Create a new VM under Compute Engine
I’ve use ubuntu 18.04 LTS and HDD size of 20GB
HDD Size
Install Google Cloud SDK
https://cloud.google.com/sdk/
Choose your platform version
Config your new instance
First thing first
$ sudo apt-get update $ sudo apt-get upgrade -y
Install Swap
$ sudo fallocate -l 1G /swapfile $ sudo dd if=/dev/zero of=/swapfile bs=1024 count=1048576 $ sudo chmod 600 /swapfile $ sudo mkswap /swapfile $ sudo swapon /swapfile $ sudo nano /etc/fstab
fstab
/swapfile swap swap defaults 0 0
Check mount
$ sudo mount -a
Install LAPM Stack (Linux, Apache, MySQL and PHP)
$ sudo apt install tasksel $ sudo tasksel install lamp-server $ sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc
Config Domain
Add A record to DNS server
Configure Apache conf for website
$ sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf $ sudo nano /etc/apache2/sites-available/example.com.conf
<Directory /var/www/example.com>
Require all granted
</Directory> <VirtualHost *:80> ServerName example.com ServerAlias www.example.com ServerAdmin [email protected] DocumentRoot /var/www/example.com </VirtualHost>
Make directory
$ sudo mkdir -p /var/www/example.com
Reload configuration files
$ a2dissite 000-default.conf $ a2ensite example.com.conf $ systemctl reload apache2
Config Let’s Encrypt cert
Add repository:
$ sudo add-apt-repository ppa:certbot/certbot
Install Certbot’s Apache package with apt:
$ sudo apt install python-certbot-apache
verify the syntax of apache configuration file:
$ sudo apache2ctl configtest
Restart apache services
$ sudo systemctl reload apache2
Config Firewall
$ sudo ufw status
Add rules
$ sudo ufw allow 'Apache Full' $ sudo ufw allow ssh $ sudo ufw allow 10000
Remove rules
$ sudo ufw delete allow 'Apache' $ sudo ufw delete allow 'ssh' $ sudo ufw delete allow 10000
Enable ufw
$ sudo ufw enable
Get cert
$ sudo certbot --apache -d example.com -d www.example.com
Verifying Certbot Auto-Renewal
$ sudo certbot renew --dry-run
Create Database
$ mysql -u root > CREATE DATABASE database; > GRANT ALL PRIVILEGES ON database.* TO 'username'@'localhost' IDENTIFIED BY 'password'; > quit $ mysql_secure_installation
Permalinks WordPress Fix
Enable apache rewrite for wordpress permalinks
$ sudo nano /etc/apache2/apache2.conf
Find
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
Change
AllowOverride None
To
AllowOverride All
$ sudo a2enmod rewrite
Save and restart apache
$ sudo service apache2 restart
Config Apache2 PHP
$ sudo nano /etc/php/7.2/apache2/php.ini
max_input_time = 30
upload_max_filesize = 20M
post_max_size = 21M
Apache2 performance tweak
$ sudo nano /etc/apache2/mods-enabled/mpm_prefork.conf
StartServers 1
MinSpareServers 2
MaxSpareServers 5
MaxRequestWorkers 65
MaxConnectionsPerChild 1000
Save and restart apache
$ sudo service apache2 restart
Install WordPress
sudo wget https://wordpress.org/latest.tar.gz
Uupack the gz
tar -xvf latest.tar.gz
move all files to the site root
$ cd wordpress $ sudo mv * ..
remove wordpress folder and gz file
Copy sample config file
sudo cp wp-config-sample.php wp-config.php
Edit the database user and password then remove the sample file
Check mpm config file
$ cd ~ $ wget https://raw.githubusercontent.com/richardforth/apache2buddy/master/apache2buddy.pl $ sudo ./apache2buddy.pl
Add Permission to folders
$ chown -R www-data:www-data /var/www/html/*
Install and config Self sign certificate
Enable Apache SSL module
$ sudo a2enmod ssl $ sudo service apache2 restart
Generate self sign certificate
$ sudo mkdir /etc/apache2/ssl $ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
Edit Apache Site conf file
$ cd /etc/apache2/sites-available $ sudo cp default-ssl.conf example-ssl.conf
Add SSLCertificateFile and SSLCertificateKeyFile path
SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key
Enable SSL site
$ sudo a2ensite example-ssl.conf sudo service apache2 restart