Merge pull request #41 from Marwolf/master

Ghost fixes

.env

@@ -1,10 +1,6 @@
 #!/usr/bin/env bash
 
 # Ghost
-GHOST_EMAIL=admin@openrsc.com
-GHOST_PASSWORD=malwareinfection
-GHOST_DATABASE_NAME=ghost
-ALLOW_EMPTY_PASSWORD=no
 URL=http://localhost/blog
 
 # Nginx

.gitignore

@@ -30,9 +30,10 @@ Splunk/opt-splunk-var/*
 
 *.log
 
-etc/nginx/default.conf
-
 etc/logs/nginx/*.log
 etc/logs/letsencrypt/*
 etc/ghost/logs/*.log
 etc/ghost/logs/*.log.*
+!etc/ghost/content/data/
+!etc/ghost/content/logs
+etc/ghost/content/data/\.DS_Store

docker-compose.yml

@@ -71,39 +71,26 @@ services:
             - "./Website:/usr/local/tomcat/webapps/ROOT"
             - "./etc/tomcat:/usr/local/tomcat/conf"
 
-    fix-ghost-permissions:
-        image: 'bitnami/ghost:latest'
-        container_name: ghost-fix-permissions
-        user: root
-        command: chown -R 1001:1001 /bitnami/ghost
-        volumes:
-          - "./etc/ghost:/bitnami/ghost"
-        depends_on:
-          - mysqldb
-
     ghost:
-        image: bitnami/ghost:latest
+        image: ghost:latest
         container_name: ghost
         ports:
             - "127.0.0.1:2368:2368"
-        volumes:
-            - "./etc/ghost/content:/opt/bitnami/ghost/content"
+        restart: always
         env_file:
             - ".env"
+        volumes:
+            - "./etc/ghost/content:/var/lib/ghost/content"
         environment:
-          - NODE_ENV=production
-          - privacy__useUpdateCheck=0
-          - URL=${URL}
-          - MARIADB_HOST=mysql
-          - MARIADB_PORT_NUMBER=3306
-          - GHOST_DATABASE_USER=${MARIADB_ROOT_USER}
-          - GHOST_DATABASE_PASSWORD=${MARIADB_ROOT_PASSWORD}
-          - GHOST_DATABASE_NAME=${GHOST_DATABASE_NAME}
-          - ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}
-          - GHOST_EMAIL=${GHOST_EMAIL}
-          - GHOST_PASSWORD=${GHOST_PASSWORD}
+            - url=${URL}
+            - database__client=mysql
+            - database__connection__host=mysql
+            - database__connection__user=${MARIADB_ROOT_USER}
+            - database__connection__password=${MARIADB_ROOT_PASSWORD}
+            - database__connection__database=ghost
+            - privacy__useUpdateCheck=false
         depends_on:
-          - fix-ghost-permissions
+            - mysqldb
 
     php:
         image: nanoninja/php-fpm:7.2

etc/ghost/content/logs

@@ -1 +0,0 @@
-/opt/bitnami/ghost/logs

etc/ghost/content/settings/routes-1.0-backup.yaml

@@ -0,0 +1,11 @@
+routes:
+
+collections:
+  /:
+    permalink: '{globals.permalinks}' # special 1.0 compatibility setting. See the docs for details.
+    template:
+      - index
+
+taxonomies:
+  tag: /tag/{slug}/
+  author: /author/{slug}/

etc/ghost/content/settings/routes.yaml

@@ -2,7 +2,7 @@ routes:
 
 collections:
   /:
-    permalink: '{globals.permalinks}' # special 1.0 compatibility setting. See the docs for details.
+    permalink: /{year}/{month}/{day}/{slug}/ 
     template:
       - index
 

etc/nginx/HTTPS_default.conf.BAK

@@ -36,12 +36,9 @@ server {
     ssl_stapling                            on;
     ssl_stapling_verify                     on;
     resolver                                8.8.8.8 1.1.1.1;
-#    ssl_certificate                         /etc/letsencrypt/live/openrsc.com/fullchain.pem;
-#    ssl_certificate_key                     /etc/letsencrypt/live/openrsc.com/privkey.pem;
-#    ssl_trusted_certificate                 /etc/letsencrypt/live/openrsc.com/chain.pem;
-ssl_certificate                         /etc/letsencrypt/live/localhost/selfsigned.crt;
-ssl_certificate_key                     /etc/letsencrypt/live/localhost/selfsigned.key;
-ssl_trusted_certificate                 /etc/letsencrypt/live/localhost/dhparam.pem;
+    ssl_certificate                         /etc/letsencrypt/live/openrsc.com/fullchain.pem;
+    ssl_certificate_key                     /etc/letsencrypt/live/openrsc.com/privkey.pem;
+    ssl_trusted_certificate                 /etc/letsencrypt/live/openrsc.com/chain.pem;
 
     root /app;
     index index.jsp index.html index.htm;

etc/nginx/default.conf

@@ -0,0 +1,53 @@
+upstream tomcat {
+    server tomcat:8080;
+}
+
+upstream ghost {
+    server ghost:2368;
+}
+
+# HTTP
+server {
+    listen 80                               default_server;
+    listen [::]:80                          default_server ipv6only=on;
+    server_name                             ${NGINX_HOST};
+
+    error_log                               /var/log/nginx/error.log;
+    access_log                              /var/log/nginx/access.log;
+
+    root /app;
+    index index.jsp index.html index.htm;
+
+    client_max_body_size                    100M;
+
+    location / {
+        root                                /var/www/html;
+    }
+
+    ####### Proxies #######
+#    # PHP proxy
+#    location /board {
+#        fastcgi_pass                       php:9001;
+#        fastcgi_index                      index.php;
+#        include                            fastcgi.conf;
+#        root                               /app;
+#    }
+
+    # Ghost proxy
+    location /blog {
+        proxy_pass                          http://ghost;
+        proxy_set_header  Host              $http_host;   # required for docker client's sake
+        proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
+        proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header  X-Forwarded-Proto $scheme;
+        proxy_read_timeout                  900;
+    }
+
+    # Tomcat proxy
+    location ~ \.jsp$ {
+        proxy_set_header X-Forwarded-Host   $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
+        proxy_pass                          http://tomcat;
+    }
+}