From: Armaan Bhojwani <3fb650a9-b47e-4604-a282-1dd91953b2ee@anonaddy.me> Date: Fri, 25 Sep 2020 21:10:33 +0000 (-0400) Subject: add recon X-Git-Url: https://git.armaanb.net/?p=dockerfiles.git;a=commitdiff_plain;h=b95c7070c6a4ff5f39d947881f563d41f3a8699a add recon --- diff --git a/wordpress-recon/Dockerfile b/wordpress-recon/Dockerfile new file mode 100644 index 0000000..53c4549 --- /dev/null +++ b/wordpress-recon/Dockerfile @@ -0,0 +1,27 @@ +FROM php:7.4-apache + +RUN a2enmod rewrite + +# install the PHP extensions we need + +RUN apt-get update && apt install -y gcc make autoconf libc-dev pkg-config libmemcached-dev libjpeg-dev zlib1g-dev libpng-dev && rm -rf /var/lib/apt/lists/* \ + php-ext-configure gd \ + && docker-php-ext-install gd +RUN docker-php-ext-install mysqli && pecl install redis && docker-php-ext-enable redis + +VOLUME /var/www/html + +ENV WORDPRESS_VERSION 5.5.1 +ENV WORDPRESS_UPSTREAM_VERSION 5.5.1 + +# upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress +#RUN curl -o wordpress.tar.gz -SL https://wordpress.org/wordpress-${WORDPRESS_UPSTREAM_VERSION}.tar.gz \ +# && echo "$WORDPRESS_SHA1 *wordpress.tar.gz" \ +# && tar -xzf wordpress.tar.gz -C /usr/src/ \ +# && rm wordpress.tar.gz \ +# && chown -R www-data:www-data /usr/src/wordpress + +COPY docker-entrypoint.sh /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["apache2-foreground"] diff --git a/wordpress-recon/docker-entrypoint.sh b/wordpress-recon/docker-entrypoint.sh new file mode 100755 index 0000000..3f44fda --- /dev/null +++ b/wordpress-recon/docker-entrypoint.sh @@ -0,0 +1,277 @@ +#!/bin/bash + +set -e + + + +if [ -n "$MYSQL_PORT_3306_TCP" ]; then + + if [ -z "$WORDPRESS_DB_HOST" ]; then + + WORDPRESS_DB_HOST='mysql' + + else + + echo >&2 'warning: both WORDPRESS_DB_HOST and MYSQL_PORT_3306_TCP found' + + echo >&2 " Connecting to WORDPRESS_DB_HOST ($WORDPRESS_DB_HOST)" + + echo >&2 ' instead of the linked mysql container' + + fi + +fi + + + +if [ -z "$WORDPRESS_DB_HOST" ]; then + + echo >&2 'error: missing WORDPRESS_DB_HOST and MYSQL_PORT_3306_TCP environment variables' + + echo >&2 ' Did you forget to --link some_mysql_container:mysql or set an external db' + + echo >&2 ' with -e WORDPRESS_DB_HOST=hostname:port?' + + exit 1 + +fi + + + +# if we're linked to MySQL, and we're using the root user, and our linked + +# container has a default "root" password set up and passed through... :) + +: ${WORDPRESS_DB_USER:=root} + +if [ "$WORDPRESS_DB_USER" = 'root' ]; then + + : ${WORDPRESS_DB_PASSWORD:=$MYSQL_ENV_MYSQL_ROOT_PASSWORD} + +fi + +: ${WORDPRESS_DB_NAME:=wordpress} + + + +if [ -z "$WORDPRESS_DB_PASSWORD" ]; then + + echo >&2 'error: missing required WORDPRESS_DB_PASSWORD environment variable' + + echo >&2 ' Did you forget to -e WORDPRESS_DB_PASSWORD=... ?' + + echo >&2 + + echo >&2 ' (Also of interest might be WORDPRESS_DB_USER and WORDPRESS_DB_NAME.)' + + exit 1 + +fi + + + +if ! [ -e index.php -a -e wp-includes/version.php ]; then + + echo >&2 "WordPress not found in $(pwd) - copying now..." + + if [ "$(ls -A)" ]; then + + echo >&2 "WARNING: $(pwd) is not empty - press Ctrl+C now if this is an error!" + + ( set -x; ls -A; sleep 10 ) + + fi + + tar cf - --one-file-system -C /usr/src/wordpress . | tar xf - + + echo >&2 "Complete! WordPress has been successfully copied to $(pwd)" + + if [ ! -e .htaccess ]; then + + # NOTE: The "Indexes" option is disabled in the php:apache base image + + cat > .htaccess <<-'EOF' + + # BEGIN WordPress + + + + RewriteEngine On + + RewriteBase / + + RewriteRule ^index\.php$ - [L] + + RewriteCond %{REQUEST_FILENAME} !-f + + RewriteCond %{REQUEST_FILENAME} !-d + + RewriteRule . /index.php [L] + + + + # END WordPress + + EOF + + chown www-data:www-data .htaccess + + fi + +fi + + + +# TODO handle WordPress upgrades magically in the same way, but only if wp-includes/version.php's $wp_version is less than /usr/src/wordpress/wp-includes/version.php's $wp_version + + + +if [ ! -e wp-config.php ]; then + + awk '/^\/\*.*stop editing.*\*\/$/ && c == 0 { c = 1; system("cat") } { print }' wp-config-sample.php > wp-config.php <<'EOPHP' + +// If we're behind a proxy server and using HTTPS, we need to alert Wordpress of that fact + +// see also http://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy + +if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { + + $_SERVER['HTTPS'] = 'on'; + +} + +EOPHP + + chown www-data:www-data wp-config.php + +fi + + + +set_config() { + + key="$1" + + value="$2" + + php_escaped_value="$(php -r 'var_export($argv[1]);' "$value")" + + sed_escaped_value="$(echo "$php_escaped_value" | sed 's/[\/&]/\\&/g')" + + sed -ri "s/((['\"])$key\2\s*,\s*)(['\"]).*\3/\1$sed_escaped_value/" wp-config.php + +} + + + +set_config 'DB_HOST' "$WORDPRESS_DB_HOST" + +set_config 'DB_USER' "$WORDPRESS_DB_USER" + +set_config 'DB_PASSWORD' "$WORDPRESS_DB_PASSWORD" + +set_config 'DB_NAME' "$WORDPRESS_DB_NAME" + + + +# allow any of these "Authentication Unique Keys and Salts." to be specified via + +# environment variables with a "WORDPRESS_" prefix (ie, "WORDPRESS_AUTH_KEY") + +UNIQUES=( + + AUTH_KEY + + SECURE_AUTH_KEY + + LOGGED_IN_KEY + + NONCE_KEY + + AUTH_SALT + + SECURE_AUTH_SALT + + LOGGED_IN_SALT + + NONCE_SALT + +) + +for unique in "${UNIQUES[@]}"; do + + eval unique_value=\$WORDPRESS_$unique + + if [ "$unique_value" ]; then + + set_config "$unique" "$unique_value" + + else + + # if not specified, let's generate a random value + + current_set="$(sed -rn "s/define\((([\'\"])$unique\2\s*,\s*)(['\"])(.*)\3\);/\4/p" wp-config.php)" + + if [ "$current_set" = 'put your unique phrase here' ]; then + + set_config "$unique" "$(head -c1M /dev/urandom | sha1sum | cut -d' ' -f1)" + + fi + + fi + +done + + + +TERM=dumb php -- "$WORDPRESS_DB_HOST" "$WORDPRESS_DB_USER" "$WORDPRESS_DB_PASSWORD" "$WORDPRESS_DB_NAME" <<'EOPHP' + +connect_error) { + + fwrite($stderr, "\n" . 'MySQL Connection Error: (' . $mysql->connect_errno . ') ' . $mysql->connect_error . "\n"); + + --$maxTries; + + if ($maxTries <= 0) { + + exit(1); + + } + + sleep(3); + + } + +} while ($mysql->connect_error); + +if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_string($argv[4]) . '`')) { + + fwrite($stderr, "\n" . 'MySQL "CREATE DATABASE" Error: ' . $mysql->error . "\n"); + + $mysql->close(); + + exit(1); + +} + +$mysql->close(); + +EOPHP + + + +exec "$@"