set up docker containers on host

This commit is contained in:
Ray Elliott 2020-03-08 17:21:12 +00:00
parent f2a8210a35
commit 769d0e0a8a
6 changed files with 107 additions and 25 deletions

2
.gitignore vendored
View File

@ -1,3 +1,3 @@
config /config
notes.txt notes.txt
remote-temp/ remote-temp/

1
dev/config Symbolic link
View File

@ -0,0 +1 @@
config-example

42
docker-compose.yml Normal file
View File

@ -0,0 +1,42 @@
version: "3"
networks:
web:
external: true
internal:
external: false
services:
blog:
image: wordpress:latest
container_name: blog
environment:
WORDPRESS_DB_PASSWORD: dklfm904mg-uiojn
labels:
- "traefik.enable=true"
- "traefik.http.routers.blog.entrypoints=http"
- "traefik.http.routers.blog.rule=Host(`blog.wptest.isnet.uk`)"
- "traefik.http.middlewares.blog.redirectscheme.scheme=https"
- "traefik.http.routers.blog.middlewares=blog"
- "traefik.http.routers.blog.entrypoints=https"
- "traefik.http.routers.blog.rule=Host(`blog.wptest.isnet.uk`)"
- "traefik.http.routers.blog.tls=true"
- "traefik.http.routers.blog.tls.certresolver=http"
- "traefik.http.services.blog.loadbalancer.server.port=80"
- "traefik.http.routers.blog.service=blog"
- "traefik.docker.network=web"
networks:
- internal
- web
depends_on:
- mysql
mysql:
image: mysql:5.7
environment:
MYSQL_ROOT_PASSWORD: dklfm904mg-uiojn
networks:
- internal
labels:
- traefik.enable=false

View File

@ -28,7 +28,7 @@ http {
'$status $body_bytes_sent "$http_referer" ' '$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" ' '"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status' '$request_time $upstream_response_time $pipe $upstream_cache_status'
'$document_root$fastcgi_script_name > $request'; '$document_root$fastcgi_script_name > $request';
access_log /dev/stdout main_timed; access_log /dev/stdout main_timed;
@ -72,13 +72,13 @@ http {
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.php; index index.php;
include /etc/nginx/includes/*.conf; include /etc/nginx/includes/*.conf;
location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; } location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; }
location ~ /(\.DS_Store|wp-config.php|wp-config-sample.php|readme.html.gz|readme.txt.gz|readme.html|readme.txt|error_log|license.txt|changelog|changelog.txt) { access_log off; log_not_found off; deny all; } location ~ /(\.DS_Store|wp-config.php|wp-config-sample.php|readme.html.gz|readme.txt.gz|readme.html|readme.txt|error_log|license.txt|changelog|changelog.txt) { access_log off; log_not_found off; deny all; }
location = /robots.txt { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; expires 30d; } location = /favicon.ico { access_log off; log_not_found off; expires 30d; }
location ~ ~$ { access_log off; log_not_found off; deny all; } location ~ ~$ { access_log off; log_not_found off; deny all; }
location /wp-content { location /wp-content {
root /usr/share/nginx/html/wp-content; root /usr/share/nginx/html/wp-content;
@ -93,19 +93,20 @@ http {
location ~ [^/]\.php(/|$) { location ~ [^/]\.php(/|$) {
try_files $uri =404; try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_connect_timeout 300; fastcgi_connect_timeout 300;
fastcgi_send_timeout 300; fastcgi_send_timeout 300;
fastcgi_read_timeout 300; fastcgi_read_timeout 300;
fastcgi_buffer_size 64k; fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k; fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k; fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k; fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
fastcgi_index index.php; fastcgi_index index.php;
fastcgi_pass wordpress:9000; fastcgi_pass __HOST__-wordpress:9000;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# TODO is hardcoded document root safe???
fastcgi_param SCRIPT_FILENAME /var/www/wordpress$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME /var/www/wordpress$fastcgi_script_name;
include fastcgi_params; include fastcgi_params;
} }

View File

@ -4,6 +4,7 @@ networks:
web: web:
external: true external: true
backend: backend:
external: false
driver: bridge driver: bridge
services: services:
@ -12,7 +13,7 @@ services:
image: 'bitnami/redis:5.0' image: 'bitnami/redis:5.0'
networks: networks:
- backend - backend
container_name: redis container_name: ${HOST}-redis
restart: unless-stopped restart: unless-stopped
environment: environment:
- ALLOW_EMPTY_PASSWORD=yes - ALLOW_EMPTY_PASSWORD=yes
@ -25,7 +26,7 @@ services:
db: db:
image: mariadb:10.4 image: mariadb:10.4
container_name: mysql container_name: ${HOST}-mysql
command: --default-authentication-plugin=mysql_native_password command: --default-authentication-plugin=mysql_native_password
networks: networks:
- backend - backend
@ -46,7 +47,7 @@ services:
image: nginx:1.17-alpine image: nginx:1.17-alpine
depends_on: depends_on:
- wordpress - wordpress
container_name: nginx-wp-stack container_name: ${HOST}-nginx
networks: networks:
- backend - backend
- web - web
@ -55,8 +56,8 @@ services:
- ./wordpress:/usr/share/nginx/html:ro - ./wordpress:/usr/share/nginx/html:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.nginx-wp-stack.entrypoints=http" - "traefik.http.routers.nginx-${HOST}.entrypoints=http"
- "traefik.http.routers.nginx-wp-stack.rule=Host(`wp-stack.wptest.isnet.uk`)" - "traefik.http.routers.nginx-${HOST}.rule=Host(`${HOST}.${DOMAIN}`)"
- "traefik.docker.network=web" - "traefik.docker.network=web"
wordpress: wordpress:
@ -64,7 +65,7 @@ services:
- db - db
networks: networks:
- backend - backend
container_name: wordpress container_name: ${HOST}-wordpress
# env_file: # env_file:
# - .env # - .env
build: ./ build: ./

View File

@ -0,0 +1,37 @@
#!/bin/sh
_docker_user="ray"
_host="wp-stack-two"
_domain="wptest.isnet.uk"
_docker_base_dir="/var/docker"
_docker_dir="$_docker_base_dir/$_host"
# _cmd_wp_export="wp db export --dbuser=wordpress --dbpass=$_wp_db_passwd --add-drop-table data.sql"
_ssh_cmd="ssh root@$_host.$_domain"
_scp_to_base="root@$_host.$_domain:$_docker_dir"
echo "HOST=$_host" > .env
echo "DOMAIN=$_domain" >> .env
$_ssh_cmd "mkdir -p $_docker_dir"
scp -r config "$_scp_to_base"/config
scp Dockerfile "$_scp_to_base"/Dockerfile
scp entrypoint.sh "$_scp_to_base"/entrypoint.sh
scp .env "$_scp_to_base"/.env
scp docker-compose.yml "$_scp_to_base"/docker-compose.yml
$_ssh_cmd "sed -i 's/__HOST__/$_host/g' $_docker_dir/config/nginx.conf"
$_ssh_cmd "chown -R $_docker_user: $_docker_dir"
# export wordpress directory
# import database
# set correct URLS
# ensure HTTP_X_FORWARDED_PROTO header is set in wp-config.php
rm .env