From e2a2e8127cc02d1589b0bebd09aa81fc0c645376 Mon Sep 17 00:00:00 2001
From: tbergervoet <t.bergervoet@ictmaatwerk.com>
Date: Tue, 16 Oct 2018 13:40:52 +0200
Subject: [PATCH] Update 'installer.sh'

---
 installer.sh | 153 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 150 insertions(+), 3 deletions(-)

diff --git a/installer.sh b/installer.sh
index f426e9a..6ddf351 100644
--- a/installer.sh
+++ b/installer.sh
@@ -1,6 +1,17 @@
-##------------##
-#    Vragen    #
-##------------##
+#!/bin/bash
+###============================================================
+##      Ubuntu 18.04 VestaCP Installer
+###============================================================
+## Zet comments hieronder:
+#
+#
+#
+##=============================================================
+
+##----------##
+#    Menu    #
+##----------##
+
 echo "Ubuntu 18.04 VestaCP install"
 echo "Welk domein (zonder WWW) mag gekoppeld worden?"
 read domain
@@ -76,6 +87,142 @@ do
     esac
 done
 
+while true; do
+    read -p "Installeer Netdata -> yes/no?" yn
+    case $yn in
+        [Yy]* ) netdata=1
+        break;;
+        [Nn]* ) netdata=0
+        break;;
+        * ) echo "Kies yes of no.";;
+    esac
+done
+
+while true; do
+    read -p "Installeer Wordpress -> yes/no?" yn
+    case $yn in
+        [Yy]* ) wordpress=1
+        break;;
+        [Nn]* ) wordpress=0
+        break;;
+        * ) echo "Kies yes of no.";;
+    esac
+done
+
 cd /tmp
 curl -O http://vestacp.com/pub/vst-install.sh
 bash vst-install.sh "$webserver" --named no --remi yes "$ftp" --iptables yes --fail2ban yes --quota no "$mail" --softaculous no --mysql yes --postgresql no --hostname "$domain" --email "$email" --password "$passwd" --interactive yes
+
+##-------------##
+#    Certbot    #
+##-------------##
+
+case $webserver in
+    "NGINX+PHP-FPM")
+        certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
+        sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
+        sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
+        sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
+        break;;
+    "NGINX+apache")
+        certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
+        sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
+        sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
+        sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
+        break;;
+    "Apache")
+        certbot --apache -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
+        break;;
+esac
+
+cp /etc/letsencrypt/live/"$domain"/cert.pem /usr/local/vesta/ssl/certificate.crt
+cp /etc/letsencrypt/live/"$domain"/privkey.pem /usr/local/vesta/ssl/certificate.key
+service vesta restart
+
+##-------------##
+#    Netdata    #
+##-------------##
+
+if [ $netdata = 1 ]
+    then
+    apt install -y netdata
+    sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
+    iptables -I INPUT -p tcp --dport 19999 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
+    # systemctl stop netdata
+    # systemctl disable netdata
+fi
+
+##---------------##
+#    Wordpress    #
+##---------------##
+
+if [ $wordpress = 1 ]; then
+    db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
+    db_name="wp_$db_suffix"
+    db_user="wp_$db_suffix"
+    db_pass=$(date +%s|sha256sum|base64|head -c 32)
+    mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
+    mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
+    mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
+    wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
+    tar xzvf /tmp/wp.tar.gz -C /tmp
+    mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
+    cp -a /tmp/wordpress/. /var/www/"$domain"/html
+    WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
+cat <<EOF > /var/www/"$domain"/html/wp-config.php
+<?php
+define('DB_NAME', '$db_name');
+define('DB_USER', '$db_user');
+define('DB_PASSWORD', '$db_pass');
+define('DB_HOST', 'localhost');
+define('DB_CHARSET', 'utf8');
+define('DB_COLLATE', '');
+#define( 'WP_SITEURL', '' );
+#define( 'WP_HOME', '' );
+#define( 'ALTERNATE_WP_CRON', true );
+#define('DISABLE_WP_CRON', 'true');
+#define('WP_CRON_LOCK_TIMEOUT', 900);
+#define('AUTOSAVE_INTERVAL', 300);
+define( 'WP_MEMORY_LIMIT', '256M' );
+define( 'DISALLOW_FILE_EDIT', true );
+#define( 'EMPTY_TRASH_DAYS', 7 );
+define( 'NOBLOGREDIRECT', 'https://$domain' );
+#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
+#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
+#define( 'WP_ALLOW_REPAIR', true );
+#define( 'FORCE_SSL_ADMIN', true );
+#define( 'AUTOMATIC_UPDATER_DISABLED', true );
+#define( 'WP_AUTO_UPDATE_CORE', false );
+$WPSalts
+\$table_prefix = '$db_name';
+
+define('WP_DEBUG', false);
+if ( !defined('ABSPATH') )
+	define('ABSPATH', dirname(__FILE__) . '/');
+
+#\$memcached_servers = array(
+#    'default' => array(
+#        '127.0.0.1:11211'
+#    )
+#);
+#define('WP_REDIS_HOST', '127.0.0.1');
+#define('WP_REDIS_PASSWORD', '$password');
+#define('WP_REDIS_PORT', '6379');
+require_once(ABSPATH . 'wp-settings.php');
+EOF
+fi
+
+##-----------------##
+#    Opcache GUI    #
+##-----------------##
+
+#wget https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php -O /var/www/"$domain"/html/opcache.php
+
+##--------------##
+#    Info.php    #
+##--------------##
+
+#cat > /var/www/"$domain"/html/info.php <<- "EOF"
+#<?php
+#phpinfo();
+#EOF
\ No newline at end of file