Master/ContainerOrchestrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

er

Browse Source
This commit is contained in:
H3XploR
2025-07-08 02:21:32 +02:00
parent 40328d2980
commit 4aed7a1cbb
23 changed files with 81 additions and 265 deletions
Download Patch File Download Diff File Expand all files Collapse all files
srcs/.env
+5
View File
@@ -0,0 +1,5 @@
DOMAIN_NAME=yantoine.42.fr
MYSQL_USER=yantoine
MYSQL_PASSWORD=password
MYSQL_DATABASE=wordpress
MYSQL_ROOT_PASSWORD=rootpassword
srcs/.env.example
-17
View File
@@ -1,17 +0,0 @@
LOGIN=yantoine
DOMAIN_NAME=yantoine.42.fr
# Chemin hôte où seront stockés les volumes
HOST_PATH=/home/${LOGIN}/data
# Base de données
MYSQL_DATABASE=wordpress
MYSQL_USER=simple_user
# Les fichiers secrets contiendront les mots de passe
# MYSQL_PASSWORD et MYSQL_ROOT_PASSWORD sont fournis via des secrets Docker
# WordPress
WP_ADMIN_USER=root
WP_ADMIN_PASSWORD=supertoor123
WP_ADMIN_EMAIL=root@mail.com
WP_TITLE=Inception42
srcs/docker-compose.yml
+21 -65
View File
@@ -1,86 +1,42 @@
version: "3.8"
version: '3'
services:
nginx:
build: ./requirements/nginx
container_name: nginx
image: nginx
depends_on:
- wordpress
mariadb:
build: ./requirements/mariadb
container_name: mariadb
restart: always
volumes:
- wp_data:/var/www/html
- db:/var/lib/mysql
env_file: .env
networks:
- inception
ports:
- "443:443"
restart: always
environment:
- DOMAIN_NAME=${DOMAIN_NAME}
secrets:
- tls_crt
- tls_key
wordpress:
build: ./requirements/wordpress
container_name: wordpress
image: wordpress
restart: always
volumes:
- wp:/var/www/html
env_file: .env
depends_on:
- mariadb
volumes:
- wp_data:/var/www/html
networks:
- inception
restart: always
environment:
- WORDPRESS_DB_HOST=mariadb:3306
- WORDPRESS_DB_NAME=${MYSQL_DATABASE}
- WORDPRESS_DB_USER=${MYSQL_USER}
- WORDPRESS_DB_PASSWORD_FILE=/run/secrets/db_password
- DOMAIN_NAME=${DOMAIN_NAME}
secrets:
- db_password
mariadb:
build: ./requirements/mariadb
container_name: mariadb
image: mariadb
volumes:
- db_data:/var/lib/mysql
nginx:
build: ./requirements/nginx
container_name: nginx
restart: always
ports:
- "443:443"
depends_on:
- wordpress
networks:
- inception
restart: always
environment:
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD_FILE=/run/secrets/db_password
secrets:
- db_root_password
- db_password
volumes:
db_data:
driver: local
driver_opts:
type: none
device: ${HOST_PATH}/db
o: bind
wp_data:
driver: local
driver_opts:
type: none
device: ${HOST_PATH}/wp
o: bind
db:
wp:
networks:
inception:
secrets:
db_password:
file: ../secrets/db_password.txt
db_root_password:
file: ../secrets/db_root_password.txt
tls_key:
file: ../secrets/tls_key.pem
tls_crt:
file: ../secrets/tls_crt.pem
srcs/requirements/mariadb/.dockerignore
View File
srcs/requirements/mariadb/Dockerfile
+7 -7
View File
@@ -1,12 +1,12 @@
FROM alpine:3.20
FROM debian:12.5-slim
RUN apk update && \
apk add --no-cache mariadb mariadb-client bash && \
mkdir -p /run/mysqld && chown -R mysql:mysql /run/mysqld /var/lib/mysql
RUN apt-get update && apt-get install -y mariadb-server && rm -rf /var/lib/apt/lists/*
RUN mkdir -p /run/mysqld && chown -R mysql:mysql /var/lib/mysql /run/mysqld
# Copie du script d'initialisation
COPY tools/init-db.sh /docker-entrypoint-initdb.d/init-db.sh
RUN chmod +x /docker-entrypoint-initdb.d/init-db.sh
COPY tools/init.sh /docker-entrypoint-initdb.d/init.sh
RUN chmod +x /docker-entrypoint-initdb.d/init.sh
USER mysql
EXPOSE 3306
CMD ["mysqld"]
srcs/requirements/mariadb/tools/init-db.sh
-15
View File
@@ -1,15 +0,0 @@
#!/bin/sh
set -eu
echo "Initialisation de la base de données…"
# Création de la base et de l'utilisateur
cat <<-EOSQL > /tmp/init.sql
CREATE DATABASE IF NOT EXISTS \`${MYSQL_DATABASE}\`;
CREATE USER IF NOT EXISTS '\${MYSQL_USER}'@'%' IDENTIFIED BY '\$(cat /run/secrets/db_password)';
GRANT ALL PRIVILEGES ON \`${MYSQL_DATABASE}\`.* TO '\${MYSQL_USER}'@'%';
FLUSH PRIVILEGES;
EOSQL
mysql -u root -p"$(cat /run/secrets/db_root_password)" < /tmp/init.sql
rm /tmp/init.sql
srcs/requirements/mariadb/tools/init.sh
+10
View File
@@ -0,0 +1,10 @@
#!/bin/sh
mysql_install_db --user=mysql --ldata=/var/lib/mysql
mysqld --user=mysql --bootstrap << EOF
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';
CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};
CREATE USER '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
GRANT ALL PRIVILEGES ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';
FLUSH PRIVILEGES;
EOF
srcs/requirements/nginx/.dockerignore
-2
View File
@@ -1,2 +0,0 @@
*.pem
*.crt
srcs/requirements/nginx/Dockerfile
+8 -8
View File
@@ -1,13 +1,13 @@
FROM alpine:3.20
FROM debian:12.5-slim
RUN apk update && apk add --no-cache nginx openssl bash
RUN apt-get update && apt-get install -y nginx openssl && rm -rf /var/lib/apt/lists/*
# Copie des fichiers de configuration
COPY conf/nginx.conf /etc/nginx/nginx.conf
COPY conf/default.conf /etc/nginx/http.d/default.conf
COPY tools/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
RUN mkdir /etc/ssl/certs /etc/ssl/private
COPY tools/mkcert.sh /tmp/mkcert.sh
RUN chmod +x /tmp/mkcert.sh && /tmp/mkcert.sh
COPY conf/default.conf /etc/nginx/conf.d/default.conf
EXPOSE 443
ENTRYPOINT ["/entrypoint.sh"]
CMD ["nginx", "-g", "daemon off;"]
srcs/requirements/nginx/conf/default.conf
+10 -15
View File
@@ -1,23 +1,18 @@
server {
listen 443 ssl http2;
server_name __DOMAIN_NAME__;
server_name yantoine.42.fr;
ssl_certificate /etc/ssl/certs/server.pem;
ssl_certificate_key /etc/ssl/private/tls.key;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
root /var/www/html;
index index.php index.html;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass wordpress:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
proxy_pass http://wordpress:9000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
srcs/requirements/nginx/conf/nginx.conf
-21
View File
@@ -1,21 +0,0 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/http.d/*.conf;
}
srcs/requirements/nginx/tools/entrypoint.sh
-12
View File
@@ -1,12 +0,0 @@
#!/bin/sh
set -eu
# Copie des secrets TLS vers leurs emplacements
cp /run/secrets/tls_crt /etc/ssl/certs/server.crt
cp /run/secrets/tls_key /etc/ssl/private/server.key
chmod 600 /etc/ssl/private/server.key
# Remplacement du nom de domaine dans la conf
sed -i "s/__DOMAIN_NAME__/${DOMAIN_NAME}/g" /etc/nginx/http.d/default.conf
exec nginx -g 'daemon off;'
srcs/requirements/nginx/tools/mkcert.sh
+2
View File
@@ -0,0 +1,2 @@
#!/bin/sh
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/tls.key -out /etc/ssl/certs/server.pem -subj "/C=FR/ST=France/L=Paris/O=42/CN=yantoine.42.fr"
srcs/requirements/wordpress/.dockerignore
View File
srcs/requirements/wordpress/Dockerfile
+6 -18
View File
@@ -1,22 +1,10 @@
FROM alpine:3.20
FROM debian:12.5-slim
RUN apk update && \
apk add --no-cache php82 php82-fpm php82-mysqli php82-json php82-session php82-phar \
php82-xml php82-mbstring php82-gd php82-curl php82-dom wget bash && \
adduser -D -g 'www' www
RUN apt-get update && apt-get install -y php-fpm php-mysql curl && rm -rf /var/lib/apt/lists/*
WORKDIR /var/www/html
COPY tools/setup.sh /setup.sh
RUN chmod +x /setup.sh && /setup.sh
# Téléchargement de WordPress
RUN wget https://wordpress.org/latest.tar.gz && \
tar -xzf latest.tar.gz --strip-components=1 && \
rm latest.tar.gz
COPY tools/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh && \
chown -R www:www /var/www/html && \
sed -i 's|listen = .*|listen = 0.0.0.0:9000|' /etc/php82/php-fpm.d/www.conf
USER www
EXPOSE 9000
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm8.2", "-F"]
srcs/requirements/wordpress/tools/entrypoint.sh
-15
View File
@@ -1,15 +0,0 @@
#!/bin/sh
set -eu
CONFIG=/var/www/html/wp-config.php
if [ ! -f "$CONFIG" ]; then
cp wp-config-sample.php $CONFIG
sed -i "s/database_name_here/${WORDPRESS_DB_NAME}/" $CONFIG
sed -i "s/username_here/${WORDPRESS_DB_USER}/" $CONFIG
sed -i "s/password_here/$(cat ${WORDPRESS_DB_PASSWORD_FILE})/" $CONFIG
sed -i "s/localhost/${WORDPRESS_DB_HOST}/" $CONFIG
fi
# Lancement de php-fpm au premier plan
php-fpm --nodaemonize
srcs/requirements/wordpress/tools/setup.sh
+5
View File
@@ -0,0 +1,5 @@
#!/bin/sh
curl -LO https://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz --strip-components=1 -C /var/www/html
rm latest.tar.gz
chown -R www-data:www-data /var/www/html