This is a fully automated Bash script that deploys a production-ready WordPress 6.8.2 instance on OpenIndiana (illumos) using native packaging and SMF services.
Since there is very little documentation or tooling for WordPress on OpenIndiana, I thought this script could be useful to others.
Pre-checks
- Verifies internet connectivity, DNS, and access to wordpress.org
System packages
- Installs Apache 2.4, PHP 8.4 (FPM), and MariaDB 11.4 via pkg
MariaDB setup
- Starts the service, waits for the socket
- Creates a random database, user, and password
- Restricts MariaDB to local socket access only (no TCP listening)
WordPress installation
- Downloads and unpacks the latest WordPress release
- Sets proper file ownership/permissions for webservd
- Generates a wp-config.php outside of DocumentRoot with:
Random DB creds & table prefix
WordPress salts automatically fetched
Forced HTTPS and FS_METHOD=direct
GD as default image editor (Imagick unavailable on OI)
Apache + TLS + WAF
- Generates a self-signed TLS cert with SAN for IPv4 and localhost
- Provides hardened Apache configs (conf.d/) for:
HTTPS redirect, SSL settings, PHP-FPM proxy
Caching rules, headers, and basic WordPress hardening
WAF (ModSecurity + OWASP CRS v4.18.0 + WordPress Plugin 1.1.0)
PHP
- Creates a MU plugin to bypass the "missing extensions" nag in Site Health (just for imagick)
Services
- Enables PHP-FPM and Apache via SMF
Summary
- Displays all generated credentials (DB, WordPress admin example)
Usage
Just run the script as root on a fresh OpenIndiana system (min or Text etc.)
You still need to reconfigure TLS (this script only sets up a self-signed certificate) according to your domain, and possibly reopen MariaDB connections if you need monitoring.
And of course, set up your firewall and additional security modules.
Here it is : https://git.asdf.cafe/majekla/OpenIndiana/raw/branch/master/wp_oi.sh
Good Luck everyone !
