feat: removed wordpress

2025-07-03 09:49:45 +02:00 · 2025-07-03 09:49:45 +02:00 · 491c637117
commit 491c637117
parent 2939d619b8
8 changed files with 0 additions and 237 deletions
--- a/group_vars/all/containers.yml
+++ b/group_vars/all/containers.yml
@ -34,15 +34,6 @@ docker:
      port: 3080 
      user: 1003 
      url: pw.mgutzeit.de
    wordpress:
      name: WP_app
      db_name: WP_db
      web_name: WP_webserver
      image: wordpress:6.7.1-fpm-alpine
      db_image: mysql:8.4
      port: 5080
      user: 33
      url: wordpress.mgutzeit.de
  files:
    extra_dirs:
@ -53,8 +44,6 @@ docker:
      - nextcloud/app
      - vaultwarden/vw-data
      - vaultwarden/vw-rclone-data/rclone
      - wordpress/nginx-conf
      - wordpress/only-nginx-conf
    conf_files:
      #
@ -72,7 +61,6 @@ docker:
      - name: nextcloud
      - name: jellyfin
      - name: vaultwarden
      - name: wordpress
      #
      # andere Dateien
@ -107,28 +95,4 @@ docker:
        mode: "0600"
        name: vaultwarden
        force: no
      - src: wordpress/nginx-conf/nginx.conf
        dest: /opt/docker/wordpress/nginx-conf/nginx.conf 
        user: 33
        name: wordpress
      - src: wordpress/nginx-conf/options-ssl-nginx.conf
        dest: /opt/docker/wordpress/nginx-conf/options-ssl-nginx.conf
        user: 33
        name: wordpress
      - src: wordpress/only-nginx-conf/nginx.conf
        dest: /opt/docker/wordpress/only-nginx-conf/nginx.conf 
        user: 33
        name: wordpress
      - src: wordpress/only-nginx-conf/options-ssl-nginx.conf
        dest: /opt/docker/wordpress/only-nginx-conf/options-ssl-nginx.conf 
        user: 33
        name: wordpress
      - src: wordpress/.dockerignore
        dest: /opt/docker/wordpress/.dockerignore
        user: 33
        name: wordpress
      - src: wordpress/.env.crypt 
        dest: /opt/docker/wordpress/.env
        user: 33
        name: wordpress
--- a/roles/docker/templates/wordpress/.dockerignore
+++ b/roles/docker/templates/wordpress/.dockerignore
@ -1 +0,0 @@
 .env
--- a/roles/docker/templates/wordpress/.env.crypt
+++ b/roles/docker/templates/wordpress/.env.crypt
@ -1,10 +0,0 @@
 $ANSIBLE_VAULT;1.1;AES256
 31616238636234396338363165646236643064326666356232326233376161343465663065333534
 3437346562636537323362623763666662363632326163340a643233643339666437613061316562
 34346631656239326466316334663334656538623130386465386332393631636336373063353439
 6436376635663566610a663532653032353865336636623662383937306532643231316563636430
 37663232633463613430323934316439303537346563343265303638376664313561643139393463
 63643363303331393632623961613032366431386333363934633361313937363965316564373764
 64313565636563313362653066366630623966313334363764303833666333333264383637633466
 65346339323231613563386632373162343062393339646165373363316363643931383565373931
 33393030373766313530346639316136643964643339356164366335336534313338
--- a/roles/docker/templates/wordpress/docker-compose.yml.j2
+++ b/roles/docker/templates/wordpress/docker-compose.yml.j2
@ -1,51 +0,0 @@
 services:
  db:
    image: {{ docker.containers.wordpress.db_image }}
    container_name: {{ docker.containers.wordpress.db_name }}
    restart: unless-stopped
    env_file: .env
    environment:
      - MYSQL_DATABASE=wordpress
    volumes:
      - /mnt/content/wordpress/dbdata:/var/lib/mysql
    command: '--mysql-native-password=ON'
    networks:
      - app-network
  wordpress:
    depends_on:
      - db
    image: {{ docker.containers.wordpress.image }}
    container_name: {{ docker.containers.wordpress.name }} 
    restart: unless-stopped
    env_file: .env
    environment:
      - TZ=Europe/Berlin
      - WORDPRESS_DB_HOST=db:3306
      - WORDPRESS_DB_USER=$MYSQL_USER
      - WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
      - WORDPRESS_DB_NAME=wordpress
    volumes:
      - /mnt/content/wordpress/wpdata:/var/www/html
    networks:
      - app-network
  webserver:
    depends_on:
      - wordpress
    image: nginx:latest
    container_name: {{ docker.containers.wordpress.web_name }}
    restart: unless-stopped
    ports:
      - "{{ docker.containers.wordpress.port }}:80"
    volumes:
      - /mnt/content/wordpress/wpdata:/var/www/html
      - ./nginx-conf:/etc/nginx/conf.d
    environment:
      - TZ=Europe/Berlin
    networks:
      - app-network
 networks:
  app-network:
    driver: bridge
--- a/roles/docker/templates/wordpress/nginx-conf/nginx.conf
+++ b/roles/docker/templates/wordpress/nginx-conf/nginx.conf
@ -1,43 +0,0 @@
 server {
        listen 80;
        server_name localhost;
        index index.php index.html index.htm;
        root /var/www/html;
        location ~ /.well-known/acme-challenge {
                allow all;
                root /var/www/html;
        }
        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass wordpress:9000;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
        }
        location ~ /\.ht {
                deny all;
        }
        location = /favicon.ico {
                log_not_found off; access_log off;
        }
        location = /robots.txt {
                log_not_found off; access_log off; allow all;
        }
        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
                expires max;
                log_not_found off;
        }
 }
--- a/roles/docker/templates/wordpress/nginx-conf/options-ssl-nginx.conf
+++ b/roles/docker/templates/wordpress/nginx-conf/options-ssl-nginx.conf
@ -1,14 +0,0 @@
 # This file contains important security parameters. If you modify this file
 # manually, Certbot will be unable to automatically provide future security
 # updates. Instead, Certbot will print and log an error message with a path to
 # the up-to-date file that you will need to refer to when manually updating
 # this file. Contents are based on https://ssl-config.mozilla.org
 ssl_session_cache shared:le_nginx_SSL:10m;
 ssl_session_timeout 1440m;
 ssl_session_tickets off;
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_prefer_server_ciphers off;
 ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
--- a/roles/docker/templates/wordpress/only-nginx-conf/nginx.conf
+++ b/roles/docker/templates/wordpress/only-nginx-conf/nginx.conf
@ -1,68 +0,0 @@
 server {
        listen 80;
        listen [::]:80;
        server_name {{ docker.containers.wordpress.url }};
        location ~ /.well-known/acme-challenge {
                allow all;
                root /var/www/html;
        }
        location / {
                rewrite ^ https://$host$request_uri? permanent;
        }
 }
 server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name {{ docker.containers.wordpress.url }};
        index index.php index.html index.htm;
        root /var/www/html;
        server_tokens off;
        ssl_certificate /etc/letsencrypt/live/{{ docker.containers.wordpress.url }}/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/{{ docker.containers.wordpress.url }}/privkey.pem;
        include /etc/nginx/conf.d/options-ssl-nginx.conf;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-referrer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
        # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        # enable strict transport security only if you understand the implications
        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass wordpress:9000;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
        }
        location ~ /\.ht {
                deny all;
        }
        location = /favicon.ico {
                log_not_found off; access_log off;
        }
        location = /robots.txt {
                log_not_found off; access_log off; allow all;
        }
        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
                expires max;
                log_not_found off;
        }
 }
--- a/roles/docker/templates/wordpress/only-nginx-conf/options-ssl-nginx.conf
+++ b/roles/docker/templates/wordpress/only-nginx-conf/options-ssl-nginx.conf
@ -1,14 +0,0 @@
 # This file contains important security parameters. If you modify this file
 # manually, Certbot will be unable to automatically provide future security
 # updates. Instead, Certbot will print and log an error message with a path to
 # the up-to-date file that you will need to refer to when manually updating
 # this file. Contents are based on https://ssl-config.mozilla.org
 ssl_session_cache shared:le_nginx_SSL:10m;
 ssl_session_timeout 1440m;
 ssl_session_tickets off;
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_prefer_server_ciphers off;
 ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";