helmchart/wordpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cecc419cc522a9b76ea8e8d0a1ec16bd10100ea7
wordpress/templates/deployment.yaml

432 lines
19 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "wordpress-nginx.fullname" . }}
labels:
{{- include "wordpress-nginx.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "wordpress-nginx.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "wordpress-nginx.selectorLabels" . | nindent 8 }}
spec:
securityContext:
fsGroup: 82
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wordpress-init
image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }}
command: ["/bin/sh", "-c"]
args:
- |
set -e
echo "=== WordPress Initialization Started ==="
if [ ! -d /var/www/html/wp-content ]; then
echo "Initializing wp-content directory..."
mkdir -p /var/www/html/wp-content
cp -rp /usr/src/wordpress/wp-content/* /var/www/html/wp-content/
echo "wp-content initialized"
else
echo "wp-content already exists, preserving user data"
fi
echo "Generating wp-config.php..."
cat > /var/www/html/wp-config.php << 'EOF'
<?php
define('DB_NAME', getenv('WORDPRESS_DB_NAME'));
define('DB_USER', getenv('WORDPRESS_DB_USER'));
define('DB_PASSWORD', getenv('WORDPRESS_DB_PASSWORD'));
define('DB_HOST', getenv('WORDPRESS_DB_HOST'));
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
$table_prefix = getenv('WORDPRESS_TABLE_PREFIX') ?: 'wp_';
define('AUTH_KEY', getenv('WP_AUTH_KEY'));
define('SECURE_AUTH_KEY', getenv('WP_SECURE_AUTH_KEY'));
define('LOGGED_IN_KEY', getenv('WP_LOGGED_IN_KEY'));
define('NONCE_KEY', getenv('WP_NONCE_KEY'));
define('AUTH_SALT', getenv('WP_AUTH_SALT'));
define('SECURE_AUTH_SALT', getenv('WP_SECURE_AUTH_SALT'));
define('LOGGED_IN_SALT', getenv('WP_LOGGED_IN_SALT'));
define('NONCE_SALT', getenv('WP_NONCE_SALT'));
if ( defined( 'WP_CLI' ) ) {
$_SERVER['HTTP_HOST'] = '127.0.0.1';
}
$protocol = 'http';
if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ) {
$protocol = 'https';
} elseif ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' ) {
$protocol = 'https';
}
define( 'WP_HOME', $protocol . '://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_SITEURL', $protocol . '://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_AUTO_UPDATE_CORE', false );
define('WP_DEBUG', false);
define('WP_DEBUG_LOG', false);
define('WP_DEBUG_DISPLAY', false);
define('FS_METHOD', 'direct');
define('WP_MEMORY_LIMIT', '256M');
define('WP_MAX_MEMORY_LIMIT', '512M');
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', '/usr/src/wordpress/' );
}
require_once ABSPATH . 'wp-settings.php';
EOF
echo "wp-config.php generated"
echo "Setting up WP-CLI..."
curl -o /tmp/wp-cli.phar https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar 2>/dev/null || true
chmod +x /tmp/wp-cli.phar
echo "Waiting for database connection..."
max_attempts=30
attempt=0
while [ $attempt -lt $max_attempts ]; do
if /tmp/wp-cli.phar --path=/usr/src/wordpress db check 2>/dev/null; then
echo "Database connection successful"
break
fi
attempt=$((attempt + 1))
echo "Waiting for database... ($attempt/$max_attempts)"
sleep 2
done
echo "Checking if WordPress is already installed..."
TABLES=$(/tmp/wp-cli.phar --path=/usr/src/wordpress db query "SHOW TABLES LIKE '${WORDPRESS_TABLE_PREFIX}options';" 2>/dev/null || echo "")
if [ -z "$TABLES" ]; then
echo "=== Starting WordPress Installation ==="
if [ -z "$WP_ADMIN_PASSWORD" ]; then
WP_ADMIN_PASSWORD=$(tr -dc 'A-Za-z0-9!@#$%^&*' < /dev/urandom | head -c 16)
echo "Generated admin password: $WP_ADMIN_PASSWORD"
echo "$WP_ADMIN_PASSWORD" > /var/www/html/.initial-admin-password
fi
INSTALL_URL="http://127.0.0.1"
echo "Installing WordPress..."
/tmp/wp-cli.phar --path=/usr/src/wordpress core install \
--url="$INSTALL_URL" \
--title="$WP_SITE_TITLE" \
--admin_user="$WP_ADMIN_USER" \
--admin_password="$WP_ADMIN_PASSWORD" \
--admin_email="$WP_ADMIN_EMAIL" \
--skip-email
echo "=== WordPress Installation Completed ==="
echo "Admin User: $WP_ADMIN_USER"
if [ -f /var/www/html/.initial-admin-password ]; then
echo "Admin Password: $(cat /var/www/html/.initial-admin-password)"
fi
echo "Note: Site URL is dynamic and will be set based on HTTP_HOST"
else
echo "WordPress is already installed, skipping installation"
if /tmp/wp-cli.phar --path=/usr/src/wordpress core version 2>/dev/null; then
CURRENT_VERSION=$(cat /usr/src/wordpress/wp-includes/version.php | grep "wp_version = " | cut -d "'" -f 2)
echo "Checking for WordPress updates... Target version: $CURRENT_VERSION"
/tmp/wp-cli.phar --path=/usr/src/wordpress core update --version=$CURRENT_VERSION 2>/dev/null || true
/tmp/wp-cli.phar --path=/usr/src/wordpress core update-db 2>/dev/null || true
fi
fi
{{- if .Values.wordpress.adsTxt.enabled }}
echo "Deploying ads.txt..."
cat > /var/www/html/ads.txt << 'ADSTXT'
{{ .Values.wordpress.adsTxt.content }}
ADSTXT
echo "ads.txt deployed"
{{- end }}
echo "=== WordPress Initialization Completed ==="
volumeMounts:
- name: wordpress-persistent
mountPath: /var/www/html
echo "Generating wp-config.php from Secret..."
cat > /var/www/html/wp-config.php << 'EOF'
<?php
define('DB_NAME', getenv('WORDPRESS_DB_NAME'));
define('DB_USER', getenv('WORDPRESS_DB_USER'));
define('DB_PASSWORD', getenv('WORDPRESS_DB_PASSWORD'));
define('DB_HOST', getenv('WORDPRESS_DB_HOST'));
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
$table_prefix = getenv('WORDPRESS_TABLE_PREFIX') ?: 'wp_';
define('AUTH_KEY', getenv('WP_AUTH_KEY'));
define('SECURE_AUTH_KEY', getenv('WP_SECURE_AUTH_KEY'));
define('LOGGED_IN_KEY', getenv('WP_LOGGED_IN_KEY'));
define('NONCE_KEY', getenv('WP_NONCE_KEY'));
define('AUTH_SALT', getenv('WP_AUTH_SALT'));
define('SECURE_AUTH_SALT', getenv('WP_SECURE_AUTH_SALT'));
define('LOGGED_IN_SALT', getenv('WP_LOGGED_IN_SALT'));
define('NONCE_SALT', getenv('WP_NONCE_SALT'));
if ( defined( 'WP_CLI' ) ) {
$_SERVER['HTTP_HOST'] = '127.0.0.1';
}
$protocol = 'http';
if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ) {
$protocol = 'https';
} elseif ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' ) {
$protocol = 'https';
}
define( 'WP_HOME', $protocol . '://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_SITEURL', $protocol . '://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_AUTO_UPDATE_CORE', false );
define('WP_DEBUG', false);
define('WP_DEBUG_LOG', false);
define('WP_DEBUG_DISPLAY', false);
define('FS_METHOD', 'direct');
define('WP_MEMORY_LIMIT', '256M');
define('WP_MAX_MEMORY_LIMIT', '512M');
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
require_once ABSPATH . 'wp-settings.php';
EOF
echo "wp-config.php generated"
echo "Setting up WP-CLI..."
curl -o /tmp/wp-cli.phar https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar 2>/dev/null || true
chmod +x /tmp/wp-cli.phar
echo "Waiting for database connection..."
max_attempts=30
attempt=0
while [ $attempt -lt $max_attempts ]; do
if /tmp/wp-cli.phar --path=/var/www/html db check 2>/dev/null; then
echo "Database connection successful"
break
fi
attempt=$((attempt + 1))
echo "Waiting for database... ($attempt/$max_attempts)"
sleep 2
done
echo "Checking if WordPress is already installed..."
TABLES=$(/tmp/wp-cli.phar --path=/var/www/html db query "SHOW TABLES LIKE '${WORDPRESS_TABLE_PREFIX}options';" 2>/dev/null || echo "")
if [ -z "$TABLES" ]; then
echo "=== Starting WordPress Installation ==="
if [ -z "$WP_ADMIN_PASSWORD" ]; then
WP_ADMIN_PASSWORD=$(tr -dc 'A-Za-z0-9!@#$%^&*' < /dev/urandom | head -c 16)
echo "Generated admin password: $WP_ADMIN_PASSWORD"
echo "$WP_ADMIN_PASSWORD" > /var/www/html-persistent/.initial-admin-password
fi
INSTALL_URL="http://127.0.0.1"
echo "Installing WordPress..."
/tmp/wp-cli.phar --path=/var/www/html core install \
--url="$INSTALL_URL" \
--title="$WP_SITE_TITLE" \
--admin_user="$WP_ADMIN_USER" \
--admin_password="$WP_ADMIN_PASSWORD" \
--admin_email="$WP_ADMIN_EMAIL" \
--skip-email
echo "=== WordPress Installation Completed ==="
echo "Admin User: $WP_ADMIN_USER"
if [ -f /var/www/html-persistent/.initial-admin-password ]; then
echo "Admin Password: $(cat /var/www/html-persistent/.initial-admin-password)"
fi
echo "Note: Site URL is dynamic and will be set based on HTTP_HOST"
else
echo "WordPress is already installed, skipping installation"
if /tmp/wp-cli.phar --path=/var/www/html core version 2>/dev/null; then
CURRENT_VERSION=$(cat /usr/src/wordpress/wp-includes/version.php | grep "wp_version = " | cut -d "'" -f 2)
echo "Checking for WordPress updates... Target version: $CURRENT_VERSION"
/tmp/wp-cli.phar --path=/var/www/html core update --version=$CURRENT_VERSION 2>/dev/null || true
/tmp/wp-cli.phar --path=/var/www/html core update-db 2>/dev/null || true
fi
fi
{{- if .Values.wordpress.adsTxt.enabled }}
echo "Deploying ads.txt..."
cat > /var/www/html/ads.txt << 'ADSTXT'
{{ .Values.wordpress.adsTxt.content }}
ADSTXT
echo "ads.txt deployed"
{{- end }}
echo "=== WordPress Initialization Completed ==="
volumeMounts:
- name: wordpress-core
mountPath: /var/www/html
- name: wordpress-persistent
mountPath: /var/www/html-persistent
env:
- name: WORDPRESS_DB_HOST
value: {{ .Values.wordpress.dbHost | quote }}
- name: WORDPRESS_DB_NAME
value: {{ .Values.wordpress.dbName | quote }}
- name: WORDPRESS_DB_USER
value: {{ .Values.wordpress.dbUser | quote }}
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: db-password
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpress.tablePrefix | quote }}
- name: WP_SITE_TITLE
value: {{ .Values.wordpress.siteTitle | quote }}
- name: WP_ADMIN_USER
value: {{ .Values.wordpress.adminUser | quote }}
- name: WP_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: admin-password
- name: WP_ADMIN_EMAIL
value: {{ .Values.wordpress.adminEmail | quote }}
- name: WP_AUTH_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: auth-key
- name: WP_SECURE_AUTH_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: secure-auth-key
- name: WP_LOGGED_IN_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: logged-in-key
- name: WP_NONCE_KEY
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: nonce-key
- name: WP_AUTH_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: auth-salt
- name: WP_SECURE_AUTH_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: secure-auth-salt
- name: WP_LOGGED_IN_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: logged-in-salt
- name: WP_NONCE_SALT
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: nonce-salt
securityContext:
runAsUser: 82
runAsGroup: 82
containers:
- name: nginx
image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}"
imagePullPolicy: {{ .Values.image.nginx.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
volumeMounts:
- name: wordpress-source
mountPath: /var/www/html
subPath: wordpress
readOnly: true
- name: wordpress-persistent
mountPath: /var/www/html/wp-content
- name: wordpress-persistent
mountPath: /var/www/html/wp-config.php
subPath: wp-config.php
- name: nginx-config
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
{{- if .Values.healthCheck.enabled }}
livenessProbe:
{{- toYaml .Values.healthCheck.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.healthCheck.readinessProbe | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources.nginx | nindent 12 }}
- name: wordpress
image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }}
command: ["php-fpm"]
securityContext:
runAsUser: 82
runAsGroup: 82
env:
- name: WORDPRESS_DB_HOST
value: {{ .Values.wordpress.dbHost | quote }}
- name: WORDPRESS_DB_NAME
value: {{ .Values.wordpress.dbName | quote }}
- name: WORDPRESS_DB_USER
value: {{ .Values.wordpress.dbUser | quote }}
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress-nginx.fullname" . }}-secret
key: db-password
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpress.tablePrefix | quote }}
volumeMounts:
- name: wordpress-persistent
mountPath: /var/www/html/wp-content
- name: wordpress-persistent
mountPath: /var/www/html/wp-config.php
subPath: wp-config.php
resources:
{{- toYaml .Values.resources.wordpress | nindent 12 }}
volumes:
- name: wordpress-source
emptyDir: {}
- name: wordpress-persistent
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ include "wordpress-nginx.fullname" . }}-pvc
{{- else }}
emptyDir: {}
{{- end }}
- name: nginx-config
configMap:
name: {{ include "wordpress-nginx.fullname" . }}-nginx-config
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink