File: /var/lib/cloud/scripts/per-instance/001_onboot
#!/bin/bash
# Generate passwords
mysql_root_pass=$(openssl rand -hex 24)
wordpress_mysql_pass=$(openssl rand -hex 24)
debian_sys_maint_mysql_pass=$(openssl rand -hex 24)
# Don't enable WordPress until first login
cat >> /root/.bashrc <<EOM
chmod +x /opt/hcloud/wp_setup.sh
/opt/hcloud/wp_setup.sh
EOM
# Save the passwords
cat > /root/.hcloud_password <<EOM
mysql_root_pass="${mysql_root_pass}"
wordpress_mysql_pass="${wordpress_mysql_pass}"
EOM
# Set up Postfix defaults
hostname=$(hostname)
sed -i "s/myhostname \= wp-build/myhostname = $hostname/g" /etc/postfix/main.cf;
sed -i "s/inet_interfaces = all/inet_interfaces = loopback-only/g" /etc/postfix/main.cf;
systemctl restart postfix &
mysqladmin -u root -h localhost create wordpress
mysqladmin -u root -h localhost password ${mysql_root_pass}
# populate the wordpress config file
cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php
sed -e "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" \
-e "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" \
-e "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '${wordpress_mysql_pass}'/g" \
-i /var/www/wordpress/wp-config.php
chown -Rf www-data:www-data /var/www/wordpress
mysql -uroot -p${mysql_root_pass} \
-e "CREATE USER 'wordpress'@'localhost' IDENTIFIED BY '${wordpress_mysql_pass}'"
mysql -uroot -p${mysql_root_pass} \
-e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"
mysql -uroot -p${mysql_root_pass} \
-e "ALTER USER 'debian-sys-maint'@'localhost' IDENTIFIED BY '${debian_sys_maint_mysql_pass}'"
MYSQL_ROOT_PASSWORD=${wordpress_mysql_pass}
SECURE_MYSQL=$(expect -c "
set timeout 10
spawn mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"$MYSQL_ROOT_PASSWORD\r\"
expect \"Change the root password?\"
send \"n\r\"
expect \"Remove anonymous users?\"
send \"y\r\"
expect \"Disallow root login remotely?\"
send \"y\r\"
expect \"Remove test database and access to it?\"
send \"y\r\"
expect \"Reload privilege tables now?\"
send \"y\r\"
expect eof
")
cat > /etc/mysql/debian.cnf <<EOM
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host = localhost
user = debian-sys-maint
password = ${debian_sys_maint_mysql_pass}
socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host = localhost
user = debian-sys-maint
password = ${debian_sys_maint_mysql_pass}
socket = /var/run/mysqld/mysqld.sock
EOM
# WordPress Salts
for i in `seq 1 8`
do
wp_salt=$(</dev/urandom tr -dc 'a-zA-Z0-9!@#$%^&*()\-_ []{}<>~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g')
sed -e "0,/put your unique phrase here/s/put your unique phrase here/${wp_salt}/" \
-i /var/www/wordpress/wp-config.php;
done