Merge pull request #30 from psaux-it/phpmyadmin

Phpmyadmin

Author: hsntgm

.env

@@ -34,6 +34,9 @@ export WORDPRESS_ADMIN_USER_=npp
 export WORDPRESS_ADMIN_PASSWORD_=npp
 export WORDPRESS_ADMIN_EMAIL_=[email protected]
 
+# phpMyAdmin Settings
+export PMA_ABSOLUTE_URI_=${WORDPRESS_SITE_URL_}/phpmyadmin/
+
 # FPM Settings
 export NPP_FPM_CONF=./fpm/www.conf
 export FPM_DOCKER_CONF=./fpm/zz-docker.conf
@@ -45,6 +48,7 @@ export NPP_PHP_CONF=./php/npp.ini
 export NGINX_SSL_CERTS=./ssl
 
 # NPP Specific Settings
+export NPP_HACK_HOST_=1
 export NGINX_WEB_USER_=nginx
 export NPP_NGINX_CACHE_PATH_=/var/cache/nginx
 export MOUNT_DIR_=${NPP_NGINX_CACHE_PATH_}-npp
@@ -53,9 +57,8 @@ export NPP_USER_=npp
 export NPP_UID_=18978
 export NPP_GID_=33749
 
-# NPP Development environment
-export NPP_DEV_ENABLED_=1
-export NPP_HACK_HOST_=1
+# NPP EDGE
+export NPP_EDGE_=1
 export NPP_DEV_PLUGIN_NAME_=fastcgi-cache-purge-and-preload-nginx
 export NPP_DEV_PLUGIN_DIR_="${NPP_WEB_ROOT_}/wp-content/plugins/${NPP_DEV_PLUGIN_NAME_}"
 export NPP_DEV_TMP_CLONE_DIR_="/tmp/${NPP_DEV_PLUGIN_NAME_}"
@@ -66,4 +69,4 @@ export NPP_DEV_GITHUB_REPO_="https://github.com/psaux-it/nginx-fastcgi-cache-pur
 export NPP_PLUGINS_="${NPP_DEV_PLUGIN_NAME_}"
 
 # Themes to auto Install (comma seperated)
-export NPP_THEMES_="blue-note"
+export NPP_THEMES_=""

docker-compose.yml

@@ -40,7 +40,7 @@ services:
       - NPP_PLUGINS=${NPP_PLUGINS_}
       - NPP_THEMES=${NPP_THEMES_}
       - NPP_HACK_HOST=${NPP_HACK_HOST_}
-      - NPP_DEV_ENABLED=${NPP_DEV_ENABLED_}
+      - NPP_EDGE=${NPP_EDGE_}
       - NPP_DEV_PLUGIN_NAME=${NPP_DEV_PLUGIN_NAME_}
       - NPP_DEV_PLUGIN_DIR=${NPP_DEV_PLUGIN_DIR_}
       - NPP_DEV_TMP_CLONE_DIR=${NPP_DEV_TMP_CLONE_DIR_}
@@ -119,6 +119,26 @@ services:
           cpus: "0.5"
           memory: "1GB"
 
+  phpmyadmin:
+    build:
+      context: .
+      dockerfile: phpmyadmin/Dockerfile
+    image: ghcr.io/psaux-it/wordpress-nginx-cache-docker/phpmyadmin:latest
+    container_name: phpmyadmin
+    env_file:
+      - .env
+    environment:
+      - PMA_HOST=db
+      - PMA_PORT=3306
+      - PMA_ABSOLUTE_URI=${PMA_ABSOLUTE_URI_}
+      - WORDPRESS_DB_USER=${WORDPRESS_DB_USER}
+      - WORDPRESS_DB_PASSWORD=${WORDPRESS_DB_PASSWORD}
+      - WORDPRESS_DB_NAME=${WORDPRESS_DB_NAME}
+    networks:
+      - npp_network
+    depends_on:
+      - db
+
   nginx:
     build:
       context: .

nginx/default.conf

@@ -6,35 +6,54 @@
 # ----------------------------------------------------------------------------     #
 
 # FastCGI Cache Path
-####################
+#####################
 fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=NPP:100m max_size=400m inactive=30d;
-####################
+#####################
 
 server {
     # Listen HTTP
-    ##################################
+    #################
     listen 80;
     server_name localhost;
 
     # HTTPS Redirect
-    ##################################
+    #################
     location / {
         rewrite ^ https://$host$request_uri? permanent;
     }
 }
 
 server {
     # Listen HTTPS
-    ##################################
+    #################
     listen 443 ssl;
+    http2 on;
     server_name localhost;
 
-    # Document root
-    ###############
+    # phpMyAdmin Reverse Proxy
+    #################
+    location = /phpmyadmin {
+        return 301 $scheme://$host/phpmyadmin/;
+    }
+
+    location  ~ \/phpmyadmin {
+        rewrite ^/phpmyadmin(/.*)$ $1 break;
+        proxy_set_header Host               $host;
+        proxy_set_header X-Forwarded-Scheme $scheme;
+        proxy_set_header X-Forwarded-Proto  $scheme;
+        proxy_set_header X-Forwarded-For    $remote_addr;
+        proxy_set_header X-Real-IP          $remote_addr;
+        proxy_pass       http://phpmyadmin:80;
+    }
+    # End
+    #####
+
+    # WP Document root
+    #################
     root /var/www/html;
     index index.php index.html index.htm;
 
-    # Cache Settings
+    # FCGI Cache Settings
     #################
     set $skip_cache 0;
 
@@ -61,7 +80,7 @@ server {
     #####
 
     # Stop Nginx from logging
-    #########################
+    #################
     location = /favicon.ico {
         log_not_found off;
         access_log off;
@@ -75,16 +94,16 @@ server {
     # End
     #####
 
-    # Serve content
-    ##################
+    # Serve WP content
+    #################
     location / {
         try_files $uri $uri/ /index.php$is_args$args;
     }
     # End
     #####
 
-    # PHP-FPM Configuration
-    ################
+    # WP PHP-FPM PASS
+    #################
     location ~ \.php$ {
         # Use NPP "Cache Key Regex" option for non-default structers
         # This structer supported in default by NPP
@@ -107,47 +126,47 @@ server {
     # End
     #####
 
-    # WP Security Settings
-    #######################
+    # WP Security Settings (Enable on Production)
+    #################
     # Deny access to hidden files and directories (except .well-known)
-    location ~ /\.(?!well-known/) {
-        deny all;
-    }
+    # location ~ /\.(?!well-known/) {
+    #     deny all;
+    # }
 
     # Deny access to wp-config files and other critical files
-    location ~* ^/(?:wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
-        deny all;
-    }
+    # location ~* ^/(?:wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
+    #     deny all;
+    # }
 
     # Deny access to PHP files in uploads, files, plugins, themes
-    location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {
-        deny all;
-    }
+    # location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {
+    #     deny all;
+    # }
 
     # Deny access to script file types
-    location ~* .(pl|cgi|py|sh|lua|asp)$ {
-        deny all;
-    }
+    # location ~* .(pl|cgi|py|sh|lua|asp)$ {
+    #     deny all;
+    # }
 
     # Block access to wp-content plugin/theme log files
-    location ~* ^/wp-content/(plugins|themes)/.*\.(txt|log|md)$ {
-        deny all;
-    }
+    # location ~* ^/wp-content/(plugins|themes)/.*\.(txt|log|md)$ {
+    #     deny all;
+    # }
 
     # Block common attack patterns
-    location ~* "(eval\(.*\)|base64_encode\(.*\)|\{0\}|phpinfo|self/environ)" {
-        deny all;
-    }
+    # location ~* "(eval\(.*\)|base64_encode\(.*\)|\{0\}|phpinfo|self/environ)" {
+    #     deny all;
+    # }
 
     # Block dangerous file access
-    location ~* "/(thumb|timthumb|config|settings|sqlpatch|webshell|phpinfo)\.php" {
-        deny all;
-    }
+    # location ~* "/(thumb|timthumb|config|settings|sqlpatch|webshell|phpinfo)\.php" {
+    #     deny all;
+    # }
     # End
     #####
 
     # Browser Cache (Enable on Production)
-    ###############
+    #################
     # location ~*.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
     #    expires max;
     #    log_not_found off;
@@ -165,7 +184,7 @@ server {
     #####
 
     # SSL Settings (Enable on Production)
-    ##############
+    #################
     # ssl_protocols TLSv1.2 TLSv1.3;
     # ssl_prefer_server_ciphers on;
     # ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
@@ -178,7 +197,7 @@ server {
     #####
 
     # Security Headers (Enable on Production)
-    ##################
+    #################
     # add_header Content-Security-Policy upgrade-insecure-requests;
     # add_header Permissions-Policy "microphone=(), camera=(), interest-cohort=(), browsing-topics=()";
     # add_header Referrer-Policy no-referrer-when-downgrade;
@@ -190,7 +209,7 @@ server {
     #####
 
     # FastCGI Cache Status Header
-    #############################
+    #################
     add_header NPP-FastCGI-Cache $upstream_cache_status;
-    #############################
+    #################
 }       

phpmyadmin/Dockerfile

@@ -0,0 +1,23 @@
+# Dockerfile for NPP-Optimized WordPress Setup                                     #
+# ----------------------------------------------------------------------------     #
+# Author: [Hasan ÇALIŞIR]                                                          #
+# Purpose: Full-stack Dockerized environment for NPP WordPress plugin, including   #
+#          WordPress, PHP-FPM, Nginx, MySQL, WP-CLI, and necessary PHP extensions. #
+# ----------------------------------------------------------------------------     #
+
+# Here the magic, the rest of it is ordinary
+FROM phpmyadmin:5.2.2-apache
+
+# Install necessary packages
+RUN apt-get update && apt-get install -y \
+    procps \
+    mariadb-client
+
+# Copy the entrypoint script into the container
+COPY phpmyadmin/entrypoint-pma.sh /entrypoint-pma.sh
+
+# Make sure the entrypoint script is executable
+RUN chmod +x /entrypoint-pma.sh
+
+# CMD
+CMD ["/entrypoint-pma.sh", "apache2-foreground"]

phpmyadmin/entrypoint-pma.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+#
+# Copyright (C) 2024 Hasan CALISIR <[email protected]>
+# Distributed under the GNU General Public License, version 2.0.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# SCRIPT DESCRIPTION:
+# -------------------
+# NPP (Nginx Cache Purge & Preload for WordPress) Dockerized entrypoint
+# https://github.com/psaux-it/nginx-fastcgi-cache-purge-and-preload
+# https://wordpress.org/plugins/fastcgi-cache-purge-and-preload-nginx/
+
+set -Eeuo pipefail
+
+# Define color codes
+COLOR_RESET='\033[0m'
+COLOR_GREEN='\033[0;32m'
+COLOR_YELLOW='\033[0;33m'
+COLOR_RED='\033[0;31m'
+COLOR_CYAN='\033[0;36m'
+COLOR_BOLD='\033[1m'
+COLOR_WHITE='\033[0;97m'
+COLOR_BLACK='\033[0;30m'
+COLOR_LIGHT_CYAN='\033[0;96m'
+
+# Check if required environment variables are set
+for var in \
+    WORDPRESS_DB_USER \
+    WORDPRESS_DB_PASSWORD \
+    WORDPRESS_DB_NAME; do
+    if [[ -z "${!var:-}" ]]; then
+        echo -e "${COLOR_RED}${COLOR_BOLD}NPP-WP-FATAL:${COLOR_RESET} Missing required environment variable(s): ${COLOR_LIGHT_CYAN}${var}${COLOR_RESET} - ${COLOR_RED}Exiting...${COLOR_RESET}"
+        exit 1
+    fi
+done
+
+# Wait for the 'wordpress-db' to be ready
+until mysql -h wordpress-db -u"${WORDPRESS_DB_USER}" -p"${WORDPRESS_DB_PASSWORD}" "${WORDPRESS_DB_NAME}" -e "SELECT 1" > /dev/null 2>&1; do
+    echo -e "${COLOR_YELLOW}${COLOR_BOLD}NPP-ADM:${COLOR_RESET} The ${COLOR_LIGHT_CYAN}MySQL database${COLOR_RESET} is not available yet. Retrying..."
+    sleep 6
+done
+echo -e "${COLOR_GREEN}${COLOR_BOLD}NPP-ADM:${COLOR_RESET} The ${COLOR_LIGHT_CYAN}MySQL database${COLOR_RESET} is ready! Proceeding..."
+
+# Start Apache
+exec /docker-entrypoint.sh "$@"