Work_Archive/VPS-scripts_Ubuntu-Cockpit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Update 'Master-Installer.sh'

Browse Source
This commit is contained in:
bprieshof
2018-09-27 10:28:16 +00:00
parent 255e23048f
commit cb69e6e14e
1 changed files with 79 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
Master-Installer.sh
View File

@@ -8,16 +8,92 @@
# #
##============================================================= ##=============================================================
#install Software #!/bin/bash
###============================================================
## Ubuntu 18.04 Master Installer
###============================================================
## Zet comments hieronder:
#
#
#
##=============================================================
#install Cockpit Base
apt install cockpit cockpit-packagekit -y apt install cockpit cockpit-packagekit -y
#Login Limiter #Login Limiter
sed -i '/pam_sepermit.so/ i auth required pam_tally.so silent deny=4 unlock_time=90' /etc/pam.d/cockpit sed -i '/pam_sepermit.so/ i auth required pam_tally.so silent deny=4 unlock_time=90' /etc/pam.d/cockpit
sed -i '/pam_shells.so/ i account required pam_tally2.so' /etc/pam.d/cockpit sed -i '/pam_shells.so/ i account required pam_tally2.so' /etc/pam.d/cockpit
systemctl restart cockpit systemctl restart cockpit
ufw enable ufw enable
ufw default deny incoming ufw default deny incoming
ufw default allow outgoing ufw default allow outgoing
ufw allow ssh ufw limit ssh
ufw allow 9090/tcp
Echo Welke webserver
PS3='Keuze:'
options=("Nginx-RevProx" "Cockpit-Eigen" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Nginx-RevProx")
echo Geef domein op
read domain
apt install nginx python-certbot-nginx -y
mkdir -p /var/www/"$domain"
chown nginx:nginx /var/www/"$domain"
cat <<EOF > /etc/nginx/sites-enabled/git
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream websocket {
server 127.0.0.1:9090;
}
server {
listen 80
server_name "$domain";
location / {
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
# needed for websocket
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# change scheme of "Origin" to http
proxy_set_header Origin http://$host;
# Pass ETag header from cockpit to clients.
# See: https://github.com/cockpit-project/cockpit/issues/5239
gzip off;
}
location /.well-known {
alias /var/www/"$domain"/.well-known;
}
}
EOF
systemctl restart nginx
certbot --nginx -d "$domain" --register-unsafely-without-email --agree-tos
ufw allow 80/tcp
ufw allow 443/tcp
ufw reload
break;;
"Cockpit-Eigen")
ufw allow 9090/tcp
"Quit")
exit;;
*) echo "Fout commando $REPLY";;
esac
done
ufw limit ssh
ufw reload ufw reload