bla

2023-08-10 08:32:03 +00:00 · 2023-08-10 08:32:03 +00:00 · 62cb0edc4b
commit 62cb0edc4b
parent 3c1a42e9bb
11 changed files with 54 additions and 281 deletions
--- a/Readme.md
+++ b/Readme.md
@ -1,31 +1,18 @@
-# Containers
+# FTP Server
 nginx reverse proxy TLS 1.3 and 1.2 Only..
 Wordpress served by php-fpm with 1 admin and 1 user and redis cache
 Mariadb
 FTP Server pointing to the wordpress volume
 # Volumes
 all in /home/user/data
 mariadb database
 wordpress html
 # Variables
 .env
 # Adminer
 create dockerfile
-# Redis
+# Redis for wordpress
 create dockerfile
-# Website
+# extra service
 copy simple website from nextcloud
 # Extra service
 Nextcloud?
 Dozzle?
 Grafana
-# Arch VM
+# Cleanup
-Put it all in a virtual machine
+Replace Latest tag with the second to last
-One big happy docker network
+double check PID1
 remove unused files like start.sh scripts
--- a/srcs/docker-compose.yml
+++ b/srcs/docker-compose.yml
@ -4,7 +4,6 @@ services:
  nginx:
    build: ./requirements/nginx
    hostname: djonker.42.fr
    init: true
    container_name: nginx
    restart: always
    volumes:
@ -40,6 +39,16 @@ services:
    networks:
      wordpress:
       ipv4_address: 172.20.30.30
  ftp:
    build: ./requirements/ftp
    container_name: ftp
    restart: always
    volumes:
      - /home/djonker/data/wordpress:/home/admin
    ports:
      - 21:21
      - 20:20
      - 21000:21000
 networks:
  wordpress:
--- a/srcs/requirements/ftp/Dockerfile
+++ b/srcs/requirements/ftp/Dockerfile
@ -3,13 +3,12 @@ RUN sleep 10
 RUN apk update
 RUN apk add openssl
 RUN apk add pure-ftpd --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted
-RUN apk add telegraf
+#RUN apk add vsftpd
-COPY srcs/start.sh /root/start.sh
+#COPY srcs/start.sh /root/start.sh
-COPY srcs/vsftpd.conf /etc/vsftpd/vsftpd.conf
+#COPY srcs/vsftpd.conf /etc/vsftpd/vsftpd.conf
 COPY srcs/telegraf.conf /etc/telegraf/telegraf.conf
 WORKDIR /root/
 RUN adduser --disabled-password admin
 RUN echo "admin:password" | chpasswd
-CMD sh start.sh
+CMD pure-ftpd -p 21000:21000
 EXPOSE 21/tcp
 EXPOSE 21000/tcp
--- a/srcs/requirements/ftp/srcs/start.sh
+++ b/srcs/requirements/ftp/srcs/start.sh
@ -1,3 +1,2 @@
 #!/bin/sh
 telegraf &
 pure-ftpd -p 21000:21000
--- a/srcs/requirements/ftp/srcs/vsftpd.conf
+++ b/srcs/requirements/ftp/srcs/vsftpd.conf
@ -1,11 +1,30 @@
 ftpd_banner=A very rigorous evaluator I might say.
 listen=YES
 anonymous_enable=NO
 local_enable=YES
 xferlog_enable=YES
 connect_from_port_20=YES
 pam_service_name=vsftpd
 seccomp_sandbox=NO
 write_enable=YES
-secure_chroot_dir=/var/empty
+local_umask=022
-anonymous_enable=YES
+dirmessage_enable=YES
-anon_root=/srv/ftp
+xferlog_enable=YES
-no_anon_password=YES
+xferlog_std_format=YES
 chroot_local_user=YES
 allow_writeable_chroot=YES
 pam_service_name=vsftpd
 tcp_wrappers=YES
 rsa_cert_file=/etc/ssl/private/vsftpd.crt
 rsa_private_key_file=/etc/ssl/private/vsftpd.key
 ssl_enable=YES
 allow_anon_ssl=NO
 force_local_data_ssl=YES
 force_local_logins_ssl=YES
 ssl_tlsv1=YES
 ssl_sslv2=NO
 ssl_sslv3=NO
 require_ssl_reuse=NO
 ssl_ciphers=HIGH
 #pasv_address=127.0.0.1
 #pasv_addr_resolve=NO
 pasv_enable=YES
 pasv_min_port=21000
 pasv_max_port=21000
 port_enable=YES
--- a/srcs/requirements/mariadb/srcs/start.sh
+++ b/srcs/requirements/mariadb/srcs/start.sh
@ -5,8 +5,8 @@ then
 else
 	mysql_install_db --user=mysql --datadir=/var/lib/mysql
 	mysqld & sleep 10
 	mysql < wordpress.sql
 	mysql -e "CREATE DATABASE $WORDPRESSDATABASE"
 	mysql wordpress < wordpress.sql
 	mysql -e "GRANT ALL PRIVILEGES ON $WORDPRESSDATABASE.* TO $WORDPRESSDATABASEUSER@172.20.30.30 IDENTIFIED BY '$WORDPRESSDATABASEPASSWD'"
 	killall mysqld
 	touch /var/lib/mysql/initialized
--- a/srcs/requirements/nginx/Dockerfile
+++ b/srcs/requirements/nginx/Dockerfile
@ -3,19 +3,19 @@ RUN sleep 10
 RUN apk update
 RUN apk add openssl
 RUN apk add nginx
-COPY srcs/start.sh /root/start.sh
+#COPY srcs/start.sh /root/start.sh
 COPY srcs/nginx.conf /etc/nginx/nginx.conf
 COPY srcs/index.html /var/www/html/index.html
 COPY srcs/style.css /var/www/html/style.css
 WORKDIR /root/
-RUN adduser --disabled-password admin
+#RUN adduser --disabled-password admin
-RUN echo "admin:password" | chpasswd
+#RUN echo "admin:password" | chpasswd
 RUN openssl genrsa -out nginx.key
 RUN openssl req -new -key nginx.key -out nginx.csr -subj "/C=NL/ST=Friesland/L=Heerenveen/O=localhost/OU=localhost/CN=localhost/emailAddress=djonker@student.codam.nl"
 RUN openssl x509 -req -days 365 -in nginx.csr -signkey nginx.key -out nginx.crt
 RUN mv nginx.crt /etc/ssl/certs/nginx.crt
 RUN mv nginx.key /etc/ssl/private/nginx.key
 RUN chmod 600 /etc/ssl/certs/nginx.crt /etc/ssl/private/nginx.key
-CMD sh start.sh
+CMD nginx -g 'daemon off;'
 EXPOSE 80/tcp
 EXPOSE 443/tcp
--- a/srcs/requirements/phpmyadmin/Dockerfile
+++ b/srcs/requirements/phpmyadmin/Dockerfile
@ -1,35 +0,0 @@
 FROM alpine
 RUN sleep 10
 RUN apk update
 RUN apk add openssl
 RUN apk add nginx
 RUN apk add php7
 RUN apk add php7-fpm
 RUN apk add php7-mysqli
 RUN apk add php7-gd
 RUN apk add php7-mbstring
 RUN apk add php7-curl
 RUN apk add php7-json
 RUN apk add php7-xml
 RUN apk add php7-zip
 RUN apk add php7-iconv
 RUN apk add php7-session
 RUN apk add telegraf
 COPY srcs/start.sh /root/start.sh
 COPY srcs/nginx.conf /etc/nginx/nginx.conf
 COPY srcs/telegraf.conf /etc/telegraf/telegraf.conf
 COPY srcs/phpmyadmin.conf /var/www/phpmyadmin/config.inc.php
 WORKDIR /root/
 RUN wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-english.tar.gz
 RUN tar -xvf phpMyAdmin-5.1.1-english.tar.gz
 RUN mv phpMyAdmin-5.1.1-english/* /var/www/phpmyadmin/
 RUN mkdir -p /var/www/phpmyadmin/tmp
 RUN chown -R root:root /var/www
 RUN openssl genrsa -out nginx.key
 RUN openssl req -new -key nginx.key -out nginx.csr -subj "/C=NL/ST=Friesland/L=Heerenveen/O=localhost/OU=localhost/CN=localhost/emailAddress=djonker@student.codam.nl"
 RUN openssl x509 -req -days 365 -in nginx.csr -signkey nginx.key -out nginx.crt
 RUN mv nginx.crt /etc/ssl/certs/nginx.crt
 RUN mv nginx.key /etc/ssl/private/nginx.key
 RUN chmod 600 /etc/ssl/certs/nginx.crt /etc/ssl/private/nginx.key
 CMD sh start.sh
 EXPOSE 5000/tcp
--- a/srcs/requirements/phpmyadmin/srcs/nginx.conf
+++ b/srcs/requirements/phpmyadmin/srcs/nginx.conf
@ -1,48 +0,0 @@
 user root;
 worker_processes auto;
 error_log  /var/log/nginx/error.log;
 error_log  /var/log/nginx/error.log  notice;
 error_log  /var/log/nginx/error.log  info;
 events {
 	worker_connections 1024;
 }
 http {
    include mime.types;
    default_type application/octet-stream;
 	access_log /var/log/nginx/access.log;
    sendfile on;
    keepalive_timeout 3600;
 	gzip on;
 	gzip_comp_level 6;
 	gzip_vary on;
 	gzip_types text/plain text/css application/json application/x-javascript application/javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype;
 	server {
 		listen 5000 ssl default_server;
 		ssl_certificate /etc/ssl/certs/nginx.crt;
 		ssl_certificate_key /etc/ssl/private/nginx.key;
 		root /var/www;
 		index index.php index.html index.htm;
 		server_name localhost;
 		location / {
 			autoindex on;
 			try_files $uri $uri/ =404;
 		}
 		location ~ \.php$ {
 			include fastcgi.conf;
 			include fastcgi_params;
 			fastcgi_pass 127.0.0.1:9000;
 			fastcgi_index index.php;
 		}
 		if ($scheme = http) {
 			return 301 https://$server_name$request_uri;
        }
 	}
 }
--- a/srcs/requirements/phpmyadmin/srcs/phpmyadmin.conf
+++ b/srcs/requirements/phpmyadmin/srcs/phpmyadmin.conf
@ -1,153 +0,0 @@
 <?php
 /**
 * phpMyAdmin sample configuration, you can use it as base for
 * manual configuration. For easier setup you can use setup/
 *
 * All directives are explained in documentation in the doc/ folder
 * or at <https://docs.phpmyadmin.net/>.
 */
 declare(strict_types=1);
 /**
 * This is needed for cookie based authentication to encrypt password in
 * cookie. Needs to be 32 chars long.
 */
 $cfg['blowfish_secret'] = 'flsbdihjkuvydfsbkhjufdghiluiossd'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 /**
 * Servers configuration
 */
 $i = 0;
 /**
 * First server
 */
 $i++;
 /* Authentication type */
 $cfg['Servers'][$i]['auth_type'] = 'cookie';
 /* Server parameters */
 $cfg['Servers'][$i]['host'] = 'mariadb';
 $cfg['Servers'][$i]['compress'] = false;
 $cfg['Servers'][$i]['AllowNoPassword'] = false;
 /**
 * phpMyAdmin configuration storage settings.
 */
 /* User used to manipulate with storage */
 // $cfg['Servers'][$i]['controlhost'] = '';
 // $cfg['Servers'][$i]['controlport'] = '';
 // $cfg['Servers'][$i]['controluser'] = 'pma';
 // $cfg['Servers'][$i]['controlpass'] = 'pmapass';
 /* Storage database and tables */
 // $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
 // $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
 // $cfg['Servers'][$i]['relation'] = 'pma__relation';
 // $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
 // $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
 // $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
 // $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
 // $cfg['Servers'][$i]['history'] = 'pma__history';
 // $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
 // $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
 // $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
 // $cfg['Servers'][$i]['recent'] = 'pma__recent';
 // $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
 // $cfg['Servers'][$i]['users'] = 'pma__users';
 // $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
 // $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
 // $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
 // $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
 // $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
 // $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
 /**
 * End of servers configuration
 */
 /**
 * Directories for saving/loading files from server
 */
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 /**
 * Whether to display icons or text or both icons and text in table row
 * action segment. Value can be either of 'icons', 'text' or 'both'.
 * default = 'both'
 */
 //$cfg['RowActionType'] = 'icons';
 /**
 * Defines whether a user should be displayed a "show all (records)"
 * button in browse mode or not.
 * default = false
 */
 //$cfg['ShowAll'] = true;
 /**
 * Number of rows displayed when browsing a result set. If the result
 * set contains more rows, "Previous" and "Next".
 * Possible values: 25, 50, 100, 250, 500
 * default = 25
 */
 //$cfg['MaxRows'] = 50;
 /**
 * Disallow editing of binary fields
 * valid values are:
 *   false    allow editing
 *   'blob'   allow editing except for BLOB fields
 *   'noblob' disallow editing except for BLOB fields
 *   'all'    disallow editing
 * default = 'blob'
 */
 //$cfg['ProtectBinary'] = false;
 /**
 * Default language to use, if not browser-defined or user-defined
 * (you find all languages in the locale folder)
 * uncomment the desired line:
 * default = 'en'
 */
 //$cfg['DefaultLang'] = 'en';
 //$cfg['DefaultLang'] = 'de';
 /**
 * How many columns should be used for table display of a database?
 * (a value larger than 1 results in some information being hidden)
 * default = 1
 */
 //$cfg['PropertiesNumColumns'] = 2;
 /**
 * Set to true if you want DB-based query history.If false, this utilizes
 * JS-routines to display query history (lost by window close)
 *
 * This requires configuration storage enabled, see above.
 * default = false
 */
 //$cfg['QueryHistoryDB'] = true;
 /**
 * When using DB-based query history, how many entries should be kept?
 * default = 25
 */
 //$cfg['QueryHistoryMax'] = 100;
 /**
 * Whether or not to query the user before sending the error report to
 * the phpMyAdmin team when a JavaScript error occurs
 *
 * Available options
 * ('ask' | 'always' | 'never')
 * default = 'ask'
 */
 //$cfg['SendErrorReports'] = 'always';
 /**
 * You can find more configuration options in the documentation
 * in the doc/ folder or at <https://docs.phpmyadmin.net/>.
 */
--- a/srcs/requirements/phpmyadmin/srcs/start.sh
+++ b/srcs/requirements/phpmyadmin/srcs/start.sh
@ -1,4 +0,0 @@
 #!/bin/sh
 telegraf &
 php-fpm7 &
 nginx -g 'daemon off;'