This commit is contained in:
Danny Houtworm 2023-08-10 08:32:03 +00:00
parent 3c1a42e9bb
commit 62cb0edc4b
11 changed files with 54 additions and 281 deletions

View File

@ -1,31 +1,18 @@
# Containers
nginx reverse proxy TLS 1.3 and 1.2 Only..
Wordpress served by php-fpm with 1 admin and 1 user and redis cache
Mariadb
FTP Server pointing to the wordpress volume
# Volumes
all in /home/user/data
mariadb database
wordpress html
# Variables
.env
# FTP Server
# Adminer
create dockerfile
# Redis
# Redis for wordpress
create dockerfile
# Website
copy simple website from nextcloud
# Extra service
# extra service
Nextcloud?
Dozzle?
Grafana
# Arch VM
Put it all in a virtual machine
One big happy docker network
# Cleanup
Replace Latest tag with the second to last
double check PID1
remove unused files like start.sh scripts

View File

@ -4,7 +4,6 @@ services:
nginx:
build: ./requirements/nginx
hostname: djonker.42.fr
init: true
container_name: nginx
restart: always
volumes:
@ -40,6 +39,16 @@ services:
networks:
wordpress:
ipv4_address: 172.20.30.30
ftp:
build: ./requirements/ftp
container_name: ftp
restart: always
volumes:
- /home/djonker/data/wordpress:/home/admin
ports:
- 21:21
- 20:20
- 21000:21000
networks:
wordpress:

View File

@ -3,13 +3,12 @@ RUN sleep 10
RUN apk update
RUN apk add openssl
RUN apk add pure-ftpd --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted
RUN apk add telegraf
COPY srcs/start.sh /root/start.sh
COPY srcs/vsftpd.conf /etc/vsftpd/vsftpd.conf
COPY srcs/telegraf.conf /etc/telegraf/telegraf.conf
#RUN apk add vsftpd
#COPY srcs/start.sh /root/start.sh
#COPY srcs/vsftpd.conf /etc/vsftpd/vsftpd.conf
WORKDIR /root/
RUN adduser --disabled-password admin
RUN echo "admin:password" | chpasswd
CMD sh start.sh
CMD pure-ftpd -p 21000:21000
EXPOSE 21/tcp
EXPOSE 21000/tcp

View File

@ -1,3 +1,2 @@
#!/bin/sh
telegraf &
pure-ftpd -p 21000:21000

View File

@ -1,11 +1,30 @@
ftpd_banner=A very rigorous evaluator I might say.
listen=YES
anonymous_enable=NO
local_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
seccomp_sandbox=NO
write_enable=YES
secure_chroot_dir=/var/empty
anonymous_enable=YES
anon_root=/srv/ftp
no_anon_password=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
xferlog_std_format=YES
chroot_local_user=YES
allow_writeable_chroot=YES
pam_service_name=vsftpd
tcp_wrappers=YES
rsa_cert_file=/etc/ssl/private/vsftpd.crt
rsa_private_key_file=/etc/ssl/private/vsftpd.key
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
#pasv_address=127.0.0.1
#pasv_addr_resolve=NO
pasv_enable=YES
pasv_min_port=21000
pasv_max_port=21000
port_enable=YES

View File

@ -5,8 +5,8 @@ then
else
mysql_install_db --user=mysql --datadir=/var/lib/mysql
mysqld & sleep 10
mysql < wordpress.sql
mysql -e "CREATE DATABASE $WORDPRESSDATABASE"
mysql wordpress < wordpress.sql
mysql -e "GRANT ALL PRIVILEGES ON $WORDPRESSDATABASE.* TO $WORDPRESSDATABASEUSER@172.20.30.30 IDENTIFIED BY '$WORDPRESSDATABASEPASSWD'"
killall mysqld
touch /var/lib/mysql/initialized

View File

@ -3,19 +3,19 @@ RUN sleep 10
RUN apk update
RUN apk add openssl
RUN apk add nginx
COPY srcs/start.sh /root/start.sh
#COPY srcs/start.sh /root/start.sh
COPY srcs/nginx.conf /etc/nginx/nginx.conf
COPY srcs/index.html /var/www/html/index.html
COPY srcs/style.css /var/www/html/style.css
WORKDIR /root/
RUN adduser --disabled-password admin
RUN echo "admin:password" | chpasswd
#RUN adduser --disabled-password admin
#RUN echo "admin:password" | chpasswd
RUN openssl genrsa -out nginx.key
RUN openssl req -new -key nginx.key -out nginx.csr -subj "/C=NL/ST=Friesland/L=Heerenveen/O=localhost/OU=localhost/CN=localhost/emailAddress=djonker@student.codam.nl"
RUN openssl x509 -req -days 365 -in nginx.csr -signkey nginx.key -out nginx.crt
RUN mv nginx.crt /etc/ssl/certs/nginx.crt
RUN mv nginx.key /etc/ssl/private/nginx.key
RUN chmod 600 /etc/ssl/certs/nginx.crt /etc/ssl/private/nginx.key
CMD sh start.sh
CMD nginx -g 'daemon off;'
EXPOSE 80/tcp
EXPOSE 443/tcp

View File

@ -1,35 +0,0 @@
FROM alpine
RUN sleep 10
RUN apk update
RUN apk add openssl
RUN apk add nginx
RUN apk add php7
RUN apk add php7-fpm
RUN apk add php7-mysqli
RUN apk add php7-gd
RUN apk add php7-mbstring
RUN apk add php7-curl
RUN apk add php7-json
RUN apk add php7-xml
RUN apk add php7-zip
RUN apk add php7-iconv
RUN apk add php7-session
RUN apk add telegraf
COPY srcs/start.sh /root/start.sh
COPY srcs/nginx.conf /etc/nginx/nginx.conf
COPY srcs/telegraf.conf /etc/telegraf/telegraf.conf
COPY srcs/phpmyadmin.conf /var/www/phpmyadmin/config.inc.php
WORKDIR /root/
RUN wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-english.tar.gz
RUN tar -xvf phpMyAdmin-5.1.1-english.tar.gz
RUN mv phpMyAdmin-5.1.1-english/* /var/www/phpmyadmin/
RUN mkdir -p /var/www/phpmyadmin/tmp
RUN chown -R root:root /var/www
RUN openssl genrsa -out nginx.key
RUN openssl req -new -key nginx.key -out nginx.csr -subj "/C=NL/ST=Friesland/L=Heerenveen/O=localhost/OU=localhost/CN=localhost/emailAddress=djonker@student.codam.nl"
RUN openssl x509 -req -days 365 -in nginx.csr -signkey nginx.key -out nginx.crt
RUN mv nginx.crt /etc/ssl/certs/nginx.crt
RUN mv nginx.key /etc/ssl/private/nginx.key
RUN chmod 600 /etc/ssl/certs/nginx.crt /etc/ssl/private/nginx.key
CMD sh start.sh
EXPOSE 5000/tcp

View File

@ -1,48 +0,0 @@
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
error_log /var/log/nginx/error.log notice;
error_log /var/log/nginx/error.log info;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
keepalive_timeout 3600;
gzip on;
gzip_comp_level 6;
gzip_vary on;
gzip_types text/plain text/css application/json application/x-javascript application/javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype;
server {
listen 5000 ssl default_server;
ssl_certificate /etc/ssl/certs/nginx.crt;
ssl_certificate_key /etc/ssl/private/nginx.key;
root /var/www;
index index.php index.html index.htm;
server_name localhost;
location / {
autoindex on;
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include fastcgi.conf;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}
}

View File

@ -1,153 +0,0 @@
<?php
/**
* phpMyAdmin sample configuration, you can use it as base for
* manual configuration. For easier setup you can use setup/
*
* All directives are explained in documentation in the doc/ folder
* or at <https://docs.phpmyadmin.net/>.
*/
declare(strict_types=1);
/**
* This is needed for cookie based authentication to encrypt password in
* cookie. Needs to be 32 chars long.
*/
$cfg['blowfish_secret'] = 'flsbdihjkuvydfsbkhjufdghiluiossd'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/**
* Servers configuration
*/
$i = 0;
/**
* First server
*/
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'mariadb';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
/**
* phpMyAdmin configuration storage settings.
*/
/* User used to manipulate with storage */
// $cfg['Servers'][$i]['controlhost'] = '';
// $cfg['Servers'][$i]['controlport'] = '';
// $cfg['Servers'][$i]['controluser'] = 'pma';
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
/* Storage database and tables */
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
// $cfg['Servers'][$i]['relation'] = 'pma__relation';
// $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
// $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
// $cfg['Servers'][$i]['history'] = 'pma__history';
// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
// $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
// $cfg['Servers'][$i]['recent'] = 'pma__recent';
// $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
// $cfg['Servers'][$i]['users'] = 'pma__users';
// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
// $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
// $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
// $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
/**
* End of servers configuration
*/
/**
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
/**
* Whether to display icons or text or both icons and text in table row
* action segment. Value can be either of 'icons', 'text' or 'both'.
* default = 'both'
*/
//$cfg['RowActionType'] = 'icons';
/**
* Defines whether a user should be displayed a "show all (records)"
* button in browse mode or not.
* default = false
*/
//$cfg['ShowAll'] = true;
/**
* Number of rows displayed when browsing a result set. If the result
* set contains more rows, "Previous" and "Next".
* Possible values: 25, 50, 100, 250, 500
* default = 25
*/
//$cfg['MaxRows'] = 50;
/**
* Disallow editing of binary fields
* valid values are:
* false allow editing
* 'blob' allow editing except for BLOB fields
* 'noblob' disallow editing except for BLOB fields
* 'all' disallow editing
* default = 'blob'
*/
//$cfg['ProtectBinary'] = false;
/**
* Default language to use, if not browser-defined or user-defined
* (you find all languages in the locale folder)
* uncomment the desired line:
* default = 'en'
*/
//$cfg['DefaultLang'] = 'en';
//$cfg['DefaultLang'] = 'de';
/**
* How many columns should be used for table display of a database?
* (a value larger than 1 results in some information being hidden)
* default = 1
*/
//$cfg['PropertiesNumColumns'] = 2;
/**
* Set to true if you want DB-based query history.If false, this utilizes
* JS-routines to display query history (lost by window close)
*
* This requires configuration storage enabled, see above.
* default = false
*/
//$cfg['QueryHistoryDB'] = true;
/**
* When using DB-based query history, how many entries should be kept?
* default = 25
*/
//$cfg['QueryHistoryMax'] = 100;
/**
* Whether or not to query the user before sending the error report to
* the phpMyAdmin team when a JavaScript error occurs
*
* Available options
* ('ask' | 'always' | 'never')
* default = 'ask'
*/
//$cfg['SendErrorReports'] = 'always';
/**
* You can find more configuration options in the documentation
* in the doc/ folder or at <https://docs.phpmyadmin.net/>.
*/

View File

@ -1,4 +0,0 @@
#!/bin/sh
telegraf &
php-fpm7 &
nginx -g 'daemon off;'