From 25ef3ac49d8927621b8665b8b562c6515e7b0287 Mon Sep 17 00:00:00 2001 From: jalel Date: Fri, 7 Nov 2025 01:26:32 +0000 Subject: [PATCH 1/4] Add local https compatibility --- .env.example | 5 ++-- .gitignore | 3 ++ Dockerfile | 7 +++++ QUICKSTART.md | 19 +++++++----- README.md | 55 +++++++++++++++++++++++++++++++---- docker-compose.yml | 4 +++ scripts/generate-ssl-certs.sh | 53 +++++++++++++++++++++++++++++++++ setup.sh | 22 ++++++++++++++ ssl-config.conf | 28 ++++++++++++++++++ 9 files changed, 181 insertions(+), 15 deletions(-) create mode 100755 scripts/generate-ssl-certs.sh create mode 100644 ssl-config.conf diff --git a/.env.example b/.env.example index faa44dd..6fe8954 100644 --- a/.env.example +++ b/.env.example @@ -2,7 +2,7 @@ PHP_VERSION=8.1 # WordPress Configuration -WORDPRESS_VERSION=6.4 +WORDPRESS_VERSION=6.8 WORDPRESS_DEBUG=1 WORDPRESS_DEBUG_LOG=1 WORDPRESS_DEBUG_DISPLAY=0 @@ -24,13 +24,14 @@ MYSQL_PASSWORD=wordpress # For *.localhost domains, no /etc/hosts entry is needed on most systems WORDPRESS_HOSTNAME=wooco.localhost WORDPRESS_PORT=8000 +WORDPRESS_SSL_PORT=8443 # WordPress Admin Configuration WP_ADMIN_USER=admin WP_ADMIN_PASSWORD=admin123 WP_ADMIN_EMAIL=admin@example.local WP_SITE_TITLE=WooCommerce Dev Site -WP_SITE_URL=http://wooco.localhost:8000 +WP_SITE_URL=https://wooco.localhost:8443 # Xdebug Configuration XDEBUG_MODE=debug diff --git a/.gitignore b/.gitignore index c92c3cb..3a5b692 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,9 @@ # Environment files .env +# SSL Certificates (locally generated) +ssl/ + # Docker volumes db_data/ diff --git a/Dockerfile b/Dockerfile index 1e2e733..4df331c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,13 @@ RUN apt-get update && apt-get install -y \ # Install PHP extensions RUN docker-php-ext-install zip pdo_mysql +# Enable Apache SSL module and rewrite +RUN a2enmod ssl rewrite + +# Copy SSL configuration +COPY ssl-config.conf /etc/apache2/sites-available/default-ssl.conf +RUN a2ensite default-ssl + # Install Xdebug (version depends on PHP version) # PHP 7.4: Xdebug 3.1.x # PHP 8.0-8.2: Xdebug 3.2.x diff --git a/QUICKSTART.md b/QUICKSTART.md index 3597b3d..5df780f 100644 --- a/QUICKSTART.md +++ b/QUICKSTART.md @@ -10,6 +10,7 @@ Get your WordPress + WooCommerce development environment running in 5 minutes! The script automatically: - ✅ Creates `.env` configuration file +- ✅ Generates SSL certificates (HTTPS support) - ✅ Builds Docker containers with your chosen PHP version - ✅ Installs WordPress - ✅ Installs WooCommerce @@ -20,13 +21,17 @@ The script automatically: ## Access Your Site -- **Frontend**: http://wooco.localhost:8000 -- **Admin**: http://wooco.localhost:8000/wp-admin +- **Frontend**: https://wooco.localhost:8443 +- **Admin**: https://wooco.localhost:8443/wp-admin - **PHPMyAdmin**: http://localhost:8080 **Login**: admin / admin123 -**Note:** You can change the hostname in `.env` file. +**Note:** +- HTTPS is enabled by default with auto-generated SSL certificates +- If you see a browser warning (self-signed cert), click "Advanced" → "Proceed" +- Install [mkcert](https://github.com/FiloSottile/mkcert) for trusted certificates (no warnings) +- You can change the hostname in `.env` file ## Add Your Plugin @@ -89,12 +94,12 @@ docker-compose exec wordpress bash 1. Install "PHP Debug" extension 2. Press `F5` to start debugging 3. Add breakpoints in your plugin code -4. Visit: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname) +4. Visit: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname) ### PhpStorm 1. Settings → PHP → Debug → Port: `9003` 2. Click "Start Listening for PHP Debug Connections" -3. Visit: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname) +3. Visit: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname) ## Sample Data @@ -114,8 +119,8 @@ The environment includes all WooCommerce product types: - jane.smith@example.com / customer123 **Quick Links:** -- Products: http://wooco.localhost:8000/wp-admin/edit.php?post_type=product -- Customers: http://wooco.localhost:8000/wp-admin/admin.php?page=wc-admin&path=/customers +- Products: https://wooco.localhost:8443/wp-admin/edit.php?post_type=product +- Customers: https://wooco.localhost:8443/wp-admin/admin.php?page=wc-admin&path=/customers ## Testing diff --git a/README.md b/README.md index 8d10351..170c7cc 100644 --- a/README.md +++ b/README.md @@ -41,15 +41,19 @@ That's it! The setup script will: After setup completes: -- **Frontend**: http://wooco.localhost:8000 (or your configured hostname) -- **Admin**: http://wooco.localhost:8000/wp-admin +- **Frontend**: https://wooco.localhost:8443 (or your configured hostname) +- **Admin**: https://wooco.localhost:8443/wp-admin - **PHPMyAdmin**: http://localhost:8080 **Default Login:** - Username: `admin` - Password: `admin123` -**Note:** `*.localhost` domains work without editing `/etc/hosts` on most systems. You can customize the hostname in `.env`. +**Note:** +- `*.localhost` domains work without editing `/etc/hosts` on most systems +- HTTPS is enabled by default with auto-generated SSL certificates +- If using mkcert, you won't see any browser warnings +- If using self-signed certs, click "Advanced" and "Proceed" on the browser warning ## Project Structure @@ -190,6 +194,45 @@ docker-compose up -d wp search-replace 'old-url.com' 'new-url.com' --allow-root ``` +### SSL/HTTPS Configuration + +HTTPS is enabled by default for secure local development. The setup script automatically generates SSL certificates. + +**Using mkcert (Recommended - No Browser Warnings):** + +```bash +# Install mkcert (one-time setup) +# macOS +brew install mkcert +brew install nss # for Firefox + +# Linux +apt install mkcert # or your package manager + +# Windows +choco install mkcert + +# The setup.sh script will automatically use mkcert if available +``` + +**Using Self-Signed Certificates (Fallback):** + +If mkcert is not installed, the setup script automatically generates self-signed certificates. You'll see a browser security warning - this is normal. Click "Advanced" and "Proceed" to continue. + +**Manual Certificate Regeneration:** + +```bash +# Regenerate SSL certificates for a specific hostname +./scripts/generate-ssl-certs.sh your-hostname.localhost + +# Restart containers to apply changes +docker-compose restart wordpress +``` + +**Ports:** +- HTTPS (SSL): `8443` (configurable via `WORDPRESS_SSL_PORT` in `.env`) +- HTTP: `8000` (auto-redirects to HTTPS) + ## Development Tools ### WP-CLI @@ -223,7 +266,7 @@ docker-compose exec wordpress wp cache flush 4. Add breakpoints in your plugin code 5. Visit your site with `?XDEBUG_TRIGGER=1` in the URL -Example: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname) +Example: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname) #### PhpStorm @@ -295,8 +338,8 @@ The environment includes these WooCommerce product types: - John Doe (john.doe@example.com / customer123) - Jane Smith (jane.smith@example.com / customer123) -View products: http://wooco.localhost:8000/wp-admin/edit.php?post_type=product -View customers: http://wooco.localhost:8000/wp-admin/admin.php?page=wc-admin&path=/customers +View products: https://wooco.localhost:8443/wp-admin/edit.php?post_type=product +View customers: https://wooco.localhost:8443/wp-admin/admin.php?page=wc-admin&path=/customers ### Adding More Sample Data diff --git a/docker-compose.yml b/docker-compose.yml index 963d539..abd4b08 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,10 +31,14 @@ services: condition: service_healthy ports: - "${WORDPRESS_PORT:-8000}:80" + - "${WORDPRESS_SSL_PORT:-8443}:443" volumes: # Mount entire WordPress directory for local development - ./wordpress:/var/www/html - ./scripts:/var/www/scripts + # Mount SSL certificates + - ./ssl/cert.pem:/etc/ssl/certs/cert.pem:ro + - ./ssl/key.pem:/etc/ssl/private/key.pem:ro restart: unless-stopped environment: WORDPRESS_DB_HOST: db:3306 diff --git a/scripts/generate-ssl-certs.sh b/scripts/generate-ssl-certs.sh new file mode 100755 index 0000000..001b183 --- /dev/null +++ b/scripts/generate-ssl-certs.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -e + +# Colors for output +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +RED='\033[0;31m' +NC='\033[0m' # No Color + +HOSTNAME=${1:-wooco.localhost} +SSL_DIR="$(dirname "$0")/../ssl" + +# Create SSL directory if it doesn't exist +mkdir -p "$SSL_DIR" + +echo -e "${GREEN}Generating SSL certificates for: ${HOSTNAME}${NC}" + +# Check if mkcert is available +if command -v mkcert >/dev/null 2>&1; then + echo -e "${GREEN}Using mkcert to generate locally-trusted certificates...${NC}" + + cd "$SSL_DIR" + mkcert -install + mkcert "$HOSTNAME" "*.${HOSTNAME}" localhost 127.0.0.1 ::1 + + # Rename files to standard names + mv "${HOSTNAME}+4.pem" cert.pem 2>/dev/null || true + mv "${HOSTNAME}+4-key.pem" key.pem 2>/dev/null || true + + echo -e "${GREEN}✓ Locally-trusted SSL certificates generated!${NC}" + echo -e "${GREEN}✓ No browser warnings will appear${NC}" +else + echo -e "${YELLOW}mkcert not found. Generating self-signed certificates...${NC}" + echo -e "${YELLOW}Note: Browser will show security warnings (this is normal for self-signed certs)${NC}" + echo -e "${YELLOW}Install mkcert for trusted certificates: https://github.com/FiloSottile/mkcert${NC}" + + # Generate self-signed certificate with openssl + openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ + -keyout "$SSL_DIR/key.pem" \ + -out "$SSL_DIR/cert.pem" \ + -subj "/C=US/ST=State/L=City/O=Development/CN=${HOSTNAME}" \ + -addext "subjectAltName=DNS:${HOSTNAME},DNS:*.${HOSTNAME},DNS:localhost,IP:127.0.0.1" + + echo -e "${GREEN}✓ Self-signed SSL certificates generated${NC}" + echo -e "${YELLOW}⚠ Browser will show security warnings (click 'Advanced' and 'Proceed')${NC}" +fi + +echo "" +echo -e "${GREEN}SSL certificates created at:${NC}" +echo " Certificate: $SSL_DIR/cert.pem" +echo " Private Key: $SSL_DIR/key.pem" +echo "" diff --git a/setup.sh b/setup.sh index bd0c87b..d9c1e88 100755 --- a/setup.sh +++ b/setup.sh @@ -96,6 +96,27 @@ load_env() { fi } +# Generate SSL certificates +generate_ssl() { + print_header "Generating SSL Certificates" + + local hostname="${WORDPRESS_HOSTNAME:-wooco.localhost}" + + # Check if certificates already exist + if [ -f "${SCRIPT_DIR}/ssl/cert.pem" ] && [ -f "${SCRIPT_DIR}/ssl/key.pem" ]; then + print_warning "SSL certificates already exist. Skipping generation..." + read -p "Do you want to regenerate them? (y/N): " -n 1 -r + echo + if [[ ! $REPLY =~ ^[Yy]$ ]]; then + return + fi + fi + + # Run the certificate generation script + bash "${SCRIPT_DIR}/scripts/generate-ssl-certs.sh" "${hostname}" + print_success "SSL certificates generated for ${hostname}" +} + # Build and start Docker containers start_containers() { print_header "Building and Starting Docker Containers" @@ -313,6 +334,7 @@ main() { check_prerequisites setup_env load_env + generate_ssl start_containers wait_for_services install_wordpress diff --git a/ssl-config.conf b/ssl-config.conf new file mode 100644 index 0000000..7fcd64e --- /dev/null +++ b/ssl-config.conf @@ -0,0 +1,28 @@ + + ServerAdmin admin@localhost + DocumentRoot /var/www/html + + SSLEngine on + SSLCertificateFile /etc/ssl/certs/cert.pem + SSLCertificateKeyFile /etc/ssl/private/key.pem + + + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + +# Redirect HTTP to HTTPS + + ServerAdmin admin@localhost + DocumentRoot /var/www/html + + # Redirect all HTTP traffic to HTTPS + RewriteEngine On + RewriteCond %{HTTPS} off + RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] + From 17149bafcce101e31b980ef6de43a250703242e6 Mon Sep 17 00:00:00 2001 From: jalel Date: Fri, 7 Nov 2025 01:28:54 +0000 Subject: [PATCH 2/4] revert wp version --- .env.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.example b/.env.example index 6fe8954..31c8c76 100644 --- a/.env.example +++ b/.env.example @@ -2,7 +2,7 @@ PHP_VERSION=8.1 # WordPress Configuration -WORDPRESS_VERSION=6.8 +WORDPRESS_VERSION=6.4 WORDPRESS_DEBUG=1 WORDPRESS_DEBUG_LOG=1 WORDPRESS_DEBUG_DISPLAY=0 From 46d3506fe5ae913e673ea25ae83decaea9f0ac37 Mon Sep 17 00:00:00 2001 From: jalel Date: Fri, 7 Nov 2025 01:39:39 +0000 Subject: [PATCH 3/4] Fix: Generate SSL certificates in GitHub Actions workflow --- .github/workflows/docker-build-test.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/docker-build-test.yml b/.github/workflows/docker-build-test.yml index 8fa05b5..98437ab 100644 --- a/.github/workflows/docker-build-test.yml +++ b/.github/workflows/docker-build-test.yml @@ -38,6 +38,15 @@ jobs: cat .env + - name: Generate SSL certificates + run: | + mkdir -p ssl + openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ + -keyout ssl/key.pem \ + -out ssl/cert.pem \ + -subj "/C=US/ST=State/L=City/O=Development/CN=localhost" \ + -addext "subjectAltName=DNS:localhost,IP:127.0.0.1" + - name: Build Docker images run: docker compose build timeout-minutes: 10 From 1bb1937467cfe45b57e0be220b05834307dd9900 Mon Sep 17 00:00:00 2001 From: jalel Date: Fri, 7 Nov 2025 01:45:54 +0000 Subject: [PATCH 4/4] Fix: Accept HTTP 301/302 redirects as valid responses in CI tests --- .github/workflows/docker-build-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-build-test.yml b/.github/workflows/docker-build-test.yml index 98437ab..9505890 100644 --- a/.github/workflows/docker-build-test.yml +++ b/.github/workflows/docker-build-test.yml @@ -73,7 +73,7 @@ jobs: run: | # Check if WordPress responds response=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000) - if [ "$response" -ne "200" ] && [ "$response" -ne "302" ]; then + if [ "$response" -ne "200" ] && [ "$response" -ne "301" ] && [ "$response" -ne "302" ]; then echo "WordPress is not responding correctly (HTTP $response)" exit 1 fi @@ -219,7 +219,7 @@ jobs: - name: Test WordPress site accessibility run: | response=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000) - if [ "$response" -eq "200" ]; then + if [ "$response" -eq "200" ] || [ "$response" -eq "301" ] || [ "$response" -eq "302" ]; then echo "✓ WordPress site is accessible (HTTP $response)" else echo "✗ WordPress site returned HTTP $response"