wordpress-skeleton/init

#!/bin/bash -x

# Load env variables
source .env

# Get the script's directory
SCRIPT_PATH=$(dirname "$(realpath "${BASH_SOURCE[0]}")")

# Enable nginx to start with system
sudo systemctl enable --now nginx

# Setup nginx
sudo rm /etc/nginx/sites-enabled/default
sudo ln -fs $SCRIPT_PATH/nginx/wordpress /etc/nginx/sites-available
sudo ln -fs /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/wordpress
sudo ln -fs $SCRIPT_PATH/phpmyadmin/phpmyadmin /etc/nginx/sites-available
sudo ln -fs /etc/nginx/sites-available/phpmyadmin /etc/nginx/sites-enabled/phpmyadmin

# Check for error
sudo nginx -t

# Restart nginx after loading wordpress config
sudo systemctl restart nginx
sudo systemctl status nginx

# PHP
sudo systemctl enable --now php8.4-fpm

# Set limit to post size and upload file size
sudo sed -i "s/^post_max_size = 8M/post_max_size = $POST_MAX_SIZE/g" /etc/php/8.4/fpm/php.ini
sudo sed -i "s/^upload_max_filesize = 2M/upload_max_filesize = $UPLOAD_MAX_FILESIZE/g" /etc/php/8.4/fpm/php.ini

# Set max processing children for php
sudo sed -i "s/^pm = dynamic/pm = ondemand/g" /etc/php/8.4/fpm/pool.d/www.conf
sudo sed -i "s/^pm.max_children = 5/pm.max_children = $PM_MAX_CHILDREN/g" /etc/php/8.4/fpm/pool.d/www.conf

# Start php-fpm
sudo systemctl restart php8.4-fpm

# MariaDB
sudo systemctl enable --now mariadb
# Secure MariaDB

# Set the Root Password
mysql -u root <<EOF
UPDATE mysql.user SET Password=PASSWORD('$MYSQL_ROOT_PASS') WHERE User='root';
FLUSH PRIVILEGES;
EOF

# Secure installation options (this is just an example; customize as needed)
mysql -u root -p $MYSQL_ROOT_PASS <<EOF
DELETE FROM mysql.user WHERE User='';
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
SET PASSWORD FOR 'root'@'localhost'=PASSWORD('$MYSQL_NEW_PASS');
FLUSH PRIVILEGES;
EOF

# Remove anonymous users, disable root login remotely, and remove the test database
echo "Secure installation completed."