Operations grimoire/WordPress: Difference between revisions
From Nasqueron Agora
(→= Credentials: heading level correction) |
|||
| Line 6: | Line 6: | ||
== Add a new WordPress site == | == Add a new WordPress site == | ||
=== Standalone or multisite? === | |||
There are three cases to consider the hosting flavour you want: | |||
** '''Multisite.''' Do you only want a blog, or need Askimet plugin, standard themes like Twenty-something? Use the "trusted plugins only" WordPress multisite (formerly WordPress Mu) installation. Plugins and themes will be auto updated regularly. | |||
** '''Standalone.''' Do you need custom themes and plugins? You get your own wp-content folder (plugins, uploads, themes), specific wordpress-<user> php-fpm user and own credentials for db, to isolate your site from other ones. | |||
** '''A new multisite.''' Do you need a specific set of plugins for several sites? Create a new multisite with a specific set of rules. | |||
Note: we don't encourage an approach "install them all": each plugin increases the surface of attack of the site, and you benefit to use the minimal set of plugin possible. | |||
Small custom plugins only to configure settings require a standalone installation. | |||
=== Credentials === | === Credentials === | ||
;Note for multisite | ;Note for multisite | ||
:If a multisite installation is used, there is nothing to prepare, credentials are then | :If a multisite installation is used, there is nothing to prepare, credentials are then shared for all the WordPress sites from that specific multisite installation. | ||
;Database | ;Database | ||
:Create a database on the cluster B (MariaDB). A dedicated database only for this site is recommended. See [[Operations grimoire/MySQL]]. | :Create a database on the cluster B (MariaDB). A dedicated database only for this site is recommended. See [[Operations grimoire/MySQL]]. | ||
;WordPress secrets | ;WordPress secrets | ||
:Configure pillar/saas/mediawiki.sls, then use {{Ops file|utils/vault/wordpress-provision-secrets.py}} with the path given as secrets argument in the pillar to populate the needed secrets (8 for WordPress 6.2). | :Configure pillar/saas/mediawiki.sls, then use {{Ops file|utils/vault/wordpress-provision-secrets.py}} with the path given as secrets argument in the pillar to populate the needed secrets (8 for WordPress 6.2). | ||
Revision as of 21:15, 30 April 2023
Plan to create a WordPress SaaS is documented at T1685.
Currently, only credentials are managed by the saas-mediawiki role, ie it allows to generate wp-config.php.
If you need a WordPress site, blog or more sophisticated, review T1685 plan, and if you agree with the plan, we can implement that quickly.
Add a new WordPress site
Standalone or multisite?
There are three cases to consider the hosting flavour you want:
- Multisite. Do you only want a blog, or need Askimet plugin, standard themes like Twenty-something? Use the "trusted plugins only" WordPress multisite (formerly WordPress Mu) installation. Plugins and themes will be auto updated regularly.
- Standalone. Do you need custom themes and plugins? You get your own wp-content folder (plugins, uploads, themes), specific wordpress-<user> php-fpm user and own credentials for db, to isolate your site from other ones.
- A new multisite. Do you need a specific set of plugins for several sites? Create a new multisite with a specific set of rules.
Note: we don't encourage an approach "install them all": each plugin increases the surface of attack of the site, and you benefit to use the minimal set of plugin possible.
Small custom plugins only to configure settings require a standalone installation.
Credentials
- Note for multisite
- If a multisite installation is used, there is nothing to prepare, credentials are then shared for all the WordPress sites from that specific multisite installation.
- Database
- Create a database on the cluster B (MariaDB). A dedicated database only for this site is recommended. See Operations grimoire/MySQL.
- WordPress secrets
- Configure pillar/saas/mediawiki.sls, then use rOPS: utils/vault/wordpress-provision-secrets.py with the path given as secrets argument in the pillar to populate the needed secrets (8 for WordPress 6.2).
