Refactored to be based on tier/shibboleth_sp instead of using the nat…

…ive Wordpress image
khazelton · May 9, 2019 · bade9e0 · bade9e0
1 parent 71e2888
commit bade9e0
Showing 11 changed files with 104 additions and 120 deletions.
diff --git a/Targets/Wordpress/docker-compose.yml b/Targets/Wordpress/docker-compose.yml
@@ -3,48 +3,32 @@ version: "3.3"
 services:
 
   wordpress_server:
-    #build: ./wordpress_server/
-    image: wordpress
+    build: ./wordpress_server/
     container_name: wordpress_server
     networks:
-    -  net
+      - wordpress_net
     depends_on:
       - wordpress_data
+    command: bash -c 'if [ ! -s /var/www/html/wp-config.php ];  then /root/wp core download --allow-root; sleep 10; /root/wp config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data --allow-root; sleep 3; /root/wp core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com" --allow-root; /root/wp --allow-root rewrite structure "/%postname%" --hard --debug; /root/wp  rewrite flush --hard --debug --allow-root; sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess; /root/sed.sh; /root/wp plugin install jwt-authentication-for-wp-rest-api  --activate --allow-root; /root/wp plugin install wp-rest-api-log --activate --allow-root; /root/wp plugin install shibboleth --activate --allow-root; fi; /usr/local/bin/startup.sh;'
     ports:
       - "80:80"
     devices:
       - "/dev/tty:/dev/tty"
-    links:
-      - "wordpress_data:wordpress_data"
     volumes:
-     - wordpress_server:/var/www/html
+      - wordpress_server:/var/www/html
 
   wordpress_data:
     build: ./wordpress_data/
     container_name: wordpress_data
     networks:
-    - net
+      - wordpress_net
     volumes:
-     - wordpress_data:/var/lib/mysql  
-
-  wordpress_cli:
-    #image: wordpress:cli
-    build: ./wordpress_cli/
-    links:
-      - "wordpress_server:wordpress_server"
-    user: xfs
-    command: bash -c 'if [ ! -s /var/www/html/wp-config.php ];  then sleep 10; wp config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data; sleep 3; wp core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com"; sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess; /tmp/sed.sh; wp plugin install jwt-authentication-for-wp-rest-api  --activate; fi'
-    container_name: wordpress_cli
-    networks:
-    - net
-    depends_on:
-      - wordpress_data
-      - wordpress_server
-    volumes:
-     - wordpress_server:/var/www/html
+      - wordpress_data:/var/lib/mysql
+    ports:
+      - 3306
 
 networks:
-  net:    
+  wordpress_net:
     driver: bridge
 
 volumes:

diff --git a/Targets/Wordpress/readme.txt b/Targets/Wordpress/readme.txt
@@ -13,4 +13,12 @@
 # http://localhost/wp-admin with
 # admin/54y6RxN7GfC7aes3
 
-
+# This is built on the tier/shibboleth_sp
+# container, but in this standalone use
+# case keys are created so Shibboleth
+# is healthy, but it is otherwise not
+# configured. Use cases with include
+# an SP will require further configuration
+# of the wordpress_server container.
+# The shibboleth plugin is included
+# in the wordpress install and is activated
diff --git a/Targets/Wordpress/wordpress_cli/Dockerfile b/Targets/Wordpress/wordpress_cli/Dockerfile
diff --git a/Targets/Wordpress/wordpress_cli/wp-config.php b/Targets/Wordpress/wordpress_cli/wp-config.php
diff --git a/Targets/Wordpress/wordpress_data/Dockerfile b/Targets/Wordpress/wordpress_data/Dockerfile
@@ -11,4 +11,5 @@ ENV MYSQL_PASSWORD=54y6RxN7GfC7aes3
 #RUN tar zxf lib_mysqludf_amqp-2.0.0.tar.gz
 #WORKDIR /tmp/lib_mysqludf_amqp-2.0.0
 #RUN ./configure  && make  && make install #mysql -u root --password=54y6RxN7GfC7aes3 < installdb.sql
+RUN cat /etc/resolv.conf
 EXPOSE 3306
diff --git a/Targets/Wordpress/wordpress_server/Dockerfile b/Targets/Wordpress/wordpress_server/Dockerfile
@@ -0,0 +1,45 @@
+FROM tier/shibboleth_sp:3.0.4_03122019
+
+VOLUME /var/www/html
+
+RUN mkdir /opt/tier/.wp-cli
+#COPY container_files/wordpress/000-default.conf /etc/apache2/sites-available/
+COPY container_files/wordpress/sed.sh /root
+COPY container_files/wordpress/wp /root
+COPY container_files/wordpress/config.yml /root/.wp-cli
+COPY container_files/wordpress/wp-cli.yml /var/www/html
+
+RUN chmod +x /root/wp
+RUN yum update -y 
+RUN yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm \
+    && yum install yum-utils \
+    && yum-config-manager --enable remi-php72 \
+    && yum install -y php php-gd mariadb wget php-mysql postfix
+RUN echo 'date.timezone="UTC"' >> /etc/php.ini
+#RUN echo 'nameserver 127.0.0.11' > /etc/resolv.conf
+RUN /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-encrypt -f \
+     && /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-signing -f
+
+#RUN cd /root \
+#    && wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
+#    && chmod +x wp-cli.phar
+
+RUN cat /etc/resolv.conf
+WORKDIR /var/www/html
+#RUN /root/wp-cli.phar core download 
+#    && sleep 3 \
+#    && cat /etc/resolv.conf \
+#    && cat /etc/hosts \
+#    && /root/wp-cli.phar  config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data2 \
+#    && sleep 15 \
+#    && /root/wp-cli.phar core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com" --allow-root \
+#    && /root/wp-cli.phar  plugin install jwt-authentication-for-wp-rest-api  --activate --allow-root \
+#    && /root/wp-cli.phar  plugin install shibboleth --activate --allow-root \
+#    && /root/wp-cli.phar  plugin install wp-rest-api-log --activate --allow-root
+
+#RUN sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess \
+#    && sed -i "s/define( 'DB_COLLATE', '' );/define( 'DB_COLLATE', '' );\ndefine('JWT_AUTH_SECRET_KEY', 'your-top-secret-key');\ndefine('JWT_AUTH_CORS_ENABLE', true);\n/" /var/www/html/wp-config.php \
+#    && sed -i "s/RewriteBase \//RewriteBase \/\nRewriteRule \^wp-json\/\(\.\*\) \/?rest_route=\/\$1 \[L\]\n/" /var/www/html/.htaccess 
+
+
+RUN chown -R apache:apache /var/www/html
diff --git a/Targets/Wordpress/wordpress_server/container_files/wordpress/000-default.conf b/Targets/Wordpress/wordpress_server/container_files/wordpress/000-default.conf
@@ -0,0 +1,32 @@
+<VirtualHost *:80>
+	# The ServerName directive sets the request scheme, hostname and port that
+	# the server uses to identify itself. This is used when creating
+	# redirection URLs. In the context of virtual hosts, the ServerName
+	# specifies what hostname must appear in the request's Host: header to
+	# match this virtual host. For the default virtual host (this file) this
+	# value is not decisive as it is used as a last resort host regardless.
+	# However, you must set it for any further virtual host explicitly.
+	#ServerName www.example.com
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/html
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	#LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	# For most configuration files from conf-available/, which are
+	# enabled or disabled at a global level, it is possible to
+	# include a line for only one particular virtual host. For example the
+	# following line enables the CGI configuration for this host only
+	# after it has been globally disabled with "a2disconf".
+	#Include conf-available/serve-cgi-bin.conf
+        HttpProtocolOptions Unsafe
+</VirtualHost>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/Targets/Wordpress/wordpress_server/container_files/wordpress/config.yml b/Targets/Wordpress/wordpress_server/container_files/wordpress/config.yml
@@ -0,0 +1,3 @@
+apache_modules:
+  - mod_rewrite
+
diff --git a/Targets/Wordpress/wordpress_cli/sed.sh → ...s_server/container_files/wordpress/sed.sh b/Targets/Wordpress/wordpress_cli/sed.sh → ...s_server/container_files/wordpress/sed.sh
@@ -3,4 +3,6 @@
 #echo "define('JWT_AUTH_CORS_ENABLE', true);" >> /var/www/html/wp-config.php
 sed -i "s/define( 'DB_COLLATE', '' );/define( 'DB_COLLATE', '' );\ndefine('JWT_AUTH_SECRET_KEY', 'your-top-secret-key');\ndefine('JWT_AUTH_CORS_ENABLE', true);\n/" /var/www/html/wp-config.php
 sed -i "s/RewriteBase \//RewriteBase \/\nRewriteRule \^wp-json\/\(\.\*\) \/?rest_route=\/\$1 \[L\]\n/" /var/www/html/.htaccess
+sed -i 's/RewriteRule \. \/index\.php \[L\]/RewriteCond %{REQUEST_URI} !\\\.sso\/\nRewriteRule \. \/index\.php \[L\]/' /var/www/html/.htaccess
+sed -i 's/AllowOverride None/AllowOverride All/'  /etc/httpd/conf/httpd.conf
 
diff --git a/Targets/Wordpress/wordpress_server/container_files/wordpress/wp b/Targets/Wordpress/wordpress_server/container_files/wordpress/wp
diff --git a/Targets/Wordpress/wordpress_server/container_files/wordpress/wp-cli.yml b/Targets/Wordpress/wordpress_server/container_files/wordpress/wp-cli.yml
@@ -0,0 +1,3 @@
+apache_modules:
+  - mod_rewrite
+