Work_Archive/VPS-scripts_Ubuntu-Web-V1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Update 'RevProxyAdvanced.sh'

Browse Source
This commit is contained in:
tbergervoet
2018-10-05 14:52:48 +02:00
parent cc2f488498
commit fb7d6d4553
1 changed files with 45 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
RevProxyAdvanced.sh
View File

@@ -133,6 +133,8 @@ rm /etc/nginx/sites-enabled/default
if [ $domain_setup = 1 ]; then
cat <<EOF > /etc/nginx/sites-available/"$domain"
#netdata placeholder
server {
listen 80;
@@ -141,6 +143,8 @@ server {
server_name $domain www.$domain;
#netdata here
location / {
proxy_pass http://$server_ip:8080;
proxy_set_header X-Real-IP \$remote_addr;
@@ -172,13 +176,18 @@ fi
if [ $domain_setup = 2 ]; then
cat <<EOF > /etc/nginx/sites-available/"$domain"
#netdata placeholder
server {
listen 80 default_server;
root /var/www/$domain/html;
index index.php index.html index.htm;
server_name example.com www.example.com;
server_name $domain www.$domain;
#netdata here
location / {
try_files \$uri \$uri/ /index.php;
}
@@ -217,10 +226,10 @@ mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FR
##-------------##
apt install -y python-certbot-nginx
#certbot --nginx -d "$domain" -d "www.$domain"
#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
#sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
##---------##
# PHP #
@@ -235,6 +244,8 @@ sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=500
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/7.2/apache2/php.ini
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/7.2/apache2/php.ini
sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' /etc/php/7.2/fpm/php.ini
sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/7.2/fpm/php.ini
##----------------##
# PHPMyAdmin #
@@ -246,10 +257,8 @@ debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $pas
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect"
apt install -y phpmyadmin
ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/phpmyadmin
# Redirect phpmyadmin -> database
mv /var/www/"$domain"/html/phpmyadmin /var/www/"$domain"/html/database
#a2disconf phpmyadmin.conf
ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/database
##-------------##
# Postfix #
@@ -276,6 +285,8 @@ if [ $netdata = 1 ]; then
apt install -y netdata
sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
ufw allow 19999/tcp
sed -i 's+#netdata placeholder+upstream netdata {\n server 127.0.0.1:19999;\n keepalive 64;\n}+g'
sed -i 's+#netdata here+location = /netdata {\n return 301 /netdata/;\n }\n\n location ~ /netdata/(?<ndpath>.*) {\n proxy_redirect off;\n proxy_set_header Host \$host;\n proxy_set_header X-Forwarded-Host \$host;\n proxy_set_header X-Forwarded-Server \$host;\n proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\n proxy_http_version 1.1;\n proxy_pass_request_headers on;\n proxy_set_header Connection "keep-alive";\n proxy_store off;\n proxy_pass http://netdata/\$ndpath\$is_args\$args;\n }+g' /etc/nginx/sites-available/"$domain"
# systemctl stop netdata
# systemctl disable netdata
fi
@@ -309,8 +320,9 @@ fi
##---------------##
if [ $wordpress = 1 ]; then
db_name="wp_1"
db_user="wp_1"
db_suffix=$(ls -l /var/www | grep -c ^d)
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"