From 49caf5f6a8153c0991737e1268e52a5853827991 Mon Sep 17 00:00:00 2001 From: Eugene Ware Date: Sun, 4 Aug 2013 23:34:01 +1000 Subject: [PATCH] initial commit --- .gitignore | 2 + Dockerfile | 59 +++++++++++++++++++++ install_wordpress.sh | 46 ++++++++++++++++ nginx-site.conf | 122 +++++++++++++++++++++++++++++++++++++++++++ supervisord.conf | 30 +++++++++++ 5 files changed, 259 insertions(+) create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 install_wordpress.sh create mode 100644 nginx-site.conf create mode 100644 supervisord.conf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bf9dfdc --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.swp +.DS_Store diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..641119d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,59 @@ +FROM ubuntu +MAINTAINER Eugene Ware +RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list +RUN apt-get update +RUN apt-get -y upgrade + +# Keep upstart from complaining +RUN dpkg-divert --local --rename --add /sbin/initctl +RUN ln -s /bin/true /sbin/initctl + +# Basic Requirements +RUN apt-get -y install mysql-server mysql-client nginx php5-fpm php5-mysql php-apc pwgen python-setuptools curl git unzip + +# Wordpress Requirements +RUN apt-get -y install php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl + +# mysql config +RUN sed -i -e"s/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/" /etc/mysql/my.cnf + +# nginx config +RUN sed -i -e"s/keepalive_timeout\s*65/keepalive_timeout 2/" /etc/nginx/nginx.conf +RUN echo "daemon off;" >> /etc/nginx/nginx.conf + +# php-fpm config +RUN sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" /etc/php5/fpm/php.ini +RUN sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf +RUN find /etc/php5/cli/conf.d/ -name "*.ini" -exec sed -i -re 's/^(\s*)#(.*)/\1;\2/g' {} \; + +# nginx site conf +ADD ./nginx-site.conf /etc/nginx/sites-available/default + +# Supervisor Config +RUN /usr/bin/easy_install supervisor +ADD ./supervisord.conf /etc/supervisord.conf + +# Install Wordpress +ADD http://wordpress.org/latest.tar.gz /wordpress.tar.gz +RUN tar xvzf /wordpress.tar.gz -C /usr/share/nginx +RUN mv /usr/share/nginx/www/5* /usr/share/nginx/wordpress +RUN rm -rf /usr/share/nginx/www +RUN mv /usr/share/nginx/wordpress /usr/share/nginx/www +RUN chown -R www-data:www-data /usr/share/nginx/www +ADD ./install_wordpress.sh /install_wordpress.sh +RUN chmod 755 /install_wordpress.sh +RUN /install_wordpress.sh + +# Install plugins +# RUN curl https://raw.github.com/wp-cli/wp-cli.github.com/master/installer.sh | INSTALL_DIR=/usr/local bash +# RUN wp --path=/usr/share/nginx/www plugin install nginx-helper +# RUN wp --path=/usr/share/nginx/www plugin activate nginx-helper +# RUN wp --path=/usr/share/nginx/www rewrite structure /%postname%/ +RUN curl -O `curl -i -s http://wordpress.org/plugins/nginx-helper/ | egrep -o "http://downloads.wordpress.org/plugin/[^']+"` +RUN unzip nginx-helper.1.7.2.zip -d /usr/share/nginx/www/wp-content/plugins +RUN chown -R www-data:www-data /usr/share/nginx/www/wp-content/plugins/nginx-helper + +# private expose +EXPOSE 80 + +CMD ["/usr/local/bin/supervisord", "-n"] diff --git a/install_wordpress.sh b/install_wordpress.sh new file mode 100644 index 0000000..6b3a687 --- /dev/null +++ b/install_wordpress.sh @@ -0,0 +1,46 @@ +#!/bin/bash +#mysql has to be started this way as it doesn't work to call from /etc/init.d +/usr/bin/mysqld_safe & +sleep 10s +# Here we generate random passwords (thank you pwgen!). The first two are for mysql users, the last batch for random keys in wp-config.php +WORDPRESS_DB="wordpress" +MYSQL_PASSWORD=`pwgen -c -n -1 12` +WORDPRESS_PASSWORD=`pwgen -c -n -1 12` +#This is so the passwords show up in logs. +echo mysql root password: $MYSQL_PASSWORD +echo wordpress password: $WORDPRESS_PASSWORD +echo $MYSQL_PASSWORD > /mysql-root-pw.txt +echo $WORDPRESS_PASSWORD > /wordpress-db-pw.txt + +sed -e "s/database_name_here/$WORDPRESS_DB/ +s/username_here/$WORDPRESS_DB/ +s/password_here/$WORDPRESS_PASSWORD/ +/'AUTH_KEY'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'SECURE_AUTH_KEY'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'LOGGED_IN_KEY'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'NONCE_KEY'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'AUTH_SALT'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'SECURE_AUTH_SALT'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'LOGGED_IN_SALT'/s/put your unique phrase here/`pwgen -c -n -1 65`/ +/'NONCE_SALT'/s/put your unique phrase here/`pwgen -c -n -1 65`/" /usr/share/nginx/www/wp-config-sample.php > /usr/share/nginx/www/wp-config.php + +ACTIVATE_PLUGINS=<set_permalink_structure( '/%postname%/' ); + $pluginsToActivate = array( 'nginx-helper' ); + foreach ($pluginsToActivate as $plugin) { + if ( !in_array( $plugin, $plugins ) ) { + array_push( $plugins, $plugin ); + update_option( 'active_plugins', $plugins ); + } + } +} +ENDL + +echo $ACTIVATE_PLUGINS >> /usr/share/nginx/www/wp-config.php + +chown www-data:www-data /usr/share/nginx/www/wp-config.php +mysqladmin -u root password $MYSQL_PASSWORD +mysql -uroot -p$MYSQL_PASSWORD -e "CREATE DATABASE wordpress; GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY '$WORDPRESS_PASSWORD'; FLUSH PRIVILEGES;" +killall mysqld diff --git a/nginx-site.conf b/nginx-site.conf new file mode 100644 index 0000000..3165ee1 --- /dev/null +++ b/nginx-site.conf @@ -0,0 +1,122 @@ +# You may add here your +# server { +# ... +# } +# statements for each of your virtual hosts to this file + +## +# You should look at the following URL's in order to grasp a solid understanding +# of Nginx configuration files in order to fully unleash the power of Nginx. +# http://wiki.nginx.org/Pitfalls +# http://wiki.nginx.org/QuickStart +# http://wiki.nginx.org/Configuration +# +# Generally, you will want to move this file somewhere, and start with a clean +# file but keep this around for reference. Or just disable in sites-enabled. +# +# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. +## + +server { + listen 80; ## listen for ipv4; this line is default and implied + listen [::]:80 default ipv6only=on; ## listen for ipv6 + + root /usr/share/nginx/www; + index index.php index.html index.htm; + + # Make site accessible from http://localhost/ + server_name localhost; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to index.html + try_files $uri $uri/ /index.php?q=$uri&$args; + # Uncomment to enable naxsi on this location + # include /etc/nginx/naxsi.rules + } + + location /doc/ { + alias /usr/share/doc/; + autoindex on; + allow 127.0.0.1; + allow ::1; + deny all; + } + + # Only for nginx-naxsi : process denied requests + #location /RequestDenied { + # For example, return an error code + #return 418; + #} + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/www; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini + + # With php5-cgi alone: + fastcgi_pass 127.0.0.1:9000; + # With php5-fpm: + # fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + + +# another virtual host using mix of IP-, name-, and port-based configuration +# +#server { +# listen 8000; +# listen somename:8080; +# server_name somename alias another.alias; +# root html; +# index index.html index.htm; +# +# location / { +# try_files $uri $uri/ /index.html; +# } +#} + + +# HTTPS server +# +#server { +# listen 443; +# server_name localhost; +# +# root html; +# index index.html index.htm; +# +# ssl on; +# ssl_certificate cert.pem; +# ssl_certificate_key cert.key; +# +# ssl_session_timeout 5m; +# +# ssl_protocols SSLv3 TLSv1; +# ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; +# ssl_prefer_server_ciphers on; +# +# location / { +# try_files $uri $uri/ /index.html; +# } +#} diff --git a/supervisord.conf b/supervisord.conf new file mode 100644 index 0000000..0a07105 --- /dev/null +++ b/supervisord.conf @@ -0,0 +1,30 @@ +[unix_http_server] +file=/tmp/supervisor.sock ; (the path to the socket file) + +[supervisord] +logfile=/tmp/supervisord.log ; (main log file;default $CWD/supervisord.log) +logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) +logfile_backups=10 ; (num of main logfile rotation backups;default 10) +loglevel=info ; (log level;default info; others: debug,warn,trace) +pidfile=/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +nodaemon=false ; (start in foreground if true;default false) +minfds=1024 ; (min. avail startup file descriptors;default 1024) +minprocs=200 ; (min. avail process descriptors;default 200) + +; the below section must remain in the config file for RPC +; (supervisorctl/web interface) to work, additional interfaces may be +; added by defining them in separate rpcinterface: sections +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket + +[program:php5-fpm] +command=/usr/sbin/php5-fpm -c /etc/php5/fpm + +[program:mysqld] +command=/usr/bin/mysqld_safe + +[program:nginx] +command=/usr/sbin/nginx