Contact UsGet started
© 2024 Iron Hive LLC Belgrade

Creating a Joomla website with a PostgreSQL database using Terraform

Written by
Updated at September 24, 2024

To create an infrastructure for your Joomla website with a PostgreSQL database using Terraform:

  1. Prepare your cloud.
  2. Create an infrastructure.
  3. Install Joomla and additional components.
  4. Configure the Apache2 web server.
  5. Configure Joomla.
  6. Upload the website files.
  7. Create an infrastructure.
  8. Test the website.

If you no longer need the resources you created, delete them.

Prepare your cloud

Sign up for Yandex Cloud and create a billing account:

  1. Go to the management console and log in to Yandex Cloud or create an account if you do not have one yet.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one.

If you have an active billing account, you can go to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

Make sure the selected folder contains a network with subnets in the ru-central1-a, ru-central1-b, and ru-central1-d availability zones. To do this, select Virtual Private Cloud on the folder page. If the list contains a network, click its name to see the list of subnets. If the subnets or network you need are not listed, create them.

The cost of hosting a Joomla-powered website includes:

Create an infrastructure

Terraform allows you to quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. Configuration files store the infrastructure description in the HashiCorp Configuration Language (HCL). Terraform and its providers are distributed under the Business Source License.

For more information about the provider resources, see the documentation on the Terraform website or the mirror.

If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

To create an infrastructure using Terraform:

  1. Install Terraform and specify the source for installing the Yandex Cloud provider (see Configure a provider, step 1).

  2. Prepare a file with the infrastructure description:

    1. Create a directory for the file with the infrastructure description.
    2. Download the archive (2 KB).
    3. Unpack the archive to the directory. As a result, it should contain the joomla-postgresql-terraform.tf configuration file and the joomla-postgresql-terraform.auto.tfvars file with user data.

    1. Create a directory for the file with the infrastructure description.

    2. In the directory, create a configuration file named joomla-postgresql-terraform.tf:

      joomla-postgresql-terraform.tf
      # Declaring variables for custom parameters

variable "folder_id" {
  type = string
}

variable "vm_user" {
  type = string
}

variable "ssh_key_path" {
  type = string
}

variable "db_user" {
  type = string
}

variable "db_password" {
  type      = string
  sensitive = true
}

variable "dns_zone" {
  type = string
}

variable "dns_recordset_name" {
  type = string
}

# Adding other variables

locals {
  network_name       = "example-network"
  subnet_name1       = "subnet-1"
  subnet_name2       = "subnet-2"
  subnet_name3       = "subnet-3"
  sg_vm_name         = "sg-vm"
  sg_pgsql_name      = "sg-pgsql"
  vm_name            = "joomla-pg-tutorial-web"
  cluster_name       = "joomla-pg-tutorial-db-cluster"
  db_name            = "joomla-pg-tutorial-db"
  dns_zone_name      = "example-zone-1"
}

# Setting up the provider

terraform {
  required_providers {
    yandex    = {
      source  = "yandex-cloud/yandex"
      version = ">= 0.47.0"
    }
  }
}

provider "yandex" {
  folder_id = var.folder_id
}

# Creating a cloud network

resource "yandex_vpc_network" "joomla-pg-network" {
  name = local.network_name
}

# Creating a subnet in the ru-central1-a availability zone

resource "yandex_vpc_subnet" "joomla-pg-network-subnet-a" {
  name           = local.subnet_name1
  zone           = "ru-central1-a"
  v4_cidr_blocks = ["10.128.0.0/24"]
  network_id     = yandex_vpc_network.joomla-pg-network.id
}

# Creating a subnet in the ru-central1-b availability zone

resource "yandex_vpc_subnet" "joomla-pg-network-subnet-b" {
  name           = local.subnet_name2
  zone           = "ru-central1-b"
  v4_cidr_blocks = ["10.129.0.0/24"]
  network_id     = yandex_vpc_network.joomla-pg-network.id
}

# Creating a subnet in the ru-central1-d availability zone

resource "yandex_vpc_subnet" "joomla-pg-network-subnet-d" {
  name           = local.subnet_name3
  zone           = "ru-central1-d"
  v4_cidr_blocks = ["10.130.0.0/24"]
  network_id     = yandex_vpc_network.joomla-pg-network.id
}

# Creating a security group for a PostgreSQL database cluster

resource "yandex_vpc_security_group" "pgsql-sg" {
  name       = local.sg_pgsql_name
  network_id = yandex_vpc_network.joomla-pg-network.id

  ingress {
    description    = "PostgreSQL"
    port           = 6432
    protocol       = "TCP"
    v4_cidr_blocks = ["0.0.0.0/0"]
  }
}

# Creating a security group for a VM

resource "yandex_vpc_security_group" "vm-sg" {
  name       = local.sg_vm_name
  network_id = yandex_vpc_network.joomla-pg-network.id

  egress {
    protocol       = "ANY"
    description    = "ANY"
    v4_cidr_blocks = ["0.0.0.0/0"]
    from_port      = 0
    to_port        = 65535
  }

  ingress {
    description    = "HTTP"
    protocol       = "TCP"
    v4_cidr_blocks = ["0.0.0.0/0"]
    port           = 80
  }

  ingress {
    description    = "HTTPS"
    protocol       = "TCP"
    v4_cidr_blocks = ["0.0.0.0/0"]
    port           = 443
  }

  ingress {
    description    = "SSH"
    protocol       = "ANY"
    v4_cidr_blocks = ["0.0.0.0/0"]
    port           = 22
  }
}

# Adding a pre-configured VM image

resource "yandex_compute_image" "joomla-pg-vm-image" {
  source_family = "centos-stream-8"
}

resource "yandex_compute_disk" "boot-disk" {
  name     = "bootvmdisk"
  type     = "network-hdd"
  zone     = "ru-central1-a"
  size     = "10"
  image_id = yandex_compute_image.joomla-pg-vm-image.id
}

# Creating a VM

resource "yandex_compute_instance" "joomla-pg-vm" {
  name               = local.vm_name
  platform_id        = "standard-v3"
  zone               = "ru-central1-a"

  resources {
    cores         = 2
    memory        = 1
    core_fraction = 20
  }

  boot_disk {
    disk_id = yandex_compute_disk.boot-disk.id
  }

  network_interface {
    subnet_id          = yandex_vpc_subnet.joomla-pg-network-subnet-a.id
    nat                = true
    security_group_ids = [ yandex_vpc_security_group.vm-sg.id ]
  }

  metadata = {
    user-data = "#cloud-config\nusers:\n  - name: ${var.vm_user}\n    groups: sudo\n    shell: /bin/bash\n    sudo: 'ALL=(ALL) NOPASSWD:ALL'\n    ssh-authorized-keys:\n      - ${file("${var.ssh_key_path}")}"
  }
}

# Creating a PostgreSQL database cluster

resource "yandex_mdb_postgresql_cluster" "joomla-pg-cluster" {
  name                = local.cluster_name
  environment         = "PRODUCTION"
  network_id          = yandex_vpc_network.joomla-pg-network.id
  security_group_ids  = [ yandex_vpc_security_group.pgsql-sg.id ]

  config {
    version = "14"
    resources {
      resource_preset_id = "b2.medium"
      disk_type_id       = "network-ssd"
      disk_size          = 10
    }
  }

  host {
    zone      = "ru-central1-a"
    subnet_id = yandex_vpc_subnet.joomla-pg-network-subnet-a.id
  }

  host {
    zone      = "ru-central1-b"
    subnet_id = yandex_vpc_subnet.joomla-pg-network-subnet-b.id
  }

  host {
    zone      = "ru-central1-d"
    subnet_id = yandex_vpc_subnet.joomla-pg-network-subnet-d.id
  }
}

# Creating a database

resource "yandex_mdb_postgresql_database" "joomla-pg-tutorial-db" {
  cluster_id = yandex_mdb_postgresql_cluster.joomla-pg-cluster.id
  name       = local.db_name
  owner      = var.db_user
}

# Creating a database user

resource "yandex_mdb_postgresql_user" "joomla-user" {
  cluster_id = yandex_mdb_postgresql_cluster.joomla-pg-cluster.id
  name       = var.db_user
  password   = var.db_password
}

# Creating a DNS zone

resource "yandex_dns_zone" "joomla-pg" {
  name    = local.dns_zone_name
  zone    = var.dns_zone
  public  = true
}

# Creating a type A resource record

resource "yandex_dns_recordset" "joomla-pg-a" {
  zone_id = yandex_dns_zone.joomla-pg.id
  name    = var.dns_recordset_name
  type    = "A"
  ttl     = 600
  data    = [ yandex_compute_instance.joomla-pg-vm.network_interface.0.nat_ip_address ]
}

# Creating a CNAME resource record

resource "yandex_dns_recordset" "joomla-pg-cname" {
  zone_id = yandex_dns_zone.joomla-pg.id
  name    = "www"
  type    = "CNAME"
  ttl     = 600
  data    = [ var.dns_zone ]
}

    3. In the directory, create the joomla-postgresql-terraform.auto.tfvars file with user data:

      joomla-postgresql-terraform.auto.tfvars
      folder_id          = "<folder ID>"
vm_user            = "<VM_username>"
ssh_key_path       = "<path_to_public_SSH_key>"
db_user            = "<database_username>"
db_password        = "<database_password>"
dns_zone           = "<DNS_zone>"
dns_recordset_name = "<DNS_record_name>"

    For more information about the parameters of resources used in Terraform, see the provider documentation:

  3. In the joomla-postgresql-terraform.auto.tfvars file, set the user-defined parameters:

    • folder_id: Folder ID.
    • vm_user: VM username.
    • ssh_key_path: Path to the file with a public SSH key to authenticate the user on the VM. For more information, see Creating an SSH key pair.
    • db_user: Database username, e.g., joomla.
  • db_password: Password for the database. The password must be 8 to 128 characters long.
    • dns_zone: DNS zone. Specify your registered domain, e.g., example.com..
    • dns_recordset_name: Name of the record set, e.g., example-recordset.
      To get access to public zone domain names, you need to delegate the domain. Specify the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net servers in your personal dashboard at your registrar.

  1. Create resources:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

After creating the infrastructure, install Joomla.

Install Joomla and additional components

After the joomla-pg-tutorial-web VM status changes to RUNNING, do the following:

  1. Under Network on the VM page in the management console, find the VM public IP address.

  2. Connect to the VM via SSH. You can use the ssh utility in Linux or macOS, or PuTTY in Windows.

    The recommended authentication method when connecting over SSH is using a key pair. Make sure to configure the generated key pair so that the private key matches the public key sent to the VM.

  3. Download and unpack the Joomla archive:

    sudo mkdir -p /var/www/html/
curl https://downloads.joomla.org/cms/joomla3/3-8-7/Joomla_3-8-7-Stable-Full_Package.tar.gz?format=gz -o Joomla_3-8-7-Stable-Full_Package.tar.gz -L
sudo mv Joomla_3-8-7-Stable-Full_Package.tar.gz /var/www/html/
(cd /var/www/html/ && sudo tar -zxvf Joomla_3-8-7-Stable-Full_Package.tar.gz)
sudo rm /var/www/html/Joomla_3-8-7-Stable-Full_Package.tar.gz
sudo mv /var/www/html/htaccess.txt /var/www/html/.htaccess

  4. Install additional components:

    sudo dnf install epel-release
sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
sudo yum -y install --enablerepo remi-modular httpd php php-pgsql php php-common php-mbstring php-zip php-xml nano wget php-json
sudo dnf module enable postgresql:13
sudo dnf install postgresql-server

  5. Get and configure the SSL certificate:

    sudo mkdir ~apache/.postgresql
sudo wget "https://crls.yandex.net/allCLCAs.pem" -O ~apache/.postgresql/root.crt
sudo chmod 0600 ~apache/.postgresql/root.crt
sudo chown -R apache:apache ~apache/.postgresql

Configure the Apache2 web server

  1. Perform the basic configuration of Apache2:

    sudo chown -R apache /var/www/html/

  2. Specify the virtual host settings in the Apache2 configuration file. You can edit files in the nano editor:

    sudo nano /etc/httpd/conf.d/joomla.conf

    Edit the file as follows:

    <VirtualHost *:80 [::]:80>
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/html/

  <Directory /var/www/html/>
    DirectoryIndex index.php index.html
    DirectorySlash off
    RewriteEngine on
    RewriteBase /
    AllowOverride all
  </Directory>
</VirtualHost>

  3. Restart the web server:

    sudo service httpd restart

  4. Change the settings:

    sudo restorecon -R /var/www/html
sudo setsebool -P httpd_can_network_connect 1

Configure Joomla

Configure Joomla by following this guide on the project website. During the configuration process, you will need the DB connection settings.

  1. Get the addresses of the DB cluster hosts in the management console:

    1. Open the folder where the DB cluster was created and select Managed Service for PostgreSQL.
    2. Select the joomla-pg-tutorial-db-cluster cluster.
    3. Go to the Hosts tab.
    4. In the Host FQDN field, copy the host addresses.

  2. At the Database step, fill in the following fields in the Joomla web installer:

    • Database type: PostgreSQL.

    • DB server name:

      <address_of_host_1>,<address_of_host_2>,<address_of_host_3> port=6432 sslmode=verify-full target_session_attrs=read-write

    • Username: joomla.

    • Password: Enter the DB user's password.

    • DB name: joomla-pg-tutorial-db.

  3. For security reasons, Joomla may ask you to create or delete a special test file. On the VM, go to the /var/www/html/installation folder and create or delete the specified file there.

  4. Create an empty file named configuration.php to safe configuration and configure write permissions for the folder:

    sudo touch /var/www/html/configuration.php
sudo chmod 655 /var/www/html/configuration.php
sudo chown -R apache:apache /var/www/html/
sudo restorecon -R /var/www/html

  5. After the installation is completed, delete the installation directory. This is a Joomla security requirement:

    sudo rm -rf /var/www/html/installation

Upload the website files

  1. Under Network on the VM page in the management console, find the VM public IP address.

  2. Connect to the VM via SSH.

  3. Grant your user write access to the /var/www/html directory:

    sudo chown -R "$USER":apache /var/www/html

  4. Upload the website files to the VM via SCP.

    Use the scp command-line utility:

    scp -r <path_to_file_directory> <VM_username>@<VM_IP_address>:/var/www/html

    Use WinSCP to copy the local file directory to /var/www/html on the VM.

Test the website

To check that the site is up, enter its IP address or domain name in your browser:

  • http://<public_IP_of_VM>
  • http://www.example.com

How to delete the resources you created

To shut down the website and stop paying for the resources you created:

  1. Open the joomla-postgresql-terraform.tf configuration file and delete from it the description of the infrastructure you created.

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

See also

Previous
Management console
Next
Status monitoring of geographically distributed devices