Initial commit

xemlock · Oct 30, 2018 · f2fff4e · f2fff4e
commit f2fff4e
Show file tree

Hide file tree

Showing 9 changed files with 254 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,6 @@
+db_data/*
+www/*
+
+*.swp
+*.swo
+.DS_Store
diff --git a/db_data/.gitkeep b/db_data/.gitkeep
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,38 @@
+version: '3.3'
+
+services:
+  www:
+    depends_on:
+      - db
+    build: ./docker
+    environment:
+      WORDPRESS_VERSION: latest
+      WORDPRESS_DB_NAME: wordpress
+      WORDPRESS_DB_HOST: db:3306
+      WORDPRESS_DB_USER: wordpress
+      WORDPRESS_DB_PASSWORD: wordpress
+      WP_DEBUG: 1
+      WPLANG: pl
+      SMTP_HOST:
+      SMTP_PORT:
+      SMTP_USER:
+      SMTP_PASS:
+      SMTP_AUTH:
+      SMTP_SSL:
+    ports:
+      - "8000:80"
+    volumes:
+      - ./www:/var/www
+      - ./docker/wp-config.php:/var/www/wp-config.php
+
+  db:
+    image: mysql:5.7
+    volumes:
+      - ./db_data:/var/lib/mysql
+    restart: always
+    environment:
+      MYSQL_ALLOW_EMPTY_PASSWORD: 0
+      MYSQL_ROOT_PASSWORD: wordpress
+      MYSQL_DATABASE: wordpress
+      MYSQL_USER: wordpress
+      MYSQL_PASSWORD: wordpress
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -0,0 +1,40 @@
+FROM ubuntu:18.04
+
+# Prevent 'debconf: unable to initialize frontend: Dialog' warnings
+# https://github.com/phusion/baseimage-docker/issues/58
+RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
+
+# Install PHP
+RUN apt-get update \
+  && apt-get install -y \
+    vim curl git \
+    apache2 \
+    php php-common php-dev php-zip php-curl php-gd php-mysql php-mbstring php-xml libapache2-mod-php \
+    mysql-client \
+  && rm -rf /var/lib/apt/lists/*
+
+RUN sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 128M/g" /etc/php/7.2/apache2/php.ini
+RUN sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 256M/g" /etc/php/7.2/apache2/php.ini
+
+# Install Composer
+RUN curl -o /tmp/composer-setup.php https://getcomposer.org/installer \
+  && curl -o /tmp/composer-setup.sig https://composer.github.io/installer.sig \
+  && php -r "if (hash('SHA384', file_get_contents('/tmp/composer-setup.php')) !== trim(file_get_contents('/tmp/composer-setup.sig'))) { echo 'Invalid Composer installer' . PHP_EOL; exit(1); }" \
+  && php /tmp/composer-setup.php --install-dir="/usr/local/bin" --filename="composer" --no-ansi --force \
+  && rm -f /tmp/composer-setup.php /tmp/composer-setup.sig
+
+# Apache
+COPY ./default.conf /etc/apache2/sites-available/000-default.conf
+VOLUME ["/var/www"]
+
+# AH00558: apache2: Could not reliably determine the server's fully qualified domain name
+RUN sed -i -e 's/\(#ServerRoot \"\)/ServerName localhost\n\1/g' /etc/apache2/apache2.conf
+
+RUN a2enmod rewrite
+
+EXPOSE 80
+
+COPY ./docker-entrypoint.sh /usr/local/bin/
+COPY ./noop.php /
+
+ENTRYPOINT ["docker-entrypoint.sh"]
diff --git a/docker/default.conf b/docker/default.conf
@@ -0,0 +1,24 @@
+<VirtualHost *:80>
+    ServerName localhost
+    ServerAdmin webmaster@localhost
+
+    DocumentRoot /var/www
+    <Directory />
+        Options FollowSymLinks
+        AllowOverride None
+    </Directory>
+    <Directory /var/www>
+        Options FollowSymLinks MultiViews
+        AllowOverride all
+        Order allow,deny
+        Allow from all
+    </Directory>
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+
+    # Possible values include: debug, info, notice, warn, error, crit,
+    # alert, emerg.
+    LogLevel warn
+
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+log () {
+  echo "run.sh: $*"
+}
+
+# Configure MySQL client
+
+CONFIG=~/.my.cnf
+
+echo "[client]" > "$CONFIG"
+echo "database=${WORDPRESS_DB_NAME}" >> "$CONFIG"
+
+case "${WORDPRESS_DB_HOST}" in
+  *:*)
+    echo "host="$(echo "$WORDPRESS_DB_HOST" | cut -d':' -f1) >> "$CONFIG"
+    echo "port="$(echo "$WORDPRESS_DB_HOST" | cut -d':' -f2) >> "$CONFIG"
+    ;;
+
+  *)
+    echo "host=${WORDPRESS_DB_HOST}" >> "$CONFIG"
+    echo "port=${WORDPRESS_DB_PORT}" >> "$CONFIG"
+    ;;
+esac
+
+echo "user=${WORDPRESS_DB_USER}" >> "$CONFIG"
+echo "password=${WORDPRESS_DB_PASSWORD}" >> "$CONFIG"
+
+# Download WordPress
+
+if [ -z "$WORDPRESS_VERSION" ]; then
+  WORDPRESS_VERSION=latest
+fi
+
+if [ ! -f "/var/www/index.php" ]; then
+  log "Downloading WordPress ${WORDPRESS_VERSION}"
+  curl -o /tmp/wordpress.tar.gz https://wordpress.org/wordpress-${WORDPRESS_VERSION}.tar.gz
+  tar --strip-components=1 -zxf /tmp/wordpress.tar.gz -C /var/www
+  cp /noop.php /var/www/wp-admin/includes/noop.php
+fi
+
+# WP options adjustments
+
+log 'Waiting for mysql to become ready'
+while true; do
+  DB_TABLES=$(mysql -e 'SHOW TABLES')
+  if [ $? -eq 0 ]; then
+    break
+  else
+    sleep 1
+  fi
+done
+
+log 'Setting up WP options'
+echo "UPDATE wp_options SET option_value = 'http://localhost:8000' WHERE option_name IN ('home', 'siteurl');" > home.sql
+mysql < home.sql
+rm -f home.sql
+
+echo "DELETE FROM wp_options WHERE option_name LIKE 'smtp_%';" > smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_auth', '${SMTP_AUTH}');" >> smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_host', '${SMTP_HOST}');" >> smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_pass', '${SMTP_PASS}');" >> smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_port', '${SMTP_PORT}');" >> smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_ssl',  '${SMTP_SSL}');"  >> smtp.sql
+echo "INSERT INTO wp_options (option_name, option_value) VALUES ('smtp_user', '${SMTP_USER}');" >> smtp.sql
+mysql < smtp.sql
+rm -f smtp.sql
+
+exec apache2ctl -DFOREGROUND
diff --git a/docker/noop.php b/docker/noop.php
@@ -0,0 +1,53 @@
+<?php
+
+/**
+ * Noop functions for load-scripts.php and load-styles.php.
+ *
+ * This is a development-only replacement implementation for
+ * wp-admin/includes/noop.php that does not interfere with PhpStorm
+ * intellisense.
+ */
+foreach (
+    array(
+        '__',
+        '_x',
+        'add_filter',
+        'esc_attr',
+        'apply_filters',
+        'get_option',
+        'is_lighttpd_before_150',
+        'add_action',
+        'did_action',
+        'do_action_ref_array',
+        'get_bloginfo',
+        'site_url',
+        'admin_url',
+        'home_url',
+        'includes_url',
+        'wp_guess_url',
+        'json_encode',
+    ) as $func
+) {
+    if (!function_exists($func)) {
+        eval("function $func() {}");
+    }
+}
+
+eval('
+function is_admin() {return true;}
+');
+
+eval('
+function get_file( $path ) {
+
+    if ( function_exists("realpath") ) {
+        $path = realpath( $path );
+    }
+
+    if ( ! $path || ! @is_file( $path ) ) {
+        return "";
+    }
+
+    return @file_get_contents( $path );
+}
+');
diff --git a/docker/wp-config.php b/docker/wp-config.php
@@ -0,0 +1,24 @@
+<?php
+
+define('DISABLE_WP_CRON', true);
+
+define('DB_NAME', getenv('WORDPRESS_DB_NAME'));
+define('DB_USER', getenv('WORDPRESS_DB_USER'));
+define('DB_PASSWORD', getenv('WORDPRESS_DB_PASSWORD'));
+define('DB_HOST', getenv('WORDPRESS_DB_HOST'));
+
+define('DB_CHARSET', 'utf8');
+define('DB_COLLATE', '');
+
+$table_prefix  = 'wp_';
+
+define('WP_DEBUG', (bool) getenv('WP_DEBUG'));
+define('WPLANG', (string) getenv('WPLANG'));
+
+if (!defined('ABSPATH'))
+    define('ABSPATH', dirname(__FILE__) . '/');
+
+// https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html
+$_SERVER['HTTP_HOST'] = preg_replace('/[^-_.:\/a-z0-9]/', '', $_SERVER['HTTP_HOST']);
+
+require_once(ABSPATH . 'wp-settings.php');
diff --git a/www/.gitkeep b/www/.gitkeep