From 3c8d0df520441c7dadd76ecb35733806a6a60051 Mon Sep 17 00:00:00 2001 From: Tommy Date: Wed, 26 Jun 2024 17:18:35 -0700 Subject: [PATCH] Add more instructions Signed-off-by: Tommy --- sample-scripts/Ubuntu-24.04-LEMP-Drupal.md | 45 ++++++++++++++++++++-- sample-scripts/Ubuntu-24.04-LEMP.sh | 4 +- 2 files changed, 45 insertions(+), 4 deletions(-) diff --git a/sample-scripts/Ubuntu-24.04-LEMP-Drupal.md b/sample-scripts/Ubuntu-24.04-LEMP-Drupal.md index 1b1163a..d620d58 100644 --- a/sample-scripts/Ubuntu-24.04-LEMP-Drupal.md +++ b/sample-scripts/Ubuntu-24.04-LEMP-Drupal.md @@ -48,6 +48,11 @@ cd /srv/drupal composer create-project drupal/recommended-project drupal.yourdomain.tld ``` +Exit the drupal user: +``` +exit +``` + ## Generate an SSL certificate ``` @@ -60,7 +65,7 @@ certbot certonly --nginx --no-eff-email \ ## NGINX configuration file -Put the following file in `/etc/nginx/conf.d/sites_drupal.conf`: +As root, put the following file in `/etc/nginx/conf.d/sites_drupal.conf`: ``` server { @@ -81,18 +86,52 @@ server { include snippets/cross-origin-security.conf; include snippets/quic.conf; + add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; block-all-mixed-content; form-action 'none'; frame-ancestors 'self'; upgrade-insecure-requests"; + index index.php; root /srv/drupal/drupal.yourdomain.tld/web; location / { - try_files $uri $uri/ /index.php$is_args$args; + try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.3-fpm.sock; - fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } +``` + +## Setup the Database for Drupal + +As root, log into MariaDB: + +``` +mariadb -uroot +``` + +Run the following queries: +``` +CREATE DATABASE drupal CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; +CREATE USER 'drupal'@'127.0.0.1' IDENTIFIED BY 'yourPassword'; +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON drupal.* TO 'drupal'@'127.0.0.1'; +exit +``` + +## Install drupal + +As root, run: + +``` +cp /srv/drupal/drupal.yourdomain.tld/web/sites/default/default.settings.php /srv/drupal/drupal.yourdomain.tld/web/sites/default/settings.php +``` + +Go to drupal.yourdomain.tld and follow the prompts. + +When you are done, run: + +``` +chmod 444 /srv/drupal/drupal.yourdomain.tld/web/sites/default/settings.php +chattr +i /srv/drupal/drupal.yourdomain.tld/web/sites/default/settings.php ``` \ No newline at end of file diff --git a/sample-scripts/Ubuntu-24.04-LEMP.sh b/sample-scripts/Ubuntu-24.04-LEMP.sh index 5a7c73a..1d0596e 100644 --- a/sample-scripts/Ubuntu-24.04-LEMP.sh +++ b/sample-scripts/Ubuntu-24.04-LEMP.sh @@ -56,7 +56,9 @@ sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot # Secure MariaDB -output "Running mariadb-secure-installation. You should answer yes to everything." +output "Running mariadb-secure-installation." +output "You should answer yes to everything except setting the root password." +output "This is already done via the UNIX socket if you switch it with the prompts so you should be okay." sudo mariadb-secure-installation # Port NGINX configs from https://github.com/TommyTran732/NGINX-Configs