172
|
+
### WP Cli
|
173
|
+
|
174
|
+
Check the Wordpress Client referenche [here](https://developer.wordpress.org/cli/commands/)
|
175
|
+
|
176
|
+
To use the wordpress CLI use for example:
|
177
|
+
|
178
|
+
```
|
179
|
+
docker-compose run --rm wordpress-cli wp core install --url=http://localhost --title=test --admin_user=admin --admin_email=test@example.com
|
180
|
+
Creating wordpress-docker_wordpress-cli_run ... done
|
181
|
+
Admin password: &kWu5@BldBHixvvaim
|
182
|
+
Warning: Unable to create directory wp-content/uploads/2021/10. Is its parent directory writable by the server?
|
183
|
+
Success: WordPress installed successfully.
|
184
|
+
```
|
185
|
+
|
186
|
+
### Fix permission problem
|
187
|
+
|
188
|
+
To fix the permission problem the solution is to build a custom image. This image will then run all the processes inside the container with a user with a user with the same uid and gid of your local computer's user.
|
189
|
+
|
190
|
+
First we need to check our uid and gid (use the *id* command):
|
191
|
+
|
192
|
+
```
|
193
|
+
id
|
194
|
+
|
195
|
+
uid=1000(your-local-user) gid=1000(your-local-group) groups=1000(your-local-group),4(adm),24(cdrom),27(sudo)
|
196
|
+
```
|
197
|
+
|
198
|
+
then in the .env file adjust the variables:
|
199
|
+
|
200
|
+
* WORDPRESS_UID
|
201
|
+
* WORDPRESS_GID
|
202
|
+
|
203
|
+
with your uid and gid. Now we can build our custom image:
|
204
|
+
|
205
|
+
```
|
206
|
+
bash build.sh
|
207
|
+
```
|
208
|
+
|
209
|
+
this will produce two new images, one for wordpress (my-wordpress:php7.4) and one for the wordpress cli (my-wordpress:cli-php7.4). A sample output will be:
|
210
|
+
|
211
|
+
```
|
212
|
+
Step 4/10 : ARG WORDPRESS_UID
|
213
|
+
---> Using cache
|
214
|
+
---> 7eb312bf432b
|
215
|
+
Step 5/10 : ARG WORDPRESS_GID
|
216
|
+
---> Using cache
|
217
|
+
---> 917ace616147
|
218
|
+
Step 6/10 : ARG WORDPRESS_USER
|
219
|
+
---> Using cache
|
220
|
+
---> aad8c3c33e3a
|
221
|
+
Step 7/10 : ARG WORDPRESS_GROUP
|
222
|
+
---> Using cache
|
223
|
+
---> 14248a4f8db9
|
224
|
+
Step 8/10 : COPY ./adduser.sh /
|
225
|
+
---> Using cache
|
226
|
+
---> 255a4a665ac6
|
227
|
+
Step 9/10 : RUN /adduser.sh && rm -rf /adduser.sh
|
228
|
+
---> Using cache
|
229
|
+
---> 8e84c8cce8b2
|
230
|
+
Step 10/10 : USER ${WORDPRESS_USER}
|
231
|
+
---> Using cache
|
232
|
+
---> d36fbaf33c9e
|
233
|
+
Successfully built d36fbaf33c9e
|
234
|
+
Successfully tagged my-wordpress:cli-php7.4
|
235
|
+
```
|
236
|
+
|
237
|
+
Now to use this new image you have to change the WORDPRESS_IMAGE in the .env file:
|
238
|
+
|
239
|
+
```
|
240
|
+
WORDPRESS_IMAGE=my-wordpress
|
241
|
+
```
|
242
|
+
|
243
|
+
Now stop the environment, fix wordpress-src directory permission and bring up the environment with the new image:
|
244
|
+
|
245
|
+
```
|
246
|
+
docker-compose down
|
247
|
+
sudo chown -R your-local-user:your-local-group wordpress-src
|
248
|
+
[sudo] password for your-local-user:
|
249
|
+
|
250
|
+
docker-compose up -d
|
251
|
+
```
|
252
|
+
|
253
|
+
**NOTE** you can change the custom image name by editing the .env file and change the CUSTOM_WORDPRESS_IMAGE variable.
|
254
|
+
|
255
|
+
### Nginx
|
256
|
+
|
257
|
+
By default Nginx will expose only the http port (port 80). The default configuration is config/nginx/tpl/nginx-http.conf.template. This template will be rendered on every nginx startup. For more information the nignx documentation is available [here](https://hub.docker.com/_/nginx)
|
258
|
+
|
259
|
+
By default this template use many security enhancements, removing access to many WP paths and files. You can find the configurations under: config/nginx/cfg/
|
260
|
+
|
261
|
+
To disable this security enhancements edit the config/nginx/tpl/nginx-http.conf.template and comment or delete the lines:
|
262
|
+
|
263
|
+
```
|
264
|
+
# Security
|
265
|
+
include /etc/nginx/custom.conf.d/nginx-custom-configs.conf;
|
266
|
+
include /etc/nginx/custom.conf.d/nginx-wp-hardening.conf;
|
267
|
+
```
|
268
|
+
|
269
|
+
In the default template the following locations are protected:
|
270
|
+
|
271
|
+
* /pma/ (PhpMyAdmin)
|
272
|
+
* /xmlrpc.php
|
273
|
+
* /wp-admin/
|
274
|
+
* wp-login.php
|
275
|
+
|
276
|
+
The traffic to this location is filtered by the SECURE_SUBNET environment variable (Default 192.168.0.0/16). Only the client in this subnet will be able to access this locations.
|
277
|
+
|
278
|
+
To disable this filter edit the config/nginx/tpl/nginx-http.conf.template file and comment or delete this lines:
|
279
|
+
|
280
|
+
```
|
281
|
+
allow ${SECURE_SUBNET};
|
282
|
+
allow 127.0.0.1;
|
283
|
+
deny all;
|
284
|
+
```
|
285
|
+
|
286
|
+
### SSL
|
287
|
+
|
288
|
+
A configuration example is placed on config/nginx/tpl/nginx-https.conf.example to enable SSL rename this file with the .template extension.
|
289
|
+
|
290
|
+
**Note** remember to delete or rename the nginx-http.conf.template
|
291
|
+
|
292
|
+
#### Certbot/Let's encrypt
|
293
|
+
|
294
|
+
Uncomment certbot service in docker-compose.yml
|
295
|
+
|
296
|
+
If you have to create a new SSL certificate, modify init_letsencrypt.sh with your domain(s) name(s) and change the email variable.
|
297
|
+
Require the new certificate with:
|
298
|
+
|
299
|
+
```console
|
300
|
+
bash init_letsencrypt.sh
|
301
|
+
```
|
302
|
+
|
303
|
+
for nginx auto reload, uncomment the *command* on the nginx service. This is necessary for auto reload nginx when certot renew the ssl certificates.
|
304
|
+
|
305
|
+
Now restart nginx and certbot:
|
306
|
+
|
307
|
+
```console
|
308
|
+
docker-compose up -d
|
309
|
+
```
|
310
|
+
|
311
|
+
#### Owned SSL certificates
|
312
|
+
|
313
|
+
If you have your own SSL certificate modifiy config/nginx/tpl/nginx-https.conf.example and adjust the nginx volumes in docker-compose.yml.
|
314
|
+
|
315
|
+
**Note** remember to rename config/nginx/tpl/nginx-http.conf.example file with the .template extension.
|
316
|
+
|
317
|
+
You can now start the services with:
|
318
|
+
|
319
|
+
```console
|
320
|
+
docker-compose up -d
|
321
|
+
```
|
322
|
+
|
323
|
+
### PhpMyAdmin
|
324
|
+
|
325
|
+
The default username is root, and the password is the value of MYSQL_ROOT_PASSWORD in the .env file
|
326
|
+
|
327
|
+
#### Development
|
328
|
+
|
329
|
+
You can access phpMyAdmin at http://127.0.0.1:8080
|
330
|
+
|
331
|
+
#### Production
|
332
|
+
|
333
|
+
You can access phpMyAdmin at http://example.com/pma (access filtered by ip)
|
334
|
+
|
335
|
+
|
336
|
+
### MySQL dump
|
337
|
+
|
338
|
+
To dump the current MySQL state you can use the dump.sh file. The dump will be saved in mysql-dumps directory (you can customize the dump directory in the .env file)
|
339
|
+
|
340
|
+
```
|
341
|
+
bash dump_mysql.sh
|
342
|
+
ls -la mysql-dumps/
|
343
|
+
|
344
|
+
-rw-rw-r-- 1 lorenzo lorenzo 473 Oct 18 12:21 wordpress.20211018122109.gz
|
345
|
+
-rw-rw-r-- 1 lorenzo lorenzo 299673 Oct 18 12:22 wordpress.20211018122247.gz
|
346
|
+
```
|
@@ -0,0 +1,39 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
unset WORDPRESS_UID
|
4
|
+
unset WORDPRESS_GID
|
5
|
+
unset WORDPRESS_USER
|
6
|
+
unset WORDPRESS_GROUP
|
7
|
+
unset WORDPRESS_VERSION
|
8
|
+
|
9
|
+
env_str=$(cat .env | grep ENV)
|
10
|
+
env_value=${env_str#*=}
|
11
|
+
|
12
|
+
uid_str=$(cat .env | grep WORDPRESS_UID)
|
13
|
+
uid_value=${uid_str#*=}
|
14
|
+
|
15
|
+
gid_str=$(cat .env | grep WORDPRESS_GID)
|
16
|
+
gid_value=${gid_str#*=}
|
17
|
+
|
18
|
+
user_str=$(cat .env | grep WORDPRESS_USER)
|
19
|
+
user_value=${user_str#*=}
|
20
|
+
|
21
|
+
group_str=$(cat .env | grep WORDPRESS_GROUP)
|
22
|
+
group_value=${group_str#*=}
|
23
|
+
|
24
|
+
wordpress_version=$(cat .env | grep WORDPRESS_${env_value}_VERSION)
|
25
|
+
wordpress_value=${wordpress_version#*=}
|
26
|
+
|
27
|
+
echo $uid_value
|
28
|
+
echo $gid_value
|
29
|
+
echo $user_value
|
30
|
+
echo $user_value
|
31
|
+
echo $wordpress_value
|
32
|
+
|
33
|
+
export WORDPRESS_VERSION=$wordpress_value
|
34
|
+
export WORDPRESS_UID=$uid_value
|
35
|
+
export WORDPRESS_GID=$gid_value
|
36
|
+
export WORDPRESS_USER=$user_value
|
37
|
+
export WORDPRESS_GROUP=$user_value
|
38
|
+
|
39
|
+
docker-compose -f docker-compose-build.yml build
|
@@ -0,0 +1,117 @@
|
|
1
|
+
# Directives to send expires headers and turn off 404 error logging.
|
2
|
+
location ~* ^.+\.(curl|heic|swf|tiff|rss|atom|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
|
3
|
+
log_not_found off;
|
4
|
+
expires max;
|
5
|
+
}
|
6
|
+
|
7
|
+
# Web fonts send expires headers
|
8
|
+
location ~* \.(?:eot|otf|ttf|woff|woff2)$ {
|
9
|
+
expires max;
|
10
|
+
add_header Cache-Control "public";
|
11
|
+
}
|
12
|
+
|
13
|
+
# SVGs & MP4 WEBM send expires headers - this rule is set specific to ns site
|
14
|
+
location ~* \.(?:svg|svgz|mp4|webm)$ {
|
15
|
+
expires max;
|
16
|
+
add_header Cache-Control "public";
|
17
|
+
}
|
18
|
+
|
19
|
+
# Media: images, icons, video, audio send expires headers.
|
20
|
+
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|aac|m4a|mp3|ogg|ogv|webp)$ {
|
21
|
+
expires 1M;
|
22
|
+
add_header Cache-Control "public";
|
23
|
+
}
|
24
|
+
|
25
|
+
# Cache css & js files
|
26
|
+
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
|
27
|
+
add_header "Access-Control-Allow-Origin" "*";
|
28
|
+
log_not_found off;
|
29
|
+
expires 30d;
|
30
|
+
}
|
31
|
+
|
32
|
+
# CSS and Javascript send expires headers.
|
33
|
+
location ~* \.(?:css|js)$ {
|
34
|
+
expires 1y;
|
35
|
+
add_header Cache-Control "public";
|
36
|
+
}
|
37
|
+
|
38
|
+
# HTML send expires headers.
|
39
|
+
location ~* \.(html)$ {
|
40
|
+
expires 7d;
|
41
|
+
add_header Cache-Control "public";
|
42
|
+
}
|
43
|
+
|
44
|
+
# Security settings for better privacy
|
45
|
+
# Deny hidden files
|
46
|
+
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
|
47
|
+
location ~ /\. {
|
48
|
+
deny all;
|
49
|
+
}
|
50
|
+
|
51
|
+
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
52
|
+
location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
|
53
|
+
deny all;
|
54
|
+
}
|
55
|
+
|
56
|
+
# Deny backup extensions & log files and return 403 forbidden
|
57
|
+
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
|
58
|
+
deny all;
|
59
|
+
}
|
60
|
+
|
61
|
+
# common nginx configuration to block sql injection and other attacks
|
62
|
+
location ~* "(eval\()" {
|
63
|
+
deny all;
|
64
|
+
}
|
65
|
+
location ~* "(127\.0\.0\.1)" {
|
66
|
+
deny all;
|
67
|
+
}
|
68
|
+
location ~* "([a-z0-9]{2000})" {
|
69
|
+
deny all;
|
70
|
+
}
|
71
|
+
location ~* "(javascript\:)(.*)(\;)" {
|
72
|
+
deny all;
|
73
|
+
}
|
74
|
+
|
75
|
+
location ~* "(base64_encode)(.*)(\()" {
|
76
|
+
deny all;
|
77
|
+
}
|
78
|
+
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
|
79
|
+
deny all;
|
80
|
+
}
|
81
|
+
location ~* "(<|%3C).*script.*(>|%3)" {
|
82
|
+
deny all;
|
83
|
+
}
|
84
|
+
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
|
85
|
+
deny all;
|
86
|
+
}
|
87
|
+
location ~* "(boot\.ini|etc/passwd|self/environ)" {
|
88
|
+
deny all;
|
89
|
+
}
|
90
|
+
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
|
91
|
+
deny all;
|
92
|
+
}
|
93
|
+
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
|
94
|
+
deny all;
|
95
|
+
}
|
96
|
+
location ~* "(https?|ftp|php):/" {
|
97
|
+
deny all;
|
98
|
+
}
|
99
|
+
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
|
100
|
+
deny all;
|
101
|
+
}
|
102
|
+
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
|
103
|
+
deny all;
|
104
|
+
}
|
105
|
+
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
|
106
|
+
deny all;
|
107
|
+
}
|
108
|
+
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
|
109
|
+
deny all;
|
110
|
+
}
|
111
|
+
|
112
|
+
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" {
|
113
|
+
deny all;
|
114
|
+
}
|
115
|
+
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell|config|settings|configuration)\.php" {
|
116
|
+
deny all;
|
117
|
+
}
|
@@ -0,0 +1,131 @@
|
|
1
|
+
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
|
2
|
+
location ~ /\. {
|
3
|
+
deny all;
|
4
|
+
}
|
5
|
+
|
6
|
+
# Deny access to any files with a .php extension in the uploads directory
|
7
|
+
location ~* /uploads/.*\.php$ {
|
8
|
+
deny all;
|
9
|
+
}
|
10
|
+
|
11
|
+
# Deny access to any files with a .php extension in the uploads directory for multisite
|
12
|
+
location ~* /files/.*\.php$ {
|
13
|
+
deny all;
|
14
|
+
}
|
15
|
+
|
16
|
+
# Since version 2.5.7, Akismet introduced a new .htaccess file to block direct access to php files
|
17
|
+
# Ref: http://wordpress.org/extend/plugins/akismet/changelog/
|
18
|
+
location ~* /akismet/.*\.php$ {
|
19
|
+
allow 127.0.0.1;
|
20
|
+
deny all;
|
21
|
+
}
|
22
|
+
|
23
|
+
# Restrict direct access to cached content
|
24
|
+
location /wp-content/cache/ {
|
25
|
+
deny all;
|
26
|
+
}
|
27
|
+
|
28
|
+
# hide any backup or SQL dump files
|
29
|
+
location ~ ^.+\.(sql|bak|php~|php#|php.save|php.swp|php.swo)$ {
|
30
|
+
deny all;
|
31
|
+
}
|
32
|
+
|
33
|
+
#Deny access to wp-content folders for suspicious files
|
34
|
+
location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)\$ {
|
35
|
+
deny all;
|
36
|
+
}
|
37
|
+
|
38
|
+
location ~ ^/wp-content/uploads/sucuri {
|
39
|
+
deny all;
|
40
|
+
}
|
41
|
+
|
42
|
+
location ~ ^/wp-content/updraft {
|
43
|
+
deny all;
|
44
|
+
}
|
45
|
+
|
46
|
+
#Disable execution of scripts other than PHP from your document root
|
47
|
+
location ~* .(pl|cgi|py|sh|lua|asp)$ {
|
48
|
+
return 444;
|
49
|
+
}
|
50
|
+
|
51
|
+
#Disable access to your configuration files and other files that you don’t want to users are able to see
|
52
|
+
location ~* /(wp-config.php|readme.html|license.txt|nginx.conf) {
|
53
|
+
deny all;
|
54
|
+
}
|
55
|
+
|
56
|
+
# Disable wp-config.txt
|
57
|
+
location = /wp-config.txt {
|
58
|
+
deny all;
|
59
|
+
}
|
60
|
+
|
61
|
+
# nginx block wpscann on plugins folder
|
62
|
+
location ~* ^/wp-content/plugins/.+\.(txt|log|md)$ {
|
63
|
+
deny all;
|
64
|
+
error_page 403 =404 / ;
|
65
|
+
}
|
66
|
+
|
67
|
+
# Deny access to any files with a .php extension in the uploads directory
|
68
|
+
# Works in sub-directory installs and also in multisite network
|
69
|
+
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
|
70
|
+
location ~* /(?:uploads|files)/.*\.php$ {
|
71
|
+
deny all;
|
72
|
+
}
|
73
|
+
|
74
|
+
# Stop scann for the follow files on plugins folder
|
75
|
+
location ~* ^/wp-content/plugins/.+\.(txt|log|md)$ {
|
76
|
+
deny all;
|
77
|
+
error_page 403 =404 / ;
|
78
|
+
}
|
79
|
+
|
80
|
+
# Stop scann for the follow files on themes folder
|
81
|
+
location ~* ^/wp-content/themes/.+\.(txt|log|md)$ {
|
82
|
+
deny all;
|
83
|
+
error_page 403 =404 / ;
|
84
|
+
}
|
85
|
+
|
86
|
+
#This module will allow us to pattern match certain key files and inject random text in the files that
|
87
|
+
# is non-destructive / non-invasive and will most importantly alter the md5sum calculated on such files. All transparent to WPScan.
|
88
|
+
location ~* ^/(license.txt|wp-includes/(.*)/.+\.(js|css)|wp-admin/(.*)/.+\.(js|css))$ {
|
89
|
+
sub_filter_types text/css text/javascript text/plain;
|
90
|
+
sub_filter_once on;
|
91
|
+
sub_filter ';' '; /* $msec */ ';
|
92
|
+
}
|
93
|
+
|
94
|
+
#Direct PHP File Access
|
95
|
+
#If somehow, a hacker successfully sneaks in a PHP file onto your site,
|
96
|
+
#they’ll be able to run this file by loading file which effectively becomes a backdoor to infiltrate your site.
|
97
|
+
#We should disable direct access to any PHP files by adding the following rules:
|
98
|
+
location ~* /(?:uploads|files|wp-content|wp-includes|akismet)/.*.php$ {
|
99
|
+
deny all;
|
100
|
+
}
|
101
|
+
|
102
|
+
#Dotfiles
|
103
|
+
#Similar to PHP file, a dotfile like .htaccess, .user.ini, and .git may contain sensitive information.
|
104
|
+
#To be on the safer side, it’s better to disable direct access to these files.
|
105
|
+
location ~ /\.(svn|git)/* {
|
106
|
+
deny all;
|
107
|
+
}
|
108
|
+
|
109
|
+
location ~ /\.ht {
|
110
|
+
deny all;
|
111
|
+
}
|
112
|
+
|
113
|
+
location ~ /\.user.ini {
|
114
|
+
deny all;
|
115
|
+
}
|
116
|
+
|
117
|
+
#WordFence
|
118
|
+
location ~ \.user\.ini$ {
|
119
|
+
deny all;
|
120
|
+
}
|
121
|
+
|
122
|
+
|
123
|
+
# WordPress: deny wp-content, wp-includes php files
|
124
|
+
location ~* ^/(?:wp-content|wp-includes)/.*\.php$ {
|
125
|
+
deny all;
|
126
|
+
}
|
127
|
+
|
128
|
+
# WordPress: deny wp-content/uploads nasty stuff
|
129
|
+
location ~* ^/wp-content/uploads/.*\.(?:s?html?|php|js|swf)$ {
|
130
|
+
deny all;
|
131
|
+
}
|