install using template

Dockerfile

@@ -5,7 +5,7 @@ RUN mkdir -p /app/code
 WORKDIR /app/code
 RUN curl -L http://wordpress.org/wordpress-4.3.1.tar.gz | tar -xz --strip-components 1 -f -
 RUN mv /app/code/wp-content /app/code/wp-content-vanilla && ln -s /app/data/wp-content /app/code/wp-content
-
+ADD wp-config.php.template /app/code/wp-config.php.template
 ADD start.sh /app/code/start.sh
 
 RUN curl -o /app/code/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar 

start.sh

@@ -1,60 +1,52 @@
 #!/bin/bash
 
-set -eux
+set -eu
 
 readonly WP="/app/code/wp --allow-root"
 readonly admin_password=$(pwgen -1y 16)
 readonly admin_email=${MAIL_SMTP_USERNAME}@${MAIL_DOMAIN}
 echo "Admin password is ${admin_password} and email is ${admin_email}"
 
+# Settings to be updated on every run. Regenerating salts means users have to relogin
+sed -e "s/##MYSQL_DATABASE/${MYSQL_DATABASE}/" \
+    -e "s/##MYSQL_USERNAME/${MYSQL_USERNAME}/" \
+    -e "s/##MYSQL_PASSWORD/${MYSQL_PASSWORD}/" \
+    -e "s/##MYSQL_HOST/${MYSQL_HOST}:${MYSQL_PORT}/" \
+    -e "s,##APP_ORIGIN,${APP_ORIGIN}," \
+    -e "s/##AUTH_KEY/$(pwgen -1cns 64)/" \
+    -e "s/##SECURE_AUTH_KEY/$(pwgen -1cns 64)/" \
+    -e "s/##LOGGED_IN_KEY/$(pwgen -1cns 64)/" \
+    -e "s/##NONCE_KEY/$(pwgen -1cns 64)/" \
+    -e "s/##AUTH_SALT/$(pwgen -1cns 64)/" \
+    -e "s/##SECURE_AUTH_SALT/$(pwgen -1cns 64)/" \
+    -e "s/##LOGGED_IN_SALT/$(pwgen -1cns 64)/" \
+    -e "s/##NONCE_SALT/$(pwgen -1cns 64)/" \
+    /app/code/wp-config.php.template > /run/wordpress/wp-config.php # sed -i seems to destroy symlink
+
 if [[ -z "$(ls -A /app/data)" ]]; then
     echo "Copying wp-content files on first run"
     mkdir -p /app/data/wp-content/mu-plugins
     cp -r /app/code/wp-content-vanilla/* /app/data/wp-content/
 
-    # this also generates the salt in wp-config.php which must be backed up
-    $WP core config --dbname="${MYSQL_DATABASE}" --dbuser="${MYSQL_USERNAME}" --dbpass="${MYSQL_PASSWORD}" --dbhost="${MYSQL_HOST}" --extra-php <<EOF
-    // prevent user from changing the Settings->General, WordPress and Blog address values.
-    define('WP_HOME',    'https://$(hostname -f)');
-    define('WP_SITEURL', 'https://$(hostname -f)');
-
-    /*
-     http://cmanios.wordpress.com/2014/04/12/nginx-https-reverse-proxy-to-wordpress-with-apache-http-and-different-port/
-     http://wordpress.org/support/topic/compatibility-with-wordpress-behind-a-reverse-proxy
-     https://wordpress.org/support/topic/wp_home-and-wp_siteurl
-     */
-    // If WordPress is behind reverse proxy which proxies https to http
-    if (!empty(\$_SERVER['HTTP_X_FORWARDED_FOR'])) {
-        \$_SERVER['HTTP_HOST'] = \$_SERVER['HTTP_X_FORWARDED_HOST'];
-
-        if (\$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
-            \$_SERVER['HTTPS']='on';
-    }
-EOF
-
-    $WP --url="https://$(hostname -f)" core install \
-        --url="https://$(hostname -f)" \
+    # create db tables
+    $WP --url="${APP_ORIGIN}" core install \
+        --url="${APP_ORIGIN}" \
         --title="My blog" \
         --admin_user=admin \
         --admin_password="${admin_password}" \
         --admin_email="${admin_email}"
 
+    # install and backup the plugins
     $WP plugin install --activate --force /app/code/disable-wordpress-updates.zip
     mv /app/data/wp-content/plugins/disable-wordpress-updates /app/data/wp-content/mu-plugins/
 
     $WP plugin install --activate --force /app/code/wp-mail-smtp.zip
     mv /app/data/wp-content/plugins/wp-mail-smtp /app/data/wp-content/mu-plugins/
+else
+    # Update wordpress
+    $WP core update-db
 fi
 
-# Settings to be updated on every run
-sed -e "s/define('DB_NAME',.*/define('DB_NAME', '${MYSQL_DATABASE}');/" \
-    -e "s/define('DB_USER',.*/define('DB_USER', '${MYSQL_USERNAME}');/" \
-    -e "s/define('DB_PASSWORD',.*/define('DB_PASSWORD', '${MYSQL_PASSWORD}');/" \
-    -e "s/define('DB_HOST',.*/define('DB_HOST', '${MYSQL_HOST}');/" \
-    -e "s|define('WP_HOME',.*|define('WP_HOME', 'https://$(hostname -f)');|" \
-    -e "s|define('WP_SITEURL',.*|define('WP_SITEURL', 'https://$(hostname -f)');|" \
-    -i /run/wordpress/wp-config.php # sed -i seems to destroy symlink
-
 # reset the admin password
 $WP user update $($WP user get admin --field=ID) --user_pass="${admin_password}"
 $WP user update $($WP user get admin --field=ID) --user_email="${admin_email}"

wp-config.php.template

@@ -0,0 +1,59 @@
+<?php
+
+
+// ** MySQL settings ** //
+/** The name of the database for WordPress */
+define('DB_NAME', '##MYSQL_DATABASE');
+
+/** MySQL database username */
+define('DB_USER', '##MYSQL_USERNAME');
+
+/** MySQL database password */
+define('DB_PASSWORD', '##MYSQL_PASSWORD');
+
+/** MySQL hostname */
+define('DB_HOST', '##MYSQL_HOST');
+
+/** Database Charset to use in creating database tables. */
+define('DB_CHARSET', 'utf8');
+
+/** The Database Collate type. Don't change this if in doubt. */
+define('DB_COLLATE', '');
+
+define('AUTH_KEY',         '##AUTH_KEY');
+define('SECURE_AUTH_KEY',  '##SECURE_AUTH_KEY');
+define('LOGGED_IN_KEY',    '##LOGGED_IN_KEY');
+define('NONCE_KEY',        '##NONCE_KEY');
+define('AUTH_SALT',        '##AUTH_SALT');
+define('SECURE_AUTH_SALT', '##SECURE_AUTH_SALT');
+define('LOGGED_IN_SALT',   '##LOGGED_IN_SALT');
+define('NONCE_SALT',       '##NONCE_SALT');
+
+$table_prefix = 'wp_';
+
+// prevent user from changing the Settings->General, WordPress and Blog address values.
+define('WP_HOME', '##APP_ORIGIN');
+define('WP_SITEURL', '##APP_ORIGIN');
+
+/*
+ http://cmanios.wordpress.com/2014/04/12/nginx-https-reverse-proxy-to-wordpress-with-apache-http-and-different-port/
+ http://wordpress.org/support/topic/compatibility-with-wordpress-behind-a-reverse-proxy
+ https://wordpress.org/support/topic/wp_home-and-wp_siteurl
+ */
+// If WordPress is behind reverse proxy which proxies https to http
+if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+    $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
+
+    if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+        $_SERVER['HTTPS']='on';
+}
+
+/* That's all, stop editing! Happy blogging. */
+
+/** Absolute path to the WordPress directory. */
+if ( !defined('ABSPATH') )
+    define('ABSPATH', dirname(__FILE__) . '/');
+
+/** Sets up WordPress vars and included files. */
+require_once(ABSPATH . 'wp-settings.php');
+