Wordpress Install CA

by agracie
57 deployments · 1 still active · last rev. 7 days ago

Installs Wordpress

Compatible with: Debian 9
Includes: App Template
						#!/bin/bash

# Installs Wordpress and creates first site.

# <UDF name="domain" Label="Your Domain" example="example.com" default="" />
# <UDF name="site_title" Label="Site Title" example="My Blog" />
# <UDF name="wpadmin" Label="Wordpress Admin Username" example="Username for your WordPress admin panel" />
# <UDF name="wp_password" Label="Wordpress Admin Password" example="an0th3r_s3cure_p4ssw0rd" />
# <UDF name="email" Label="Wordpress Admin Email Address" example="Your email address" />
# <UDF name="pubkey" Label="Your SSH public key" default="" />

source <ssinclude StackScriptID="349139">

exec 1> >(tee -a "/var/log/stackscript.log") 2>&1

# Set hostname, configure apt and perform update/upgrade

set_hostname
apt_setup_update
if [[ "$PUBKEY" != "" ]]; then
  add_pubkey
fi

if [[ "$DOMAIN" = "" ]]; then
  DOMAIN=`hostname`
fi

apt install haveged -y
DBROOT_PASSWORD=`head -c 32 /dev/random | base64`
DB_PASSWORD=`head -c 32 /dev/random | base64 | tr -d /=+`

# UFW update

ufw_install
ufw allow http
ufw allow https
ufw allow 25
ufw allow 587
ufw allow 110
ufw enable
fail2ban_install

# Set MySQL root password on install

mysql_root_preinstall
run_mysql_secure_installation

### Installations

# Install PHP

apt-get install php7.0 php7.0-cli php7.0-curl php7.0-mysql \
php7.0-mcrypt php-pear libapache2-mod-php7.0 php7.0-gd php7.0-common \
php7.0-xml php7.0-zip apache2 mysql-server unzip sendmail -y

#Install WP

wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
mv wp-cli.phar /usr/local/bin/wp
chmod 755 /usr/local/bin/wp

### Configurations

# MySQL

mysql -uroot -p"$DBROOT_PASSWORD" -e "CREATE DATABASE wordpressdb"
mysql -uroot -p"$DBROOT_PASSWORD" -e "GRANT ALL ON wordpressdb.* TO 'wordpress'@'localhost' IDENTIFIED BY '$DB_PASSWORD'";
mysql -uroot -p"$DBROOT_PASSWORD" -e "FLUSH PRIVILEGES";

# Apache

rm /var/www/html/index.html
mkdir /var/www/"$DOMAIN"

# Configuration of virtualhost file, disables xmlrpc

cat <<END > /etc/apache2/sites-available/$DOMAIN.conf
<Directory /var/www/$DOMAIN/>
    Require all granted
</Directory>
<VirtualHost *:80>
    ServerName $DOMAIN
    ServerAlias www.$DOMAIN
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/$DOMAIN/
    ErrorLog /var/log/apache2/$DOMAIN/error.log
    CustomLog /var/log/apache2/$DOMAIN/access.log combined
    <files xmlrpc.php>
      order allow,deny
      deny from all
    </files>
</VirtualHost>
END

mkdir -p /var/log/apache2/"$DOMAIN"
touch /var/log/apache2/"$DOMAIN"/error.log
touch /var/log/apache2/"$DOMAIN"/access.log

# Enable Keepalives

sed -ie "s/KeepAlive Off/KeepAlive On/g" /etc/apache2/apache2.conf

# Configure Wordpress site

cd /var/www/"$DOMAIN"

wp core download --allow-root

wp core config --allow-root \
--dbhost=localhost \
--dbname=wordpressdb \
--dbuser=wordpress \
--dbpass="$DB_PASSWORD"

wp core install --allow-root \
--title="$SITE_TITLE" \
--admin_user="$WPADMIN" \
--admin_email="$EMAIL" \
--admin_password="$WP_PASSWORD" \
--path="/var/www/$DOMAIN/"

chown www-data:www-data -R /var/www/"$DOMAIN"/
# Disable the default virtual host to minimize security risks:

a2dissite 000-default.conf
a2ensite "$DOMAIN".conf

# Restart services

systemctl restart mysql
systemctl restart apache2

stackscript_cleanup