diff --git a/TODO b/TODO new file mode 100644 index 0000000..7b9fcf8 --- /dev/null +++ b/TODO @@ -0,0 +1 @@ +- modifier pull-remote-db.sh pour qu'il fasse tourner wp-cli directement sur le conteneur et récupère ensuite le contenu localement diff --git a/backup.sh b/backup.sh new file mode 100755 index 0000000..cb3226b --- /dev/null +++ b/backup.sh @@ -0,0 +1,27 @@ +#! /bin/sh +# + +if [ ! -f "${PWD}/.env" ]; then + echo "missing env file in ${PWD}" + exit 1 +fi + +set -a +. "${PWD}/.env" +set +a + +now="$(date +%Y-%m_%d-%H-%M-%S)" +backup_path="${PWD}/backup-volumes/${now}" +mkdir -p "${backup_path}" + +volumes="db traefik-dynamic traefik-certs traefik-logs traefik-static webroot" + +for volume in ${volumes}; do + mkdir -p "${backup_path}/${volume}" + docker run \ + --rm \ + --volume "${backup_path}/${volume}":/destination \ + --volume "${PREFIX}-${volume}:/${volume}" \ + ubuntu \ + tar -cvzf "/destination/${volume}.tar.gz" -C "/${volume}" . +done diff --git a/create.sh b/create.sh index 0cc2320..431fddf 100755 --- a/create.sh +++ b/create.sh @@ -1,63 +1,127 @@ #! /bin/sh # -if [ -f .env ] -then - set -o allexport; - . ./.env; - set +o allexport -else - echo Missing .env file - exit 1 +if [ ! -f "${PWD}/.env" ]; then + echo "missing env file in ${PWD}" + exit 1 fi -echo Setting up ${DOCKER_PREFIX} volumes -docker volume create ${DOCKER_PREFIX}-web -docker volume create ${DOCKER_PREFIX}-db +set -a +. "${PWD}/.env" +. "${PWD}/env_files/certs.env" +set +a + +mkdir -p "/tmp/${PREFIX}" + +echo "Setting up docker volumes" +docker volume create "${PREFIX}-db" +docker volume create "${PREFIX}-traefik-certs" +docker volume create "${PREFIX}-traefik-dynamic" +docker volume create "${PREFIX}-traefik-logs" +docker volume create "${PREFIX}-traefik-static" +docker volume create "${PREFIX}-webroot" docker volume create wp-cli-cache -echo Setting up ${DOCKER_PREFIX} network -docker network create ${DOCKER_PREFIX} -docker-compose up -d web -while [ ! $(docker ps --quiet --filter name=${DOCKER_PREFIX}-web) ] -do - echo Waiting for the ${DOCKER_PREFIX}-web container to be up and running… - sleep 1 +echo "Copying SSL certificates to traefik volume" +if [ ! -f "${SSL_CRT_LOCATION}/${SSL_CRT_NAME}" ] || [ ! -f "${SSL_KEY_LOCATION}/${SSL_KEY_NAME}" ]; then + echo "Missing SSL key or cert file" + exit 1 +fi +docker run \ + --rm \ + --volume "${PREFIX}-traefik-certs":/certs \ + --volume "${SSL_CRT_LOCATION}":/source \ + ubuntu \ + cp "/source/${SSL_CRT_NAME}" /certs +docker run \ + --rm \ + --volume "${PREFIX}-traefik-certs":/certs \ + --volume "${SSL_KEY_LOCATION}":/source \ + ubuntu \ + cp "/source/${SSL_KEY_NAME}" /certs + +echo "Generating traefik configuration files (ssl.yml and middlewares.yml)" +cat << EOF > /tmp/${PREFIX}/ssl.yml +--- +tls: + stores: + default: + defaultCertificate: + certFile: /certs/${SSL_CRT_NAME} + keyFile: /certs/${SSL_KEY_NAME} +EOF +cat << EOF > /tmp/${PREFIX}/middlewares.yml +--- +http: + middlewares: + https-redirect: + redirectscheme: + scheme: https + permanent: true +EOF +docker run \ + --rm \ + --volume "/tmp/${PREFIX}":/source \ + --volume "${PREFIX}-traefik-dynamic":/destination \ + ubuntu \ + cp /source/ssl.yml /source/middlewares.yml /destination + +echo "Generating traefik static configuration" +cat << EOF > /tmp/${PREFIX}/static.yml +--- +api: + dashboard: true +entrypoints: + http: + address: :80 + https: + address: :443 +log: + filepath: /logs/traefik.log + level: debug +providers: + docker: + exposedbydefault: false + file: + directory: /etc/traefik/dynamic + watch: true +EOF +docker run \ + --rm \ + --volume "/tmp/${PREFIX}":/source \ + --volume "${PREFIX}-traefik-static":/destination \ + ubuntu \ + cp /source/static.yml /destination/traefik.yml + +docker compose up -d app +while ! docker ps -q -f name="${PREFIX}-app"; do + echo "Waiting for the web container to be up and running..." + sleep 1 done -docker-compose up -d db -while [ ! $(docker ps -q -f name=${DOCKER_PREFIX}-db) ] -do - echo Waiting for the ${DOCKER_PREFIX}-db container to be up and running… - sleep 1 +docker compose up -d db +while ! docker ps -q -f name="${PREFIX}-db"; do + echo "Waiting for the db container to be up and running..." + sleep 1 done -PING_MYSQL="mysqladmin \ - ping \ - --host ${DOCKER_PREFIX}-db \ - --port 3306 \ - --protocol=tcp \ - --user=${DB_USER} \ - --password=${DB_USER_PASSWORD} \ - --silent" -while ! docker exec ${DOCKER_PREFIX}-web /bin/sh -c "${PING_MYSQL}" -do - echo Waiting for ${DOCKER_PREFIX}-db to accept connections… - sleep 1 +while ! docker exec "${PREFIX}-app" /bin/sh -c "mysqladmin ping -h ${PREFIX}-db -P 3306 --protocol=tcp -u user -puser --silent"; do + echo "Waiting for the mysql server in the db container to be up and running and reachable from the app container..." + sleep 1 done -echo Downloading WordPress core -docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c " +echo "Downloading WordPress core" +docker exec --user www-data "${PREFIX}-app" /bin/sh -c " wp core download \ --locale=${WP_LOCALE} \ --path=/var/www/html \ --version=${WP_VERSION}" -echo Creating ${DOCKER_PREFIX} WordPress config -docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c ' +echo "Creating WordPress config" +docker exec --user www-data "${PREFIX}-app" /bin/sh -c ' wp config create \ - --dbhost='"${DOCKER_PREFIX}-db"' \ - --dbname='"${DOCKER_PREFIX}"' \ + --dbhost='"${PREFIX}-db"' \ + --dbname='"${DB_NAME}"' \ --dbpass='"${DB_USER_PASSWORD}"' \ --dbuser='"${DB_USER}"' \ --force \ @@ -68,23 +132,22 @@ if (isset(\$_SERVER["HTTP_X_FORWARDED_PROTO"]) && \$_SERVER["HTTP_X_FORWARDED_PR EXTRA-PHP ' -echo Installing WordPress core -docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c " +echo "Installing WordPress core" +docker exec --user www-data "${PREFIX}-app" /bin/sh -c " wp core install \ --admin_email=no@mail.com \ --admin_password=${WP_ADMIN_PASSWORD} \ --admin_user=${WP_ADMIN_USERNAME} \ --path=/var/www/html \ --skip-email \ - --title=${DOCKER_PREFIX} \ - --url=${WP_DEFAULT_PROTOCOL}://${WP_URL}" + --title=${PREFIX} \ + --url=${WP_DEFAULT_PROTOCOL}://${APP_URL}" -echo Installing WordPress ${WP_THEME} theme -docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c " +echo "Installing WordPress "${WP_THEME}" theme" +docker exec --user www-data "${PREFIX}-app" /bin/sh -c " wp theme install ${WP_THEME} \ --activate \ --path=/var/www/html" -echo Connect ${DOCKER_PREFIX} network to ${TRAEFIK_NETWORK_NAME} -docker network connect ${DOCKER_PREFIX} ${TRAEFIK_NETWORK_NAME} -docker-compose up -d adminer +docker compose up -d adminer +docker compose up -d traefik diff --git a/env_files/certs.env b/env_files/certs.env new file mode 100644 index 0000000..712b447 --- /dev/null +++ b/env_files/certs.env @@ -0,0 +1,4 @@ +SSL_CRT_LOCATION=/home/vanhalleje/Dev/certs +SSL_CRT_NAME=wp8test.test.crt +SSL_KEY_LOCATION=/home/vanhalleje/Dev/certs +SSL_KEY_NAME=wp8test.test.key diff --git a/env_files/manage.env b/env_files/manage.env new file mode 100644 index 0000000..cb446e3 --- /dev/null +++ b/env_files/manage.env @@ -0,0 +1,2 @@ +MOUNT_USER=vanhalleje +DOCKER_VOLUMES_PATH=/home/vanhalleje/.docker-data/volumes diff --git a/env_files/migrate-db.env b/env_files/migrate-db.env new file mode 100644 index 0000000..5b9fbec --- /dev/null +++ b/env_files/migrate-db.env @@ -0,0 +1,2 @@ +REMOTE_WP_PATH=/var/www/prod.ecolo.be/www +REMOTE_WP_URL=ecolo.be diff --git a/env_files/remote.env b/env_files/remote.env new file mode 100644 index 0000000..dd971b6 --- /dev/null +++ b/env_files/remote.env @@ -0,0 +1,2 @@ +REMOTE_SSH_STRING=prod +REMOTE_WP_PATH=/var/www/prod.ecolo.be/www diff --git a/migrate-db-paths.sh b/migrate-db-paths.sh new file mode 100755 index 0000000..e373113 --- /dev/null +++ b/migrate-db-paths.sh @@ -0,0 +1,16 @@ +#! /bin/sh +# + +set -a +. "${PWD}/.env" +. "${PWD}/env_files/migrate-db.env" +set +a + +docker exec --user www-data "${PREFIX}-app" /bin/sh -c ' + wp plugin install wp-migrate-db ; wp plugin activate wp-migrate-db ; wp migratedb find-replace \ + --find='"//${REMOTE_WP_URL}"','"${REMOTE_WP_PATH}"' \ + --replace='"//${APP_URL}"',/var/www/html \ + --skip-replace-guids \ + --exclude-post-revisions \ + --exclude-spam +' diff --git a/mnt.sh b/mnt.sh deleted file mode 100755 index c16699d..0000000 --- a/mnt.sh +++ /dev/null @@ -1,41 +0,0 @@ -#! /bin/sh -# - -if [ -f .env ] -then - set -o allexport; - . ./.env; - set +o allexport -else - echo Missing .env file - exit 1 -fi - -docker_volumes_path=/home/${MOUNT_USER}/.docker-data/volumes # volume_path=/var/lib/docker/volumes -volume_src_path=${docker_volumes_path}/${DOCKER_PREFIX}-web/_data -volume_dest_path=${PWD}/volume - -if [ ! -d ./volume ] -then - sudo -u ${MOUNT_USER} mkdir volume -fi - -if [ -d ./volume ] -then - if [ ! "$(ls -A ./volume)" ] - then - /usr/bin/bindfs \ - --force-user=${MOUNT_USER} \ - --force-group=${MOUNT_USER} \ - --create-for-user=www-data \ - --create-for-group=www-data \ - ${volume_src_path} \ - ${volume_dest_path} - else - echo ./volume is not empty - exit 1 - fi -else - echo ./volume does not exist - exit 1 -fi diff --git a/mount-remote.sh b/mount-remote.sh new file mode 100755 index 0000000..d264c1f --- /dev/null +++ b/mount-remote.sh @@ -0,0 +1,20 @@ +#! /bin/sh +# + +set -a +. "${PWD}/.env" +. "${PWD}/env_files/remote.env" +set +a + +mkdir -p "${PWD}/webroot-remote" + +if [ ! "${REMOTE_SSH_STRING}" = "" ]; then + sshfs \ + "${REMOTE_SSH_STRING}:${REMOTE_WP_PATH}" \ + "${PWD}/webroot-remote" \ + -o ro + ls "${PWD}/webroot-remote" +else + echo "REMOTE_SSH_STRING is empty in ${PWD}/.env" + exit 1 +fi diff --git a/mount-volumes.sh b/mount-volumes.sh new file mode 100755 index 0000000..a5efc3b --- /dev/null +++ b/mount-volumes.sh @@ -0,0 +1,43 @@ +#! /bin/sh +# + +if [ "$(id -u)" -ne 0 ]; then + echo "must be ran as root" + exit 1 +fi + +set -a +. "${PWD}/.env" +. "${PWD}/env_files/manage.env" +set +a + +volumes="certs dynamic logs static webroot" +for volume in ${volumes}; do + mount_path="${PWD}/traefik-volumes/${volume}" + volume_path="${DOCKER_VOLUMES_PATH}/${PREFIX}-traefik-${volume}/_data" + if [ "${volume}" = "webroot" ]; then + mount_path="${PWD}/${volume}-volume" + volume_path="${DOCKER_VOLUMES_PATH}/${PREFIX}-${volume}/_data" + fi + sudo -u "${MOUNT_USER}" mkdir -p "${mount_path}" + if mountpoint "${mount_path}" -q; then + echo "exiting because something is mounted at ${mount_path}" + exit 1 + fi + # if [ -n "$(find "${mount_path}" -maxdepth 0 -type d -empty 2> /dev/null)" ]; then + if [ "$(ls -A "${mount_path}")" ]; then + echo "${mount_path} is not empty" + exit 1 + fi + echo "mounting ${mount_path}" + sudo /usr/bin/bindfs \ + --create-for-group=root \ + --create-for-user=root \ + --force-group="${MOUNT_USER}" \ + --force-user="${MOUNT_USER}" \ + "${volume_path}" \ + "${mount_path}" +done + +#tree "${PWD}/traefik-volumes" +#tree "${PWD}/webroot-volume" -L 1 diff --git a/pull-remote-db.sh b/pull-remote-db.sh new file mode 100755 index 0000000..21bd4f4 --- /dev/null +++ b/pull-remote-db.sh @@ -0,0 +1,51 @@ +#! /bin/sh +# + +echo "ne fonctionne pas encore comme je veux, à ré-écrire pour docker, ne fonctionne que si accès ssh à un machine (ne marche pas avec un conteneur), ne fonctionnera pas à partir d'un conteneur sans clé SSH, doit avoir wp installé localement, etc." +echo "en attendant: faire un dump de la remote db and utiliser replace-db et migrate-db" +exit 0 +set -a +. "${PWD}/.env" +set +a + +mkdir --parents "${PWD}/tmp" + +FILENAME="${REMOTE_ARCHIVE_TMP_NAME_PREFIX}".$(date +%Y-%m-%d-%H-%M-%S).sql + +wp \ + migratedb \ + export "/tmp/${FILENAME}.gz" \ + --find="//${REMOTE_WP_URL},${REMOTE_WP_PATH}" \ + --gzip-file \ + --path="${REMOTE_WP_PATH}" \ + --replace="//${WP_URL},/var/www/html" \ + --skip-replace-guids \ + --ssh="${REMOTE_SSH_STRING}" + +if ! scp "${REMOTE_SSH_STRING}:/tmp/${FILENAME}.gz" "${PWD}/tmp"; then + echo "couldn't get remote db" + exit 1 +fi +gunzip "${PWD}/tmp/${FILENAME}.gz" + +docker compose up db -d + +while ! docker ps -q -f name="${PREFIX}-db"; do + echo "Waiting for the db container to be up and running..." + sleep 1 +done + +while ! docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin ping -h 127.0.0.1 -P 3306 --protocol=tcp -u root -p${DB_ROOT_PASSWORD} --silent"; do + echo "Waiting for the mysql server in ${PREFIX}-db to be up and running..." + sleep 1 +done + +FILENAME=sitefederalnextmove01_vpn_ecolo_be.2023-08-11-16-14-43.sql +docker cp "${PWD}/tmp/${FILENAME}" "${PREFIX}"-db:/tmp + +echo "dropping ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin --force -uroot -p${DB_ROOT_PASSWORD} drop ${DB_NAME}" +echo "creating ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin -uroot -p${DB_ROOT_PASSWORD} create ${DB_NAME}" +echo "importing ${PWD}/tmp/${FILENAME} (/tmp/${FILENAME}) into ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysql -uroot -p${DB_ROOT_PASSWORD} ${DB_NAME} < /tmp/${FILENAME}" diff --git a/pull-remote-webroot.sh b/pull-remote-webroot.sh new file mode 100755 index 0000000..b6b79ce --- /dev/null +++ b/pull-remote-webroot.sh @@ -0,0 +1,37 @@ +#! /bin/sh +# + +read -p "Est-ce que le repertoire distant est bien monté localement (YyOo) ? " REPLY +if [ "$REPLY" != "${REPLY#[YyOo]}" ]; then + echo "we carry on" +else + echo "we stop" + exit 1 +fi + +read -p "Est-ce que le volume docker est bien monté localement (YyOo) ? " REPLY2 +if [ "$REPLY2" != "${REPLY2#[YyOo]}" ]; then + echo "we carry on" +else + echo "we stop" + exit 1 +fi + +cat ./exclude-list +read -p "Est-ce que la commande rsync exclut bien un éventuel plugin ou thème en cours de développement en local (YyOo) ? " REPLY3 +if [ "$REPLY3" != "${REPLY3#[YyOo]}" ]; then + echo "we carry on" +else + echo "we stop" + exit 1 +fi + +rsync \ + --archive \ + --delete \ + --exclude-from='exclude-list' \ + --human-readable \ + --progress \ + --verbose \ + "${PWD}/webroot-remote/" \ + "${PWD}/webroot-volume" diff --git a/purge-local.sh b/purge-local.sh new file mode 100755 index 0000000..aa4c0a2 --- /dev/null +++ b/purge-local.sh @@ -0,0 +1,20 @@ +#! /bin/sh +# + +set -a +. "${PWD}/.env" +set +a + +read -p "Attention, ça va effacer les éventuels middlewares. Continuer (YyOo) ? " REPLY + +if [ "$REPLY" != "${REPLY#[YyOo]}" ]; then + docker compose stop + docker compose rm + docker network rm "${PREFIX}" + docker volume rm "${PREFIX}-db" + docker volume rm "${PREFIX}-traefik-certs" + docker volume rm "${PREFIX}-traefik-dynamic" + docker volume rm "${PREFIX}-traefik-logs" + docker volume rm "${PREFIX}-traefik-static" + docker volume rm "${PREFIX}-webroot" +fi diff --git a/purge.sh b/purge.sh deleted file mode 100755 index 8095cb4..0000000 --- a/purge.sh +++ /dev/null @@ -1,25 +0,0 @@ -#! /bin/sh -# - -if [ -f ./.env ] -then - set -o allexport - . ./.env - set +o allexport -else - echo Missing .env file - exit 1 -fi - -read -p "Confirmation (YyOo) ? " REPLY -if [ $(echo ${REPLY} | grep -i ^[yo]$) ] -then - docker-compose stop - docker network disconnect $DOCKER_PREFIX $TRAEFIK_NETWORK_NAME - docker network rm $DOCKER_PREFIX - docker rm $DOCKER_PREFIX-adminer - docker rm $DOCKER_PREFIX-web - docker rm $DOCKER_PREFIX-db - docker volume rm $DOCKER_PREFIX-web - docker volume rm $DOCKER_PREFIX-db -fi; diff --git a/replace-db.sh b/replace-db.sh new file mode 100755 index 0000000..faf46a7 --- /dev/null +++ b/replace-db.sh @@ -0,0 +1,40 @@ +#! /bin/sh +# + +if [ "$#" -ne 1 ]; then + echo "Usage: $0 " >&2 + exit 1 +fi + +if ! [ -e "${1}" ]; then + echo "$1 not found" >&2 + exit 1 +fi + +set -a +. "${PWD}/.env" +set +a +mkdir --parents "${PWD}/tmp" + +dump_filename_path="${1}" + +docker compose up db -d + +while ! docker ps -q -f name="${PREFIX}-db"; do + echo "Waiting for the db container to be up and running..." + sleep 1 +done + +while ! docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin ping -h 127.0.0.1 -P 3306 --protocol=tcp -u root -p${DB_ROOT_PASSWORD} --silent"; do + echo "Waiting for the mysql server in ${PREFIX}-db to be up and running..." + sleep 1 +done + +echo "copying mysql dump to db container" +docker cp "${dump_filename_path}" "${PREFIX}"-db:/tmp/dump.sql +echo "dropping ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin --force -uroot -p${DB_ROOT_PASSWORD} drop ${DB_NAME}" +echo "creating ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin -uroot -p${DB_ROOT_PASSWORD} create ${DB_NAME}" +echo "importing ${dump_filename_path} ({PREFIX}-db/tmp/dump.sql) into ${DB_NAME}" +docker exec "${PREFIX}-db" /bin/sh -c "mysql -uroot -p${DB_ROOT_PASSWORD} ${DB_NAME} < /tmp/dump.sql" diff --git a/root.sh b/root.sh index a84b742..8ad27e4 100755 --- a/root.sh +++ b/root.sh @@ -1,18 +1,11 @@ #! /bin/sh # -if [ -f .env ] -then - set -o allexport; - . ./.env; - set +o allexport -else - echo Missing .env file - exit 1 -fi +set -a +. "${PWD}/.env" +set +a docker exec \ -it \ - --user root \ - ${DOCKER_PREFIX}-web \ + --user root "${PREFIX}-app" \ /bin/bash diff --git a/umount-volumes.sh b/umount-volumes.sh new file mode 100755 index 0000000..8404e38 --- /dev/null +++ b/umount-volumes.sh @@ -0,0 +1,19 @@ +#! /bin/sh +# + +if [ "$(id -u)" -ne 0 ]; then + echo "must be ran as root" + exit 1 +fi + +volumes="certs dynamic logs static webroot" +for volume in ${volumes}; do + mount_path="${PWD}/traefik-volumes/${volume}" + if [ "${volume}" = "webroot" ]; then + mount_path="${PWD}/${volume}-volume" + fi + if mountpoint "${mount_path}" -q; then + echo "umounting ${mount_path}" + umount "${mount_path}" + fi +done diff --git a/wp.sh b/wp.sh index a11d36e..c3c861d 100755 --- a/wp.sh +++ b/wp.sh @@ -1,18 +1,12 @@ #! /bin/sh # -if [ -f .env ] -then - set -o allexport; - . ./.env; - set +o allexport -else - echo Missing .env file - exit 1 -fi +set -a +. "${PWD}/.env" +set +a docker exec \ - -it \ - --user www-data \ - ${DOCKER_PREFIX}-web \ + -e SHELLOPTS=vi \ + -it --user www-data \ + "${PREFIX}-app" \ /bin/bash