Merge pull request #16 from RunOnFlux/develop

WPv6.4.2 + php8.2 support
RunOnFlux · Dec 22, 2023 · 7bec55a · 7bec55a
2 parents 81c86d1 + e772b6f
commit 7bec55a
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 48 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -3,14 +3,14 @@ FROM ${BASE_IMAGE}
 # update to v.6.3.1
 # install nginx
 
-ENV NGINX_VERSION   1.24.0
-ENV NJS_VERSION     0.7.12
-ENV PKG_RELEASE     1~bullseye
+ENV NGINX_VERSION   1.25.3
+ENV NJS_VERSION     0.8.2
+ENV PKG_RELEASE     1~bookworm
 
 RUN set -x \
 # create nginx user/group first, to be consistent throughout docker variants
-    && addgroup --system --gid 101 nginx \
-    && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \
+    && groupadd --system --gid 101 nginx \
+    && useradd --system --gid nginx --no-create-home --home /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx \
     && apt-get update \
     && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \
     && \
@@ -40,13 +40,13 @@ RUN set -x \
     && case "$dpkgArch" in \
         amd64|arm64) \
 # arches officialy built by upstream
-            echo "deb [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
             && apt-get update \
             ;; \
         *) \
 # we're on an architecture upstream doesn't officially build for
 # let's build binaries from the published source packages
-            echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
             \
 # new directory for storing sources and .deb files
             && tempDir="$(mktemp -d)" \
@@ -104,7 +104,7 @@ RUN set -x \
 
 
 # Set the working directory to /var/www/html
-WORKDIR /var/www/html
+WORKDIR /var/www/
 
 
 
@@ -161,10 +161,11 @@ RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/
     echo "    ChrootDirectory /var/www/" >> /etc/ssh/sshd_config && \
     echo "    X11Forwarding no" >> /etc/ssh/sshd_config && \
     echo "    AllowTcpForwarding no" >> /etc/ssh/sshd_config && \
-    echo "    ForceCommand internal-sftp" >> /etc/ssh/sshd_config  && \
-    echo "Match User sshuser" >> /etc/ssh/sshd_config && \
-    echo "    X11Forwarding no" >> /etc/ssh/sshd_config && \
-    echo "    AllowTcpForwarding no" >> /etc/ssh/sshd_config
+    echo "    ForceCommand internal-sftp" >> /etc/ssh/sshd_config
+
+RUN groupadd sshgroup && useradd -ms /bin/bash -g sshgroup sshuser
+RUN mkdir -p /home/sshuser/.ssh
+
 
 RUN mkdir -p /var/run/sshd && \
     echo "mkdir -p /var/run/sshd" >> /etc/rc.local
@@ -174,14 +175,14 @@ RUN mkdir -p /var/run/sshd && \
 
 # Set permissions for wp-content folder
 RUN \
-	chown -R www-data:www-data /var/www/html/wp-content ;\
-	chmod -R 777 /var/www/html/wp-content
-RUN chmod -R g+rwx /var/www/html/wp-content
+	chown -R www-data:www-data /var/www/html/ ;\
+	chmod -R 777 /var/www/html/
+RUN chmod -R g+rwx /var/www/html/
 
 # Copy the Nginx configuration file into the container at /etc/nginx/nginx.conf
 COPY nginx.conf /etc/nginx/nginx.conf
 # Add wordpress config and database env
-COPY --chown=www-data:www-data wp-config.php /var/www/html/wp-config.php
+COPY --chown=www-data:www-data wp-config.php /usr/src/wordpress/wp-config.php
 ENV WORDPRESS_DB_USER=root
 ENV WORDPRESS_DB_NAME=test_db
 # Add wordpress entrypoint
@@ -191,7 +192,6 @@ RUN chmod +x /usr/local/docker-entrypoint.sh
 COPY php-fpm.sh /usr/local/php-fpm.sh
 RUN chmod +x /usr/local/php-fpm.sh
 
-VOLUME /var/www/html
 # Expose port 80 for Nginx
 EXPOSE 80
 # Expose the SFTP server port

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -10,6 +10,7 @@ sourceTarArgs=(
 targetTarArgs=(
   --extract
   --file -
+  --directory /var/www/html
 )
 
 #Remove akismet plugin
@@ -45,8 +46,13 @@ for contentPath in \
     sourceTarArgs+=( --exclude "./$contentPath" )
   fi
 done
-tar "${sourceTarArgs[@]}" . | tar "${targetTarArgs[@]}"
-echo >&2 "Complete! WordPress has been successfully copied to $PWD"
+if [ -d "/var/www/html/wp-admin" ]; then
+    echo "Wordpress already there skipping..."
+else
+    tar "${sourceTarArgs[@]}" . | tar "${targetTarArgs[@]}"
+    echo >&2 "Complete! WordPress has been successfully copied to $PWD"
+fi
+
 
 
 # Add a new user for SFTP access with key-based authentication
@@ -59,14 +65,6 @@ else
 fi
 chmod 700 /home/sftpuser/.ssh
 
-USERNAME="sshuser"
-if id "$USERNAME" &>/dev/null; then
-   echo "User $USERNAME already exists."
-else
-   useradd -m -d /home/sshuser -s /sbin/nologin sshuser
-   mkdir /home/sshuser/.ssh
-fi
-chmod 700 /home/sshuser/.ssh
 
 # Add the public key to the authorized keys file
 if [ -v PUBLIC_KEY ]; then
@@ -75,16 +73,18 @@ if [ -v PUBLIC_KEY ]; then
     chmod 600 /home/sftpuser/.ssh/authorized_keys
 
     echo "ssh-rsa $PUBLIC_KEY" > /home/sshuser/.ssh/authorized_keys
-    chown -R sshuser:sshuser /home/sshuser/.ssh
+    chown sshuser:sshgroup /home/sshuser/.ssh/authorized_keys
     chmod 600 /home/sshuser/.ssh/authorized_keys
 
     echo "Public key is: $PUBLIC_KEY"
 
     usermod -aG www-data sftpuser 
-    usermod -aG root sshuser
+    usermod -aG www-data sshuser 
+
 
-    chmod -R g+rwx /var/www/html/wp-content
-    chown -R www-data:www-data /var/www/html/wp-content
+    chmod -R g+rwx /var/www/html/
+    chown -R www-data:www-data /var/www/html/
+
 else
     echo "PUBLIC_KEY is not defined."
 fi

diff --git a/versions.json b/versions.json
@@ -1,22 +1,10 @@
 [
   {
     "name": "latest",
-    "tag": "fpm"
+    "tag": "6.4.2-php8.2-fpm"
   },
   {
-    "name": "6.3.2",
-    "tag": "6.3.2-fpm"
-  },
-  {
-    "name": "6.3",
-    "tag": "6.3-fpm"
-  },
-  {
-    "name": "6.4",
-    "tag": "6.4-fpm"
-  },
-  {
-    "name": "6.4.1",
-    "tag": "6.4.1-fpm"
+    "name": "6.4.2",
+    "tag": "6.4.2-fpm"
   }
 ]
diff --git a/wp-config.php b/wp-config.php
@@ -116,9 +116,11 @@ function getenv_docker($env, $default) {
 // Check DB connection
 $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
 $is_slave = true;
-if ($mysqli->connect_errno) {
+if ($mysqli->connect_errno) {// this is a slave node
   //Disable cron on slave nodes
   define('DISABLE_WP_CRON',true);
+  //Disable WP_AUTO_UPDATE_CORE on slave nodes
+  define( 'WP_AUTO_UPDATE_CORE', false );
 } else {
   $is_slave = false;
   $mysqli->close();
@@ -152,7 +154,6 @@ function getenv_docker($env, $default) {
 	// eval($configExtra);
 }
 
-define( 'WP_AUTO_UPDATE_CORE', false );
 define( 'WP_MEMORY_LIMIT', '1024M' );
 
 # define( 'WP_DEBUG', true);