rewrites the whole thing

2023-08-14 14:48:47 +02:00
parent 222d86a909
commit b47876ad62
19 changed files with 407 additions and 139 deletions
--- a/create.sh
+++ b/create.sh
@@ -1,63 +1,127 @@
 #! /bin/sh
 #

-if [ -f .env ]
-then
-  set -o allexport;
-  . ./.env;
-  set +o allexport
-else
-  echo Missing .env file
-  exit 1  
+if [ ! -f "${PWD}/.env" ]; then
+  echo "missing env file in ${PWD}"
+  exit 1
 fi

-echo Setting up ${DOCKER_PREFIX} volumes
-docker volume create ${DOCKER_PREFIX}-web
-docker volume create ${DOCKER_PREFIX}-db
+set -a
+. "${PWD}/.env"
+. "${PWD}/env_files/certs.env"
+set +a
+
+mkdir -p "/tmp/${PREFIX}"
+
+echo "Setting up docker volumes"
+docker volume create "${PREFIX}-db"
+docker volume create "${PREFIX}-traefik-certs"
+docker volume create "${PREFIX}-traefik-dynamic"
+docker volume create "${PREFIX}-traefik-logs"
+docker volume create "${PREFIX}-traefik-static"
+docker volume create "${PREFIX}-webroot"
 docker volume create wp-cli-cache
-echo Setting up ${DOCKER_PREFIX} network
-docker network create ${DOCKER_PREFIX}

-docker-compose up -d web
-while [ ! $(docker ps --quiet --filter name=${DOCKER_PREFIX}-web) ]
-do
-    echo Waiting for the ${DOCKER_PREFIX}-web container to be up and running…
-    sleep 1
+echo "Copying SSL certificates to traefik volume"
+if [ ! -f "${SSL_CRT_LOCATION}/${SSL_CRT_NAME}" ] || [ ! -f "${SSL_KEY_LOCATION}/${SSL_KEY_NAME}" ]; then
+  echo "Missing SSL key or cert file"
+  exit 1
+fi
+docker run \
+  --rm \
+  --volume "${PREFIX}-traefik-certs":/certs \
+  --volume "${SSL_CRT_LOCATION}":/source \
+  ubuntu \
+  cp "/source/${SSL_CRT_NAME}" /certs
+docker run \
+  --rm \
+  --volume "${PREFIX}-traefik-certs":/certs \
+  --volume "${SSL_KEY_LOCATION}":/source \
+  ubuntu \
+  cp "/source/${SSL_KEY_NAME}" /certs
+
+echo "Generating traefik configuration files (ssl.yml and middlewares.yml)"
+cat << EOF > /tmp/${PREFIX}/ssl.yml
+---
+tls:
+  stores:
+    default:
+      defaultCertificate:
+        certFile: /certs/${SSL_CRT_NAME}
+        keyFile: /certs/${SSL_KEY_NAME}
+EOF
+cat << EOF > /tmp/${PREFIX}/middlewares.yml
+---
+http:
+  middlewares:
+    https-redirect:
+      redirectscheme:
+        scheme: https
+        permanent: true
+EOF
+docker run \
+  --rm \
+  --volume "/tmp/${PREFIX}":/source \
+  --volume "${PREFIX}-traefik-dynamic":/destination \
+  ubuntu \
+  cp /source/ssl.yml /source/middlewares.yml /destination
+
+echo "Generating traefik static configuration"
+cat << EOF > /tmp/${PREFIX}/static.yml
+---
+api:
+  dashboard: true
+entrypoints:
+  http:
+    address: :80
+  https:
+    address: :443
+log:
+  filepath: /logs/traefik.log
+  level: debug
+providers:
+  docker:
+    exposedbydefault: false
+  file:
+    directory: /etc/traefik/dynamic
+    watch: true
+EOF
+docker run \
+  --rm \
+  --volume "/tmp/${PREFIX}":/source \
+  --volume "${PREFIX}-traefik-static":/destination \
+  ubuntu \
+  cp /source/static.yml /destination/traefik.yml
+
+docker compose up -d app
+while ! docker ps -q -f name="${PREFIX}-app"; do
+  echo "Waiting for the web container to be up and running..."
+  sleep 1
 done

-docker-compose up -d db
-while [ ! $(docker ps -q -f name=${DOCKER_PREFIX}-db) ]
-do
-    echo Waiting for the ${DOCKER_PREFIX}-db container to be up and running…
-    sleep 1
+docker compose up -d db
+while ! docker ps -q -f name="${PREFIX}-db"; do
+  echo "Waiting for the db container to be up and running..."
+  sleep 1
 done

-PING_MYSQL="mysqladmin \
-  ping \
-  --host ${DOCKER_PREFIX}-db \
-  --port 3306 \
-  --protocol=tcp \
-  --user=${DB_USER} \
-  --password=${DB_USER_PASSWORD} \
-  --silent"
-while ! docker exec ${DOCKER_PREFIX}-web /bin/sh -c "${PING_MYSQL}"
-do
-    echo Waiting for ${DOCKER_PREFIX}-db to accept connections…
-    sleep 1
+while ! docker exec "${PREFIX}-app" /bin/sh -c "mysqladmin ping -h ${PREFIX}-db -P 3306 --protocol=tcp -u user -puser --silent"; do
+  echo "Waiting for the mysql server in the db container to be up and running and reachable from the app container..."
+  sleep 1
 done

-echo Downloading WordPress core
-docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c "
+echo "Downloading WordPress core"
+docker exec --user www-data "${PREFIX}-app" /bin/sh -c "
    wp core download \
        --locale=${WP_LOCALE} \
        --path=/var/www/html \
        --version=${WP_VERSION}"

-echo Creating ${DOCKER_PREFIX} WordPress config
-docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c '
+echo "Creating WordPress config"
+docker exec --user www-data "${PREFIX}-app" /bin/sh -c '
    wp config create \
-        --dbhost='"${DOCKER_PREFIX}-db"' \
-        --dbname='"${DOCKER_PREFIX}"' \
+        --dbhost='"${PREFIX}-db"' \
+        --dbname='"${DB_NAME}"' \
        --dbpass='"${DB_USER_PASSWORD}"' \
        --dbuser='"${DB_USER}"' \
        --force \
@@ -68,23 +132,22 @@ if (isset(\$_SERVER["HTTP_X_FORWARDED_PROTO"]) && \$_SERVER["HTTP_X_FORWARDED_PR
 EXTRA-PHP
 '

-echo Installing WordPress core
-docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c "
+echo "Installing WordPress core"
+docker exec --user www-data "${PREFIX}-app" /bin/sh -c "
    wp core install \
        --admin_email=no@mail.com \
        --admin_password=${WP_ADMIN_PASSWORD} \
        --admin_user=${WP_ADMIN_USERNAME} \
        --path=/var/www/html \
        --skip-email \
-        --title=${DOCKER_PREFIX} \
-        --url=${WP_DEFAULT_PROTOCOL}://${WP_URL}"
+        --title=${PREFIX} \
+        --url=${WP_DEFAULT_PROTOCOL}://${APP_URL}"

-echo Installing WordPress ${WP_THEME} theme
-docker exec --user www-data ${DOCKER_PREFIX}-web /bin/sh -c "
+echo "Installing WordPress "${WP_THEME}" theme"
+docker exec --user www-data "${PREFIX}-app" /bin/sh -c "
    wp theme install ${WP_THEME} \
        --activate \
        --path=/var/www/html"

-echo Connect ${DOCKER_PREFIX} network to ${TRAEFIK_NETWORK_NAME}
-docker network connect ${DOCKER_PREFIX} ${TRAEFIK_NETWORK_NAME}
-docker-compose up -d adminer
+docker compose up -d adminer
+docker compose up -d traefik