Chaoste/.gitignore

## .gitignore
certs/
wordpress/
backup.tar*

## README.md

      
    Raw
  

              README.md
            
          
    Setup Local Freiraum


Run Setup Script

    git clone https://gist.github.com/88ac14d182da8e0fb241f174d8f9c527.git freiraum-shop
    cd freiraum-shop
    ./setup-freiraum-dev.sh


The running instance is an old one with outdated content. Thus, you need to update Wordpress, all plugins and pull the latest Backup via UpdraftPlus.
Make sure to turn your Stripe Split Payment into test mode
Turn off Mailjet Integration (should be done by the setup script)

Work with BrowserSync


Add to your /etc/hosts:
::1 localhost 
Go to wordpress/wp-content/themes/freiraum-shop
yarn
yarn start
Visit https://localhost:3000 and ignore the warning by the browser (since we don't serve a SSL certificate for localhost)

VSCode Plugins for Wordpress Development


PHP Intelephense
WordPress Snippet
PHP Debug
GitLens


## create-cert.sh
#!/bin/bash

set -e

RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[0;93m'
NC='\033[0m'

DOMAIN="shop.freiraum.local"

if [[ "$OSTYPE" == "linux-gnu" ]]; then
    OPENSSL_CNF_PATH=/etc/ssl/openssl.cnf
fi

if [[ "$OSTYPE" == "darwin"* ]]; then
    OPENSSL_CNF_PATH=/System/Library/OpenSSL/openssl.cnf
fi

openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout "${DOMAIN}".key \
    -new \
    -out "${DOMAIN}".crt \
    -subj /CN="${DOMAIN}" \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat $OPENSSL_CNF_PATH \
        <(printf '[SAN]\nsubjectAltName=DNS:'${DOMAIN})) \
    -sha256 \
    -days 3650

rm -rf certs/*
mkdir -p certs

mv *.crt certs/
mv *.key certs/

echo -e ${GREEN}"Cert created in /cert! ${NC}"

## docker-compose.yml
version: "3.3"
services:
  nginx:
    image: nginx:1.15.12
    container_name: freiraum-shop_nginx
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/tmp/default.template
      - ./wordpress:/var/www/html:rw,cached
      - ./certs:/etc/certs
    depends_on:
      - wordpress
    restart: always
    entrypoint: /bin/bash -c 'cat /tmp/default.template | sed "s/\\\$$domain/shop.freiraum.local/g" > /etc/nginx/conf.d/default.conf && nginx -g "daemon off;"'

  db:
    image: mysql:5.7
    container_name: freiraum-shop_db
    volumes:
      - db_data:/var/lib/mysql
    ports:
      - 3306:3306
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: somewordpress
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: wordpress

  wordpress:
    image: wordpress:5.1.1-fpm
    container_name: freiraum-shop_wordpress
    depends_on:
      - db
    volumes:
      - ./wordpress:/var/www/html
    restart: always
    environment:
      WORDPRESS_DB_HOST: db:3306
      WORDPRESS_DB_USER: wordpress
      WORDPRESS_DB_PASSWORD: wordpress
      WORDPRESS_DB_NAME: wordpress
volumes:
  db_data: {}

## nginx.conf
upstream browser-sync-app {
    server host.docker.internal:3000;
}

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
    listen      80;
    listen [::]:80;
    server_name $domain;

    location / {
        rewrite ^ https://$host$request_uri? permanent;
    }
}

server {
    listen      443           ssl http2;
    listen [::]:443           ssl http2;
    server_name               $domain www.$domain;

    add_header                Strict-Transport-Security "max-age=31536000" always;

    ssl_session_cache         shared:SSL:20m;
    ssl_session_timeout       10m;

    ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers               "ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5;";

    root /var/www/html;
    index index.php;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ssl_certificate           /etc/certs/$domain.crt;
    ssl_certificate_key       /etc/certs/$domain.key;

    gzip on;
    gzip_http_version 1.0;
    gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_min_length 256;
    gzip_types
        text/css
        text/javascript
        text/xml
        text/plain
        text/x-component
        application/javascript
        application/json
        application/xml
        application/rss+xml
        font/truetype
        font/opentype
        application/vnd.ms-fontobject
        image/svg+xml;

    client_max_body_size 100M;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    # Src: https://gist.github.com/micho/1712812
    location /sync {
          proxy_pass          http://browser-sync-app;
        #   proxy_set_header    Host             $host;
        #   proxy_set_header    X-Real-IP        $remote_addr;
        #   proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
        #   proxy_set_header    X-Client-Verify  SUCCESS;
        #   proxy_set_header    X-Client-DN      $ssl_client_s_dn;
        #   proxy_set_header    X-SSL-Subject    $ssl_client_s_dn;
        #   proxy_set_header    X-SSL-Issuer     $ssl_client_i_dn;
        #   proxy_read_timeout 1800;
        #   proxy_connect_timeout 1800;
    }

    # BrowserSync websocket
    # Src: https://stackoverflow.com/questions/27713016/how-to-make-browsersync-work-with-an-nginx-proxy-server
    location /browser-sync/socket.io/ {
        proxy_pass http://browser-sync-app;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass wordpress:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
    }
}

## setup-freiraum-dev.sh
#!/bin/sh

set -e

./create-cert.sh
./trust-cert.sh
./setup-hosts-file.sh

git clone https://github.com/neXenio/freiraum-shop.git wordpress

docker-compose up -d

open https://nexeniogmbh.sharepoint.com/sites/FreiraumProject/Freigegebene%20Dokumente/General/backup.tar.zip
sleep 15
mv ~/Downloads/backup.tar.zip .
unzip backup.tar.zip

docker-compose stop db
docker run --rm --volumes-from freiraum-shop_db  -v $(pwd):/backup busybox sh -c "cd /var/lib/mysql/ && rm -rf * && tar xvf /backup/backup.tar --strip 3"
docker-compose up -d db

sleep 5

docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wp_options SET option_value='https://shop.freiraum.local' WHERE option_name='siteurl' OR option_name='home';"
docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wp_options SET option_value='0' WHERE option_name='mailjet_enabled';"
docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT * FROM wp_options WHERE option_name='siteurl' OR option_name='home' OR option_name='mailjet_enabled';"

# Set Stripe to test mode in WCFM serialized options object
# https://shop.freiraum.local/store-manager/settings/#wcfm_settings_form_payment_head
# -> wcfm_withdrawal_options
# -> s:9:"test_mode";s:3:"yes";
docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT option_value as val_before, REPLACE(option_value, 'a:30:{', 'a:31:{s:9:\"test_mode\";s:2:\"no\";') as val_after FROM wdp_options WHERE option_name='wcfm_withdrawal_options' AND option_value NOT LIKE '%\"test_mode\"%';"
docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wdp_options SET option_value=REPLACE(option_value, 'a:30:{', 'a:31:{s:9:\"test_mode\";s:2:\"no\";') WHERE option_name='wcfm_withdrawal_options' AND option_value NOT LIKE '%\"test_mode\"%';"
docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT * FROM wp_options WHERE option_name='siteurl' OR option_name='home' OR option_name='mailjet_enabled' OR option_name='wcfm_withdrawal_options';"

# Faster and more complete:
# wp search-replace https://freiraum.io https://shop.freiraum.local --all-tables
# wp search-replace https://freiraum.io https://staging6.freiraum.io --all-tables
# wp cache flush

echo "Last steps:"
echo "1. Login on https://shop.freiraum.local as admin (ask Haidar)"
echo "2. Open Updraft Backup PLugin (in settings section)"
echo "3. Scan remote storage"
echo "4. Pull latest backup (you may skip the images to make it fast)"

## setup-hosts-file.sh
#!/bin/bash

# Add or remove a vhost ex. myapp.local. This will modify /etc/hosts

set -e

RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[0;93m'
NC='\033[0m'

ETC_HOSTS=/etc/hosts
IP="127.0.0.1"
IP_v6="::1"

echo -e "${BLUE}Enter name of vhost: ${NC}"
# read HOSTNAME
HOSTNAME="shop.freiraum.local"
echo -e "${BLUE}Add or remove in /etc/host [a/r]: ${NC}"
# read QUESTION
QUESTION="a"

if [ ${QUESTION} == "a" ]; then

	HOSTS_LINE="$IP\t$HOSTNAME"
	HOSTS_LINE_v6="$IP_v6\t$HOSTNAME"

	if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
		echo -e ${YELLOW}"$HOSTNAME already exists: $(grep $HOSTNAME $ETC_HOSTS) ${NC}"
	else
		echo -e ${GREEN}"Adding $HOSTNAME to your $ETC_HOSTS ${NC}"
		sudo -- sh -c -e "echo '$HOSTS_LINE' >> /etc/hosts"
		sudo -- sh -c -e "echo '$HOSTS_LINE_v6' >> /etc/hosts"

		if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
			echo -e ${GREEN}"$HOSTNAME was added succesfully \n $(grep $HOSTNAME /etc/hosts) ${NC}"
		else
			echo -e ${RED}"Failed to Add $HOSTNAME, Try again! ${NC}"
		fi
	fi

fi

if [ ${QUESTION} == "r" ]; then

	if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
		echo -e ${GREEN}"$HOSTNAME Found in your $ETC_HOSTS, Removing now... ${NC}"
		sudo sed -i".bak" "/$HOSTNAME/d" $ETC_HOSTS
	else
		echo -e ${RED}"$HOSTNAME was not found in your $ETC_HOSTS ${NC}"
	fi

fi

## trust-cert.sh
#!/bin/bash

set -e

RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[0;93m'
NC='\033[0m'

DOMAIN='shop.freiraum.local'

if [[ "$OSTYPE" == "darwin"* ]]; then
    sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "certs/${DOMAIN}.crt"
fi

if [[ "$OSTYPE" == "linux-gnu" ]]; then
    cp certs/* /usr/local/share/ca-certificates/
    sudo update-ca-certificates
fi
echo -e ${GREEN}"The cert should now be trusted in macOS System Keychain. Trusted in Chrome and Safari. (Not Firefox since it's using its own keychain manager) ${NC}"
	#!/bin/bash

	set -e

	RED='\033[0;31m'
	GREEN='\033[0;32m'
	BLUE='\033[0;34m'
	YELLOW='\033[0;93m'
	NC='\033[0m'

	DOMAIN="shop.freiraum.local"

	if [[ "$OSTYPE" == "linux-gnu" ]]; then
	OPENSSL_CNF_PATH=/etc/ssl/openssl.cnf
	fi

	if [[ "$OSTYPE" == "darwin"* ]]; then
	OPENSSL_CNF_PATH=/System/Library/OpenSSL/openssl.cnf
	fi

	openssl req \
	-newkey rsa:2048 \
	-x509 \
	-nodes \
	-keyout "${DOMAIN}".key \
	-new \
	-out "${DOMAIN}".crt \
	-subj /CN="${DOMAIN}" \
	-reqexts SAN \
	-extensions SAN \
	-config <(cat $OPENSSL_CNF_PATH \
	<(printf '[SAN]\nsubjectAltName=DNS:'${DOMAIN})) \
	-sha256 \
	-days 3650

	rm -rf certs/*
	mkdir -p certs

	mv *.crt certs/
	mv *.key certs/

	echo -e ${GREEN}"Cert created in /cert! ${NC}"
	version: "3.3"
	services:
	nginx:
	image: nginx:1.15.12
	container_name: freiraum-shop_nginx
	ports:
	- "80:80"
	- "443:443"
	volumes:
	- ./nginx.conf:/tmp/default.template
	- ./wordpress:/var/www/html:rw,cached
	- ./certs:/etc/certs
	depends_on:
	- wordpress
	restart: always
	entrypoint: /bin/bash -c 'cat /tmp/default.template \| sed "s/\\\$$domain/shop.freiraum.local/g" > /etc/nginx/conf.d/default.conf && nginx -g "daemon off;"'

	db:
	image: mysql:5.7
	container_name: freiraum-shop_db
	volumes:
	- db_data:/var/lib/mysql
	ports:
	- 3306:3306
	restart: always
	environment:
	MYSQL_ROOT_PASSWORD: somewordpress
	MYSQL_DATABASE: wordpress
	MYSQL_USER: wordpress
	MYSQL_PASSWORD: wordpress

	wordpress:
	image: wordpress:5.1.1-fpm
	container_name: freiraum-shop_wordpress
	depends_on:
	- db
	volumes:
	- ./wordpress:/var/www/html
	restart: always
	environment:
	WORDPRESS_DB_HOST: db:3306
	WORDPRESS_DB_USER: wordpress
	WORDPRESS_DB_PASSWORD: wordpress
	WORDPRESS_DB_NAME: wordpress
	volumes:
	db_data: {}
	upstream browser-sync-app {
	server host.docker.internal:3000;
	}

	map $http_upgrade $connection_upgrade {
	default upgrade;
	'' close;
	}

	server {
	listen 80;
	listen [::]:80;
	server_name $domain;

	location / {
	rewrite ^ https://$host$request_uri? permanent;
	}
	}

	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name $domain www.$domain;

	add_header Strict-Transport-Security "max-age=31536000" always;

	ssl_session_cache shared:SSL:20m;
	ssl_session_timeout 10m;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers "ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5;";

	root /var/www/html;
	index index.php;

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	ssl_certificate /etc/certs/$domain.crt;
	ssl_certificate_key /etc/certs/$domain.key;

	gzip on;
	gzip_http_version 1.0;
	gzip_disable "msie6";
	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_min_length 256;
	gzip_types
	text/css
	text/javascript
	text/xml
	text/plain
	text/x-component
	application/javascript
	application/json
	application/xml
	application/rss+xml
	font/truetype
	font/opentype
	application/vnd.ms-fontobject
	image/svg+xml;

	client_max_body_size 100M;

	location / {
	try_files $uri $uri/ /index.php?$args;
	}

	# Src: https://gist.github.com/micho/1712812
	location /sync {
	proxy_pass http://browser-sync-app;
	# proxy_set_header Host $host;
	# proxy_set_header X-Real-IP $remote_addr;
	# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	# proxy_set_header X-Client-Verify SUCCESS;
	# proxy_set_header X-Client-DN $ssl_client_s_dn;
	# proxy_set_header X-SSL-Subject $ssl_client_s_dn;
	# proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
	# proxy_read_timeout 1800;
	# proxy_connect_timeout 1800;
	}

	# BrowserSync websocket
	# Src: https://stackoverflow.com/questions/27713016/how-to-make-browsersync-work-with-an-nginx-proxy-server
	location /browser-sync/socket.io/ {
	proxy_pass http://browser-sync-app;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	}

	location ~ \.php$ {
	try_files $uri =404;
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	fastcgi_pass wordpress:9000;
	fastcgi_index index.php;
	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_param PATH_INFO $fastcgi_path_info;
	}
	}
	#!/bin/sh

	set -e

	./create-cert.sh
	./trust-cert.sh
	./setup-hosts-file.sh

	git clone https://github.com/neXenio/freiraum-shop.git wordpress

	docker-compose up -d

	open https://nexeniogmbh.sharepoint.com/sites/FreiraumProject/Freigegebene%20Dokumente/General/backup.tar.zip
	sleep 15
	mv ~/Downloads/backup.tar.zip .
	unzip backup.tar.zip

	docker-compose stop db
	docker run --rm --volumes-from freiraum-shop_db -v $(pwd):/backup busybox sh -c "cd /var/lib/mysql/ && rm -rf * && tar xvf /backup/backup.tar --strip 3"
	docker-compose up -d db

	sleep 5

	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wp_options SET option_value='https://shop.freiraum.local' WHERE option_name='siteurl' OR option_name='home';"
	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wp_options SET option_value='0' WHERE option_name='mailjet_enabled';"
	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT * FROM wp_options WHERE option_name='siteurl' OR option_name='home' OR option_name='mailjet_enabled';"

	# Set Stripe to test mode in WCFM serialized options object
	# https://shop.freiraum.local/store-manager/settings/#wcfm_settings_form_payment_head
	# -> wcfm_withdrawal_options
	# -> s:9:"test_mode";s:3:"yes";
	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT option_value as val_before, REPLACE(option_value, 'a:30:{', 'a:31:{s:9:\"test_mode\";s:2:\"no\";') as val_after FROM wdp_options WHERE option_name='wcfm_withdrawal_options' AND option_value NOT LIKE '%\"test_mode\"%';"
	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "UPDATE wdp_options SET option_value=REPLACE(option_value, 'a:30:{', 'a:31:{s:9:\"test_mode\";s:2:\"no\";') WHERE option_name='wcfm_withdrawal_options' AND option_value NOT LIKE '%\"test_mode\"%';"
	docker exec -it freiraum-shop_db mysql -u wordpress wordpress -pwordpress -e "SELECT * FROM wp_options WHERE option_name='siteurl' OR option_name='home' OR option_name='mailjet_enabled' OR option_name='wcfm_withdrawal_options';"

	# Faster and more complete:
	# wp search-replace https://freiraum.io https://shop.freiraum.local --all-tables
	# wp search-replace https://freiraum.io https://staging6.freiraum.io --all-tables
	# wp cache flush

	echo "Last steps:"
	echo "1. Login on https://shop.freiraum.local as admin (ask Haidar)"
	echo "2. Open Updraft Backup PLugin (in settings section)"
	echo "3. Scan remote storage"
	echo "4. Pull latest backup (you may skip the images to make it fast)"
	#!/bin/bash

	# Add or remove a vhost ex. myapp.local. This will modify /etc/hosts

	set -e

	RED='\033[0;31m'
	GREEN='\033[0;32m'
	BLUE='\033[0;34m'
	YELLOW='\033[0;93m'
	NC='\033[0m'

	ETC_HOSTS=/etc/hosts
	IP="127.0.0.1"
	IP_v6="::1"

	echo -e "${BLUE}Enter name of vhost: ${NC}"
	# read HOSTNAME
	HOSTNAME="shop.freiraum.local"
	echo -e "${BLUE}Add or remove in /etc/host [a/r]: ${NC}"
	# read QUESTION
	QUESTION="a"

	if [ ${QUESTION} == "a" ]; then

	HOSTS_LINE="$IP\t$HOSTNAME"
	HOSTS_LINE_v6="$IP_v6\t$HOSTNAME"

	if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
	echo -e ${YELLOW}"$HOSTNAME already exists: $(grep $HOSTNAME $ETC_HOSTS) ${NC}"
	else
	echo -e ${GREEN}"Adding $HOSTNAME to your $ETC_HOSTS ${NC}"
	sudo -- sh -c -e "echo '$HOSTS_LINE' >> /etc/hosts"
	sudo -- sh -c -e "echo '$HOSTS_LINE_v6' >> /etc/hosts"

	if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
	echo -e ${GREEN}"$HOSTNAME was added succesfully \n $(grep $HOSTNAME /etc/hosts) ${NC}"
	else
	echo -e ${RED}"Failed to Add $HOSTNAME, Try again! ${NC}"
	fi
	fi

	fi

	if [ ${QUESTION} == "r" ]; then

	if [ -n "$(grep $HOSTNAME /etc/hosts)" ]; then
	echo -e ${GREEN}"$HOSTNAME Found in your $ETC_HOSTS, Removing now... ${NC}"
	sudo sed -i".bak" "/$HOSTNAME/d" $ETC_HOSTS
	else
	echo -e ${RED}"$HOSTNAME was not found in your $ETC_HOSTS ${NC}"
	fi

	fi