Virtual servant for WordPress with Subversion

Last update: 26 of April of 2020

Table of contents

If sometimes you have considered to contribute to WordPress, many forms exist to do it. From we raised the first steps for it with the creation of a virtual machine here in which to synchronize WordPress with Subversion, so that it always is and that allows you to work with the same material in which the community does of developer.

Requirements

In principle any special requirement is not necessary, simply to have access to the SVN of WordPress.

Infrastructure

In principle the system in any type of machine, or a virtual one can be mounted, a Docker or a VPS. In this case, so that it is within reach of all and without minimum requirements, we will use a VPS of any supplier. If it interests to you, you can find some VPS for developer.

In this case we have used a machine with 1 CPU, 2 GB of RAM and 10 GB of disc SSD. With half of resources it would have to work without trouble. What we are going to show is based on an Ubuntu 18 LTS. We will use PHP 7,4, MariaDB 10,4 and other services.

We create a machine

As it commented before, we can create a machine anywhere. It can be in a VPS of a company of hosting, or can be a Docker that we have in the premises. Also there are options to use the own system of Vagrant. In this case we will create the machine from zero with our moderately customized configuration.

As operating system of this example we are going to use Ubuntu 18 LTS.

Update of the system

First that we will do it is to bring up to date the system.

apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove

Once this, we will put in hour the system.

timedatectl UTC set-timezone timedatectl set-NTP on

In addition, we will install some basic tools.

apt - and install software-properties-common curl vim unzip

Basic servant of Data

For the data base we are going to use MariaDB 10.4; this version has a great change as far as the system of keys with respect to its version predecessor, reason why, to avoid problems, we are going to use this last version.

First it will be to unload and to install the basic servant of data.

curl - foll https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | I sweat bash - s -- --mariadb-server-version= " mariadb-10.4€ apt - and update apt - and install mariadb-server mariadb-client systemctl restart mysql.service

Now that we have the data base installed, we will execute the configuration system for the first time.

mysql_secure_installation

Here to some options and questions will occur us. It prepares your password of root of the data base and keeps it well.

For Enter current password root (to enter for none): Switch to unix_socket authentication [Y/n] n Change the root password? [Y/n] and Remove anonymous users? [Y/n] and Disallow root login remotely? [Y/n] and Remove test database and Access to it? [Y/n] and Reload privilege tables now? [Y/n] and

Once we have answered the questions, we will reinitiate the data base to leave working it.

systemctl restart mysql.service

Web server

For the Web server we are going to use nginx. This Web server works very or with WordPress at the time of developing or maintaining great sites, although he does not allow the use of the files .htaccess (he is had to form previously, without the users or plugins can change the configuration).

add-apt-repository ppa: ondrej/nginx apt - and update apt - and install nginx systemctl stop nginx.service systemctl inable nginx.service systemctl start nginx.service

Servant PHP

So that WordPress works we will need to install PHP, the interpreter of the code. In this case we will use the version of PHP 7.4. In addition, we will install the recommended extensions, which will suppose an extra work of configuration.

Installation PHP base

We will begin with the nucleus of PHP and PHP-FPM, in addition to the basic extensions that come pre-compiled.

add-apt-repository ppa: ondrej/php apt - and update apt - and install php7.4 php7.4-fpm php7.4-curl php7.4-gd php7.4-mbstring php7.4-XML php7.4-zip php7.4-mysql php7.4-mysqlnd php7.4-bcmath php7.4-gmp php7.4-tidy php7.4-dev to php-pear pkg-config imagemagick libmagickwand-dev

Installation of ImageMagick

This extension allows the management of images improved on GD.

pecl channel-update pecl.php.net pecl install imagick I throw €˜extension=imagick.so€™ >> /etc/php/7.4/mods-available/imagick.ini ln - s /etc/php/7.4/mods-available/imagick.ini /etc/php/7.4/fpm/conf.d/30-imagick.ini

Installation of XDiff

This extension allows the application of patch that includes differences of files.

CD /usr/src wget http://www.xmailserver.org/libxdiff-0.23.tar.gz to tar - xzf libxdiff-0.23.tar.gz CD libxdiff-0.23 ./configure make make install pecl install xdiff I throw €˜extension=xdiff.so€™ >> /etc/php/7.4/mods-available/xdiff.ini ln - s /etc/php/7.4/mods-available/xdiff.ini /etc/php/7.4/fpm/conf.d/30-xdiff.ini

Installation of APCu

This extension improves the system of cache of code PHP.

CD pecl install apcu I throw €˜extension=apcu.so€™ >> /etc/php/7.4/mods-available/apcu.ini ln - s /etc/php/7.4/mods-available/apcu.ini /etc/php/7.4/fpm/conf.d/30-apcu.ini

Installation of Redis

Also we will install the extension of the servant of Redis cache.

pecl install redis I throw €˜extension=redis.so€™ >> /etc/php/7.4/mods-available/redis.ini ln - s /etc/php/7.4/mods-available/redis.ini /etc/php/7.4/fpm/conf.d/30-redis.ini

Configuration of PHP

For the development, we will make some changes in the file of PHP configuration, mainly to give more manoeuvre margin to the memory and the visualization of errors by screen and at the time of testing.

First that we will do it will be to open the configuration file.

vim /etc/php/7.4/fpm/php.ini

And there we will make some changes in the configuration.

max_execution_time = 60 memory_limit = 256M error_reporting = E_ALL display_errors = On post_max_size = 32M upload_max_filesize = 32M date.timezone = €˜UTC€™

Once this, we will form PHP-FPM so that one activates automatically with the system.

systemctl stop php7.4-fpm.service systemctl inable php7.4-fpm.service systemctl start php7.4-fpm.service

Servant of Redis cache

We will install the Redis servant and we will give some changes him to the configuration so that it is not saturated.

First we will install it and we will synchronize it with PHP.

apt - and install redis-server php-redis

We will open the configuration file.

vim /etc/redis/redis.conf

And we will make some changes in the configuration.

maxmemory 256megabyte maxmemory-policy allkeys-lru

Finally we will reinitiate it, next to PHP so that its extension is applied.

systemctl stop redis-server.service systemctl inable redis-server.service systemctl start redis-server.service systemctl restart php7.4-fpm.service

Servant TLS certificate

Nowadays all the sites would have to work under HTTPS, reason why to make more real and similar the surroundings of development we will use a certificate of Let's Encrypt. For this we will need that the site has a hostname/public domain. Normally the VPS suppliers usually put a hostname to him to the machines, reason why we can use that.

We will generate one nails only in addition to installing the system of Certbot for nginx.

openssl dhparam - out /etc/ssl/certs/dhparam.pem 2048 add-apt-repository ppa: certbot/certbot apt - and update apt - and install python-certbot-nginx

And so that one does not forget to us, we will form a programmed task that updates the certificate automatically. For it we will open the publisher of crones.

crontab - e

And there we will add the execution, every day to the 06:45.

45 6 * * * certbot renew

Installation of Subversion

In order to work we will need the tools client of Subversion, reason why we will install the tool.

apt - and install subversion subversion-tools libsvn-dev

Installation of NodeJS

So that we can make work all the development system and some other tests we will need NPM and NodeJS, reason why we will come to install it.

CD curl - sL https://deb.nodesource.com/setup_13.x | I sweat - and bash - apt - and install nodejs

Conclusion of the configuration

In principle or we have everything what we needed installed, reason why, before following, we are going to make a complete update of the system (again) to eliminate old or incompatible software yet the one that we have installed.

apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove

Configuration of the site

Now that already we have all ready at system level and tools, which we will do will be to form software so that we can work with him as if of a normal website and current one treated, although with that version of development.

First that we will do it will be to eliminate the website by defect that brings the system and we will replace it by which of little information.

rm /var/www/html/index. * vim /var/www/html/index.html

Here we will add following code HTML by defect.

<! DOCTYPE html> <p>Hello World! </p>

The same we will do with the file robots.txt

vim /var/www/html/robots.txt

In that we will block its tracking.

User-Agent: * Disallow: /

Now that we have the site by corrected defect, we are going to alter the configuration of nginx to be able to work of more suitable form with our site of development. First we will eliminate the configuration by defect and we will replace it by one altered.

CD /etc/nginx/sites-enabled/ rm default nginx.conf.original CD /etc/nginx/ cp nginx.conf vim nginx.conf

And we will replace the configuration by the following one.

to user www-dates; pid /run/nginx.pid; worker_processes car; worker_rlimit_nofile 65535; include /etc/nginx/modules-enabled/ *.conf; events \ {multi_accept on; worker_connections 65535; it uses epoll; } HTTP \ {charset utf-8; sendfile on; tcp_nopush on; tcp_nodelay on; server_tokens in off; log_not_found in off; types_hash_max_size 2048; client_max_body_size 64m; keepalive_timeout 65; server_names_hash_bucket_size 128; server_names_hash_max_size 1024; # PAMPERS include /etc/nginx/mime.types; default_type application/octet-stream; # logging access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; # SSL ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; # gzip gzip on; gzip_vary on; gzip_proxied any; gzip_comp_level 9; gzip_disable €œmsie6€; gzip_buffers 16 8k; gzip_min_length 1100; gzip_types application/atom+xml application/Javascript application/json application/x-Javascript application/xml application/xml+rss image/svg+xml text/css text/Javascript text/plain text/xml; # dwells include /etc/nginx/conf.d/ *.conf; include /etc/nginx/sites-enabled/ *; }

In addition, we will add a configuration to work with PHP and WordPress.

vim wordpress_fastcgi.conf

That it will contain the following thing.

fastcgi_pass UNIX: /var/run/php/php7.4-fpm.sock; fastcgi_index index.php; fastcgi_buffers 256 16k; fastcgi_buffer_size 128k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors in off; fastcgi_split_path_info ^ (. +.php) (/.+) $; try_files $fastcgi_script_name =404; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PHP_ADMIN_VALUE open_basedir=$document_root/: /usr/lib/php/: /tmp/; fastcgi_param PATH_INFO $path_info; set $path_info $fastcgi_path_info; include fastcgi.conf;

Once we have this, we would have to be able to reinitiate nginx without trouble and to leave it in march.

nginx - t nginx - s reload

From we are going here to make a copy of the software of WordPress following the official Subversion of WordPress. In this case we are going to mount all the system in the /webs/ folder from the root of the system, but it is possible to be done on anyone.

to mkdir /webs/ CD /webs/ to mkdir /webs/wordpress-svn/ CD /webs/wordpress-svn/ svn Co https://develop.svn.wordpress.org/trunk/.

Now that we have cloned software, we are going to cause that it is navigable as any website were.

CD /etc/nginx/sites-available/ vim WordPress-svn.conf

Where we will create a minimum configuration.

server \ {lists 80; they list [::]: 80; server_tokens in off; server_name example.com; root /webs/wordpress-svn/src; index index.php index.html; location = /favicon.ico \ {log_not_found in off; access_log in off; } location = /robots.txt \ {allow all; log_not_found in off; access_log in off; } location ~ /.well-known \ {allow all; } location ~/\ .ht \ {deny all; }}

And we will reinitiate nginx so that the changes are applied.

ln - s /etc/nginx/sites-available/wordpress-svn.conf /etc/nginx/sites-enabled/ nginx - t nginx - s reload

Now we have to create and to install the TLS certificate to have a site with HTTPS.

certbot --hello@example.com email --agree-cough --authenticator webroot --to installer nginx

When it asks us for tura of our software, we will tell him that it is in the corresponding folder.

/webs/wordpress-svn/src

Now we have to create the data base for our website. We will need the password root that we formed previously.

mysql - or root - p

You will need a password for this exclusive data base for our WordPress development. Please, it creates your own password that is something safe.

Wordpress CHARACTER CREATES DATABASE to YOU SET = utf8mb4 COLLATE = utf8mb4_bin; GRANT ALL ON wordpress.* TO €˜wordpress'@'localhost€™ IDENTIFIED BY €˜_PASSWORD_€™; GRANT ALL ON wordpress.* TO €˜wordpress'@'127.0.0.1€™ IDENTIFIED BY €˜__PASSWORD€™; FLUSH PRIVILEGES; quit

Now that we have the TLS certificate and the data base, we are going to create our site with all the safe configuration, in addition to certain specific configuration for WordPress.

CD /etc/nginx/sites-available/ vim WordPress-svn.conf

Here we will be able to replace basic the initial configuration by more an outpost.

# All HTTP traffic will sees sent to HTTPS server \ {list 80; they list [::]: 80; server_name example.com; return 301 https://example.com$request_uri; access_log in off; } # REAL SITE server \ {lists 443 SSL http2; they list [::]: 443 SSL http2; # SSL ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; ssl_session_timeout 1d; ssl_session_cache shared: SSL: 128m; ssl_session_tickets in off; # SSL modern configuration ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384: ECDHE-RSA-AES256-GCM-SHA384: ECDHE-ECDSA-CHACHA20-POLY1305: ECDHE-RSA-CHACHA20-POLY1305: ECDHE-ECDSA-AES128-GCM-SHA256: ECDHE-RSA-AES128-GCM-SHA256: ECDHE-ECDSA-AES256-SHA384: ECDHE-RSA-AES256-SHA384: ECDHE-ECDSA-AES128-SHA256: ECDHE-RSA-AES128-SHA256; # SSL OCSP Stapling ssl_stapling on; ssl_stapling_verify on; to solve 208.67.222.222 8.8.8.8 valid=300s; resolver_timeout 2s; # Security headers to add_header Referrer-Policy €œstrict-origin-when-cross-origin€ always; to add_header Strict-Transport-Security €œmax-age=31536000; includeSubDomains; preload€ always; #logs access_log /var/log/nginx/WordPress-access.log combined buffer=64k flush=5m; error_log /var/log/nginx/WordPress-error.log; #CONFIG server_name example.com; root /webs/wordpress-svn/src; index index.php; # try_files ROOT location/\ {$uri $uri//index.php; } # ROOT PHP location ~ \ .php$ \ {include wordpress_fastcgi.conf; } location ~ wp-config \ {deny all; } # HIDDEN YOU CASE OUT location ~/\ .well-known \ {allow all; } location ~/\ .ht \ {deny all; } # WEB YOU CASE OUT location ~ /favicon. (ICO|png) \ {log_not_found in off; access_log in off; } location = /robots.txt \ {allow all; log_not_found in off; access_log in off; } # STATIC YOU BREAK location ~* \. (aac|avi|bmp|bz2|cur|docx? |eot|exe|flv|GIF|gz|heic|htc|ICO|jpe? g|m4a|midi? |mov|mp3|mp4|MEP? g|ogg|ogv|otf|pdf|png|pptx? |to rar|rtf|svgz? |to tar|tgz|tiff? |ttc|ttf|txt|wav|webm|webp|wmv|woff|woff2|xlsx? |zip) $ \ {you expire max; to add_header Break-Control €œpublic€; log_not_found in off; access_log in off; } location ~* \. (atom|css|js|rss) $ \ {you expire 7d; to add_header Break-Control €œpublic€; log_not_found in off; access_log in off; } location ~* \. (: eot|otf|ttf|woff|woff2) $ \ {to add_header Access-Control €œ*€; } location ~* \ /wp-admin \ /load- (: scripts|styles) \ .php \ {if ($query_string ~* €œ^. \ {512,} $€) \ {return 444; }}}

We will reinitiate nginx and accede to the folder of our new WordPress.

nginx - t nginx - s reload CD /webs/wordpress-svn/

We form Subversion for WordPress

Now we have to form our software so that can be maintained to the day with the development source code of WordPress. It is necessary to remember that this version of software usually is one alpha or beta, reason why the probabilities that there are errors are great, and therefore of they must report in the Trac de WordPress.

In order to begin we will have to install NPM so that we can make it work according to is necessary.

CD /webs/wordpress-svn/ npm install npm run dev

With this we will have a great amount of tools and specific configurations for the development of WordPress.

Installation of WordPress

Before entering our WordPress of development, the best thing will be to create a file of configuration advanced enough. By defect we will install it in the folder root of our installation.

CD /webs/wordpress-svn/src/ vim wp-config.php

That it would contain a content similar to the following one. You can create your own configuration from wp-config.pro. NOTE: It remembers to update the data of the data base with your own data.

<? php/* Database connection * defines (€˜DB_NAME€™, €˜wordpress€™); it defines (€˜DB_USER€™, €˜wordpress€™); it defines (€˜DB_PASSWORD€™, €˜__PASSWORD€™); it defines (€˜DB_HOST€™, €˜localhost€™); it defines (€˜DB_CHARSET€™, €˜utf8megabyte4€™); it defines (€˜DB_COLLATE€™, €˜utf8megabyte4_bin€™); /* Tables * $table_prefix = €˜wp_€™; /* Security */* Security Keys * defines (€˜AUTH_KEY€™, €˜putt your unique phrase here€™); it defines (€˜SECURE_AUTH_KEY€™, €˜putt your unique phrase here€™); it defines (€˜LOGGED_IN_KEY€™, €˜putt your unique phrase here€™); it defines (€˜NONCE_KEY€™, €˜putt your unique phrase here€™); it defines (€˜AUTH_SALT€™, €˜putt your unique phrase here€™); it defines (€˜SECURE_AUTH_SALT€™, €˜putt your unique phrase here€™); it defines (€˜LOGGED_IN_SALT€™, €˜putt your unique phrase here€™); it defines (€˜NONCE_SALT€™, €˜putt your unique phrase here€™); /* HTTPS * defines (€˜FORCE_SSL_LOGIN€™, true); it defines (€˜FORCE_SSL_ADMIN€™, true); it defines (€˜WP_DISABLE_FATAL_ERROR_HANDLER€™, false); /* URL/Path */* Cookies */* Content * defines (€˜AUTOSAVE_INTERVAL€™, 30); it defines (€˜WP_POST_REVISIONS€™, 5); it defines (€˜MEDIA_TRASH€™, true); it defines (€˜EMPTY_TRASH_DAYS€™, 7); it defines (€˜WP_MAIL_INTERVAL€™, 86400); /* Memory * defines (€˜WP_MEMORY_LIMIT€™, €˜128M€™); it defines (€˜WP_MAX_MEMORY_LIMIT€™, €˜256M€™); /* Updating * defines (€˜AUTOMATIC_UPDATER_DISABLED€™, true); it defines (€˜WP_AUTO_UPDATE_CORE€™, €˜minor€™); it defines (€˜CORE_UPGRADE_SKIP_NEW_BUNDLED€™, true); /* File edition * defines (€˜DISALLOW_FILE_MODS€™, false); it defines (€˜DISALLOW_FILE_EDIT€™, false); it defines (€˜IMAGE_EDIT_OVERWRITE€™, true); /* Performance * defines (€˜WP_CACHE€™, true); it defines (€˜WP_CACHE_KEY_SALT€™, €˜aaaaaaaaaa: €™); it defines (€˜COMPRESS_CSS€™, true); it defines (€˜COMPRESS_SCRIPTS€™, true); it defines (€˜CONCATENATE_SCRIPTS€™, false); it defines (€˜ENFORCE_GZIP€™, true); /* Cron * defines (€˜DISABLE_WP_CRON€™, false); it defines (€˜ALTERNATE_WP_CRON€™, false); it defines (€˜WP_CRON_LOCK_TIMEOUT€™, 60); /* FTP Access */* Plugins Must-Use */* Filtering * defines (€˜DISALLOW_UNFILTERED_HTML€™, false); it defines (€˜ALLOW_UNFILTERED_UPLOADS€™, false); /* Feed to reader * defines (€˜MAGPIE_CACHE_ON€™, true); it defines (€˜MAGPIE_CACHE_DIR€™, €˜breaks€™); it defines (€˜MAGPIE_CACHE_AGE€™, 3600); it defines (€˜MAGPIE_CACHE_FRESH_ONLY€™, false); it defines (€˜MAGPIE_DEBUG€™, false); it defines (€˜MAGPIE_USER_AGENT€™, €˜Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv: 64.0) Gecko/20100101 Firefox/64.0€™); it defines (€˜MAGPIE_FETCH_TIME_OUT€™, 5); it defines (€˜MAGPIE_USE_GZIP€™, true); /* MultiSite * defines (€˜WP_ALLOW_MULTISITE€™, false); it defines (€˜WP_DEFAULT_THEME€™, €˜twentytwenty€™); /* External URL Requests */* File permissions */* Proxy */* Debug * defines (€˜WP_DEBUG€™, true); if (WP_DEBUG) \ {defines (€˜WP_DEBUG_DISPLAY€™, true); it defines (€˜WP_DEBUG_LOG€™, false); } defines (€˜SCRIPT_DEBUG€™, false); it defines (€˜SAVEQUERIES€™, false); /* Do not change anything else to after this line! Thank you! * if (! defined (€˜ABSPATH€™)) defines (€˜ABSPATH€™, dirname (__FILE). €˜/€™); require_once ABSPATH. €˜wp-settings.php€™;

Now that already we have all ready one concerning systems to have a WordPress ready to show to errors and problems, we will begin the installation as any WordPress one is. For it simply we will accede to the direction Web of our hostname/domain that we have formed previously.

Maintenance of the system

As of this moment, we can be updating and synchronizing our code, executing an update of SVN and, of step, all the system.

apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove CD /webs/wordpress-svn/ svn up

And up to here we have an installation from zero of the main SVN of development of WordPress, where we can analyze or verify our developments for future versions, or to apply patches already developed by the community but pending to verify.