Update 'Apache-Installer.sh'
This commit is contained in:
@@ -58,7 +58,7 @@ systemctl restart apache2
|
||||
|
||||
apt-get install phpmyadmin -y
|
||||
ln -s /usr/share/phpmyadmin /var/www/"$domain"/public_html
|
||||
systemctl restart php7.2-fpm
|
||||
systemctl restart apache2
|
||||
# Redirect phpmyadmin -> database
|
||||
mv /var/www/"$domain"/public_html/phpmyadmin /var/www/"$domain"/public_html/database
|
||||
|
||||
@@ -82,36 +82,45 @@ newaliases
|
||||
# NETDATA #
|
||||
#-------------------#
|
||||
|
||||
bash <(curl -Ss https://my-netdata.io/kickstart.sh)
|
||||
ufw allow 19999/tcp
|
||||
# systemctl stop netdata
|
||||
# systemctl disable netdata
|
||||
if [ $netdata = 1 ]
|
||||
then
|
||||
bash <(curl -Ss https://my-netdata.io/kickstart.sh)
|
||||
ufw allow 19999/tcp
|
||||
# systemctl stop netdata
|
||||
# systemctl disable netdata
|
||||
fi
|
||||
|
||||
#-------------------#
|
||||
# MEMCACHED #
|
||||
# 127.0.0.1:11211 #
|
||||
#-------------------#
|
||||
|
||||
#apt-get install memcached -y
|
||||
#systemctl restart memcached
|
||||
# systemctl stop memcached
|
||||
# systemctl disable memcached
|
||||
if [ $memcached = 1 ]
|
||||
then
|
||||
apt-get install memcached -y
|
||||
systemctl restart memcached
|
||||
# systemctl stop memcached
|
||||
# systemctl disable memcached
|
||||
fi
|
||||
|
||||
#-------------------#
|
||||
# REDIS #
|
||||
# 127.0.0.1:6379 #
|
||||
#-------------------#
|
||||
|
||||
#apt install redis-server -y
|
||||
#sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
|
||||
#sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
|
||||
#sed -i 's/# requirepass foobared/requirepass '$passwd'/g' /etc/redis/redis.conf
|
||||
#systemctl restart redis
|
||||
#systemctl restart redis.service
|
||||
# systemctl stop redis
|
||||
# systemctl stop redis.service
|
||||
# systemctl disable redis
|
||||
# systemctl disable redis.service
|
||||
if [ $redis = 1 ]
|
||||
then
|
||||
apt install redis-server -y
|
||||
sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
|
||||
sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
|
||||
sed -i 's/# requirepass foobared/requirepass '$passwd'/g' /etc/redis/redis.conf
|
||||
systemctl restart redis
|
||||
systemctl restart redis.service
|
||||
# systemctl stop redis
|
||||
# systemctl stop redis.service
|
||||
# systemctl disable redis
|
||||
# systemctl disable redis.service
|
||||
fi
|
||||
|
||||
#-------------------#
|
||||
# CERTBOT #
|
||||
@@ -119,7 +128,10 @@ ufw allow 19999/tcp
|
||||
|
||||
add-apt-repository ppa:certbot/certbot
|
||||
apt install python-certbot-apache -y
|
||||
ufw allow 443/tcp
|
||||
#certbot --apache -d $domain -d www.$domain
|
||||
#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/apache2/sites-available/"$domain"
|
||||
#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/apache2/sites-available/"$domain"
|
||||
#sed -i 's#include /etc/letsencrypt/options-ssl-apache.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/apache2/sites-available/"$domain"
|
||||
|
||||
#-------------------#
|
||||
# PHP.ini #
|
||||
@@ -134,67 +146,25 @@ sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/7.2/a
|
||||
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/7.2/apache2/php.ini
|
||||
systemctl restart apache2
|
||||
|
||||
#-------------------#
|
||||
# MYSQL SETTINGS #
|
||||
#-------------------#
|
||||
|
||||
rm /etc/mysql/my.cnf
|
||||
cat > /etc/mysql/my.cnf <<- "EOF"
|
||||
# - "/etc/mysql/my.cnf" to set global options,
|
||||
[mysqld_safe]
|
||||
socket = /var/run/mysqld/mysqld.sock
|
||||
nice = 0
|
||||
|
||||
[mysqld]
|
||||
user = mysql
|
||||
pid-file = /var/run/mysqld/mysqld.pid
|
||||
socket = /var/run/mysqld/mysqld.sock
|
||||
port = 3306
|
||||
basedir = /usr
|
||||
datadir = /var/lib/mysql
|
||||
tmpdir = /tmp
|
||||
lc-messages-dir = /usr/share/mysql
|
||||
skip-external-locking
|
||||
|
||||
innodb_buffer_pool_size = 1G # (adjust value here, 50%-70% of total RAM)
|
||||
innodb_log_file_size = 256M
|
||||
innodb_flush_log_at_trx_commit = 1 # may change to 2 or 0
|
||||
innodb_flush_method = O_DIRECT
|
||||
bind-address = 127.0.0.1
|
||||
key_buffer_size = 16M
|
||||
max_allowed_packet = 16M
|
||||
thread_stack = 192K
|
||||
thread_cache_size = 8
|
||||
myisam-recover-options = BACKUP
|
||||
#max_connections = 100
|
||||
#table_open_cache = 64
|
||||
#thread_concurrency = 10
|
||||
query_cache_limit = 1M
|
||||
query_cache_size = 16M
|
||||
log_error = /var/log/mysql/error.log
|
||||
expire_logs_days = 10
|
||||
max_binlog_size = 100M
|
||||
EOF
|
||||
|
||||
#-------------------#
|
||||
# WP - INSTALL #
|
||||
#-------------------#
|
||||
|
||||
db_name="wp_1"
|
||||
db_user="wp_1"
|
||||
db_pass=$(date +%s|sha256sum|base64|head -c 32)
|
||||
mysql -u root -p"$passwd" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
|
||||
mysql -u root -p"$passwd" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
|
||||
mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;"
|
||||
cd /tmp
|
||||
curl -LO https://wordpress.org/latest.tar.gz
|
||||
tar xzvf latest.tar.gz
|
||||
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
|
||||
path="$domain"
|
||||
cp -a /tmp/wordpress/. /var/www/"$path"/public_html
|
||||
chown -R www-data:www-data /var/www/"$path"/public_html
|
||||
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
|
||||
cat <<EOF > /var/www/"$domain"/public_html/wp-config.php
|
||||
if [$wordpress = 1]
|
||||
then
|
||||
db_name="wp_1"
|
||||
db_user="wp_1"
|
||||
db_pass=$(date +%s|sha256sum|base64|head -c 32)
|
||||
mysql -u root -p"$passwd" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
|
||||
mysql -u root -p"$passwd" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
|
||||
mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;"
|
||||
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
|
||||
tar xzvf /tmp/wp.tar.gz /tmp
|
||||
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
|
||||
cp -a /tmp/wordpress/. /var/www/"$domain"/public_html
|
||||
chown -R www-data:www-data /var/www/"$domain"/public_html
|
||||
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
|
||||
cat <<EOF > /var/www/"$domain"/public_html/wp-config.php
|
||||
<?php
|
||||
define('DB_NAME', '$db_name');
|
||||
define('DB_USER', '$db_user');
|
||||
@@ -235,19 +205,7 @@ if ( !defined('ABSPATH') )
|
||||
#define('WP_REDIS_PORT', '6379');
|
||||
require_once(ABSPATH . 'wp-settings.php');
|
||||
EOF
|
||||
|
||||
#-------------------#
|
||||
# SSL & HTTP/2 #
|
||||
#-------------------#
|
||||
|
||||
#certbot --apache -d $domain -d www.$domain
|
||||
#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/apache2/sites-available/"$domain"
|
||||
#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/apache2/sites-available/"$domain"
|
||||
#sed -i 's#include /etc/letsencrypt/options-ssl-apache.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/apache2/sites-available/"$domain"
|
||||
#check certbot auto-renewal -> certbot renew --dry-run
|
||||
|
||||
|
||||
|
||||
fi
|
||||
#Edit voor https, voeg het volgende toe aan $domain-le-ssl.conf tussen DocumentRoot en ErrorLog
|
||||
#<Directory "/var/www/videoguard.ictmaatwerk.com/public_html">
|
||||
# Options FollowSymLinks
|
||||
Reference in New Issue
Block a user