Update 'RevProxyAdvanced.sh'

2018-10-05 14:52:48 +02:00
parent cc2f488498
commit fb7d6d4553
1 changed files with 45 additions and 33 deletions
--- a/RevProxyAdvanced.sh
+++ b/RevProxyAdvanced.sh
@@ -133,6 +133,8 @@ rm /etc/nginx/sites-enabled/default
 if [ $domain_setup = 1 ]; then
 cat <<EOF > /etc/nginx/sites-available/"$domain"
 #netdata placeholder
 server {
    listen 80;
@@ -141,6 +143,8 @@ server {
    server_name $domain www.$domain;
    #netdata here
    location / {
        proxy_pass http://$server_ip:8080;
        proxy_set_header X-Real-IP  \$remote_addr;
@@ -172,13 +176,18 @@ fi
 if [ $domain_setup = 2 ]; then
 cat <<EOF > /etc/nginx/sites-available/"$domain"
 #netdata placeholder
 server {
    listen 80 default_server;
    root /var/www/$domain/html;
    index index.php index.html index.htm;
-    server_name example.com www.example.com;
+    server_name $domain www.$domain;
    #netdata here
    location / {
        try_files \$uri \$uri/ /index.php;
    }
@@ -217,10 +226,10 @@ mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FR
 ##-------------##
 apt install -y python-certbot-nginx
-#certbot --nginx -d "$domain" -d "www.$domain"
+certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
-#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
+sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
-#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
+sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
-#sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
+sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
 ##---------##
 #    PHP    #
@@ -235,6 +244,8 @@ sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=500
 sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.2/apache2/php.ini
 sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/7.2/apache2/php.ini
 sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/7.2/apache2/php.ini
 sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' /etc/php/7.2/fpm/php.ini
 sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/7.2/fpm/php.ini
 ##----------------##
 #    PHPMyAdmin    #
@@ -246,10 +257,8 @@ debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $pas
 debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
 debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect"
 apt install -y phpmyadmin
 ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/phpmyadmin
 # Redirect phpmyadmin -> database
-mv /var/www/"$domain"/html/phpmyadmin /var/www/"$domain"/html/database
+ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/database
 #a2disconf phpmyadmin.conf
 ##-------------##
 #    Postfix    #
@@ -273,11 +282,13 @@ newaliases
 ##-------------##
 if [ $netdata = 1 ]; then
-apt install -y netdata
+    apt install -y netdata
-sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
+    sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
-ufw allow 19999/tcp
+    ufw allow 19999/tcp
-# systemctl stop netdata
+    sed -i 's+#netdata placeholder+upstream netdata {\n    server 127.0.0.1:19999;\n    keepalive 64;\n}+g'
-# systemctl disable netdata
+    sed -i 's+#netdata here+location = /netdata {\n        return 301 /netdata/;\n    }\n\n    location ~ /netdata/(?<ndpath>.*) {\n        proxy_redirect off;\n        proxy_set_header Host \$host;\n        proxy_set_header X-Forwarded-Host \$host;\n        proxy_set_header X-Forwarded-Server \$host;\n        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\n        proxy_http_version 1.1;\n        proxy_pass_request_headers on;\n        proxy_set_header Connection "keep-alive";\n        proxy_store off;\n        proxy_pass http://netdata/\$ndpath\$is_args\$args;\n    }+g' /etc/nginx/sites-available/"$domain"
    # systemctl stop netdata
    # systemctl disable netdata
 fi
@@ -286,9 +297,9 @@ fi
 ##---------------##
 if [ $memcached = 1 ]; then
-apt install -y memcached
+    apt install -y memcached
-# systemctl stop memcached
+    # systemctl stop memcached
-# systemctl disable memcached
+    # systemctl disable memcached
 fi
 ##-----------##
@@ -296,12 +307,12 @@ fi
 ##-----------##
 if [ $redis = 1 ]; then
-apt install -y redis-server
+    apt install -y redis-server
-sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
+    sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
-sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
+    sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
-sed -i 's/# requirepass foobared/requirepass '$password'/g' /etc/redis/redis.conf
+    sed -i 's/# requirepass foobared/requirepass '$password'/g' /etc/redis/redis.conf
-# systemctl stop redis
+    # systemctl stop redis
-# systemctl disable redis
+    # systemctl disable redis
 fi
 ##---------------##
@@ -309,17 +320,18 @@ fi
 ##---------------##
 if [ $wordpress = 1 ]; then
-db_name="wp_1"
+    db_suffix=$(ls -l /var/www | grep -c ^d)
-db_user="wp_1"
+    db_name="wp_$db_suffix"
-db_pass=$(date +%s|sha256sum|base64|head -c 32)
+    db_user="wp_$db_suffix"
-mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
+    db_pass=$(date +%s|sha256sum|base64|head -c 32)
-mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
+    mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
-mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
+    mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
-wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
+    mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
-tar xzvf /tmp/wp.tar.gz -C /tmp
+    wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
-mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
+    tar xzvf /tmp/wp.tar.gz -C /tmp
-cp -a /tmp/wordpress/. /var/www/"$domain"/html
+    mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
-WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
+    cp -a /tmp/wordpress/. /var/www/"$domain"/html
    WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
 cat <<EOF > /var/www/"$domain"/html/wp-config.php
 <?php
 define('DB_NAME', '$db_name');