ssl working
This commit is contained in:
parent
5154af3a52
commit
81f58e0da7
|
@ -0,0 +1,5 @@
|
||||||
|
<?php
|
||||||
|
if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
|
||||||
|
$_SERVER['HTTPS'] = 'on';
|
||||||
|
}
|
||||||
|
?>
|
|
@ -57,6 +57,14 @@ services:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.nginx-${HOST}.entrypoints=http"
|
- "traefik.http.routers.nginx-${HOST}.entrypoints=http"
|
||||||
- "traefik.http.routers.nginx-${HOST}.rule=Host(`${HOST}.${DOMAIN}`)"
|
- "traefik.http.routers.nginx-${HOST}.rule=Host(`${HOST}.${DOMAIN}`)"
|
||||||
|
- "traefik.http.middlewares.nginx-${HOST}-https-redirect.redirectscheme.scheme=https"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}.middlewares=nginx-${HOST}-https-redirect"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}-secure.entrypoints=https"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}-secure.rule=Host(`${HOST}.${DOMAIN}`)"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}-secure.tls=true"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}-secure.tls.certresolver=http"
|
||||||
|
- "traefik.http.services.nginx-${HOST}.loadbalancer.server.port=80"
|
||||||
|
- "traefik.http.routers.nginx-${HOST}-secure.service=nginx-${HOST}"
|
||||||
- "traefik.docker.network=web"
|
- "traefik.docker.network=web"
|
||||||
|
|
||||||
wordpress:
|
wordpress:
|
||||||
|
|
|
@ -5,12 +5,13 @@ _docker_dir="$_docker_base_dir/$_remote_host"
|
||||||
_ssh_cmd="ssh root@$_remote_host.$_domain"
|
_ssh_cmd="ssh root@$_remote_host.$_domain"
|
||||||
_scp_to_base="root@$_remote_host.$_domain:$_docker_dir"
|
_scp_to_base="root@$_remote_host.$_domain:$_docker_dir"
|
||||||
|
|
||||||
echo "HOST=$_remote_host" > .env
|
_tmp_env_file=$(mktemp)
|
||||||
echo "DOMAIN=$_domain" >> .env
|
|
||||||
echo "MYSQL_ROOT_PASSWD=$_mysql_root_passwd" >> .env
|
echo "HOST=$_remote_host" > "$_tmp_env_file"
|
||||||
echo "MYSQL_USER=wordpress" >> .env
|
echo "MYSQL_ROOT_PASSWD=$_mysql_root_passwd" >> "$_tmp_env_file"
|
||||||
echo "MYSQL_PASSWORD=wordpress" >> .env
|
echo "MYSQL_USER=wordpress" >> "$_tmp_env_file"
|
||||||
echo "MYSQL_DATABASE=wordpress" >> .env
|
echo "MYSQL_PASSWORD=wordpress" >> "$_tmp_env_file"
|
||||||
|
echo "MYSQL_DATABASE=wordpress" >> "$_tmp_env_file"
|
||||||
|
|
||||||
$_ssh_cmd "mkdir -p $_docker_dir/wordpress"
|
$_ssh_cmd "mkdir -p $_docker_dir/wordpress"
|
||||||
|
|
||||||
|
@ -18,7 +19,7 @@ echo "Copying files ..."
|
||||||
scp -r production/config "$_scp_to_base"/config
|
scp -r production/config "$_scp_to_base"/config
|
||||||
scp production/Dockerfile "$_scp_to_base"/Dockerfile
|
scp production/Dockerfile "$_scp_to_base"/Dockerfile
|
||||||
scp production/entrypoint.sh "$_scp_to_base"/entrypoint.sh
|
scp production/entrypoint.sh "$_scp_to_base"/entrypoint.sh
|
||||||
scp ./.env "$_scp_to_base"/.env
|
scp "$_tmp_env_file" "$_scp_to_base"/.env
|
||||||
scp production/docker-compose.yml "$_scp_to_base"/docker-compose.yml
|
scp production/docker-compose.yml "$_scp_to_base"/docker-compose.yml
|
||||||
|
|
||||||
scp wordpress.tar.gz "$_scp_to_base"/wordpress.tar.gz
|
scp wordpress.tar.gz "$_scp_to_base"/wordpress.tar.gz
|
||||||
|
@ -28,6 +29,7 @@ echo "Configuring files ..."
|
||||||
$_ssh_cmd "sed -i 's/__HOST__/$_remote_host/g' $_docker_dir/config/nginx.conf"
|
$_ssh_cmd "sed -i 's/__HOST__/$_remote_host/g' $_docker_dir/config/nginx.conf"
|
||||||
# TODO make this more robust than just substituting localhost
|
# TODO make this more robust than just substituting localhost
|
||||||
$_ssh_cmd "sed -i 's/localhost/$_remote_host-mysql/g' $_docker_dir/wordpress/wp-config.php"
|
$_ssh_cmd "sed -i 's/localhost/$_remote_host-mysql/g' $_docker_dir/wordpress/wp-config.php"
|
||||||
|
$_ssh_cmd "cat $_docker_dir/config/wp-config-forward-headers.php $_docker_dir/wordpress/wp-config.php >/tmp/out.tmp && mv /tmp/out.tmp $_docker_dir/wordpress/wp-config.php"
|
||||||
$_ssh_cmd "chown -R $_docker_user: $_docker_dir"
|
$_ssh_cmd "chown -R $_docker_user: $_docker_dir"
|
||||||
# The 82 comes from the Dockerfile addgroup and adduser commands
|
# The 82 comes from the Dockerfile addgroup and adduser commands
|
||||||
$_ssh_cmd "chown -R 82:82 $_docker_dir/wordpress"
|
$_ssh_cmd "chown -R 82:82 $_docker_dir/wordpress"
|
||||||
|
@ -58,17 +60,24 @@ _cmd_docker_exec="cd $_docker_dir && docker exec -t $_remote_host-wordpress /bin
|
||||||
echo "$_ssh_cmd $_cmd_docker_exec"
|
echo "$_ssh_cmd $_cmd_docker_exec"
|
||||||
$_ssh_cmd "$_cmd_docker_exec"
|
$_ssh_cmd "$_cmd_docker_exec"
|
||||||
|
|
||||||
# TODO correct URLS
|
# _cmd_wp="wp user create $_wp_admin_user"
|
||||||
|
# _cmd_docker_exec="cd $_docker_dir && docker exec -t $_remote_host-wordpress /bin/sh -c '$_cmd_wp'"
|
||||||
|
# echo "$_ssh_cmd $_cmd_docker_exec"
|
||||||
|
# $_ssh_cmd "$_cmd_docker_exec"
|
||||||
|
|
||||||
# TODO move this into helper script
|
# TODO move this into helper script
|
||||||
# wp search-replace 'example.dev' 'example.com' --skip-columns=guid
|
# wp search-replace 'example.dev' 'example.com' --skip-columns=guid
|
||||||
# Or, if you only want to change the option, you can do:
|
# Or, if you only want to change the option, you can do:
|
||||||
# wp option update home 'http://example.com'
|
# wp option update home 'http://example.com'
|
||||||
# wp option update siteurl 'http://example.com';
|
# wp option update siteurl 'http://example.com';
|
||||||
|
_cmd_wp="wp search-replace 'http://$_local_hostname.$_local_domain' 'https://$_local_hostname.$_local_domain' --skip-columns=guid"
|
||||||
|
_cmd_docker_exec="cd $_docker_dir && docker exec -t $_remote_host-wordpress /bin/sh -c '$_cmd_wp'"
|
||||||
|
echo "$_ssh_cmd $_cmd_docker_exec"
|
||||||
|
$_ssh_cmd "$_cmd_docker_exec"
|
||||||
|
|
||||||
_cmd_wp="wp search-replace '$_local_hostname.$_local_domain' '$_remote_host.$_domain' --skip-columns=guid"
|
_cmd_wp="wp search-replace '$_local_hostname.$_local_domain' '$_remote_host.$_domain' --skip-columns=guid"
|
||||||
_cmd_docker_exec="cd $_docker_dir && docker exec -t $_remote_host-wordpress /bin/sh -c '$_cmd_wp'"
|
_cmd_docker_exec="cd $_docker_dir && docker exec -t $_remote_host-wordpress /bin/sh -c '$_cmd_wp'"
|
||||||
echo "$_ssh_cmd $_cmd_docker_exec"
|
echo "$_ssh_cmd $_cmd_docker_exec"
|
||||||
$_ssh_cmd "$_cmd_docker_exec"
|
$_ssh_cmd "$_cmd_docker_exec"
|
||||||
|
|
||||||
# TODO ensure HTTP_X_FORWARDED_PROTO header is set in wp-config.php
|
rm "$_tmp_env_file"
|
||||||
|
|
||||||
# TODO 3m .env
|
|
||||||
|
|
Loading…
Reference in New Issue