worker: Added initial files

worker/wp.sh

@@ -0,0 +1,129 @@
+#!/bin/bash
+# This script is used to install WordPress on your Linux server.
+# It will install it in a docker container.
+# Then it will create an NGINX reverse proxy to the container.
+
+# USAGE:
+# ./wp.sh [domain] [port offset]
+# [domain] is the domain name you want to use for your WordPress site (e.g. docker.freeconcept)
+# [port offset] is the offset you want to use for the port numbers.
+# This is used if you want to run multiple instances of WordPress on the same server. (e.g. 0, 1, 2, 3, etc.)
+
+
+# Variables
+# Set the domain name
+
+if [ -z "$1" ]
+then
+    echo "Please enter a domain name as the first argument."
+    exit 1
+fi
+
+DOMAIN="$1"
+echo "Setting up on domain name: $DOMAIN"
+
+# Set port offset
+# This is used to offset the port numbers so you can run multiple instances of WordPress on the same server.
+if [ -z "$2" ]
+then
+    PORT_OFFSET=0
+else
+    PORT_OFFSET="$2"
+fi
+
+mkdir wordpress-$DOMAIN
+cd wordpress-$DOMAIN
+
+# Generate passwords
+MYSQL_ROOT_PASSWORD=$(openssl rand -base64 32)
+MYSQL_PASSWORD=$(openssl rand -base64 32)
+
+# Create port numbers
+WORDPRESS_PORT=$((8000 + $PORT_OFFSET))
+
+# Create the docker config file
+echo """
+version: \"3\"
+services:
+  ${DOMAIN}db:
+    image: mysql:5.7
+    restart: always
+    environment:
+      MYSQL_ROOT_PASSWORD: $MYSQL_ROOT_PASSWORD
+      MYSQL_DATABASE: WordPressDatabase
+      MYSQL_USER: WordPressUser
+      MYSQL_PASSWORD: $MYSQL_PASSWORD
+  wordpress:
+    depends_on:
+      - ${DOMAIN}db
+    image: wordpress:latest
+    restart: always
+    ports:
+      - \"${WORDPRESS_PORT}:80\"
+    environment:
+      WORDPRESS_DB_HOST: ${DOMAIN}db:3306
+      WORDPRESS_DB_USER: WordPressUser
+      WORDPRESS_DB_PASSWORD: $MYSQL_PASSWORD
+      WORDPRESS_DB_NAME: WordPressDatabase
+    volumes:
+      [\"./:/var/www/html\"]
+volumes:
+  mysql: {}
+""" > docker-compose.yml
+
+# Start the containers
+docker-compose up -d
+
+# Create the NGINX
+sudo apt install nginx -y
+
+URL="http://localhost:$WORDPRESS_PORT"
+
+# Setup NGINX config
+printf "server {
+  listen 80;
+  listen [::]:80;
+  server_name $DOMAIN *.$DOMAIN;
+  proxy_ssl_server_name on;
+  location / {
+    proxy_set_header X-Real-IP \$remote_addr;
+    proxy_set_header Host \$http_host;
+    proxy_set_header X-Forwarded-Host \$http_host;
+    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto \$scheme;
+
+    proxy_pass $URL;
+    }
+
+    listen 443 ssl;
+    ssl_certificate /etc/ssl/$DOMAIN.crt;
+    ssl_certificate_key /etc/ssl/$DOMAIN.key;
+}" > /etc/nginx/sites-available/$DOMAIN
+sudo ln -s /etc/nginx/sites-available/$DOMAIN /etc/nginx/sites-enabled/$DOMAIN
+
+#generate ssl certificate
+openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes \
+  -keyout cert.key -out cert.crt -extensions ext  -config \
+  <(echo "[req]";
+    echo distinguished_name=req;
+    echo "[ext]";
+    echo "keyUsage=critical,digitalSignature,keyEncipherment";
+    echo "extendedKeyUsage=serverAuth";
+    echo "basicConstraints=critical,CA:FALSE";
+    echo "subjectAltName=DNS:$DOMAIN,DNS:*.$DOMAIN";
+    ) -subj "/CN=*.$DOMAIN"
+
+# Print TLSA record and store in file in case of lost output
+echo "Add this TLSA Record to your DNS:"
+echo -n "3 1 1 " && openssl x509 -in cert.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | xxd  -p -u -c 32
+
+# Save TLSA to file
+echo "Add this TLSA Record to your DNS:" > tlsa.txt
+echo -n "3 1 1 " >> tlsa.txt
+echo -n "" && openssl x509 -in cert.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | xxd  -p -u -c 32 >> tlsa.txt
+
+sudo mv cert.key /etc/ssl/$DOMAIN.key
+sudo mv cert.crt /etc/ssl/$DOMAIN.crt
+
+# Restart to apply config file
+sudo systemctl restart nginx