diff --git a/README.md b/README.md index 8c0430d..3dad3e7 100644 --- a/README.md +++ b/README.md @@ -41,9 +41,9 @@ You can launch this CloudFormation stack, using your account, in the following A | eu-central-1 |EU (Frankfurt)| [![cloudformation-launch-stack](images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/new?stackName=WordPress&templateURL=https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-master-newvpc.yaml) | | ap-southeast-2 |AP (Sydney)| [![cloudformation-launch-stack](images/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=ap-southeast-2#/stacks/new?stackName=WordPress&templateURL=https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-master-newvpc.yaml) | -#### Select WordPress version +#### WordPress version -The version of WordPress can be selected. Possible values are latest, nightly, 4.5, 4.6, 4.7, 4.8, 4.9. +The latest version of WordPress can be installed. In June 2021, 5.7.2 can be installed automatically and 5.8 can be installed manually. #### Override PHP.ini defaults by downloading an overrides ini file from Amazon S3 @@ -152,7 +152,7 @@ Since files will be offloaded to S3, ensure to add the S3 bucket as an origin on ## Master Template The master template receives all input parameters and passes them to the appropriate nested template which are executed in order based on conditions and dependencies. -Review the template here [aws-refarch-wordpress-master.yaml](templates/aws-refarch-wordpress-master.yaml) +Review the template here [aws-refarch-wordpress-master-newvpc.yaml](templates/aws-refarch-wordpress-master-newvpc.yaml) ### AWS Resources Created: diff --git a/templates/aws-refarch-wordpress-03-bastion.yaml b/templates/aws-refarch-wordpress-03-bastion.yaml index 4685eee..deaadaf 100644 --- a/templates/aws-refarch-wordpress-03-bastion.yaml +++ b/templates/aws-refarch-wordpress-03-bastion.yaml @@ -195,33 +195,39 @@ Mappings: RegionMap: ap-northeast-1: - AMI: ami-da9e2cbc + AMI: ami-0b276ad63ba2d6009 ap-northeast-2: - AMI: ami-1196317f + AMI: ami-0b827f3319f7447c6 + ap-northeast-3: + AMI: ami-07420201371095f81 ap-south-1: - AMI: ami-d5c18eba + AMI: ami-00bf4ae5a7909786c ap-southeast-1: - AMI: ami-c63d6aa5 + AMI: ami-0e5182fad1edfaa68 ap-southeast-2: - AMI: ami-ff4ea59d + AMI: ami-0c9fe0dec6325a30c ca-central-1: - AMI: ami-d29e25b6 + AMI: ami-0db72f413fc1ddb2a eu-central-1: - AMI: ami-bf2ba8d0 + AMI: ami-00f22f6155d6d92c5 + eu-north-1: + AMI: ami-00517306b63c4628c eu-west-1: - AMI: ami-1a962263 + AMI: ami-058b1b7fe545997ae eu-west-2: - AMI: ami-e7d6c983 + AMI: ami-03ac5a9b225e99b02 + eu-west-3: + AMI: ami-062fdd189639d3e93 sa-east-1: - AMI: ami-286f2a44 + AMI: ami-05e809fbeee38dd5e us-east-1: - AMI: ami-55ef662f + AMI: ami-0dc2d3e4c0f9ebd18 us-east-2: - AMI: ami-15e9c770 + AMI: ami-0233c2d874b811deb us-west-1: - AMI: ami-a51f27c5 + AMI: ami-0ed05376b59b90e46 us-west-2: - AMI: ami-bf4193c7 + AMI: ami-0dc8f589abe99f538 Resources: diff --git a/templates/aws-refarch-wordpress-03-efsalarms.yaml b/templates/aws-refarch-wordpress-03-efsalarms.yaml index 3296ec1..6e1197a 100644 --- a/templates/aws-refarch-wordpress-03-efsalarms.yaml +++ b/templates/aws-refarch-wordpress-03-efsalarms.yaml @@ -200,33 +200,39 @@ Mappings: RegionMap: ap-northeast-1: - AMI: ami-2a69be4c + AMI: ami-0b276ad63ba2d6009 ap-northeast-2: - AMI: ami-9bec36f5 + AMI: ami-0b827f3319f7447c6 + ap-northeast-3: + AMI: ami-07420201371095f81 ap-south-1: - AMI: ami-4fc58420 + AMI: ami-00bf4ae5a7909786c ap-southeast-1: - AMI: ami-0797ea64 + AMI: ami-0e5182fad1edfaa68 ap-southeast-2: - AMI: ami-8536d6e7 + AMI: ami-0c9fe0dec6325a30c ca-central-1: - AMI: ami-fd55ec99 + AMI: ami-0db72f413fc1ddb2a eu-central-1: - AMI: ami-c7ee5ca8 + AMI: ami-00f22f6155d6d92c5 + eu-north-1: + AMI: ami-00517306b63c4628c eu-west-1: - AMI: ami-acd005d5 + AMI: ami-058b1b7fe545997ae eu-west-2: - AMI: ami-1a7f6d7e + AMI: ami-03ac5a9b225e99b02 + eu-west-3: + AMI: ami-062fdd189639d3e93 sa-east-1: - AMI: ami-f1344b9d + AMI: ami-05e809fbeee38dd5e us-east-1: - AMI: ami-8c1be5f6 + AMI: ami-0dc2d3e4c0f9ebd18 us-east-2: - AMI: ami-c5062ba0 + AMI: ami-0233c2d874b811deb us-west-1: - AMI: ami-02eada62 + AMI: ami-0ed05376b59b90e46 us-west-2: - AMI: ami-e689729e + AMI: ami-0dc8f589abe99f538 Resources: diff --git a/templates/aws-refarch-wordpress-03-efsfilesystem.yaml b/templates/aws-refarch-wordpress-03-efsfilesystem.yaml index 2e86458..bca9892 100644 --- a/templates/aws-refarch-wordpress-03-efsfilesystem.yaml +++ b/templates/aws-refarch-wordpress-03-efsfilesystem.yaml @@ -214,33 +214,39 @@ Mappings: RegionMap: ap-northeast-1: - AMI: ami-2a69be4c + AMI: ami-0b276ad63ba2d6009 ap-northeast-2: - AMI: ami-9bec36f5 + AMI: ami-0b827f3319f7447c6 + ap-northeast-3: + AMI: ami-07420201371095f81 ap-south-1: - AMI: ami-4fc58420 + AMI: ami-00bf4ae5a7909786c ap-southeast-1: - AMI: ami-0797ea64 + AMI: ami-0e5182fad1edfaa68 ap-southeast-2: - AMI: ami-8536d6e7 + AMI: ami-0c9fe0dec6325a30c ca-central-1: - AMI: ami-fd55ec99 + AMI: ami-0db72f413fc1ddb2a eu-central-1: - AMI: ami-c7ee5ca8 + AMI: ami-00f22f6155d6d92c5 + eu-north-1: + AMI: ami-00517306b63c4628c eu-west-1: - AMI: ami-acd005d5 + AMI: ami-058b1b7fe545997ae eu-west-2: - AMI: ami-1a7f6d7e + AMI: ami-03ac5a9b225e99b02 + eu-west-3: + AMI: ami-062fdd189639d3e93 sa-east-1: - AMI: ami-f1344b9d + AMI: ami-05e809fbeee38dd5e us-east-1: - AMI: ami-8c1be5f6 + AMI: ami-0dc2d3e4c0f9ebd18 us-east-2: - AMI: ami-c5062ba0 + AMI: ami-0233c2d874b811deb us-west-1: - AMI: ami-02eada62 + AMI: ami-0ed05376b59b90e46 us-west-2: - AMI: ami-e689729e + AMI: ami-0dc8f589abe99f538 Resources: diff --git a/templates/aws-refarch-wordpress-04-web.yaml b/templates/aws-refarch-wordpress-04-web.yaml index b5fa784..47c1b34 100644 --- a/templates/aws-refarch-wordpress-04-web.yaml +++ b/templates/aws-refarch-wordpress-04-web.yaml @@ -127,7 +127,7 @@ Parameters: Description: The Amazon RDS master database name. Type: String ElasticFileSystem: - AllowedPattern: ^(fs-)([a-z0-9]{8})$ + AllowedPattern: ^(fs-)([a-z0-9]{8,16})$ Description: The Amazon EFS file system id. Type: String EC2KeyName: @@ -150,10 +150,8 @@ Parameters: Type: String PHPVersion: AllowedValues: - - 5.5 - - 5.6 - - 7.0 - Default: 7.0 + - 7.4 + Default: 7.4 Description: The version of PHP to install. Type: String PublicAlbTargetGroupArn: @@ -346,8 +344,8 @@ Conditions: !Equals [ 5.5, !Ref PHPVersion ] PHP56: !Equals [ 5.6, !Ref PHPVersion ] - PHP70: - !Equals [ 7.0, !Ref PHPVersion ] + PHP74: + !Equals [ 7.4, !Ref PHPVersion ] Subnet0: !Or - !Condition NumberOfSubnets1 - !Condition NumberOfSubnets2 @@ -381,33 +379,39 @@ Mappings: RegionMap: ap-northeast-1: - AMI: ami-da9e2cbc + AMI: ami-0b276ad63ba2d6009 ap-northeast-2: - AMI: ami-1196317f + AMI: ami-0b827f3319f7447c6 + ap-northeast-3: + AMI: ami-07420201371095f81 ap-south-1: - AMI: ami-d5c18eba + AMI: ami-00bf4ae5a7909786c ap-southeast-1: - AMI: ami-c63d6aa5 + AMI: ami-0e5182fad1edfaa68 ap-southeast-2: - AMI: ami-ff4ea59d + AMI: ami-0c9fe0dec6325a30c ca-central-1: - AMI: ami-d29e25b6 + AMI: ami-0db72f413fc1ddb2a eu-central-1: - AMI: ami-bf2ba8d0 + AMI: ami-00f22f6155d6d92c5 + eu-north-1: + AMI: ami-00517306b63c4628c eu-west-1: - AMI: ami-1a962263 + AMI: ami-058b1b7fe545997ae eu-west-2: - AMI: ami-e7d6c983 + AMI: ami-03ac5a9b225e99b02 + eu-west-3: + AMI: ami-062fdd189639d3e93 sa-east-1: - AMI: ami-286f2a44 + AMI: ami-05e809fbeee38dd5e us-east-1: - AMI: ami-55ef662f + AMI: ami-0dc2d3e4c0f9ebd18 us-east-2: - AMI: ami-15e9c770 + AMI: ami-0233c2d874b811deb us-west-1: - AMI: ami-a51f27c5 + AMI: ami-0ed05376b59b90e46 us-west-2: - AMI: ami-bf4193c7 + AMI: ami-0dc8f589abe99f538 Resources: @@ -447,18 +451,10 @@ Resources: Type: AWS::AutoScaling::AutoScalingGroup Properties: Cooldown: 60 - HealthCheckGracePeriod: 120 + HealthCheckGracePeriod: 180 HealthCheckType: ELB LaunchConfigurationName: - !If - [ PHP55, - !Ref WebLaunchConfiguration55, - !If - [ PHP56, - !Ref WebLaunchConfiguration56, - !Ref WebLaunchConfiguration70 - ] - ] + !Ref WebLaunchConfiguration74 MaxSize: !Ref WebAsgMax MinSize: !Ref WebAsgMin Tags: @@ -493,13 +489,14 @@ Resources: ResourceSignal: Count: !Ref WebAsgMin Timeout: PT5M - WebLaunchConfiguration55: - Condition: PHP55 + WebLaunchConfiguration74: + Condition: PHP74 Type: AWS::AutoScaling::LaunchConfiguration Metadata: AWS::CloudFormation::Init: configSets: deploy_webserver: + - amazon_linux_extras_setup - install_webserver - build_cacheclient - build_wordpress @@ -510,224 +507,33 @@ Resources: - install_wordpress - install_opcache - start_webserver - install_webserver: - packages: - yum: - awslogs: [] - httpd24: [] - mysql56: [] - php55: [] - php55-devel: [] - php55-pear: [] - php55-mysqlnd: [] + amazon_linux_extras_setup: files: - /tmp/create_site_conf.sh: + /tmp/create_amazon_linux_extras.sh: content: !Join [ "",[ "#!/bin/bash -xe\n", - "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", - " touch /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo 'ServerName 127.0.0.1:80' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo 'DocumentRoot /var/www/wordpress/", !Ref WPDirectory, "' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo '' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' Options Indexes FollowSymLinks' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' AllowOverride All' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' Require all granted' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo '' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - "fi\n" - ] - ] - mode: 000500 - owner: root - group: root - commands: - create_site_conf: - command: ./create_site_conf.sh - cwd: /tmp - ignoreErrors: false - build_cacheclient: - packages: - yum: - gcc-c++: [] - files: - /tmp/install_cacheclient.sh: - content: - !Sub | - #!/bin/bash -xe - pecl install igbinary - wget -P /tmp/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/AmazonElastiCacheClusterClient-1.0.1-PHP55-64bit.tgz - tar -xf '/tmp/AmazonElastiCacheClusterClient-1.0.1-PHP55-64bit.tgz' - cp '/tmp/AmazonElastiCacheClusterClient-1.0.0/amazon-elasticache-cluster-client.so' /usr/lib64/php/5.5/modules/ - if [ ! -f /etc/php-5.5.d/50-memcached.ini ]; then - touch /etc/php-5.5.d/50-memcached.ini - fi - echo 'extension=igbinary.so;' >> /etc/php-5.5.d/50-memcached.ini - echo 'extension=/usr/lib64/php/5.5/modules/amazon-elasticache-cluster-client.so;' >> /etc/php-5.5.d/50-memcached.ini - mode: 000500 - owner: root - group: root - build_opcache: - packages: - yum: - php55-opcache: [] - files: - /tmp/install_opcache.sh: - content: - !Sub | - #!/bin/bash -xe - # create hidden opcache directory locally & change owner to apache - if [ ! -d /var/www/.opcache ]; then - mkdir -p /var/www/.opcache - fi - # enable opcache in /etc/php-5.5.d/opcache.ini - sed -i 's/;opcache.file_cache=.*/opcache.file_cache=\/var\/www\/.opcache/' /etc/php-5.5.d/opcache.ini - sed -i 's/opcache.memory_consumption=.*/opcache.memory_consumption=512/' /etc/php-5.5.d/opcache.ini - # download opcache-instance.php to verify opcache status - if [ ! -f /var/www/wordpress/${WPDirectory}/opcache-instanceid.php ]; then - wget -P /var/www/wordpress/${WPDirectory}/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/opcache-instanceid.php - fi - mode: 000500 - owner: root - group: root - build_wordpress: - files: - /tmp/install_wordpress.sh: - content: - !Join [ - "",[ - "#!/bin/bash -xe\n", - "\n", - "# install wp-cli\n", - "if [ ! -f /bin/wp/wp-cli.phar ]; then\n", - " curl -o /bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar\n", - " chmod +x /bin/wp\n", - "fi\n", - "\n", - "# make site directory\n", - "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", - " mkdir -p /var/www/wordpress/", !Ref WPDirectory, "\n", - "\n", - " cd /var/www/wordpress/", !Ref WPDirectory, "\n", - " # install wordpress if not installed\n", - " # use public alb host name if wp domain name was empty\n", - " if ! $(wp core is-installed --allow-root); then\n", - " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", - " wp core config --dbname='", !Ref DatabaseName, "' --dbuser='", !Ref DatabaseMasterUsername, "' --dbpass='", !Ref DatabaseMasterPassword, "' --dbhost='", !Ref DatabaseClusterEndpointAddress, "' --dbprefix=wp_ --allow-root\n", - " wp core install --url=", !If [ NoWPDomainName, !Ref PublicAlbHostname, !Join [ "", [ "'http://www.", !Ref WPDomainName, "'" ] ] ], " --title='", !Ref WPTitle, "' --admin_user='", !Ref WPAdminUsername, "' --admin_password='", !Ref WPAdminPassword, "' --admin_email='", !Ref WPAdminEmail, "' --skip-email --allow-root\n", - " wp plugin install w3-total-cache\n", - " sed -i \"/$table_prefix = 'wp_';/ a \\define('WP_HOME', 'http://' . \\$_SERVER['HTTP_HOST']); \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n", - " sed -i \"/$table_prefix = 'wp_';/ a \\define('WP_SITEURL', 'http://' . \\$_SERVER['HTTP_HOST']); \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n", - " # enable HTTPS in wp-config.php if ACM Public SSL Certificate parameter was not empty\n", - !If [ NoSslCertificate, !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\# No ACM Public SSL Certificate \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] , !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\$_SERVER['HTTPS'] = 'on';\" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] ], - "\n", - " # set permissions of wordpress site directories\n", - " chown -R apache:apache /var/www/wordpress/", !Ref WPDirectory, "\n", - " chmod u+wrx /var/www/wordpress/", !Ref WPDirectory, "/wp-content/*\n", - " if [ ! -f /var/www/wordpress/", !Ref WPDirectory, "/opcache-instanceid.php ]; then\n", - " wget -P /var/www/wordpress/", !Ref WPDirectory, "/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/opcache-instanceid.php\n", - " fi\n", - " fi\n", - " RESULT=$?\n", - " if [ $RESULT -eq 0 ]; then\n", - " touch /var/www/wordpress/", !Ref WPDirectory, "/wordpress.initialized\n", - " else\n", - " touch /var/www/wordpress/", !Ref WPDirectory, "/wordpress.failed\n", - " fi\n", - "fi\n" - ] - ] - mode: 000500 - owner: root - group: root - download_aws_ini: - files: - /tmp/download_aws_ini.sh: - content: - !Join [ - "",[ - "#!/bin/bash -x\n", - "\n", - "wget -P /etc/php-5.5.d/ ", !Ref PHPIniOverride, "\n" + "sudo amazon-linux-extras install php7.4\n", + "sudo amazon-linux-extras enable php7.4\n", + "sudo yum clean metadata\n", + "sudo yum -y install php-cli php-pdo php-fpm php-json php-mysqlnd\n", + "sudo yum -y install awslogs\n", + "sudo yum -y install httpd\n", + "sudo yum -y install mysql\n", + "sudo yum -y install php-devel\n", + "sudo yum -y install php-pear\n" ] ] mode: 000500 owner: root group: root - install_aws_ini: commands: - install_aws_ini: - command: ./download_aws_ini.sh - cwd: /tmp - ignoreErrors: true - install_wordpress: - commands: - install_wordpress: - command: ./install_wordpress.sh - cwd: /tmp - ignoreErrors: false - install_cacheclient: - commands: - install_cacheclient: - command: ./install_cacheclient.sh + amazon_linux_extras_php74: + command: ./create_amazon_linux_extras.sh cwd: /tmp ignoreErrors: false - install_opcache: - commands: - install_opcache: - command: ./install_opcache.sh - cwd: /tmp - ignoreErrors: false - start_webserver: - services: - sysvinit: - httpd: - enabled: true - ensureRunning: true - Properties: - IamInstanceProfile: !Ref WebInstanceProfile - ImageId: !FindInMap [ RegionMap, !Ref 'AWS::Region', AMI ] - InstanceMonitoring: true - InstanceType: !Ref WebInstanceType - KeyName: !Ref EC2KeyName - SecurityGroups: - - !Ref WebSecurityGroup - UserData: - "Fn::Base64": - !Sub | - #!/bin/bash -xe - yum update -y - mkdir -p /var/www/wordpress - mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${ElasticFileSystem}.efs.${AWS::Region}.amazonaws.com:/ /var/www/wordpress - /opt/aws/bin/cfn-init --configsets deploy_webserver --verbose --stack ${AWS::StackName} --resource WebLaunchConfiguration55 --region ${AWS::Region} - /opt/aws/bin/cfn-signal --exit-code $? --stack ${AWS::StackName} --resource WebAutoScalingGroup --region ${AWS::Region} - WebLaunchConfiguration56: - Condition: PHP56 - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - AWS::CloudFormation::Init: - configSets: - deploy_webserver: - - install_webserver - - build_cacheclient - - build_wordpress - - build_opcache - - download_aws_ini - - install_aws_ini - - install_cacheclient - - install_wordpress - - install_opcache - - start_webserver install_webserver: - packages: - yum: - awslogs: [] - httpd24: [] - mysql56: [] - php56: [] - php56-devel: [] - php56-pear: [] - php56-mysqlnd: [] files: /tmp/create_site_conf.sh: content: @@ -764,230 +570,21 @@ Resources: !Sub | #!/bin/bash -xe pecl install igbinary - wget -P /tmp/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/AmazonElastiCacheClusterClient-1.0.0-PHP56-64bit.tgz - tar -xf '/tmp/AmazonElastiCacheClusterClient-1.0.0-PHP56-64bit.tgz' - cp '/tmp/AmazonElastiCacheClusterClient-1.0.0/amazon-elasticache-cluster-client.so' /usr/lib64/php/5.6/modules/ - if [ ! -f /etc/php-5.6.d/50-memcached.ini ]; then - touch /etc/php-5.6.d/50-memcached.ini - fi - echo 'extension=igbinary.so;' >> /etc/php-5.6.d/50-memcached.ini - echo 'extension=/usr/lib64/php/5.6/modules/amazon-elasticache-cluster-client.so;' >> /etc/php-5.6.d/50-memcached.ini - mode: 000500 - owner: root - group: root - build_opcache: - packages: - yum: - php56-opcache: [] - files: - /tmp/install_opcache.sh: - content: - !Sub | - #!/bin/bash -xe - # create hidden opcache directory locally & change owner to apache - if [ ! -d /var/www/.opcache ]; then - mkdir -p /var/www/.opcache - fi - # enable opcache in /etc/php-5.6.d/opcache.ini - sed -i 's/;opcache.file_cache=.*/opcache.file_cache=\/var\/www\/.opcache/' /etc/php-5.6.d/10-opcache.ini - sed -i 's/opcache.memory_consumption=.*/opcache.memory_consumption=512/' /etc/php-5.6.d/10-opcache.ini - # download opcache-instance.php to verify opcache status - if [ ! -f /var/www/wordpress/${WPDirectory}/opcache-instanceid.php ]; then - wget -P /var/www/wordpress/${WPDirectory}/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/opcache-instanceid.php - fi - mode: 000500 - owner: root - group: root - build_wordpress: - files: - /tmp/install_wordpress.sh: - content: - !Join [ - "",[ - "#!/bin/bash -xe\n", - "\n", - "# install wp-cli\n", - "if [ ! -f /bin/wp/wp-cli.phar ]; then\n", - " curl -o /bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar\n", - " chmod +x /bin/wp\n", - "fi\n", - "\n", - "# make site directory\n", - "if [ ! -d /var/www/wordpress/", !Ref WPDirectory, " ]; then\n", - " mkdir -p /var/www/wordpress/", !Ref WPDirectory, "\n", - "\n", - " cd /var/www/wordpress/", !Ref WPDirectory, "\n", - " # install wordpress if not installed\n", - " # use public alb host name if wp domain name was empty\n", - " if ! $(wp core is-installed --allow-root); then\n", - " wp core download --version='", !Ref WPVersion, "' --locale='", !Ref WPLocale, "' --allow-root\n", - " wp core config --dbname='", !Ref DatabaseName, "' --dbuser='", !Ref DatabaseMasterUsername, "' --dbpass='", !Ref DatabaseMasterPassword, "' --dbhost='", !Ref DatabaseClusterEndpointAddress, "' --dbprefix=wp_ --allow-root\n", - " wp core install --url=", !If [ NoWPDomainName, !Ref PublicAlbHostname, !Join [ "", [ "'http://www.", !Ref WPDomainName, "'" ] ] ], " --title='", !Ref WPTitle, "' --admin_user='", !Ref WPAdminUsername, "' --admin_password='", !Ref WPAdminPassword, "' --admin_email='", !Ref WPAdminEmail, "' --skip-email --allow-root\n", - " wp plugin install w3-total-cache\n", - " sed -i \"/$table_prefix = 'wp_';/ a \\define('WP_HOME', 'http://' . \\$_SERVER['HTTP_HOST']); \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n", - " sed -i \"/$table_prefix = 'wp_';/ a \\define('WP_SITEURL', 'http://' . \\$_SERVER['HTTP_HOST']); \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n", - " # enable HTTPS in wp-config.php if ACM Public SSL Certificate parameter was not empty\n", - !If [ NoSslCertificate, !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\# No ACM Public SSL Certificate \" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] , !Join [ '', [ " sed -i \"/$table_prefix = 'wp_';/ a \\$_SERVER['HTTPS'] = 'on';\" /var/www/wordpress/", !Ref WPDirectory, "/wp-config.php\n" ] ] ], - "\n", - " # set permissions of wordpress site directories\n", - " chown -R apache:apache /var/www/wordpress/", !Ref WPDirectory, "\n", - " chmod u+wrx /var/www/wordpress/", !Ref WPDirectory, "/wp-content/*\n", - " if [ ! -f /var/www/wordpress/", !Ref WPDirectory, "/opcache-instanceid.php ]; then\n", - " wget -P /var/www/wordpress/", !Ref WPDirectory, "/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/opcache-instanceid.php\n", - " fi\n", - " fi\n", - " RESULT=$?\n", - " if [ $RESULT -eq 0 ]; then\n", - " touch /var/www/wordpress/", !Ref WPDirectory, "/wordpress.initialized\n", - " else\n", - " touch /var/www/wordpress/", !Ref WPDirectory, "/wordpress.failed\n", - " fi\n", - "fi\n" - ] - ] - mode: 000500 - owner: root - group: root - download_aws_ini: - files: - /tmp/download_aws_ini.sh: - content: - !Join [ - "",[ - "#!/bin/bash -x\n", - "\n", - "wget -P /etc/php-5.6.d/ ", !Ref PHPIniOverride, "\n" - ] - ] - mode: 000500 - owner: root - group: root - install_aws_ini: - commands: - install_aws_ini: - command: ./download_aws_ini.sh - cwd: /tmp - ignoreErrors: true - install_wordpress: - commands: - install_wordpress: - command: ./install_wordpress.sh - cwd: /tmp - ignoreErrors: false - install_cacheclient: - commands: - install_cacheclient: - command: ./install_cacheclient.sh - cwd: /tmp - ignoreErrors: false - install_opcache: - commands: - install_opcache: - command: ./install_opcache.sh - cwd: /tmp - ignoreErrors: false - start_webserver: - services: - sysvinit: - httpd: - enabled: true - ensureRunning: true - Properties: - IamInstanceProfile: !Ref WebInstanceProfile - ImageId: !FindInMap [ RegionMap, !Ref 'AWS::Region', AMI ] - InstanceMonitoring: true - InstanceType: !Ref WebInstanceType - KeyName: !Ref EC2KeyName - SecurityGroups: - - !Ref WebSecurityGroup - UserData: - "Fn::Base64": - !Sub | - #!/bin/bash -xe - yum update -y - mkdir -p /var/www/wordpress - mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${ElasticFileSystem}.efs.${AWS::Region}.amazonaws.com:/ /var/www/wordpress - /opt/aws/bin/cfn-init --configsets deploy_webserver --verbose --stack ${AWS::StackName} --resource WebLaunchConfiguration56 --region ${AWS::Region} - /opt/aws/bin/cfn-signal --exit-code $? --stack ${AWS::StackName} --resource WebAutoScalingGroup --region ${AWS::Region} - WebLaunchConfiguration70: - Condition: PHP70 - Type: AWS::AutoScaling::LaunchConfiguration - Metadata: - AWS::CloudFormation::Init: - configSets: - deploy_webserver: - - install_webserver - - build_cacheclient - - build_wordpress - - build_opcache - - download_aws_ini - - install_aws_ini - - install_cacheclient - - install_wordpress - - install_opcache - - start_webserver - install_webserver: - packages: - yum: - awslogs: [] - httpd24: [] - mysql56: [] - php70: [] - php70-devel: [] - php7-pear: [] - php70-mysqlnd: [] - files: - /tmp/create_site_conf.sh: - content: - !Join [ - "",[ - "#!/bin/bash -xe\n", - "if [ ! -f /etc/httpd/conf.d/", !Ref WPDirectory, ".conf ]; then\n", - " touch /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo 'ServerName 127.0.0.1:80' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo 'DocumentRoot /var/www/wordpress/", !Ref WPDirectory, "' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo '' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' Options Indexes FollowSymLinks' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' AllowOverride All' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo ' Require all granted' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - " echo '' >> /etc/httpd/conf.d/", !Ref WPDirectory, ".conf\n", - "fi\n" - ] - ] - mode: 000500 - owner: root - group: root - commands: - create_site_conf: - command: ./create_site_conf.sh - cwd: /tmp - ignoreErrors: false - build_cacheclient: - packages: - yum: - gcc-c++: [] - files: - /tmp/install_cacheclient.sh: - content: - !Sub | - #!/bin/bash -xe - ln -s /usr/bin/pecl7 /usr/bin/pecl #just so pecl is available easily - pecl7 install igbinary wget -P /tmp/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/AmazonElastiCacheClusterClient-2.0.1-PHP70-64bit.tar.gz tar -xf '/tmp/AmazonElastiCacheClusterClient-2.0.1-PHP70-64bit.tar.gz' - cp '/tmp/artifact/amazon-elasticache-cluster-client.so' /usr/lib64/php/7.0/modules/ - if [ ! -f /etc/php-7.0.d/50-memcached.ini ]; then - touch /etc/php-7.0.d/50-memcached.ini + cp '/tmp/artifact/amazon-elasticache-cluster-client.so' /usr/lib64/php/modules/ + if [ ! -f /etc/php.d/50-memcached.ini ]; then + touch /etc/php.d/50-memcached.ini fi - echo 'extension=igbinary.so;' >> /etc/php-7.0.d/50-memcached.ini - echo 'extension=/usr/lib64/php/7.0/modules/amazon-elasticache-cluster-client.so;' >> /etc/php-7.0.d/50-memcached.ini + echo 'extension=igbinary.so;' >> /etc/php.d/50-memcached.ini + echo 'extension=/usr/lib64/php/modules/amazon-elasticache-cluster-client.so;' >> /etc/php.d/50-memcached.ini mode: 000500 owner: root group: root build_opcache: packages: yum: - php70-opcache: [] + php-opcache: [] files: /tmp/install_opcache.sh: content: @@ -997,9 +594,9 @@ Resources: if [ ! -d /var/www/.opcache ]; then mkdir -p /var/www/.opcache fi - # enable opcache in /etc/php-7.0.d/10-opcache.ini - sed -i 's/;opcache.file_cache=.*/opcache.file_cache=\/var\/www\/.opcache/' /etc/php-7.0.d/10-opcache.ini - sed -i 's/opcache.memory_consumption=.*/opcache.memory_consumption=512/' /etc/php-7.0.d/10-opcache.ini + # enable opcache in /etc/php.d/10-opcache.ini + sed -i 's/;opcache.file_cache=.*/opcache.file_cache=\/var\/www\/.opcache/' /etc/php.d/10-opcache.ini + sed -i 's/opcache.memory_consumption=.*/opcache.memory_consumption=512/' /etc/php.d/10-opcache.ini # download opcache-instance.php to verify opcache status if [ ! -f /var/www/wordpress/${WPDirectory}/opcache-instanceid.php ]; then wget -P /var/www/wordpress/${WPDirectory}/ https://s3.amazonaws.com/aws-refarch/wordpress/latest/bits/opcache-instanceid.php @@ -1065,7 +662,7 @@ Resources: "",[ "#!/bin/bash -x\n", "\n", - "wget -P /etc/php-7.0.d/ ", !Ref PHPIniOverride, "\n" + "wget -P /etc/php.d/ ", !Ref PHPIniOverride, "\n" ] ] mode: 000500 @@ -1095,6 +692,8 @@ Resources: command: ./install_opcache.sh cwd: /tmp ignoreErrors: false + #start_webserver: + # commands: "sudo service httpd start\n" start_webserver: services: sysvinit: @@ -1116,7 +715,7 @@ Resources: yum update -y mkdir -p /var/www/wordpress mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${ElasticFileSystem}.efs.${AWS::Region}.amazonaws.com:/ /var/www/wordpress - /opt/aws/bin/cfn-init --configsets deploy_webserver --verbose --stack ${AWS::StackName} --resource WebLaunchConfiguration70 --region ${AWS::Region} + /opt/aws/bin/cfn-init --configsets deploy_webserver --verbose --stack ${AWS::StackName} --resource WebLaunchConfiguration74 --region ${AWS::Region} /opt/aws/bin/cfn-signal --exit-code $? --stack ${AWS::StackName} --resource WebAutoScalingGroup --region ${AWS::Region} diff --git a/templates/aws-refarch-wordpress-05-route53.yaml b/templates/aws-refarch-wordpress-05-route53.yaml index 7b5ba80..d05b9fd 100644 --- a/templates/aws-refarch-wordpress-05-route53.yaml +++ b/templates/aws-refarch-wordpress-05-route53.yaml @@ -34,7 +34,7 @@ Parameters: Description: The DNS endpoint - CloudFront DNS if using CloudFront else Public ELB DNS name. Type: String DnsHostId: - AllowedPattern: ^[A-Z0-9]{14}$ + AllowedPattern: ^[A-Z0-9]{13,14}$ Description: The DNS host zone id - 'Z2FDTNDATAQYW2' if using CloudFront else Public ELB host zone id. Type: String WPDomainName: diff --git a/templates/aws-refarch-wordpress-master-newvpc.yaml b/templates/aws-refarch-wordpress-master-newvpc.yaml index e1b300f..f93af11 100644 --- a/templates/aws-refarch-wordpress-master-newvpc.yaml +++ b/templates/aws-refarch-wordpress-master-newvpc.yaml @@ -52,7 +52,7 @@ Metadata: default: File System Tier Parameters: - EfsPerformanceMode - - EfsEncrpytedBoolean + - EfsEncryptedBoolean - EfsCmk - EfsGrowth - EfsGrowthInstanceType @@ -64,7 +64,7 @@ Metadata: default: Database Tier Parameters: - DatabaseInstanceType - - DatabaseEncrpytedBoolean + - DatabaseEncryptedBoolean - DatabaseCmk - DatabaseMasterUsername - DatabaseMasterPassword @@ -100,7 +100,7 @@ Metadata: default: CloudFront Certificate ARN DatabaseCmk: default: AWS KMS CMK for RDS - DatabaseEncrpytedBoolean: + DatabaseEncryptedBoolean: default: Encrypted DB Cluster DatabaseInstanceType: default: DB Instance Class @@ -116,8 +116,8 @@ Metadata: default: AWS KMS CMK for EFS EfsCreateAlarms: default: Create EFS alarms - EfsEncrpytedBoolean: - default: Encrpyted EFS? + EfsEncryptedBoolean: + default: Encrypted EFS? EfsGrowth: default: Add dummy data (GiB) EfsGrowthInstanceType: @@ -317,7 +317,7 @@ Parameters: DatabaseCmk: Description: AWS KMS Customer Master Key (CMK) to encrypt database cluster Type: String - DatabaseEncrpytedBoolean: + DatabaseEncryptedBoolean: AllowedValues: - true - false @@ -454,7 +454,7 @@ Parameters: Default: t3.nano Description: The Amazon EC2 instance type that dynamically adjusts alarm thresholds based on permitted throughput changes. Type: String - EfsEncrpytedBoolean: + EfsEncryptedBoolean: AllowedValues: - true - false @@ -1057,8 +1057,8 @@ Resources: Type: AWS::CloudFormation::Stack Properties: Parameters: - EncrpytedBoolean: - !Ref EfsEncrpytedBoolean + EncryptedBoolean: + !Ref EfsEncryptedBoolean Cmk: !Ref EfsCmk EC2KeyName: @@ -1198,8 +1198,8 @@ Resources: !Ref DatabaseMasterPassword DatabaseName: !Ref DatabaseName - DatabaseEncrpytedBoolean: - !Ref DatabaseEncrpytedBoolean + DatabaseEncryptedBoolean: + !Ref DatabaseEncryptedBoolean DatabaseCmk: !Ref DatabaseCmk DatabaseSecurityGroup: @@ -1289,7 +1289,7 @@ Resources: !Ref WPTitle WPVersion: !Ref WPVersion - TemplateURL: https://s3.amazonaws.com/aws-refarch/wordpress/latest/templates/aws-refarch-wordpress-04-web.yaml + TemplateURL: https://ndreasg-graylog.s3.eu-west-1.amazonaws.com/aws-refarch-wordpress-04-web.yaml Outputs: