public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

6.0.0-debian-11-r0 release

This commit is contained in:
Bitnami Bot 2022-06-14 16:36:43 +00:00 committed by Bitnami Containers
parent df7586f146
commit ec404eaa85
81 changed files with 6996 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
bitnami/wordpress-intel/6/debian-11/Dockerfile Normal file
View File

@ -0,0 +1,42 @@
FROM docker.io/bitnami/minideb:bullseye
LABEL maintainer "Bitnami <containers@bitnami.com>"
ENV HOME="/" \
OS_ARCH="amd64" \
OS_FLAVOUR="debian-11" \
OS_NAME="linux"
COPY prebuildfs /
# Install required system packages and dependencies
RUN install_packages acl ca-certificates curl gzip less libaudit1 libbrotli1 libbsd0 libbz2-1.0 libc6 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libgeoip1 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 procps tar zlib1g
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "render-template" "1.0.3-150" --checksum 8b992a5ee513c5eaca52b19232b21a93588ddf4c4850be4d47c6f19b11d1d90a
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "qatengine" "0.6.12-150" --checksum 57098cc24a490e290afc0ebe3059f3b73a16bfeef1ee684ada940a9b63cd44e3
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "php" "8.0.20-150" --checksum 7229552a154bf535a1c3afadf927cf366c345627a244c7bfe1a013e334653bc8
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "wp-cli" "2.6.0-150" --checksum 1d47407703e824d0d6c17ea6720947f7d55dd7db657e997b0411259de1cdc688
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "nginx-intel" "0.4.7-150" --checksum 44de37f9129978dedc313743f7deb0c1bc537bf799be3cb149e3e9eeebf9a37a
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "mysql-client" "10.6.8-150" --checksum b47e1015fc1c9ce456f134ffd5b6ac6960c3f369c96fcd37319e9289b29a1047
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "wordpress" "6.0.0-151" --checksum 5d0c5512e905126b47e82ce856c23b9583160057a1b7bf5275253b6b58f872f4
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "gosu" "1.14.0-150" --checksum da4a2f759ccc57c100d795b71ab297f48b31c4dd7578d773d963bbd49c42bd7b
RUN apt-get update && apt-get upgrade -y && \
rm -r /var/lib/apt/lists /var/cache/apt/archives
RUN chmod g+rwX /opt/bitnami
COPY rootfs /
RUN /opt/bitnami/scripts/mysql-client/postunpack.sh
RUN /opt/bitnami/scripts/qatengine/postunpack.sh
RUN /opt/bitnami/scripts/nginx/postunpack.sh
RUN /opt/bitnami/scripts/php/postunpack.sh
RUN /opt/bitnami/scripts/nginx-php-fpm/postunpack.sh
RUN /opt/bitnami/scripts/wordpress/postunpack.sh
RUN /opt/bitnami/scripts/wp-cli/postunpack.sh
ENV APP_VERSION="6.0.0" \
BITNAMI_APP_NAME="wordpress-intel" \
NGINX_HTTPS_PORT_NUMBER="" \
NGINX_HTTP_PORT_NUMBER="" \
PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/wp-cli/bin:/opt/bitnami/nginx/sbin:/opt/bitnami/mysql/bin:$PATH"
EXPOSE 8080 8443
USER 1001
ENTRYPOINT [ "/opt/bitnami/scripts/wordpress/entrypoint.sh" ]
CMD [ "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]

32
bitnami/wordpress-intel/6/debian-11/docker-compose.yml Normal file
View File

@ -0,0 +1,32 @@
version: '2'
services:
mariadb:
image: docker.io/bitnami/mariadb:10.6
volumes:
- 'mariadb_data:/bitnami/mariadb'
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- MARIADB_USER=bn_wordpress
- MARIADB_DATABASE=bitnami_wordpress
wordpress:
image: docker.io/bitnami/wordpress-intel:6
ports:
- '80:8080'
- '443:8443'
volumes:
- 'wordpress_data:/bitnami/wordpress'
depends_on:
- mariadb
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- WORDPRESS_DATABASE_HOST=mariadb
- WORDPRESS_DATABASE_PORT_NUMBER=3306
- WORDPRESS_DATABASE_USER=bn_wordpress
- WORDPRESS_DATABASE_NAME=bitnami_wordpress
volumes:
mariadb_data:
driver: local
wordpress_data:
driver: local

58
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json Normal file
View File

@ -0,0 +1,58 @@
{
"gosu": {
"arch": "amd64",
"digest": "da4a2f759ccc57c100d795b71ab297f48b31c4dd7578d773d963bbd49c42bd7b",
"distro": "debian-11",
"type": "NAMI",
"version": "1.14.0-150"
},
"mysql-client": {
"arch": "amd64",
"digest": "b47e1015fc1c9ce456f134ffd5b6ac6960c3f369c96fcd37319e9289b29a1047",
"distro": "debian-11",
"type": "NAMI",
"version": "10.6.8-150"
},
"nginx-intel": {
"arch": "amd64",
"digest": "44de37f9129978dedc313743f7deb0c1bc537bf799be3cb149e3e9eeebf9a37a",
"distro": "debian-11",
"type": "NAMI",
"version": "0.4.7-150"
},
"php": {
"arch": "amd64",
"digest": "7229552a154bf535a1c3afadf927cf366c345627a244c7bfe1a013e334653bc8",
"distro": "debian-11",
"type": "NAMI",
"version": "8.0.20-150"
},
"qatengine": {
"arch": "amd64",
"digest": "57098cc24a490e290afc0ebe3059f3b73a16bfeef1ee684ada940a9b63cd44e3",
"distro": "debian-11",
"type": "NAMI",
"version": "0.6.12-150"
},
"render-template": {
"arch": "amd64",
"digest": "8b992a5ee513c5eaca52b19232b21a93588ddf4c4850be4d47c6f19b11d1d90a",
"distro": "debian-11",
"type": "NAMI",
"version": "1.0.3-150"
},
"wordpress": {
"arch": "amd64",
"digest": "5d0c5512e905126b47e82ce856c23b9583160057a1b7bf5275253b6b58f872f4",
"distro": "debian-11",
"type": "NAMI",
"version": "6.0.0-151"
},
"wp-cli": {
"arch": "amd64",
"digest": "1d47407703e824d0d6c17ea6720947f7d55dd7db657e997b0411259de1cdc688",
"distro": "debian-11",
"type": "NAMI",
"version": "2.6.0-150"
}
}

3
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt Normal file
View File

@ -0,0 +1,3 @@
Bitnami containers ship with software bundles. You can find the licenses under:
/opt/bitnami/nami/COPYING
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt

51
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh Normal file
View File

@ -0,0 +1,51 @@
#!/bin/bash
#
# Bitnami custom library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Constants
BOLD='\033[1m'
# Functions
########################
# Print the welcome page
# Globals:
# DISABLE_WELCOME_MESSAGE
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_welcome_page() {
if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$BITNAMI_APP_NAME" ]]; then
print_image_welcome_page
fi
fi
}
########################
# Print the welcome page for a Bitnami Docker image
# Globals:
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_image_welcome_page() {
local github_url="https://github.com/bitnami/bitnami-docker-${BITNAMI_APP_NAME}"
log ""
log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}"
log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}"
log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}"
log ""
}

65
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libcomponent.sh Normal file
View File

@ -0,0 +1,65 @@
#!/bin/bash
#
# Library for managing Bitnami components
# Constants
CACHE_ROOT="/tmp/bitnami/pkg/cache"
DOWNLOAD_URL="https://downloads.bitnami.com/files/stacksmith"
# Functions
########################
# Download and unpack a Bitnami package
# Globals:
# OS_NAME
# OS_ARCH
# OS_FLAVOUR
# Arguments:
# $1 - component's name
# $2 - component's version
# Returns:
# None
#########################
component_unpack() {
local name="${1:?name is required}"
local version="${2:?version is required}"
local base_name="${name}-${version}-${OS_NAME}-${OS_ARCH}-${OS_FLAVOUR}"
local package_sha256=""
local directory="/opt/bitnami"
# Validate arguments
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $base_name package"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz" ]; then
echo "${CACHE_ROOT}/${base_name}.tar.gz already exists, skipping download."
cp "${CACHE_ROOT}/${base_name}.tar.gz" .
rm "${CACHE_ROOT}/${base_name}.tar.gz"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz.sha256" ]; then
echo "Using the local sha256 from ${CACHE_ROOT}/${base_name}.tar.gz.sha256"
package_sha256="$(< "${CACHE_ROOT}/${base_name}.tar.gz.sha256")"
rm "${CACHE_ROOT}/${base_name}.tar.gz.sha256"
fi
else
curl --remote-name --silent --show-error --fail "${DOWNLOAD_URL}/${base_name}.tar.gz"
fi
if [ -n "$package_sha256" ]; then
echo "Verifying package integrity"
echo "$package_sha256 ${base_name}.tar.gz" | sha256sum --check - || return "$?"
fi
tar --directory "${directory}" --extract --gunzip --file "${base_name}.tar.gz" --no-same-owner --strip-components=2 || return "$?"
rm "${base_name}.tar.gz"
}

139
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh Normal file
View File

@ -0,0 +1,139 @@
#!/bin/bash
#
# Library for managing files
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libos.sh
# Functions
########################
# Replace a regex-matching string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# $4 - use POSIX regex. Default: true
# Returns:
# None
#########################
replace_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local posix_regex=${4:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
if [[ $posix_regex = true ]]; then
result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
else
result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Replace a regex-matching multiline string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# Returns:
# None
#########################
replace_in_file_multiline() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local result
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")"
echo "$result" > "$filename"
}
########################
# Remove a line in a file based on a regex
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - use POSIX regex. Default: true
# Returns:
# None
#########################
remove_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local posix_regex=${3:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
if [[ $posix_regex = true ]]; then
result="$(sed -E "/$match_regex/d" "$filename")"
else
result="$(sed "/$match_regex/d" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Appends text after the last line matching a pattern
# Arguments:
# $1 - file
# $2 - match regex
# $3 - contents to add
# Returns:
# None
#########################
append_file_after_last_match() {
local file="${1:?missing file}"
local match_regex="${2:?missing pattern}"
local value="${3:?missing value}"
# We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again
result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)"
echo "$result" > "$file"
}
########################
# Wait until certain entry is present in a log file
# Arguments:
# $1 - entry to look for
# $2 - log file
# $3 - max retries. Default: 12
# $4 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
wait_for_log_entry() {
local -r entry="${1:-missing entry}"
local -r log_file="${2:-missing log file}"
local -r retries="${3:-12}"
local -r interval_time="${4:-5}"
local attempt=0
check_log_file_for_entry() {
if ! grep -qE "$entry" "$log_file"; then
debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})"
return 1
fi
}
debug "Checking that ${log_file} log file contains entry \"${entry}\""
if retry_while check_log_file_for_entry "$retries" "$interval_time"; then
debug "Found entry \"${entry}\" in ${log_file}"
true
else
error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries"
debug_execute cat "$log_file"
return 1
fi
}

190
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh Normal file
View File

@ -0,0 +1,190 @@
#!/bin/bash
#
# Library for file system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
local group="${3:-}"
if [[ -n $group ]]; then
chown "$owner":"$group" "$path"
else
chown "$owner":"$owner" "$path"
fi
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner_user="${2:-}"
local owner_group="${3:-}"
mkdir -p "${dir}"
if [[ -n $owner_user ]]; then
owned_by "$dir" "$owner_user" "$owner_group"
fi
}
########################
# Checks whether a directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_dir_empty() {
local -r path="${1:?missing directory}"
# Calculate real path in order to avoid issues with symlinks
local -r dir="$(realpath "$path")"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Checks whether a mounted directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_mounted_dir_empty() {
local dir="${1:?missing directory}"
if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then
true
else
false
fi
}
########################
# Checks whether a file can be written to or not
# arguments:
# $1 - file
# returns:
# boolean
#########################
is_file_writable() {
local file="${1:?missing file}"
local dir
dir="$(dirname "$file")"
if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then
true
else
false
fi
}
########################
# Relativize a path
# arguments:
# $1 - path
# $2 - base
# returns:
# None
#########################
relativize() {
local -r path="${1:?missing path}"
local -r base="${2:?missing base}"
pushd "$base" >/dev/null || exit
realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||'
popd >/dev/null || exit
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f | --file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d | --dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u | --user)
shift
user="${1:?missing user}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<<"$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
if [[ -n $dir_mode ]]; then
find -L "$p" -type d -exec chmod "$dir_mode" {} \;
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f -exec chmod "$file_mode" {} \;
fi
if [[ -n $user ]] && [[ -n $group ]]; then
chown -LR "$user":"$group" "$p"
elif [[ -n $user ]] && [[ -z $group ]]; then
chown -LR "$user" "$p"
elif [[ -z $user ]] && [[ -n $group ]]; then
chgrp -LR "$group" "$p"
fi
else
stderr_print "$p does not exist"
fi
done
}

16
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh Normal file
View File

@ -0,0 +1,16 @@
#!/bin/bash
#
# Library to use for scripts expected to be used as Kubernetes lifecycle hooks
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
# Override functions that log to stdout/stderr of the current process, so they print to process 1
for function_to_override in stderr_print debug_execute; do
# Output is sent to output of process 1 and thus end up in the container log
# The hook output in general isn't saved
eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2"
done

112
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh Normal file
View File

@ -0,0 +1,112 @@
#!/bin/bash
#
# Library for logging functions
# Constants
RESET='\033[0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_QUIET:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
printf "%b\\n" "${*}" >&2
fi
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_DEBUG:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}
########################
# Indent a string
# Arguments:
# $1 - string
# $2 - number of indentation characters (default: 4)
# $3 - indentation character (default: " ")
# Returns:
# None
#########################
indent() {
local string="${1:-}"
local num="${2:?missing num}"
local char="${3:-" "}"
# Build the indentation unit string
local indent_unit=""
for ((i = 0; i < num; i++)); do
indent_unit="${indent_unit}${char}"
done
# shellcheck disable=SC2001
# Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions
echo "$string" | sed "s/^/${indent_unit}/"
}

163
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh Normal file
View File

@ -0,0 +1,163 @@
#!/bin/bash
#
# Library for network functions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Resolve IP address for a host/domain (i.e. DNS lookup)
# Arguments:
# $1 - Hostname to resolve
# $2 - IP address version (v4, v6), leave empty for resolving to any version
# Returns:
# IP
#########################
dns_lookup() {
local host="${1:?host is missing}"
local ip_version="${2:-}"
getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1
}
#########################
# Wait for a hostname and return the IP
# Arguments:
# $1 - hostname
# $2 - number of retries
# $3 - seconds to wait between retries
# Returns:
# - IP address that corresponds to the hostname
#########################
wait_for_dns_lookup() {
local hostname="${1:?hostname is missing}"
local retries="${2:-5}"
local seconds="${3:-1}"
check_host() {
if [[ $(dns_lookup "$hostname") == "" ]]; then
false
else
true
fi
}
# Wait for the host to be ready
retry_while "check_host ${hostname}" "$retries" "$seconds"
dns_lookup "$hostname"
}
########################
# Get machine's IP
# Arguments:
# None
# Returns:
# Machine IP
#########################
get_machine_ip() {
local -a ip_addresses
local hostname
hostname="$(hostname)"
read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)"
if [[ "${#ip_addresses[@]}" -gt 1 ]]; then
warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}"
elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then
error "Could not find any IP address associated to hostname ${hostname}"
exit 1
fi
echo "${ip_addresses[0]}"
}
########################
# Check if the provided argument is a resolved hostname
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}
########################
# Parse URL
# Globals:
# None
# Arguments:
# $1 - uri - String
# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String
# Returns:
# String
parse_uri() {
local uri="${1:?uri is missing}"
local component="${2:?component is missing}"
# Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with
# additional sub-expressions to split authority into userinfo, host and port
# Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969)
local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?'
# || | ||| | | | | | | | | |
# |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment
# 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #...
# | 4 authority
# 3 //...
local index=0
case "$component" in
scheme)
index=2
;;
authority)
index=4
;;
userinfo)
index=6
;;
host)
index=7
;;
port)
index=9
;;
path)
index=10
;;
query)
index=13
;;
fragment)
index=14
;;
*)
stderr_print "unrecognized component $component"
return 1
;;
esac
[[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}"
}
########################
# Wait for a HTTP connection to succeed
# Globals:
# *
# Arguments:
# $1 - URL to wait for
# $2 - Maximum amount of retries (optional)
# $3 - Time between retries (optional)
# Returns:
# true if the HTTP connection succeeded, false otherwise
#########################
wait_for_http_connection() {
local url="${1:?missing url}"
local retries="${2:-}"
local sleep_time="${3:-}"
if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then
error "Could not connect to ${url}"
return 1
fi
}

466
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh Normal file
View File

@ -0,0 +1,466 @@
#!/bin/bash
#
# Library for operating system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if an user exists in the system
# Arguments:
# $1 - user
# Returns:
# Boolean
#########################
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
########################
# Check if a group exists in the system
# Arguments:
# $1 - group
# Returns:
# Boolean
#########################
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
########################
# Create a group in the system if it does not exist already
# Arguments:
# $1 - group
# Flags:
# -i|--gid - the ID for the new group
# -s|--system - Whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_group_exists() {
local group="${1:?group is missing}"
local gid=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --gid)
shift
gid="${1:?missing gid}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! group_exists "$group"; then
local -a args=("$group")
if [[ -n "$gid" ]]; then
if group_exists "$gid"; then
error "The GID $gid is already in use." >&2
return 1
fi
args+=("--gid" "$gid")
fi
$is_system_user && args+=("--system")
groupadd "${args[@]}" >/dev/null 2>&1
fi
}
########################
# Create an user in the system if it does not exist already
# Arguments:
# $1 - user
# Flags:
# -i|--uid - the ID for the new user
# -g|--group - the group the new user should belong to
# -a|--append-groups - comma-separated list of supplemental groups to append to the new user
# -h|--home - the home directory for the new user
# -s|--system - whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_user_exists() {
local user="${1:?user is missing}"
local uid=""
local group=""
local append_groups=""
local home=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --uid)
shift
uid="${1:?missing uid}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
-a | --append-groups)
shift
append_groups="${1:?missing append_groups}"
;;
-h | --home)
shift
home="${1:?missing home directory}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! user_exists "$user"; then
local -a user_args=("-N" "$user")
if [[ -n "$uid" ]]; then
if user_exists "$uid"; then
error "The UID $uid is already in use."
return 1
fi
user_args+=("--uid" "$uid")
else
$is_system_user && user_args+=("--system")
fi
useradd "${user_args[@]}" >/dev/null 2>&1
fi
if [[ -n "$group" ]]; then
local -a group_args=("$group")
$is_system_user && group_args+=("--system")
ensure_group_exists "${group_args[@]}"
usermod -g "$group" "$user" >/dev/null 2>&1
fi
if [[ -n "$append_groups" ]]; then
local -a groups
read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")"
for group in "${groups[@]}"; do
ensure_group_exists "$group"
usermod -aG "$group" "$user" >/dev/null 2>&1
done
fi
if [[ -n "$home" ]]; then
mkdir -p "$home"
usermod -d "$home" "$user" >/dev/null 2>&1
configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
fi
}
########################
# Check if the script is currently running as root
# Arguments:
# $1 - user
# $2 - group
# Returns:
# Boolean
#########################
am_i_root() {
if [[ "$(id -u)" = "0" ]]; then
true
else
false
fi
}
########################
# Print OS metadata
# Arguments:
# $1 - Flag name
# Flags:
# --id - Distro ID
# --version - Distro version
# --branch - Distro branch
# --codename - Distro codename
# Returns:
# String
#########################
get_os_metadata() {
local -r flag_name="${1:?missing flag}"
# Helper function
get_os_release_metadata() {
local -r env_name="${1:?missing environment variable name}"
(
. /etc/os-release
echo "${!env_name}"
)
}
case "$flag_name" in
--id)
get_os_release_metadata ID
;;
--version)
get_os_release_metadata VERSION_ID
;;
--branch)
get_os_release_metadata VERSION_ID | sed 's/\..*//'
;;
--codename)
get_os_release_metadata VERSION_CODENAME
;;
*)
error "Unknown flag ${flag_name}"
return 1
;;
esac
}
########################
# Get total memory available
# Arguments:
# None
# Returns:
# Memory in bytes
#########################
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# None
# Flags:
# --memory - memory size (optional)
# Returns:
# Detected instance size
#########################
get_machine_size() {
local memory=""
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
--memory)
shift
memory="${1:?missing memory}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if [[ -z "$memory" ]]; then
debug "Memory was not specified, detecting available memory automatically"
memory="$(get_total_memory)"
fi
sanitized_memory=$(convert_to_mb "$memory")
if [[ "$sanitized_memory" -gt 26000 ]]; then
echo 2xlarge
elif [[ "$sanitized_memory" -gt 13000 ]]; then
echo xlarge
elif [[ "$sanitized_memory" -gt 6000 ]]; then
echo large
elif [[ "$sanitized_memory" -gt 3000 ]]; then
echo medium
elif [[ "$sanitized_memory" -gt 1500 ]]; then
echo small
else
echo micro
fi
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# $1 - memory size (optional)
# Returns:
# Detected instance size
#########################
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
########################
# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048)
# Globals:
# None
# Arguments:
# $1 - memory size
# Returns:
# Result of the conversion
#########################
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then
size="${BASH_REMATCH[1]}"
unit="${BASH_REMATCH[2]}"
if [[ "$unit" = "g" || "$unit" = "G" ]]; then
amount="$((size * 1024))"
else
amount="$size"
fi
fi
echo "$amount"
}
#########################
# Redirects output to /dev/null if debug mode is disabled
# Globals:
# BITNAMI_DEBUG
# Arguments:
# $@ - Command to execute
# Returns:
# None
#########################
debug_execute() {
if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
########################
# Retries a command a given number of times
# Arguments:
# $1 - cmd (as a string)
# $2 - max retries. Default: 12
# $3 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
retry_while() {
local cmd="${1:?cmd is missing}"
local retries="${2:-12}"
local sleep_time="${3:-5}"
local return_value=1
read -r -a command <<<"$cmd"
for ((i = 1; i <= retries; i += 1)); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
########################
# Generate a random string
# Arguments:
# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii
# -c|--count - Number of characters, defaults to 32
# Arguments:
# None
# Returns:
# None
# Returns:
# String
#########################
generate_random_string() {
local type="ascii"
local count="32"
local filter
local result
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
-t | --type)
shift
type="$1"
;;
-c | --count)
shift
count="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Validate type
case "$type" in
ascii)
filter="[:print:]"
;;
alphanumeric)
filter="a-zA-Z0-9"
;;
numeric)
filter="0-9"
;;
*)
echo "Invalid type ${type}" >&2
return 1
;;
esac
# Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size
# Note there is a very small chance of strings starting with EOL character
# Therefore, the higher amount of lines read, this will happen less frequently
result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")"
echo "$result"
}
########################
# Create md5 hash from a string
# Arguments:
# $1 - string
# Returns:
# md5 hash - string
#########################
generate_md5_hash() {
local -r str="${1:?missing input string}"
echo -n "$str" | md5sum | awk '{print $1}'
}
########################
# Create sha1 hash from a string
# Arguments:
# $1 - string
# $2 - algorithm - 1 (default), 224, 256, 384, 512
# Returns:
# sha1 hash - string
#########################
generate_sha_hash() {
local -r str="${1:?missing input string}"
local -r algorithm="${2:-1}"
echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}'
}
########################
# Converts a string to its hexadecimal representation
# Arguments:
# $1 - string
# Returns:
# hexadecimal representation of the string
#########################
convert_to_hex() {
local -r str=${1:?missing input string}
local -i iterator
local char
for ((iterator = 0; iterator < ${#str}; iterator++)); do
char=${str:iterator:1}
printf '%x' "'${char}"
done
}

122
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh Normal file
View File

@ -0,0 +1,122 @@
#!/bin/bash
#
# Bitnami persistence library
# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libversion.sh
# Functions
########################
# Persist an application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# $2 - List of app files to persist
# Returns:
# true if all steps succeeded, false otherwise
#########################
persist_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Persist the individual files
if [[ "${#files_to_persist[@]}" -le 0 ]]; then
warn "No files are configured to be persisted"
return
fi
pushd "$install_dir" >/dev/null || exit
local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder
local -r tmp_file="/tmp/perms.acl"
for file_to_persist in "${files_to_persist[@]}"; do
if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then
error "Cannot persist '${file_to_persist}' because it does not exist"
return 1
fi
file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")"
file_to_persist_destination="${persist_dir}/${file_to_persist_relative}"
file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")"
# Get original permissions for existing files, which will be applied later
# Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume
getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file"
# Copy directories to the volume
ensure_dir_exists "$file_to_persist_destination_folder"
cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder"
# Restore permissions
pushd "$persist_dir" >/dev/null || exit
if am_i_root; then
setfacl --restore="$tmp_file"
else
# When running as non-root, don't change ownership
setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file")
fi
popd >/dev/null || exit
done
popd >/dev/null || exit
rm -f "$tmp_file"
# Install the persisted files into the installation directory, via symlinks
restore_persisted_app "$@"
}
########################
# Restore a persisted application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# FORCE_MAJOR_UPGRADE
# Arguments:
# $1 - App folder name
# $2 - List of app files to restore
# Returns:
# true if all steps succeeded, false otherwise
#########################
restore_persisted_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Restore the individual persisted files
if [[ "${#files_to_restore[@]}" -le 0 ]]; then
warn "No persisted files are configured to be restored"
return
fi
local file_to_restore_relative file_to_restore_origin file_to_restore_destination
for file_to_restore in "${files_to_restore[@]}"; do
file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")"
# We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed
file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")"
file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")"
rm -rf "$file_to_restore_origin"
ln -sfn "$file_to_restore_destination" "$file_to_restore_origin"
done
}
########################
# Check if an application directory was already persisted
# Globals:
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# Returns:
# true if all steps succeeded, false otherwise
#########################
is_app_initialized() {
local -r app="${1:?missing app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
if ! is_mounted_dir_empty "$persist_dir"; then
true
else
false
fi
}

273
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh Normal file
View File

@ -0,0 +1,273 @@
#!/bin/bash
#
# Library for managing services
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Read the provided pid file and returns a PID
# Arguments:
# $1 - Pid file
# Returns:
# PID
#########################
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
########################
# Check if a provided PID corresponds to a running service
# Arguments:
# $1 - PID
# Returns:
# Boolean
#########################
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
########################
# Stop a service by sending a termination signal to its pid
# Arguments:
# $1 - Pid file
# $2 - Signal number (optional)
# Returns:
# None
#########################
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local signal="${2:-}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
if [[ -n "$signal" ]]; then
kill "-${signal}" "$pid"
else
kill "$pid"
fi
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}
########################
# Start cron daemon
# Arguments:
# None
# Returns:
# true if started correctly, false otherwise
#########################
cron_start() {
if [[ -x "/usr/sbin/cron" ]]; then
/usr/sbin/cron
elif [[ -x "/usr/sbin/crond" ]]; then
/usr/sbin/crond
else
false
fi
}
########################
# Generate a cron configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Command
# Flags:
# --run-as - User to run as (default: root)
# --schedule - Cron schedule configuration (default: * * * * *)
# Returns:
# None
#########################
generate_cron_conf() {
local service_name="${1:?service name is missing}"
local cmd="${2:?command is missing}"
local run_as="root"
local schedule="* * * * *"
local clean="true"
local clean="true"
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--run-as)
shift
run_as="$1"
;;
--schedule)
shift
schedule="$1"
;;
--no-clean)
clean="false"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p /etc/cron.d
if "$clean"; then
echo "${schedule} ${run_as} ${cmd}" > /etc/cron.d/"$service_name"
else
echo "${schedule} ${run_as} ${cmd}" >> /etc/cron.d/"$service_name"
fi
}
########################
# Remove a cron configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_cron_conf() {
local service_name="${1:?service name is missing}"
local cron_conf_dir="/etc/monit/conf.d"
rm -f "${cron_conf_dir}/${service_name}"
}
########################
# Generate a monit configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Pid file
# $3 - Start command
# $4 - Stop command
# Flags:
# --disable - Whether to disable the monit configuration
# Returns:
# None
#########################
generate_monit_conf() {
local service_name="${1:?service name is missing}"
local pid_file="${2:?pid file is missing}"
local start_command="${3:?start command is missing}"
local stop_command="${4:?stop command is missing}"
local monit_conf_dir="/etc/monit/conf.d"
local disabled="no"
# Parse optional CLI flags
shift 4
while [[ "$#" -gt 0 ]]; do
case "$1" in
--disable)
disabled="yes"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
is_boolean_yes "$disabled" && conf_suffix=".disabled"
mkdir -p "$monit_conf_dir"
cat >"${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <<EOF
check process ${service_name}
with pidfile "${pid_file}"
start program = "${start_command}" with timeout 90 seconds
stop program = "${stop_command}" with timeout 90 seconds
EOF
}
########################
# Remove a monit configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_monit_conf() {
local service_name="${1:?service name is missing}"
local monit_conf_dir="/etc/monit/conf.d"
rm -f "${monit_conf_dir}/${service_name}.conf"
}
########################
# Generate a logrotate configuration file
# Arguments:
# $1 - Service name
# $2 - Log files pattern
# Flags:
# --period - Period
# --rotations - Number of rotations to store
# --extra - Extra options (Optional)
# Returns:
# None
#########################
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
local period="weekly"
local rotations="150"
local extra=""
local logrotate_conf_dir="/etc/logrotate.d"
local var_name
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--period|--rotations|--extra)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "$var_name"="${1:?"$var_name" is missing}"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p "$logrotate_conf_dir"
cat <<EOF | sed '/^\s*$/d' >"${logrotate_conf_dir}/${service_name}"
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
$(indent "$extra" 2)
}
EOF
}
########################
# Remove a logrotate configuration file
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_logrotate_conf() {
local service_name="${1:?service name is missing}"
local logrotate_conf_dir="/etc/logrotate.d"
rm -f "${logrotate_conf_dir}/${service_name}"
}

264
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libvalidations.sh Normal file
View File

@ -0,0 +1,264 @@
#!/bin/bash
#
# Validation functions library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Check if the provided argument is an integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a positive integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean or is the string 'yes/true'
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean yes/no value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean true/false value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean 1/0 value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_1_0_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^[10]$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is an empty string or not defined
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
########################
# Validate if the provided argument is a valid port
# Arguments:
# $1 - Port to validate
# Returns:
# Boolean and error message
#########################
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
return 3
fi
fi
}
########################
# Validate if the provided argument is a valid IPv4 address
# Arguments:
# $1 - IP to validate
# Returns:
# Boolean
#########################
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
########################
# Validate a string format
# Arguments:
# $1 - String to validate
# Returns:
# Boolean
#########################
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
return 1
fi
}

49
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh Normal file
View File

@ -0,0 +1,49 @@
#!/bin/bash
#
# Library for managing versions strings
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Gets semantic version
# Arguments:
# $1 - version: string to extract major.minor.patch
# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch
# Returns:
# array with the major, minor and release
#########################
get_sematic_version () {
local version="${1:?version is required}"
local section="${2:?section is required}"
local -a version_sections
#Regex to parse versions: x.y.z
local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?'
if [[ "$version" =~ $regex ]]; then
local i=1
local j=1
local n=${#BASH_REMATCH[*]}
while [[ $i -lt $n ]]; do
if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then
version_sections[$j]=${BASH_REMATCH[$i]}
((j++))
fi
((i++))
done
local number_regex='^[0-9]+$'
if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then
echo "${version_sections[$section]}"
return
else
stderr_print "Section allowed values are: 1, 2, and 3"
return 1
fi
fi
}

458
bitnami/wordpress-intel/6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh Normal file
View File

@ -0,0 +1,458 @@
#!/bin/bash
#
# Bitnami web server handler library
# shellcheck disable=SC1090,SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
########################
# Execute a command (or list of commands) with the web server environment and library loaded
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_execute() {
local -r web_server="${1:?missing web server}"
shift
# Run program in sub-shell to avoid web server environment getting loaded when not necessary
(
. "/opt/bitnami/scripts/lib${web_server}.sh"
. "/opt/bitnami/scripts/${web_server}-env.sh"
"$@"
)
}
########################
# Prints the list of enabled web servers
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_list() {
local -r -a supported_web_servers=(apache nginx)
local -a existing_web_servers=()
for web_server in "${supported_web_servers[@]}"; do
[[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server")
done
echo "${existing_web_servers[@]:-}"
}
########################
# Prints the currently-enabled web server type (only one, in order of preference)
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_type() {
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
echo "${web_servers[0]:-}"
}
########################
# Validate that a supported web server is configured
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_validate() {
local error_code=0
local supported_web_servers=("apache" "nginx")
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then
print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}"
elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then
print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable."
fi
return "$error_code"
}
########################
# Check whether the web server is running
# Globals:
# *
# Arguments:
# None
# Returns:
# true if the web server is running, false otherwise
#########################
is_web_server_running() {
"is_$(web_server_type)_running"
}
########################
# Start web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_start() {
info "Starting $(web_server_type) in background"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh"
}
########################
# Stop web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_stop() {
info "Stopping $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh"
}
########################
# Restart web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_restart() {
info "Restarting $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh"
}
########################
# Reload web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_reload() {
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh"
}
########################
# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on which configuration template to use
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render server configurations with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --document-root - Path to document root directory
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default)
# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default)
# --apache-before-vhost-configuration - Configuration to add before the <VirtualHost> directive (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined)
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-proxy-address - Address where to proxy requests
# --apache-proxy-configuration - Extra configuration for the proxy
# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost
# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined)
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# --nginx-external-configuration - Configuration external to server block (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_app_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--disable \
| --disable-http \
| --disable-https \
)
apache_args+=("$1")
nginx_args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --type \
| --allow-remote-connections \
| --http-port \
| --https-port \
| --document-root \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-additional-http-configuration \
| --apache-additional-https-configuration \
| --apache-before-vhost-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-proxy-address \
| --apache-proxy-configuration \
| --apache-proxy-http-configuration \
| --apache-proxy-https-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "${2:?missing value}")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration \
| --nginx-external-configuration)
nginx_args+=("${1//nginx-/}" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_web_server_app_configuration_not_exists() {
local app="${1:?missing app}"
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app"
done
}
########################
# Ensure the web server loads the configuration for an application in a URL prefix
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --document-root - Path to document root directory
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --type - Application type, which has an effect on what configuration template will be used
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no')
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_prefix_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--allow-remote-connections \
| --document-root \
| --prefix \
| --type \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "$2")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration)
nginx_args+=("${1//nginx-/}" "$2")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
web_server_update_app_configuration() {
local app="${1:?missing app}"
shift
local -a args web_servers
args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --http-port \
| --https-port \
)
args+=("$1" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}"
done
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_enable_loading_page() {
ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \
--apache-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
RedirectMatch 503 ^/$
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
ErrorDocument 404 /index.html
ErrorDocument 503 /index.html" \
--nginx-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
location / {
return 503;
}
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
error_page 404 @installing;
error_page 503 @installing;
location @installing {
rewrite ^(.*)$ /index.html break;
}"
web_server_reload
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_disable_install_page() {
ensure_web_server_app_configuration_not_exists "__loading"
web_server_reload
}

24
bitnami/wordpress-intel/6/debian-11/prebuildfs/usr/sbin/install_packages Executable file
View File

@ -0,0 +1,24 @@
#!/bin/sh
set -e
set -u
export DEBIAN_FRONTEND=noninteractive
n=0
max=2
until [ $n -gt $max ]; do
set +e
(
apt-get update -qq &&
apt-get install -y --no-install-recommends "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $n -eq $max ]; then
exit $CODE
fi
echo "apt failed, retrying"
n=$(($n + 1))
done
rm -r /var/lib/apt/lists /var/cache/apt/archives

17
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/certs/server.crt Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICqDCCAZACCQCz8T3726LYsjANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtl
eGFtcGxlLmNvbTAeFw0xMjExMTQxMTE4MjdaFw0yMjExMTIxMTE4MjdaMBYxFDAS
BgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2SixwPL5c8glneI
Rz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC+Cup0k+Kd4NM
eZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICzdtRa3MXqTmEF
foyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg7Gj95zCH73BQ
ANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0uOSTNRcXY6rw
s+PxGneec/kRPRgzjC/QHY6n8QIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBbyMqF
RDsX8zX1EW5qA8AQ8Jb2XqWrVeSO8blMV3WagJ2airMm3+c/82FCwsd/cZ08UXhA
/Kou0gi/F16tV26PiiUdp590Qao3d8H2qxc1rzzULimZPgxH4iA4vRyMHtyZN6h4
7Fdn7O9xNMPu8siOz8rrzsEdEX5URbOMkDLCZsbTIUWVv2XmqrR0K10d5VuLWeLi
r+4G6c6jpa244WmqT9ClqceJ12G1Wnmezy7ybiW0l5M2iuIKFEiRP5Hj0J15o1I2
pXAbKysAdWRHsJSQOtcgO8Vh9k0wo3tKg4HDp1hbrEzoGzOv92Vjg3lG8X+hzbMJ
MQURotHkD4Gk57wL
-----END CERTIFICATE-----

27
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/certs/server.key Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2Si
xwPL5c8glneIRz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC
+Cup0k+Kd4NMeZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICz
dtRa3MXqTmEFfoyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg
7Gj95zCH73BQANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0
uOSTNRcXY6rws+PxGneec/kRPRgzjC/QHY6n8QIDAQABAoIBACo3G131tuGtpFTu
xLW11vdYZXQklNlGuWp63IBI162yVv54B5wF9Ek6tH1uIiNaiREcRBxGVEB4/+3V
R4SbN9Ba98RDbgu7TcipdTFaqOEMqFO1bNjSXWtip14zSBmqA2Ur1AHOnFj0awGD
J8tBhsmOpcEz0Ch1VdO5ApPvLV8jH9wQiMI/Q6yYQMtmzTMCUMYdMqe+LOziIOzL
oqN/WXnKL5E5TiO1bIxSpWPbT+IVn1c3/PShmvmRrLWsFUQlkwXJKMYZPO+rCCfe
b+Q9lMLMnj+vOnM3z16WC3aiiJGCZjVTvQ+x22YrBTRPxZmHO2eZ4H/cUQM7Y/tw
I7RjEM0CgYEA9Kxt1t8bWonzBii3P0rwyx0IECvg63k+pp4BpxpeWQKL7NVdSzk3
AyJVcNjUoZgi2kVPdxzZGLrnZfuZ691xQB3oZF0LwBzQ4GFHkTRCB0s8ZA5lcJaI
9pBu91bhz2VOZSTeQWpdMMURjXVyTXZInU1mwzmjVOIAYmO33shH9gcCgYEA72mX
UoIrFPLkOTSZOb7UbjYH01vf6ThQiYCEWg7mD3CbY7n9oobIcQMzNnt7xN4wOl/V
eKfZ7G56q8enfqm45Dyo9aCBCENVzmwO8wLe5UnvJBNL20KjvtwG8w5A6UZQzC7p
3QS+U2zxVQNEeaE6a8Wrq2d1PlhVAHYw8odgNEcCgYBN38+58xrmrz99d1oTuAt5
6kyVsRGOgPGS4HmQMRFUbT4R7DscZSKASd4945WRtTVqmWLYe4MRnvNlfzYXX0zb
ZmmAAClsRP+qWuwHaEWXwrd+9SIOOqtvJrta1/lZJFpWUOy4j10H18Flb7sosnwc
LPWHL4Iv0xriNfDg5Iga4wKBgQDLJBU59SkJBW+Q+oho7vrg6QeK15IOGbJ8eYfT
woCC6VFwNQh5N1QsUELMH8rNKJpTba18SzAl5ThBOY9tciVnw/C5Og9CK6BLHnUw
zWbDtxAq1BSxXsIB2EAtTBLX3MoB9myJFNVJhE7hi3w2mA8yEu+u6IIa/Ghjk+XE
ZAnFUQKBgQDjMinRZrK5wA09jcetI+dNiLnKHoQG6OaXDDsNCatex0O2F36BvVXE
P78qDz/i5aBMWsLx6VDvWJAkBIpZoNS5UsOn17tFaocGUSkcm48bs8Dn6VvsE8Bd
XMPAHyKuILlKYifBvNq5T22KhqKX7yGmk/AeOOiKr2KeMnh27JYrCA==
-----END RSA PRIVATE KEY-----

4
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf Normal file
View File

@ -0,0 +1,4 @@
# Deny all attempts to access hidden files such as .htaccess or .htpasswd
location ~ /\. {
deny all;
}

74
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf Normal file
View File

@ -0,0 +1,74 @@
# Based on https://www.nginx.com/resources/wiki/start/topics/examples/full/#nginx-conf
user www www; ## Default: nobody
worker_processes auto;
error_log "/opt/bitnami/nginx/logs/error.log";
pid "/opt/bitnami/nginx/tmp/nginx.pid";
# QAT optimizations
load_module modules/ngx_ssl_engine_qat_module.so;
ssl_engine {
use_engine qatengine;
default_algorithms RSA,EC,DH,PKEY_CRYPTO;
qat_engine {
qat_offload_mode async;
qat_notify_mode poll;
qat_poll_mode heuristic;
qat_shutting_down_release on;
}
}
events {
worker_connections 8192;
multi_accept on;
accept_mutex on;
}
worker_rlimit_nofile 1000000;
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log "/opt/bitnami/nginx/logs/access.log" main;
add_header X-Frame-Options SAMEORIGIN;
client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2;
proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2;
fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2;
scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2;
uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/javascript text/xml application/xml+rss;
keepalive_timeout 65;
ssl_protocols TLSv1.2; # Asynch mode only supports TLSv1.2
ssl_ciphers HIGH:!aNULL:!MD5;
client_max_body_size 80M;
server_tokens off;
include "/opt/bitnami/nginx/conf/server_blocks/*.conf";
# HTTP Server
server {
# Port to listen on, can also be set in IP:PORT format
listen 80;
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
location /status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}

18
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/nginx/conf/server_blocks/default-https-server-block.conf Normal file
View File

@ -0,0 +1,18 @@
# HTTPS Server
server {
# Port to listen on, can also be set in IP:PORT format
listen 443 ssl;
ssl_certificate bitnami/certs/server.crt;
ssl_certificate_key bitnami/certs/server.key;
ssl_asynch on;
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
location /status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}

1084
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh Normal file
View File

File diff suppressed because it is too large Load Diff

623
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh Normal file
View File

@ -0,0 +1,623 @@
#!/bin/bash
#
# Bitnami NGINX library
# shellcheck disable=SC1090,SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if NGINX is running
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# Boolean
#########################
is_nginx_running() {
local pid
pid="$(get_pid_from_file "$NGINX_PID_FILE")"
if [[ -n "$pid" ]]; then
is_service_running "$pid"
else
false
fi
}
########################
# Check if NGINX is not running
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# Boolean
#########################
is_nginx_not_running() {
! is_nginx_running
}
########################
# Stop NGINX
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# None
#########################
nginx_stop() {
! is_nginx_running && return
debug "Stopping NGINX"
stop_service_using_pid "$NGINX_PID_FILE"
}
########################
# Configure NGINX server block port
# Globals:
# NGINX_CONF_DIR
# Arguments:
# $1 - Port number
# $2 - (optional) Path to server block file
# Returns:
# None
#########################
nginx_configure_port() {
local port=${1:?missing port}
local file=${2:-"$NGINX_CONF_FILE"}
if is_file_writable "$file"; then
local nginx_configuration
debug "Setting port number to ${port} in '${file}'"
# TODO: find an appropriate NGINX parser to avoid 'sed calls'
nginx_configuration="$(sed -E "s/(listen\s+)[0-9]{1,5}(.*);/\1${port}\2;/g" "$file")"
echo "$nginx_configuration" >"$file"
fi
}
########################
# Configure NGINX directives
# Globals:
# NGINX_CONF_DIR
# Arguments:
# $1 - Directive to modify
# $2 - Value
# $3 - (optional) Path to server block file
# Returns:
# None
#########################
nginx_configure() {
local directive=${1:?missing directive}
local value=${2:?missing value}
local file=${3:-"$NGINX_CONF_FILE"}
if is_file_writable "$file"; then
local nginx_configuration
debug "Setting directive '${directive}' to '${value}' in '${file}'"
nginx_configuration="$(sed -E "s/(\s*${directive}\s+)(.+);/\1${value};/g" "$file")"
echo "$nginx_configuration" >"$file"
fi
}
########################
# Validate settings in NGINX_* env vars
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_validate() {
info "Validating settings in NGINX_* env vars"
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then
print_validation_error "The allowed values for ${1} are: yes no"
fi
}
! is_empty_value "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && check_yes_no_value "NGINX_ENABLE_ABSOLUTE_REDIRECT"
! is_empty_value "$NGINX_ENABLE_PORT_IN_REDIRECT" && check_yes_no_value "NGINX_ENABLE_PORT_IN_REDIRECT"
if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then
local -a validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
validate_port_args+=("${NGINX_HTTP_PORT_NUMBER}")
if ! err=$(validate_port "${validate_port_args[@]}"); then
print_validation_error "An invalid port was specified in the environment variable NGINX_HTTP_PORT_NUMBER: $err"
fi
fi
if ! is_file_writable "$NGINX_CONF_FILE"; then
warn "The NGINX configuration file '${NGINX_CONF_FILE}' is not writable by current user. Configurations based on environment variables will not be applied."
fi
return "$error_code"
}
########################
# Initialize NGINX
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_initialize() {
info "Initializing NGINX"
# This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run
# Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID
rm -f "${NGINX_TMP_DIR}/nginx.pid"
# Persisted configuration files from old versions
if [[ -f "$NGINX_VOLUME_DIR/conf/nginx.conf" ]]; then
error "A 'nginx.conf' file was found inside '${NGINX_VOLUME_DIR}/conf'. This configuration is not supported anymore. Please mount the configuration file at '${NGINX_CONF_FILE}' instead."
exit 1
fi
if ! is_dir_empty "$NGINX_VOLUME_DIR/conf/vhosts"; then
error "Custom server blocks files were found inside '$NGINX_VOLUME_DIR/conf/vhosts'. This configuration is not supported anymore. Please mount your custom server blocks config files at '${NGINX_SERVER_BLOCKS_DIR}' instead."
exit 1
fi
debug "Updating NGINX configuration based on environment variables"
local nginx_user_configuration
if am_i_root; then
debug "Ensuring NGINX daemon user/group exists"
ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP"
if [[ -n "${NGINX_DAEMON_USER:-}" ]]; then
chown -R "${NGINX_DAEMON_USER:-}" "$NGINX_TMP_DIR"
fi
nginx_configure "user" "${NGINX_DAEMON_USER:-} ${NGINX_DAEMON_GROUP:-}"
else
# The "user" directive makes sense only if the master process runs with super-user privileges
# TODO: find an appropriate NGINX parser to avoid 'sed calls'
nginx_user_configuration="$(sed -E "s/(^user)/# \1/g" "$NGINX_CONF_FILE")"
is_file_writable "$NGINX_CONF_FILE" && echo "$nginx_user_configuration" >"$NGINX_CONF_FILE"
fi
if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then
nginx_configure_port "$NGINX_HTTP_PORT_NUMBER"
fi
nginx_configure "absolute_redirect" "$(is_boolean_yes "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && echo "on" || echo "off" )"
nginx_configure "port_in_redirect" "$(is_boolean_yes "$NGINX_ENABLE_PORT_IN_REDIRECT" && echo "on" || echo "off" )"
}
########################
# Ensure an NGINX application configuration exists (in server block format)
# Globals:
# NGINX_*
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty)
# --hosts - Host listen addresses
# --server-name - Server name (if not specified, a catch-all server block will be created)
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render the app's server blocks with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server block with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server block with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --additional-configuration - Additional server block configuration (no default)
# --external-configuration - Configuration external to server block (no default)
# --document-root - Path to document root directory
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_nginx_app_configuration_exists() {
export app="${1:?missing app}"
# Default options
local type=""
local -a hosts=()
local server_name
local -a server_aliases=()
local allow_remote_connections="yes"
local disable="no"
local disable_http="no"
local disable_https="no"
# Template variables defaults
export additional_configuration=""
export external_configuration=""
export document_root="${BITNAMI_ROOT_DIR}/${app}"
export http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}"
export https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}"
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--hosts | \
--server-aliases)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
read -r -a "$var_name" <<<"$1"
;;
--disable | \
--disable-http | \
--disable-https)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
export "${var_name}=yes"
;;
--type | \
--server-name | \
--allow-remote-connections | \
--http-port | \
--https-port | \
--additional-configuration | \
--external-configuration | \
--document-root | \
--extra-directory-configuration)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
export "${var_name}"="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Construct host string in the format of "listen host1:port1", "listen host2:port2", ...
export http_listen_configuration=""
export https_listen_configuration=""
if [[ "${#hosts[@]}" -gt 0 ]]; then
for host in "${hosts[@]}"; do
http_listen=$'\n'"listen ${host}:${http_port};"
https_listen=$'\n'"listen ${host}:${https_port} ssl;"
[[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}${http_listen}"
[[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}${https_listen}"
done
else
http_listen_configuration=$'\n'"listen ${http_port} default_server;"
https_listen_configuration=$'\n'"listen ${https_port} ssl default_server;"
fi
# Construct server_name block
export server_name_configuration=""
if ! is_empty_value "${server_name:-}"; then
server_name_configuration="server_name ${server_name}"
if [[ "${#server_aliases[@]}" -gt 0 ]]; then
server_name_configuration+=" ${server_aliases[*]}"
fi
server_name_configuration+=";"
else
server_name_configuration="
# Catch-all server block
# See: https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;"
fi
# ACL configuration
export acl_configuration=""
if ! is_boolean_yes "$allow_remote_connections"; then
acl_configuration="
default_type text/html;
if (\$remote_addr != 127.0.0.1) {
return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.';
}
# Avoid absolute redirects when connecting through a SSH tunnel
absolute_redirect off;"
fi
# Indent configurations
server_name_configuration="$(indent $'\n'"$server_name_configuration" 4)"
acl_configuration="$(indent "$acl_configuration" 4)"
additional_configuration=$'\n'"$(indent "$additional_configuration" 4)"
external_configuration=$'\n'"$external_configuration"
http_listen_configuration="$(indent "$http_listen_configuration" 4)"
https_listen_configuration="$(indent "$https_listen_configuration" 4)"
# Render templates
# We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better
local template_name="app"
[[ -n "$type" && "$type" != "php" ]] && template_name="app-${type}"
local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates"
local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
local -r disable_suffix=".disabled"
(is_boolean_yes "$disable" || is_boolean_yes "$disable_http") && http_server_block+="$disable_suffix"
(is_boolean_yes "$disable" || is_boolean_yes "$disable_https") && https_server_block+="$disable_suffix"
if is_file_writable "$http_server_block"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$http_server_block" ]] && touch "$http_server_block" && chmod g+rw "$http_server_block"
render-template "${template_dir}/${template_name}-http-server-block.conf.tpl" | sed '/^\s*$/d' >"$http_server_block"
elif [[ ! -f "$http_server_block" ]]; then
error "Could not create server block for ${app} at '${http_server_block}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
if is_file_writable "$https_server_block"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$https_server_block" ]] && touch "$https_server_block" && chmod g+rw "$https_server_block"
render-template "${template_dir}/${template_name}-https-server-block.conf.tpl" | sed '/^\s*$/d' >"$https_server_block"
elif [[ ! -f "$https_server_block" ]]; then
error "Could not create server block for ${app} at '${https_server_block}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
}
########################
# Ensure an NGINX application configuration does not exist anymore (in server block format)
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_nginx_app_configuration_not_exists() {
local app="${1:?missing app}"
local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
local -r disable_suffix=".disabled"
# Note that 'rm -f' will not fail if the files don't exist
# However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function
rm -f "$http_server_block" "$https_server_block" "${http_server_block}${disable_suffix}" "${https_server_block}${disable_suffix}"
}
########################
# Ensure NGINX loads the configuration for an application in a URL prefix
# Globals:
# NGINX_*
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty)
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --additional-configuration - Additional server block configuration (no default)
# --document-root - Path to document root directory
# --extra-directory-configuration - Extra configuration for the document root directory
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_nginx_prefix_configuration_exists() {
local app="${1:?missing app}"
# Default options
local type=""
local allow_remote_connections="yes"
local prefix="/${app}"
# Template variables defaults
export additional_configuration=""
export document_root="${BITNAMI_ROOT_DIR}/${app}"
export extra_directory_configuration=""
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--type | \
--allow-remote-connections | \
--additional-configuration | \
--document-root | \
--extra-directory-configuration | \
--prefix)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "${var_name}"="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# ACL configuration
export acl_configuration=""
if ! is_boolean_yes "$allow_remote_connections"; then
acl_configuration="
default_type text/html;
if (\$remote_addr != 127.0.0.1) {
return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.';
}
# Avoid absolute redirects when connecting through a SSH tunnel
absolute_redirect off;"
fi
# Prefix configuration
export location="$prefix"
# Indent configurations
acl_configuration="$(indent "$acl_configuration" 4)"
additional_configuration=$'\n'"$(indent "$additional_configuration" 4)"
# Render templates
# We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better
local template_name="app"
[[ -n "$type" ]] && template_name="app-${type}"
local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates"
local prefix_file="${NGINX_CONF_DIR}/bitnami/${app}.conf"
if is_file_writable "$prefix_file"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$prefix_file" ]] && touch "$prefix_file" && chmod g+rw "$prefix_file"
render-template "${template_dir}/${template_name}-prefix.conf.tpl" | sed '/^\s*$/d' >"$prefix_file"
elif [[ ! -f "$prefix_file" ]]; then
error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
}
########################
# Ensure NGINX application configuration is updated with the runtime configuration (i.e. ports)
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Hosts to enable
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
nginx_update_app_configuration() {
local -r app="${1:?missing app}"
# Default options
local -a hosts=()
local enable_http="no"
local enable_https="no"
local disable_http="no"
local disable_https="no"
local http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}"
local https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}"
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--hosts \
| --server-aliases \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
read -r -a "$var_name" <<<"$1"
;;
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
declare "${var_name}=yes"
;;
--server-name \
| --http-port \
| --https-port \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "${var_name}=${1}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Construct host string in the format of "listen host1:port1", "listen host2:port2", ...
export http_listen_configuration=""
export https_listen_configuration=""
if [[ "${#hosts[@]}" -gt 0 ]]; then
for host in "${hosts[@]}"; do
http_listen="listen ${host}:${http_port};"
https_listen="listen ${host}:${https_port} ssl;"
[[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}"$'\\\n'"${http_listen}"
[[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}"$'\\\n'"${https_listen}"
done
else
http_listen_configuration="listen ${http_port} default_server;"
https_listen_configuration="listen ${https_port} ssl default_server;"
fi
# Indent configurations
http_listen_configuration="$(indent "$http_listen_configuration" 4)"
https_listen_configuration="$(indent "$https_listen_configuration" 4)"
# Update configuration
local -r http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local -r https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
# Helper function to avoid duplicating code
update_common_server_block_config() {
local -r server_block_file="${1:?missing server block}"
# Update server_name
if ! is_empty_value "${server_name:-}"; then
local server_name_list="$server_name"
if [[ "${#server_aliases[@]}" -gt 0 ]]; then
server_name_list+=" ${server_aliases[*]}"
fi
replace_in_file "$server_block_file" "^(\s*server_name\s+)[^;]*" "\1${server_name_list}"
fi
}
# Disable and enable configuration files
rename_conf_file() {
local -r origin="$1"
local -r destination="$2"
if is_file_writable "$origin" && is_file_writable "$destination"; then
warn "Could not rename server block file '${origin}' to '${destination}' due to lack of permissions."
else
mv "$origin" "$destination"
fi
}
is_boolean_yes "$disable_http" && [[ -e "$http_server_block" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block"
is_boolean_yes "$disable_https" && [[ -e "$https_server_block" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block"
is_boolean_yes "$enable_http" && [[ -e "${http_server_block}${disable_suffix}" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block"
is_boolean_yes "$enable_https" && [[ -e "${https_server_block}${disable_suffix}" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block"
# Update only configuration files without the '.disabled' suffix
if [[ -e "$http_server_block" ]]; then
if is_file_writable "$http_server_block"; then
update_common_server_block_config "$http_server_block"
# Update specific server block config (listen addresses)
replace_in_file "$http_server_block" "^\s*listen\s.*;" "$http_listen_configuration"
else
warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
fi
if [[ -e "$https_server_block" ]]; then
if is_file_writable "$https_server_block"; then
update_common_server_block_config "$https_server_block"
# Update specific server block config (listen addresses)
replace_in_file "$https_server_block" "^\s*listen\s.*\sssl;" "$https_listen_configuration"
else
warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
fi
}
########################
# Run custom initialization scripts
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_custom_init_scripts() {
if [[ -n $(find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then
info "Loading user's custom files from $NGINX_INITSCRIPTS_DIR ..."
local -r tmp_file="/tmp/filelist"
find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file"
while read -r f; do
case "$f" in
*.sh)
if [[ -x "$f" ]]; then
debug "Executing $f"
"$f"
else
debug "Sourcing $f"
. "$f"
fi
;;
*)
debug "Ignoring $f"
;;
esac
done <$tmp_file
nginx_stop
rm -f "$tmp_file"
else
info "No custom scripts in $NGINX_INITSCRIPTS_DIR"
fi
}

257
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/libphp.sh Normal file
View File

@ -0,0 +1,257 @@
#!/bin/bash
#
# Bitnami PHP library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libwebserver.sh
########################
# Add or modify an entry in the main PHP configuration file (php.ini)
# Globals:
# PHP_CONF_FILE
# Arguments:
# $1 - Key
# $2 - Value
# $3 - File to modify (default: $PHP_CONF_FILE)
# Returns:
# None
#########################
php_conf_set() {
local -r key="${1:?key missing}"
local -r value="${2:?value missing}"
local -r file="${3:-"$PHP_CONF_FILE"}"
local pattern="^[; ]*${key}\s*=.*$"
if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then
# The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations
# Because of that, we first check if the extension was defined in the file to replace the proper entry
pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$"
fi
local -r entry="${key} = ${value}"
if is_file_writable "$file"; then
# Not using the ini-file tool since it does not play well with php.ini
if grep -q -E "$pattern" "$file"; then
replace_in_file "$file" "$pattern" "$entry"
else
cat >> "$file" <<< "$entry"
fi
else
warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured."
fi
}
########################
# Ensure PHP is initialized
# Globals:
# PHP_*
# Arguments:
# None
# Returns:
# None
#########################
php_initialize() {
# Configure PHP options based on the runtime environment
info "Configuring PHP options"
php_set_runtime_config "$PHP_CONF_FILE"
# PHP-FPM configuration
! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf"
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Set PHP runtime options, based on user-provided environment variables
# Globals:
# PHP_*
# Arguments:
# None
# Returns:
# None
#########################
php_set_runtime_config() {
local -r conf_file="${1:?missing conf file}"
! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file"
! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file"
! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file"
! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file"
! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file"
! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file"
! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file"
! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file"
! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file"
true
}
########################
# Convert a yes/no value to a PHP boolean
# Globals:
# None
# Arguments:
# $1 - yes/no value
# Returns:
# None
#########################
php_convert_to_boolean() {
local -r value="${1:?missing value}"
is_boolean_yes "$value" && echo "true" || echo "false"
}
########################
# Execute/run PHP code and print to stdout
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute_print_output() {
local php_cmd
# Obtain the command specified via stdin
php_cmd="$(</dev/stdin)"
debug "Executing PHP code:\n${php_cmd}"
php -- "$@" <<< "<?php ${php_cmd}"
}
########################
# Execute/run PHP code
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute() {
debug_execute php_execute_print_output "$@"
}
########################
# Execute/run PHP code and print to stdout
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute_print_output() {
local php_cmd
# Obtain the command specified via stdin
php_cmd="$(</dev/stdin)"
debug "Executing PHP code:\n${php_cmd}"
php -- "$@" <<< "<?php ${php_cmd}"
}
########################
# Execute/run PHP code
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute() {
debug_execute php_execute_print_output "$@"
}
########################
# Stop PHP-FPM
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# $1 - Signal (default: SIGTERM)
# Returns:
# None
#########################
php_fpm_stop() {
local -r signal="${1:-}"
is_php_fpm_not_running && return
stop_service_using_pid "$PHP_FPM_PID_FILE" "$signal"
}
########################
# Reload PHP-FPM configuration
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# None
#########################
php_fpm_reload() {
php_fpm_stop "USR2"
}
########################
# Check if PHP-FPM is enabled for the current Bitnami installation
# Globals:
# None
# Arguments:
# None
# Returns:
# true if PHP-FPM is enabled, false otherwise
########################
is_php_fpm_enabled() {
if [[ "$(web_server_type)" = "apache" ]]; then
# If mod_php is enabled, then PHP-FPM is cannot be
if apachectl -M | grep -q -E "php[0-9]?_module"; then
false
else
true
fi
else
# Assume PHP-FPM is enabled with any other configuration (i.e. NGINX)
true
fi
}
########################
# Check if PHP-FPM is running
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# true if PHP-FPM is running, false otherwise
########################
is_php_fpm_running() {
local pid
pid="$(get_pid_from_file "$PHP_FPM_PID_FILE")"
if [[ -n "$pid" ]]; then
is_service_running "$pid"
else
false
fi
}
########################
# Check if PHP-FPM is running
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# true PHP-FPM is not running, false otherwise
########################
is_php_fpm_not_running() {
! is_php_fpm_running
}

697
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/libwordpress.sh Normal file
View File

@ -0,0 +1,697 @@
#!/bin/bash
#
# Bitnami WordPress library
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libnet.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libpersistence.sh
. /opt/bitnami/scripts/libwebserver.sh
. /opt/bitnami/scripts/libservice.sh
# Load database library
if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then
. /opt/bitnami/scripts/libmysqlclient.sh
elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then
. /opt/bitnami/scripts/libmysql.sh
elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then
. /opt/bitnami/scripts/libmariadb.sh
fi
########################
# Validate settings in WORDPRESS_* env vars
# Globals:
# WORDPRESS_*
# Arguments:
# None
# Returns:
# 0 if the validation succeeded, 1 otherwise
#########################
wordpress_validate() {
debug "Validating settings in WORDPRESS_* environment variables..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_empty_value() {
if is_empty_value "${!1}"; then
print_validation_error "${1} must be set"
fi
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then
print_validation_error "The allowed values for ${1} are: yes no"
fi
}
check_int_value() {
if ! is_int "${!1}"; then
print_validation_error "The value for $1 should be an integer"
fi
}
check_multi_value() {
if [[ " ${2} " != *" ${!1} "* ]]; then
print_validation_error "The allowed values for ${1} are: ${2}"
fi
}
check_resolved_hostname() {
if ! is_hostname_resolved "$1"; then
warn "Hostname ${1} could not be resolved, this could lead to connection issues"
fi
}
check_mounted_file() {
if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then
print_validation_error "The variable ${1} is defined but the file ${!1} is not accessible or does not exist"
fi
}
check_valid_port() {
local port_var="${1:?missing port variable}"
local err
if ! err="$(validate_port "${!port_var}")"; then
print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}."
fi
}
# Warn users in case the configuration file is not writable
is_file_writable "$WORDPRESS_CONF_FILE" || warn "The WordPress configuration file '${WORDPRESS_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
# Validate user inputs
check_yes_no_value "WORDPRESS_ENABLE_HTTPS"
check_yes_no_value "WORDPRESS_HTACCESS_OVERRIDE_NONE"
check_yes_no_value "WORDPRESS_ENABLE_HTACCESS_PERSISTENCE"
check_yes_no_value "WORDPRESS_RESET_DATA_PERMISSIONS"
check_yes_no_value "WORDPRESS_SKIP_BOOTSTRAP"
check_multi_value "WORDPRESS_AUTO_UPDATE_LEVEL" "major minor none"
# Multisite validations
check_yes_no_value "WORDPRESS_ENABLE_MULTISITE"
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
# subdirectory is an alias for subfolder
check_multi_value "WORDPRESS_MULTISITE_NETWORK_TYPE" "subfolder subdirectory subdomain"
check_yes_no_value "WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION"
check_int_value "WORDPRESS_MULTISITE_FILEUPLOAD_MAXK"
if ! is_empty_value "$WORDPRESS_MULTISITE_HOST"; then
check_resolved_hostname "$WORDPRESS_MULTISITE_HOST"
[[ "$WORDPRESS_MULTISITE_HOST" =~ localhost ]] && print_validation_error "WORDPRESS_MULTISITE_HOST must be set to an actual hostname, localhost values are not allowed."
validate_ipv4 "$WORDPRESS_MULTISITE_HOST" && print_validation_error "WORDPRESS_MULTISITE_HOST must be set to an actual hostname, IP addresses are not allowed."
check_valid_port "WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER"
check_valid_port "WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER"
else
print_validation_error "WORDPRESS_MULTISITE_HOST must be set when enabling WordPress Multisite mode."
fi
elif ! is_empty_value "$WORDPRESS_MULTISITE_HOST"; then
warn "Multisite mode is not enabled, and WORDPRESS_MULTISITE_HOST is only used for Multisite installations. Its value will be ignored."
fi
# Database configuration validations
check_resolved_hostname "$WORDPRESS_DATABASE_HOST"
check_valid_port "WORDPRESS_DATABASE_PORT_NUMBER"
check_yes_no_value "WORDPRESS_ENABLE_DATABASE_SSL"
if is_boolean_yes "$WORDPRESS_ENABLE_DATABASE_SSL"; then
check_yes_no_value "WORDPRESS_VERIFY_DATABASE_SSL"
check_mounted_file "WORDPRESS_DATABASE_SSL_CERT_FILE"
check_mounted_file "WORDPRESS_DATABASE_SSL_KEY_FILE"
check_mounted_file "WORDPRESS_DATABASE_SSL_CA_FILE"
fi
# Validate credentials
if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then
warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment."
else
for empty_env_var in "WORDPRESS_DATABASE_PASSWORD" "WORDPRESS_PASSWORD"; do
is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments."
done
fi
# Validate SMTP credentials
if ! is_empty_value "$WORDPRESS_SMTP_HOST"; then
check_resolved_hostname "$WORDPRESS_SMTP_HOST"
for empty_env_var in "WORDPRESS_SMTP_USER" "WORDPRESS_SMTP_PASSWORD"; do
is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set."
done
is_empty_value "$WORDPRESS_SMTP_PORT_NUMBER" && print_validation_error "The WORDPRESS_SMTP_PORT_NUMBER environment variable is empty or not set."
! is_empty_value "$WORDPRESS_SMTP_PORT_NUMBER" && check_valid_port "WORDPRESS_SMTP_PORT_NUMBER"
! is_empty_value "$WORDPRESS_SMTP_PROTOCOL" && check_multi_value "WORDPRESS_SMTP_PROTOCOL" "ssl tls"
fi
# Validate htaccess persistence
if is_boolean_yes "$WORDPRESS_ENABLE_HTACCESS_PERSISTENCE" && [[ "$(web_server_type)" = "apache" ]]; then
if is_boolean_yes "$WORDPRESS_HTACCESS_OVERRIDE_NONE"; then
local htaccess_file="${WORDPRESS_BASE_DIR}/wordpress-htaccess.conf"
local htaccess_dest="${APACHE_HTACCESS_DIR}/wordpress-htaccess.conf"
if is_file_writable "$htaccess_dest"; then
! is_file_writable "$htaccess_file" && print_validation_error "The WORDPRESS_ENABLE_HTACCESS_PERSISTENCE configuration is enabled, but the htaccess file to persist ${htaccess_file} is not writable."
else
warn "The WORDPRESS_ENABLE_HTACCESS_PERSISTENCE configuration is enabled but the ${htaccess_dest} file is not writable. The file will not be persisted."
fi
else
local htaccess_file="${WORDPRESS_BASE_DIR}/.htaccess"
! is_file_writable "$htaccess_file" && print_validation_error "The WORDPRESS_ENABLE_HTACCESS_PERSISTENCE configuration is enabled but the htaccess file to persist ${htaccess_file} is not writable."
fi
fi
# Check that the web server is properly set up
web_server_validate || print_validation_error "Web server validation failed"
return "$error_code"
}
########################
# Configure database settings in wp-config.php
# Globals:
# WORDPRESS_*
# Arguments:
# None
# Returns:
# None
#########################
wordpress_set_db_settings() {
# Configure database credentials
wordpress_conf_set "DB_NAME" "$WORDPRESS_DATABASE_NAME"
wordpress_conf_set "DB_USER" "$WORDPRESS_DATABASE_USER"
wordpress_conf_set "DB_PASSWORD" "$WORDPRESS_DATABASE_PASSWORD"
wordpress_conf_set "DB_HOST" "${WORDPRESS_DATABASE_HOST}:${WORDPRESS_DATABASE_PORT_NUMBER}"
# Configure database SSL/TLS connections
if is_boolean_yes "$WORDPRESS_ENABLE_DATABASE_SSL"; then
! is_empty_value "$WORDPRESS_DATABASE_SSL_KEY_FILE" && wordpress_conf_set "MYSQL_SSL_KEY" "$WORDPRESS_DATABASE_SSL_KEY_FILE"
! is_empty_value "$WORDPRESS_DATABASE_SSL_CERT_FILE" && wordpress_conf_set "MYSQL_SSL_CERT" "$WORDPRESS_DATABASE_SSL_CERT_FILE"
! is_empty_value "$WORDPRESS_DATABASE_SSL_CA_FILE" && wordpress_conf_set "MYSQL_SSL_CA" "$WORDPRESS_DATABASE_SSL_CA_FILE"
local wp_mysqli_client_flags="MYSQLI_CLIENT_SSL"
if ! is_boolean_yes "$WORDPRESS_VERIFY_DATABASE_SSL"; then
wp_mysqli_client_flags+=" | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT"
fi
wordpress_conf_set "MYSQL_CLIENT_FLAGS" "$wp_mysqli_client_flags" yes
fi
}
########################
# Ensure WordPress is initialized
# Globals:
# WORDPRESS_*
# Arguments:
# None
# Returns:
# None
#########################
wordpress_initialize() {
# For backwards compatibility, check if the .htaccess file should be persisted
# Now it is possible specify the list of files by overriding WORDPRESS_DATA_TO_PERSIST
if is_boolean_yes "$WORDPRESS_ENABLE_HTACCESS_PERSISTENCE" && [[ "$(web_server_type)" = "apache" ]]; then
if is_boolean_yes "$WORDPRESS_HTACCESS_OVERRIDE_NONE"; then
local htaccess_file="${WORDPRESS_BASE_DIR}/wordpress-htaccess.conf"
local htaccess_dest="${APACHE_HTACCESS_DIR}/wordpress-htaccess.conf"
if is_file_writable "$htaccess_dest" && is_file_writable "$htaccess_file"; then
# If the file was not created at build time, copy the default configuration
[[ ! -f "$htaccess_file" ]] && cp "$htaccess_dest" "$htaccess_file"
# With the use of symlinks, we can configure Apache to use it before the persisted file is even created
rm "$htaccess_dest"
ln -s "$htaccess_file" "$htaccess_dest"
WORDPRESS_DATA_TO_PERSIST+=" ${htaccess_file}"
fi
else
local htaccess_file="${WORDPRESS_BASE_DIR}/.htaccess"
if is_file_writable "$htaccess_file"; then
# If the file was not mounted, use default configuration (currently empty htaccess for app root)
[[ ! -f "$htaccess_file" ]] && touch "$htaccess_file"
WORDPRESS_DATA_TO_PERSIST+=" ${htaccess_file}"
fi
fi
fi
# Check if WordPress has already been initialized and persisted in a previous run
local -r app_name="wordpress"
if ! is_app_initialized "$app_name"; then
# Ensure WordPress persisted directories exist (i.e. when a volume has been mounted to /bitnami)
info "Ensuring WordPress directories exist"
ensure_dir_exists "$WORDPRESS_VOLUME_DIR"
# Use daemon:root ownership for compatibility when running as a non-root user
am_i_root && configure_permissions_ownership "$WORDPRESS_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root"
info "Trying to connect to the database server"
wordpress_wait_for_mysql_connection "$WORDPRESS_DATABASE_HOST" "$WORDPRESS_DATABASE_PORT_NUMBER" "$WORDPRESS_DATABASE_NAME" "$WORDPRESS_DATABASE_USER" "$WORDPRESS_DATABASE_PASSWORD"
# Apply changes to WordPress configuration file based on user inputs
# See: https://wordpress.org/support/article/editing-wp-config-php/
# Note that wp-config.php is officially indented via tabs, not spaces
info "Configuring WordPress with settings provided via environment variables"
if is_file_writable "$WORDPRESS_CONF_FILE"; then
# Set miscellaneous configurations
wordpress_conf_set "FS_METHOD" "direct"
! is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE" && wordpress_configure_urls
# The only variable/non-constant in the entire configuration file is '$table_prefix'
replace_in_file "$WORDPRESS_CONF_FILE" "^(\s*\\\$table_prefix\s*=\s*).*" "\1'$WORDPRESS_TABLE_PREFIX';"
wordpress_set_db_settings
# Configure random keys and salt values
wp_execute config shuffle-salts
# Configure keys and salt values
! is_empty_value "$WORDPRESS_AUTH_KEY" && wordpress_conf_set "AUTH_KEY" "$WORDPRESS_AUTH_KEY"
! is_empty_value "$WORDPRESS_SECURE_AUTH_KEY" && wordpress_conf_set "SECURE_AUTH_KEY" "$WORDPRESS_SECURE_AUTH_KEY"
! is_empty_value "$WORDPRESS_LOGGED_IN_KEY" && wordpress_conf_set "LOGGED_IN_KEY" "$WORDPRESS_LOGGED_IN_KEY"
! is_empty_value "$WORDPRESS_NONCE_KEY" && wordpress_conf_set "NONCE_KEY" "$WORDPRESS_NONCE_KEY"
! is_empty_value "$WORDPRESS_AUTH_SALT" && wordpress_conf_set "AUTH_SALT" "$WORDPRESS_AUTH_SALT"
! is_empty_value "$WORDPRESS_SECURE_AUTH_SALT" && wordpress_conf_set "SECURE_AUTH_SALT" "$WORDPRESS_SECURE_AUTH_SALT"
! is_empty_value "$WORDPRESS_LOGGED_IN_SALT" && wordpress_conf_set "LOGGED_IN_SALT" "$WORDPRESS_LOGGED_IN_SALT"
! is_empty_value "$WORDPRESS_NONCE_SALT" && wordpress_conf_set "NONCE_SALT" "$WORDPRESS_NONCE_SALT"
# Enable or disable auto-updates
# https://wordpress.org/support/article/configuring-automatic-background-updates/#constant-to-configure-core-updates
if [[ "$WORDPRESS_AUTO_UPDATE_LEVEL" = "minor" ]]; then
wordpress_conf_set "WP_AUTO_UPDATE_CORE" "minor"
else
wordpress_conf_set "WP_AUTO_UPDATE_CORE" "$([[ "$WORDPRESS_AUTO_UPDATE_LEVEL" = "major" ]] && echo "true" || echo "false")" yes
fi
# Disable pingback to prevent WordPress from participating in DDoS attacks
wordpress_disable_pingback
# Lastly, allow to append any custom configuration to the wp-config.php file via an environment variable
! is_empty_value "$WORDPRESS_EXTRA_WP_CONFIG_CONTENT" && wordpress_conf_append "$WORDPRESS_EXTRA_WP_CONFIG_CONTENT"
else
warn "Skipping modifications to ${WORDPRESS_CONF_FILE} because it is not writable"
fi
# Initialize the WordPress application
if ! is_boolean_yes "$WORDPRESS_SKIP_BOOTSTRAP"; then
# Build install arguments and run installation command
local wp_install_flags=(
"--title=${WORDPRESS_BLOG_NAME}"
"--admin_user=${WORDPRESS_USERNAME}"
"--admin_password=${WORDPRESS_PASSWORD}"
"--admin_email=${WORDPRESS_EMAIL}"
"--skip-email"
)
# The --url argument is required in all cases
# However, in Multisite it is used to set the domains, meaning the value having a direct impact
# In non-Multisite installations, however, it will only set install metadata and not have any usage impact
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
local wordpress_url="$WORDPRESS_MULTISITE_HOST"
if is_boolean_yes "$WORDPRESS_ENABLE_HTTPS" || [[ "$WORDPRESS_SCHEME" = "https" ]]; then
wordpress_url="https://${wordpress_url}"
[[ "$WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER" != "443" ]] && wordpress_url+=":${WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER}"
else
wordpress_url="http://${wordpress_url}"
[[ "$WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER" != "80" ]] && wordpress_url+=":${WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER}"
fi
wp_install_flags+=("--url=${wordpress_url}")
else
wp_install_flags+=("--url=localhost")
fi
# Allow to specify extra CLI flags, but ensure they are added last
local -a wp_extra_install_flags
read -r -a wp_extra_install_flags <<<"$WORDPRESS_EXTRA_INSTALL_ARGS"
[[ "${#wp_extra_install_flags[@]}" -gt 0 ]] && wp_install_flags+=("${wp_extra_install_flags[@]}")
# Run installation command, which differs between normal and Multisite installations
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
info "Installing WordPress Multisite"
[[ "$WORDPRESS_MULTISITE_NETWORK_TYPE" = "subdomain" ]] && wp_install_flags=("--subdomains" "${wp_install_flags[@]}")
wp_execute core multisite-install "${wp_install_flags[@]}"
else
info "Installing WordPress"
wp_execute core install "${wp_install_flags[@]}"
fi
# Install plugins defined via environment variables
local -a install_plugins_args=()
if [[ "$WORDPRESS_PLUGINS" = "all" ]]; then
info "Activating all installed plugins"
install_plugins_args+=("--all")
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
install_plugins_args+=("--network")
fi
wp_execute plugin activate "${install_plugins_args[@]}"
elif [[ "$WORDPRESS_PLUGINS" != "none" ]]; then
local -a plugins_to_install
read -r -a plugins_to_install <<<"$(echo "$WORDPRESS_PLUGINS" | tr ',;' ' ')"
if [[ "${#plugins_to_install[@]}" -gt 0 ]]; then
info "Installing and activating plugins: ${plugins_to_install[*]}"
install_plugins_args+=("${plugins_to_install[@]}")
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
install_plugins_args+=("--activate-network")
else
install_plugins_args+=("--activate")
fi
wp_execute plugin install "${install_plugins_args[@]}"
fi
fi
# Post installation steps
local -r default_user_id="1"
wp_execute user meta set "$default_user_id" first_name "$WORDPRESS_FIRST_NAME"
wp_execute user meta set "$default_user_id" last_name "$WORDPRESS_LAST_NAME"
# Increase upload limit for multisite installations (default is 1MB)
local -r default_site_id="1"
is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE" && wp_execute site meta update "$default_site_id" fileupload_maxk "$WORDPRESS_MULTISITE_FILEUPLOAD_MAXK"
# Enable friendly URLs / permalinks (using historic Bitnami defaults)
wp_execute rewrite structure '/%year%/%monthnum%/%day%/%postname%/'
if ! is_empty_value "$WORDPRESS_SMTP_HOST"; then
info "Configuring SMTP settings"
wp_execute option set mail_from "$WORDPRESS_SMTP_USER"
wp_execute option set mail_from_name "${WORDPRESS_FIRST_NAME} ${WORDPRESS_LAST_NAME}"
wp_execute option set mailer "smtp"
wp_execute option set mail_set_return_path ""
wp_execute option set smtp_host "$WORDPRESS_SMTP_HOST"
wp_execute option set smtp_port "$WORDPRESS_SMTP_PORT_NUMBER"
wp_execute option set smtp_ssl "$WORDPRESS_SMTP_PROTOCOL"
wp_execute option set smtp_auth "true"
wp_execute option set smtp_user "$WORDPRESS_SMTP_USER"
wp_execute option set smtp_pass "$WORDPRESS_SMTP_PASSWORD"
# Enable wp-mail-smtp plugin, which is required for SMTP to work
info "Enabling wp-mail-smtp plugin"
local -a install_smtp_plugin_args
if is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
install_smtp_plugin_args=("--activate-network")
else
install_smtp_plugin_args=("--activate")
fi
wp_execute plugin install wp-mail-smtp "${install_smtp_plugin_args[@]}"
# Delete default SMTP credentials created when enabling the plugin
# If not deleted, the previously configured credentials will not be taken into account
# and the user will be forced to re-launch the plugin wizard right after logging in the admin panel
local wp_mail_options_to_delete
read -r -a wp_mail_options_to_delete <<<"$(wp_execute_print_output option list --search='*wp_mail*' --field=option_name | tr '\n' ' ')"
wp_execute option delete "${wp_mail_options_to_delete[@]}"
fi
else
info "An already initialized WordPress database was provided, configuration will be skipped"
wp_execute core update-db
fi
info "Persisting WordPress installation"
persist_app "$app_name" "$WORDPRESS_DATA_TO_PERSIST"
# Secure wp-config.php file after persisting data because then we can ensure the commands to work
# when running the scripts as non-root users
local wp_config_path
wp_config_path="$(readlink -f "$WORDPRESS_CONF_FILE")"
if am_i_root; then
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "440" -u "$WEB_SERVER_DAEMON_USER" -g "root"
else
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "440"
fi
else
info "Restoring persisted WordPress installation"
restore_persisted_app "$app_name" "$WORDPRESS_DATA_TO_PERSIST"
info "Trying to connect to the database server"
local db_name db_user db_pass db_host db_port
if is_boolean_yes "$WORDPRESS_OVERRIDE_DATABASE_SETTINGS"; then
info "Overriding the database configuration in wp-config.php with the provided environment variables"
# Make the wp-config.php file writable to change the db settings
local wp_config_path wp_config_perms
wp_config_path="$(readlink -f "$WORDPRESS_CONF_FILE")"
wp_config_perms="$(stat -c "%a" "$WORDPRESS_CONF_FILE")"
if am_i_root; then
! is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "775" -u "$WEB_SERVER_DAEMON_USER" -g "root"
else
! is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "775"
fi
wordpress_set_db_settings
# Make it non-writable again
if am_i_root; then
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "$wp_config_perms" -u "$WEB_SERVER_DAEMON_USER" -g "root"
else
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "$wp_config_perms"
fi
fi
db_name="$(wordpress_conf_get "DB_NAME")"
db_user="$(wordpress_conf_get "DB_USER")"
db_pass="$(wordpress_conf_get "DB_PASSWORD")"
db_host_port="$(wordpress_conf_get "DB_HOST")"
db_host="${db_host_port%:*}"
if [[ "$db_host_port" =~ :[0-9]+$ ]]; then
# Use '##' to extract only the part after the last colon, to avoid any possible issues with IPv6 addresses
db_port="${db_host_port##*:}"
else
db_port="$WORDPRESS_DATABASE_PORT_NUMBER"
fi
wordpress_wait_for_mysql_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass"
wp_execute core update-db
if is_boolean_yes "$WORDPRESS_RESET_DATA_PERMISSIONS"; then
warn "Resetting file permissions in persisted volume"
local wp_config_path
wp_config_path="$(readlink -f "$WORDPRESS_CONF_FILE")"
if am_i_root; then
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "440" -u "$WEB_SERVER_DAEMON_USER" -g "root"
configure_permissions_ownership "${WORDPRESS_VOLUME_DIR}/wp-content" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root"
else
is_file_writable "$wp_config_path" && configure_permissions_ownership "$wp_config_path" -f "440"
configure_permissions_ownership "${WORDPRESS_VOLUME_DIR}/wp-content" -d "775" -f "664"
fi
else
debug "Not resetting file permissions in persisted volume"
fi
fi
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Executes the 'wp' CLI with the specified arguments and print result to stdout/stderr
# Globals:
# WORDPRESS_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
wp_execute_print_output() {
# Avoid creating unnecessary cache files at initialization time
local -a env=("env" "WP_CLI_CONFIG_PATH=${WP_CLI_CONF_FILE}" "WP_CLI_CACHE_DIR=/dev/null")
local -a cmd=("${PHP_BIN_DIR}/php" "${WP_CLI_BIN_DIR}/wp-cli.phar" "$@")
# Allow to specify extra CLI flags, but ensure they are added last
local -a wp_extra_cli_flags
read -r -a wp_extra_cli_flags <<<"$WORDPRESS_EXTRA_CLI_ARGS"
[[ "${#wp_extra_cli_flags[@]}" -gt 0 ]] && cmd+=("${wp_extra_cli_flags[@]}")
# Run as web server user to avoid having to change permissions/ownership afterwards
if am_i_root; then
gosu "$WEB_SERVER_DAEMON_USER" "${env[@]}" "${cmd[@]}"
else
"${env[@]}" "${cmd[@]}"
fi
}
########################
# Executes the 'wp' CLI with the specified arguments
# Globals:
# WORDPRESS_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
wp_execute() {
debug_execute wp_execute_print_output "$@"
}
########################
# Append configuration to the WordPress configuration file
# Globals:
# WORDPRESS_*
# Arguments:
# $1 - Configuration to append
# Returns:
# None
#########################
wordpress_conf_append() {
local -r conf="${1:?conf missing}"
# This is basically escaping the newline character, for sed
local conf_without_newlines
conf_without_newlines="$(awk '{ printf "%s\\n", $0 }' <<<"$conf")"
replace_in_file "$WORDPRESS_CONF_FILE" "(/\* That's all, stop editing\! .*)" "${conf_without_newlines}\n\1"
}
########################
# Add or modify an entry in the WordPress configuration file
# Globals:
# WORDPRESS_*
# Arguments:
# $1 - Variable name
# $2 - Value to assign to the variable
# $3 - Whether the value is a literal, or if instead it should be quoted (default: no)
# Returns:
# None
#########################
wordpress_conf_set() {
local -r key="${1:?key missing}"
local -r value="${2:-}"
local -r is_literal="${3:-no}"
debug "Setting ${key} to '${value}' in WordPress configuration (literal: ${is_literal})"
# Note: Using an empty --url to avoid any failure if the current URL is not properly configured
local -a cmd=("wp_execute" "--url=http:" "config" "set" "$key" "$value")
if is_boolean_yes "$is_literal"; then
cmd+=("--raw")
fi
"${cmd[@]}"
}
########################
# Get an entry from the WordPress configuration file
# Globals:
# WORDPRESS_*
# Arguments:
# $1 - Variable name
# Returns:
# None
#########################
wordpress_conf_get() {
local -r key="${1:?key missing}"
debug "Getting ${key} from WordPress configuration"
# Use an empty URL to avoid any failure if the URL is not properly set
wp_execute_print_output --url=http: config get "$key"
}
########################
# Wait until the database is accessible with the currently-known credentials
# Globals:
# *
# Arguments:
# $1 - database host
# $2 - database port
# $3 - database name
# $4 - database username
# $5 - database user password (optional)
# Returns:
# true if the database connection succeeded, false otherwise
#########################
wordpress_wait_for_mysql_connection() {
local -r db_host="${1:?missing database host}"
local -r db_port="${2:?missing database port}"
local -r db_name="${3:?missing database name}"
local -r db_user="${4:?missing database user}"
local -r db_pass="${5:-}"
check_mysql_connection() {
echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass"
}
if ! retry_while "check_mysql_connection"; then
error "Could not connect to the database"
return 1
fi
}
########################
# Disable the pingback functionality for WordPress
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
wordpress_disable_pingback() {
# Append logic to disable pingbacks at the end of the file
# Must be added after wp-settings.php is require'd since it defines them
# Also note that wp-config.php is officially indented via tabs, not spaces
cat >>"$WORDPRESS_CONF_FILE" <<"EOF"
/**
* Disable pingback.ping xmlrpc method to prevent WordPress from participating in DDoS attacks
* More info at: https://docs.bitnami.com/general/apps/wordpress/troubleshooting/xmlrpc-and-pingback/
*/
if ( !defined( 'WP_CLI' ) ) {
// remove x-pingback HTTP header
add_filter("wp_headers", function($headers) {
unset($headers["X-Pingback"]);
return $headers;
});
// disable pingbacks
add_filter( "xmlrpc_methods", function( $methods ) {
unset( $methods["pingback.ping"] );
return $methods;
});
}
EOF
}
########################
# Configure application URLs for WordPress (non-Multisite)
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
wordpress_configure_urls() {
# Set URL to dynamic value, depending on which host WordPress is accessed from (to be overridden later)
# Note that wp-config.php is officially indented via tabs, not spaces
wordpress_conf_append "$(
cat <<"EOF"
/**
* The WP_SITEURL and WP_HOME options are configured to access from any hostname or IP address.
* If you want to access only from an specific domain, you can modify them. For example:
* define('WP_HOME','http://example.com');
* define('WP_SITEURL','http://example.com');
*
*/
if ( defined( 'WP_CLI' ) ) {
$_SERVER['HTTP_HOST'] = '127.0.0.1';
}
EOF
)"
local wp_url_protocol="http"
(is_boolean_yes "$WORDPRESS_ENABLE_HTTPS" || [[ "$WORDPRESS_SCHEME" = "https" ]]) && wp_url_protocol="https"
local wp_url_string="'${wp_url_protocol}://' . \$_SERVER['HTTP_HOST'] . '/'"
wordpress_conf_set "WP_HOME" "$wp_url_string" yes
wordpress_conf_set "WP_SITEURL" "$wp_url_string" yes
}
########################
# Apply web server configuration to host WordPress
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
wordpress_generate_web_server_configuration() {
# Web server config files will be generated twice, in order to properly support WORDPRESS_HTACCESS_OVERRIDE_NONE
# At build time, htaccess files will not be moved - This will happen at runtime only if WORDPRESS_HTACCESS_OVERRIDE_NONE is enabled
local -a web_server_config_create_flags
if ! is_boolean_yes "$WORDPRESS_HTACCESS_OVERRIDE_NONE"; then
# Enable .htaccess files
web_server_config_create_flags+=("--apache-move-htaccess" "no" "--apache-allow-override" "All")
else
# Use htaccess.conf file loaded at web server startup
web_server_config_create_flags+=("--apache-move-htaccess" "yes" "--apache-allow-override" "None")
fi
local apache_config nginx_config
local template_dir="${BITNAMI_ROOT_DIR}/scripts/wordpress/bitnami-templates"
# Fix themes/plugins usage
apache_config="$(render-template "${template_dir}/apache-wordpress-volume-rewrite.conf.tpl")"
nginx_config="$(render-template "${template_dir}/nginx-wordpress-volume-rewrite.conf.tpl")"
nginx_external_config=""
# Enable friendly URLs
if ! is_boolean_yes "$WORDPRESS_ENABLE_MULTISITE"; then
# Basic configuration (non-Multisite)
apache_config+=$'\n'"$(render-template "${template_dir}/apache-wordpress-basic.conf.tpl")"
nginx_config+=$'\n'"$(render-template "${template_dir}/nginx-wordpress-basic.conf.tpl")"
elif [[ "$WORDPRESS_MULTISITE_NETWORK_TYPE" = "subfolder" || "$WORDPRESS_MULTISITE_NETWORK_TYPE" = "subdirectory" ]]; then
# Multisite configuration for subfolder/subdirectory network type
apache_config+=$'\n'"$(render-template "${template_dir}/apache-wordpress-multisite-subfolder.conf.tpl")"
nginx_config+=$'\n'"$(render-template "${template_dir}/nginx-wordpress-multisite-subfolder.conf.tpl")"
nginx_external_config+=$'\n'"$(render-template "${template_dir}/nginx-wordpress-multisite-subfolder-external.conf.tpl")"
elif [[ "$WORDPRESS_MULTISITE_NETWORK_TYPE" = "subdomain" ]]; then
# nip.io allows to create subdomains when WordPress Multisite is configured with an IP address
# It only makes sense for WordPress Multisite when using subdomain network type
# The redirection simply improves user experience so the site can be accessed via IP addresses without getting errors
if is_boolean_yes "$WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION"; then
apache_config+=$'\n'"$(render-template "${template_dir}/apache-nip-io-redirect.conf.tpl")"
nginx_config+=$'\n'"$(render-template "${template_dir}/nginx-nip-io-redirect.conf.tpl")"
fi
# Multisite configuration for subdomain network type
apache_config+=$'\n'"$(render-template "${template_dir}/apache-wordpress-multisite-subdomain.conf.tpl")"
nginx_config+=$'\n'"$(render-template "${template_dir}/nginx-wordpress-multisite-subdomain.conf.tpl")"
nginx_external_config+=$'\n'"$(render-template "${template_dir}/nginx-wordpress-multisite-subdomain-external.conf.tpl")"
else
error "Unknown WordPress Multisite network mode"
return 1
fi
web_server_config_create_flags+=("--apache-extra-directory-configuration" "$apache_config" "--nginx-additional-configuration" "$nginx_config")
[[ -n "$nginx_external_config" ]] && web_server_config_create_flags+=("--nginx-external-configuration" "$nginx_external_config")
ensure_web_server_app_configuration_exists "wordpress" --type "php" "${web_server_config_create_flags[@]}"
}

125
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh Normal file
View File

@ -0,0 +1,125 @@
#!/bin/bash
#
# Environment configuration for mysql
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-mysql}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
mysql_env_vars=(
MYSQL_CLIENT_FLAVOR
ALLOW_EMPTY_PASSWORD
MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN
MYSQL_CLIENT_DATABASE_HOST
MYSQL_CLIENT_DATABASE_PORT_NUMBER
MYSQL_CLIENT_DATABASE_ROOT_USER
MYSQL_CLIENT_DATABASE_ROOT_PASSWORD
MYSQL_CLIENT_CREATE_DATABASE_NAME
MYSQL_CLIENT_CREATE_DATABASE_USER
MYSQL_CLIENT_CREATE_DATABASE_PASSWORD
MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET
MYSQL_CLIENT_CREATE_DATABASE_COLLATE
MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES
MYSQL_CLIENT_ENABLE_SSL_WRAPPER
MYSQL_CLIENT_ENABLE_SSL
MYSQL_CLIENT_SSL_CA_FILE
MYSQL_CLIENT_SSL_CERT_FILE
MYSQL_CLIENT_SSL_KEY_FILE
MYSQL_CLIENT_EXTRA_FLAGS
MARIADB_AUTHENTICATION_PLUGIN
MARIADB_HOST
MARIADB_PORT_NUMBER
MARIADB_ROOT_USER
MARIADB_ROOT_PASSWORD
)
for env_var in "${mysql_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset mysql_env_vars
export MYSQL_CLIENT_FLAVOR="${MYSQL_CLIENT_FLAVOR:-mariadb}"
export DB_FLAVOR="$MYSQL_CLIENT_FLAVOR"
# Paths
export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mysql"
export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mysql"
export DB_DATA_DIR="${DB_VOLUME_DIR}/data"
export DB_BIN_DIR="${DB_BASE_DIR}/bin"
export DB_SBIN_DIR="${DB_BASE_DIR}/bin"
export DB_CONF_DIR="${DB_BASE_DIR}/conf"
export DB_LOGS_DIR="${DB_BASE_DIR}/logs"
export DB_TMP_DIR="${DB_BASE_DIR}/tmp"
export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf"
export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid"
export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock"
export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}"
# System users (when running with a privileged user)
export DB_DAEMON_USER="mysql"
export DB_DAEMON_GROUP="mysql"
# MySQL client configuration
export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}"
MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-"${MARIADB_AUTHENTICATION_PLUGIN:-}"}"
export MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-}"
export DB_AUTHENTICATION_PLUGIN="$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN"
MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-"${MARIADB_HOST:-}"}"
export MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-mariadb}"
export DB_HOST="$MYSQL_CLIENT_DATABASE_HOST"
MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}"
export MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-3306}"
export DB_PORT_NUMBER="$MYSQL_CLIENT_DATABASE_PORT_NUMBER"
MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-"${MARIADB_ROOT_USER:-}"}"
export MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-root}"
export DB_ROOT_USER="$MYSQL_CLIENT_DATABASE_ROOT_USER" # only used during the first initialization
MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-"${MARIADB_ROOT_PASSWORD:-}"}"
export MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}"
export DB_ROOT_PASSWORD="$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" # only used during the first initialization
export MYSQL_CLIENT_CREATE_DATABASE_NAME="${MYSQL_CLIENT_CREATE_DATABASE_NAME:-}"
export DB_CREATE_DATABASE_NAME="$MYSQL_CLIENT_CREATE_DATABASE_NAME" # only used during the first initialization
export MYSQL_CLIENT_CREATE_DATABASE_USER="${MYSQL_CLIENT_CREATE_DATABASE_USER:-}"
export DB_CREATE_DATABASE_USER="$MYSQL_CLIENT_CREATE_DATABASE_USER"
export MYSQL_CLIENT_CREATE_DATABASE_PASSWORD="${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}"
export DB_CREATE_DATABASE_PASSWORD="$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD"
export MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET="${MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET:-}"
export DB_CREATE_DATABASE_CHARACTER_SET="$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET"
export MYSQL_CLIENT_CREATE_DATABASE_COLLATE="${MYSQL_CLIENT_CREATE_DATABASE_COLLATE:-}"
export DB_CREATE_DATABASE_COLLATE="$MYSQL_CLIENT_CREATE_DATABASE_COLLATE"
export MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES="${MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES:-}"
export DB_CREATE_DATABASE_PRIVILEGES="$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES"
export MYSQL_CLIENT_ENABLE_SSL_WRAPPER="${MYSQL_CLIENT_ENABLE_SSL_WRAPPER:-no}"
export DB_ENABLE_SSL_WRAPPER="$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"
export MYSQL_CLIENT_ENABLE_SSL="${MYSQL_CLIENT_ENABLE_SSL:-no}"
export DB_ENABLE_SSL="$MYSQL_CLIENT_ENABLE_SSL"
export MYSQL_CLIENT_SSL_CA_FILE="${MYSQL_CLIENT_SSL_CA_FILE:-}"
export DB_SSL_CA_FILE="$MYSQL_CLIENT_SSL_CA_FILE"
export MYSQL_CLIENT_SSL_CERT_FILE="${MYSQL_CLIENT_SSL_CERT_FILE:-}"
export DB_SSL_CERT_FILE="$MYSQL_CLIENT_SSL_CERT_FILE"
export MYSQL_CLIENT_SSL_KEY_FILE="${MYSQL_CLIENT_SSL_KEY_FILE:-}"
export DB_SSL_KEY_FILE="$MYSQL_CLIENT_SSL_KEY_FILE"
export MYSQL_CLIENT_EXTRA_FLAGS="${MYSQL_CLIENT_EXTRA_FLAGS:-no}"
export DB_EXTRA_FLAGS="$MYSQL_CLIENT_EXTRA_FLAGS"
# Custom environment variables may be defined below

19
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libfs.sh
# Load MySQL Client environment variables
. /opt/bitnami/scripts/mysql-client-env.sh
for dir in "$DB_BIN_DIR" "${DB_BASE_DIR}/.bin"; do
ensure_dir_exists "$dir"
chmod g+rwX "$dir"
done

19
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libmysqlclient.sh
# Load MySQL Client environment variables
. /opt/bitnami/scripts/mysql-client-env.sh
# Ensure MySQL Client environment variables settings are valid
mysql_client_validate
# Ensure MySQL Client is initialized
mysql_client_initialize

76
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh Normal file
View File

@ -0,0 +1,76 @@
#!/bin/bash
#
# Environment configuration for nginx
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-nginx}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
nginx_env_vars=(
NGINX_HTTP_PORT_NUMBER
NGINX_HTTPS_PORT_NUMBER
NGINX_ENABLE_ABSOLUTE_REDIRECT
NGINX_ENABLE_PORT_IN_REDIRECT
)
for env_var in "${nginx_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset nginx_env_vars
export WEB_SERVER_TYPE="nginx"
# Paths
export NGINX_BASE_DIR="${BITNAMI_ROOT_DIR}/nginx"
export NGINX_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/nginx"
export NGINX_SBIN_DIR="${NGINX_BASE_DIR}/sbin"
export NGINX_CONF_DIR="${NGINX_BASE_DIR}/conf"
export NGINX_HTDOCS_DIR="${NGINX_BASE_DIR}/html"
export NGINX_TMP_DIR="${NGINX_BASE_DIR}/tmp"
export NGINX_LOGS_DIR="${NGINX_BASE_DIR}/logs"
export NGINX_SERVER_BLOCKS_DIR="${NGINX_CONF_DIR}/server_blocks"
export NGINX_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d"
export NGINX_CONF_FILE="${NGINX_CONF_DIR}/nginx.conf"
export NGINX_PID_FILE="${NGINX_TMP_DIR}/nginx.pid"
export PATH="${NGINX_SBIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export NGINX_DAEMON_USER="daemon"
export WEB_SERVER_DAEMON_USER="$NGINX_DAEMON_USER"
export NGINX_DAEMON_GROUP="daemon"
export WEB_SERVER_DAEMON_GROUP="$NGINX_DAEMON_GROUP"
export NGINX_DEFAULT_HTTP_PORT_NUMBER="8080"
export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$NGINX_DEFAULT_HTTP_PORT_NUMBER" # only used at build time
export NGINX_DEFAULT_HTTPS_PORT_NUMBER="8443"
export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$NGINX_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time
# NGINX configuration
export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}"
export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER"
export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}"
export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER"
export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}"
export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}"
# Custom environment variables may be defined below

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx-php-fpm/postunpack.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libvalidations.sh
# Load NGINX environment
. /opt/bitnami/scripts/nginx-env.sh
. /opt/bitnami/scripts/php-env.sh
# Write NGINX configuration
nginx_php_fpm_conf_file="${NGINX_CONF_DIR}/bitnami/php-fpm.conf"
fastcgi_pass="$PHP_FPM_DEFAULT_LISTEN_ADDRESS"
# Check if PHP_FPM_DEFAULT_LISTEN_ADDRESS refers to a socket file, and add the required prefix for NGINX to understand it
[[ "$fastcgi_pass" == "/"* ]] && fastcgi_pass="unix:$fastcgi_pass"
cat >"$nginx_php_fpm_conf_file" <<EOF
index index.html index.htm index.php;
location ~ \.php$ {
fastcgi_read_timeout 300;
fastcgi_pass ${fastcgi_pass};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \$request_filename;
include fastcgi_params;
}
EOF

27
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx-php-fpm/run.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libnginx.sh
# Catch SIGTERM signal and stop all child processes
_forwardTerm() {
echo "Caught signal SIGTERM, passing it to child processes..."
pgrep -P $$ | xargs kill -TERM 2>/dev/null
wait
exit $?
}
trap _forwardTerm TERM
info "Starting PHP-FPM..."
/opt/bitnami/scripts/php/run.sh &
info "Starting NGINX..."
/opt/bitnami/scripts/nginx/run.sh

16
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl Normal file
View File

@ -0,0 +1,16 @@
{{external_configuration}}
server {
# Port to listen on, can also be set in IP:PORT format
{{http_listen_configuration}}
root {{document_root}};
{{server_name_configuration}}
{{acl_configuration}}
{{additional_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}

19
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl Normal file
View File

@ -0,0 +1,19 @@
{{external_configuration}}
server {
# Port to listen on, can also be set in IP:PORT format
{{https_listen_configuration}}
root {{document_root}};
{{server_name_configuration}}
ssl_certificate bitnami/certs/server.crt;
ssl_certificate_key bitnami/certs/server.key;
{{acl_configuration}}
{{additional_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}

10
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl Normal file
View File

@ -0,0 +1,10 @@
location ^~ {{location}} {
alias "{{document_root}}";
{{acl_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf";
include "/opt/bitnami/nginx/conf/bitnami/php-fpm.conf";
}
{{additional_configuration}}

9
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl Normal file
View File

@ -0,0 +1,9 @@
location ^~ {{location}} {
alias "{{document_root}}";
{{acl_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf";
}
{{additional_configuration}}

26
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
print_welcome_page
if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then
info "** Starting NGINX setup **"
/opt/bitnami/scripts/nginx/setup.sh
info "** NGINX setup finished! **"
fi
echo ""
exec "$@"

67
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libfs.sh
# Auxiliar Functions
########################
# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability
# Ref: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-httpoxy-vulnerability
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_patch_httpoxy_vulnerability() {
debug "Unsetting HTTP_PROXY header..."
echo '# Unset the HTTP_PROXY header' >>"${NGINX_CONF_DIR}/fastcgi_params"
echo 'fastcgi_param HTTP_PROXY "";' >>"${NGINX_CONF_DIR}/fastcgi_params"
}
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
# Remove unnecessary directories that come with the tarball
rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks"
# Ensure non-root user has write permissions on a set of directories
for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability
nginx_patch_httpoxy_vulnerability
# Configure default HTTP port
nginx_configure_port "$NGINX_DEFAULT_HTTP_PORT_NUMBER"
# shellcheck disable=SC1091
# Load additional libraries
. /opt/bitnami/scripts/libfs.sh
# Users can mount their html sites at /app
mv "${NGINX_BASE_DIR}/html" /app
ln -sf /app "${NGINX_BASE_DIR}/html"
# Users can mount their certificates at /certs
mv "${NGINX_CONF_DIR}/bitnami/certs" /certs
ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs"
ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log"
ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log"
# Configure default HTTPS port
nginx_configure_port "$NGINX_DEFAULT_HTTPS_PORT_NUMBER" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"

18
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment
. /opt/bitnami/scripts/nginx-env.sh
info "** Reloading NGINX configuration **"
exec "${NGINX_SBIN_DIR}/nginx" -s reload

17
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
/opt/bitnami/scripts/nginx/stop.sh
/opt/bitnami/scripts/nginx/start.sh

18
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
info "** Starting NGINX **"
exec "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" -g "daemon off;"

49
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh Executable file
View File

@ -0,0 +1,49 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
# Ensure NGINX environment variables settings are valid
nginx_validate
# Ensure NGINX is stopped when this script ends
trap "nginx_stop" EXIT
# Ensure NGINX daemon user exists when running as 'root'
am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP"
# Run init scripts
nginx_custom_init_scripts
# Validate HTTPS port number
if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]]; then
validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
validate_port_args+=("$NGINX_HTTPS_PORT_NUMBER")
if ! err=$(validate_port "${validate_port_args[@]}"); then
error "An invalid port was specified in the environment variable NGINX_HTTPS_PORT_NUMBER: $err"
exit 1
fi
fi
# Fix logging issue when running as root
! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"
# Initialize NGINX
nginx_initialize
# Configure HTTPS port number
[[ -z "$NGINX_HTTPS_PORT_NUMBER" ]] || nginx_configure_port "$NGINX_HTTPS_PORT_NUMBER" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
error_code=0
if is_nginx_not_running; then
"${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE"
if ! retry_while "is_nginx_running"; then
error "nginx did not start"
error_code=1
else
info "nginx started"
fi
else
info "nginx is already running"
fi
exit "$error_code"

21
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
if is_nginx_running; then
info "nginx is already running"
else
info "nginx is not running"
fi

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
error_code=0
if is_nginx_running; then
BITNAMI_QUIET=1 nginx_stop
if ! retry_while "is_nginx_not_running"; then
error "nginx could not be stopped"
error_code=1
else
info "nginx stopped"
fi
else
info "nginx is not running"
fi
exit "$error_code"

87
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php-env.sh Normal file
View File

@ -0,0 +1,87 @@
#!/bin/bash
#
# Environment configuration for php
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-php}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
php_env_vars=(
PHP_FPM_LISTEN_ADDRESS
PHP_DATE_TIMEZONE
PHP_ENABLE_OPCACHE
PHP_MAX_EXECUTION_TIME
PHP_MAX_INPUT_TIME
PHP_MAX_INPUT_VARS
PHP_MEMORY_LIMIT
PHP_POST_MAX_SIZE
PHP_UPLOAD_MAX_FILESIZE
PHP_OPCACHE_ENABLED
)
for env_var in "${php_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset php_env_vars
# Paths
export PHP_BASE_DIR="${BITNAMI_ROOT_DIR}/php"
export PHP_BIN_DIR="${PHP_BASE_DIR}/bin"
export PHP_CONF_DIR="${PHP_BASE_DIR}/etc"
export PHP_TMP_DIR="${PHP_BASE_DIR}/var/run"
export PHP_CONF_FILE="${PHP_CONF_DIR}/php.ini"
# PHP default build-time configuration
export PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER="16" # only used at build time
export PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION="192" # only used at build time
export PHP_DEFAULT_OPCACHE_FILE_CACHE="${PHP_TMP_DIR}/opcache_file" # only used at build time
# PHP-FPM configuration
export PHP_FPM_SBIN_DIR="${PHP_BASE_DIR}/sbin"
export PHP_FPM_LOGS_DIR="${PHP_BASE_DIR}/logs"
export PHP_FPM_LOG_FILE="${PHP_FPM_LOGS_DIR}/php-fpm.log"
export PHP_FPM_CONF_FILE="${PHP_CONF_DIR}/php-fpm.conf"
export PHP_FPM_PID_FILE="${PHP_TMP_DIR}/php-fpm.pid"
export PHP_FPM_DEFAULT_LISTEN_ADDRESS="${PHP_TMP_DIR}/www.sock" # only used at build time
export PHP_FPM_LISTEN_ADDRESS="${PHP_FPM_LISTEN_ADDRESS:-}"
export PATH="${PHP_FPM_SBIN_DIR}:${PHP_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export PHP_FPM_DAEMON_USER="daemon"
export PHP_FPM_DAEMON_GROUP="daemon"
# PHP configuration
export PHP_DATE_TIMEZONE="${PHP_DATE_TIMEZONE:-}"
PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-"${PHP_OPCACHE_ENABLED:-}"}"
export PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-}"
export PHP_EXPOSE_PHP="0"
export PHP_MAX_EXECUTION_TIME="${PHP_MAX_EXECUTION_TIME:-}"
export PHP_MAX_INPUT_TIME="${PHP_MAX_INPUT_TIME:-}"
export PHP_MAX_INPUT_VARS="${PHP_MAX_INPUT_VARS:-}"
export PHP_MEMORY_LIMIT="${PHP_MEMORY_LIMIT:-}"
export PHP_POST_MAX_SIZE="${PHP_POST_MAX_SIZE:-}"
export PHP_UPLOAD_MAX_FILESIZE="${PHP_UPLOAD_MAX_FILESIZE:-}"
# Custom environment variables may be defined below

39
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh Executable file
View File

@ -0,0 +1,39 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
# PHP OPcache optimizations
php_conf_set "opcache.interned_strings_buffer" "$PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER"
php_conf_set "opcache.memory_consumption" "$PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION"
php_conf_set "opcache.file_cache" "$PHP_DEFAULT_OPCACHE_FILE_CACHE"
# PHP-FPM configuration
php_conf_set "listen" "$PHP_FPM_DEFAULT_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf"
# TMP dir configuration
php_conf_set "upload_tmp_dir" "${PHP_BASE_DIR}/tmp"
php_conf_set "session.save_path" "${PHP_TMP_DIR}/session"
# Ensure directories used by PHP-FPM exist and have proper ownership and permissions
for dir in "$PHP_CONF_DIR" "${PHP_BASE_DIR}/tmp" "$PHP_TMP_DIR" "$PHP_FPM_LOGS_DIR" "${PHP_TMP_DIR}/session"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
info "Disabling PHP-FPM daemon user/group configuration"
mv "${PHP_CONF_DIR}/common.conf" "${PHP_CONF_DIR}/common.conf.disabled"
touch "${PHP_CONF_DIR}/common.conf"
ln -sf "/dev/stdout" "$PHP_FPM_LOG_FILE"

35
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load PHP-FPM environment
. /opt/bitnami/scripts/php-env.sh
# Load web server environment and functions
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
error_code=0
if is_php_fpm_enabled; then
if is_php_fpm_not_running; then
error "php-fpm is not running"
error_code=1
else
info "** Reloading PHP-FPM configuration **"
php_fpm_reload
fi
else
web_server_reload
fi
exit "$error_code"

17
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
/opt/bitnami/scripts/php/stop.sh
/opt/bitnami/scripts/php/start.sh

19
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/run.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
info "** Starting PHP-FPM **"
declare -a args=("--pid" "$PHP_FPM_PID_FILE" "--fpm-config" "$PHP_FPM_CONF_FILE" "-c" "$PHP_CONF_DIR" "-F")
exec "${PHP_FPM_SBIN_DIR}/php-fpm" "${args[@]}"

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
# Ensure PHP-FPM daemon user exists and required folder belongs to this user when running as 'root'
if am_i_root; then
ensure_user_exists "$PHP_FPM_DAEMON_USER" --group "$PHP_FPM_DAEMON_GROUP"
ensure_dir_exists "$PHP_TMP_DIR"
chown -R "${PHP_FPM_DAEMON_USER}:${PHP_FPM_DAEMON_GROUP}" "$PHP_TMP_DIR"
# Enable daemon configuration
if [[ ! -f "${PHP_CONF_DIR}/common.conf" ]]; then
cp "${PHP_CONF_DIR}/common.conf.disabled" "${PHP_CONF_DIR}/common.conf"
fi
fi
php_initialize
# Fix logging issue when running as root
! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/start.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
error_code=0
if is_php_fpm_not_running; then
nohup /opt/bitnami/scripts/php/run.sh >/dev/null 2>&1 &
if ! retry_while "is_php_fpm_running"; then
error "php-fpm did not start"
error_code=1
else
info "php-fpm started"
fi
else
info "php-fpm is already running"
fi
exit "$error_code"

21
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/status.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
if is_php_fpm_running; then
info "php-fpm is already running"
else
info "php-fpm is not running"
fi

32
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
error_code=0
if is_php_fpm_running; then
BITNAMI_QUIET=1 php_fpm_stop
if ! retry_while "is_php_fpm_not_running"; then
error "php-fpm could not be stopped"
error_code=1
else
info "php-fpm stopped"
fi
else
info "php-fpm is not running"
fi
exit "$error_code"

15
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/qatengine/postunpack.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
# Symlink QAT_Engine files to the OpenSSL Engines folder
info "Adding Symlink to the QAT Engine files to the system OpenSSL engines folder"
ln -s /opt/bitnami/common/lib/engines-1.1/* /usr/lib/x86_64-linux-gnu/engines-1.1/

196
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress-env.sh Normal file
View File

@ -0,0 +1,196 @@
#!/bin/bash
#
# Environment configuration for wordpress
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-wordpress}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
wordpress_env_vars=(
WORDPRESS_DATA_TO_PERSIST
WORDPRESS_ENABLE_HTTPS
WORDPRESS_BLOG_NAME
WORDPRESS_SCHEME
WORDPRESS_HTACCESS_OVERRIDE_NONE
WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
WORDPRESS_RESET_DATA_PERMISSIONS
WORDPRESS_TABLE_PREFIX
WORDPRESS_PLUGINS
WORDPRESS_EXTRA_INSTALL_ARGS
WORDPRESS_EXTRA_CLI_ARGS
WORDPRESS_EXTRA_WP_CONFIG_CONTENT
WORDPRESS_SKIP_BOOTSTRAP
WORDPRESS_AUTO_UPDATE_LEVEL
WORDPRESS_AUTH_KEY
WORDPRESS_SECURE_AUTH_KEY
WORDPRESS_LOGGED_IN_KEY
WORDPRESS_NONCE_KEY
WORDPRESS_AUTH_SALT
WORDPRESS_SECURE_AUTH_SALT
WORDPRESS_LOGGED_IN_SALT
WORDPRESS_NONCE_SALT
WORDPRESS_USERNAME
WORDPRESS_PASSWORD
WORDPRESS_EMAIL
WORDPRESS_FIRST_NAME
WORDPRESS_LAST_NAME
WORDPRESS_ENABLE_MULTISITE
WORDPRESS_MULTISITE_NETWORK_TYPE
WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER
WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER
WORDPRESS_MULTISITE_HOST
WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION
WORDPRESS_MULTISITE_FILEUPLOAD_MAXK
WORDPRESS_SMTP_HOST
WORDPRESS_SMTP_PORT_NUMBER
WORDPRESS_SMTP_USER
WORDPRESS_SMTP_PASSWORD
WORDPRESS_SMTP_PROTOCOL
WORDPRESS_DATABASE_HOST
WORDPRESS_DATABASE_PORT_NUMBER
WORDPRESS_DATABASE_NAME
WORDPRESS_DATABASE_USER
WORDPRESS_DATABASE_PASSWORD
WORDPRESS_ENABLE_DATABASE_SSL
WORDPRESS_VERIFY_DATABASE_SSL
WORDPRESS_DATABASE_SSL_CERT_FILE
WORDPRESS_DATABASE_SSL_KEY_FILE
WORDPRESS_DATABASE_SSL_CA_FILE
WORDPRESS_OVERRIDE_DATABASE_SETTINGS
WORDPRESS_HTACCESS_PERSISTENCE_ENABLED
WORDPRESS_SKIP_INSTALL
WORDPRESS_HTTP_PORT
WORDPRESS_HTTP_PORT_NUMBER
WORDPRESS_HTTPS_PORT
WORDPRESS_HTTPS_PORT_NUMBER
SMTP_HOST
SMTP_PORT
WORDPRESS_SMTP_PORT
SMTP_USER
SMTP_PASSWORD
SMTP_PROTOCOL
MARIADB_HOST
MARIADB_PORT_NUMBER
MARIADB_DATABASE_NAME
MARIADB_DATABASE_USER
MARIADB_DATABASE_PASSWORD
)
for env_var in "${wordpress_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset wordpress_env_vars
# Paths
export WORDPRESS_BASE_DIR="${BITNAMI_ROOT_DIR}/wordpress"
export WORDPRESS_CONF_FILE="${WORDPRESS_BASE_DIR}/wp-config.php"
# WordPress persistence configuration
export WORDPRESS_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/wordpress"
export WORDPRESS_DATA_TO_PERSIST="${WORDPRESS_DATA_TO_PERSIST:-wp-config.php wp-content}"
# WordPress configuration
export WORDPRESS_ENABLE_HTTPS="${WORDPRESS_ENABLE_HTTPS:-no}" # only used during the first initialization
export WORDPRESS_BLOG_NAME="${WORDPRESS_BLOG_NAME:-"User's blog"}" # only used during the first initialization
export WORDPRESS_SCHEME="${WORDPRESS_SCHEME:-http}" # only used during the first initialization
export WORDPRESS_HTACCESS_OVERRIDE_NONE="${WORDPRESS_HTACCESS_OVERRIDE_NONE:-yes}" # only used during the first initialization
WORDPRESS_ENABLE_HTACCESS_PERSISTENCE="${WORDPRESS_ENABLE_HTACCESS_PERSISTENCE:-"${WORDPRESS_HTACCESS_PERSISTENCE_ENABLED:-}"}"
export WORDPRESS_ENABLE_HTACCESS_PERSISTENCE="${WORDPRESS_ENABLE_HTACCESS_PERSISTENCE:-no}" # only used during the first initialization
export WORDPRESS_RESET_DATA_PERMISSIONS="${WORDPRESS_RESET_DATA_PERMISSIONS:-no}"
export WORDPRESS_TABLE_PREFIX="${WORDPRESS_TABLE_PREFIX:-wp_}" # only used during the first initialization
export WORDPRESS_PLUGINS="${WORDPRESS_PLUGINS:-none}" # only used during the first initialization
export WORDPRESS_EXTRA_INSTALL_ARGS="${WORDPRESS_EXTRA_INSTALL_ARGS:-}" # only used during the first initialization
export WORDPRESS_EXTRA_CLI_ARGS="${WORDPRESS_EXTRA_CLI_ARGS:-}" # only used during the first initialization
export WORDPRESS_EXTRA_WP_CONFIG_CONTENT="${WORDPRESS_EXTRA_WP_CONFIG_CONTENT:-}" # only used during the first initialization
WORDPRESS_SKIP_BOOTSTRAP="${WORDPRESS_SKIP_BOOTSTRAP:-"${WORDPRESS_SKIP_INSTALL:-}"}"
export WORDPRESS_SKIP_BOOTSTRAP="${WORDPRESS_SKIP_BOOTSTRAP:-no}" # only used during the first initialization
export WORDPRESS_AUTO_UPDATE_LEVEL="${WORDPRESS_AUTO_UPDATE_LEVEL:-none}" # only used during the first initialization
export WORDPRESS_AUTH_KEY="${WORDPRESS_AUTH_KEY:-}"
export WORDPRESS_SECURE_AUTH_KEY="${WORDPRESS_SECURE_AUTH_KEY:-}"
export WORDPRESS_LOGGED_IN_KEY="${WORDPRESS_LOGGED_IN_KEY:-}"
export WORDPRESS_NONCE_KEY="${WORDPRESS_NONCE_KEY:-}"
export WORDPRESS_AUTH_SALT="${WORDPRESS_AUTH_SALT:-}"
export WORDPRESS_SECURE_AUTH_SALT="${WORDPRESS_SECURE_AUTH_SALT:-}"
export WORDPRESS_LOGGED_IN_SALT="${WORDPRESS_LOGGED_IN_SALT:-}"
export WORDPRESS_NONCE_SALT="${WORDPRESS_NONCE_SALT:-}"
# WordPress credentials
export WORDPRESS_USERNAME="${WORDPRESS_USERNAME:-user}" # only used during the first initialization
export WORDPRESS_PASSWORD="${WORDPRESS_PASSWORD:-bitnami}" # only used during the first initialization
export WORDPRESS_EMAIL="${WORDPRESS_EMAIL:-user@example.com}" # only used during the first initialization
export WORDPRESS_FIRST_NAME="${WORDPRESS_FIRST_NAME:-UserName}" # only used during the first initialization
export WORDPRESS_LAST_NAME="${WORDPRESS_LAST_NAME:-LastName}" # only used during the first initialization
# WordPress Multisite inputs
export WORDPRESS_ENABLE_MULTISITE="${WORDPRESS_ENABLE_MULTISITE:-no}" # only used during the first initialization
export WORDPRESS_MULTISITE_NETWORK_TYPE="${WORDPRESS_MULTISITE_NETWORK_TYPE:-subdomain}" # only used during the first initialization
WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER:-"${WORDPRESS_HTTP_PORT:-}"}"
WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER:-"${WORDPRESS_HTTP_PORT_NUMBER:-}"}"
export WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER:-80}" # only used during the first initialization
WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER:-"${WORDPRESS_HTTPS_PORT:-}"}"
WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER:-"${WORDPRESS_HTTPS_PORT_NUMBER:-}"}"
export WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER="${WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER:-443}" # only used during the first initialization
export WORDPRESS_MULTISITE_HOST="${WORDPRESS_MULTISITE_HOST:-}" # only used during the first initialization
export WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION="${WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION:-no}" # only used during the first initialization
export WORDPRESS_MULTISITE_FILEUPLOAD_MAXK="${WORDPRESS_MULTISITE_FILEUPLOAD_MAXK:-81920}" # only used during the first initialization
# WordPress SMTP credentials
WORDPRESS_SMTP_HOST="${WORDPRESS_SMTP_HOST:-"${SMTP_HOST:-}"}"
export WORDPRESS_SMTP_HOST="${WORDPRESS_SMTP_HOST:-}" # only used during the first initialization
WORDPRESS_SMTP_PORT_NUMBER="${WORDPRESS_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}"
WORDPRESS_SMTP_PORT_NUMBER="${WORDPRESS_SMTP_PORT_NUMBER:-"${WORDPRESS_SMTP_PORT:-}"}"
export WORDPRESS_SMTP_PORT_NUMBER="${WORDPRESS_SMTP_PORT_NUMBER:-}" # only used during the first initialization
WORDPRESS_SMTP_USER="${WORDPRESS_SMTP_USER:-"${SMTP_USER:-}"}"
export WORDPRESS_SMTP_USER="${WORDPRESS_SMTP_USER:-}" # only used during the first initialization
WORDPRESS_SMTP_PASSWORD="${WORDPRESS_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}"
export WORDPRESS_SMTP_PASSWORD="${WORDPRESS_SMTP_PASSWORD:-}" # only used during the first initialization
WORDPRESS_SMTP_PROTOCOL="${WORDPRESS_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}"
export WORDPRESS_SMTP_PROTOCOL="${WORDPRESS_SMTP_PROTOCOL:-}" # only used during the first initialization
# Database configuration
export WORDPRESS_DEFAULT_DATABASE_HOST="mariadb" # only used at build time
WORDPRESS_DATABASE_HOST="${WORDPRESS_DATABASE_HOST:-"${MARIADB_HOST:-}"}"
export WORDPRESS_DATABASE_HOST="${WORDPRESS_DATABASE_HOST:-$WORDPRESS_DEFAULT_DATABASE_HOST}" # only used during the first initialization
WORDPRESS_DATABASE_PORT_NUMBER="${WORDPRESS_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}"
export WORDPRESS_DATABASE_PORT_NUMBER="${WORDPRESS_DATABASE_PORT_NUMBER:-3306}" # only used during the first initialization
WORDPRESS_DATABASE_NAME="${WORDPRESS_DATABASE_NAME:-"${MARIADB_DATABASE_NAME:-}"}"
export WORDPRESS_DATABASE_NAME="${WORDPRESS_DATABASE_NAME:-bitnami_wordpress}" # only used during the first initialization
WORDPRESS_DATABASE_USER="${WORDPRESS_DATABASE_USER:-"${MARIADB_DATABASE_USER:-}"}"
export WORDPRESS_DATABASE_USER="${WORDPRESS_DATABASE_USER:-bn_wordpress}" # only used during the first initialization
WORDPRESS_DATABASE_PASSWORD="${WORDPRESS_DATABASE_PASSWORD:-"${MARIADB_DATABASE_PASSWORD:-}"}"
export WORDPRESS_DATABASE_PASSWORD="${WORDPRESS_DATABASE_PASSWORD:-}" # only used during the first initialization
export WORDPRESS_ENABLE_DATABASE_SSL="${WORDPRESS_ENABLE_DATABASE_SSL:-no}" # only used during the first initialization
export WORDPRESS_VERIFY_DATABASE_SSL="${WORDPRESS_VERIFY_DATABASE_SSL:-yes}" # only used during the first initialization
export WORDPRESS_DATABASE_SSL_CERT_FILE="${WORDPRESS_DATABASE_SSL_CERT_FILE:-}" # only used during the first initialization
export WORDPRESS_DATABASE_SSL_KEY_FILE="${WORDPRESS_DATABASE_SSL_KEY_FILE:-}" # only used during the first initialization
export WORDPRESS_DATABASE_SSL_CA_FILE="${WORDPRESS_DATABASE_SSL_CA_FILE:-}" # only used during the first initialization
export WORDPRESS_OVERRIDE_DATABASE_SETTINGS="${WORDPRESS_OVERRIDE_DATABASE_SETTINGS:-no}"
# PHP configuration
export PHP_DEFAULT_MEMORY_LIMIT="512M" # only used at build time
export PHP_DEFAULT_POST_MAX_SIZE="80M" # only used at build time
export PHP_DEFAULT_UPLOAD_MAX_FILESIZE="80M" # only used at build time
# Custom environment variables may be defined below

5
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/apache-nip-io-redirect.conf.tpl Normal file
View File

@ -0,0 +1,5 @@
# BEGIN nip.io redirection
RewriteEngine On
RewriteCond %{HTTP_HOST} ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(:[0-9]{1,5})?$
RewriteRule ^/?(.*) %{REQUEST_SCHEME}://%1.nip.io%2/$1 [L,R=302,NE]
# END nip.io redirection

10
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/apache-wordpress-basic.conf.tpl Normal file
View File

@ -0,0 +1,10 @@
# BEGIN WordPress
# https://wordpress.org/support/article/htaccess/#basic-wp
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

18
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/apache-wordpress-multisite-subdomain.conf.tpl Normal file
View File

@ -0,0 +1,18 @@
# BEGIN WordPress Multisite
# Using subdomain network type: https://wordpress.org/support/article/htaccess/#multisite
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
# END WordPress Multisite

18
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/apache-wordpress-multisite-subfolder.conf.tpl Normal file
View File

@ -0,0 +1,18 @@
# BEGIN WordPress Multisite
# Using subfolder network type: https://wordpress.org/support/article/htaccess/#multisite
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
# END WordPress Multisite

6
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/apache-wordpress-volume-rewrite.conf.tpl Normal file
View File

@ -0,0 +1,6 @@
# BEGIN WordPress fix for plugins and themes
# Certain WordPress plugins and themes do not properly link to PHP files because of symbolic links
# https://github.com/bitnami/bitnami-docker-wordpress-nginx/issues/43
RewriteEngine On
RewriteRule ^bitnami/wordpress(/.*) $1 [L]
# END WordPress fix for plugins and themes

5
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-nip-io-redirect.conf.tpl Normal file
View File

@ -0,0 +1,5 @@
# BEGIN nip.io redirection
if ($host ~ "^(?<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(?<port>:[0-9]{1,5})?$") {
return 302 $scheme://$ip.nip.io$port$uri;
}
# END nip.io redirection

19
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-basic.conf.tpl Normal file
View File

@ -0,0 +1,19 @@
# BEGIN WordPress
# https://wordpress.org/support/article/nginx/#general-wordpress-rules
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
# END WordPress

8
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-multisite-subdomain-external.conf.tpl Normal file
View File

@ -0,0 +1,8 @@
# BEGIN WordPress Multisite variable mapping for NGINX
# https://wordpress.org/support/article/nginx/#wordpress-multisite-subdomains-rules
map $http_host $blogid {
default -999;
# Ref: https://wordpress.org/extend/plugins/nginx-helper/
#include /opt/bitnami/wordpress/wp-content/plugins/nginx-helper/map.conf;
}
# END WordPress Multisite variable mapping for NGINX

25
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-multisite-subdomain.conf.tpl Normal file
View File

@ -0,0 +1,25 @@
# BEGIN WordPress Multisite
# Using subdomain network type: https://wordpress.org/support/article/nginx/#wordpress-multisite-subdomains-rules
location / {
try_files $uri $uri/ /index.php?$args ;
}
# WPMU Files
location ~ ^/files/(.*)$ {
try_files /wp-content/blogs.dir/$blogid/$uri /wp-includes/ms-files.php?file=$1 ;
access_log off;
log_not_found off;
expires max;
}
# WPMU x-sendfile to avoid php readfile()
location ^~ /blogs.dir {
internal;
alias {{WORDPRESS_BASE_DIR}}/wp-content/blogs.dir;
access_log off;
log_not_found off;
expires max;
}
# END WordPress Multisite

11
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-multisite-subfolder-external.conf.tpl Normal file
View File

@ -0,0 +1,11 @@
# BEGIN WordPress Multisite variable mapping for NGINX
# https://wordpress.org/support/article/nginx/#wordpress-multisite-subdirectory-rules
map $uri $blogname {
~^(?P<blogpath>/[^/]+/)files/(.*) $blogpath;
}
map $blogname $blogid {
default -999;
# Ref: https://wordpress.org/extend/plugins/nginx-helper/
#include /opt/bitnami/wordpress/wp-content/plugins/nginx-helper/map.conf;
}
# END WordPress Multisite variable mapping for NGINX

26
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-multisite-subfolder.conf.tpl Normal file
View File

@ -0,0 +1,26 @@
# BEGIN WordPress Multisite
# Using subfolder network type: https://wordpress.org/support/article/nginx/#wordpress-multisite-subdirectory-rules
location ~ ^(/[^/]+/)?files/(.+) {
try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ;
access_log off; log_not_found off; expires max;
}
#avoid php readfile()
location ^~ /blogs.dir {
internal;
alias {{WORDPRESS_BASE_DIR}}/wp-content/blogs.dir ;
access_log off; log_not_found off; expires max;
}
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$request_uri/ permanent;
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}
location / {
try_files $uri $uri/ /index.php?$args ;
}
# END WordPress Multisite

5
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/bitnami-templates/nginx-wordpress-volume-rewrite.conf.tpl Normal file
View File

@ -0,0 +1,5 @@
# BEGIN Fix for WordPress plugins and themes
# Certain WordPress plugins and themes do not properly link to PHP files because of symbolic links
# https://github.com/bitnami/bitnami-docker-wordpress-nginx/issues/43
rewrite ^/bitnami/wordpress(/.*) $1 last;
# END Fix for WordPress plugins and themes

31
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/entrypoint.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load WordPress environment
. /opt/bitnami/scripts/wordpress-env.sh
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libwebserver.sh
print_welcome_page
if [[ "$1" = "/opt/bitnami/scripts/$(web_server_type)/run.sh" || "$1" = "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then
info "** Starting WordPress setup **"
/opt/bitnami/scripts/"$(web_server_type)"/setup.sh
/opt/bitnami/scripts/php/setup.sh
/opt/bitnami/scripts/mysql-client/setup.sh
/opt/bitnami/scripts/wordpress/setup.sh
/post-init.sh
info "** WordPress setup finished! **"
fi
echo ""
exec "$@"

60
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/postunpack.sh Executable file
View File

@ -0,0 +1,60 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load WordPress environment
. /opt/bitnami/scripts/wordpress-env.sh
# Load PHP environment for 'php_conf_set' (after 'wordpress-env.sh' so that MODULE is not set to a wrong value)
. /opt/bitnami/scripts/php-env.sh
# Load libraries
. /opt/bitnami/scripts/libwordpress.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load web server environment (after WordPress environment file so MODULE is not set to a wrong value)
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
# Enable WordPress configuration file
[[ ! -f "$WORDPRESS_CONF_FILE" ]] && cp "${WORDPRESS_BASE_DIR}/wp-config-sample.php" "$WORDPRESS_CONF_FILE"
# Ensure the WordPress base directory exists and has proper permissions
info "Configuring file permissions for WordPress"
ensure_user_exists "$WEB_SERVER_DAEMON_USER" --group "$WEB_SERVER_DAEMON_GROUP"
declare -a writable_dirs=(
"$WORDPRESS_BASE_DIR" "$WORDPRESS_VOLUME_DIR" "${WORDPRESS_BASE_DIR}/tmp"
# These directories are needed for wp-cli to be able to install languages/plugins/packages/etc as a non-root user
# However they are not included in the WordPress source tarball, so we create them at this point with proper ownership
# All of them are used by different wp-cli commands, such as 'wp language', 'wp plugin', or 'wp media', amongst others
"${WORDPRESS_BASE_DIR}/wp-content/languages" "${WORDPRESS_BASE_DIR}/wp-content/upgrade" "${WORDPRESS_BASE_DIR}/wp-content/uploads"
)
for dir in "${writable_dirs[@]}"; do
ensure_dir_exists "$dir"
# Use daemon:root ownership for compatibility when running as a non-root user
configure_permissions_ownership "$dir" -d "g+rwx" -f "g+rw" -u "$WEB_SERVER_DAEMON_USER" -g "root"
done
info "Configuring default PHP options for WordPress"
php_conf_set memory_limit "$PHP_DEFAULT_MEMORY_LIMIT"
php_conf_set upload_max_filesize "$PHP_DEFAULT_UPLOAD_MAX_FILESIZE"
php_conf_set post_max_size "$PHP_DEFAULT_POST_MAX_SIZE"
# https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions
php_conf_set extension "imagick"
# Memcached extension is required for W3 Total Cache plugin
php_conf_set extension "memcached"
# Enable default web server configuration for WordPress
info "Creating default web server configuration for WordPress"
web_server_validate
# Do not move htaccess files via WORDPRESS_HTACCESS_OVERRIDE_NONE
# so that users can choose whether to do it or not during initialization
WORDPRESS_HTACCESS_OVERRIDE_NONE=no wordpress_generate_web_server_configuration

42
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wordpress/setup.sh Executable file
View File

@ -0,0 +1,42 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load WordPress environment
. /opt/bitnami/scripts/wordpress-env.sh
# Load WP-CLI environment for 'wp_execute' (after 'wordpress-env.sh' so that MODULE is not set to a wrong value)
. /opt/bitnami/scripts/wp-cli-env.sh
# Load PHP environment for 'wp_execute' (after 'wordpress-env.sh' so that MODULE is not set to a wrong value)
. /opt/bitnami/scripts/php-env.sh
# Load MySQL Client environment for 'mysql_remote_execute' (after 'wordpress-env.sh' so that MODULE is not set to a wrong value)
if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then
. /opt/bitnami/scripts/mysql-client-env.sh
elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then
. /opt/bitnami/scripts/mysql-env.sh
elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then
. /opt/bitnami/scripts/mariadb-env.sh
fi
# Load libraries
. /opt/bitnami/scripts/libwordpress.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load web server environment (after WordPress environment file so MODULE is not set to a wrong value)
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
# Ensure WordPress environment variables are valid
wordpress_validate
# Re-create web server configuration with runtime environment (needs to happen before the initialization)
wordpress_generate_web_server_configuration
# Ensure WordPress is initialized
wordpress_initialize

33
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wp-cli-env.sh Normal file
View File

@ -0,0 +1,33 @@
#!/bin/bash
#
# Environment configuration for wp-cli
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-wp-cli}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# Paths
export WP_CLI_BASE_DIR="${BITNAMI_ROOT_DIR}/wp-cli"
export WP_CLI_BIN_DIR="${WP_CLI_BASE_DIR}/bin"
export WP_CLI_CONF_DIR="${WP_CLI_BASE_DIR}/conf"
export WP_CLI_CONF_FILE="${WP_CLI_CONF_DIR}/wp-cli.yml"
export PATH="${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export WP_CLI_DAEMON_USER="daemon"
export WP_CLI_DAEMON_GROUP="daemon"
# Custom environment variables may be defined below

10
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wp-cli/bitnami-templates/wp.tpl Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash
export WP_CLI_CONFIG_PATH="{{WP_CLI_CONF_FILE}}"
export WP_CLI_CACHE_DIR="{{WP_CLI_BASE_DIR}}/.cache"
export WP_CLI_PACKAGES_DIR="{{WP_CLI_BASE_DIR}}/.packages"
export WP_CLI_PHP_USED="{{PHP_BIN_DIR}}/php"
command -v less > /dev/null || export PAGER=cat
exec {{PHP_BIN_DIR}}/php {{WP_CLI_BIN_DIR}}/wp-cli.phar "$@"

40
bitnami/wordpress-intel/6/debian-11/rootfs/opt/bitnami/scripts/wp-cli/postunpack.sh Executable file
View File

@ -0,0 +1,40 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load WP-CLI environment
. /opt/bitnami/scripts/wp-cli-env.sh
# Load PHP environment for WP-CLI templates (after 'wp-cli-env.sh' so that MODULE is not set to a wrong value)
. /opt/bitnami/scripts/php-env.sh
# Load libraries
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
# Ensure the WordPress base directory exists and has proper permissions
info "Configuring file permissions for WP-CLI"
ensure_user_exists "$WP_CLI_DAEMON_USER" --group "$WP_CLI_DAEMON_GROUP"
declare -a writable_dirs=(
"${WP_CLI_BASE_DIR}/.cache" "${WP_CLI_BASE_DIR}/.packages"
)
for dir in "${writable_dirs[@]}"; do
ensure_dir_exists "$dir"
# Use daemon:root ownership for compatibility when running as a non-root user
configure_permissions_ownership "$dir" -d "g+rwx" -f "g+rw" -u "$WP_CLI_DAEMON_USER" -g "root"
done
# Configure wp-cli
ensure_dir_exists "$WP_CLI_CONF_DIR"
cat >"$WP_CLI_CONF_FILE" <<EOF
# Global parameter defaults
path: "${BITNAMI_ROOT_DIR}/wordpress"
EOF
render-template "${BITNAMI_ROOT_DIR}/scripts/wp-cli/bitnami-templates/wp.tpl" >"${WP_CLI_BIN_DIR}/wp"
configure_permissions_ownership "${WP_CLI_BIN_DIR}/wp" -f "755"

31
bitnami/wordpress-intel/6/debian-11/rootfs/post-init.d/php.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
#
# Executes custom PHP init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".php" ]] && continue
info "Executing ${custom_init_script} with PHP interpreter"
php "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

36
bitnami/wordpress-intel/6/debian-11/rootfs/post-init.d/shell.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
#
# Executes custom Bash init scripts
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".sh" ]] && continue
if [[ -x "$custom_init_script" ]]; then
info "Executing ${custom_init_script}"
"$custom_init_script" || failure="1"
else
info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail"
. "$custom_init_script"
fi
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

46
bitnami/wordpress-intel/6/debian-11/rootfs/post-init.d/sql-mysql.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
#
# Executes custom MySQL (.sql or .sql.gz) init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
mysql_execute() {
local -r sql_file="${1:?missing file}"
local failure=0
mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER")
if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then
mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}")
fi
if [[ "$sql_file" == *".sql" ]]; then
"${mysql_cmd[@]}" < "$sql_file" || failure=$?
elif [[ "$sql_file" == *".sql.gz" ]]; then
gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$?
fi
return "$failure"
}
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue
info "Executing ${custom_init_script}"
mysql_execute "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

23
bitnami/wordpress-intel/6/debian-11/rootfs/post-init.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Only execute init scripts once
if [[ ! -f "/bitnami/wordpress/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then
read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)"
if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/wordpress/.user_scripts_initialized" ]]; then
mkdir -p "/bitnami/wordpress"
for init_script in "${init_scripts[@]}"; do
for init_script_type_handler in /post-init.d/*.sh; do
"$init_script_type_handler" "$init_script"
done
done
fi
touch "/bitnami/wordpress/.user_scripts_initialized"
fi

4
bitnami/wordpress-intel/README.md
View File

@ -49,7 +49,7 @@ Non-root container images add an extra layer of security and are generally recom
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).
- [`5`, `5-debian-11`, `5.9.3`, `5.9.3-debian-11-r5`, `latest` (5/debian-11/Dockerfile)](https://github.com/bitnami/bitnami-docker-wordpress/blob/5.9.3-debian-11-r5/5/debian-11/Dockerfile)
- [`6`, `6-debian-11`, `6.0.0`, `6.0.0-debian-11-r0`, `latest` (6/debian-11/Dockerfile)](https://github.com/bitnami/bitnami-docker-wordpress/blob/6.0.0-debian-11-r0/6/debian-11/Dockerfile)
Subscribe to project updates by watching the [bitnami/wordpress GitHub repo](https://github.com/bitnami/bitnami-docker-wordpress).
@ -70,7 +70,7 @@ $ docker pull bitnami/wordpress-intel:[TAG]
If you wish, you can also build the image yourself.
```console
$ docker build -t bitnami/wordpress-intel:latest 'https://github.com/bitnami/bitnami-docker-wordpress.git#master:5/debian-11'
$ docker build -t bitnami/wordpress-intel:latest 'https://github.com/bitnami/bitnami-docker-wordpress.git#master:6/debian-11'
```
## How to use this image

2
bitnami/wordpress-intel/docker-compose.yml
View File

@ -10,7 +10,7 @@ services:
- MARIADB_USER=bn_wordpress
- MARIADB_DATABASE=bitnami_wordpress
wordpress:
image: docker.io/bitnami/wordpress-intel:5
image: docker.io/bitnami/wordpress-intel:6
ports:
- '80:8080'
- '443:8443'