SysOps Admin — WordPress on Ubuntu (LEMP) with TLS, security baseline & automated backups
This project demonstrates a production-style WordPress deployment on a single Ubuntu VM: Nginx (name-based vHosts), PHP-FPM, MariaDB (least privilege), Let’s Encrypt TLS, hardened access (public web only; admin via private network), and automated backups (files + DB + configs/logs) scheduled via cron.
The WordPress site also includes a minimal “SysOps Overview” dashboard (MU-plugin + shortcode) that exposes key operational evidence (vHosts, log paths, DB connectivity, backup marker) without modifying the theme.
What’s deployed (high level):
- Two Nginx vHosts on one VM (name-based virtual hosting via
Host:header) - WordPress (LEMP): Nginx + PHP-FPM + MariaDB (local-only DB access)
- TLS via Let’s Encrypt (Certbot) for HTTPS
- Security baseline: only 80/443 public; SSH restricted to private admin network
- Automated backups: WP files + DB dump + configs/logs + TLS files (cron-scheduled)
- Evidence inside WP: MU-plugin “SysOps Overview” page via shortcode
Repository (sanitized, no secrets):https://github.com/mayinx/sysopsadmin-wp-evidence
Legal: Please see the Imprint / Impressum page for owner/contact information.