adds generic check-diff utility script

fixes bug where no sql dump was created
removes version parameter, adds external: true for volumes
2025-06-27 23:45:18 +02:00 · 2025-06-27 23:01:07 +02:00 · 2025-05-12 10:04:25 +02:00 · 2024-11-02 13:51:10 +01:00 · 2024-10-23 09:47:12 +02:00 · 2024-10-22 20:07:47 +02:00
20 changed files with 260 additions and 45 deletions
--- a/.env-example
+++ b/.env-example
@@ -4,6 +4,8 @@ DB_NAME=wordpress
 DB_ROOT_PASSWORD=root
 DB_USER=user
 DB_USER_PASSWORD=password
+LARAVEL_VERSION=11.0
+LIVEWIRE_VERSION=3.5.10
 PHP_POST_MAX_SIZE=10m
 PHP_UPLOAD_MAX_FILESIZE=10M
 PREFIX=wpdocker
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 .env
 backup-volumes/
 exclude-list
+root-volume/
 tmp/
 traefik-volumes/
 webroot-remote/
--- a/TODO.md
+++ b/TODO.md
@@ -3,3 +3,11 @@
 - [ ] ajouter un moyen d'accéder à la db via un port
 - [ ] ajouter une option pour créer sans traefik et sans adminer (via override compose)
 - [ ] remplacer -a par --recursive,etc pour éviter qu'rsync n'affiche un transfert si atime, ctime, mtime a changé pour un fichier
+
+# wintercms
+
+- [ ] configurer l'écran de login du back-end en HTTPS
+
+# wordpress
+
+- [ ] documenter wppb-cli
--- a/backup.sh
+++ b/backup.sh
@@ -10,11 +10,14 @@ set -a
 . "${PWD}/.env"
 set +a

-now="$(date +%Y-%m_%d-%H-%M-%S)"
+docker compose stop
+
+now="$(date +%Y-%m-%d_%H-%M-%S)"
 backup_path="${PWD}/backup-volumes/${now}"
 mkdir -p "${backup_path}"

-volumes="db traefik-dynamic traefik-certs traefik-logs traefik-static webroot"
+volumes="db root traefik-dynamic traefik-certs traefik-logs traefik-static webroot"
+volumes="db"
 for volume in ${volumes}; do
  mkdir -p "${backup_path}/${volume}"
  docker run \
@@ -25,9 +28,24 @@ for volume in ${volumes}; do
    tar -cvzf "/destination/${volume}.tar.gz" -C "/${volume}" .
 done

+docker compose restart db
+docker compose restart app
+while ! docker ps -q -f name="${PREFIX}-db"; do
+  echo "Waiting for the db container to be up and running..."
+  sleep 1
+done
+
+while ! docker exec "${PREFIX}-app" /bin/sh -c "mysqladmin ping -h ${PREFIX}-db -P 3306 --protocol=tcp -u user -puser --silent"; do
+  echo "Waiting for the mysql server in the db container to be up and running and reachable from the app container..."
+  sleep 1
+done
+
 mkdir -p "${backup_path}/db"
 docker exec "${PREFIX}-db" \
  /usr/bin/mysqldump \
  -u root \
  --password="${DB_ROOT_PASSWORD}" \
  "${DB_NAME}" > "${backup_path}/db/${DB_NAME}.sql"
+
+docker compose stop db
+docker compose stop app
--- a/check-diff.sh
+++ b/check-diff.sh
@@ -0,0 +1,35 @@
+#! /bin/sh
+#
+
+set -x
+if [ "$#" -eq 0 ] || [ "$#" -gt 1 ]; then
+  echo takes only one argument
+  exit 1
+fi
+
+if [ ! -e "${1}" ]; then
+  echo cannot find "${1}"
+  exit 1
+fi
+
+# shellcheck source=./env_files/checkdiff-example.env
+. "${1}"
+
+remote_copy_path=$(mktemp -d)
+rsync \
+  --archive \
+  --checksum \
+  --human-readable \
+  "${REMOTE_SSH_STRING}":"${REMOTE_ROOT_PATH}${FOLDER_PATH}/" \
+  "${remote_copy_path}"
+
+local_copy_path=$(mktemp -d)
+rsync \
+  --archive \
+  --checksum \
+  --exclude-from="${EXCLUDEFILE_PATH}" \
+  --human-readable \
+  "${LOCAL_ROOT_PATH}${FOLDER_PATH}/" \
+  "${local_copy_path}"
+
+kdiff3 "${local_copy_path}" "${remote_copy_path}"
--- a/create.sh
+++ b/create.sh
@@ -9,18 +9,21 @@ fi
 set -a
 . "${PWD}/.env"
 . "${PWD}/env_files/certs.env"
+. "${PWD}/env_files/project.env"
 set +a

 mkdir -p "/tmp/${PREFIX}"

 echo "Setting up docker volumes"
 docker volume create "${PREFIX}-db"
+docker volume create "${PREFIX}-root"
 docker volume create "${PREFIX}-traefik-certs"
 docker volume create "${PREFIX}-traefik-dynamic"
 docker volume create "${PREFIX}-traefik-logs"
 docker volume create "${PREFIX}-traefik-static"
 docker volume create "${PREFIX}-webroot"
 docker volume create wp-cli-cache
+docker volume create composer-cache

 echo "Copying SSL certificates to traefik volume"
 if [ ! -f "${SSL_CRT_LOCATION}/${SSL_CRT_NAME}" ] || [ ! -f "${SSL_KEY_LOCATION}/${SSL_KEY_NAME}" ]; then
@@ -110,6 +113,72 @@ while ! docker exec "${PREFIX}-app" /bin/sh -c "mysqladmin ping -h ${PREFIX}-db
  sleep 1
 done

+if [ "${PROJECT_TYPE}" = "laravel" ]; then
+  echo "Installing laravel"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "composer create-project --prefer-dist laravel/laravel /var/www/html '${LAREVEL_VERSION}'"
+fi
+
+if [ "${PROJECT_TYPE}" = "livewire" ]; then
+  echo "Installing livewire"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "composer create-project --prefer-dist laravel/laravel /var/www/html '${LARAVEL_VERSION}'"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "composer require livewire/livewire ${LIVEWIRE_VERSION}"
+fi
+
+if [ "${PROJECT_TYPE}" = "wintercms" ]; then
+  echo "Installing wintercms"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "composer create-project wintercms/winter /var/www/html"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "echo ASSET_URL=https://${APP_URL} >> /var/www/html/.env"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "echo DB_DATABASE=${DB_NAME} >> /var/www/html/.env"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "echo DB_USERNAME=${DB_USER} >> /var/www/html/.env"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "echo DB_PASSWORD=${DB_USER_PASSWORD} >> /var/www/html/.env"
+  docker exec --user www-data --workdir "/var/www/html" "${PREFIX}-app" /bin/sh -c "echo DB_HOST=${PREFIX}-db >> /var/www/html/.env"
+  docker exec --user root                               "${PREFIX}-app" /bin/sh -c "sed -i 's|/var/www/html/public|/var/www/html|g' /etc/apache2/sites-available/000-default.conf"
+  docker restart "${PREFIX}-app"
+  docker exec --user www-data --workdir "/var/www/html" -it "${PREFIX}-app" /bin/sh -c "php artisan winter:install"
+fi
+
+if [ "${PROJECT_TYPE}" = "laravel" ] || [ "${PROJECT_TYPE}" = "livewire" ] || [ "${PROJECT_TYPE}" = "php" ]; then
+  echo "Generating vscode launch.json file"
+  cat << EOF > /tmp/${PREFIX}/launch.json
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "hostname": "${TRAEFIK_LISTENING_IP}",
+      "name": "Listen for Xdebug (${TRAEFIK_LISTENING_IP})",
+      "pathMappings": {
+        "/var/www/html/": "\${workspaceRoot}/",
+            },
+        "port": 9003,
+        "request": "launch",
+        "type": "php"
+      }
+  ]
+}
+EOF
+  docker run \
+    --rm \
+    --user www-data \
+    --volume "${PREFIX}-app":/destination \
+    ubuntu \
+    mkdir --parents /destination/.vscode
+  docker run \
+    --rm \
+    --user www-data \
+    --volume "${PREFIX}-app":/destination \
+    ubuntu \
+    cp /source/launch.json /destination/.vscode
+  docker run \
+    --rm \
+    --user root \
+    --volume "${PREFIX}-app":/destination \
+    ubuntu \
+   chown www-data:www-data /destination/.vscode -r
+fi
+
+if [ "${PROJECT_TYPE}" = "wordpress" ]; then
+  echo "Installing wppb-cli"
+  composer global require tmeister/wppb-cli
  echo "Downloading WordPress core"
  docker exec --user www-data "${PREFIX}-app" /bin/sh -c "
      wp core download \
@@ -148,6 +217,8 @@ docker exec --user www-data "${PREFIX}-app" /bin/sh -c "
      wp theme install ${WP_THEME} \
          --activate \
          --path=/var/www/html"
+fi

 docker compose up -d adminer
+docker compose up -d app
 docker compose up -d traefik
--- a/deploy-directory-to-remote.sh
+++ b/deploy-directory-to-remote.sh
@@ -29,7 +29,7 @@ if [ "${do_backup}" = "yes" ]; then
  fi
 fi

-if [ "${remote_is_docker}" != "yes" ]; then
+if [ "${use_maintenance_mode}" = "yes" ]; then
  if ssh ${remote_ssh_string} "wp option patch update wpmm_settings general status 1 --path=${remote_wp_path}"; then
    echo maintenance mode activated
  else
@@ -38,14 +38,16 @@ if [ "${remote_is_docker}" != "yes" ]; then
  fi
 fi

-if rsync --compress --delete --delete-excluded --exclude-from="${deployment_exclude_file}" --executability --human-readable --progress --update --recursive "${local_directory_path}/" "${remote_ssh_string}":"${remote_directory_path}"; then
+# --update removed after kartolok-child shenaningans
+# --checksum added instead
+if rsync --checksum --compress --delete --delete-excluded --exclude-from="${deployment_exclude_file}" --executability --human-readable --progress --recursive "${local_directory_path}/" "${remote_ssh_string}":"${remote_directory_path}"; then
  echo syncing OK
 else
  echo syncing NOK
  exit 1
 fi

-if [ "${remote_is_docker}" != "yes" ]; then
+if [ "${use_maintenance_mode}" = "yes" ]; then
  if ssh ${remote_ssh_string} "wp option patch update wpmm_settings general status 0 --path=${remote_wp_path}"; then
    echo maintenance mode deactivated
  else
@@ -53,3 +55,9 @@ if [ "${remote_is_docker}" != "yes" ]; then
    exit 1
  fi
 fi
+
+if [ "${restart_remote_varnish}" = "yes" ]; then
+  set -x
+  ssh "${sudo_remote_ssh_string}" sudo service varnish restart
+  set +x
+fi
--- a/deployment/deployment-example.env
+++ b/deployment/deployment-example.env
@@ -6,4 +6,7 @@ remote_directory_path=
 remote_ssh_string=
 remote_wp_path=
 remote_is_docker=
+restart_remote_varnish=no
+sudo_remote_ssh_string=
+use_maintenance_mode=no
 do_backup=yes
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,6 +6,8 @@ networks:
 services:
  adminer:
    container_name: ${PREFIX}-adminer
+    dns:
+      - 1.1.1.1
    hostname: ${PREFIX}-adminer
    image: adminer:4.8.1-standalone
    labels:
@@ -16,11 +18,14 @@ services:
      - traefik.http.services.${PREFIX}-adminer.loadbalancer.server.port=8080
  app:
    container_name: ${PREFIX}-app
+    dns:
+      - 1.1.1.1
    environment:
      - PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE}
      - PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE}
      - XDEBUG_CLIENT_HOST=${XDEBUG_CLIENT_HOST}
      - XDEBUG_MODE=${XDEBUG_MODE}
+    hostname: ${PREFIX}-app
    image: ${APP_IMAGE_TAG}
    labels:
      - traefik.enable=true
@@ -32,8 +37,10 @@ services:
      - traefik.http.routers.${PREFIX}-webssl.tls=true
      - traefik.http.services.${PREFIX}-webssl.loadbalancer.server.port=80
    volumes:
+      - root:/root
      - webroot:/var/www/html
      - wp-cli-cache:/var/www/.wp-cli
+      - cache:/var/www/.cache
  db:
    command: --default-authentication-plugin=mysql_native_password
    container_name: ${PREFIX}-db
@@ -51,6 +58,8 @@ services:
  traefik:
    container_name: ${PREFIX}-traefik
    command: ["--configFile=/etc/traefik/static/traefik.yml"]
+    dns:
+      - 1.1.1.1
    image: traefik:2.5.3
    labels:
      - traefik.enable=true
@@ -69,20 +78,31 @@ services:
      - traefik-logs:/logs
      - traefik-static:/etc/traefik/static:ro

-version: "3.4"
-
 volumes:
+  cache:
+    external: true
+    name: composer-cache
  db:
+    external: true
    name: ${PREFIX}-db
+  root:
+    external: true
+    name: ${PREFIX}-root
  traefik-certs:
+    external: true
    name: ${PREFIX}-traefik-certs
  traefik-dynamic:
+    external: true
    name: ${PREFIX}-traefik-dynamic
  traefik-logs:
+    external: true
    name: ${PREFIX}-traefik-logs
  traefik-static:
+    external: true
    name: ${PREFIX}-traefik-static
  webroot:
+    external: true
    name: ${PREFIX}-webroot
  wp-cli-cache:
+    external: true
    name: wp-cli-cache
--- a/env_files/certs-example.env
+++ b/env_files/certs-example.env
@@ -1,4 +1,4 @@
 SSL_CRT_LOCATION=<path>
-SSL_CRT_NAME<certificate filename>
+SSL_CRT_NAME=<certificate filename>
 SSL_KEY_LOCATION=<path>
 SSL_KEY_NAME=<key filename>
--- a/env_files/checkdiff-example.env
+++ b/env_files/checkdiff-example.env
@@ -0,0 +1,5 @@
+REMOTE_SSH_STRING=<sshconfig hostname>
+REMOTE_ROOT_PATH=</var/www/example.com/www>
+LOCAL_ROOT_PATH=</home/user/dev/www>
+FOLDER_PATH=</wp-content/themes/bar>
+EXCLUDEFILE_PATH=<./deployment/example.com.bar.exclude>
--- a/env_files/project-example.env
+++ b/env_files/project-example.env
@@ -0,0 +1,5 @@
+PROJECT_TYPE=laravel
+PROJECT_TYPE=livewire
+PROJECT_TYPE=php
+PROJECT_TYPE=wintercms
+PROJECT_TYPE=wordpress
--- a/env_files/remote-example.env
+++ b/env_files/remote-example.env
@@ -1,2 +1,2 @@
 REMOTE_SSH_STRING=<sshconfig hostname>
-REMOTE_WP_PATH=</var/www/example.com.be>
+REMOTE_WP_PATH=</var/www/example.com>
--- a/env_files/ssh-tunnel-example.env
+++ b/env_files/ssh-tunnel-example.env
@@ -0,0 +1,4 @@
+LOCAL_IP_ON_REMOTE=localhost
+LOCAL_PORT=5432
+LOCAL_PORT_ON_REMOTE=5432
+REMOTE_HOST=federal-non-interactive
--- a/mount-volumes.sh
+++ b/mount-volumes.sh
@@ -11,7 +11,7 @@ set -a
 . "${PWD}/env_files/manage.env"
 set +a

-volumes="certs dynamic logs static webroot"
+volumes="certs dynamic logs root static webroot"
 for volume in ${volumes}; do
  mount_path="${PWD}/traefik-volumes/${volume}"
  volume_path="${DOCKER_VOLUMES_PATH}/${PREFIX}-traefik-${volume}/_data"
@@ -19,6 +19,10 @@ for volume in ${volumes}; do
    mount_path="${PWD}/${volume}-volume"
    volume_path="${DOCKER_VOLUMES_PATH}/${PREFIX}-${volume}/_data"
  fi
+  if [ "${volume}" = "root" ]; then
+    mount_path="${PWD}/${volume}-volume"
+    volume_path="${DOCKER_VOLUMES_PATH}/${PREFIX}-${volume}/_data"
+  fi
  sudo -u "${MOUNT_USER}" mkdir -p "${mount_path}"
  if mountpoint "${mount_path}" -q; then
    echo "exiting because something is mounted at ${mount_path}"
--- a/purge-local.sh
+++ b/purge-local.sh
@@ -12,6 +12,7 @@ if [ "$REPLY" != "${REPLY#[YyOo]}" ]; then
  docker compose rm
  docker network rm "${PREFIX}"
  docker volume rm "${PREFIX}-db"
+  docker volume rm "${PREFIX}-root"
  docker volume rm "${PREFIX}-traefik-certs"
  docker volume rm "${PREFIX}-traefik-dynamic"
  docker volume rm "${PREFIX}-traefik-logs"
--- a/replace-db.sh
+++ b/replace-db.sh
@@ -36,5 +36,7 @@ echo "dropping ${DB_NAME}"
 docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin --force -uroot -p${DB_ROOT_PASSWORD} drop   ${DB_NAME}"
 echo "creating ${DB_NAME}"
 docker exec "${PREFIX}-db" /bin/sh -c "mysqladmin         -uroot -p${DB_ROOT_PASSWORD} create ${DB_NAME}"
+echo "run this command in another terminal/window to monitor progress:"
+echo "docker exec -it watch -n1 ${PREFIX}-db du /var/lib/mysql/${DB_NAME}-sh"
 echo "importing ${dump_filename_path} (${PREFIX}-db/tmp/dump.sql) into ${DB_NAME}"
 docker exec "${PREFIX}-db" /bin/sh -c "mysql              -uroot -p${DB_ROOT_PASSWORD}        ${DB_NAME} < /tmp/dump.sql"
--- a/start-ssh-tunnel.sh
+++ b/start-ssh-tunnel.sh
@@ -0,0 +1,24 @@
+#! /bin/sh
+#
+
+if [ "$#" -eq 0 ] || [ "$#" -gt 1 ]; then
+  echo takes only one argument
+  exit 1
+fi
+
+if [ ! -e "${1}" ]; then
+  echo cannot find "${1}"
+  exit 1
+fi
+
+# shellcheck source=./env_files/ssh-tunnel-example.env
+. "${1}"
+# shellcheck source=./.env-example
+. ./.env
+
+ssh \
+  -v \
+  -N \
+  -L \
+  "${TRAEFIK_LISTENING_IP}:${LOCAL_PORT}:${LOCAL_IP_ON_REMOTE}:${LOCAL_PORT_ON_REMOTE}" \
+  "${REMOTE_HOST}"
--- a/umount-volumes.sh
+++ b/umount-volumes.sh
@@ -6,12 +6,15 @@ if [ "$(id -u)" -ne 0 ]; then
  exit 1
 fi

-volumes="certs dynamic logs static webroot"
+volumes="certs dynamic logs root static webroot"
 for volume in ${volumes}; do
  mount_path="${PWD}/traefik-volumes/${volume}"
  if [ "${volume}" = "webroot" ]; then
    mount_path="${PWD}/${volume}-volume"
  fi
+  if [ "${volume}" = "root" ]; then
+    mount_path="${PWD}/${volume}-volume"
+  fi
  if mountpoint "${mount_path}" -q; then
    echo "umounting ${mount_path}"
    umount "${mount_path}"
--- a/www.sh
+++ b/www.sh
@@ -6,6 +6,7 @@ set -a
 set +a

 docker exec \
+  -e HISTFILE=/var/www/html/.bash_history \
  -e SHELLOPTS=vi \
  -it --user www-data \
  "${PREFIX}-app" \
Author	SHA1	Message	Date
Jean-Christophe Vanhalle	062c764c9b	adds generic check-diff utility script	2025-06-27 23:45:18 +02:00
Jean-Christophe Vanhalle	c5716b8f7a	fixes bug where no sql dump was created	2025-06-27 23:01:07 +02:00
Jean-Christophe Vanhalle	7331fcf2d0	removes version parameter, adds external: true for volumes	2025-05-12 10:04:25 +02:00
Jean-Christophe Vanhalle	8997df6327	adds wppb-cli	2024-11-02 13:51:10 +01:00
Jean-Christophe Vanhalle	fbcba7cde4	removes shell parameters since it's handled in /etc/bash.bashrc	2024-10-23 09:47:12 +02:00
Jean-Christophe Vanhalle	07368aff02	adds default launch.json for laravel, livewire and php project	2024-10-22 20:07:47 +02:00
Jean-Christophe Vanhalle	e61b00b184	updates www user shell prompt with colours	2024-10-22 20:03:28 +02:00
Jean-Christophe Vanhalle	22a6286487	adds php project type	2024-10-18 12:48:17 +02:00
Jean-Christophe Vanhalle	a51f2ae8f3	renames wp.sh to www.sh	2024-10-15 16:32:10 +02:00
Jean-Christophe Vanhalle	441dc6b371	adds wintercms project type	2024-10-13 17:00:21 +02:00
Jean-Christophe Vanhalle	cde2a715fb	adds support for wintercms	2024-10-13 16:59:47 +02:00
Jean-Christophe Vanhalle	c55c46df0d	wintercms	2024-10-13 13:00:14 +02:00
Jean-Christophe Vanhalle	4971511309	fixes wp cli crash due to EXTRA PHP for https not being injected correctly	2024-10-13 01:12:05 +02:00
Jean-Christophe Vanhalle	95391a995c	adds support for laravel and livewire	2024-10-13 00:11:48 +02:00
Jean-Christophe Vanhalle	6e0719ec50	cleans up code	2024-10-13 00:11:04 +02:00
Jean-Christophe Vanhalle	c1ae487788	cleans up code	2024-10-13 00:09:49 +02:00
Jean-Christophe Vanhalle	d582d4c7f0	adds persistent root volume and shell history for www-data user	2024-10-12 16:35:50 +02:00
Jean-Christophe Vanhalle	f94e7baba5	reuses TRAEFIK_LISTENING_IP env variable	2024-10-11 23:21:23 +02:00
Jean-Christophe Vanhalle	3c22799e47	adds ssh tunneling script to connect remote DB	2024-10-11 23:12:17 +02:00
Jean-Christophe Vanhalle	ba2b4bdaa1	cleans up wording and adds another ssh string variable to use sudo	2024-07-24 00:38:10 +02:00
Jean-Christophe Vanhalle	bbd07933ff	adds monitoring instructions for restore db operation	2024-05-31 11:08:41 +02:00
Jean-Christophe Vanhalle	f86fa8b9f3	checks for checksum instead of date when syncing files	2024-05-31 11:07:44 +02:00
Jean-Christophe Vanhalle	d0a70be1b2	adds DNS so the containers can resolve public domain even when resolv.conf was created when a VPN with custom DNS server was active on host	2024-05-31 11:06:04 +02:00