🌐
Building WordPress with AWS EFS
Step 0: Prerequisite
- The target EC2 instance must be built and be able to connect to the EC2 instance with an SSH key.
Step 1: Prepare the LAMP server
To prepare the LAMP server
FYI:
% ssh -i "sample-ssh-key.pem" ec2-user@xxx.xxx.xxx.xxx
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo yum update -y
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo yum install -y httpd mariadb-server
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl start httpd
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl is-enabled httpd
enabled
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ curl http://xxx.xxx.xxx.xxx/ | grep "Test Page for the Apache HTTP Server"
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
Mount the file system on EC2 instance
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 978M 0 978M 0% /dev
tmpfs 987M 0 987M 0% /dev/shm
tmpfs 987M 528K 986M 1% /run
tmpfs 987M 0 987M 0% /sys/fs/cgroup
/dev/xvda1 20G 2.0G 19G 10% /
tmpfs 198M 0 198M 0% /run/user/0
tmpfs 198M 0 198M 0% /run/user/1000
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo yum -y install nfs-utils
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport fs-11111111111111111.efs.ap-northeast-1.amazonaws.com:/ /var/www/html
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 978M 0 978M 0% /dev
tmpfs 987M 0 987M 0% /dev/shm
tmpfs 987M 532K 986M 1% /run
tmpfs 987M 0 987M 0% /sys/fs/cgroup
/dev/xvda1 20G 2.0G 18G 10% /
tmpfs 198M 0 198M 0% /run/user/0
tmpfs 198M 0 198M 0% /run/user/1000
fs-11111111111111111.efs.ap-northeast-1.amazonaws.com:/ 8.0E 0 8.0E 0% /var/www/html
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
Using NFS to automatically mount EFS file systems
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo cp -p /etc/fstab /etc/fstab_`date +'%Y%m%d'`
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cat /etc/fstab
#
UUID=8xxxxxxx-4xxx-4xxx-4xxx-12xxxxxxxxxx / xfs defaults,noatime 1 1
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo vim /etc/fstab
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cat /etc/fstab
#
UUID=8xxxxxxx-4xxx-4xxx-4xxx-12xxxxxxxxxx / xfs defaults,noatime 1 1
# fs-11111111111111111.efs.ap-northeast-1.amazonaws.com:/ 8.0E 0 8.0E 0% /var/www/html
fs-11111111111111111.efs.ap-northeast-1.amazonaws.com:/ /var/www/html nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo touch /var/www/html/test.text
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/html/
total 8
drwxr-xr-x 2 root root 6144 Sep 16 13:37 .
drwxr-xr-x 4 root root 33 Sep 16 13:18 ..
-rw-r--r-- 1 root root 0 Sep 16 13:37 test.text
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo reboot
Terminated
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ Connection to xxx.xxx.xxx.xxx closed by remote host.
Connection to xxx.xxx.xxx.xxx closed.
%
% ssh -i "sample-ssh-key.pem" ec2-user@xxx.xxx.xxx.xxx
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/html/
total 8
drwxr-xr-x 2 root root 6144 Sep 16 13:37 .
drwxr-xr-x 4 root root 33 Sep 16 13:18 ..
-rw-r--r-- 1 root root 0 Sep 16 13:37 test.text
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ curl http://xxx.xxx.xxx.xxx/ | grep "Test Page for the Apache HTTP Server"
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo rm -f /var/www/html/test.text
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/html/
total 4
drwxr-xr-x 2 root root 6144 Sep 16 13:48 .
drwxr-xr-x 4 root root 33 Sep 16 13:18 ..
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
To set file permissions
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ whoami
ec2-user
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ id ec2-user
uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal)
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo usermod -a -G apache ec2-user
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ id ec2-user
uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal),48(apache)
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ groups
ec2-user adm wheel systemd-journal
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/
total 4
drwxr-xr-x 4 root root 33 Sep 16 13:18 .
drwxr-xr-x 20 root root 280 Sep 16 13:18 ..
drwxr-xr-x 2 root root 6 Jun 30 11:02 cgi-bin
drwxr-xr-x 2 root root 6144 Sep 16 13:48 html
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo chown -R ec2-user:apache /var/www
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/
total 4
drwxr-xr-x 4 ec2-user apache 33 Sep 16 13:18 .
drwxr-xr-x 20 root root 280 Sep 16 13:18 ..
drwxr-xr-x 2 ec2-user apache 6 Jun 30 11:02 cgi-bin
drwxr-xr-x 2 ec2-user apache 6144 Sep 16 13:48 html
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo chmod 2775 /var/www && find /var/www -type d -exec sudo chmod 2775 {} \;
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ find /var/www -type f -exec sudo chmod 0664 {} \;
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/
total 4
drwxrwsr-x 4 ec2-user apache 33 Sep 16 13:18 .
drwxr-xr-x 20 root root 280 Sep 16 13:18 ..
drwxrwsr-x 2 ec2-user apache 6 Jun 30 11:02 cgi-bin
drwxrwsr-x 2 ec2-user apache 6144 Sep 16 13:48 html
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ ls -la /var/www/html/
total 4
drwxrwsr-x 2 ec2-user apache 6144 Sep 16 13:48 .
drwxrwsr-x 4 ec2-user apache 33 Sep 16 13:18 ..
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
Step 2: Test your LAMP server
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ curl http://xxx.xxx.xxx.xxx/phpinfo.php | grep "Build Date"
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ rm /var/www/html/phpinfo.php
Step 3: Secure the database server
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl start mariadb
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo mysql_secure_installation
...
...
Thanks for using MariaDB!
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 16
Server version: 10.2.38-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE USER 'wordpress-user'@'localhost' IDENTIFIED BY 'dummy-password';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE `wordpress-db`;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON `wordpress-db`.* TO "wordpress-user"@"localhost";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl is-enabled mariadb
enabled
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
Step 4: Install phpMyAdmin
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo yum install php-mbstring php-xml -y
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl restart httpd
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl restart php-fpm
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cd /var/www/html
[ec2-user@ip-yyy-yyy-yyy-yyy html]$ wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
[ec2-user@ip-yyy-yyy-yyy-yyy html]$ mkdir phpMyAdmin && tar -xvzf phpMyAdmin-latest-all-languages.tar.gz -C phpMyAdmin --strip-components 1
[ec2-user@ip-yyy-yyy-yyy-yyy html]$ rm phpMyAdmin-latest-all-languages.tar.gz
[ec2-user@ip-yyy-yyy-yyy-yyy html]$ curl http://xxx.xxx.xxx.xxx/phpMyAdmin/ | grep "phpMyAdmin"
[ec2-user@ip-yyy-yyy-yyy-yyy html]$
Step 5: Install WordPress
FYI:
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ wget https://wordpress.org/latest.tar.gz
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ tar -xzf latest.tar.gz
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cp wordpress/wp-config-sample.php wordpress/wp-config.php
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cat wordpress/wp-config.php
...
...
define('DB_NAME', 'wordpress-db');
define('DB_USER', 'wordpress-user');
define('DB_PASSWORD', 'dummy-password');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
define('AUTH_KEY', '******');
define('SECURE_AUTH_KEY', '******');
define('LOGGED_IN_KEY', '******');
define('NONCE_KEY', '******');
define('AUTH_SALT', '******');
define('SECURE_AUTH_SALT', '******');
define('LOGGED_IN_SALT', '******');
define('NONCE_SALT', '******');
...
...
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ mkdir /var/www/html/blog
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ cp -r wordpress/* /var/www/html/blog/
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo vim /etc/httpd/conf/httpd.conf
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo cat /etc/httpd/conf/httpd.conf | grep AllowOverride
AllowOverride none
AllowOverride None
# AllowOverride controls what directives may be placed in .htaccess files.
##### AllowOverride None
AllowOverride All
AllowOverride None
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo yum install php-gd -y
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo chown -R apache /var/www
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo chgrp -R apache /var/www
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo chmod 2775 /var/www
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ find /var/www -type d -exec sudo chmod 2775 {} \;
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ find /var/www -type f -exec sudo chmod 0644 {} \;
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ sudo systemctl restart httpd
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$ curl http://xxx.xxx.xxx.xxx/blog/wp-admin/install.php | grep "Installation"
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0 <title>WordPress › Installation</title>
100 13256 0 13256 0 0 4712 0 --:--:-- 0:00:02 --:--:-- 4714
[ec2-user@ip-yyy-yyy-yyy-yyy ~]$
Step 6: Install WordPress | GUI
FYI:
Step 7: WordPress(HTTP->HTTPS)
Install Really Simple SSL
Update wp_options table
UPDATE `wp_options` SET `option_value` = 'https://www.test.com/blog' WHERE `wp_options`.`option_id` = 1;
UPDATE `wp_options` SET `option_value` = 'https://www.test.com/blog' WHERE `wp_options`.`option_id` = 2;
Modify wp-config.php
[ec2-user@p-yyy-yyy-yyy-yyy blog]$ tail -n 10 /var/www/html/blog/wp-config.php
// FYI:
// https://tanojinfrom30.com/2021/03/13/wordpress-https/
// https://www.joolen.co.jp/blog/2016/11/24/926/
// https://developer.wordpress.org/reference/functions/is_ssl/
// https://lucklog.info/wp-ssl-error/
if (empty($_SERVER['HTTPS'])) {
$_SERVER['HTTPS'] = 'on'; $_ENV['HTTPS'] = 'on';
}
/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
[ec2-user@p-yyy-yyy-yyy-yyy blog]$
Discussion