HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux wordpress-ubuntu-s-2vcpu-4gb-fra1-01 5.4.0-169-generic #187-Ubuntu SMP Thu Nov 23 14:52:28 UTC 2023 x86_64
User: root (0)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/lib/cloud/scripts/per-instance/
Upload Files
File: /var/lib/cloud/scripts/per-instance/001_onboot
#!/bin/bash

#Generate Mysql root password.
root_mysql_pass=$(openssl rand -hex 24)
wordpress_mysql_pass=$(openssl rand -hex 24)
debian_sys_maint_mysql_pass=$(openssl rand -hex 24)

# Don't enable WordPress until first login
cat >> /root/.bashrc <<EOM
chmod +x /opt/digitalocean/wp_setup.sh
/opt/digitalocean/wp_setup.sh
EOM

# Save the passwords
cat > /root/.digitalocean_password <<EOM
root_mysql_pass="${root_mysql_pass}"
wordpress_mysql_pass="${wordpress_mysql_pass}"
EOM

# Protect the droplet
ufw limit ssh
ufw allow https
ufw allow http
ufw --force enable

# Set up Postfix defaults
hostname=$(hostname)
sed -i "s/myhostname \= wp-build/myhostname = $hostname/g" /etc/postfix/main.cf;
sed -i "s/inet_interfaces = all/inet_interfaces = loopback-only/g" /etc/postfix/main.cf;
systemctl restart postfix &

mysqladmin -u root -h localhost create wordpress
mysqladmin -u root -h localhost password ${root_mysql_pass}

# populate the wordpress config file
cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php
sed -e "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" \
    -e "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" \
    -e "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '${wordpress_mysql_pass}'/g" \
    -i /var/www/wordpress/wp-config.php

chown -Rf www-data:www-data /var/www/wordpress

mysql -uroot -p${root_mysql_pass} \
      -e "CREATE USER 'wordpress'@'localhost' IDENTIFIED BY '${wordpress_mysql_pass}'"

mysql -uroot -p${root_mysql_pass} \
      -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"

mysql -uroot -p${root_mysql_pass} \
      -e "ALTER USER 'debian-sys-maint'@'localhost' IDENTIFIED BY '${debian_sys_maint_mysql_pass}'"

MYSQL_ROOT_PASSWORD=${wordpress_mysql_pass}

SECURE_MYSQL=$(expect -c "
set timeout 10
spawn mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"$MYSQL_ROOT_PASSWORD\r\"
expect \"Change the root password?\"
send \"n\r\"
expect \"Remove anonymous users?\"
send \"y\r\"
expect \"Disallow root login remotely?\"
send \"y\r\"
expect \"Remove test database and access to it?\"
send \"y\r\"
expect \"Reload privilege tables now?\"
send \"y\r\"
expect eof
")

cat > /etc/mysql/debian.cnf <<EOM
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = ${debian_sys_maint_mysql_pass}
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host     = localhost
user     = debian-sys-maint
password = ${debian_sys_maint_mysql_pass}
socket   = /var/run/mysqld/mysqld.sock
EOM

# WordPress Salts
for i in `seq 1 8`
do
    wp_salt=$(</dev/urandom tr -dc 'a-zA-Z0-9!@#$%^&*()\-_ []{}<>~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g')
    sed -e "0,/put your unique phrase here/s/put your unique phrase here/${wp_salt}/" \
        -i /var/www/wordpress/wp-config.php;
done
@ Telegram