|
| 1 | +#!/bin/bash |
| 2 | +set -euo pipefail |
| 3 | + |
| 4 | +# usage: file_env VAR [DEFAULT] |
| 5 | +# ie: file_env 'XYZ_DB_PASSWORD' 'example' |
| 6 | +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of |
| 7 | +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) |
| 8 | +file_env() { |
| 9 | + local var="$1" |
| 10 | + local fileVar="${var}_FILE" |
| 11 | + local def="${2:-}" |
| 12 | + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then |
| 13 | + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" |
| 14 | + exit 1 |
| 15 | + fi |
| 16 | + local val="$def" |
| 17 | + if [ "${!var:-}" ]; then |
| 18 | + val="${!var}" |
| 19 | + elif [ "${!fileVar:-}" ]; then |
| 20 | + val="$(< "${!fileVar}")" |
| 21 | + fi |
| 22 | + export "$var"="$val" |
| 23 | + unset "$fileVar" |
| 24 | +} |
| 25 | + |
| 26 | +if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then |
| 27 | + if ! [ -e index.php -a -e wp-includes/version.php ]; then |
| 28 | + echo >&2 "WordPress not found in $PWD - copying now..." |
| 29 | + if [ "$(ls -A)" ]; then |
| 30 | + echo >&2 "WARNING: $PWD is not empty - press Ctrl+C now if this is an error!" |
| 31 | + ( set -x; ls -A; sleep 10 ) |
| 32 | + fi |
| 33 | + tar cf - --one-file-system -C /usr/src/wordpress . | tar xf - |
| 34 | + echo >&2 "Complete! WordPress has been successfully copied to $PWD" |
| 35 | + if [ ! -e .htaccess ]; then |
| 36 | + # NOTE: The "Indexes" option is disabled in the php:apache base image |
| 37 | + cat > .htaccess <<-'EOF' |
| 38 | + # BEGIN WordPress |
| 39 | + <IfModule mod_rewrite.c> |
| 40 | + RewriteEngine On |
| 41 | + RewriteBase / |
| 42 | + RewriteRule ^index\.php$ - [L] |
| 43 | + RewriteCond %{REQUEST_FILENAME} !-f |
| 44 | + RewriteCond %{REQUEST_FILENAME} !-d |
| 45 | + RewriteRule . /index.php [L] |
| 46 | + </IfModule> |
| 47 | + # END WordPress |
| 48 | + EOF |
| 49 | + chown www-data:www-data .htaccess |
| 50 | + fi |
| 51 | + fi |
| 52 | + |
| 53 | + # TODO handle WordPress upgrades magically in the same way, but only if wp-includes/version.php's $wp_version is less than /usr/src/wordpress/wp-includes/version.php's $wp_version |
| 54 | + |
| 55 | + # allow any of these "Authentication Unique Keys and Salts." to be specified via |
| 56 | + # environment variables with a "WORDPRESS_" prefix (ie, "WORDPRESS_AUTH_KEY") |
| 57 | + uniqueEnvs=( |
| 58 | + AUTH_KEY |
| 59 | + SECURE_AUTH_KEY |
| 60 | + LOGGED_IN_KEY |
| 61 | + NONCE_KEY |
| 62 | + AUTH_SALT |
| 63 | + SECURE_AUTH_SALT |
| 64 | + LOGGED_IN_SALT |
| 65 | + NONCE_SALT |
| 66 | + ) |
| 67 | + envs=( |
| 68 | + WORDPRESS_DB_HOST |
| 69 | + WORDPRESS_DB_USER |
| 70 | + WORDPRESS_DB_PASSWORD |
| 71 | + WORDPRESS_DB_NAME |
| 72 | + "${uniqueEnvs[@]/#/WORDPRESS_}" |
| 73 | + WORDPRESS_TABLE_PREFIX |
| 74 | + WORDPRESS_DEBUG |
| 75 | + ) |
| 76 | + haveConfig= |
| 77 | + for e in "${envs[@]}"; do |
| 78 | + file_env "$e" |
| 79 | + if [ -z "$haveConfig" ] && [ -n "${!e}" ]; then |
| 80 | + haveConfig=1 |
| 81 | + fi |
| 82 | + done |
| 83 | + |
| 84 | + # linking backwards-compatibility |
| 85 | + if [ -n "${!MYSQL_ENV_MYSQL_*}" ]; then |
| 86 | + haveConfig=1 |
| 87 | + # host defaults to "mysql" below if unspecified |
| 88 | + : "${WORDPRESS_DB_USER:=${MYSQL_ENV_MYSQL_USER:-root}}" |
| 89 | + if [ "$WORDPRESS_DB_USER" = 'root' ]; then |
| 90 | + : "${WORDPRESS_DB_PASSWORD:=${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}" |
| 91 | + else |
| 92 | + : "${WORDPRESS_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-}}" |
| 93 | + fi |
| 94 | + : "${WORDPRESS_DB_NAME:=${MYSQL_ENV_MYSQL_DATABASE:-}}" |
| 95 | + fi |
| 96 | + |
| 97 | + # only touch "wp-config.php" if we have environment-supplied configuration values |
| 98 | + if [ "$haveConfig" ]; then |
| 99 | + : "${WORDPRESS_DB_HOST:=mysql}" |
| 100 | + : "${WORDPRESS_DB_USER:=root}" |
| 101 | + : "${WORDPRESS_DB_PASSWORD:=}" |
| 102 | + : "${WORDPRESS_DB_NAME:=wordpress}" |
| 103 | + |
| 104 | + # version 4.4.1 decided to switch to windows line endings, that breaks our seds and awks |
| 105 | + # https://github.com/docker-library/wordpress/issues/116 |
| 106 | + # https://github.com/WordPress/WordPress/commit/1acedc542fba2482bab88ec70d4bea4b997a92e4 |
| 107 | + sed -ri -e 's/\r$//' wp-config* |
| 108 | + |
| 109 | + if [ ! -e wp-config.php ]; then |
| 110 | + awk '/^\/\*.*stop editing.*\*\/$/ && c == 0 { c = 1; system("cat") } { print }' wp-config-sample.php > wp-config.php <<'EOPHP' |
| 111 | +// If we're behind a proxy server and using HTTPS, we need to alert Wordpress of that fact |
| 112 | +// see also http://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy |
| 113 | +if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { |
| 114 | + $_SERVER['HTTPS'] = 'on'; |
| 115 | +} |
| 116 | +
|
| 117 | +EOPHP |
| 118 | + chown www-data:www-data wp-config.php |
| 119 | + fi |
| 120 | + |
| 121 | + # see http://stackoverflow.com/a/2705678/433558 |
| 122 | + sed_escape_lhs() { |
| 123 | + echo "$@" | sed -e 's/[]\/$*.^|[]/\\&/g' |
| 124 | + } |
| 125 | + sed_escape_rhs() { |
| 126 | + echo "$@" | sed -e 's/[\/&]/\\&/g' |
| 127 | + } |
| 128 | + php_escape() { |
| 129 | + local escaped="$(php -r 'var_export(('"$2"') $argv[1]);' -- "$1")" |
| 130 | + if [ "$2" = 'string' ] && [ "${escaped:0:1}" = "'" ]; then |
| 131 | + escaped="${escaped//$'\n'/"' + \"\\n\" + '"}" |
| 132 | + fi |
| 133 | + echo "$escaped" |
| 134 | + } |
| 135 | + set_config() { |
| 136 | + key="$1" |
| 137 | + value="$2" |
| 138 | + var_type="${3:-string}" |
| 139 | + start="(['\"])$(sed_escape_lhs "$key")\2\s*," |
| 140 | + end="\);" |
| 141 | + if [ "${key:0:1}" = '$' ]; then |
| 142 | + start="^(\s*)$(sed_escape_lhs "$key")\s*=" |
| 143 | + end=";" |
| 144 | + fi |
| 145 | + sed -ri -e "s/($start\s*).*($end)$/\1$(sed_escape_rhs "$(php_escape "$value" "$var_type")")\3/" wp-config.php |
| 146 | + } |
| 147 | + |
| 148 | + set_config 'DB_HOST' "$WORDPRESS_DB_HOST" |
| 149 | + set_config 'DB_USER' "$WORDPRESS_DB_USER" |
| 150 | + set_config 'DB_PASSWORD' "$WORDPRESS_DB_PASSWORD" |
| 151 | + set_config 'DB_NAME' "$WORDPRESS_DB_NAME" |
| 152 | + |
| 153 | + for unique in "${uniqueEnvs[@]}"; do |
| 154 | + uniqVar="WORDPRESS_$unique" |
| 155 | + if [ -n "${!uniqVar}" ]; then |
| 156 | + set_config "$unique" "${!uniqVar}" |
| 157 | + else |
| 158 | + # if not specified, let's generate a random value |
| 159 | + currentVal="$(sed -rn -e "s/define\((([\'\"])$unique\2\s*,\s*)(['\"])(.*)\3\);/\4/p" wp-config.php)" |
| 160 | + if [ "$currentVal" = 'put your unique phrase here' ]; then |
| 161 | + set_config "$unique" "$(head -c1m /dev/urandom | sha1sum | cut -d' ' -f1)" |
| 162 | + fi |
| 163 | + fi |
| 164 | + done |
| 165 | + |
| 166 | + if [ "$WORDPRESS_TABLE_PREFIX" ]; then |
| 167 | + set_config '$table_prefix' "$WORDPRESS_TABLE_PREFIX" |
| 168 | + fi |
| 169 | + |
| 170 | + if [ "$WORDPRESS_DEBUG" ]; then |
| 171 | + set_config 'WP_DEBUG' 1 boolean |
| 172 | + fi |
| 173 | + |
| 174 | + TERM=dumb php -- <<'EOPHP' |
| 175 | +<?php |
| 176 | +// database might not exist, so let's try creating it (just to be safe) |
| 177 | +
|
| 178 | +$stderr = fopen('php://stderr', 'w'); |
| 179 | +
|
| 180 | +// https://codex.wordpress.org/Editing_wp-config.php#MySQL_Alternate_Port |
| 181 | +// "hostname:port" |
| 182 | +// https://codex.wordpress.org/Editing_wp-config.php#MySQL_Sockets_or_Pipes |
| 183 | +// "hostname:unix-socket-path" |
| 184 | +list($host, $socket) = explode(':', getenv('WORDPRESS_DB_HOST'), 2); |
| 185 | +$port = 0; |
| 186 | +if (is_numeric($socket)) { |
| 187 | + $port = (int) $socket; |
| 188 | + $socket = null; |
| 189 | +} |
| 190 | +$user = getenv('WORDPRESS_DB_USER'); |
| 191 | +$pass = getenv('WORDPRESS_DB_PASSWORD'); |
| 192 | +$dbName = getenv('WORDPRESS_DB_NAME'); |
| 193 | +
|
| 194 | +$maxTries = 10; |
| 195 | +do { |
| 196 | + $mysql = new mysqli($host, $user, $pass, '', $port, $socket); |
| 197 | + if ($mysql->connect_error) { |
| 198 | + fwrite($stderr, "\n" . 'MySQL Connection Error: (' . $mysql->connect_errno . ') ' . $mysql->connect_error . "\n"); |
| 199 | + --$maxTries; |
| 200 | + if ($maxTries <= 0) { |
| 201 | + exit(1); |
| 202 | + } |
| 203 | + sleep(3); |
| 204 | + } |
| 205 | +} while ($mysql->connect_error); |
| 206 | +
|
| 207 | +if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_string($dbName) . '`')) { |
| 208 | + fwrite($stderr, "\n" . 'MySQL "CREATE DATABASE" Error: ' . $mysql->error . "\n"); |
| 209 | + $mysql->close(); |
| 210 | + exit(1); |
| 211 | +} |
| 212 | +
|
| 213 | +$mysql->close(); |
| 214 | +EOPHP |
| 215 | + fi |
| 216 | + |
| 217 | + # now that we're definitely done writing configuration, let's clear out the relevant envrionment variables (so that stray "phpinfo()" calls don't leak secrets from our code) |
| 218 | + for e in "${envs[@]}"; do |
| 219 | + unset "$e" |
| 220 | + done |
| 221 | +fi |
| 222 | + |
| 223 | +exec "$@" |
0 commit comments