Setting up the target environment - amauran/project-giskard GitHub Wiki
Installing Wordpress as a test target
Main instructions can be found here:
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-22-04
sudo
capable user
1. Add a Log in as root
and run:
sudo adduser anne
usermod -a -G sudo anne
Move the authorized_keys
from root to regular user:
mkdir /home/anne/.ssh/
mv ~/.ssh/authorized_keys /home/anne/.ssh/
chown -R anne: /home/anne/.ssh
Prevent root logging in.
echo 'PermitRootLogin no' > /etc/ssh/sshd_config.d/prevent_root_login.conf
systemctl restart sshd.service
Log out and log in as regular user.
2. Create database
Install MariaDB:
sudo apt install mariadb-server
sudo mysql_secure_installation
Log into MariaDB as root and create database & user:
sudo mariadb
create database happy_robot default character set utf8 collate utf8_unicode_ci;
grant all privileges on happy_robot.* to 'happy_robot'@'localhost' identified by '********';
flush privileges;
3. Install PHP
sudo apt install php8.1-fpm php-mysql php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip php-imagick
Follow these instructions to make nginx to execute PHP code:
https://www.digitalocean.com/community/tutorials/php-fpm-nginx
Edit /etc/php/8.1/fpm/php.ini
and make sure the following lines exists:
extension=mysqli
extension=php_imagemagick
nginx
configuration
4. Add server {
listen 443 ssl;
server_name happy-robot.nimbus.fi;
ssl_certificate /etc/letsencrypt/live/happy-robot.nimbus.fi/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/happy-robot.nimbus.fi/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
root /var/www/happy-robot;
index index.php index.html;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php8.1-fpm-wordpress-site.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
}
server {
listen 80 default_server;
if ($host = happy-robot.nimbus.fi) {
return 301 https://$host$request_uri;
}
server_name _;
return 404;
}
5. Install Wordpress
Follow the instructions on the side of the package.