From ff2e370ef5bcbd7a205d13b6e87bbf83617d4a22 Mon Sep 17 00:00:00 2001
From: Timmy Willison <timmywil@users.noreply.github.com>
Date: Mon, 23 Oct 2023 11:50:19 -0400
Subject: [PATCH 1/2] fix(ssl): revert to ports 80 and 443 and restore SSL

---
 Dockerfile              |  4 +++-
 apache/000-default.conf | 17 ++++++++++++++++-
 docker-compose.yml      |  6 ++++--
 wp-config-sample.php    |  3 ++-
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e56da2a..2adcadf 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,9 +4,11 @@ FROM php:8.2-apache
 RUN docker-php-ext-install mysqli && docker-php-ext-enable mysqli
 RUN apt-get update && apt-get upgrade -y
 
-RUN a2enmod rewrite && \
+RUN a2enmod ssl && a2enmod rewrite && \
+  mkdir -p /etc/apache2/ssl && \
   mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"
 
 COPY ./WordPress /var/www/html
 
 EXPOSE 80
+EXPOSE 443
diff --git a/apache/000-default.conf b/apache/000-default.conf
index 9701dd3..bb7972f 100644
--- a/apache/000-default.conf
+++ b/apache/000-default.conf
@@ -1,7 +1,22 @@
 ServerName local.jquery.com
 
 <VirtualHost *:80>
-	ServerName local.jquery.com
+	ServerAlias *.jquery.com *.jqueryui.com *.jquery.org *.jquerymobile.com
+	DocumentRoot /var/www/html
+	php_value memory_limit 1024M
+	<Directory /var/www/html>
+		Options All
+		AllowOverride All
+		Order allow,deny
+		Allow from all
+	</Directory>
+</VirtualHost>
+
+<VirtualHost *:443>
+	SSLEngine on
+	SSLCertificateFile /etc/apache2/ssl/cert.pem
+	SSLCertificateKeyFile /etc/apache2/ssl/cert-key.pem
+
 	ServerAlias *.jquery.com *.jqueryui.com *.jquery.org *.jquerymobile.com
 	DocumentRoot /var/www/html
 	php_value memory_limit 1024M
diff --git a/docker-compose.yml b/docker-compose.yml
index 08dea7f..a04cf86 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,10 +15,12 @@ services:
       - ./jquery-wp-content:/var/www/html/wp-content
       - ./uploads:/var/www/html/wp-content/uploads:rw
       - ./wp-config.php:/var/www/html/wp-config.php
+      - ./ssl:/etc/apache2/ssl
       - ./apache/.htaccess:/var/www/html/.htaccess
       - ./apache/000-default.conf:/etc/apache2/sites-available/000-default.conf
     ports:
-      - "${JQUERY_WP_HTTP_PORT:-9412}:80"
+      - "80:80"
+      - "443:443"
     networks:
       - jquerynet
 
@@ -31,7 +33,7 @@ services:
     volumes:
       - jquerydbdata:/var/lib/mysql
     ports:
-      - "${JQUERY_WP_MYSQL_PORT:-9414}:3306"
+      - "3306:3306"
     networks:
       - jquerynet
 
diff --git a/wp-config-sample.php b/wp-config-sample.php
index 7ec19bb..8b8fd6c 100644
--- a/wp-config-sample.php
+++ b/wp-config-sample.php
@@ -8,7 +8,8 @@
  */
 
 define( 'JQUERY_STAGING', true );
-define( 'JQUERY_STAGING_FORMAT', 'local.%s:9412' );
+// define( 'JQUERY_STAGING_FORMAT', 'local.%s:9412' );
+define( 'JQUERY_STAGING_FORMAT', 'local.%s' );
 require_once __DIR__ . '/wp-content/sites.php' ;
 define( 'JQUERY_LIVE_SITE', jquery_site_extract( $_SERVER['HTTP_HOST'] ?? 'jquery.com' ) );
 

From be5884f9a80958c1a264b78d51f48f4d11b1068e Mon Sep 17 00:00:00 2001
From: Timmy Willison <timmywil@users.noreply.github.com>
Date: Wed, 13 Dec 2023 11:32:04 -0500
Subject: [PATCH 2/2] fix(config): add option to override port

- also fix the apache host for when certs are not provided
---
 .env.example            |  2 ++
 README.md               | 56 +++++++++++++++++++++++++++++++++++++----
 apache/000-default.conf | 32 ++++++++++++-----------
 docker-compose.yml      |  7 +++---
 wp-config-sample.php    |  4 +--
 5 files changed, 76 insertions(+), 25 deletions(-)
 create mode 100644 .env.example

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..0affe44
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,2 @@
+JQUERY_WP_HTTP_PORT=
+JQUERY_WP_HTTPS_PORT=
diff --git a/README.md b/README.md
index 9bfc7cb..0c50586 100644
--- a/README.md
+++ b/README.md
@@ -24,9 +24,47 @@ define('SECURE_AUTH_KEY',  'put your unique phrase here');
 // etc.
 ```
 
-4. Run `docker compose up --build` to start the containers.
+4. Copy .env.example to .env and edit the file to define database credentials
 
-5. Import the database from a production WordPress instance.
+```sh
+cp .env.example .env
+```
+
+5. Optionally, add local SSL certs to the `ssl` directory.
+
+   * If you don't have any, you can generate them using [mkcert](https://github.com/FiloSottile/mkcert).
+     Run the following:
+
+     ```sh
+     mkcert -install
+     ```
+
+   * Then, in the `ssl` directory, run:
+     ```sh
+     mkcert \
+     local.jquery.com \
+     local.api.jquery.com \
+     local.blog.jquery.com \
+     local.learn.jquery.com \
+     local.releases.jquery.com \
+     local.jqueryui.com \
+     local.api.jqueryui.com \
+     local.blog.jqueryui.com \
+     local.jquerymobile.com \
+     local.api.jquerymobile.com \
+     local.blog.jquerymobile.com \
+     local.jquery.org \
+     local.brand.jquery.org \
+     local.contribute.jquery.org \
+     local.meetings.jquery.org
+     ```
+     Wildcards don't work for multi-level subdomains. Add each site to the list of domains.
+
+   * Rename the created certs to `cert.pem` and `cert-key.pem`.
+
+6. Run `docker compose up --build` to start the containers.
+
+7. Import the database from a production WordPress instance.
 
 ```sh
 # You need SSH admin access to this production server
@@ -44,7 +82,7 @@ scp wp-05.ops.jquery.net:~/wordpress.sql .
 docker exec -i jquerydb mysql -u root -proot < wordpress.sql
 ```
 
-6. Visit http://local.api.jquery.com:9412.
+8. Visit http://local.api.jquery.com, or https://local.api.jquery.com if you created certs.
 
 ## Updating
 
@@ -67,13 +105,21 @@ docker exec -it jquerydb mysql -u root -proot
 
 ### Ports
 
-If you already use port 9412 on your host, you can create a `.env` file in this directory and set the following environment variable with a port number of your own choosing:
+jquery-wp-docker is set up to use ports `80` and `443` by default so no extra work is needed to support SSL. However, if either port is in use on your host, you can create a `.env` file in this directory and set the following environment variable with a port number of your own choosing:
 
 ```
 JQUERY_WP_HTTP_PORT=8080
 ```
 
-Note that the MySQL port (JQUERY_WP_MYSQL_PORT=9414) is only exposed for debugging purposes, e.g. to allow you to connect to it from a GUI or some other tool. The webserver container connects to the MySQL container directly and does not use this port.
+Then, visit the port directly when visiting sites, e.g. http://local.api.jquery.com:4000.
+
+#### A note about port 443
+
+443 is only spun up by Apache if certs are available in the /ssl folder. However, the `docker-compose.yml` does still expose port `443` to the docker images's 443, even if nothing is listening on that port. This shouldn't be an issue in most cases, but the port can be changed in the `.env.` file to avoid any conflicts.
+
+```
+JQUERY_WP_HTTPS_PORT=0
+```
 
 ### DNS
 
diff --git a/apache/000-default.conf b/apache/000-default.conf
index bb7972f..0b15cff 100644
--- a/apache/000-default.conf
+++ b/apache/000-default.conf
@@ -12,18 +12,22 @@ ServerName local.jquery.com
 	</Directory>
 </VirtualHost>
 
-<VirtualHost *:443>
-	SSLEngine on
-	SSLCertificateFile /etc/apache2/ssl/cert.pem
-	SSLCertificateKeyFile /etc/apache2/ssl/cert-key.pem
+<IfFile "/etc/apache2/ssl/cert.pem">
+<IfFile "/etc/apache2/ssl/cert-key.pem">
+	<VirtualHost *:443>
+		SSLEngine on
+		SSLCertificateFile /etc/apache2/ssl/cert.pem
+		SSLCertificateKeyFile /etc/apache2/ssl/cert-key.pem
 
-	ServerAlias *.jquery.com *.jqueryui.com *.jquery.org *.jquerymobile.com
-	DocumentRoot /var/www/html
-	php_value memory_limit 1024M
-	<Directory /var/www/html>
-		Options All
-		AllowOverride All
-		Order allow,deny
-		Allow from all
-	</Directory>
-</VirtualHost>
+		ServerAlias *.jquery.com *.jqueryui.com *.jquery.org *.jquerymobile.com
+		DocumentRoot /var/www/html
+		php_value memory_limit 1024M
+		<Directory /var/www/html>
+			Options All
+			AllowOverride All
+			Order allow,deny
+			Allow from all
+		</Directory>
+	</VirtualHost>
+</IfFile>
+</IfFile>
diff --git a/docker-compose.yml b/docker-compose.yml
index a04cf86..39cefcc 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,7 @@ services:
       - WORDPRESS_DB_HOST=jquerydb:3306
       - WORDPRESS_DB_USER=root
       - WORDPRESS_DB_PASSWORD=root
+      - JQUERY_WP_HTTP_PORT=${JQUERY_WP_HTTP_PORT}
     volumes:
       - ./jquery-wp-content:/var/www/html/wp-content
       - ./uploads:/var/www/html/wp-content/uploads:rw
@@ -19,8 +20,8 @@ services:
       - ./apache/.htaccess:/var/www/html/.htaccess
       - ./apache/000-default.conf:/etc/apache2/sites-available/000-default.conf
     ports:
-      - "80:80"
-      - "443:443"
+      - "${JQUERY_WP_HTTP_PORT:-80}:80"
+      - "${JQUERY_WP_HTTPS_PORT:-443}:443"
     networks:
       - jquerynet
 
@@ -32,8 +33,6 @@ services:
       - MYSQL_ROOT_PASSWORD=root
     volumes:
       - jquerydbdata:/var/lib/mysql
-    ports:
-      - "3306:3306"
     networks:
       - jquerynet
 
diff --git a/wp-config-sample.php b/wp-config-sample.php
index 8b8fd6c..e2a9b81 100644
--- a/wp-config-sample.php
+++ b/wp-config-sample.php
@@ -6,10 +6,10 @@
 /*
  * jQuery.com settings
  */
+$port = getenv('JQUERY_WP_HTTP_PORT');
+define( 'JQUERY_STAGING_FORMAT', $port ? 'local.%s:' . $port : 'local.%s' );
 
 define( 'JQUERY_STAGING', true );
-// define( 'JQUERY_STAGING_FORMAT', 'local.%s:9412' );
-define( 'JQUERY_STAGING_FORMAT', 'local.%s' );
 require_once __DIR__ . '/wp-content/sites.php' ;
 define( 'JQUERY_LIVE_SITE', jquery_site_extract( $_SERVER['HTTP_HOST'] ?? 'jquery.com' ) );