er

2025-07-08 02:21:32 +02:00
parent 40328d2980
commit 4aed7a1cbb
23 changed files with 81 additions and 265 deletions
@@ -1,12 +1,12 @@
-FROM alpine:3.20
+FROM debian:12.5-slim

-RUN apk update && \
-    apk add --no-cache mariadb mariadb-client bash && \
-    mkdir -p /run/mysqld && chown -R mysql:mysql /run/mysqld /var/lib/mysql
+RUN apt-get update && apt-get install -y mariadb-server && rm -rf /var/lib/apt/lists/*
+RUN mkdir -p /run/mysqld && chown -R mysql:mysql /var/lib/mysql /run/mysqld

-# Copie du script d'initialisation
-COPY tools/init-db.sh /docker-entrypoint-initdb.d/init-db.sh
-RUN chmod +x /docker-entrypoint-initdb.d/init-db.sh
+COPY tools/init.sh /docker-entrypoint-initdb.d/init.sh
+RUN chmod +x /docker-entrypoint-initdb.d/init.sh

+USER mysql
 EXPOSE 3306
+
 CMD ["mysqld"]
@@ -1,15 +0,0 @@
-#!/bin/sh
-set -eu
-
-echo "Initialisation de la base de données…"
-
-# Création de la base et de l'utilisateur
-cat <<-EOSQL > /tmp/init.sql
-CREATE DATABASE IF NOT EXISTS \`${MYSQL_DATABASE}\`;
-CREATE USER IF NOT EXISTS '\${MYSQL_USER}'@'%' IDENTIFIED BY '\$(cat /run/secrets/db_password)';
-GRANT ALL PRIVILEGES ON \`${MYSQL_DATABASE}\`.* TO '\${MYSQL_USER}'@'%';
-FLUSH PRIVILEGES;
-EOSQL
-
-mysql -u root -p"$(cat /run/secrets/db_root_password)" < /tmp/init.sql
-rm /tmp/init.sql
@@ -0,0 +1,10 @@
+#!/bin/sh
+mysql_install_db --user=mysql --ldata=/var/lib/mysql
+mysqld --user=mysql --bootstrap << EOF
+FLUSH PRIVILEGES;
+ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';
+CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};
+CREATE USER '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+GRANT ALL PRIVILEGES ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';
+FLUSH PRIVILEGES;
+EOF
@@ -1,2 +0,0 @@
-*.pem
-*.crt
@@ -1,13 +1,13 @@
-FROM alpine:3.20
+FROM debian:12.5-slim

-RUN apk update && apk add --no-cache nginx openssl bash
+RUN apt-get update && apt-get install -y nginx openssl && rm -rf /var/lib/apt/lists/*

-# Copie des fichiers de configuration
-COPY conf/nginx.conf /etc/nginx/nginx.conf
-COPY conf/default.conf /etc/nginx/http.d/default.conf
-COPY tools/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+RUN mkdir /etc/ssl/certs /etc/ssl/private
+COPY tools/mkcert.sh /tmp/mkcert.sh
+RUN chmod +x /tmp/mkcert.sh && /tmp/mkcert.sh
+
+COPY conf/default.conf /etc/nginx/conf.d/default.conf

 EXPOSE 443

-ENTRYPOINT ["/entrypoint.sh"]
+CMD ["nginx", "-g", "daemon off;"]
@@ -1,23 +1,18 @@
 server {
    listen 443 ssl http2;
-    server_name __DOMAIN_NAME__;
+    server_name yantoine.42.fr;
+
+    ssl_certificate     /etc/ssl/certs/server.pem;
+    ssl_certificate_key /etc/ssl/private/tls.key;

-    ssl_certificate     /etc/ssl/certs/server.crt;
-    ssl_certificate_key /etc/ssl/private/server.key;
    ssl_protocols       TLSv1.2 TLSv1.3;
-    ssl_prefer_server_ciphers off;
-
-    root /var/www/html;
-    index index.php index.html;
+    ssl_ciphers         HIGH:!aNULL:!MD5;

    location / {
-        try_files $uri $uri/ /index.php?$args;
-    }
-
-    location ~ \.php$ {
-        include fastcgi_params;
-        fastcgi_pass wordpress:9000;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
+        proxy_pass http://wordpress:9000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
    }
 }
@@ -1,21 +0,0 @@
-user nginx;
-worker_processes auto;
-
-error_log  /var/log/nginx/error.log warn;
-pid        /var/run/nginx.pid;
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    access_log  /var/log/nginx/access.log  main;
-
-    sendfile        on;
-    keepalive_timeout  65;
-
-    include /etc/nginx/http.d/*.conf;
-}
@@ -1,12 +0,0 @@
-#!/bin/sh
-set -eu
-
-# Copie des secrets TLS vers leurs emplacements
-cp /run/secrets/tls_crt /etc/ssl/certs/server.crt
-cp /run/secrets/tls_key /etc/ssl/private/server.key
-chmod 600 /etc/ssl/private/server.key
-
-# Remplacement du nom de domaine dans la conf
-sed -i "s/__DOMAIN_NAME__/${DOMAIN_NAME}/g" /etc/nginx/http.d/default.conf
-
-exec nginx -g 'daemon off;'
@@ -0,0 +1,2 @@
+#!/bin/sh
+openssl req -x509 -nodes -days 365     -newkey rsa:2048     -keyout /etc/ssl/private/tls.key     -out /etc/ssl/certs/server.pem     -subj "/C=FR/ST=France/L=Paris/O=42/CN=yantoine.42.fr"
@@ -1,22 +1,10 @@
-FROM alpine:3.20
+FROM debian:12.5-slim

-RUN apk update && \
-    apk add --no-cache php82 php82-fpm php82-mysqli php82-json php82-session php82-phar \
-        php82-xml php82-mbstring php82-gd php82-curl php82-dom wget bash && \
-    adduser -D -g 'www' www
+RUN apt-get update && apt-get install -y php-fpm php-mysql curl && rm -rf /var/lib/apt/lists/*

-WORKDIR /var/www/html
+COPY tools/setup.sh /setup.sh
+RUN chmod +x /setup.sh && /setup.sh

-# Téléchargement de WordPress
-RUN wget https://wordpress.org/latest.tar.gz && \
-    tar -xzf latest.tar.gz --strip-components=1 && \
-    rm latest.tar.gz
-
-COPY tools/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh && \
-    chown -R www:www /var/www/html && \
-    sed -i 's|listen = .*|listen = 0.0.0.0:9000|' /etc/php82/php-fpm.d/www.conf
-
-USER www
 EXPOSE 9000
-ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["php-fpm8.2", "-F"]
@@ -1,15 +0,0 @@
-#!/bin/sh
-set -eu
-
-CONFIG=/var/www/html/wp-config.php
-
-if [ ! -f "$CONFIG" ]; then
-    cp wp-config-sample.php $CONFIG
-    sed -i "s/database_name_here/${WORDPRESS_DB_NAME}/" $CONFIG
-    sed -i "s/username_here/${WORDPRESS_DB_USER}/" $CONFIG
-    sed -i "s/password_here/$(cat ${WORDPRESS_DB_PASSWORD_FILE})/" $CONFIG
-    sed -i "s/localhost/${WORDPRESS_DB_HOST}/" $CONFIG
-fi
-
-# Lancement de php-fpm au premier plan
-php-fpm --nodaemonize
@@ -0,0 +1,5 @@
+#!/bin/sh
+curl -LO https://wordpress.org/latest.tar.gz
+tar -xzvf latest.tar.gz --strip-components=1 -C /var/www/html
+rm latest.tar.gz
+chown -R www-data:www-data /var/www/html