bij1
/
civicrm-bij1
18
0
Fork 0
Code Issues 24 Pull Requests 2 Packages Projects 3 Releases Wiki Activity

Reapply "hardening wordpress" 

This reverts commit 1ed8a8fe73.
This commit is contained in:
Kiara Grouwstra 2023-07-18 10:53:45 +02:00 committed by Paul J Stevens
parent 026795feab
commit e52087a1d8
3 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Dockerfile
View File

@ -22,5 +22,9 @@ COPY bin/*.sh /usr/local/bin/
RUN chmod a+rx /usr/local/bin/*.sh
RUN download.sh
RUN chown -R www-data:www-data /var/www/
RUN chown -R root /var/www/
RUN chown -R www-data /var/www/civi/wp-content/
RUN chown -R root /var/www/civi/wp-content/themes/ /var/www/civi/wp-content/plugins/
RUN find /var/www/ -type d |xargs chmod 755
RUN find /var/www/ -type f |xargs -I'{}' chmod 644 '{}'
USER www-data

15
bin/install.sh
View File

@ -4,6 +4,7 @@ set -ex
version=5.48.0
LANG=nl_NL
# wp core download --version=$WP_VERSION
# Set config
@ -31,7 +32,7 @@ wp core install \
PLUGIN_DIR=`pwd`/wp-content/plugins
# Configure CivCRM
#rm -f -- wp-content/uploads/civicrm/civicrm.settings.php
rm -f -- wp-content/uploads/civicrm/civicrm.settings.php
cv --no-interaction core:install -vv --setup-path=$PLUGIN_DIR/civicrm \
--src-path=$PLUGIN_DIR/civicrm/civicrm \
--user=www-data \
@ -84,8 +85,18 @@ wp plugin install --activate civicrm-admin-utilities wp-mail-smtp wpforms-lite w
# remove unused
wp plugin delete akismet hello
# bug in installer?
sed -i -e 's,http://testcrm,https://testcrm,' wp-content/uploads/civicrm/civicrm.settings.php
cat >> wp-content/uploads/civicrm/civicrm.settings.php << EOF
// Disable automatic download / installation of extensions
$civicrm_setting['domain']['ext_repo_url'] = false;
$civicrm_setting['domain']['enableSSL'] = true;
EOF
# set debugging mode
cv setting:set '{"backtrace": 1, "debug_enabled": 1, "environment": "Development", "mailing_backend": {"outBound_option":2}, "mailing_backend_store": {"outBound_option":"3"}}'
if [ -n "$DEBUG" ]; then
cv setting:set '{"backtrace": 1, "debug_enabled": 1, "environment": "Development", "mailing_backend": {"outBound_option":2}, "mailing_backend_store": {"outBound_option":"3"}}'
fi
# make immutable
wp config set DISALLOW_FILE_MODS "true"

1
docker-compose.yml
View File

@ -21,6 +21,7 @@ services:
WORDPRESS_ADMIN_EMAIL: $WP_ADMIN_EMAIL
DB_ROOT_PASSWORD: $DB_ADMIN_PASSWORD
DB_ADMIN_PASSWORD: $DB_ADMIN_PASSWORD
DEBUG: "true"
db:
image: mariadb:10.9.4