Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
cloudron
/
wordpress-app-alt2
2
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Мод: 620cbbad1d
Салаанууд Тагууд
wordpress-app-a...
/
start.sh

start.sh 6.3 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162 
  1. #!/bin/bash
    2. 

  2. 

  3. set -eu
    4. 

  4. 

  5. readonly WP="/app/code/wp --allow-root"
    6. 

  6. 

  7. # Detect the wordpress prefix from existing database. This is a bit of a hack because some wordpress plugins
    8. 

  8. # seem to leave the old wp_ tables behind.
    9. 

  9. table_prefix=$(mysql --user=${MYSQL_USERNAME} --password=${MYSQL_PASSWORD} --host=${MYSQL_HOST} ${MYSQL_DATABASE} -e 'SHOW TABLES' --batch 2>/dev/null | sed -n 's/\(.*_\)usermeta/\1/p' | grep -v ^wp_ | head -n1)
    10. 

  10. [[ -n "${table_prefix}" ]] || table_prefix="wp_"
    11. 

  11. echo "Using table prefix ${table_prefix}"
    12. 

  12. 

  13. # Settings to be updated on every run. Regenerating salts means users have to relogin
    14. 

  14. sed -e "s/##MYSQL_DATABASE/${MYSQL_DATABASE}/" \
    15. 

  15.     -e "s/##MYSQL_USERNAME/${MYSQL_USERNAME}/" \
    16. 

  16.     -e "s/##MYSQL_PASSWORD/${MYSQL_PASSWORD}/" \
    17. 

  17.     -e "s/##MYSQL_HOST/${MYSQL_HOST}:${MYSQL_PORT}/" \
    18. 

  18.     -e "s,##APP_ORIGIN,${APP_ORIGIN}," \
    19. 

  19.     -e "s/##AUTH_KEY/$(pwgen -1cns 64)/" \
    20. 

  20.     -e "s/##SECURE_AUTH_KEY/$(pwgen -1cns 64)/" \
    21. 

  21.     -e "s/##LOGGED_IN_KEY/$(pwgen -1cns 64)/" \
    22. 

  22.     -e "s/##NONCE_KEY/$(pwgen -1cns 64)/" \
    23. 

  23.     -e "s/##AUTH_SALT/$(pwgen -1cns 64)/" \
    24. 

  24.     -e "s/##SECURE_AUTH_SALT/$(pwgen -1cns 64)/" \
    25. 

  25.     -e "s/##LOGGED_IN_SALT/$(pwgen -1cns 64)/" \
    26. 

  26.     -e "s/##NONCE_SALT/$(pwgen -1cns 64)/" \
    27. 

  27.     -e "s/##TABLE_PREFIX/${table_prefix}/" \
    28. 

  28.     /app/code/wp-config.php.template > /run/wordpress/wp-config.php # sed -i seems to destroy symlink
    29. 

  29. 

  30. # Used for wp rewrite
    31. 

  31. touch /app/data/htaccess
    32. 

  32. 

  33. if [[ ! -f "/app/data/.dbsetup" ]]; then
    34. 

  34.     echo "Copying wp-content files on first run"
    35. 

  35.     mkdir -p /app/data/wp-content/mu-plugins
    36. 

  36.     cp -r /app/code/wp-content-vanilla/* /app/data/wp-content/
    37. 

  37. 

  38.     if [[ -n "${LDAP_SERVER:-}" ]]; then
    39. 

  39.         admin_password=$(pwgen -1y 16)
    40. 

  40.         admin_email=${MAIL_FROM}
    41. 

  41.     else
    42. 

  42.         admin_password="changeme"
    43. 

  43.         admin_email=${MAIL_FROM}
    44. 

  44.     fi
    45. 

  45. 

  46.     echo "Admin password is ${admin_password} and email is ${admin_email}"
    47. 

  47. 

  48.     # --skip-email is part of 0.23.0 https://github.com/wp-cli/wp-cli/pull/2345 and https://github.com/wp-cli/wp-cli/issues/1164
    49. 

  49.     $WP --url="${APP_ORIGIN}" --skip-email core install \
    50. 

  50.         --url="${APP_ORIGIN}" \
    51. 

  51.         --title="My blog" \
    52. 

  52.         --admin_user=admin \
    53. 

  53.         --admin_password="${admin_password}" \
    54. 

  54.         --admin_email="${admin_email}"
    55. 

  55.     echo "WP is now installed"
    56. 

  56. 

  57.     # Set default post structure to what most people want
    58. 

  58.     # Curiously, installing some plugins prevents .htaccess getting written
    59. 

  59.     $WP rewrite structure --hard '/%postname%/'
    60. 

  60. 

  61.     touch "/app/data/.dbsetup"
    62. 

  62. else
    63. 

  63.     # Update wordpress
    64. 

  64.     echo "Updating wordpress database"
    65. 

  65.     $WP core update-db
    66. 

  66. fi
    67. 

  67. 

  68. # install and backup the plugins. mu plugins are a "flat" structure
    69. 

  69. # sadly mu-plugins can still be re-configured, just not uninstallable
    70. 

  70. # We have to do this on every run to get plugin updates
    71. 

  71. if [[ ! -f "/run/wordpress/plugins_unpacked" ]]; then
    72. 

  72.     echo "Unpacking plugins"
    73. 

  73. 

  74.     # clear the directory, otherwise unzip/mv have to be forced
    75. 

  75.     rm -rf /app/data/wp-content/mu-plugins/*
    76. 

  76. 

  77.     rm -f /app/data/wp-content/mu-plugins/disable-updates.php # remove the old plugin we used
    78. 

  78.     unzip -d /app/data/wp-content/mu-plugins/ /app/code/disable-wordpress-core-update.zip
    79. 

  79.     mv /app/data/wp-content/mu-plugins/disable-wordpress-core-update/* /app/data/wp-content/mu-plugins/
    80. 

  80.     rm -rf /app/data/wp-content/mu-plugins/disable-wordpress-core-update/
    81. 

  81. 

  82.     unzip -d /app/data/wp-content/mu-plugins/ /app/code/wp-mail-smtp.zip
    83. 

  83.     mv /app/data/wp-content/mu-plugins/wp-mail-smtp/* /app/data/wp-content/mu-plugins/
    84. 

  84.     rm -rf /app/data/wp-content/mu-plugins/wp-mail-smtp/
    85. 

  85. 

  86.     # only install ldap plugin with sso
    87. 

  87.     if [[ -n "${LDAP_SERVER:-}" ]]; then
    88. 

  88.         unzip -d /app/data/wp-content/mu-plugins/ /app/code/authLdap.zip
    89. 

  89.         mv /app/data/wp-content/mu-plugins/authLdap-*/* /app/data/wp-content/mu-plugins/
    90. 

  90.         rm -rf /app/data/wp-content/mu-plugins/authLdap-*/
    91. 

  91.     fi
    92. 

  92. 

  93.     touch /run/wordpress/plugins_unpacked
    94. 

  94. else
    95. 

  95.     echo "Plugins already unpacked from previous run" # restarts
    96. 

  96. fi
    97. 

  97. 

  98. echo "Updating domain related settings"
    99. 

  99. # Note that wp-config already sets WP_HOME and WP_SITEURL and the values in db below are ignored
    100. 

  100. # This is only done for keeping the db dumps more useful
    101. 

  101. $WP option update siteurl "${APP_ORIGIN}"
    102. 

  102. $WP option update home "${APP_ORIGIN}"
    103. 

  103. 

  104. # If the user has not changed the email, update it to reflect it any domain change
    105. 

  105. if [[ "$($WP option get admin_email)" == *.app@* ]]; then
    106. 

  106.     echo "Updating admin email since it was unchanged"
    107. 

  107.     $WP option update admin_email "${MAIL_FROM}"
    108. 

  108. fi
    109. 

  109. 

  110. # configure WP mail smtp plugin (smtp_user, smtp_pass can be set when supported)
    111. 

  111. echo "Configuring smtp mail"
    112. 

  112. $WP option update mailer smtp
    113. 

  113. $WP option update mail_from "${MAIL_FROM}"
    114. 

  114. $WP option update mail_from_name WordPress
    115. 

  115. $WP option update smtp_host ${MAIL_SMTP_SERVER}
    116. 

  116. $WP option update smtp_port ${MAIL_SMTP_PORT}
    117. 

  117. $WP option update smtp_auth true
    118. 

  118. $WP option update smtp_user ${MAIL_SMTP_USERNAME}
    119. 

  119. $WP option update smtp_pass "${MAIL_SMTP_PASSWORD}"
    120. 

  120. 

  121. if [[ -n "${LDAP_SERVER:-}" ]]; then
    122. 

  122.     # configure LDAP
    123. 

  123.     # https://github.com/heiglandreas/authLdap/blob/master/authLdap.php#L644
    124. 

  124. 

  125.     # GroupEnable means that cloudron groups are carried over to wp groups
    126. 

  126.     # GroupOverUser means that if there is an existing wp group for the user, it won't be overwritten
    127. 

  127.     # The above implies that users can override the roles in wordpress and it
    128. 

  128.     # doesn't get overwritten on re-login
    129. 

  129.     echo "Configuring LDAP"
    130. 

  130.     ldapConfig=$(cat <<EOF
    131. 

  131.     {
    132. 

  132.         "Enabled"       : true,
    133. 

  133.         "CachePW"       : false,
    134. 

  134.         "URI"           : "ldap://${LDAP_SERVER}:${LDAP_PORT}/${LDAP_USERS_BASE_DN}",
    135. 

  135.         "Filter"        : "(|(mail=%1\$s)(username=%1\$s))",
    136. 

  136.         "NameAttr"      : "givenName",
    137. 

  137.         "SecName"       : "sn",
    138. 

  138.         "UidAttr"       : "username",
    139. 

  139.         "MailAttr"      : "mail",
    140. 

  140.         "WebAttr"       : "",
    141. 

  141.         "Groups"        : { "administrator" : "cn=admins,${LDAP_GROUPS_BASE_DN}" },
    142. 

  142.         "GroupSeparator": ";",
    143. 

  143.         "Debug"         : false,
    144. 

  144.         "GroupAttr"     : "memberof",
    145. 

  145.         "GroupFilter"   : "(|(mail=%1\$s)(username=%1\$s))",
    146. 

  146.         "DefaultRole"   : "editor",
    147. 

  147.         "GroupEnable"   : true,
    148. 

  148.         "GroupOverUser" : false,
    149. 

  149.         "Version"       : 1
    150. 

  150.     }
    151. 

  151. EOF
    152. 

  152. )
    153. 

  153.     $WP --format=json option update authLDAPOptions "${ldapConfig}"
    154. 

  154. fi
    155. 

  155. 

  156. chown -R www-data:www-data /app/data /run/wordpress
    157. 

  157. 

  158. echo "Starting apache"
    159. 

  159. APACHE_CONFDIR="" source /etc/apache2/envvars
    160. 

  160. rm -f "${APACHE_PID_FILE}"
    161. 

  161. exec /usr/sbin/apache2 -DFOREGROUND
    162. 

  162.