Skip to end of metadata
Go to start of metadata

Pieces of an automated process below.

 

Preparation

cat > /etc/apt/preferences.d/no-apache << EOF
Package: *apache2*
Pin: release *
Pin-Priority: -1
EOF

 

Install packages

apt install -y eatmydata
eatmydata apt install -y mariadb-server nginx-full php-fpm php-mysql wordpress pwgen

 

Setup environment

export url=artservice-test.auroville.org
export short_name=artservice_test

export passwd=$(pwgen)

 

Make nginx config

cat > /etc/nginx/sites-available/${short_name} << EOF
server {
    listen 80;

    root /usr/share/wordpress;

    index index.php index.html index.htm;

    server_name URL;

    access_log /var/log/nginx/SHORT_NAME.access.log forwarded;
    error_log /var/log/nginx/SHORT_NAME.error.log;

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location /img/ {
        root /var/lib/wordpress;
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
            expires 30d;
            log_not_found off;
        }
    }

    location = /xmlrpc.php {
       deny all;
       access_log off; #to prevent from filling up the access log file
       error_log off; #to prevent from filling up the error log file
    }   

    location /wp-content/ {
        root /var/lib/wordpress;
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
            expires 30d;
            log_not_found off;
        }
    }

    location / {
        try_files \$uri \$uri/ /index.php?\$args;
    }

    location = /wp-login.php {
        limit_req zone=one burst=1 nodelay;
        include /etc/nginx/fastcgi.conf;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    }

    location ~ \.php$ {
        #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
        include /etc/nginx/fastcgi.conf;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    }

    #error_page 404 /404.html;
}
EOF

sed -i "s/SHORT_NAME/${short_name}/" /etc/nginx/sites-available/${short_name}
sed -i "s/URL/${url}/" /etc/nginx/sites-available/${short_name}


ln -s ../sites-available/${short_name} /etc/nginx/sites-enabled/${short_name}

echo 'limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;' > /etc/nginx/conf.d/limit.conf 
cat > /etc/nginx/conf.d/log_format.conf << EOF
log_format forwarded '\$http_x_real_ip - \$remote_user [\$time_local] "\$request" \$status \$body_bytes_sent "\$http_referer" "\$http_user_agent"';
EOF

systemctl restart nginx.service

 

Wordpress config

## Relax permissions
chown www-data -R /var/lib/wordpress/wp-content
mkdir -p /usr/share/wordpress/wp-content/wppa-depot
chown www-data -R /usr/share/wordpress/wp-content/wppa-depot


## Config

cat > /etc/wordpress/config-${url}.php << EOF
<?php
define('DB_NAME', 'SHORT_NAME');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', 'PASSWD');
define('DB_HOST', 'localhost');
define('WP_CONTENT_DIR', '/var/lib/wordpress/wp-content');

/** IN URI INDEXOF THE CATEGORY*/
define('NUMBER_SLASH', '2');
define('NUMBER_SLASH2', '3');
define('CAT26', 'courses');

define( 'DB_CHARSET', 'utf8' );

/* Debug statements, not sure what they actually do */
/*
define('WP_DEBUG', true);
error_reporting(E_ALL);
ini_set('display_errors', 1);
*/

/* Philippe 11/9/2015: force plugin update without ftp */
define('FS_METHOD', 'direct');
?>

EOF

sed -i "s/SHORT_NAME/${short_name}/" /etc/wordpress/config-${url}.php
sed -i "s/PASSWD/${passwd}/" /etc/wordpress/config-${url}.php

 

Mariadb

mysql << EOF
CREATE DATABASE ${short_name};
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
ON ${short_name}.*
TO wordpress@localhost
IDENTIFIED BY '${passwd}';
FLUSH PRIVILEGES;
EOF

 

Note

With systemd 234 (from backports), got an error starting mariadb.

Use only the standard systemd from Stretch (232).

  • No labels