diff --git a/wordpress/Dockerfile b/wordpress/Dockerfile index 84fca70..f155fed 100644 --- a/wordpress/Dockerfile +++ b/wordpress/Dockerfile @@ -1,17 +1,18 @@ FROM clearlinux/php-fpm MAINTAINER sophia.gong@intel.com -RUN set -ex \ - && { \ - useradd -U www-data; \ - chown -R www-data:www-data /var/www/html; \ - chmod 777 /var/www/html; \ - cd /var/www/html; \ - curl -O https://wordpress.org/latest.tar.gz; \ - tar xzvf latest.tar.gz; \ - mv wordpress/* .; \ - rm latest.tar.gz; \ - } +VOLUME /var/www/html + +ENV WORDPRESS_VERSION 5.2.2 +ENV WORDPRESS_SHA1 3605bcbe9ea48d714efa59b0eb2d251657e7d5b0 + +RUN set -ex; \ + curl -o wordpress.tar.gz -fSL "https://wordpress.org/wordpress-${WORDPRESS_VERSION}.tar.gz"; \ + echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c -; \ + # upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress + tar -xzf wordpress.tar.gz -C /usr/src/; \ + rm wordpress.tar.gz; \ + chown -R httpd:httpd /usr/src/wordpress COPY docker-entrypoint.sh /usr/local/bin/ ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/wordpress/docker-entrypoint.sh b/wordpress/docker-entrypoint.sh index f19c056..1ac086d 100755 --- a/wordpress/docker-entrypoint.sh +++ b/wordpress/docker-entrypoint.sh @@ -25,13 +25,58 @@ file_env() { if [ "$1" == php-fpm ]; then if [ "$(id -u)" = '0' ]; then - user='www-data' - group='www-data' + # php-fpm + user='httpd' + group='httpd' else user="$(id -u)" group="$(id -g)" fi + if [ ! -e index.php ] && [ ! -e wp-includes/version.php ]; then + # if the directory exists and WordPress doesn't appear to be installed AND the permissions of it are root:root, let's chown it (likely a Docker-created directory) + if [ "$(id -u)" = '0' ] && [ "$(stat -c '%u:%g' .)" = '0:0' ]; then + chown "$user:$group" . + fi + + echo >&2 "WordPress not found in $PWD - copying now..." + if [ -n "$(ls -A)" ]; then + echo >&2 "WARNING: $PWD is not empty! (copying anyhow)" + fi + sourceTarArgs=( + --create + --file - + --directory /usr/src/wordpress + --owner "$user" --group "$group" + ) + targetTarArgs=( + --extract + --file - + ) + if [ "$user" != '0' ]; then + # avoid "tar: .: Cannot utime: Operation not permitted" and "tar: .: Cannot change mode to rwxr-xr-x: Operation not permitted" + targetTarArgs+=( --no-overwrite-dir ) + fi + tar "${sourceTarArgs[@]}" . | tar "${targetTarArgs[@]}" + echo >&2 "Complete! WordPress has been successfully copied to $PWD" + if [ ! -e .htaccess ]; then + # NOTE: The "Indexes" option is disabled in the php:apache base image + cat > .htaccess <<-'EOF' + # BEGIN WordPress + + RewriteEngine On + RewriteBase / + RewriteRule ^index\.php$ - [L] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule . /index.php [L] + + # END WordPress + EOF + chown "$user:$group" .htaccess + fi + fi + # allow any of these "Authentication Unique Keys and Salts." to be specified via # environment variables with a "WORDPRESS_" prefix (ie, "WORDPRESS_AUTH_KEY") uniqueEnvs=( @@ -108,6 +153,7 @@ if [ "$1" == php-fpm ]; then if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { $_SERVER['HTTPS'] = 'on'; } + EOPHP chown "$user:$group" wp-config.php elif [ -e wp-config.php ] && [ -n "$WORDPRESS_CONFIG_EXTRA" ] && [[ "$(< wp-config.php)" != *"$WORDPRESS_CONFIG_EXTRA"* ]]; then @@ -177,7 +223,9 @@ EOPHP if ! TERM=dumb php -- <<'EOPHP' connect_error); + if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_string($dbName) . '`')) { fwrite($stderr, "\n" . 'MySQL "CREATE DATABASE" Error: ' . $mysql->error . "\n"); $mysql->close(); exit(1); } + $mysql->close(); EOPHP then