Remove vendor assets (#558)

* remove vendor assets

* replace key for comment

* Optimise composer

* Manage loopback

.gitignore

@@ -38,7 +38,8 @@ public/app/themes/clarity/dist
 public/app/themes/clarity/node_modules
 
 # WordPress
-public/wp
+public/wp/*
+!public/wp/.keep
 
 # WordPress Plugin additions
 public/app/ewww

Makefile

@@ -49,19 +49,11 @@ node-cdn:
 #   █▀▀  █▀█  █▀▄▀█  █▀█  █▀█  █▀  █▀▀  █▀█
 #   █▄▄  █▄█  █░▀░█  █▀▀  █▄█  ▄█  ██▄  █▀▄
 
-composer-update:
-	@docker compose exec php-fpm ./bin/local-composer-update.sh ash
-	@make composer
-
 composer-assets:
 	@chmod +x ./bin/local-composer-assets.sh
 	@docker compose exec php-fpm ./bin/local-composer-assets.sh ash
 
-composer-copy:
-	@chmod +x ./bin/local-composer-assets-copy.sh
-	@./bin/local-composer-assets-copy.sh
-
-composer: composer-assets composer-copy
+composer: composer-assets
 
 
 #   █▀  █░█  █▀▀  █░░  █░░

bin/local-composer-assets.sh

@@ -4,22 +4,4 @@ source bin/composer-auth.sh
 
 if [ ! -d "./vendor" ]; then
   composer install
-
-  echo "Generating checksum..."
-  zip -r -f --quiet vendor ./vendor
-  sha1sum vendor.zip > vendor.sha1
-  echo "Done."
-fi
-
-if [ ! -d "./vendor-assets" ]; then
-  # Nginx file sharing regex-parts
-  regex_files='\(htm\|html\|js\|css\|png\|jpg\|jpeg\|gif\|ico\|svg\|webmanifest\)'
-  regex_path='\(app\/themes\/clarity\|app\/mu\-plugins\|app\/plugins\|wp\)'
-
-  echo "Generating vendor-assets directory..."
-
-  mkdir -p ./vendor-assets
-  find public/ -name '*node_modules*' -prune -name '*uploads*' -prune -name '*clarity/src*' -prune -name '*clarity/webpack*' -prune -o -type f -regex "public\/${regex_path}.*\.${regex_files}" -exec cp --parent "{}" vendor-assets/  \;
-
-  echo "Done."
 fi

bin/local-key-gen.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-# This script creates a JWT sectet, RSA key pair and copies them to the clipboard - ready for pasting into .env.
+# This script creates a JWT secret, RSA key pair and copies them to the clipboard - ready for pasting into .env.
 # The script follows the instructions from the AWS 'Creating key pairs for your signers' documentation:
 # https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html#private-content-creating-cloudfront-key-pairs
 
@@ -16,8 +16,8 @@ openssl rsa -pubout -in /tmp/intranet_private_key.pem -out /tmp/intranet_public_
 AWS_CLOUDFRONT_PUBLIC_KEY=$(cat /tmp/intranet_public_key.pem)
 # First 8 chars of hash
 AWS_CLOUDFRONT_PUBLIC_KEY_SHORT_HASH="$(echo "$AWS_CLOUDFRONT_PUBLIC_KEY" | openssl dgst -binary -sha256 | xxd -p -c 32 | cut -c 1-8)"
-# Build the object, similar to terraform's output.
-AWS_CLOUDFRONT_PUBLIC_KEYS_OBJECT="[{\"id\":\"GENERATED_BY_AWS\",\"key\":\"$AWS_CLOUDFRONT_PUBLIC_KEY_SHORT_HASH\"}]"
+# Build the object, similar to terraform output.
+AWS_CLOUDFRONT_PUBLIC_KEYS_OBJECT="[{\"id\":\"GENERATED_BY_AWS\",\"comment\":\"$AWS_CLOUDFRONT_PUBLIC_KEY_SHORT_HASH\"}]"
 AWS_CLOUDFRONT_PRIVATE_KEY=$(cat /tmp/intranet_private_key.pem)
 
 # First 8 chars of hash

docker-compose.yml

@@ -35,8 +35,13 @@ services:
     volumes:
       - dist:/var/www/html/public/app/themes/clarity/dist
       - php-socket:/sock
+      ### Deploy scripts
       - ./deploy/config/local/nginx/php-fpm.conf:/etc/nginx/php-fpm.conf
       - ./deploy/config/local/nginx/server.conf:/etc/nginx/conf.d/default.conf
+      ### Assets
+      - ./public/app/plugins:/var/www/html/public/app/plugins
+      - ./public/app/themes/justice/screenshot.png:/var/www/html/public/app/themes/justice/screenshot.png
+      - ./public/wp:/var/www/html/public/wp
       - ./public/index.php:/var/www/html/public/index.php
     environment:
       VIRTUAL_HOST: ${SERVER_NAME}

public/app/themes/clarity/inc/security.php

@@ -4,6 +4,8 @@
 // ---------------------------------------------
 
 // Prevents WordPress from "guessing" URLs
+use Roots\WPConfig\Config;
+
 function no_redirect_on_404($redirect_url)
 {
     if (is_404()) {
@@ -48,3 +50,34 @@ function control_login_period($expirein)
     return 180 * DAY_IN_SECONDS; // Cookies set to expire in 180 days.
 }
 add_filter('auth_cookie_expiration', 'control_login_period');
+
+/**
+ * Handle loopback requests.
+ *
+ * Handle requests to the application host, by sending them to the loopback url.
+ *
+ * @param false|array|WP_Error $response
+ * @param array $parsed_args
+ * @param string $url
+ * @return false|array|WP_Error
+ */
+add_filter('pre_http_request', function (false|array|WP_Error $response, array $parsed_args, string $url): false|array|WP_Error
+{
+    // Is the request url to the application host?
+    if (parse_url($url, PHP_URL_HOST) !== parse_url(get_home_url(), PHP_URL_HOST)) {
+        return $response;
+    }
+
+    // Replace the URL.
+    $new_url = str_replace(get_home_url(), 'http://localhost:8080', $url);
+
+    // We don't need to verify ssl, calling a trusted container.
+    $parsed_args['sslverify'] = false;
+
+    // Get an instance of WP_Http.
+    $http = _wp_http_get_object();
+
+    // Return the result.
+    return $http->request($new_url, $parsed_args);
+}, 10, 3);
+