wordpress-helm issueshttps://open.greenhost.net/stackspin/wordpress-helm/-/issues2023-07-06T09:18:44Zhttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/139Cron Update2023-07-06T09:18:44ZnknovCron UpdateHi,
Automatic/WP-Cron-Control has been archived by Automattic on Mar 26, 2021. It is now read-only.
The replacement is https://github.com/Automattic/Cron-ControlHi,
Automatic/WP-Cron-Control has been archived by Automattic on Mar 26, 2021. It is now read-only.
The replacement is https://github.com/Automattic/Cron-ControlFuturehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/129Wordpress gives empty root page2023-04-06T14:07:56ZArie PetersonWordpress gives empty root pageWith recent versions of the wordpress helm chart, the root url gives an empty http response: a valid response, but with `content-length: 0`. `/wp-login.php` does give the expected login page. Not sure what causes this.With recent versions of the wordpress helm chart, the root url gives an empty http response: a valid response, but with `content-length: 0`. `/wp-login.php` does give the expected login page. Not sure what causes this.Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/126Wordpress auto-update of plugins/themes2022-09-22T12:39:12ZVaracWordpress auto-update of plugins/themesThis is how wp on stackspin.net looks like:
![image](/uploads/f672373bb0d4cbd52f3cf94ed74b3d83/image.png)
For NC we do auto-update apps (right ?) so I'd like to discuss if we should do this for Stackspin as well.This is how wp on stackspin.net looks like:
![image](/uploads/f672373bb0d4cbd52f3cf94ed74b3d83/image.png)
For NC we do auto-update apps (right ?) so I'd like to discuss if we should do this for Stackspin as well.Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/125Disabling user management within WordPress2022-05-04T12:58:26ZMaarten de WaardDisabling user management within WordPressFrom #104:
* [ ] Adding new users is not possible, with explanation
* [ ] Assigning admin role is not possible, with explanation that it should be done through Stackspin dashboard
* [ ] Changing user roles is possible, **except for admin**From #104:
* [ ] Adding new users is not possible, with explanation
* [ ] Assigning admin role is not possible, with explanation that it should be done through Stackspin dashboard
* [ ] Changing user roles is possible, **except for admin**Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/124Add notification to Plugin page explaining the risks of installing non-core p...2022-05-04T12:58:30ZMaarten de WaardAdd notification to Plugin page explaining the risks of installing non-core pluginsRelated to #104.Related to #104.Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/121Publish chart on artifacthub2022-06-30T09:20:44ZVaracPublish chart on artifacthubFuturehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/118Dependency Dashboard2024-03-19T14:01:25ZStackspin-renovate BotDependency DashboardThis issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
## Open
These updates have all been created already. Click a checkbo...This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
## Open
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
- [ ] <!-- rebase-branch=renovate/wordpress-wordpress-6.x -->[chore(deps): update dependency wordpress/wordpress to v6.4.3](!349)
- [ ] <!-- rebase-branch=renovate/mariadb-17.x -->[chore(deps): update helm release mariadb to v17](!355)
- [ ] <!-- rebase-branch=renovate/redis-19.x -->[chore(deps): update helm release redis to v19](!356)
- [ ] <!-- rebase-all-open-prs -->**Click on this checkbox to rebase all open MRs at once**
## Detected dependencies
<details><summary>dockerfile</summary>
<blockquote>
<details><summary>wp-cli-docker/Dockerfile</summary>
- `wordpress cli-2.9.0-php8.3`
</details>
<details><summary>wp-docker/Dockerfile</summary>
- `php 8.3.4-apache-bullseye`
</details>
</blockquote>
</details>
<details><summary>gitlabci</summary>
<blockquote>
<details><summary>.gitlab-ci.yml</summary>
</details>
</blockquote>
</details>
<details><summary>helm-values</summary>
<blockquote>
<details><summary>values.yaml</summary>
- `open.greenhost.net:4567/stackspin/wordpress-helm/wordpress 0.8.0`
- `open.greenhost.net:4567/stackspin/wordpress-helm/wordpress-cli-ansible 0.8.0`
</details>
</blockquote>
</details>
<details><summary>helmv3</summary>
<blockquote>
<details><summary>Chart.yaml</summary>
- `mariadb 12.2.9`
- `redis 17.17.1`
</details>
</blockquote>
</details>
<details><summary>regex</summary>
<blockquote>
<details><summary>values.yaml</summary>
- `WordPress/WordPress 6.3.2`
</details>
</blockquote>
</details>Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/103Helm doesn't reboot pod when WordPress is updated2021-12-21T09:28:10ZMaarten de WaardHelm doesn't reboot pod when WordPress is updatedI'm not 100% sure if this is the problem, but it seems like it.
Symptom:
- Tin updated WP to 5.8.2 from the Admin interface
- Cluster was rebooted
- 5.8.1 was installed again (actually so far this is what I'd expect)
Somewhere in the...I'm not 100% sure if this is the problem, but it seems like it.
Symptom:
- Tin updated WP to 5.8.2 from the Admin interface
- Cluster was rebooted
- 5.8.1 was installed again (actually so far this is what I'd expect)
Somewhere in the meantime the chart got updated from 0.4.2 to 0.4.3 on the cluster. This should have updated WP to 5.8.2 again, but didn't. All values seem to be set correctly. Deleting (i.e. restarting) the pod doesn't lead to a downgrade anymore, so the updated values have propagated correctly.
This leads me to believe that when the Helm chart was updated from 0.4.2 to 0.4.3 it did not replace the WordPress pod with one that installs 5.8.2.
Steps to research/reproduce:
1. Override `wordpress.site.version` to `5.8.1` in values-local.yaml
2. Install WP chart
3. Remove overridden value from values-local.yaml
4. Update WP chart
5. Observe if wordpress pod gets removed (which triggers the `init` pod to run again and update WP)
If this fails, I assume the culprit is this line in `templates/statefulset.yaml`:
```
30 checksum/config: {{ printf "%s%s" (include (print $.Template.BasePath "/ansible-vars.yaml") .) (include (print $.Template.BasePath "/secrets.yaml") .) | sha256sum }}
```
1. I'm not sure if this works for Secrets (we store the WP version in a secret). If it doesn't, let's try to put the WP version in the CM
2. I'm not sure if this works at all. I believe we can add this annotation several times (I believe the system works with `checksum/X` where X can have any value but I'm not sure)Futurehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/99Remove default passwords in values.yaml2021-11-09T11:24:17ZVaracRemove default passwords in values.yaml* [ ] wordpress.config.adm.pssw
* [ ] database.auth.password* [ ] wordpress.config.adm.pssw
* [ ] database.auth.passwordFuturehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/98Disable comments by default2022-02-08T08:41:12ZVaracDisable comments by defaultIt was just a matter of time: We recieved our first spam comment on oas.gh :tada:
```
[OpenAppStack website] Please moderate: "Hello world!".eml
Subject:
[OpenAppStack website] Please moderate: "Hello world!"
From:
WordPress Admin <i...It was just a matter of time: We recieved our first spam comment on oas.gh :tada:
```
[OpenAppStack website] Please moderate: "Hello world!".eml
Subject:
[OpenAppStack website] Please moderate: "Hello world!"
From:
WordPress Admin <info@openappstack.net>
Date:
10/28/21, 06:11
To:
mail@example.com
A new comment on the post "Hello world!" is waiting for your approval
https://www.oas.greenhost.net/?p=1
Author: ryobi power washer valve (IP address: 104.144.217.222, 104.144.217.222)
Email: lorihowden@gmail.com
URL: http://HKGoPmbgib@fwzcb.cn
Comment:
This is my first time go to see at here and i am actually happy to read everthing at alone place.
Approve it: https://www.oas.greenhost.net/wp-admin/comment.php?action=approve&c=12#wpbody-content
Trash it: https://www.oas.greenhost.net/wp-admin/comment.php?action=trash&c=12#wpbody-content
Spam it: https://www.oas.greenhost.net/wp-admin/comment.php?action=spam&c=12#wpbody-content
Currently 1 comment is waiting for approval. Please visit the moderation panel:
https://www.oas.greenhost.net/wp-admin/edit-comments.php?comment_status=moderated#wpbody-content
```
So we should disable comments by default.Futurehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/97User role mappings only work on second login2022-04-03T20:00:14ZMaarten de WaardUser role mappings only work on second loginThere was initially some discussion in our GitHub issue [here](https://github.com/oidc-wp/openid-connect-generic/issues/164).
It seems like [this comment](https://github.com/oidc-wp/openid-connect-generic/issues/164#issuecomment-6805609...There was initially some discussion in our GitHub issue [here](https://github.com/oidc-wp/openid-connect-generic/issues/164).
It seems like [this comment](https://github.com/oidc-wp/openid-connect-generic/issues/164#issuecomment-680560908) is particularly important if we want to research currently supported solutions for this problem.Futurehttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/96Replace `shell:` with more secure `command` module in Ansible playbook2021-11-10T10:49:06ZMaarten de WaardReplace `shell:` with more secure `command` module in Ansible playbookI just ran into a problem with an SMTP variable that contained a backtick (`). That's because the playbook often uses `shell` while it could use the more secure `command` module. `shell` is usually only necessary when you want to direct ...I just ran into a problem with an SMTP variable that contained a backtick (`). That's because the playbook often uses `shell` while it could use the more secure `command` module. `shell` is usually only necessary when you want to direct the output of a command with pipes or `>`'s.
None of these occurrences need `shell` and they can easily be search-replaced to make the chart more secure/error prone.
```
git grep 'shell: wp'
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} core download
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} core verify-checksums
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} core install
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} core update-db
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} config set FS_METHOD direct --add --type=constant
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} config set DISALLOW_FILE_EDIT true --add --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} core language install "{{ language }}"
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} site switch-language "{{ DEFAULT_LANG }}"
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp config {{ cli_args }} set {{ wp_salt.key }} {{ wp_salt.value }} --add --type=constant
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} config set 'FS_CHMOD_DIR' {{ WP_DIR_MODE }} --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} config set 'FS_CHMOD_FILE' {{ WP_FILES_MODE }} --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} option set close_comments_days_old 90
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} option set comment_max_links 1
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} option set users_can_register 0
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} option set default_ping_status closed
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} theme install {{ item }}
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} theme activate "{{ WP_THEME_ACTIVE }}"
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} theme install "{{ WP_THEME_FALLBACK }}" --activate
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} plugin install "{{ wordpress_default_plugin }}" --force --activate
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} option set {{ WP_ALT_CONFIG }} {{ WP_ALT_PATH }}
wp-cli-docker/roles/wordpress-init/tasks/main.yml: shell: wp {{ cli_args }} config set WP_DEBUG {{ WP_DEBUG }} --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set 'WP_CONTENT_DIR' "ABSPATH . 'wp-content'" --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set 'WPMU_PLUGIN_DIR' "ABSPATH . 'wp-content/{{ WP_MU_PLUGINS_DIR }}'" --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set 'WP_CONTENT_URL' "'{{ WP_URL }}/wp-content'" --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set 'WPMU_PLUGIN_URL' "'{{ WP_URL }}/wp-content/mu-plugins'" --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set 'WP_CRON_CONTROL_SECRET' "{{ WP_MU_CRON_SETTINGS.secret }}" --add --type=constant
wp-cli-docker/roles/wordpress-init/tasks/mu-plugins-cron.yml: shell: wp {{ cli_args }} config set DISABLE_WP_CRON true --add --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/multilingual.yml: shell: wp {{ cli_args }} config set 'WP_CONTENT_DIR' "ABSPATH . 'wp-content'" --raw --type=constant
wp-cli-docker/roles/wordpress-init/tasks/multilingual.yml: shell: wp {{ cli_args }} config set {{ WP_MULTILINGUAL_CONFIG }}
wp-cli-docker/roles/wordpress-init/tasks/multilingual.yml: shell: wp {{ cli_args }} plugin activate {{ wp_multilingual_plugin }}
wp-cli-docker/roles/wordpress-init/tasks/multilingual.yml: shell: wp {{ cli_args }} plugin deactivate {{ wp_multilingual_plugin }}
wp-cli-docker/roles/wordpress-init/tasks/openid-connect.yml: shell: wp {{ cli_args }} plugin install daggerhart-openid-connect-generic --activate
wp-cli-docker/roles/wordpress-init/tasks/redis.yml: shell: wp {{ cli_args }} config set WP_REDIS_HOST "{{ WP_REDIS_HOST }}" --add --type=constant
wp-cli-docker/roles/wordpress-init/tasks/redis.yml: shell: wp {{ cli_args }} config set WP_REDIS_PASSWORD "{{ WP_REDIS_PASSWORD }}" --add --type=constant
wp-cli-docker/roles/wordpress-init/tasks/redis.yml: shell: wp {{ cli_args }} plugin install redis-cache --activate
wp-cli-docker/roles/wordpress-init/tasks/redis.yml: shell: wp {{ cli_args }} redis enable
```Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/87Add startup probe, remove initialDelaySeconds2022-04-21T12:15:35ZVaracAdd startup probe, remove initialDelaySecondsFor the context, see nextcloud#32 or stackspin#914For the context, see nextcloud#32 or stackspin#914Backloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/86Include changes in Chart.yaml instead of Changelog.md2022-04-21T12:13:25ZVaracInclude changes in Chart.yaml instead of Changelog.mdIf we plan to publish our charts in the future and want to display the changes on artifacthub.io we should describe them in Chart.yaml as [helm annotations](https://artifacthub.io/docs/topics/annotations/helm) instead of `Changelog.md`. ...If we plan to publish our charts in the future and want to display the changes on artifacthub.io we should describe them in Chart.yaml as [helm annotations](https://artifacthub.io/docs/topics/annotations/helm) instead of `Changelog.md`.
That way Charts's changes get get viewed nicely as in this example (Click on `Changelog`): https://artifacthub.io/packages/helm/artifact-hub/artifact-hub
The source for the above example can be found here: https://github.com/artifacthub/hub/blob/master/charts/artifact-hub/Chart.yamlBackloghttps://open.greenhost.net/stackspin/wordpress-helm/-/issues/60[Investigation] PHP-FPM + NGINX2022-04-08T12:41:03Zbalibebas[Investigation] PHP-FPM + NGINXThoughts on breaking up with Apache and adding NGINX with mod_pagespeed? As I understand it FastCGI in PHP-FPM may also bring along some
additional performance optimizations.
LAMP => LEMP
Installation help: https://gist.github.com/hol...Thoughts on breaking up with Apache and adding NGINX with mod_pagespeed? As I understand it FastCGI in PHP-FPM may also bring along some
additional performance optimizations.
LAMP => LEMP
Installation help: https://gist.github.com/hollodotme/418e9b7c6ebc358e7fdaBacklog