Pieces of an automated process below.
cat > /etc/apt/preferences.d/no-apache << EOF Package: *apache2* Pin: release * Pin-Priority: -1 EOF |
apt install -y eatmydata eatmydata apt install -y mariadb-server nginx-full php-fpm php-mysql wordpress pwgen |
export url=artservice-test.auroville.org export short_name=artservice_test export passwd=$(pwgen) |
cat > /etc/nginx/sites-available/${short_name} << EOF
server {
listen 80;
root /usr/share/wordpress;
index index.php index.html index.htm;
server_name URL;
access_log /var/log/nginx/SHORT_NAME.access.log forwarded;
error_log /var/log/nginx/SHORT_NAME.error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /img/ {
root /var/lib/wordpress;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
log_not_found off;
}
}
location = /xmlrpc.php {
deny all;
access_log off; #to prevent from filling up the access log file
error_log off; #to prevent from filling up the error log file
}
location /wp-content/ {
root /var/lib/wordpress;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
log_not_found off;
}
}
location / {
try_files \$uri \$uri/ /index.php?\$args;
}
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
#error_page 404 /404.html;
}
EOF
sed -i "s/SHORT_NAME/${short_name}/" /etc/nginx/sites-available/${short_name}
sed -i "s/URL/${url}/" /etc/nginx/sites-available/${short_name}
ln -s ../sites-available/${short_name} /etc/nginx/sites-enabled/${short_name}
echo 'limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;' > /etc/nginx/conf.d/limit.conf
cat > /etc/nginx/conf.d/log_format.conf << EOF
log_format forwarded '\$http_x_real_ip - \$remote_user [\$time_local] "\$request" \$status \$body_bytes_sent "\$http_referer" "\$http_user_agent"';
EOF
systemctl restart nginx.service |
## Relax permissions
chown www-data -R /var/lib/wordpress/wp-content
mkdir -p /usr/share/wordpress/wp-content/wppa-depot
chown www-data -R /usr/share/wordpress/wp-content/wppa-depot
## Config
cat > /etc/wordpress/config-${url}.php << EOF
<?php
define('DB_NAME', 'SHORT_NAME');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', 'PASSWD');
define('DB_HOST', 'localhost');
define('WP_CONTENT_DIR', '/var/lib/wordpress/wp-content');
/** IN URI INDEXOF THE CATEGORY*/
define('NUMBER_SLASH', '2');
define('NUMBER_SLASH2', '3');
define('CAT26', 'courses');
define( 'DB_CHARSET', 'utf8' );
/* Debug statements, not sure what they actually do */
/*
define('WP_DEBUG', true);
error_reporting(E_ALL);
ini_set('display_errors', 1);
*/
/* Philippe 11/9/2015: force plugin update without ftp */
define('FS_METHOD', 'direct');
?>
EOF
sed -i "s/SHORT_NAME/${short_name}/" /etc/wordpress/config-${url}.php
sed -i "s/PASSWD/${passwd}/" /etc/wordpress/config-${url}.php |
mysql << EOF
CREATE DATABASE ${short_name};
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
ON ${short_name}.*
TO wordpress@localhost
IDENTIFIED BY '${passwd}';
FLUSH PRIVILEGES;
EOF |
With systemd 234 (from backports), got an error starting mariadb.
Use only the standard systemd from Stretch (232).