Skip to content

Commit 541d0a1

Browse files
TimidRobotTimidRobot
authored
Merge pull request #15 from creativecommons/minimize-docker
Minimize docker
2 parents 164a0c3 + 5780fe3 commit 541d0a1

File tree

6 files changed

+95
-60
lines changed

6 files changed

+95
-60
lines changed

README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,12 @@ The SSH setup has been established and is currently in use for the Ansible conta
9292
**SSH connection from bastion**:
9393
- ProxyJump allow you to use `ssh bastion` to connect to the bastion-dev host, and `ssh ansible-dev` or `ssh web-dev`, and SSH will automatically connect through the bastion jump host.
9494
- currently, db-dev is not handled through bastion
95+
- Execute the following command to add ssh agent
96+
97+
```shell
98+
ssh-add ./sysadmin-ssh-keys/rsa_sysadmin
99+
```
100+
95101
- Execute the following command to confirm the bastion connection:
96102

97103
```shell

ansible/Dockerfile

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,11 +49,17 @@ RUN mkdir /etc/ansible/
4949
WORKDIR /etc/ansible/
5050

5151
# Set environment variables for Ansible
52-
ENV PATH="/opt/ansible-venv/bin:$PATH"
5352
ENV ANSIBLE_CONFIG=/etc/ansible/ansible.cfg
53+
ENV PATH="/opt/ansible-venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
54+
55+
# Add commands to set environment variables in .bashrc
56+
RUN echo 'export ANSIBLE_CONFIG=/etc/ansible/ansible.cfg' >> /home/sysadmin/.bashrc
57+
RUN echo 'export PATH=/opt/ansible-venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' >> /home/sysadmin/.bashrc
58+
RUN echo 'export LANG=en_US.UTF-8' >> /home/sysadmin/.bashrc
59+
RUN echo 'export LC_ALL=C.UTF-8' >> /home/sysadmin/.bashrc
5460

5561
# Expose SSH port
5662
EXPOSE 22
5763

5864
# Start SSH service
59-
CMD ["/usr/sbin/sshd", "-D"]
65+
CMD ["/usr/sbin/sshd", "-D"]

ansible/etc-ansible-config/roles/wordpress/tasks/main.yml

Lines changed: 61 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,20 @@
1+
- name: Install packages
2+
apt:
3+
name:
4+
- libapache2-mod-php
5+
- mariadb-client
6+
- php8.2
7+
- php8.2-mbstring
8+
- php8.2-mysql
9+
- php8.2-pdo
10+
- php8.2-xml
11+
state: latest
12+
13+
- name: Config PHP
14+
copy:
15+
src: /etc/ansible/web/etc-php-8.2-apache2-conf.d/90-local.ini
16+
dest: /etc/php/8.2/apache2/conf.d/
17+
118
- name: Add Apache2's www-data user to sudo group
219
user:
320
name: www-data
@@ -18,6 +35,45 @@
1835
group: www-data
1936
mode: '0755'
2037

38+
- name: Ensure /var/www/dev/ is writable by www-data
39+
file:
40+
path: /var/www/dev/
41+
state: directory
42+
owner: www-data
43+
group: www-data
44+
mode: '0755'
45+
46+
- name: Enable Apache modules headers
47+
community.general.apache2_module:
48+
state: present
49+
name: headers
50+
51+
- name: Disable conflicting Apache module mpm_event
52+
apache2_module:
53+
name: mpm_event
54+
state: absent
55+
56+
- name: Disable conflicting Apache module mpm_worker
57+
apache2_module:
58+
name: mpm_worker
59+
state: absent
60+
61+
- name: Disable conflicting Apache module php5
62+
apache2_module:
63+
name: php5
64+
state: absent
65+
66+
- name: Check if php_module is enabled
67+
command: apache2ctl -M
68+
register: apache_modules
69+
70+
- name: Enable Apache module php8.2
71+
apache2_module:
72+
name: php8.2
73+
state: present
74+
identifier: php_module
75+
when: "'php_module' not in apache_modules.stdout"
76+
2177
- name: Install WordPress CLI (WP-CLI)
2278
get_url:
2379
url: https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
@@ -76,4 +132,8 @@
76132
' /var/www/dev/wp-config.php > /var/www/dev/wp-config.tmp \
77133
&& mv /var/www/dev/wp-config.tmp /var/www/dev/wp-config.php
78134
args:
79-
chdir: /var/www/dev
135+
chdir: /var/www/dev
136+
137+
- name: Ensure that apache2 is started
138+
become: true
139+
service: name=apache2 state=started

docker-compose.yml

Lines changed: 6 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ services:
1010
- dev-backend
1111
volumes:
1212
- ./ansible/etc-ansible-config:/etc/ansible/
13+
- ./web/etc-php-8.2-apache2-conf.d:/etc/ansible/web/etc-php-8.2-apache2-conf.d
1314
- ./sysadmin-ssh-keys/rsa_sysadmin:/home/sysadmin/.ssh/id_rsa:ro
1415
- ./sysadmin-ssh-keys/rsa_sysadmin.pub:/home/sysadmin/.ssh/id_rsa.pub:ro
1516
- ./sysadmin-ssh-keys/rsa_sysadmin.pub:/home/sysadmin/.ssh/authorized_keys:ro
@@ -25,6 +26,11 @@ services:
2526
build:
2627
args:
2728
WP_VERSION: ${WP_VERSION:?have you copied .env.example to .env?}
29+
WORDPRESS_DB_HOST: db-dev:3306
30+
WORDPRESS_DB_PASSWORD: root
31+
WORDPRESS_DB_USER: root
32+
WORDPRESS_DB_NAME: wordpress
33+
WORDPRESS_USER: root
2834
context: .
2935
dockerfile: web/Dockerfile
3036
networks:
@@ -34,19 +40,6 @@ services:
3440
MYSQL_ROOT_PASSWORD: root
3541
PMA_HOST: db-dev
3642
PMA_PORT: 3306
37-
WORDPRESS_CONFIG_EXTRA: |
38-
# Use dispatch port by default
39-
if ('${CODESPACE_NAME:-}') {
40-
define('WP_HOME', 'https://${CODESPACE_NAME:-}-8080.${GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN:-}');
41-
} else {
42-
define('WP_HOME', 'http://localhost:8080');
43-
define('WP_SITEURL', 'http://localhost:8080');
44-
}
45-
WORDPRESS_DB_HOST: db-dev:3306
46-
WORDPRESS_DB_PASSWORD: root
47-
WORDPRESS_DB_USER: root
48-
WORDPRESS_DB_NAME: wordpress
49-
WORDPRESS_USER: root
5043
init: true
5144
ports:
5245
- '8080:80'

web/Dockerfile

Lines changed: 14 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -21,13 +21,6 @@ RUN apt-get install -y \
2121
curl \
2222
git \
2323
less \
24-
libapache2-mod-php \
25-
mariadb-client \
26-
php8.2 \
27-
php8.2-mbstring \
28-
php8.2-mysql \
29-
php8.2-pdo \
30-
php8.2-xml \
3124
python3 \
3225
sudo \
3326
unzip \
@@ -37,6 +30,18 @@ RUN apt-get install -y \
3730
openssh-server \
3831
&& update-ca-certificates
3932

33+
# Make sure that apache can get the environment variables we need
34+
ARG WORDPRESS_DB_HOST
35+
ARG WORDPRESS_DB_PASSWORD
36+
ARG WORDPRESS_DB_USER
37+
ARG WORDPRESS_DB_NAME
38+
ARG WORDPRESS_USER
39+
RUN echo "SetEnv WORDPRESS_DB_HOST ${WORDPRESS_DB_HOST}" >> /etc/apache2/conf-enabled/environment.conf
40+
RUN echo "SetEnv WORDPRESS_DB_PASSWORD ${WORDPRESS_DB_PASSWORD}" >> /etc/apache2/conf-enabled/environment.conf
41+
RUN echo "SetEnv WORDPRESS_DB_USER ${WORDPRESS_DB_USER}" >> /etc/apache2/conf-enabled/environment.conf
42+
RUN echo "SetEnv WORDPRESS_DB_NAME ${WORDPRESS_DB_NAME}" >> /etc/apache2/conf-enabled/environment.conf
43+
RUN echo "SetEnv WORDPRESS_USER ${WORDPRESS_USER}" >> /etc/apache2/conf-enabled/environment.conf
44+
4045
# Clean up packages: Saves space by removing unnecessary package files and lists
4146
RUN apt-get clean
4247
RUN rm -rf /var/lib/apt/lists/*
@@ -57,14 +62,8 @@ RUN mkdir -p /home/sysadmin/.ssh && \
5762
# Create privilege separation directory for SSH
5863
RUN mkdir -p /run/sshd
5964

60-
# Add Apache2's www-data user to sudo group and enable passwordless startup
61-
RUN adduser www-data sudo
62-
COPY ./web/etc-sudoers.d/www-data_startupservice /etc/sudoers.d/www-data_startupservice
63-
64-
# Add Apache2 service startup script
65-
COPY ./web/startupservice.sh /startupservice.sh
66-
RUN chmod +x /startupservice.sh
67-
CMD ["sudo", "--preserve-env", "/startupservice.sh"]
65+
# Start SSH
66+
CMD ["/usr/sbin/sshd", "-D"]
6867

6968
# Expose SSH port
7069
EXPOSE 22
@@ -73,18 +72,5 @@ EXPOSE 22
7372
EXPOSE 80
7473

7574
# Enable Apache modules
76-
RUN a2enmod headers
77-
RUN a2enmod php8.2
7875
RUN a2enmod rewrite
7976

80-
# Configure PHP
81-
COPY ./web/etc-php-8.2-apache2-conf.d/90-local.ini /etc/php/8.2/apache2/conf.d/
82-
83-
# Create the wp directory and set permissions
84-
RUN mkdir -p /usr/local/bin/wp/
85-
RUN chown -R www-data:www-data /usr/local/bin/wp/
86-
87-
# Create the dev directory and set permissions
88-
RUN mkdir -p /var/www/dev/wp-content/uploads
89-
RUN chown -R www-data:www-data /var/www/dev
90-

web/startupservice.sh

Lines changed: 0 additions & 16 deletions
This file was deleted.

0 commit comments

Comments
 (0)