Two bugs found:
1. wp-config-docker.php was being copied to /usr/src/wordpress/wp-config-docker.php,
REPLACING the official WordPress config template. Our file only had security
hardening settings (DISALLOW_FILE_EDIT, etc.) but no DB constants, auth keys,
or table prefix. The generated wp-config.php had zero database configuration,
so WordPress could never connect.
Fix: Copy our config to /usr/src/websitebox-config.php instead, and load it
via WORDPRESS_CONFIG_EXTRA=require_once in docker-compose.yml.
2. .user.ini set auto_prepend_file=wordfence-waf.php, but the file didn't exist
until Wordfence plugin was installed. Every PHP request during initial setup
returned a 500 fatal error.
Fix: Add a stub wordfence-waf.php placeholder in the Docker image that gets
copied with WordPress files. Wordfence replaces it during plugin activation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- websitebox up now includes --build flag to always rebuild images,
fixing Docker cache serving stale containers after code updates
- setup.sh launch command updated to source ~/.bashrc first
- guide.md: added step roadmap table with time estimates
- guide.md: added time estimates to all step headers
- guide.md: updated Launch step to use websitebox shortcut with
source ~/.bashrc, added command reference table
- guide.md: updated all troubleshooting commands to use websitebox
shortcut instead of cd + docker compose
- guide.md: added 'websitebox: command not found' troubleshooting
- guide.md: updated setup wizard terminal example to match current
colored output format
- guide.md: added container build step to launch explanation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
If a previous certbot run created live/archive/renewal dirs but
failed to complete, the next attempt would choke on the existing
'live directory'. Now cleans these before each attempt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- 'websitebox up' now automatically runs 'docker compose up -d'
- 'websitebox logs' now automatically runs 'docker compose logs -f'
- All other commands pass through unchanged
- Added 'source ~/.bashrc' instruction at end of installer so the
command works immediately without logout/login
- Updated tips and setup summary to show simplified commands
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The 'healthcheck --su-mysql' binary isn't reliably available in
newer MariaDB images. Switch to 'mariadb-admin ping' which is
always present. Also add start_period and increase retries for
slow first-boot initialization on small VPS instances.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Installs a shell function in .bashrc/.zshrc that auto-cds into the
project directory, so users can run 'websitebox up -d' from anywhere
instead of remembering to cd first. Shows usage examples in the
installer's closing output. Setup summary updated to use the shortcut.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Users copying the command from the summary were running it from
their home directory, causing 'no configuration file provided'.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Config option labels (domain, email, etc.) shown in bold blue
- Errors in red, warnings in yellow, success checkmarks in green
- Password field: note that input won't appear on screen
- SMTP prompt: "if you don't know what this is, press Enter to skip"
- Summary next steps: detailed A record fields (Type, Name, Value, TTL)
with explanations, dig command with success/failure examples,
"copy this command into the server terminal" instead of "run"
- Matching color scheme with install.sh (header, section, etc.)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The exec < /dev/tty approach silently killed the script under set -e
if /dev/tty wasn't accessible. Replace with surgical redirects on
just the interactive reads and setup.sh invocation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When piped through curl, stdin is the download stream, not the
terminal. This caused setup wizard prompts to read empty input
(the 'rogue enter' bug). Fix: reopen stdin from /dev/tty before
any interactive prompts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Color system: green checkmarks for success, orange bold for info/hints,
cyan section headers, bold white title headers, yellow warnings, red
errors. Rolling progress preview lines shown in dim. UFW "Rules updated"
noise suppressed.
Updated all repository URLs from github.com/websitebox/websitebox to
git.constantprojects.xyz/tankadmin/websitebox across install.sh,
guide.md, and README.md.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Long-running apt commands now show a live 4-line preview window that
overwrites in place using terminal escape codes. Users see what's
happening without the screen flooding with package manager output.
Preview auto-clears when each step completes.
Also fixes: duplicate else branch in Docker if/else block,
adds DEBIAN_FRONTEND=noninteractive and --force-confold to prevent
interactive dpkg prompts (sshd_config, etc).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds --force-confold to prevent interactive dpkg prompts (e.g.
sshd_config) that would block unattended installation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Each major install step now shows what it does and how long to expect:
- System update: 2-10 min on fresh servers
- Security tools: under a minute
- Docker: 1-3 min (largest download)
- Clone: a few seconds
Updated guide.md terminal output to match.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add itemized cost breakdown in intro step
- Explain "root" before SSH step, recommend password managers
- Add VPS web console fallback tip
- Explain what ssh root@IP means inline
- Explain what curl | bash does with link to source code
- Add registrar-specific DNS navigation instructions
- Add www CNAME record tip
- Add dig/dnsutils install hint
- Expand dpkg pink/purple screen guidance
- Add SSH reconnection tip if connection drops during install
- Fix "Going Further" to reference automated (not manual) security setup
- Improve password storage callout with Bitwarden/1Password links
- Add SMTP pricing details for email services
- Describe WordPress dashboard sidebar layout
- Explain Ctrl+C key combo for beginners
- Add SSH timeout troubleshooting with web console reference
- Add GitHub issues link for getting help
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move firewall (UFW), fail2ban, auto-updates, and Docker log rotation
from manual guide steps into install.sh automation. Update guide.md
to describe the automated process instead of manual commands.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
In the "Secure Your Server" guide step:
- Install unattended-upgrades for automatic OS security patches
- dpkg-reconfigure to enable daily auto-updates
- Callout explaining auto-updates won't touch Docker/WordPress
- Create /etc/docker/daemon.json with log rotation (10MB max,
3 files per container) before Docker is installed
- mkdir -p to handle pre-Docker directory creation
- Harmless docker restart with || true fallback
- Updated intro text to reflect four setup concerns
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New "Secure Your Server" step between connecting and installing:
- apt update/upgrade for security patches
- UFW firewall: allow SSH, HTTP, HTTPS only
- fail2ban: brute-force SSH protection
- Clear danger callout about SSH lockout risk
- Expected terminal output for verification
- Plain-English explanations of what each command does
- Updated "Going Further" to reference earlier security setup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Any change that alters user-facing flow must also be reflected in
guide.md. This ensures the beginner deployment guide stays accurate
as the codebase evolves.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix all step number references to use descriptive names instead
(step numbering shifts when steps are added/removed)
- Add WordPress.org vs WordPress.com explainer callout
- Fix Age Gate link to wordpress.org plugin directory
- Explain ./ prefix for running scripts
- Add popular SMTP relay services (Mailgun, SendGrid, Amazon SES)
- Break down nuclear option commands line by line
- Add server security tip (SSH keys) in Going Further
- Add WordPress block editor guide link
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add "What You're Building" intro step explaining WordPress and
what users will end up with, plus a pre-flight checklist
- Add Debian 12 to supported OS choices
- Fix broken Porkbun registrar link
- Explain terminal concepts: cd, ~, dig +short
- Break down intimidating password reset command with worked example
- Add "Going Further" step with next ideas (offsite backups, contact
forms, SEO, CDN, learning resources)
- Add "what does success look like" description after first visit
- Clarify SSH reconnection instructions in maintenance section
- Add dig fallback for systems without dig installed
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add detailed explanations of every concept (VPS, SSH, DNS, Docker)
- Add hyperlinks to all external tools and services
- Expand setup wizard walkthrough with full terminal output example
- Add concrete examples for each wizard prompt
- Add tips for common gotchas (paste shortcuts, invisible passwords, etc.)
- Expand troubleshooting with worked examples
- Add plugin descriptions and links (Wordfence, UpdraftPlus, Age Gate)
- Add healthcheck expected output example
- Add monthly maintenance recommendation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Create guide.md: step-by-step deployment guide in ProjectPublic
markup format, written for non-technical users
- Add guide-format.txt: markup syntax reference
- Fix README.md: remove references to deleted templates/ and parts/
directories in theme tree listing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
