Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
  • Blog
  • Pricing
  • Documentation
Yandex project
© 2025 Yandex.Cloud LLC
Tutorials
    • All tutorials
        • Overview
        • Management console
        • Terraform
      • Transferring a WordPress website from a different hosting provider to Yandex Cloud
      • Setting up virtual hosting
      • Creating a Python web application with Flask
      • Hosting a static Gatsby website
      • Migrating to Cloud CDN from a third-party CDN provider
      • Getting website traffic statistics with S3 Select

In this article:

  • Get your cloud ready
  • Required paid resources
  • Create an infrastructure
  • Configure the Nginx web server
  • Install WordPress and additional components
  • Complete WordPress configuration
  • Test the website
  • How to delete the resources you created
  1. Application solutions
  2. Creating a website
  3. WordPress website on a MySQL® database
  4. Terraform

Creating a WordPress website with a MySQL® database cluster using Terraform

Written by
Yandex Cloud
Updated at May 19, 2025
  • Get your cloud ready
    • Required paid resources
  • Create an infrastructure
  • Configure the Nginx web server
  • Install WordPress and additional components
  • Complete WordPress configuration
  • Test the website
  • How to delete the resources you created

To create an infrastructure for a WordPress website with a MySQL® database cluster using Terraform:

To set up a WordPress website with a MySQL® cluster:

  1. Get your cloud ready.
  2. Create your infrastructure.
  3. Configure Nginx web server.
  4. Install WordPress and additional components.
  5. Complete WordPress configuration.
  6. Test the website.

If you no longer need the resources you created, delete them.

Get your cloud readyGet your cloud ready

Sign up in Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or register a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

Required paid resourcesRequired paid resources

The cost of hosting your WordPress website with a MySQL® cluster includes:

  • Fee for a continuously running VM (see Yandex Compute Cloud pricing).
  • Fee for a MySQL® DB cluster (see Yandex Managed Service for MySQL® pricing).
  • Fee for a dynamic or static external IP address (see Yandex Virtual Private Cloud pricing).
  • Fee for public DNS queries and DNS zones (see Yandex Cloud DNS pricing).

Create an infrastructureCreate an infrastructure

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the documentation on the Terraform website or mirror website.

To create an infrastructure using Terraform:

  1. Install Terraform, get the authentication credentials, and specify the source for installing the Yandex Cloud provider (see Configure a provider, step 1).

  2. Prepare the infrastructure description files:

    Ready-made archive
    Manually
    1. Create a folder.
    2. Download the archive (1 KB).
    3. Unpack the archive to the directory. As a result, the wordpress-mysql.tf configuration file should appear in it.
    1. Create a folder.

    2. Create a configuration file named wordpress-mysql.tf in the folder:

      wordpress-mysql.tf
      terraform {
        required_providers {
          yandex = {
            source  = "yandex-cloud/yandex"
            version = ">= 0.47.0"
          }
        }
      }
      
      provider "yandex" {
        zone = "ru-central1-a"
      }
      
      resource "yandex_compute_disk" "boot-disk" {
        name     = "bootvmdisk"
        type     = "network-hdd"
        zone     = "ru-central1-a"
        size     = "20"
        image_id = "<image_ID>"
      }
      
      resource "yandex_compute_instance" "vm-wordpress-mysql" {
        name        = "wp-mysql-tutorial-web"
        platform_id = "standard-v3"
        zone        = "ru-central1-a"
      
        resources {
          core_fraction = 20
          cores         = 2
          memory        = 2
        }
      
        boot_disk {
          disk_id = yandex_compute_disk.boot-disk.id
        }
      
        network_interface {
          subnet_id          = yandex_vpc_subnet.subnet-1.id
          security_group_ids = ["${yandex_vpc_security_group.sg-1.id}"]
          nat                = true
        }
      
        metadata = {
          ssh-keys = "<username>:<SSH_key_contents>"
        }
      }
      
      resource "yandex_mdb_mysql_cluster" "wp-cluster" {
        name                = "wp-mysql-tutorial-db-cluster"
        environment         = "PRESTABLE"
        network_id          = yandex_vpc_network.network-1.id
        version             = "8.0"
        security_group_ids  = ["${yandex_vpc_security_group.sg-1.id}"]
      
        resources {
          resource_preset_id = "s2.small"
          disk_type_id       = "network-ssd"
          disk_size          = "10"
        }
      
        host {
          zone             = "ru-central1-a"
          subnet_id        = yandex_vpc_subnet.subnet-1.id
          assign_public_ip = false
        }
      
        host {
          zone             = "ru-central1-b"
          subnet_id        = yandex_vpc_subnet.subnet-2.id
          assign_public_ip = false
        }
      
        host {
          zone             = "ru-central1-d"
          subnet_id        = yandex_vpc_subnet.subnet-3.id
          assign_public_ip = false
        }
      }
      
      resource "yandex_mdb_mysql_database" "wp-db" {
        cluster_id = yandex_mdb_mysql_cluster.wp-cluster.id
        name       = "wp-mysql-tutorial-db"
      }
      
      resource "yandex_mdb_mysql_user" "wp-user" {
        cluster_id            = yandex_mdb_mysql_cluster.wp-cluster.id
        name                  = "wordpress"
        password              = "password"
        authentication_plugin = "MYSQL_NATIVE_PASSWORD"
        permission {
          database_name = yandex_mdb_mysql_database.wp-db.name
          roles         = ["ALL"]
        }
      }
      
      resource "yandex_vpc_security_group" "sg-1" {
        name        = "wordpress"
        description = "Description for security group"
        network_id  = yandex_vpc_network.network-1.id
      
        ingress {
          protocol       = "TCP"
          description    = "ext-http"
          v4_cidr_blocks = ["0.0.0.0/0"]
          port           = 80
        }
      
        ingress {
          protocol       = "TCP"
          description    = "ext-ssh"
          v4_cidr_blocks = ["0.0.0.0/0"]
          port           = 22
        }
      
        ingress {
          protocol       = "TCP"
          description    = "ext-msql"
          v4_cidr_blocks = ["0.0.0.0/0"]
          port           = 3306
        }
      
        ingress {
          protocol       = "TCP"
          description    = "ext-https"
          v4_cidr_blocks = ["0.0.0.0/0"]
          port           = 443
        }
      
        egress {
          protocol       = "ANY"
          description    = "any"
          v4_cidr_blocks = ["0.0.0.0/0"]
        }
      }
      
      resource "yandex_vpc_network" "network-1" {
        name = "network1"
      }
      
      resource "yandex_vpc_subnet" "subnet-1" {
        name           = "subnet1"
        zone           = "ru-central1-a"
        network_id     = yandex_vpc_network.network-1.id
        v4_cidr_blocks = ["192.168.1.0/24"]
      }
      
      resource "yandex_vpc_subnet" "subnet-2" {
        name           = "subnet2"
        zone           = "ru-central1-b"
        network_id     = yandex_vpc_network.network-1.id
        v4_cidr_blocks = ["192.168.2.0/24"]
      }
      
      resource "yandex_vpc_subnet" "subnet-3" {
        name           = "subnet3"
        zone           = "ru-central1-d"
        network_id     = yandex_vpc_network.network-1.id
        v4_cidr_blocks = ["192.168.3.0/24"]
      }
      
      resource "yandex_dns_zone" "zone-1" {
        name        = "example-zone-1"
        description = "Public zone"
        zone        = "example.com."
        public      = true
      }
      
      resource "yandex_dns_recordset" "rs-1" {
        zone_id = yandex_dns_zone.zone-1.id
        name    = "example.com."
        ttl     = 600
        type    = "A"
        data    = ["${yandex_compute_instance.vm-wordpress-mysql.network_interface.0.nat_ip_address}"]
      }
      
      resource "yandex_dns_recordset" "rs-2" {
        zone_id = yandex_dns_zone.zone-1.id
        name    = "www"
        ttl     = 600
        type    = "CNAME"
        data    = ["example.com"]
      }
      

    For more information about the properties of Terraform resources, see the relevant Terraform guides:

    • Network: yandex_vpc_network.
    • Subnets: yandex_vpc_subnet.
    • Security groups: yandex_vpc_security_group.
    • VM instance: yandex_compute_instance.
    • MySQL® cluster: yandex_mdb_mysql_cluster.
    • PostgreSQL database: yandex_mdb_postgresql_database.
    • DB user: yandex_mdb_mysql_user.
    • DNS zone: yandex_dns_zone.
    • DNS resource record: yandex_dns_recordset.
  3. Under metadata, specify the metadata for creating a VM: <username>:<SSH_key_contents>. Regardless of the username specified, the key is assigned to the user set in the image configuration. Such users vary depending on an image. For more information, see Keys processed in public images Yandex Cloud.

  4. Under boot_disk, specify the ID of a VM image with relevant components:

    • Debian 11.
    • Ubuntu 20.04 LTS.
    • CentOS 7.
  5. Create the resources:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate
      

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.
      
    3. Run the command:

      terraform plan
      

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply
      
    5. Confirm the changes: type yes in the terminal and press Enter.

After creating the infrastructure, configure the Nginx web server.

Configure the Nginx web serverConfigure the Nginx web server

After the wp-mysql-tutorial-web VM's status changes to RUNNING:

  1. Under Network on the VM page in the management console, find the VM's public IP address.

  2. Connect to the VM via SSH. You can use the ssh utility in Linux or macOS, or PuTTY in Windows.

    The recommended authentication method when connecting over SSH is using a key pair. Make sure to configure the generated key pair so that the private key matches the public key sent to the VM.

  3. Install Nginx, PHP-FPM process manager, and additional packages:

    Debian/Ubuntu
    CentOS
    sudo apt-get update
    sudo apt-get install -y nginx-full php-fpm php-mysql
    sudo systemctl enable nginx
    
    sudo yum -y install epel-release
    sudo yum -y install nginx
    sudo rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
    sudo yum -y --enablerepo=remi-php74 install php php-mysql php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt
    sudo yum -y --enablerepo=remi-php74 install php-fpm
    sudo systemctl enable nginx
    sudo systemctl enable php-fpm
    
  4. Use the Nginx configuration files to configure the web server:

    Debian/Ubuntu
    CentOS
    1. You can edit files in the nano editor:

      sudo nano /etc/nginx/sites-available/wordpress
      
    2. Edit the file as follows:

      server {
          listen 80 default_server;
      
          root /var/www/wordpress;
          index index.php;
      
          server_name <DNS-server_name>;
      
          location / {
              try_files $uri $uri/ =404;
          }
      
          error_page 404 /404.html;
          error_page 500 502 503 504 /50x.html;
          location = /50x.html {
              root /usr/share/nginx/html;
          }
      
          location ~ \.php$ {
              try_files $uri =404;
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              include fastcgi_params;
          }
      }
      
    3. Allow launching your site:

      sudo rm /etc/nginx/sites-enabled/default
      sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/
      

    You can edit the files nginx.conf and wordpress.conf in the nano editor:

    1. Open nginx.conf:

      sudo nano /etc/nginx/nginx.conf
      
    2. Edit the file as follows:

      user nginx;
      worker_processes auto;
      error_log /var/log/nginx/error.log;
      pid /run/nginx.pid;
      include /usr/share/nginx/modules/*.conf;
      
      events {
        worker_connections 1024;
      }
      
      http {
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
      
        access_log  /var/log/nginx/access.log main;
      
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 2048;
      
        include             /etc/nginx/mime.types;
        default_type        application/octet-stream;
      
        include /etc/nginx/conf.d/*.conf;
      }
      
    3. Open wordpress.conf:

      sudo nano /etc/nginx/conf.d/wordpress.conf
      
    4. Edit the file as follows:

      server {
          listen 80 default_server;
      
          root /usr/share/nginx/wordpress/;
          index index.php;
      
          server_name <DNS-server_name>;
      
          location / {
              try_files $uri $uri/ =404;
          }
      
          error_page 404 /404.html;
          error_page 500 502 503 504 /50x.html;
          location = /50x.html {
              root /usr/share/nginx/html;
          }
      
          location ~ \.php$ {
              try_files $uri =404;
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_pass 127.0.0.1:9000;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              include fastcgi_params;
          }
      }
      

Install WordPress and additional componentsInstall WordPress and additional components

  1. Download and unpack the latest WordPress version:

    Debian/Ubuntu
    CentOS
    wget https://wordpress.org/latest.tar.gz
    tar -xzf latest.tar.gz
    mv wordpress/wp-config-sample.php wordpress/wp-config.php
    sudo mv wordpress /var/www/wordpress
    sudo chown -R www-data:www-data /var/www/wordpress
    
    curl https://wordpress.org/latest.tar.gz --output latest.tar.gz
    tar -xzf latest.tar.gz
    mv wordpress/wp-config-sample.php wordpress/wp-config.php
    sudo mv wordpress /usr/share/nginx/wordpress
    sudo chown -R nginx:nginx /usr/share/nginx/wordpress/
    

    Change the SELinux settings:

    sudo semanage fcontext -a -t httpd_sys_content_t "/usr/share/nginx/wordpress(/.*)?"
    sudo semanage fcontext -a -t httpd_sys_rw_content_t "/usr/share/nginx/wordpress(/.*)?"
    sudo restorecon -R /usr/share/nginx/wordpress
    sudo setsebool -P httpd_can_network_connect 1
    
  2. Get WordPress security keys:

    curl --silent https://api.wordpress.org/secret-key/1.1/salt/
    

    Save the command output. You will need the keys in the next step.

  3. Add the security keys to the WordPress configuration file: wp-config.php. You can edit files in the nano editor:

    Debian/Ubuntu
    CentOS
    sudo nano /var/www/wordpress/wp-config.php
    
    sudo nano /usr/share/nginx/wordpress/wp-config.php
    

    Replace the configuration section for the values from the previous step:

    define('AUTH_KEY',         't vz,|............R lZ5]');
    define('SECURE_AUTH_KEY',  '@r&pPD............dK-A%=');
    define('LOGGED_IN_KEY',    '%6TuLl............9>/dNE');
    define('NONCE_KEY',        'DO(u.H............$?ja-e');
    define('AUTH_SALT',        '|G Vo<............Xeb.~y');
    define('SECURE_AUTH_SALT', 'Y5tIYA............7Lxf8J');
    define('LOGGED_IN_SALT',   'gR]>WZ............<>|;YY');
    define('NONCE_SALT',       '=]nQIb............HLT2:9');
    
  4. Go to the connection configuration section for the wp-mysql-tutorial-db-cluster cluster:

    // ** MySQL® settings - You can get this info from your web host. ** //
    /** The name of the database for WordPress. */
    
    define( 'DB_NAME', '<DB_NAME>' );
    /** MySQL® database username. */
    define( 'DB_USER', '<DB_USER>' );
    
    /** MySQL® database password. */
    define( 'DB_PASSWORD', '<DB_PASSWORD>' );
    
    /** MySQL® hostname. */
    define( 'DB_HOST', '<DB_HOST>' );
    

    Replace the placeholders in the file:

    • <DB_NAME>: wp-mysql-tutorial-db DB name.

    • <DB_USER>: wordpress user name.

    • <DB_PASSWORD>: Password you set when creating the database cluster.

    • <DB_HOST>: MySQL® host name in XXXX-XXXXXXXXXX.mdb.yandexcloud.net format.

      To find out the FQDN of your MySQL® host:

      Management console
      CLI
      1. Go to the MySQL® cluster page in the management console.
      2. On the Databases tab next to the DB, click → Connect.
      3. Find the mysql --host=ХХХХ-ХХХХХХХХХХ.mdb.yandexcloud.net line, where ХХХХ-ХХХХХХХХХХ.mdb.yandexcloud.net is the FQDN of the host with the MASTER role.

      Get a host list and copy the MASTER host's NAME:

      yc managed-mysql host list --cluster-name <MySQL®>_cluster_name
      
      +------------------------+----------------------+---------+--------+-------------------+-----------+
      |           NAME         |      CLUSTER ID      |  ROLE   | HEALTH |      ZONE ID      | PUBLIC IP |
      +------------------------+----------------------+---------+--------+-------------------+-----------+
      | rc1a-...mdb.yandexcloud.net | c9quhb1l32unm1sdn0in | MASTER  | ALIVE  | ru-central1-a | false     |
      | rc1b-...mdb.yandexcloud.net | c9quhb1l32unm1sdn0in | REPLICA | ALIVE  | ru-central1-b | false     |
      +------------------------+----------------------+---------+--------+-------------------+-----------+
      
  5. Restart Nginx and PHP-FPM:

    Debian/Ubuntu
    CentOS
    sudo systemctl restart nginx.service
    sudo systemctl restart php7.4-fpm.service
    
    sudo systemctl restart nginx.service
    sudo systemctl restart php-fpm.service
    

Complete WordPress configurationComplete WordPress configuration

  1. Under Network on the VM page in the management console, find the VM's public IP address.
  2. Open the VM by entering its address in your browser.
  3. Select the language and click Continue.
  4. Fill out information to access the website:
    • Enter any website name, for example, wp-your-project.
    • Specify the username to be used to log in to the admin panel (for example, admin).
    • Enter the password to be used to log in to the admin panel.
    • Enter your email address.
  5. Click Install WordPress.
  6. If the installation is successful, click Log in.
  7. Log in to the website with the username and password specified in the previous steps. This will open the admin panel where you can start working with your website.

Test the websiteTest the website

To test the site, enter its IP address or domain name in your browser:

  • http://<public_IP_of_VM>
  • http://www.example.com

To access the WordPress control panel, use http://www.example.com/wp-admin/.

How to delete the resources you createdHow to delete the resources you created

To stop paying for the resources you created:

  1. Open the single-node-file-server.tf configuration file and delete your infrastructure description from it.

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate
      

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.
      
    3. Run the command:

      terraform plan
      

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply
      
    5. Confirm the changes: type yes in the terminal and press Enter.

See alsoSee also

  • Creating a WordPress website with a MySQL® database cluster using the management console.

Was the article helpful?

Previous
Management console
Next
Transferring a WordPress website from a different hosting provider to Yandex Cloud
Yandex project
© 2025 Yandex.Cloud LLC