Wordpress install with Docker doesn't work - wordpress

I'm completely beginner with Docker and I'm trying to install wordpress (without database) from a base ubuntu 20.04 image with docker. I'm using apache server for this.
Here is my wordpress2_ms.dockerfile:
FROM ubuntu:20.04 as baseimage
SHELL ["/bin/bash", "-c"]
ARG DEBIAN_FRONTEND=noninteractive
RUN apt update && apt install -y wget tar curl sudo systemctl
RUN apt install -y php libapache2-mod-php
RUN wget -c http://wordpress.org/latest.tar.gz
RUN tar xzvf latest.tar.gz -C /var/www/html
RUN sudo chown -R www-data.www-data /var/www/html/wordpress
FROM baseimage as wordpressapp
COPY wordpress.conf /etc/apache2/sites-available/
WORKDIR /etc/apache2/sites-available
RUN sudo a2ensite wordpress.conf
RUN sudo a2dissite 000-default.conf
RUN sudo systemctl reload apache2
EXPOSE 80
For this, we have to place a context folder beside this wordpress2_ms.dockerfile, and inside this context folder we need the following wordpress.conf file:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port t$
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/wordpress
ServerName localhost
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
The building command: sudo docker build -t wordpress:1.0 -f ./wordpress2_ms.dockerfile --target wordpressapp ./context/
The run command: sudo docker run -td --name wordpress_cont -p 8081:80 wordpress:1.0
After the run command I get the log that the wordpress has started at port 80 of the container, but nothing is happening at 8081 port of my host machine.
I would appreciate any help. Thanks in advance!

Related

ERROR: Could not find a profile matching 'Nginx Full'

I have installed latest version of nginx.It is is installed succefully.
But getting error while typing the below command.
sudo ufw allow 'Nginx Full'
Error:ERROR: Could not find a profile matching 'Nginx Full'
sudo ufw app list
showing only
Available applications:
OpenSSH
How to add the application.
Nginx Full
Nginx HTTP
Nginx HTTPS
OpenSSH
I have installed two times nginx server
Error:ERROR: Could not find a profile matching 'Nginx Full'
Ubuntu (18.04)
You can see which apps are available by running this command:
ufw app list
Ports:
HTTP - 80
HTTPS - 443
Simple way to add them to UFW:
ufw allow 80,443/tcp
If you are wanting to accomplish this via application you will need to create the application ini file within /etc/ufw/applications.d
Example:
vi /etc/ufw/applications.d/nginx.ini
Place this inside file
[Nginx HTTP]
title=Web Server
description=Enable NGINX HTTP traffic
ports=80/tcp
[Nginx HTTPS] \
title=Web Server (HTTPS) \
description=Enable NGINX HTTPS traffic
ports=443/tcp
[Nginx Full]
title=Web Server (HTTP,HTTPS)
description=Enable NGINX HTTP and HTTPS traffic
ports=80,443/tcp
Then type this commands
ufw app update nginx
ufw app info 'Nginx HTTP'
ufw allow 'Nginx HTTP'
I had the same problem.. turned out Nginx was not installed due to some reason.
So it showed only OpenSSH by doing
sudo ufw app list
I got to this when I tried to uninstall Nginx using the command
sudo apt-get remove nginx
The output showed something like this:
Package 'nginx' is not installed, so not removed
Now you have to try installing Nginx again using commands
sudo apt update
sudo apt install nginx
sudo ufw app list
now the options will be available
// Check to see
Available applications:
Nginx Full
Nginx HTTP
Nginx HTTPS
OpenSSH
Now allow HTTP port using the command:
sudo ufw allow 'Nginx HTTP'
And finally run this command:
sudo ufw enable
Now hit the URL in browser it will show Nginx default page.
ERROR: Could not find a profile matching 'OpenSSH', Then install first ssh by given command
sudo apt-get install ssh
After installing package add the OpenSSH allow
sudo ufw allow OpenSSH
sudo ufw status
Tested
Happened to me after installing using the official site's instructions for Ubuntu
Simply install as this (after removing if already installed)
sudo apt-get remove nginx
sudo apt install nginx

In vagrant can not access to the default keystone site with nginx

The vagrant server I configure with the following script still serve the default nginx page instead of the default keystone page.
Here the scripts I use:
The vagrant file:
Vagrant.configure("2") do |config|
config.vm.box = "centos/7"
config.vm.network "private_network", ip: "192.168.1.10"
config.vm.provider "virtualbox" do |vb|
config.vm.provision "file", source: "mongodb-org-3.2.repo", destination: "~/mongodb-org-3.2.repo"
config.vm.provision "shell", path: "provision.sh"
end
The provision file:
sudo yum -y update
sudo hostnamectl set-hostname melanie
echo "given hostname :"
hostnamectl status --static
echo -e "\e[1;34m
***************************************************
add host names
***************************************************"
sudo cp /etc/hosts /etc/hosts.origin
echo "192.168.1.10 melanie.misite.com melanie" | sudo tee -a /etc/hosts > /dev/null
echo -e "\e[1;34mIP, FQDN and Server name setted in /etc/hosts:"
cat /etc/hosts
echo -e "\e[1;34m
***************************************************
set timezone
***************************************************"
sudo timedatectl set-timezone America/Guayaquil
echo -e "\e[1;34msetted time zone:"
timedatectl | grep "Time zone"
echo -e "\e[1;34m
***************************************************
add automatic security update
***************************************************"
sudo yum -y install yum-cron
sudo sed -i.bak 's/.*update_cmd =.*/update_cmd = security/' /etc/yum/yum-cron.conf
sudo sed -i.bak 's/.*apply_updates =.*/apply_updates = yes/' /etc/yum/yum-cron.conf
sudo sed -n /update_cmd/p /etc/yum/yum-cron.conf
sudo sed -n /apply_updates/p /etc/yum/yum-cron.conf
sudo systemctl status yum-cron
sudo systemctl start yum-cron
echo -e "\e[1;34m
***************************************************
create limited user account
***************************************************"
sudo useradd me
sudo echo me:admin | chpasswd
echo -e "\e[1;34m
***************************************************
SSH Dameon Options
***************************************************"
sudo sed -i.bak 's/.*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
echo yum-cron.conf modified parameters:
sudo sed -n /PermitRootLogin/p /etc/ssh/sshd_config
systemctl restart sshd
echo -e "\e[1;34m
***************************************************
installing fail2ban
***************************************************"
sleep 15 #put sleep hoping it will help to fail2ban to be installed => do not work
sudo yum -y install fail2ban
sudo yum -y install sendmail
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
systemctl start sendmail
systemctl enable sendmail
cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sed 's/.*backend =*/backend = systemd./' /etc/fail2ban/jail.local
echo -e "\e[1;34m
***************************************************
installing nginx
***************************************************"
sudo yum -y install epel-release
sudo yum -y install nginx
sudo systemctl start nginx
echo -e "\e[1;34m
***************************************************
configure nginx
***************************************************"
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup
sudo mkdir /etc/nginx/sites-available
sudo mkdir /etc/nginx/sites-enabled
sudo mkdir /var/www/misite.com/logs
sudo cp /home/vagrant/misite.conf /home/vagrant/misite.com
sudo mv /home/vagrant/misite.com /etc/nginx/sites-available > /dev/null
sudo ln -s /etc/nginx/sites-available/misite.com /etc/nginx/sites-enabled
sudo rm -rf /etc/nginx/sites-available/default
sudo chown -R nginx:nginx /var/www
sudo service nginx restart > /dev/null
echo -e "\e[1;34m
***************************************************
installing nodejs
***************************************************"
sudo yum -y install npm
sudo yum -y install nodejs
node --version
echo -e "\e[1;34m
***************************************************
installing mongoDB
***************************************************"
sudo mv /home/vagrant/mongodb-org-3.2.repo /etc/yum.repos.d/mongodb-org-3.2.repo
sudo yum -y install mongodb-org
systemctl start mongod
systemctl status mongod
echo -e "\e[1;34m
***************************************************
installing keystone
***************************************************"
sudo npm install -g yo
sudo mkdir /var/www
sudo mkdir /var/www/misite.com
cd /var/www/misite.com
sudo npm install -g generator-keystone
sudo chown -R vagrant:vagrant /var/www/
The nginx server conf file (/etc/nginx/sites-available/misite.com):
Here the keystone site should be redirect to the port 80 of the vagrant server (I think the mistake is in this file but can not see where)
# IP which nodejs is running on
upstream app_misite.com {
server 0.0.0.0:3000;
}
# nginx server instance
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
access_log /var/www/misite.com/logs/access.log;
error_log /var/www/misite.com/logs/error.log;
location / {
root /var/www/misite.com;
index index.html index.htm;
try_files $uri $uri/ #node;
}
location #node {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://app_misite.com;
}
}
I also remove the default keyword from the /etc/nginx/nginx.conf
Then:
vagrant ssh
[vagrant#melanie ~]$cd /var/www/misite.com
[vagrant#melanie misite.com]$ yo keystone
[vagrant#melanie misite.com]$ node keystone
And I have keystone js running:
------------------------------------------------
KeystoneJS Started:
My Site is ready on http://0.0.0.0:3000
------------------------------------------------
But still see the default nginx page from http://192.168.1.10/
Any help will be appreciate.
Disclaimer: I'm not familiar with Nginx, I'm trying to see if it may be settings with Keystone that are affecting the port it is running on versus Nginx.
Keystone defaults to port 3000 (more specifically, process.env.PORT || 3000), unless you specify another one. If you can set the environment variable of port to whatever value you want (80 in this case), that should make it work on http://192.168.1.10:80/.
process.env.PORT = 3000
Looking at your nginx server conf file also shows this:
upstream app_misite.com {
server 0.0.0.0:3000;
}
Try changing :3000 to :80.
I think you have cupple of issues :
nginx installed on centos has a default nginx.conf file with a server directive so you cannot override this directive in your config misite file.
You need to remove the server default declaration in /etc/nginx/nginx.conf file or you can just use your provisioning script to copy a new default conf file without server declaration
I am also not even sure if the default file has an include directive on sites-available directory (look if you have include /etc/nginx/sites-enabled/*; in your conf file)
when you create the keystone app, it does not contain the /var/www/misite.com/logs/ directory and log file, I do not see you create them in your script so nginx will fail on this (btw you can create a directory structure with mkdir -pv single command)
The keystone app you created is owned by vagrant. Make sure vagrant is added to nginx group otherwise you might get a Forbidden exception when accessing your site
can help on centos if you dont want to fight with SELinux, just disabled it on a dev instance. edit the /etc/sysconfig/selinux and just set SELINUX=disabled

Cannot login with wp-cli generated user wordpress behind reverse proxy

Hello fellows I have made a custom wordpress image located there: https://github.com/ellakcy/wordpressWithPlugins
And on entrypoint script I am using wp-cli in order to generate a custom user in order to preinstall plugins. But I cannot login to the control panel with the generated user from wp-cli.
Do you have any Idea how to fix it?
The entrypoint of the script is the following: https://github.com/ellakcy/wordpressWithPlugins/blob/master/docker-entrypoint.sh
I run the containers with these commands: (for development purpose)
docker run --name wpdb -e MYSQL_ROOT_PASSWORD=1234 -d mariadb
docker run --name mywordpress --link wpdb:mysql -p 8080:80 -ti wp
And I am using apache as reverse proxy in order to access the wordpress running in the mywordpress container:
<VirtualHost *:80>
ProxyPass / http://172.17.0.3/
ProxyPassReverse http://172.17.0.3/ /
</Virtualhost>
(In place of 172.17.0.3 can be the ip of the container running the wordpress)
Edit 1
I managed to login by setting up a network:
docker network create --subnet="172.19.0.0/16" wordpress_default
And setting the custom ips to the coontainers. (Also I set some Enviromental variables too.)
RUN MYSQL/MARIADB
docker run --name wpdb --net wordpress_default --ip 172.19.0.2 -e MYSQL_ROOT_PASSWORD=1234 -d mariadb
run wordpress docker with some extra enviiromental variables
docker run --name mywordpress --net wordpress_default --ip 172.19.0.3 --link wpdb:mysql -e WORDPRESS_ADMIN_PASSWORD=1234 -e WORDPRESS_ADMIN_EMAIL=pc_magas#openmailbox.org -e WORDPRESS_URL=172.19.0.3 -p 8080:80 -ti wp
And visiting the wordpress site via the ip given oon the second coommand. But I still have problems with the local apache running as reverse proxy.
In the end just manually setting the machine's ip as url works like a charm.
docker run --name wpdb --net wordpress_default --ip 172.19.0.2 -e MYSQL_ROOT_PASSWORD=1234 -d mariadb
run wordpress docker with some extra enviiromental variables
docker run --name mywordpress --net wordpress_default --ip 172.19.0.3 --link wpdb:mysql -e WORDPRESS_ADMIN_PASSWORD=1234 -e WORDPRESS_ADMIN_EMAIL=pc_magas#openmailbox.org -e WORDPRESS_URL=172.19.0.3 -p 8080:80 -ti wp
All I had to do wat to set the following vhost to my apache:
<VirtualHost *:80>
RequestHeader set X-Forwarded-Proto "http"
ProxyPass / http://172.19.0.3/
ProxyPassReverse http://172.19.0.3/ /
</Virtualhost>
(Perhaps for production may need some changes)

How to change the nginx process user of the official docker image nginx?

I'm using Docker Hub's official nginx image:
https://hub.docker.com/_/nginx/
The user of nginx (as defined in /etc/nginx/nginx.conf) is nginx. Is there a way to make nginx run as www-data without having to extend the docker image? The reason for this is, I have a shared volume, that is used by multiple containers - php-fpm that I'm running as www-data and nginx. The owner of the files/directories in the shared volume is www-data:www-data and nginx has trouble accessing that - errors similar to *1 stat() "/app/frontend/web/" failed (13: Permission denied)
I have a docker-compose.yml and run all my containers, including the nginx one with docker-compose up.
...
nginx:
image: nginx:latest
ports:
- "80:80"
volumes:
- ./:/app
- ./vhost.conf:/etc/nginx/conf.d/vhost.conf
links:
- fpm
...
FYI
It is problem of php-fpm image
It is not about usernames, it is about www-data user ID
What to do
Fix your php-fpm container and don't break good nginx container.
Solutions
Here is mine post with solution for docker-compose (nginx +
php-fpm(alpine)): https://stackoverflow.com/a/36130772/1032085
Here is mine post with solution for php-fpm(debian) container:
https://stackoverflow.com/a/36642679/1032085
Solution for Official php-fpm image. Create Dockerfile:
FROM php:5.6-fpm
RUN usermod -u 1000 www-data
I know the OP asked for a solution that doesn't extend the nginx image, but I've landed here without that constraint. So I've made this Dockerfile to run nginx as www-data:www-data (33:33) :
FROM nginx:1.17
# Customization of the nginx user and group ids in the image. It's 101:101 in
# the base image. Here we use 33 which is the user id and group id for www-data
# on Ubuntu, Debian, etc.
ARG nginx_uid=33
ARG nginx_gid=33
# The worker processes in the nginx image run as the user nginx with group
# nginx. This is where we override their respective uid and guid to something
# else that lines up better with file permissions.
# The -o switch allows reusing an existing user id
RUN usermod -u $nginx_uid -o nginx && groupmod -g $nginx_gid -o nginx
It accepts a uid and gid on the command line during image build. To make an nginx image that runs as your current user id and group id for example:
docker build --build-arg nginx_uid=$(id -u) nginx_uid=$(id -g) .
The nginx user and group ids are currently hardcoded to 101:101 in the image.
Another option is to grab the source from https://github.com/nginxinc/docker-nginx and change the docker file to support build args Ex: of changing the stable Dockerfile of buser release (https://github.com/nginxinc/docker-nginx/blob/master/stable/buster/Dockerfile). to have the nginx user/group uid/gid set as build args
FROM debian:buster-slim
LABEL maintainer="NGINX Docker Maintainers <docker-maint#nginx.com>"
ENV NGINX_VERSION 1.18.0
ENV NJS_VERSION 0.4.3
ENV PKG_RELEASE 1~buster
#Change NGNIX guid/uid#
ARG nginx_guid=101
ARG nginx_uid=101
RUN set -x \
# create nginx user/group first, to be consistent throughout docker variants
&& addgroup --system --gid $nginx_guid nginx \
&& adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid $nginx_uid nginx \
This way is safer than just doing usermod since if something is done in other places like
chown nginx:nginx it will use the GUID/UID set

hosting an mvc app within vagrant

Maybe it's just because it's a Friday and it's after closing time but I've been stuck on this for an hour and can't quite get it working. I'm using Vagrant with an application we're building - the git repo contains the Vagrantfile and a Laravel application. We have /deploy, /tests, and /src directories; the actual Laravel framework lives in /src. On my local machine, I have set up a VirtualHost that let's me access the application by browsing to localhost:9000:
Listen 8081
<VirtualHost *:8081>
DocumentRoot "/Application/mamp/apache2/htdocs/myapp/src/public"
ServerName localhost
<Directory "/Application/mamp/apache2/htdocs/myapp/src/public">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Works like a charm. So I copied the relevant bits to my Vagrant setup:
Listen 8081
<VirtualHost *:8081>
DocumentRoot "/var/www/src/public"
ServerName localhost
<Directory "/var/www/src/public">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
My Vagrantfile looks like this:
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "hashicorp/precise64"
config.vm.provision :shell, :path => "vagrant/main.sh"
config.vm.network "private_network", ip: "192.168.100.101", virtualbox__intnet: true
end
And my vagrant/main.sh file looks like this:
#!/usr/bin/env bash
apt-get update
echo mysql-server-5.5 mysql-server/root_password password notthepassword | debconf-set-selections
echo mysql-server-5.5 mysql-server/root_password_again password notthepassword | debconf-set-selections
apt-get install -y mysql-common mysql-server mysql-client
apt-get install -y apache2
apt-get install -y php5 libapache2-mod-php5
apt-get install -y php5-mysql php5-curl php-pear php5-imagick php5-mcrypt php5-memcache
apt-get install -y vim
a2enmod rewrite
sed -i -e 's/AllowOverride None/AllowOverride All/g' /etc/apache2/sites-available/default
cp /vagrant/vagrant/bgs /etc/apache2/sites-available
a2ensite bgs
/etc/init.d/apache2 restart
rm -rf /var/www
ln -fs /vagrant /var/www
Once it's all up and running I can ping 192.168.100.101. But it's not serving any HTML - if I browse to that address in Chrome, I get a "no data received" error. If I go to 192.168.100.101:8081 Chrome says it can't find the address. How can I configure everything to play nice together and let me clone my repo, run vagrant up, and browse to 192.168.100.101:8081 and see my app?
(Also: I even added a port forwarding line in there to go from guest:8081 to host:8081. That generated an HTTP 500 error ("The server encountered an internal error or misconfiguration and was unable to complete your request."). Not sure if that's progress or not.
Turns out there was a number of things happening all at once:
I was using Ubuntu 12 LTS, which had a version of PHP a little to old to run the edge release of Laravel. Installing an upgraded version of PHP fixed that.
The virtualbox__intnet directive was...wrong. Somehow. Changed that whole Vagrantfile line to: config.vm.network "private_network", :ip => "192.168.100.101", :auto_network => true
The different ports, mucking about in the various symlinked directories vs. apache config directories...needlessly complicated.
Here's my final setup, in case anyone else has this exact, specific problem:
Vagrantfile:
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "puppetlabs/ubuntu-13.10-64-puppet"
config.vm.provision :shell, :path => "vagrant/main.sh"
config.vm.network "private_network", :ip => "192.168.100.101", :auto_network => true
end
main.sh:
#!/usr/bin/env bash
apt-get update
echo mysql-server-5.5 mysql-server/root_password password f6b6rWixbu99CtQ | debconf-set-selections
echo mysql-server-5.5 mysql-server/root_password_again password f6b6rWixbu99CtQ | debconf-set-selections
apt-get install -y mysql-common mysql-server mysql-client apache2 php5 libapache2-mod-php5 php5-mysql php5-curl php-pear php5-imagick php5-mcrypt php5-memcache php5-json
a2enmod rewrite
sed -i -e 's/AllowOverride None/AllowOverride All/g' /etc/apache2/sites-available/default
cp /vagrant/vagrant/app.conf /etc/apache2/sites-available
a2ensite app.conf
#fix for ubuntu 13.10: http://stackoverflow.com/questions/19446679/mcrypt-not-present-after-ubuntu-upgrade-to-13-10
ln -s /etc/php5/conf.d/mcrypt.ini /etc/php5/mods-available/mcrypt.ini
php5enmod mcrypt
#/fix
#json licensing snafu: http://stackoverflow.com/questions/18239405/php-fatal-error-call-to-undefined-function-json-decode
php5enmod json
#/snafu
#may need to be done on the host OS, not the guest: http://stackoverflow.com/questions/17954625/services-json-failed-to-open-stream-permission-denied-in-laravel-4
chmod -R 0777 /vagrant/src/app/storage
rm -rf /var/www
ln -fs /vagrant/src/public /var/www
/etc/init.d/apache2 restart
Apache site configuration copied in:
<VirtualHost *:80>
DocumentRoot "/var/www"
ServerName localhost
<Directory "/var/www">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
(BTW, though this config looks very similar to the default apache configuration, I found it was easier and more extensible to create a config for whatever project I happen to be working on, and if I need to expand on the options for a future project, I can.)

Resources