helmchart/wordpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
31ee03ce12281623bedf915b0a0db79b16fd8fbf
wordpress/templates/deployment.yaml

298 lines
13 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "wordpress-nginx.fullname" . }}
labels:
{{- include "wordpress-nginx.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "wordpress-nginx.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "wordpress-nginx.selectorLabels" . | nindent 8 }}
spec:
securityContext:
fsGroup: 82
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wordpress-init
image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }}
command: ["/bin/sh"]
args:
- -c
- |
#!/bin/sh
set -e
echo "=== WordPress Initialization Started ==="
# WordPress本体ファイルをemptyDirにコピー使い捨て
echo "Copying WordPress core files to ephemeral storage..."
cp -rp /usr/src/wordpress/* /var/www/html/
# wp-content ディレクトリをPVCに配置永続化
if [ ! -d /var/www/html-persistent/wp-content ]; then
echo "Initializing wp-content directory..."
mkdir -p /var/www/html-persistent/wp-content
cp -rp /usr/src/wordpress/wp-content/* /var/www/html-persistent/wp-content/
else
echo "wp-content already exists, preserving user data"
fi
# wp-content をシンボリックリンクで接続
rm -rf /var/www/html/wp-content
ln -sf /var/www/html-persistent/wp-content /var/www/html/wp-content
# wp-config.php を Secretから生成毎回再作成
echo "Generating wp-config.php from Secret..."
cat > /var/www/html/wp-config.php <<'WPCONFIG'
<?php
define('DB_NAME', getenv('WORDPRESS_DB_NAME'));
define('DB_USER', getenv('WORDPRESS_DB_USER'));
define('DB_PASSWORD', getenv('WORDPRESS_DB_PASSWORD'));
define('DB_HOST', getenv('WORDPRESS_DB_HOST'));
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
$table_prefix = getenv('WORDPRESS_TABLE_PREFIX') ?: 'wp_';
define('AUTH_KEY', getenv('WP_AUTH_KEY'));
define('SECURE_AUTH_KEY', getenv('WP_SECURE_AUTH_KEY'));
define('LOGGED_IN_KEY', getenv('WP_LOGGED_IN_KEY'));
define('NONCE_KEY', getenv('WP_NONCE_KEY'));
define('AUTH_SALT', getenv('WP_AUTH_SALT'));
define('SECURE_AUTH_SALT', getenv('WP_SECURE_AUTH_SALT'));
define('LOGGED_IN_SALT', getenv('WP_LOGGED_IN_SALT'));
define('NONCE_SALT', getenv('WP_NONCE_SALT'));
define('WP_DEBUG', false);
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
require_once ABSPATH . 'wp-settings.php';
WPCONFIG
echo "wp-config.php generated"
# WordPress CLI のセットアップ
echo "Setting up WP-CLI..."
curl -o /tmp/wp-cli.phar https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar 2>/dev/null || true
chmod +x /tmp/wp-cli.phar
# データベース接続待機
echo "Waiting for database connection..."
max_attempts=30
attempt=0
while [ $attempt -lt $max_attempts ]; do
if /tmp/wp-cli.phar --path=/var/www/html db check 2>/dev/null; then
echo "Database connection successful"
break
fi
attempt=$((attempt + 1))
echo "Waiting for database... ($attempt/$max_attempts)"
sleep 2
done
# データベーステーブルの確認
echo "Checking if WordPress is already installed..."
TABLES=$(/tmp/wp-cli.phar --path=/var/www/html db query "SHOW TABLES LIKE '${WORDPRESS_TABLE_PREFIX}options';" 2>/dev/null || echo "")
if [ -z "$TABLES" ]; then
echo "=== Starting WordPress Installation ==="
# 管理者パスワードの処理
if [ -z "$WP_ADMIN_PASSWORD" ]; then
WP_ADMIN_PASSWORD=$(tr -dc 'A-Za-z0-9!@#$%^&*' < /dev/urandom | head -c 16)
echo "Generated admin password: $WP_ADMIN_PASSWORD"
echo "$WP_ADMIN_PASSWORD" > /var/www/html-persistent/.initial-admin-password
fi
# WordPressのインストール
echo "Installing WordPress..."
/tmp/wp-cli.phar --path=/var/www/html core install \
--url="$WP_SITE_URL" \
--title="$WP_SITE_TITLE" \
--admin_user="$WP_ADMIN_USER" \
--admin_password="$WP_ADMIN_PASSWORD" \
--admin_email="$WP_ADMIN_EMAIL" \
--skip-email
echo "=== WordPress Installation Completed ==="
echo "Admin User: $WP_ADMIN_USER"
if [ -f /var/www/html-persistent/.initial-admin-password ]; then
echo "Admin Password: $(cat /var/www/html-persistent/.initial-admin-password)"
fi
else
echo "WordPress is already installed, skipping installation"
# コアアップデートの確認
if /tmp/wp-cli.phar --path=/var/www/html core version 2>/dev/null; then
CURRENT_VERSION=$(cat /usr/src/wordpress/wp-includes/version.php | grep "wp_version = " | cut -d "'" -f 2)
echo "Checking for WordPress updates... Target version: $CURRENT_VERSION"
/tmp/wp-cli.phar --path=/var/www/html core update --version=$CURRENT_VERSION 2>/dev/null || true
/tmp/wp-cli.phar --path=/var/www/html core update-db 2>/dev/null || true
fi
fi
{{- if .Values.wordpress.adsTxt.enabled }}
echo "Deploying ads.txt..."
cat > /var/www/html/ads.txt <<'ADSTXT'
{{ .Values.wordpress.adsTxt.content }}
ADSTXT
echo "ads.txt deployed"
{{- end }}
echo "=== WordPress Initialization Completed ==="
volumeMounts:
- name: wordpress-core
mountPath: /var/www/html
- name: wordpress-persistent
mountPath: /var/www/html-persistent
env:
- name: WORDPRESS_DB_HOST
value: {{ .Values.wordpress.dbHost | quote }}
- name: WORDPRESS_DB_NAME
value: {{ .Values.wordpress.dbName | quote }}
- name: WORDPRESS_DB_USER
value: {{ .Values.wordpress.dbUser | quote }}
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: db-password
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpress.tablePrefix | quote }}
- name: WP_SITE_URL
value: {{ .Values.wordpress.siteUrl | quote }}
- name: WP_SITE_TITLE
value: {{ .Values.wordpress.siteTitle | quote }}
- name: WP_ADMIN_USER
value: {{ .Values.wordpress.adminUser | quote }}
- name: WP_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: admin-password
- name: WP_ADMIN_EMAIL
value: {{ .Values.wordpress.adminEmail | quote }}
- name: WP_AUTH_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: auth-key
- name: WP_SECURE_AUTH_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: secure-auth-key
- name: WP_LOGGED_IN_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: logged-in-key
- name: WP_NONCE_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: nonce-key
- name: WP_AUTH_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: auth-salt
- name: WP_SECURE_AUTH_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: secure-auth-salt
- name: WP_LOGGED_IN_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: logged-in-salt
- name: WP_NONCE_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: nonce-salt
securityContext:
runAsUser: 82
runAsGroup: 82
containers:
- name: nginx
image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}"
imagePullPolicy: {{ .Values.image.nginx.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
volumeMounts:
- name: wordpress-core
mountPath: /var/www/html
- name: nginx-config
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
{{- if .Values.healthCheck.enabled }}
livenessProbe:
{{- toYaml .Values.healthCheck.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.healthCheck.readinessProbe | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources.nginx | nindent 12 }}
- name: wordpress
image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }}
securityContext:
runAsUser: 82
runAsGroup: 82
env:
- name: WORDPRESS_DB_HOST
value: {{ .Values.wordpress.dbHost | quote }}
- name: WORDPRESS_DB_NAME
value: {{ .Values.wordpress.dbName | quote }}
- name: WORDPRESS_DB_USER
value: {{ .Values.wordpress.dbUser | quote }}
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: db-password
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpress.tablePrefix | quote }}
volumeMounts:
- name: wordpress-core
mountPath: /var/www/html
resources:
{{- toYaml .Values.resources.wordpress | nindent 12 }}
volumes:
- name: wordpress-core
emptyDir: {}
- name: wordpress-persistent
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ include "wordpress-nginx.fullname" . }}-pvc
{{- else }}
emptyDir: {}
{{- end }}
- name: nginx-config
configMap:
name: {{ include "wordpress-nginx.fullname" . }}-nginx-config
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink