Wordpress standalone stack using ansible and docker
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Mike Holloway e82e9ff831 Change default host back to equilibrateit.com 4 months ago
ansible/playbooks Change default host back to equilibrateit.com 4 months ago
tofu podman-wordpress role created 4 months ago
.gitignore podman-wordpress role created 4 months ago
README.md README.md - Step explanation update. 4 months ago

README.md

EquilibrateIT.com

A containerized Wordpress, MySQL stack using this official upstream project Dockerfile

Environment Variables

MySQL

  • MYSQL_ROOT_PASSWORD
    • The password for the MySQL root database user
  • MYSQL_DATABASE
    • The name of the MySQL database to be created
  • MYSQL_USER
    • The name of the MySQL user to be created. Usually for web application db clients.
  • MYSQL_PASSWORD
    • The password for the above user. Best to store this encrypted at rest, via either LUKS or secret management software.

Wordpress

  • WORDPRESS_DB_NAME
    • The name of the database to be used by the Wordpress db client connection. Should match the MYSQL_DATABASE variable unless otherwise customized.
  • WORDPRESS_DB_HOST
    • Should match the docker-compose.yml service name so as to be properly resolved via the container name service of choice.
  • WORDPRESS_DB_USER
    • The name of the MySQL user created for the wordpress client to use.
  • WORDPRESS_DB_PASSWORD
    • The password for the above user. Best to store this encrypted at rest, via either LUKS or secret management software.

Files


docker-compose.yml

To Do
  • Automate installation of letsencrypt account for equilibrateit.{ca,com}
  • Renew cert, copy cert to build context, build container, delete cert
  • mysql 8.1
  • Investigate php-fpm arch?

2 services (MySQL and Wordpress/apache) and 1 ad-hoc service (wp cli in webroot volume).


ansible/playbooks/equilibrateit.yml

Roles:

  • podman-host for container host platform
  • repo-epel for certbot dependency
  • certbot for site ssl cert

Tasks:

  • Two firewalld rich rules, forwarding 80,443 to 8080,4443 rootless container ports