set up docker containers on host

.gitignore

@@ -1,3 +1,3 @@
-config
+/config
 notes.txt
 remote-temp/

dev/config

@@ -0,0 +1 @@
+config-example

docker-compose.yml

@@ -0,0 +1,42 @@
+
+version: "3"
+
+networks:
+  web:
+    external: true
+  internal:
+    external: false
+
+services:
+  blog:
+    image: wordpress:latest
+    container_name: blog
+    environment:
+      WORDPRESS_DB_PASSWORD: dklfm904mg-uiojn
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.blog.entrypoints=http"
+      - "traefik.http.routers.blog.rule=Host(`blog.wptest.isnet.uk`)"
+      - "traefik.http.middlewares.blog.redirectscheme.scheme=https"
+      - "traefik.http.routers.blog.middlewares=blog"
+      - "traefik.http.routers.blog.entrypoints=https"
+      - "traefik.http.routers.blog.rule=Host(`blog.wptest.isnet.uk`)"
+      - "traefik.http.routers.blog.tls=true"
+      - "traefik.http.routers.blog.tls.certresolver=http"
+      - "traefik.http.services.blog.loadbalancer.server.port=80"
+      - "traefik.http.routers.blog.service=blog"
+      - "traefik.docker.network=web"
+    networks:
+      - internal
+      - web
+    depends_on:
+      - mysql
+  mysql:
+    image: mysql:5.7
+    environment:
+      MYSQL_ROOT_PASSWORD: dklfm904mg-uiojn
+    networks:
+      - internal
+    labels:
+      - traefik.enable=false
+

production/config/nginx.conf

@@ -28,7 +28,7 @@ http {
                             '$status $body_bytes_sent "$http_referer" '
                             '"$http_user_agent" "$http_x_forwarded_for" '
                             '$request_time $upstream_response_time $pipe $upstream_cache_status'
-			    '$document_root$fastcgi_script_name > $request';
+                '$document_root$fastcgi_script_name > $request';
 
 
     access_log /dev/stdout main_timed;
@@ -54,7 +54,7 @@ http {
     open_file_cache_valid 120s;
     open_file_cache_min_uses 2;
     open_file_cache_errors off;
-    open_log_file_cache max=10000 inactive=30s min_uses=2;    
+    open_log_file_cache max=10000 inactive=30s min_uses=2;
 
     server {
         listen [::]:80 default_server;
@@ -72,13 +72,13 @@ http {
 
         root /usr/share/nginx/html;
         index index.php;
-	include /etc/nginx/includes/*.conf;
-	
-	location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; }
-    	location ~ /(\.DS_Store|wp-config.php|wp-config-sample.php|readme.html.gz|readme.txt.gz|readme.html|readme.txt|error_log|license.txt|changelog|changelog.txt) { access_log off; log_not_found off; deny all; }
-    	location = /robots.txt  { access_log off; log_not_found off; }
-    	location = /favicon.ico { access_log off; log_not_found off; expires 30d; }
-    	location ~ ~$           { access_log off; log_not_found off; deny all; }
+    include /etc/nginx/includes/*.conf;
+
+    location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; }
+        location ~ /(\.DS_Store|wp-config.php|wp-config-sample.php|readme.html.gz|readme.txt.gz|readme.html|readme.txt|error_log|license.txt|changelog|changelog.txt) { access_log off; log_not_found off; deny all; }
+        location = /robots.txt  { access_log off; log_not_found off; }
+        location = /favicon.ico { access_log off; log_not_found off; expires 30d; }
+        location ~ ~$           { access_log off; log_not_found off; deny all; }
 
         location /wp-content {
             root /usr/share/nginx/html/wp-content;
@@ -93,19 +93,20 @@ http {
         location ~ [^/]\.php(/|$) {
             try_files $uri =404;
             fastcgi_split_path_info ^(.+\.php)(/.+)$;
-			fastcgi_connect_timeout 300;
-			fastcgi_send_timeout 300;
-			fastcgi_read_timeout 300;
-			fastcgi_buffer_size 64k;
-			fastcgi_buffers 4 64k;
-			fastcgi_busy_buffers_size 128k;
-			fastcgi_temp_file_write_size 128k;
-			fastcgi_intercept_errors on;
+            fastcgi_connect_timeout 300;
+            fastcgi_send_timeout 300;
+            fastcgi_read_timeout 300;
+            fastcgi_buffer_size 64k;
+            fastcgi_buffers 4 64k;
+            fastcgi_busy_buffers_size 128k;
+            fastcgi_temp_file_write_size 128k;
+            fastcgi_intercept_errors on;
 
             fastcgi_index index.php;
-            fastcgi_pass wordpress:9000;
+            fastcgi_pass __HOST__-wordpress:9000;
 
             # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            # TODO is hardcoded document root safe???
             fastcgi_param SCRIPT_FILENAME /var/www/wordpress$fastcgi_script_name;
             include fastcgi_params;
         }

production/docker-compose.yml

@@ -4,6 +4,7 @@ networks:
   web:
     external: true
   backend:
+    external: false
     driver: bridge
 
 services:
@@ -12,7 +13,7 @@ services:
     image: 'bitnami/redis:5.0'
     networks:
       - backend
-    container_name: redis
+    container_name: ${HOST}-redis
     restart: unless-stopped
     environment:
       - ALLOW_EMPTY_PASSWORD=yes
@@ -25,7 +26,7 @@ services:
 
   db:
     image: mariadb:10.4
-    container_name: mysql
+    container_name: ${HOST}-mysql
     command: --default-authentication-plugin=mysql_native_password
     networks:
       - backend
@@ -46,7 +47,7 @@ services:
     image: nginx:1.17-alpine
     depends_on:
       - wordpress
-    container_name: nginx-wp-stack
+    container_name: ${HOST}-nginx
     networks:
       - backend
       - web
@@ -55,8 +56,8 @@ services:
       - ./wordpress:/usr/share/nginx/html:ro
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.nginx-wp-stack.entrypoints=http"
-      - "traefik.http.routers.nginx-wp-stack.rule=Host(`wp-stack.wptest.isnet.uk`)"
+      - "traefik.http.routers.nginx-${HOST}.entrypoints=http"
+      - "traefik.http.routers.nginx-${HOST}.rule=Host(`${HOST}.${DOMAIN}`)"
       - "traefik.docker.network=web"
 
   wordpress:
@@ -64,7 +65,7 @@ services:
       - db
     networks:
       - backend
-    container_name: wordpress
+    container_name: ${HOST}-wordpress
 #    env_file:
 #      - .env
     build: ./

production/export-to-production.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+
+_docker_user="ray"
+
+_host="wp-stack-two"
+_domain="wptest.isnet.uk"
+_docker_base_dir="/var/docker"
+_docker_dir="$_docker_base_dir/$_host"
+
+# _cmd_wp_export="wp db export --dbuser=wordpress --dbpass=$_wp_db_passwd --add-drop-table data.sql"
+_ssh_cmd="ssh root@$_host.$_domain"
+_scp_to_base="root@$_host.$_domain:$_docker_dir"
+
+echo "HOST=$_host" > .env
+echo "DOMAIN=$_domain" >> .env
+
+$_ssh_cmd "mkdir -p $_docker_dir"
+
+scp -r config "$_scp_to_base"/config
+scp Dockerfile "$_scp_to_base"/Dockerfile
+scp entrypoint.sh "$_scp_to_base"/entrypoint.sh
+scp .env "$_scp_to_base"/.env
+scp docker-compose.yml "$_scp_to_base"/docker-compose.yml
+
+$_ssh_cmd "sed -i 's/__HOST__/$_host/g' $_docker_dir/config/nginx.conf"
+$_ssh_cmd "chown -R $_docker_user: $_docker_dir"
+
+# export wordpress directory
+
+# import database
+
+# set correct URLS
+
+# ensure HTTP_X_FORWARDED_PROTO header is set in wp-config.php
+
+rm .env
+