Moved directories into rootfs, removed syslog and postfix in favor of mu-plugin

Author: tomazzaman

.gitignore

@@ -0,0 +1,2 @@
+/docker-compose.yml
+/.env

Dockerfile

@@ -5,17 +5,13 @@ MAINTAINER Tomaz Zaman <tomaz@codeable.io>
 RUN apk add --no-cache \
     bash \
     curl-dev \
-    imagemagick-dev \
+    imagemagick \
     libpng-dev \
     libxml2-dev \
-    mailx \
-    mysql-client \
     nginx \
     openssl \
-    postfix \
     redis \
-    supervisor \
-    syslog-ng
+    supervisor
 
 # Set up some useful environment variables
 ENV WP_ROOT /var/www/wordpress
@@ -31,7 +27,7 @@ WORKDIR /var/www/wordpress/wp-content
 
 # Install the necessary php libraries and extensions to run the most common
 # WordPress plugins and functionality (like image manipulation with ImageMagick)
-RUN apk add --no-cache libtool build-base autoconf \
+RUN apk add --no-cache libtool build-base autoconf imagemagick-dev \
     && export CFLAGS="-I/usr/src/php" \
     && docker-php-ext-install \
       -j$(grep -c ^processor /proc/cpuinfo 2>/dev/null) \
@@ -40,7 +36,7 @@ RUN apk add --no-cache libtool build-base autoconf \
       gd mbstring xmlreader xmlwriter ftp mysqli opcache sockets \
     && pecl install imagick \
     && docker-php-ext-enable imagick \
-    && apk del libtool build-base autoconf
+    && apk del libtool build-base autoconf imagemagick-dev
 
 # Download and extract WordPress into /var/www/wordpress
 RUN curl -o wordpress.tar.gz -SL $WP_DOWNLOAD_URL \
@@ -66,16 +62,8 @@ RUN chown -R wordpress:www-data $WP_ROOT \
 # Set proper ownership on Nginx's operational directories (for uploads)
 RUN chown -R www-data:www-data /var/lib/nginx
 
-# Copy all the configuration files in etc and usr into image root
-COPY etc /etc/
-COPY usr /usr/
-
-# Configure postfix
-RUN postconf inet_interfaces=localhost \
-    smtputf8_enable=no \
-    'myorigin=$mydomain' \
-    mail_spool_directory=/var/spool/mail \
-    mynetworks_style=class
+# Copy all the configuration files into image root
+COPY rootfs /
 
 # Set the entrypoint which reads all the secret files to runtime ENV vars
 ENTRYPOINT [ "docker-entrypoint.sh" ]

README.md

@@ -59,18 +59,35 @@ General rule of thumb whether a configuration value should be a secret is that y
 
 ## Sending emails
 
-This image also comes with `postfix` MTA (mail transfer agent) installed, since the default WordPress install is capable of sending emails. While the default configuration might work on your local development machine, it will most likely fail in production - the reason being most of cloud providers block the default port (25) to fight spam.
-
-That's why you're strongly encouraged to set the following environment variables:
-
-- `SMTP_DOMAIN` - the domain you send emails from
-- `SMTP_HOSTNAME` - server's hostname (can be the same as domain)
-- `SMTP_SERVER` - email provider's server (Mandrill, Sendgrid, Mailgun, etc)
-- `SMTP_USERNAME` - username/email for the email provider
-- `SMTP_PASSWORD` - should be in _secrets_!
-- `SMTP_PORT` - port for the email provider
-
-You can find the last four values in your email provider's documentation.
+Docker images are supposed to be as light-weight (and with limited responsibilities) as possible, which is why this image comes with a very basic `sendmail` installation, which will not work on it's own - you need to provide a mail relay to send emails, like Google's SMTP server. To get emails working, create a file `wp-content/mu-plugins/smtp-config.php` and put the following code in it:
+
+```
+<?php
+
+defined( 'ABSPATH' ) or die( 'Please don\'t access this file directly.' );
+
+/**
+ * If the emails are still not sent properly, despite these settings
+ * being set, visit https://myaccount.google.com/security and turn
+ * on "Allow less secure apps". In any case, it's recommended to
+ * create a separate email account for sending emails.
+ *
+ * You can either hard-code values in this file or provide them
+ * via environment variables.
+ */
+
+add_action('phpmailer_init', 'smtp_config');
+
+function smtp_config($phpmailer) {
+  $phpmailer->isSMTP();
+  $phpmailer->Host = 'smtp.gmail.com';
+  $phpmailer->SMTPAutoTLS = true;
+  $phpmailer->SMTPAuth = true;
+  $phpmailer->Port = 587;
+  $phpmailer->Username = $_ENV['SMTP_EMAIL'];
+  $phpmailer->Password = $_ENV['SMTP_PASSWORD'];
+}
+```
 
 ## Your own Nginx virtual hosts
 
@@ -86,5 +103,8 @@ Many developers that use containers on a daily basis believe that each container
 - Some plugins (like WordFence) require files in WordPress root directory. Normally this is not a problem since those files can be safely moved into `wp-content` (which is shared among containers), just pay attention to file paths in those files.
 - If you require additional/different php settings, feel free to pass those settings in Nginx config, like `fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/wordpress/wp-content/wordfence-waf.php";` for example with WordFence.
 
+## TODO:
+- implement a proper init system ([s6](https://skarnet.org/software/s6/)/[runit](smarden.org/runit/))
+
 ---
 This project, developed by [Codeable](https://codeable.io), is published under MIT License.

etc/supervisor.d/postfix.ini

@@ -4,12 +4,12 @@ metadata:
   name: wordpress-secrets
 type: Opaque
 data:
-  auth-key:
-  secure-auth-key:
-  logged-in-key:
-  nonce-key:
-  auth-salt:
-  secure-auth-salt:
-  logged-in-salt:
-  nonce-salt:
-  db-password:
+  AUTH_KEY:
+  SECURE_AUTH_KEY:
+  LOGGED_IN_KEY:
+  NONCE_KEY:
+  AUTH_SALT:
+  SECURE_AUTH_SALT:
+  LOGGED_IN_SALT:
+  NONCE_SALT:
+  DB_PASSWORD:

etc/supervisor.d/syslog-ng.ini

@@ -21,5 +21,3 @@ WP_CACHE_KEY_SALT=cdbl-wp-
 WP_MEMORY_LIMIT=256M
 WP_SITEURL=http://localhost
 WP_HOME=http://localhost
-SMTP_DOMAIN=localhost
-SMTP_HOSTNAME=docker.localhost