i3inary · May 26, 2022 16:58
diff --git a/notes.sh b/notes.sh
 #!/bin/bash


 # USEFUL LINKS
 # https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-docker-compose
 # https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04
 # https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04
 # https://www.digitalocean.com/community/tutorials/understanding-and-implementing-fastcgi-proxying-in-nginx
 # https://www.digitalocean.com/community/tutorials/how-to-manage-logfiles-with-logrotate-on-ubuntu-16-04
 # https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-with-http-2-support-on-ubuntu-18-04



 # FRESH DIGITAL OCEAN SERVER
 # https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04

 # First, update your existing list of packages:
 sudo apt update

 # Install new digital ocean monitoring agent
 sudo apt-get purge do-agent
 curl -sSL https://repos.insights.digitalocean.com/install.sh | sudo bash
 service do-agent status

 # Next, install a few prerequisite packages which let apt use packages over HTTPS:
 sudo apt install apt-transport-https ca-certificates curl software-properties-common

 # Then add the GPG key for the official Docker repository to your system:
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

 # Add the Docker repository to APT sources:

 sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"

 # Next, update the package database with the Docker packages from the newly added repo:
 sudo apt update

 # Make sure you are about to install from the Docker repo instead of the default Ubuntu repo:
 apt-cache policy docker-ce

 # You’ll see output like this, although the version number for Docker may be different:
 #
 # Output of apt-cache policy docker-ce
 # docker-ce:
 #   Installed: (none)
 #   Candidate: 18.03.1~ce~3-0~ubuntu
 #   Version table:
 #      18.03.1~ce~3-0~ubuntu 500
 #         500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 #
 # Notice that docker-ce is not installed, but the candidate for installation is from the Docker repository for Ubuntu 18.04 (bionic).
 #
 # Finally, install Docker:
 sudo apt install docker-ce

 # Docker should now be installed, the daemon started, and the process enabled to start on boot. Check that it’s running:
 sudo systemctl status docker


 # The output should be similar to the following, showing that the service is active and running:
 #
 # Output
 # ● docker.service - Docker Application Container Engine
 #    Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
 #    Active: active (running) since Thu 2018-07-05 15:08:39 UTC; 2min 55s ago
 #      Docs: https://docs.docker.com
 #  Main PID: 10096 (dockerd)
 #     Tasks: 16
 #    CGroup: /system.slice/docker.service
 #            ├─10096 /usr/bin/dockerd -H fd://
 #            └─10113 docker-containerd --config /var/run/docker/containerd/containerd.toml
 #
 # To run docker from another user without using sudo
 # https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04#step-2-%E2%80%94-executing-the-docker-command-without-sudo-optional
 # 
 ###############################
 # INSTALLING DOCKER-COMPOSE
 ###############################
 # https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04
 #
 # Check the current release (https://github.com/docker/compose/releases) and if necessary, update it in the command below:
 # Updated 3/12/2020
 sudo curl -L https://github.com/docker/compose/releases/download/1.26.0-rc3/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

 # Vet the permissions:
 sudo chmod +x /usr/local/bin/docker-compose

 # Verify that the installation was successful by checking the version:
 docker-compose --version

 ###############################
 # WEBSERVER CONFIGURATION
 ###############################
 #
 mkdir wordpress && cd wordpress
 mkdir nginx-conf
 nano nginx-conf/nginx.conf
 # server {
 #         listen 80;
 #         listen [::]:80;

 #         server_name example.com www.example.com;

 #         location ~ /.well-known/acme-challenge {
 #                 allow all;
 #                 root /var/www/html;
 #         }

 #         location / {
 #                 rewrite ^ https://$host$request_uri? permanent;
 #         }
 # }

 # server {
 #         listen 443 ssl http2;
 #         listen [::]:443 ssl http2;
 #         server_name example.com www.example.com;

 #         index index.php index.html index.htm;

 #         root /var/www/html;

 #         server_tokens off;

 #         ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
 #         ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

 #         include /etc/nginx/conf.d/options-ssl-nginx.conf;

 #         add_header X-Frame-Options "SAMEORIGIN" always;
 #         add_header X-XSS-Protection "1; mode=block" always;
 #         add_header X-Content-Type-Options "nosniff" always;
 #         add_header Referrer-Policy "no-referrer-when-downgrade" always;
 #         add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
 #         # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
 #         # enable strict transport security only if you understand the implications

 #         location / {
 #                 try_files $uri $uri/ /index.php$is_args$args;
 #         }

 #         location ~ \.php$ {
 #                 try_files $uri =404;
 #                 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 #                 fastcgi_pass wordpress:9000;
 #                 fastcgi_index index.php;
 #                 include fastcgi_params;
 #                 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 #                 fastcgi_param PATH_INFO $fastcgi_path_info;
 #         }

 #         location ~ /\.ht {
 #                 deny all;
 #         }

 #         location = /favicon.ico { 
 #                 log_not_found off; access_log off; 
 #         }
 #         location = /robots.txt { 
 #                 log_not_found off; access_log off; allow all; 
 #         }
 #         location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
 #                 expires max;
 #                 log_not_found off;
 #         }
 # }

 nano .env
 # MYSQL_ROOT_PASSWORD=your_root_password
 # MYSQL_USER=your_wordpress_database_user
 # MYSQL_PASSWORD=your_wordpress_database_password

 git init
 nano .gitignore
 nano docker-compose.yml

 # version: '3'

 # services:
 #   db:
 #     image: mysql:8.0
 #     container_name: db
 #     restart: unless-stopped
 #     env_file: .env
 #     environment:
 #       - MYSQL_DATABASE=wordpress
 #     volumes: 
 #       - dbdata:/var/lib/mysql
 #     command: '--default-authentication-plugin=mysql_native_password'
 #     networks:
 #       - app-network

 #   wordpress:
 #     depends_on: 
 #       - db
 #     image: wordpress:5.1.1-fpm-alpine
 #     container_name: wordpress
 #     restart: unless-stopped
 #     env_file: .env
 #     environment:
 #       - WORDPRESS_DB_HOST=db:3306
 #       - WORDPRESS_DB_USER=$MYSQL_USER
 #       - WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
 #       - WORDPRESS_DB_NAME=wordpress
 #     volumes:
 #       - wordpress:/var/www/html
 #     networks:
 #       - app-network

 #   webserver:
 #     depends_on:
 #       - wordpress
 #     image: nginx:1.15.12-alpine
 #     container_name: webserver
 #     restart: unless-stopped
 #     ports:
 #       - "80:80"
 #     volumes:
 #       - wordpress:/var/www/html
 #       - ./nginx-conf:/etc/nginx/conf.d
 #       - certbot-etc:/etc/letsencrypt
 #     networks:
 #       - app-network

 #   certbot:
 #     depends_on:
 #       - webserver
 #     image: certbot/certbot
 #     container_name: certbot
 #     volumes:
 #       - certbot-etc:/etc/letsencrypt
 #       - wordpress:/var/www/html
 #     command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --staging -d example.com -d www.example.com

 # volumes:
 #   certbot-etc:
 #   wordpress:
 #   dbdata:

 # networks:
 #   app-network:
 #     driver: bridge






 # Example script to change wordpress password in docker container script
 # https://gist.github.com/atmoz/08aa2aa6cc7788e0ddd7
 #!/bin/bash

 # dbContainer="db"
 # userTable="wordpress.users"
 # username=${1:-"admin"}
 # password=${2:-"$username"}

 # passwordHash=$(docker run --rm -it -v $(pwd)/www:/www php:5.4-cli php -r "\
 #     include '/www/wp-includes/pluggable.php';\
 #     define('ABSPATH', '/www/');\
 #     echo wp_hash_password('$password');")

 # dbId=$(docker-compose ps -q $dbContainer)
 # docker exec -i $dbId bash -c "mysql -uroot -p\$MYSQL_ROOT_PASSWORD" <<ESQL
 #     UPDATE $userTable SET user_pass = "$passwordHash" WHERE user_login = "$username";
 # ESQL
	#!/bin/bash


	# USEFUL LINKS
	# https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-docker-compose
	# https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04
	# https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04
	# https://www.digitalocean.com/community/tutorials/understanding-and-implementing-fastcgi-proxying-in-nginx
	# https://www.digitalocean.com/community/tutorials/how-to-manage-logfiles-with-logrotate-on-ubuntu-16-04
	# https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-with-http-2-support-on-ubuntu-18-04



	# FRESH DIGITAL OCEAN SERVER
	# https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04

	# First, update your existing list of packages:
	sudo apt update

	# Install new digital ocean monitoring agent
	sudo apt-get purge do-agent
	curl -sSL https://repos.insights.digitalocean.com/install.sh \| sudo bash
	service do-agent status

	# Next, install a few prerequisite packages which let apt use packages over HTTPS:
	sudo apt install apt-transport-https ca-certificates curl software-properties-common

	# Then add the GPG key for the official Docker repository to your system:
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -

	# Add the Docker repository to APT sources:

	sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"

	# Next, update the package database with the Docker packages from the newly added repo:
	sudo apt update

	# Make sure you are about to install from the Docker repo instead of the default Ubuntu repo:
	apt-cache policy docker-ce

	# You’ll see output like this, although the version number for Docker may be different:
	#
	# Output of apt-cache policy docker-ce
	# docker-ce:
	# Installed: (none)
	# Candidate: 18.03.1~ce~3-0~ubuntu
	# Version table:
	# 18.03.1~ce~3-0~ubuntu 500
	# 500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
	#
	# Notice that docker-ce is not installed, but the candidate for installation is from the Docker repository for Ubuntu 18.04 (bionic).
	#
	# Finally, install Docker:
	sudo apt install docker-ce

	# Docker should now be installed, the daemon started, and the process enabled to start on boot. Check that it’s running:
	sudo systemctl status docker


	# The output should be similar to the following, showing that the service is active and running:
	#
	# Output
	# ● docker.service - Docker Application Container Engine
	# Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
	# Active: active (running) since Thu 2018-07-05 15:08:39 UTC; 2min 55s ago
	# Docs: https://docs.docker.com
	# Main PID: 10096 (dockerd)
	# Tasks: 16
	# CGroup: /system.slice/docker.service
	# ├─10096 /usr/bin/dockerd -H fd://
	# └─10113 docker-containerd --config /var/run/docker/containerd/containerd.toml
	#
	# To run docker from another user without using sudo
	# https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04#step-2-%E2%80%94-executing-the-docker-command-without-sudo-optional
	#
	###############################
	# INSTALLING DOCKER-COMPOSE
	###############################
	# https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04
	#
	# Check the current release (https://github.com/docker/compose/releases) and if necessary, update it in the command below:
	# Updated 3/12/2020
	sudo curl -L https://github.com/docker/compose/releases/download/1.26.0-rc3/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

	# Vet the permissions:
	sudo chmod +x /usr/local/bin/docker-compose

	# Verify that the installation was successful by checking the version:
	docker-compose --version

	###############################
	# WEBSERVER CONFIGURATION
	###############################
	#
	mkdir wordpress && cd wordpress
	mkdir nginx-conf
	nano nginx-conf/nginx.conf
	# server {
	# listen 80;
	# listen [::]:80;

	# server_name example.com www.example.com;

	# location ~ /.well-known/acme-challenge {
	# allow all;
	# root /var/www/html;
	# }

	# location / {
	# rewrite ^ https://$host$request_uri? permanent;
	# }
	# }

	# server {
	# listen 443 ssl http2;
	# listen [::]:443 ssl http2;
	# server_name example.com www.example.com;

	# index index.php index.html index.htm;

	# root /var/www/html;

	# server_tokens off;

	# ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
	# ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

	# include /etc/nginx/conf.d/options-ssl-nginx.conf;

	# add_header X-Frame-Options "SAMEORIGIN" always;
	# add_header X-XSS-Protection "1; mode=block" always;
	# add_header X-Content-Type-Options "nosniff" always;
	# add_header Referrer-Policy "no-referrer-when-downgrade" always;
	# add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
	# # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
	# # enable strict transport security only if you understand the implications

	# location / {
	# try_files $uri $uri/ /index.php$is_args$args;
	# }

	# location ~ \.php$ {
	# try_files $uri =404;
	# fastcgi_split_path_info ^(.+\.php)(/.+)$;
	# fastcgi_pass wordpress:9000;
	# fastcgi_index index.php;
	# include fastcgi_params;
	# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	# fastcgi_param PATH_INFO $fastcgi_path_info;
	# }

	# location ~ /\.ht {
	# deny all;
	# }

	# location = /favicon.ico {
	# log_not_found off; access_log off;
	# }
	# location = /robots.txt {
	# log_not_found off; access_log off; allow all;
	# }
	# location ~* \.(css\|gif\|ico\|jpeg\|jpg\|js\|png)$ {
	# expires max;
	# log_not_found off;
	# }
	# }

	nano .env
	# MYSQL_ROOT_PASSWORD=your_root_password
	# MYSQL_USER=your_wordpress_database_user
	# MYSQL_PASSWORD=your_wordpress_database_password

	git init
	nano .gitignore
	nano docker-compose.yml

	# version: '3'

	# services:
	# db:
	# image: mysql:8.0
	# container_name: db
	# restart: unless-stopped
	# env_file: .env
	# environment:
	# - MYSQL_DATABASE=wordpress
	# volumes:
	# - dbdata:/var/lib/mysql
	# command: '--default-authentication-plugin=mysql_native_password'
	# networks:
	# - app-network

	# wordpress:
	# depends_on:
	# - db
	# image: wordpress:5.1.1-fpm-alpine
	# container_name: wordpress
	# restart: unless-stopped
	# env_file: .env
	# environment:
	# - WORDPRESS_DB_HOST=db:3306
	# - WORDPRESS_DB_USER=$MYSQL_USER
	# - WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
	# - WORDPRESS_DB_NAME=wordpress
	# volumes:
	# - wordpress:/var/www/html
	# networks:
	# - app-network

	# webserver:
	# depends_on:
	# - wordpress
	# image: nginx:1.15.12-alpine
	# container_name: webserver
	# restart: unless-stopped
	# ports:
	# - "80:80"
	# volumes:
	# - wordpress:/var/www/html
	# - ./nginx-conf:/etc/nginx/conf.d
	# - certbot-etc:/etc/letsencrypt
	# networks:
	# - app-network

	# certbot:
	# depends_on:
	# - webserver
	# image: certbot/certbot
	# container_name: certbot
	# volumes:
	# - certbot-etc:/etc/letsencrypt
	# - wordpress:/var/www/html
	# command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --staging -d example.com -d www.example.com

	# volumes:
	# certbot-etc:
	# wordpress:
	# dbdata:

	# networks:
	# app-network:
	# driver: bridge






	# Example script to change wordpress password in docker container script
	# https://gist.github.com/atmoz/08aa2aa6cc7788e0ddd7
	#!/bin/bash

	# dbContainer="db"
	# userTable="wordpress.users"
	# username=${1:-"admin"}
	# password=${2:-"$username"}

	# passwordHash=$(docker run --rm -it -v $(pwd)/www:/www php:5.4-cli php -r "\
	# include '/www/wp-includes/pluggable.php';\
	# define('ABSPATH', '/www/');\
	# echo wp_hash_password('$password');")

	# dbId=$(docker-compose ps -q $dbContainer)
	# docker exec -i $dbId bash -c "mysql -uroot -p\$MYSQL_ROOT_PASSWORD" <<ESQL
	# UPDATE $userTable SET user_pass = "$passwordHash" WHERE user_login = "$username";
	# ESQL