Hands of Destiny - Lightsail Instance Guide

Overview

handsofdestiny.com.au runs on a dedicated AWS Lightsail instance because it was too resource-intensive for shared WHM/cPanel hosting and DigitalOcean App Platform.

Instance Details

AWS Lightsail

• Instance Name: HandsofDestiny-2GB
• Region: ap-southeast-2 (Sydney, Zone A)
• Instance Type: General purpose
• Public IP: 52.64.166.170
• Private IP: 172.26.10.214
• IPv6: 2406:da1c:d2f:d800:b691:8824:9b2e:55f0
• Status: Running

WordPress Configuration

• Admin Username: user
• Admin Password: 34QbQ8t=MJdC (retrieve via: cat bitnami_application_password)
• Platform: Bitnami WordPress stack

SSH Access

Using Lightsail Connect Script

# Create the connection script (one-time setup)
cat <<'EOT' >~/lightsail_connect
 
set -eu -o pipefail
 
instance=$1
 
giad=$(aws lightsail get-instance-access-details --protocol ssh --instance-name $instance | jq '.accessDetails')
userhost=$(jq -r '.ipAddress' <<<$giad)
username=$(jq -r '.username' <<<$giad)
 
work_dir=$(mktemp -d)
trap "{ rm -rf $work_dir; }" EXIT
 
kh_lines=$(jq -r --arg arg_host $userhost '.hostKeys[] | $arg_host+" "+.algorithm+" "+.publicKey' <<<$giad)
while read kh_line; do
  echo "$kh_line" >> $work_dir/hostkeys
done <<<"$kh_lines"
 
jq -r '.certKey'    <<<$giad > "$work_dir/key-cert.pub"
jq -r '.privateKey' <<<$giad > "$work_dir/key"
chmod 600 "$work_dir/key"
 
shift
ssh \
  -o StrictHostKeyChecking=yes \
  -o UserKnownHostsFile=$work_dir/hostkeys \
  -i $work_dir/key \
  $username@$userhost \
  $@
EOT
 
chmod +x ~/lightsail_connect

Connect to Instance

# Basic connection
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB
 
# Run a command
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "ls -la /opt/bitnami/wordpress"
 
# Get WordPress admin password
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "cat bitnami_application_password"

Backup WordPress to GitHub

Step 1: Create Tarball of WordPress Files

AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB << 'EOF'
cd /opt/bitnami/wordpress
sudo tar -czf /tmp/handsofd-wordpress.tar.gz \
  --exclude='wp-content/cache/*' \
  --exclude='wp-content/upgrade/*' \
  --exclude='.htaccess' \
  .
sudo chown bitnami:bitnami /tmp/handsofd-wordpress.tar.gz
echo "Tarball created at /tmp/handsofd-wordpress.tar.gz"
ls -lh /tmp/handsofd-wordpress.tar.gz
EOF

Step 2: Download Tarball

# Create temporary directory
TEMP_DIR=$(mktemp -d)
cd $TEMP_DIR
 
# Download the tarball from Lightsail
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "cat /tmp/handsofd-wordpress.tar.gz" > handsofd-wordpress.tar.gz
 
# Verify download
ls -lh handsofd-wordpress.tar.gz
tar -tzf handsofd-wordpress.tar.gz | head -20

Step 3: Extract and Prepare for GitHub

# Extract files
mkdir handsofd-wordpress
cd handsofd-wordpress
tar -xzf ../handsofd-wordpress.tar.gz
 
# Clone the GitHub repo
cd /tmp/wordpress-repos
git clone https://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@github.com/Independent-Business-Group/wordpress-handsofd.git
 
# Clear repo (keep .git)
cd wordpress-handsofd
find . -mindepth 1 -maxdepth 1 ! -name '.git' -exec rm -rf {} +
 
# Copy WordPress files from tarball
cp -r $TEMP_DIR/handsofd-wordpress/* .
 
# Add .gitignore for WordPress
cat > .gitignore << 'GITIGNORE'
# WordPress
wp-config.php
.htaccess
.htpasswd
 
# WordPress cache and temp
wp-content/cache/
wp-content/upgrade/
wp-content/backups/
*.log
 
# Environment
.env
.env.local
 
# OS files
.DS_Store
Thumbs.db
GITIGNORE
 
# Commit and push
git add .
git commit -m "Backup WordPress files from Lightsail instance
 
- Instance: HandsofDestiny-2GB (52.64.166.170)
- Date: $(date -u +%Y-%m-%d)
- Bitnami WordPress stack
- Excludes: cache, upgrades, wp-config.php"
 
git push origin main

Step 4: Backup Database

# Export database from Lightsail
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB << 'EOF'
# Get database credentials from wp-config.php
DB_NAME=$(grep "DB_NAME" /opt/bitnami/wordpress/wp-config.php | cut -d "'" -f 4)
DB_USER=$(grep "DB_USER" /opt/bitnami/wordpress/wp-config.php | cut -d "'" -f 4)
DB_PASSWORD=$(grep "DB_PASSWORD" /opt/bitnami/wordpress/wp-config.php | cut -d "'" -f 4)
 
# Export database
mysqldump -u $DB_USER -p$DB_PASSWORD $DB_NAME > /tmp/handsofd-database.sql
gzip /tmp/handsofd-database.sql
 
echo "Database backup created at /tmp/handsofd-database.sql.gz"
ls -lh /tmp/handsofd-database.sql.gz
EOF
 
# Download database backup
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "cat /tmp/handsofd-database.sql.gz" > /tmp/handsofd-database.sql.gz
 
# Store in devops repo (DO NOT commit to public GitHub!)
mv /tmp/handsofd-database.sql.gz ~/Documents/IBG_HUB/rmm-psa-devops/backups/

Ongoing Maintenance

Update WordPress on Lightsail

AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB << 'EOF'
cd /opt/bitnami/wordpress
sudo chown -R bitnami:daemon .
wp core update
wp plugin update --all
wp theme update --all
EOF

Monitor Resources

AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "htop"

Check Disk Usage

AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "df -h"

View Error Logs

AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "sudo tail -f /opt/bitnami/apache/logs/error_log"

Migration Considerations

If Moving Back to Shared Hosting

• Export database
• Package WordPress files
• Update DNS to new server
• Import database and files to new hosting

If Moving to DigitalOcean

• Create larger App Platform instance (Professional tier)
• Or use Droplet with similar specs
• Migrate database to DO MySQL cluster
• Update wp-config.php for new database credentials

Security Notes

1. Firewall: Ensure Lightsail firewall allows only:
   • Port 22 (SSH) from trusted IPs only
   • Port 80/443 (HTTP/HTTPS) from anywhere
2. WordPress Security:
   • Keep WordPress core, plugins, and themes updated
   • Use strong admin password (already set)
   • Consider installing Wordfence or similar security plugin
3. Backups:
   • Enable Lightsail automatic snapshots
   • Create manual snapshots before major updates
   • Store database backups externally (DO Spaces or S3)

Related Files

• GitHub Repo: https://github.com/Independent-Business-Group/wordpress-handsofd
• Database: Uses local MySQL on Lightsail instance (not DO MySQL cluster)
• Credentials: This file (keep secure, do not commit to public repos)

---

Quick Reference

# Connect to instance
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB
 
# Check WordPress version
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "wp core version --path=/opt/bitnami/wordpress"
 
# List plugins
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "wp plugin list --path=/opt/bitnami/wordpress"
 
# Check site health
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "curl -I localhost"
 
# View recent access logs
AWS_REGION=ap-southeast-2 ~/lightsail_connect HandsofDestiny-2GB "sudo tail -100 /opt/bitnami/apache/logs/access_log"