90 lines
3.1 KiB
Markdown
90 lines
3.1 KiB
Markdown
# Hetzner HA WordPress
|
|
|
|
This repository contains scripts and configuration files to set up a highly
|
|
available (HA) WordPress instance on Hetzner Cloud infrastructure. The aim of this
|
|
project is to provide a robust and scalable solution for hosting a WordPress
|
|
website with high availability.
|
|
|
|
## Table of Contents
|
|
|
|
- [Features](#features)
|
|
- [Requirements](#requirements)
|
|
- [Deployment](#deployment)
|
|
- [Testing](#testing)
|
|
- [Open Tasks](#open-tasks)
|
|
- [License](#license)
|
|
|
|
## Features
|
|
- High availability setup for WordPress using [Hetzner Cloud](https://www.hetzner.com/de/cloud)
|
|
- Automated deployment of cloud infrastructure via [terraform](https://www.terraform.io/)
|
|
- Automated provisioning of the servers with [ansible](https://www.ansible.com/)
|
|
- Test environment with [vagrant](https://www.vagrantup.com/)
|
|
|
|
## Requirements
|
|
|
|
Before you begin, ensure you have the following:
|
|
|
|
- A Hetzner Cloud account and API token
|
|
- A recent installation of [ansible](https://www.ansible.com/)
|
|
- A recent installation of [terraform](https://developer.hashicorp.com/terraform/downloads)
|
|
|
|
If you would like to test the ansible provisioning locally, ensure you have the following:
|
|
- A recent installation of [vagrant](https://developer.hashicorp.com/vagrant/downloads)
|
|
- A recent installation of [virtualbox](https://www.virtualbox.org/wiki/Downloads)
|
|
|
|
## Deployment
|
|
To deploy the cloud infrastructure with terraform, switch into the terraform folder
|
|
```bash
|
|
cd terraform
|
|
```
|
|
Export the hcloud token as environment variable
|
|
```bash
|
|
export HCLOUD_TOKEN="<your-hcloud-token>"
|
|
```
|
|
Initialize terraform
|
|
```bash
|
|
terraform init
|
|
```
|
|
And apply the changes using the production variables
|
|
```bash
|
|
terraform apply -var-file="prod.tfvars"
|
|
```
|
|
|
|
## Testing
|
|
To test the provisioning with ansible, vagrant is used.
|
|
The secrets are stored in an [ansible vault](https://docs.ansible.com/ansible/latest/cli/ansible-vault.html).
|
|
Vagrant expects them in a password file `vault_pass` in the root of the repo.
|
|
This file is not included for obvious reasons.
|
|
Please ask the project maintainer if you need the vault password.
|
|
|
|
|
|
Launch the virtualboxes inside the repository root folder
|
|
```bash
|
|
vagrant up
|
|
```
|
|
For subsequent tests of the playbook run
|
|
```bash
|
|
vagrant provision
|
|
```
|
|
To connect to a specific machine run
|
|
```bash
|
|
vagrant ssh web1
|
|
```
|
|
|
|
## Open Tasks
|
|
- [ ] Replication of the file system between machines: [GlusterFS](https://www.gluster.org/)
|
|
- [ ] Replication of the database between machine: Using [mysql replication](https://mariadb.com/kb/en/setting-up-replication/)
|
|
- [ ] Provision hcloud server with the [cloud init ansible module](https://cloudinit.readthedocs.io/en/latest/reference/modules.html#ansible)
|
|
- [ ] Setup Hetzner Managed certificate for the loadbalancer and set type to https
|
|
- [ ] Assign the correct static external IP to the loadbalancer
|
|
- [ ] Add required SSH keys
|
|
- [ ] Document terraform modules with [terraform-docs](https://terraform-docs.io/)
|
|
|
|
Shortcomings which should be addressed in future versions
|
|
- Use an external secret provider
|
|
- Store the terraform state remote
|
|
|
|
|
|
## License
|
|
Hetzner HA WordPress is licensed under the [MIT License](https://opensource.org/license/MIT/).
|