You've already forked wordpress-ubuntu
263 lines
8.2 KiB
Bash
Executable File
263 lines
8.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Author : Allan Christensen
|
|
# First Created : 22052021 (DD-MM-YYYY)
|
|
# Description : Installs WordPress on Ubuntu 24.04
|
|
# License : MIT License (see LICENSE file for details)
|
|
|
|
#
|
|
# Are we root
|
|
#
|
|
if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit 1 ; fi
|
|
|
|
#
|
|
# Get php-fpm version
|
|
#
|
|
phpfpm=$(systemctl list-unit-files --type=service | awk '/php[0-9]+\.[0-9]+-fpm\.service/ {sub(".service","",$1); print $1; exit}')
|
|
if [[ -z "$phpfpm" ]]; then printf "\nUnable to detect php-fpm version. Is PHP-FPM installed?\n\n" ; exit 1 ; fi
|
|
|
|
#
|
|
# Check if required services are running or not
|
|
#
|
|
for svc in nginx mariadb "$phpfpm"; do systemctl is-active --quiet "$svc" || { printf "\n%s is not running, cannot continue...\n\n" "${svc^}" ; exit 1 ; }; done
|
|
|
|
#
|
|
# Check MariaDB authentication method (socket or not)
|
|
#
|
|
if mysql -u root -e ";" 2>/dev/null; then
|
|
socket="SOCKET DETECTED — no need for -a or -m"
|
|
socketusage="SOCKET DETECTED — this flag is not needed"
|
|
socketauth="yes"
|
|
else
|
|
socket="NO SOCKET DETECTED — you must use -a and -m"
|
|
socketusage="NO SOCKET DETECTED — these flags are required"
|
|
socketauth="no"
|
|
fi
|
|
|
|
#
|
|
# Define variables and functions
|
|
#
|
|
|
|
#
|
|
# Function usage
|
|
#
|
|
usage() {
|
|
printf -- "\nwordpressinstall\n\n"
|
|
|
|
if [[ "$socketauth" == "yes" ]]; then
|
|
printf -- "SOCKET DETECTED — no need for -a or -m\n\n"
|
|
printf -- "Installs WordPress on Ubuntu using MariaDB socket authentication.\n\n"
|
|
printf -- "Usage:\n"
|
|
printf -- " sudo ./wordpressinstall -n <domain> -d <dbname> -u <dbuser> -p <dbpass>\n\n"
|
|
printf -- "Example:\n"
|
|
printf -- " sudo ./wordpressinstall -n wp.something.xyz -d wpdb -u wpuser -p wpPass123\n\n"
|
|
else
|
|
printf -- "NO SOCKET DETECTED — you must use -a and -m\n\n"
|
|
printf -- "Installs WordPress on Ubuntu using MariaDB password authentication.\n\n"
|
|
printf -- "Usage:\n"
|
|
printf -- " sudo ./wordpressinstall -n <domain> -d <dbname> -u <dbuser> -p <dbpass> -m <adminpwd> [-a <adminuser>]\n\n"
|
|
printf -- "Examples:\n"
|
|
printf -- " sudo ./wordpressinstall -n wp.something.xyz -d wpdb -u wpuser -p wpPass123 -m rootpwd\n"
|
|
printf -- " sudo ./wordpressinstall -n wp.something.xyz -d wpdb -u wpuser -p wpPass123 -a admin -m adminpwd\n\n"
|
|
fi
|
|
|
|
printf -- "Options:\n"
|
|
printf -- " -h | -help | --help Show this help screen\n\n"
|
|
}
|
|
|
|
#
|
|
# Let's go
|
|
#
|
|
clear
|
|
|
|
#
|
|
# Trap: show usage if user requests help. Recognizes -help and --help as early exits before getopts
|
|
#
|
|
if [[ "$1" == "-help" || "$1" == "--help" ]]; then usage ; exit 0 ; fi
|
|
|
|
#
|
|
# Trap: malformed or missing input. Catches empty argument or argument not starting with '-'
|
|
#
|
|
if [[ $# -eq 0 || ! $1 =~ ^- ]]; then usage ; exit 1 ; fi
|
|
|
|
#
|
|
# Configure command line options
|
|
#
|
|
while getopts ":n:d:u:p:m:a:h" option; do
|
|
case "$option" in
|
|
n) hostname=$(echo "$OPTARG" | tr '[:upper:]' '[:lower:]');;
|
|
d) dbname="$OPTARG";;
|
|
u) dbuser="$OPTARG";;
|
|
p) dbpass="$OPTARG";;
|
|
m) mariadbpwd="$OPTARG";;
|
|
a) mariadbadmin="$OPTARG";;
|
|
h) usage; exit 0;;
|
|
:) usage; echo ""; echo "Error! Option -$OPTARG requires an argument."; echo ""; exit 1;;
|
|
\?) usage; echo ""; echo "Error! Invalid option: -$OPTARG"; echo ""; exit 1;;
|
|
esac
|
|
done
|
|
|
|
#
|
|
# Parse and validate input
|
|
#
|
|
if [[ -z "$hostname" || -z "$dbname" || -z "$dbuser" || -z "$dbpass" ]]; then
|
|
usage
|
|
printf "\nERROR: Missing required arguments.\n"
|
|
printf "Hostname (-n), Database name (-d), User (-u), and Password (-p) are mandatory.\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
# Convert to lowercase (domains are case-insensitive)
|
|
hostname=$(echo "$hostname" | tr '[:upper:]' '[:lower:]')
|
|
|
|
# Disallow leading hyphen
|
|
if [[ "$hostname" =~ ^- ]]; then
|
|
printf "\nERROR: Domain cannot start with a hyphen.\n"
|
|
printf "Example of valid input: wp.example.com\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
# Disallow spaces, slashes, underscores
|
|
if [[ "$hostname" =~ [[:space:]/_] ]]; then
|
|
printf "\nERROR: Domain cannot contain spaces, slashes, or underscores.\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
# Validate domain format (RFC 1123)
|
|
if [[ ! "$hostname" =~ ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ ]]; then
|
|
printf "\nERROR: Invalid domain format.\n"
|
|
printf "Example of valid input: wp.example.com\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
# Check for spaces in DB credentials
|
|
if [[ "$dbname" =~ [[:space:]] || "$dbuser" =~ [[:space:]] || "$dbpass" =~ [[:space:]] ]]; then
|
|
printf "\nERROR: Database name, user, and password cannot contain spaces.\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
#
|
|
# Ensure curl is installed
|
|
#
|
|
for tool in curl; do dpkg -s "$tool" &>/dev/null || apt install -y -qq "$tool" ; done
|
|
|
|
#
|
|
# Download, install, and configure the latest WordPress version
|
|
#
|
|
printf "\nDownloading latest WordPress package...\n"
|
|
mkdir -p /var/www/html
|
|
curl -sL https://wordpress.org/latest.tar.gz | tar -xzf - --transform "s,^wordpress,$hostname," -C "/var/www/html" || { echo "WordPress download or extraction failed"; exit 1; }
|
|
wptarget="/var/www/html/$hostname"
|
|
cp "$wptarget/wp-config-sample.php" "$wptarget/wp-config.php"
|
|
sed -i "s/database_name_here/$dbname/" "$wptarget/wp-config.php"
|
|
sed -i "s/username_here/$dbuser/" "$wptarget/wp-config.php"
|
|
sed -i "s/password_here/$dbpass/" "$wptarget/wp-config.php"
|
|
chown -R www-data: "$wptarget"
|
|
|
|
#
|
|
# Clone nginx-snippets; if nginx-snippets exists then just pull latest changes
|
|
#
|
|
nginxsnippets="/etc/nginx/nginx-snippets"
|
|
repo="https://git.x-files.dk/webserver/nginx-snippets.git"
|
|
if [[ -d "$nginxsnippets/.git" ]]; then git -C "$nginxsnippets" pull --quiet; else git clone --quiet "$repo" "$nginxsnippets"; fi
|
|
|
|
#
|
|
# Create WordPress Nginx configuration
|
|
#
|
|
cp "$nginxsnippets/hostfiles/wordpress.80.conf" /etc/nginx/conf.d/"$hostname".conf
|
|
sed -i -- "s/DOMAIN/$hostname/g" /etc/nginx/conf.d/"$hostname".conf
|
|
sed -i "s/PHPVERSION/$phpfpm/" /etc/nginx/conf.d/"$hostname".conf
|
|
|
|
#
|
|
# Wordpress hardeging
|
|
#
|
|
mkdir -p /etc/nginx/includes
|
|
cp "$nginxsnippets/wp-hardening.conf" /etc/nginx/includes/wp-hardening.conf
|
|
sed -i "s/PHPVERSION/$phpfpm/" /etc/nginx/includes/wp-hardening.conf
|
|
cp --no-clobber "$nginxsnippets/wp-rate-limit.conf" /etc/nginx/conf.d/wp-rate-limit.conf 2>/dev/null
|
|
|
|
#
|
|
# Determine MariaDB login method (uses earlier socket variable)
|
|
#
|
|
mariadbadmin="${mariadbadmin:-root}"
|
|
|
|
printf "\nChecking MariaDB access method...\n"
|
|
|
|
if [[ "$socketauth" == "yes" ]]; then
|
|
dbmethod="socket"
|
|
printf "Socket authentication detected (root)\n"
|
|
elif [[ -n "$mariadbpwd" && -n "$mariadbadmin" ]]; then
|
|
dbmethod="admin"
|
|
printf "Using admin user authentication (%s)\n" "$mariadbadmin"
|
|
elif [[ -n "$mariadbpwd" ]]; then
|
|
dbmethod="password"
|
|
printf "Using root password authentication\n"
|
|
else
|
|
printf "\nERROR: No valid MariaDB authentication method found.\n"
|
|
printf "Tried socket, root password, and admin credentials.\n\n"
|
|
exit 1
|
|
fi
|
|
|
|
#
|
|
# Create WordPress database
|
|
#
|
|
case "$dbmethod" in
|
|
socket)
|
|
mysql -u root <<EOF
|
|
CREATE DATABASE IF NOT EXISTS $dbname;
|
|
CREATE USER IF NOT EXISTS '$dbuser'@'localhost' IDENTIFIED BY '${dbpass//\'/\'\\\'\'}';
|
|
GRANT ALL PRIVILEGES ON $dbname.* TO '$dbuser'@'localhost';
|
|
FLUSH PRIVILEGES;
|
|
EOF
|
|
;;
|
|
password)
|
|
mysql -u root -p"${mariadbpwd}" <<EOF
|
|
CREATE DATABASE IF NOT EXISTS $dbname;
|
|
CREATE USER IF NOT EXISTS '$dbuser'@'localhost' IDENTIFIED BY '${dbpass//\'/\'\\\'\'}';
|
|
GRANT ALL PRIVILEGES ON $dbname.* TO '$dbuser'@'localhost';
|
|
FLUSH PRIVILEGES;
|
|
EOF
|
|
;;
|
|
admin)
|
|
mysql -u "${mariadbadmin}" -p"${mariadbpwd}" <<EOF
|
|
CREATE DATABASE IF NOT EXISTS $dbname;
|
|
CREATE USER IF NOT EXISTS '$dbuser'@'localhost' IDENTIFIED BY '${dbpass//\'/\'\\\'\'}';
|
|
GRANT ALL PRIVILEGES ON $dbname.* TO '$dbuser'@'localhost';
|
|
FLUSH PRIVILEGES;
|
|
EOF
|
|
;;
|
|
esac
|
|
|
|
#
|
|
# Restarting Nginx and Phpfpm for changes to take effect
|
|
#
|
|
printf "\nRestarting services...\n"
|
|
systemctl restart "$phpfpm"
|
|
systemctl restart nginx
|
|
|
|
#
|
|
# Wordpress notice
|
|
#
|
|
wpnotice=$(cat <<EOF
|
|
-----------------------------------------------------------------------------------
|
|
IMPORTANT:
|
|
|
|
Go to http://$hostname/wp-admin/install.php and complete the setup
|
|
-----------------------------------------------------------------------------------
|
|
EOF
|
|
)
|
|
|
|
#
|
|
# Print notice
|
|
#
|
|
printf '%s\n' "$wpnotice"
|
|
|
|
#
|
|
# All done
|
|
#
|
|
printf "\nAll Done — WordPress files located at: %s\n" "$wptarget"
|
|
|
|
#
|
|
# End of script
|
|
#
|