switch to bash

Avunu · Sep 17, 2024 · 08fceb7 · 08fceb7
1 parent aa7d782
commit 08fceb7
Show file tree

Hide file tree

Showing 5 changed files with 106 additions and 69 deletions.
diff --git a/Caddyfile b/Caddyfile
@@ -1,32 +1,43 @@
+# Global options
 {
 	{$CADDY_GLOBAL_OPTIONS}
 
 	frankenphp {
-		#worker /path/to/your/worker.php
 		{$FRANKENPHP_CONFIG}
 	}
 
-	# https://caddyserver.com/docs/caddyfile/directives#sorting-algorithm
+	servers {
+		timeouts {
+			read_body 10s
+			read_header 10s
+			write 30s
+			idle 60s
+		}
+		keepalive_interval 2m
+		max_header_size 16KB
+		trusted_proxies static private_ranges
+		client_ip_headers X-Forwarded-For
+		protocols h1
+		enable_full_duplex
+		strict_sni_host on
+	}
+
 	order php_server before file_server
 	order php before file_server
-	order request_header before wp_cache
 }
 
-{$CADDY_EXTRA_CONFIG}
-
-## Need to set all hosts with port for the cloud.
-# You may not have the hostname being called due to dynamic IPs and load balancers.
-# Allowing all hosts on port 80 for health checks, local dev & cases where the hostname is unknown.
 :80 {
 	@static {
 		file
-		path *.ico *.css *.js *.gif *.jpg *.jpeg *.png *.svg *.webp *.woff *.woff2
+		path *.css *.eot *.gif *.ico *.jpeg *.jpg *.js *.otf *.png *.svg *.ttf *.webp *.woff *.woff2
 	}
 
 	root * /var/www/html/
 	encode br zstd gzip
-
+
+	# Include any extra directives
 	{$CADDY_SERVER_EXTRA_DIRECTIVES}
 
+	# PHP handling
 	php_server
-}
+}
diff --git a/build-and-push.sh b/build-and-push.sh
@@ -15,9 +15,20 @@ fi
 
 # Set variables
 REPOSITORY="ghcr.io/avunu/wordpress"
-PHP_VERSIONS=("php82" "php83" "php84")
+ALL_PHP_VERSIONS=("php82" "php83" "php84")
 DEFAULT_PHP_VERSION="php83"
 
+# Check if a specific PHP version is provided as an argument
+if [ $# -eq 1 ]; then
+    PHP_VERSIONS=("$1")
+    if [[ ! " ${ALL_PHP_VERSIONS[@]} " =~ " ${1} " ]]; then
+        echo "Error: Invalid PHP version. Allowed versions are: ${ALL_PHP_VERSIONS[*]}"
+        exit 1
+    fi
+else
+    PHP_VERSIONS=("${ALL_PHP_VERSIONS[@]}")
+fi
+
 # Login to GitHub Container Registry
 echo $GITHUB_TOKEN | docker login ghcr.io -u $GITHUB_USERNAME -p $GITHUB_TOKEN
 

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -2,7 +2,8 @@
 set -e
 
 # set shell as /bin/sh
-export SHELL=/bin/sh
+# export SHELL=/bin/sh
+# export WP_CLI_CUSTOM_SHELL=/bin/sh
 
 # Function to run wp-cron
 run_wp_cron() {
@@ -17,7 +18,7 @@ run_wp_cron() {
 
 # If PROC_TYPE=worker, run cron jobs in the background
 if [ "$PROC_TYPE" = "worker" ]; then
-    export WP_CLI_CUSTOM_SHELL=/bin/sh
+    # export WP_CLI_CUSTOM_SHELL=/bin/sh
     echo "Starting wp-cron worker process"
     run_wp_cron
 fi

diff --git a/flake.lock b/flake.lock
diff --git a/wordpress.nix b/wordpress.nix
@@ -24,15 +24,19 @@ let
     ztsSupport = true; # Needed for FrankenPHP
 
 
-  }).overrideAttrs (oldAttrs: {
+  }).overrideAttrs (oldAttrs: rec {
+    # Use Clang instead of GCC
+    stdenv = pkgs.clangStdenv;
 
     # optimizations
     extraConfig = ''
-      CFLAGS="$CFLAGS -march=x86-64-v3 -mtune=x86-64-v3 -O3 -flto"
-      CXXFLAGS="$CXXFLAGS -march=x86-64-v3 -mtune=x86-64-v3 -O3 -flto"
+      CC = "${pkgs.llvmPackages_19.clang}/bin/clang";
+      CXX = "${pkgs.llvmPackages_19.clang}/bin/clang++";
+      CFLAGS="$CFLAGS -march=x86-64-v3 -mtune=x86-64-v3 -O3 -ffast-math -flto"
+      CXXFLAGS="$CXXFLAGS -march=x86-64-v3 -mtune=x86-64-v3 -O3 -ffast-math -flto"
       LDFLAGS="$LDFLAGS -flto"
     '';
-    
+
     # Explicitly enable XML support
     configureFlags = (oldAttrs.configureFlags or [ ]) ++ [
       "--enable-xml"
@@ -77,40 +81,40 @@ let
   phpBuild = phpWithExtensions.buildEnv {
     extraConfig = ''
       ; Memory limits
-      memory_limit = 512M                     ; Increased to allow more memory for PHP
-      max_execution_time = 300                ; Allow longer execution time if needed
-      max_input_time = 120                    ; Extend input processing time
+      memory_limit = 512M					 ; Increased to allow more memory for PHP
+      max_execution_time = 300				; Allow longer execution time if needed
+      max_input_time = 120					; Extend input processing time
 
       ; Opcache settings
-      opcache.enable = 1
-      opcache.memory_consumption = 128        ; Increase opcache memory to improve script caching
-      opcache.max_accelerated_files = 4000    ; Higher number of files cached
-      opcache.interned_strings_buffer = 8     ; Increased for interned strings
-      opcache.jit_buffer_size = 64M           ; Enable JIT with a larger buffer
-      opcache.jit = tracing                   ; Enable JIT compilation
-      opcache.validate_timestamps = 0         ; Keep enabled to handle dynamic file changes
-      opcache.revalidate_freq = 2             ; Check for file changes every 60 seconds
+      opcache.enable = 0
+      opcache.memory_consumption = 128		; Increase opcache memory to improve script caching
+      opcache.max_accelerated_files = 4000	; Higher number of files cached
+      opcache.interned_strings_buffer = 8	 ; Increased for interned strings
+      opcache.jit_buffer_size = 64M		   ; Enable JIT with a larger buffer
+      opcache.jit = 0				   ; Enable JIT compilation
+      opcache.validate_timestamps = 0		 ; Keep enabled to handle dynamic file changes
+      opcache.revalidate_freq = 2			 ; Check for file changes every 60 seconds
 
       ; Error handling
       error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR
-      display_errors = Off
-      display_startup_errors = Off
+      display_errors = On
+      display_startup_errors = On
       log_errors = On
       error_log = /dev/stderr
       log_errors_max_len = 1024
       ignore_repeated_errors = On
       ignore_repeated_source = Off
-      html_errors = Off
+      html_errors = On
 
       ; Database connection pooling
-      mysqli.max_persistent = 1               ; Allow more persistent connections for efficiency
-      mysqli.allow_persistent = 1             ; Enable persistent connections
+      mysqli.max_persistent = 1			   ; Allow more persistent connections for efficiency
+      mysqli.allow_persistent = 1			 ; Enable persistent connections
 
       ; Security settings
       upload_max_filesize = 100M
       post_max_size = 100M
       zend.max_allowed_stack_size = 64M
-      ffi.enable = 1
+      ffi.enable = 0						  ; Disable FFI for security reasons
     '';
   };
 
@@ -136,18 +140,22 @@ pkgs.dockerTools.buildLayeredImage {
   contents = [
     frankenphp
     phpBuild
-    pkgs.busybox
+    pkgs.bashInteractive
     pkgs.cacert
+    pkgs.coreutils
     pkgs.ghostscript
     pkgs.imagemagick
     pkgs.mysql.client
+    pkgs.ncurses
+    pkgs.unzip
     pkgs.vips
+    pkgs.wget
     wp-cli
   ];
 
   config = {
-    Entrypoint = [ "${pkgs.busybox}/bin/sh" "/docker-entrypoint.sh" ];
-    Cmd = [ "${pkgs.lib.getExe frankenphp}" "run" "--config" "/etc/caddy/Caddyfile"];
+    Entrypoint = [ "${pkgs.lib.getExe pkgs.bashInteractive}" "/docker-entrypoint.sh" ];
+    Cmd = [ "${pkgs.lib.getExe frankenphp}" "run" "--config" "/etc/caddy/Caddyfile" ];
     ExposedPorts = {
       "80/tcp" = { };
     };
@@ -171,30 +179,36 @@ pkgs.dockerTools.buildLayeredImage {
   };
 
   extraCommands = ''
-    # set up /tmp
-    mkdir -p tmp
-    chmod 1777 tmp
-
-    # copy Caddyfile
-    mkdir -p etc/caddy
-    cp ${./Caddyfile} etc/caddy/Caddyfile
-
-    # Copy WordPress files
-    mkdir -p var/www/html
-    cp ${./wp-config.php} wp-config.php
-    cp ${./docker-entrypoint.sh} docker-entrypoint.sh
-    chmod +x docker-entrypoint.sh
-
-    # copy must-use plugins
-    mkdir mu-plugins
-    cp ${./mu-plugins/loopback.php} mu-plugins/
-
-    # Symlink CA certificates
-    ln -s ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt etc/ssl/certs/ca-certificates.crt
-
-    # Symlink busybox for bash and env
-    mkdir -p usr/bin
-    ln -s ${pkgs.busybox}/bin/busybox usr/bin/bash
-    ln -s ${pkgs.busybox}/bin/busybox usr/bin/env
+    	# set up /tmp
+    	mkdir -p tmp
+    	chmod 1777 tmp
+
+    	# copy Caddyfile
+    	mkdir -p etc/caddy
+    	cp ${./Caddyfile} etc/caddy/Caddyfile
+
+    	# enable Caddy logging
+    	mkdir -p var/log/caddy
+    	touch var/log/caddy/access.log
+    	touch var/log/caddy/error.log
+    	chmod -R 777 var/log/caddy
+
+    	# Copy WordPress files
+    	mkdir -p var/www/html
+    	cp ${./wp-config.php} wp-config.php
+    	cp ${./docker-entrypoint.sh} docker-entrypoint.sh
+    	chmod +x docker-entrypoint.sh
+
+    	# copy must-use plugins
+    	mkdir mu-plugins
+    	cp ${./mu-plugins/loopback.php} mu-plugins/
+
+    	# Symlink CA certificates
+    	ln -s ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt etc/ssl/certs/ca-certificates.crt
+
+    	# # Symlink busybox for bash and env
+    	# mkdir -p usr/bin
+    	# ln -s ${pkgs.busybox}/bin/busybox usr/bin/bash
+    	# ln -s ${pkgs.busybox}/bin/busybox usr/bin/env
   '';
 }