diff --git a/bundles/wordpress/README.md b/bundles/wordpress/README.md
new file mode 100644
index 0000000..5aab92c
--- /dev/null
+++ b/bundles/wordpress/README.md
@@ -0,0 +1 @@
+https://www.enterprisedb.com/postgres-tutorials/how-deploy-wordpress-highly-available-postgresql
diff --git a/bundles/wordpress/items.py b/bundles/wordpress/items.py
new file mode 100644
index 0000000..6c3ebd7
--- /dev/null
+++ b/bundles/wordpress/items.py
@@ -0,0 +1,9 @@
+assert node.has_bundle('nginx')
+assert node.has_bundle('php')
+assert node.has_bundle('postgresql')
+
+
+for domain, conf in node.metadata.get('wordpress').items():
+ directories[conf['root']] = {
+ 'owner': 'www-data',
+ }
diff --git a/bundles/wordpress/metadata.py b/bundles/wordpress/metadata.py
new file mode 100644
index 0000000..3463022
--- /dev/null
+++ b/bundles/wordpress/metadata.py
@@ -0,0 +1,60 @@
+defaults = {
+ 'wordpress': {},
+}
+
+
+@metadata_reactor.provides(
+ 'wordpress',
+)
+def wordpress(metadata):
+ return {
+ 'wordpress': {
+ domain: {
+ 'root': f'/var/www/{domain}',
+ }
+ for domain in metadata.get('wordpress')
+ },
+ }
+
+
+@metadata_reactor.provides(
+ 'postgresql/roles',
+ 'postgresql/databases',
+)
+def postgresql(metadata):
+ return {
+ 'postgresql': {
+ 'roles': {
+ domain: {
+ 'password': repo.vault.password_for(f'{node.name} postgresql wordpress {domain}').value,
+ }
+ for domain in metadata.get('wordpress')
+ },
+ 'databases': {
+ domain: {
+ 'owner': domain,
+ }
+ for domain in metadata.get('wordpress')
+ },
+ },
+ }
+
+
+@metadata_reactor.provides(
+ 'nginx/vhosts'
+)
+def vhost(metadata):
+ return {
+ 'nginx': {
+ 'vhosts': {
+ domain: {
+ 'content': 'wordpress/vhost.conf',
+ 'context': {
+ 'root': conf['root'],
+ },
+ 'internal_dns': conf.get('internal_dns', True)
+ }
+ for domain, conf in metadata.get('wordpress').items()
+ },
+ },
+ }
diff --git a/data/wordpress/vhost.conf b/data/wordpress/vhost.conf
new file mode 100644
index 0000000..c3f28c3
--- /dev/null
+++ b/data/wordpress/vhost.conf
@@ -0,0 +1,43 @@
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name ${server_name};
+
+ ssl_certificate /var/lib/dehydrated/certs/${server_name}/fullchain.pem;
+ ssl_certificate_key /var/lib/dehydrated/certs/${server_name}/privkey.pem;
+
+ root ${root};
+
+ index index.php;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ # This is cool because no php is touched for static content.
+ # include the "?$args" part so non-default permalinks doesn't break when using query string
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location ~ \.php$ {
+ #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+ include fastcgi_params;
+ fastcgi_intercept_errors on;
+ fastcgi_pass php-handler;
+ #The following parameter can be also included in fastcgi_params file
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+
+ location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+ expires max;
+ log_not_found off;
+ }
+}
diff --git a/nodes/netcup.mails.py b/nodes/netcup.mails.py
index 70c5351..b0e655f 100644
--- a/nodes/netcup.mails.py
+++ b/nodes/netcup.mails.py
@@ -18,6 +18,7 @@
'nginx-rtmps',
'steam',
'wireguard',
+ 'wordpress',
'zfs',
],
'metadata': {
@@ -171,14 +172,19 @@
},
'internal_dns': False,
},
- 'elimu-kwanza.de': {
- 'content': 'nginx/message.conf',
- 'context': {
- 'title': 'Im Aufbau/under construction',
- 'message': 'info@elimu-kwanza.de',
- },
- 'internal_dns': False,
- },
+ # 'elimu-kwanza.de': {
+ # 'content': 'nginx/message.conf',
+ # 'context': {
+ # 'title': 'Im Aufbau/under construction',
+ # 'message': 'info@elimu-kwanza.de',
+ # },
+ # 'internal_dns': False,
+ # },
+ },
+ },
+ 'wordpress': {
+ 'elimu-kwanza.de': {
+ 'internal_dns': False,
},
},
'nginx-rtmps': {