From 619a86b346335e72adad053fc6b10d91ffce03a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javier=20J=2E=20Salmer=C3=B3n-Garc=C3=ADa?=
 <jsalmeron@bitnami.com>
Date: Wed, 6 Feb 2019 16:45:58 +0100
Subject: [PATCH] [stable/wordpress] Enable configuration of AllowOverride
 (#11155)

* [stable/wordpress] Enable configuration of AllowOverride

Signed-off-by: Javier J. Salmeron Garcia <jsalmeron@bitnami.com>

* Add custom htaccess cm

Signed-off-by: Javier J. Salmeron Garcia <jsalmeron@bitnami.com>

* Add helper

Signed-off-by: Javier J. Salmeron Garcia <jsalmeron@bitnami.com>

* Update allowOverride values

Signed-off-by: Javier J. Salmeron Garcia <jsalmeron@bitnami.com>
---
 stable/wordpress/Chart.yaml                |  2 +-
 stable/wordpress/README.md                 | 22 ++++++++++++++++++++++
 stable/wordpress/templates/_helpers.tpl    |  7 +++++++
 stable/wordpress/templates/deployment.yaml | 12 ++++++++++++
 stable/wordpress/values-production.yaml    |  6 ++++++
 stable/wordpress/values.yaml               |  6 ++++++
 6 files changed, 54 insertions(+), 1 deletion(-)

diff --git a/stable/wordpress/Chart.yaml b/stable/wordpress/Chart.yaml
index 4f8ae5dfd0f6..6e5e874aef61 100644
--- a/stable/wordpress/Chart.yaml
+++ b/stable/wordpress/Chart.yaml
@@ -1,5 +1,5 @@
 name: wordpress
-version: 5.1.3
+version: 5.2.0
 appVersion: 5.0.3
 description: Web publishing platform for building blogs and websites.
 icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png
diff --git a/stable/wordpress/README.md b/stable/wordpress/README.md
index d497839bce97..d8f7d0bd4e8a 100644
--- a/stable/wordpress/README.md
+++ b/stable/wordpress/README.md
@@ -63,6 +63,8 @@ The following table lists the configurable parameters of the WordPress chart and
 | `wordpressBlogName`              | Blog name                                  | `User's Blog!`                                          |
 | `wordpressTablePrefix`           | Table prefix                               | `wp_`                                                   |
 | `allowEmptyPassword`             | Allow DB blank passwords                   | `true`                                                  |
+| `allowOverrideNone`              | Set Apache AllowOverride directive to None                   | `no`                                                  |
+| `customHTAccessCM`              | Configmap with custom wordpress-htaccess.conf directives                   | `nil`                                                  |
 | `smtpHost`                       | SMTP host                                  | `nil`                                                   |
 | `smtpPort`                       | SMTP port                                  | `nil`                                                   |
 | `smtpUser`                       | SMTP user                                  | `nil`                                                   |
@@ -264,6 +266,26 @@ readinessProbeHeaders:
 
 Any number of name/value pairs may be specified; they are all copied into the liveness or readiness probe definition.
 
+## Disabling `.htaccess`
+
+For performance and security reasons, it is a good practice to configure Apache with `AllowOverride None`. Instead of using `.htaccess` files, Apache will load the same dircetives at boot time. These directives are located in `/opt/bitnami/wordpress/wordpress-htaccess.conf`. The container image includes by default these directives all of the default `.htaccess` files in WordPress (together with the default plugins). To enable this feature, install the chart with the following value:
+
+```
+helm install stable/wordpress --set allowOverrideNone=yes
+```
+
+However, some plugins may include `.htaccess` directives that will not be loaded when `AllowOverride` is set to `None`. A way to make them work would be to create your own `wordpress-htaccess.conf` file with all the required dircectives to make the plugin work. After creating it, then create a ConfigMap with it.
+
+```
+kubectl create cm custom-htaccess --from-file=/path/to/wordpress-htaccess.conf
+```
+
+Then, install the chart:
+
+```
+helm install stable/wordpress --set allowOverrideNone=yes --set customHTAccessCM=custom-htaccess
+```
+
 ## Upgrading
 
 ### To 3.0.0
diff --git a/stable/wordpress/templates/_helpers.tpl b/stable/wordpress/templates/_helpers.tpl
index 09a111822113..7b0595efc7fb 100644
--- a/stable/wordpress/templates/_helpers.tpl
+++ b/stable/wordpress/templates/_helpers.tpl
@@ -53,6 +53,13 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "wordpress.customHTAcessCM" -}}
+{{- printf "%s" .Values.customHTAcessCM -}}
+{{- end -}}
+
 {{/*
 Return the proper image name (for the metrics image)
 */}}
diff --git a/stable/wordpress/templates/deployment.yaml b/stable/wordpress/templates/deployment.yaml
index 845e81f14673..2b0380e76117 100644
--- a/stable/wordpress/templates/deployment.yaml
+++ b/stable/wordpress/templates/deployment.yaml
@@ -97,6 +97,8 @@ spec:
           value: {{ .Values.wordpressFirstName | quote }}
         - name: WORDPRESS_LAST_NAME
           value: {{ .Values.wordpressLastName | quote }}
+        - name: WORDPRESS_HTACCESS_OVERRIDE_NONE
+          value: {{ .Values.allowOverrideNone | quote }}
         - name: WORDPRESS_BLOG_NAME
           value: {{ .Values.wordpressBlogName | quote }}
         - name: WORDPRESS_TABLE_PREFIX
@@ -171,6 +173,11 @@ spec:
         - mountPath: /bitnami/php
           name: wordpress-data
           subPath: php
+        {{- if and .Values.allowOverrideNone .Values.customHTAccessCM}}
+        - mountPath: /opt/bitnami/wordpress
+          name: custom-htaccess
+          subPath: wordpress-htaccess.conf
+        {{- end }}
         resources:
 {{ toYaml .Values.resources | indent 10 }}
 {{- if .Values.metrics.enabled }}
@@ -197,6 +204,11 @@ spec:
   {{ toYaml .Values.metrics.resources | indent 10 }}
 {{- end }}
       volumes:
+      {{- if and .Values.allowOverrideNone .Values.customHTAccessCM}}
+      - name: custom-htaccess
+        configMap:
+          name: {{ template "wordpress.customHTAccessCM" . }}
+      {{- end }} 
       - name: wordpress-data
       {{- if .Values.persistence.enabled }}
         persistentVolumeClaim:
diff --git a/stable/wordpress/values-production.yaml b/stable/wordpress/values-production.yaml
index 3559457891f5..ce40068972c2 100644
--- a/stable/wordpress/values-production.yaml
+++ b/stable/wordpress/values-production.yaml
@@ -59,6 +59,12 @@ wordpressTablePrefix: wp_
 ## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
 allowEmptyPassword: "yes"
 
+## Set Apache allowOverride to None
+allowOverrideNone: yes
+
+# ConfigMap with custom wordpress-htaccess.conf file (requires allowOverrideNone to true)
+customHTAccessCM:
+
 ## SMTP mail delivery configuration
 ## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-configuration
 ##
diff --git a/stable/wordpress/values.yaml b/stable/wordpress/values.yaml
index 2e3462d68090..822d59da1c4c 100644
--- a/stable/wordpress/values.yaml
+++ b/stable/wordpress/values.yaml
@@ -63,6 +63,12 @@ wordpressTablePrefix: wp_
 ## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
 allowEmptyPassword: true
 
+## Set Apache allowOverride to None
+allowOverrideNone: no
+
+# ConfigMap with custom wordpress-htaccess.conf file (requires allowOverrideNone to true)
+customHTAccessCM:
+
 ## SMTP mail delivery configuration
 ## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-configuration
 ##