This article provides a super-quick process for creating a WordPress site in the Google Cloud Platform (GCP), suitable for use in CGP’s free service tier. I found that creating a VM instance from the Google Cloud Platform Marketplace is much easier than building out WordPress straight from a GCP VM instance.
This article assumes a familiarity with IP networking and Linux.
First, create an External IP address for your WordPress VM. One External IP address is included in GCP’s free tier.
console.cloud.google.com > VPC network > External IP addresses > Reserve static IP address
Name, or note the name of, the External IP address, so you can attach it to the VM instance.
Next, launch a WordPress instance from the GCP Marketplace; use the f1-micro machine type if you wish to take advantage of GCP’s free tier. The f1-micro instance may seem under-powered, but in my limited testing, it is faster than my websites hosted on a shared hosting provider. YMMV.
console.cloud.google.com/marketplace/product/click-to-deploy-images/wordpress > Launch Machine type: micro (1 shared vCPU; 0.6 GB memory, f1-micro) Add Network Interface: select your External IP address as the External IP Check Allow HTTP traffic from the Internet Check Allow HTTPS traffic from the Internet Deploy
Once the WordPress instance is deployed, you will be shown a list of URLs, usernames, and passwords associated with your WordPress instance (like the wp-admin URL and the default WordPress “admin” credentials) and the accompanying MySQL database details. Record these; you can find many (but not all) of this information if you drill down into the “VM instance details”.
Access your VM either via the Google Cloud Shell or via SSH; “SSH connections to Linux VMs” has the details. As a putty user, I found “Connecting to VMs using advanced methods” and “Installing the public key as an authorized key on a server” helpful.
At this point, you are ready to start configuring WordPress. But one last batch of commands will be useful to configure your new WordPress instance for SSL using LetsEncypt. The “Setup Free SSL for WordPress on Google Cloud” and “certbot instructions” links were helpful. Of course your DNS plumbing needs to in place first.
root@wp-vm:/tmp# lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 9.13 (stretch) Release: 9.13 Codename: stretch root@wp-vm:/# apt update root@wp-vm:/# apt install dnsutils telnet tcpdump root@wp-vm:/# apt install snapd root@wp-vm:/# snap install core root@wp-vm:/# snap refresh core root@wp-vm:/# snap install --classic certbot root@wp-vm:/# ln -s /snap/bin/certbot /usr/bin/certbot root@wp-vm:/# certbot --apache Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache No names were found in your configuration files. Please enter in your domain name(s) (comma and/or space separated) (Enter 'c' to cancel): uniyatra.com,wp.uniyatra.com,www.uniyatra.com Requesting a certificate for uniyatra.com Performing the following challenges: http-01 challenge for uniyatra.com Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/000-default-le-ssl.conf Enabled Apache socache_shmcb module Enabled Apache ssl module Deploying Certificate to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf Enabling available site: /etc/apache2/sites-available/000-default-le-ssl.conf Redirecting vhost in /etc/apache2/sites-enabled/000-default.conf to ssl vhost in /etc/apache2/sites-available/000-default-le-ssl.conf root@wp-vm:/# certbot renew --dry-run Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/uniyatra.com.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not due for renewal, but simulating renewal for dry run Plugins selected: Authenticator apache, Installer apache Account registered. Simulating renewal of an existing certificate for .uniyatra.com Performing the following challenges: http-01 challenge for uniyatra.com Waiting for verification... Cleaning up challenges - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed with reload of apache server; fullchain is /etc/letsencrypt/live/uniyatra.com/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations, all simulated renewals succeeded: /etc/letsencrypt/live/uniyatra.com/fullchain.pem (success) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - root@wp-vm:/# tail -1 /etc/crontab 45 2 * * 6 root /usr/bin/certbot renew && /etc/init.d/apache2 restart
Then the requisitite testing:
root@wp-vm:/# /usr/sbin/apache2ctl -t Syntax OK root@wp-vm:/# /etc/init.d/apache2 restart
and just for the record:
root@wp-vm:/# grep letsencrypt /etc/apache2/sites-available/000-default-le-ssl.conf Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/uniyatra.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/uniyatra.com/privkey.pem