From 4dd5960dbc6f3876052a8ddb771d49e87a747bd6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= <timothee.floure@posteo.net>
Date: Tue, 26 Oct 2021 11:09:15 +0200
Subject: [PATCH] Rewrite wordpress / php types to support multiple instances

---
 .../files/php.ini.sh                          |  0
 .../manifest                                  | 12 ----
 .../parameter/boolean                         |  0
 .../parameter/default/upload-max-filesize     |  0
 .../parameter/optional                        |  1 -
 .../singleton                                 |  0
 .../files/www.conf.sh                         |  7 ++-
 type/__recycledcloud_php_fpm_pool/manifest    | 35 +++++++++++
 .../parameter/optional                        |  2 +
 .../parameter/required                        |  0
 type/__recycledcloud_wordpress/gencode-remote | 45 +++++++++++---
 type/__recycledcloud_wordpress/manifest       | 58 ++++++++++++-------
 .../parameter/default/admin-username          |  1 +
 .../parameter/optional                        |  3 +
 .../parameter/required                        |  5 +-
 type/__recycledcloud_wordpress/singleton      |  0
 16 files changed, 126 insertions(+), 43 deletions(-)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/files/php.ini.sh (100%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/manifest (63%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/parameter/boolean (100%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/parameter/default/upload-max-filesize (100%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/parameter/optional (60%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm}/singleton (100%)
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm_pool}/files/www.conf.sh (99%)
 create mode 100644 type/__recycledcloud_php_fpm_pool/manifest
 create mode 100644 type/__recycledcloud_php_fpm_pool/parameter/optional
 rename type/{__recycledcloud_php => __recycledcloud_php_fpm_pool}/parameter/required (100%)
 create mode 100644 type/__recycledcloud_wordpress/parameter/default/admin-username
 delete mode 100644 type/__recycledcloud_wordpress/singleton

diff --git a/type/__recycledcloud_php/files/php.ini.sh b/type/__recycledcloud_php_fpm/files/php.ini.sh
similarity index 100%
rename from type/__recycledcloud_php/files/php.ini.sh
rename to type/__recycledcloud_php_fpm/files/php.ini.sh
diff --git a/type/__recycledcloud_php/manifest b/type/__recycledcloud_php_fpm/manifest
similarity index 63%
rename from type/__recycledcloud_php/manifest
rename to type/__recycledcloud_php_fpm/manifest
index 1b634a3..9565cf6 100644
--- a/type/__recycledcloud_php/manifest
+++ b/type/__recycledcloud_php_fpm/manifest
@@ -24,24 +24,12 @@ if [ -f "${__object:?}/parameter/enable-opcache" ]; then
 	__package "$opcache_package"
 fi
 
-POOL_USER=$(cat "${__object:?}/parameter/pool-user")
-POOL_GROUP=$(cat "${__object:?}/parameter/pool-group")
-POOL_LISTEN_ADDR=$(cat "${__object:?}/parameter/pool-listen-addr")
-POOL_LISTEN_OWNER=$(cat "${__object:?}/parameter/pool-listen-owner")
-export POOL_USER POOL_GROUP POOL_LISTEN_ADDR POOL_LISTEN_OWNER
-
 UPLOAD_MAX_FILESIZE=$(cat "${__object:?}/parameter/upload-max-filesize")
 export UPLOAD_MAX_FILESIZE
 
 mkdir -p "${__object:?}/files"
-"${__type:?}/files/www.conf.sh" > "${__object:?}/files/www.conf"
 "${__type:?}/files/php.ini.sh" > "${__object:?}/files/php.ini"
 
 require="__package/$package" __file /etc/php7/php.ini\
 	--mode 644 --source "${__object:?}/files/php.ini" \
 	--onchange "service $service restart"
-
-require="__package/$package" __file /etc/php7/php-fpm.d/www.conf \
-	--mode 644 --source "${__object:?}/files/www.conf" \
-	--onchange "service $service restart"
-
diff --git a/type/__recycledcloud_php/parameter/boolean b/type/__recycledcloud_php_fpm/parameter/boolean
similarity index 100%
rename from type/__recycledcloud_php/parameter/boolean
rename to type/__recycledcloud_php_fpm/parameter/boolean
diff --git a/type/__recycledcloud_php/parameter/default/upload-max-filesize b/type/__recycledcloud_php_fpm/parameter/default/upload-max-filesize
similarity index 100%
rename from type/__recycledcloud_php/parameter/default/upload-max-filesize
rename to type/__recycledcloud_php_fpm/parameter/default/upload-max-filesize
diff --git a/type/__recycledcloud_php/parameter/optional b/type/__recycledcloud_php_fpm/parameter/optional
similarity index 60%
rename from type/__recycledcloud_php/parameter/optional
rename to type/__recycledcloud_php_fpm/parameter/optional
index 8f7efc9..473d515 100644
--- a/type/__recycledcloud_php/parameter/optional
+++ b/type/__recycledcloud_php_fpm/parameter/optional
@@ -1,2 +1 @@
-memory-limit
 upload-max-filesize
diff --git a/type/__recycledcloud_php/singleton b/type/__recycledcloud_php_fpm/singleton
similarity index 100%
rename from type/__recycledcloud_php/singleton
rename to type/__recycledcloud_php_fpm/singleton
diff --git a/type/__recycledcloud_php/files/www.conf.sh b/type/__recycledcloud_php_fpm_pool/files/www.conf.sh
similarity index 99%
rename from type/__recycledcloud_php/files/www.conf.sh
rename to type/__recycledcloud_php_fpm_pool/files/www.conf.sh
index afb938e..89e5a39 100755
--- a/type/__recycledcloud_php/files/www.conf.sh
+++ b/type/__recycledcloud_php_fpm_pool/files/www.conf.sh
@@ -4,7 +4,7 @@ cat << EOF
 ; Start a new pool named 'www'.
 ; the variable \$pool can be used in any directive and will be replaced by the
 ; pool name ('www' here)
-[www]
+[$POOL_NAME]
 
 ; Per pool prefix
 ; It only applies on the following directives:
@@ -439,8 +439,13 @@ env[TEMP] = /tmp
 ;php_admin_value[error_log] = /var/log/php7/\$pool.error.log
 ;php_admin_flag[log_errors] = on
 EOF
+
 if [ -f "${__object:?}/parameter/memory-limit" ]; then
 	echo "php_admin_value[memory_limit] = $(cat "$__object/parameter/memory-limit")"
 else
 	echo ";php_admin_value[memory_limit] = 32M"
 fi
+
+if [ -f "${__object:?}/parameter/open-basedir" ]; then
+	echo "php_admin_value[open_basedir] = $(cat "${__object:?}/parameter/open-basedir")"
+fi
diff --git a/type/__recycledcloud_php_fpm_pool/manifest b/type/__recycledcloud_php_fpm_pool/manifest
new file mode 100644
index 0000000..ad2e7d8
--- /dev/null
+++ b/type/__recycledcloud_php_fpm_pool/manifest
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+os=$(cat "${__global:?}/explorer/os")
+name=${__object_id:?}
+
+case "$os" in
+	'alpine')
+		package="php7-fpm"
+		service="php-fpm7"
+		;;
+
+	*)
+		printf "Your operating system (%s) is currently not supported by this type\n" "$os" >&2
+		printf "Please contribute an implementation for it if you can.\n" >&2
+		exit 1
+	;;
+esac
+
+__package "$package"
+require="__package/$package" __service "$service" --action start
+require="__package/$package" __start_on_boot "$service"
+
+POOL_NAME="$name"
+POOL_USER=$(cat "${__object:?}/parameter/pool-user")
+POOL_GROUP=$(cat "${__object:?}/parameter/pool-group")
+POOL_LISTEN_ADDR=$(cat "${__object:?}/parameter/pool-listen-addr")
+POOL_LISTEN_OWNER=$(cat "${__object:?}/parameter/pool-listen-owner")
+export POOL_USER POOL_GROUP POOL_LISTEN_ADDR POOL_LISTEN_OWNER POOL_NAME
+
+mkdir -p "${__object:?}/files"
+"${__type:?}/files/www.conf.sh" > "${__object:?}/files/www.conf"
+
+require="__package/$package" __file "/etc/php7/php-fpm.d/$name.conf" \
+	--mode 644 --source "${__object:?}/files/www.conf" \
+	--onchange "service $service reload"
diff --git a/type/__recycledcloud_php_fpm_pool/parameter/optional b/type/__recycledcloud_php_fpm_pool/parameter/optional
new file mode 100644
index 0000000..7adc0a3
--- /dev/null
+++ b/type/__recycledcloud_php_fpm_pool/parameter/optional
@@ -0,0 +1,2 @@
+memory-limit
+open-basedir
diff --git a/type/__recycledcloud_php/parameter/required b/type/__recycledcloud_php_fpm_pool/parameter/required
similarity index 100%
rename from type/__recycledcloud_php/parameter/required
rename to type/__recycledcloud_php_fpm_pool/parameter/required
diff --git a/type/__recycledcloud_wordpress/gencode-remote b/type/__recycledcloud_wordpress/gencode-remote
index bb09245..d381735 100755
--- a/type/__recycledcloud_wordpress/gencode-remote
+++ b/type/__recycledcloud_wordpress/gencode-remote
@@ -1,13 +1,44 @@
 #!/bin/sh
 
-archive=wordpress.tar.gz
+instance="${__object_id:?}"
+user="$instance"
+group="$instance"
+
+install_dir="/var/www/$instance"
+wp_cli=/usr/local/bin/wp
+
+mysql_database=$instance
+if [ -f "${__object:?}/parameter/mysql-database" ]; then
+	mysql_database=$(cat "${__object:?}/parameter/mysql-database")
+fi
+mysql_user=$instance
+if [ -f "${__object:?}/parameter/mysql-user" ]; then
+	mysql_user=$(cat "${__object:?}/parameter/mysql-user")
+fi
+mysql_password="$(cat "${__object:?}/parameter/mysql-password")"
+
+domain="$(cat "${__object:?}/parameter/domain")"
+url="https://$domain/"
+
+admin_username="$(cat "${__object:?}/parameter/admin-username")"
+admin_password="$(cat "${__object:?}/parameter/admin-password")"
+admin_email="$(cat "${__object:?}/parameter/admin-email")"
 
 cat << EOF
-if [ ! -f /var/www/wordpress ]; then
-	cd /var/www
-	curl https://wordpress.org/latest.tar.gz -o $archive
-	tar xf $archive
-	rm $archive
-	chown -R wordpress:wordpress wordpress
+if [ ! -d "$install_dir" ]; then
+	mkdir -p "$install_dir"
+	chown -R $user:$group "$install_dir"
+	cd "$install_dir"
+	sudo -u $user $wp_cli core download
+	sudo -u $user $wp_cli config create \
+		--dbname="$mysql_database" \
+		--dbuser="$mysql_user" \
+		--dbpass="$mysql_password"
+	sudo -u $user $wp_cli core install \
+		--url="$url" \
+		--title="$instance" \
+		--admin_user="$admin_username" \
+		--admin_password="$admin_password" \
+		--admin_email="$admin_email"
 fi
 EOF
diff --git a/type/__recycledcloud_wordpress/manifest b/type/__recycledcloud_wordpress/manifest
index c709aa1..679bb90 100644
--- a/type/__recycledcloud_wordpress/manifest
+++ b/type/__recycledcloud_wordpress/manifest
@@ -1,36 +1,46 @@
 #!/bin/sh
 
-# TODO: set max upload size in PHP configuration (php.ini).
-
 os=$(cat "${__global:?}/explorer/os")
+instance="${__object_id:?}"
+user=$instance
+group=$user
 if [ "$os" != "alpine" ]; then
 	echo "This type is expected to run on Alpine Linux, not $os. Exiting." >&2
 	exit 1
 fi
 
 # Type parameters.
-mysql_password="$(cat "${__object:?}/parameter/mysql-password")"
-nginx_domain="$(cat "${__object:?}/parameter/nginx-domain")"
+nginx_domain="$(cat "${__object:?}/parameter/domain")"
 
 altdomains=
-while read -r altdomain;
-do
-	altdomains="--altdomain $altdomain $altdomains"
-done < "${__object:?}/parameter/altdomains"
+if [ -f "${__object:?}/parameter/altdomains" ]; then
+	while read -r altdomain;
+	do
+		altdomains="--altdomain $altdomain $altdomains"
+	done < "${__object:?}/parameter/altdomains"
+fi
 
 max_upload_size=100M
-php_fpm_socket=/run/php-fpm7/php-fpm.sock
+php_fpm_socket="/run/php-fpm7/php-fpm-$instance.sock"
 
-# Wordpress user.
-__user wordpress --home /var/www/wordpress
+# Wordpress CLI management tool.
+__wp_cli
+
+# Wordpress user & group.
+homedir="/var/www/$instance"
+__user "$user" --home "$homedir"
 
 # Basic PHP FPM setup + Wordpress dependencies.
-require="__user/wordpress" __recycledcloud_php \
-	--pool-user wordpress \
-	--pool-group wordpress \
-	--pool-listen-addr $php_fpm_socket \
+__recycledcloud_php_fpm \
+	--upload-max-filesize $max_upload_size \
+	--enable-opcache
+require="__user/$user __recycledcloud_php_fpm" __recycledcloud_php_fpm_pool "$instance" \
+	--pool-user "$user" \
+	--pool-group "$group" \
+	--pool-listen-addr "$php_fpm_socket" \
 	--pool-listen-owner nginx \
-	--upload-max-filesize $max_upload_size
+	--memory-limit 128M \
+	--open-basedir "/var/www/$instance:/tmp"
 
 wordpress_dependencies="php7-fpm php7-iconv php7-json php7-gd php7-curl \
 	php7-xml php7-mysqli php7-imap php7-cgi php7-pdo php7-pdo_mysql php7-soap \
@@ -42,17 +52,23 @@ do
 	__package "$dependency"
 done
 
-# MySQL/MariaDB database
-__recycledcloud_mysql
-require="__recycledcloud_mysql" __mysql_database wordpress \
-	--user wordpress --password "$mysql_password"
+# Daily database backup/export.
+require="__user/$user" __cron "$instance-db-export" \
+	--user "$user" \
+	--command "/usr/local/bin/wp db export" \
+	--minute 0 \
+	--hour 2
+
+require="__user/$user" __cron "$instance-db-export-cleanup" \
+	--user "$user" \
+	--command "find *.sql -maxdepth 1 -mtime +5 -delete"
 
 # NGINX vhost for wordpress hosting.
 # shellcheck disable=SC2086
 __nginx "$nginx_domain" \
 	$altdomains \
 	--config - <<- EOF
-		root /var/www/wordpress;
+		root "$homedir";
 		index index.php;
 		client_max_body_size $max_upload_size;
 		
diff --git a/type/__recycledcloud_wordpress/parameter/default/admin-username b/type/__recycledcloud_wordpress/parameter/default/admin-username
new file mode 100644
index 0000000..7fbe952
--- /dev/null
+++ b/type/__recycledcloud_wordpress/parameter/default/admin-username
@@ -0,0 +1 @@
+admin
diff --git a/type/__recycledcloud_wordpress/parameter/optional b/type/__recycledcloud_wordpress/parameter/optional
index d3ebd88..570fdd5 100644
--- a/type/__recycledcloud_wordpress/parameter/optional
+++ b/type/__recycledcloud_wordpress/parameter/optional
@@ -1 +1,4 @@
 altdomains
+mysql-user
+mysql-databse
+admin-username
diff --git a/type/__recycledcloud_wordpress/parameter/required b/type/__recycledcloud_wordpress/parameter/required
index 449bebf..e3e3f57 100644
--- a/type/__recycledcloud_wordpress/parameter/required
+++ b/type/__recycledcloud_wordpress/parameter/required
@@ -1,2 +1,5 @@
-nginx-domain
+domain
 mysql-password
+admin-password
+admin-email
+
diff --git a/type/__recycledcloud_wordpress/singleton b/type/__recycledcloud_wordpress/singleton
deleted file mode 100644
index e69de29..0000000