From 64d708fb566d931aaf1e14ffa7ef226006a19cfb Mon Sep 17 00:00:00 2001
From: Benjamin Qin <benjamin.qin@gmail.com>
Date: Tue, 20 Jan 2026 22:00:12 +0900
Subject: [PATCH] Add healthcheck for DB and HTTP/S connectivity

Implements issue #16. Adds a healthcheck script that verifies database connectivity (exit code 2 on failure) and HTTP/S reachability (exit code 1 on failure). adapting to HTTPS_ENABLED and DOMAIN_NAME environment variables.
---
 Dockerfile     |  6 ++++++
 healthcheck.sh | 39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+)
 create mode 100644 healthcheck.sh

diff --git a/Dockerfile b/Dockerfile
index c390e87..1d05c5d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -165,6 +165,12 @@ RUN rm -f /etc/nginx/conf.d/default.conf
 EXPOSE 80
 EXPOSE 443
 
+# Add health check for database connectivity and HTTP status
+COPY healthcheck.sh /healthcheck.sh
+RUN chmod +x /healthcheck.sh
+HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
+    CMD /healthcheck.sh
+
 COPY ./entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 
diff --git a/healthcheck.sh b/healthcheck.sh
new file mode 100644
index 0000000..6e47c7a
--- /dev/null
+++ b/healthcheck.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+# 1. Database Connectivity Check
+# Returns exit code 2 if database connection fails
+php -r '
+if (file_exists("/var/www/html/wp-config.php")) {
+    include "/var/www/html/wp-config.php";
+    $conn = @new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+    if ($conn->connect_error) {
+        exit(2);
+    }
+    exit(0);
+}
+# If wp-config.php doesn\'t exist yet, we consider it "not ready" (generic failure 1) rather than DB failure (2).
+exit(1);
+'
+PHP_EXIT=$?
+if [ $PHP_EXIT -eq 2 ]; then
+    exit 2
+elif [ $PHP_EXIT -ne 0 ]; then
+    exit 1
+fi
+
+# 2. HTTP/HTTPS Status Check
+# Returns exit code 1 if the web server is not reachable or returns an error status
+HOST=${DOMAIN_NAME:-localhost}
+URL="http://127.0.0.1/wp-login.php"
+CURL_OPTS="-f -L -o /dev/null -H \"Host: $HOST\""
+
+if [ "$HTTPS_ENABLED" = "true" ]; then
+    URL="https://127.0.0.1/wp-login.php"
+    # -k to allow self-signed certificates (common in internal/testing setups)
+    CURL_OPTS="$CURL_OPTS -k"
+fi
+
+# We use eval to correctly parse the quoted arguments in CURL_OPTS
+eval curl $CURL_OPTS "$URL" || exit 1
+
+exit 0