Skip to content

Commit

Permalink
Update server.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@sam5epi0l
sam5epi0l authored Aug 7, 2023
1 parent 208320f commit 0288739
Showing 1 changed file with 53 additions and 57 deletions.
110 changes: 53 additions & 57 deletions .github/workflows/server.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,82 +23,78 @@ jobs:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2

# Uses a community action to create a DigitalOcean droplet
# Uses a third-party action to create a DigitalOcean droplet
- name: Create DigitalOcean Droplet
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} # You need to store your DigitalOcean access token as a secret in your repository settings
args: compute droplet create wordpress --size s-1vcpu-1gb --image ubuntu-22-04-x64 --region nyc3 --ssh-keys ${{ secrets.SSH_KEY_FINGERPRINT }} --wait # You need to store your SSH key fingerprint as a secret in your repository settings

# Uses a community action to get the IP address of the droplet
- name: Get Droplet IP
id: droplet-ip
uses: mxschmitt/action-get-digitalocean-droplet-ip@v1
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
name: wordpress

# Uses a community action to run commands on the droplet via SSH
- name: Run commands on Droplet
# The name of the droplet
droplet_name: wordpress-droplet
# The size of the droplet (e.g., s-1vcpu-1gb)
size: s-1vcpu-1gb
# The region of the droplet (e.g., nyc1)
region: nyc1
# The image of the droplet (e.g., ubuntu-22-04-x64)
image: ubuntu-22-04-x64
# The SSH key to access the droplet
ssh_key_fingerprint: ${{ secrets.SSH_KEY_FINGERPRINT }}
env:
# The DigitalOcean API token
DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

# Uses a third-party action to run commands on the droplet via SSH
- name: Run commands on droplet
uses: appleboy/ssh-action@master
with:
host: ${{ steps.droplet-ip.outputs.ip }}
# The host of the droplet (use the output of the previous step)
host: ${{ steps.create_droplet.outputs.droplet_ip }}
# The username of the droplet (default is root)
username: root
key: ${{ secrets.SSH_PRIVATE_KEY }} # You need to store your SSH private key as a secret in your repository settings
# The password or key of the droplet
key: ${{ secrets.SSH_KEY }}
# The port of the droplet (default is 22)
port: 22
# The commands to run on the droplet
script: |
# Update and upgrade the system packages
# Update and upgrade packages
apt update && apt upgrade -y
# Install Nginx, MySQL, PHP and other dependencies
apt install nginx mysql-server php-fpm php-mysql php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip -y
# Configure MySQL database and user for WordPress
# Configure firewall rules to allow HTTP, HTTPS and SSH traffic
ufw allow OpenSSH
ufw allow 'Nginx Full'
ufw enable
# Create a MySQL database and user for WordPress
mysql -e "CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -e "CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';" # You can change the username and password as per your choice
mysql -e "CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY '${{ secrets.DB_PASSWORD }}';"
mysql -e "GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost';"
mysql -e "FLUSH PRIVILEGES;"
# Configure Nginx server block for WordPress
cat > /etc/nginx/sites-available/wordpress << EOF
server {
listen 80;
listen [::]:80;
root /var/www/html/wordpress;
index index.php index.html index.htm;
# Download and extract WordPress files to the web root directory
wget https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz
cp -a wordpress/. /var/www/html
server_name wordpress; # You can change the server name as per your choice
# Set ownership and permissions for WordPress files and directories
chown -R www-data:www-data /var/www/html
find /var/www/html/ -type d -exec chmod 750 {} \;
find /var/www/html/ -type f -exec chmod 640 {} \;
location / {
try_files \$uri \$uri/ /index.php?\$args;
}
# Create a WordPress configuration file from a sample file
cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # You may need to change the PHP version as per your installation
}
# Generate secret keys for WordPress using a third-party API
curl -s https://api.wordpress.org/secret-key/1.1/salt/
location ~ /\.ht {
deny all;
}
}
EOF
# Replace the dummy values in the WordPress configuration file with the actual values
sed -i "s/database_name_here/wordpress/g" /var/www/html/wp-config.php
sed -i "s/username_here/wordpressuser/g" /var/www/html/wp-config.php
sed -i "s/password_here/${{ secrets.DB_PASSWORD }}/g" /var/www/html/wp-config.php
sed -i "/put your unique phrase here/d" /var/www/html/wp-config.php
sed -i "/define('AUTH_KEY'/r /dev/stdin" /var/www/html/wp-config.php <<< "$(curl -s https://api.wordpress.org/secret-key/1.1/salt/)"
# Enable the Nginx server block and restart Nginx service
ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/
# Restart Nginx and PHP services
systemctl restart nginx
# Download and extract WordPress files from the official website
wget https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz
cp -a wordpress/. /var/www/html/wordpress
# Set ownership and permissions for WordPress files and folders
chown -R www-data:www-data /var/www/html/wordpress
find /var/www/html/wordpress/ -type d -exec chmod 750 {} \;
find /var/www/html/wordpress/ -type f -exec chmod 640 {} \;
# Outputs the droplet IP address for further use or reference
- name: Output Droplet IP
run: echo "The IP address of the droplet is ${{ steps.droplet-ip.outputs.ip }}"

systemctl restart php7.4-fpm

0 comments on commit 0288739

Please sign in to comment.