Work_Archive/VPS-scripts_Ubuntu-Web-V1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: Work_Archive:V1.0
Branches Tags
Work_Archive:master
Work_Archive:V1.0
...
compare: Work_Archive:master
Branches Tags
Work_Archive:master
Work_Archive:V1.0

67 Commits
V1.0 ... master

Author SHA1 Message Date
Bram Prieshof
c67183498d Update 'config/nextcloud/nextcloud-config.sh' 2020-02-28 11:07:09 +01:00
Bram Prieshof
7bf6c382ee Update 'README.md' 2020-01-10 11:59:48 +01:00
bprieshof
aaefe58d58 Added a apt update to begin of installation 2019-10-17 20:16:43 +02:00
bprieshof
3744f5ff84 Added check for postfix 
cheking if postfix already was installed by the system and if yes it wil be removed to prevent config conflicts
 2019-10-17 18:07:04 +02:00
bprieshof
1808a6e7ed Updated Postfix mail form 2019-10-17 13:57:41 +02:00
bprieshof
5b539a545f removed grsync from package list because it is not needed 2019-10-10 13:54:55 +02:00
bprieshof
2ab066e960 Gitea Nginx configuration file 2019-10-10 11:16:46 +02:00
bprieshof
2513dd7584 Update 'NGINX-Installer.sh' 
Added toggle scripts for Netdata & PhpMyAdmin
 2019-10-09 09:14:01 +02:00
bprieshof
d22cf6309c Netdata disabled by default 2019-10-04 14:27:52 +02:00
bprieshof
f09269f688 Upload files to 'Modules/BackendToggle-Scripts' 2019-10-04 14:12:40 +02:00
bprieshof
bb3080cdd9 Delete 'Modules/BackendToggle-Scripts/toggle-PhpMyAdmin_NGINX.sh' 2019-10-04 14:12:02 +02:00
bprieshof
d5e7e31930 Upload files to 'Modules/BackendToggle-Scripts' 2019-10-04 14:09:52 +02:00
bprieshof
8cd052c3d0 Delete 'Modules/BackendToggle-Scripts/toggle-PhpMyAdmin_NGINX.sh' 2019-10-04 14:08:33 +02:00
bprieshof
95217cbf1e Delete 'Modules/BackendToggle-Scripts/toggle-Netdata_NGINX.sh' 2019-10-04 14:08:29 +02:00
bprieshof
e227d60256 Upload files to 'Modules/BackendToggle-Scripts' 2019-10-04 14:04:53 +02:00
bprieshof
aa591707df Fixed Netdata redirect 2019-10-04 13:58:39 +02:00
bprieshof
b1a0c87bc4 All services on Hostname 2019-10-04 11:36:36 +02:00
bprieshof
ddba4b644a Removed Netdata 2019-10-04 11:32:45 +02:00
bprieshof
b13d6c9e17 Disabled firewall rule Netdata NGINX-Installer 2019-10-04 11:19:08 +02:00
bprieshof
ba9ae0ee00 Update 'config/nginx/Backend-unconfigured' 2019-10-04 11:18:01 +02:00
bprieshof
cc611b5984 Add 'config/nginx/Backend-unconfigured' 2019-10-03 15:19:14 +02:00
bprieshof
8b627fde53 Update 'README.md' 2019-10-03 11:28:13 +02:00
bprieshof
fbaabeaa88 Set SSH Port to 4242 2019-10-03 11:26:39 +02:00
bprieshof
5eb8f1d1cc Update 'config/nextcloud/nextcloud-config.sh' 2019-09-20 11:19:42 +02:00
bprieshof
bc000669a6 Add 'config/nginx/ICTM_BCMS-site-unconfigured' 2019-09-18 14:54:35 +02:00
bprieshof
1170404280 Simplified Wp-Config 2019-09-18 14:07:09 +02:00
bprieshof
009a4a6f31 Added bare WP-Config 2019-09-18 14:04:36 +02:00
bprieshof
51658cc295 Updated NGINX Site-Config Method 2019-09-18 11:50:40 +02:00
bprieshof
5b78138800 Add 'config/nginx/Default-site-unconfigured' 2019-09-18 11:44:45 +02:00
bprieshof
ec647cf8c2 Update 'installer.sh' 2019-09-10 21:25:50 +02:00
b.waal
ed036bebfd Update 'resources/wordpress.sh' 2019-09-10 09:48:45 +02:00
bprieshof
78e240cc47 Update 'installer.sh' 2019-09-05 22:33:22 +02:00
bprieshof
6310b7ba98 Delete 'config/phpmyadmin/vendor_config.php' 2019-09-05 22:29:50 +02:00
bprieshof
e61424b7d9 Delete 'config/phpmyadmin/config.inc.php' 2019-09-05 22:29:47 +02:00
bprieshof
fb0e52f9e5 Delete 'config/phpmyadmin/config.header.inc.php' 2019-09-05 22:29:43 +02:00
bprieshof
f746427d8f Delete 'config/phpmyadmin/config.footer.inc.php' 2019-09-05 22:29:39 +02:00
bprieshof
ba51d3faf6 Delete 'mysql-8.0.sh' 2019-09-05 22:29:26 +02:00
bprieshof
be4b159d18 Delete 'mysql-5.7.sh' 2019-09-05 22:29:21 +02:00
b.waal
06d211a86e Update 'README.md' 2019-09-05 14:32:04 +02:00
b.waal
8249a27190 Update 'README.md' 2019-09-05 14:31:40 +02:00
b.waal
cff2e7ceec Update 'README.md' 2019-09-05 14:30:51 +02:00
bprieshof
1c806b0d86 Update 'README.md' 2019-09-05 14:22:22 +02:00
bprieshof
12818e52a4 Update 'installer.sh' 2019-09-05 12:53:16 +02:00
bprieshof
dc56307ddd Update 'config/nginx/nginx-default.conf' 2019-08-29 12:05:48 +02:00
bprieshof
b6bdbf5d98 Update 'installer.sh' 2019-08-29 11:54:33 +02:00
bprieshof
5d600d5ceb Update 'README.md' 2019-08-28 11:16:01 +02:00
bprieshof
9541ba698c Update 'README.md' 2019-08-28 11:15:20 +02:00
bprieshof
34b5b3598c Update 'README.md' 2019-08-28 11:14:52 +02:00
bprieshof
3bec6ee737 Update 'config/nextcloud/nextcloud-config.sh' 2019-08-21 23:49:23 +02:00
bprieshof
0fcd7dfb1b Update 'Apache_PHP-FPM_Installer.sh' 2019-07-11 23:54:26 +02:00
bprieshof
626d3dea6f Update 'Apache-Installer.sh' 2019-07-11 23:53:11 +02:00
bprieshof
6e243391da Update 'mysql-8.0.sh' 
The folowing Mysql config points are now deprecated and have been removed from the config:
query_cache_limit	= 1M
query_cache_size        = 16M
 2019-07-11 22:46:50 +02:00
bprieshof
1a4e729968 Update 'installer.sh' 2019-07-11 21:07:27 +02:00
bprieshof
dfbe09ec09 Update 'mysql-8.0.sh' 2019-07-11 19:49:37 +02:00
bprieshof
035ef6e2d5 Update 'installer.sh' 2019-07-11 14:27:51 +02:00
bprieshof
c0dfa7232c Update 'mysql-5.7.sh' 2019-07-11 14:23:04 +02:00
bprieshof
d8b1fae96a Update 'installer.sh' 2019-07-11 14:22:37 +02:00
bprieshof
f9b91e3346 Update 'mysql-8.0.sh' 2019-07-11 14:12:48 +02:00
bprieshof
952c08290c Update 'mysql-5.7.sh' 2019-07-11 14:12:35 +02:00
bprieshof
3d2813481d Update 'installer.sh' 2019-07-11 14:12:31 +02:00
bprieshof
087aabd322 Update 'mysql-5.7.sh' 2019-07-11 13:40:18 +02:00
bprieshof
c99ab90c58 Update 'installer.sh' 2019-07-11 11:51:40 +02:00
bprieshof
9b84646ec5 Update 'mysql-8.0.sh' 2019-07-11 11:48:35 +02:00
bprieshof
d3c7e2262e Update 'installer.sh' 2019-07-11 11:45:36 +02:00
bprieshof
25e1864520 Update 'NGINX-Installer.sh' 2019-07-11 11:23:46 +02:00
bprieshof
9795a7703e Update 'Apache-Installer.sh' 2019-07-11 11:22:38 +02:00
bprieshof
50dc5d3cb4 Update 'installer.sh' 2019-07-11 11:20:57 +02:00
21 changed files with 539 additions and 840 deletions
Expand all files Collapse all files

97
Apache-Installer.sh
View File

@@ -15,24 +15,15 @@
mkdir -p /var/www/"$domain"/html mkdir -p /var/www/"$domain"/html
chmod -R 755 /var/www chmod -R 755 /var/www
##--------------------## ##------------##
# Apache + MySQL # # Apache #
##--------------------## ##------------##
apt install -y apache2 mysql-server apt install -y apache2
if [ $datauser= = 1 ]; then if [ $datauser= = 1 ]; then
source /root/data-user_setup.sh source /root/data-user_setup.sh
fi fi
# mysql_secure_installation automated
mysqladmin -u root password "$password"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''"
mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
cat <<EOF > /etc/apache2/mods-enabled/dir.conf cat <<EOF > /etc/apache2/mods-enabled/dir.conf
<IfModule mod_dir.c> <IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
@@ -68,7 +59,7 @@ a2enmod rewrite
# PHP # # PHP #
##---------## ##---------##
apt install -y libapache2-mod-php php${phpver}-mysql php${phpver}-cgi php${phpver}-common php${phpver}-pear php${phpver}-mbstring php${phpver}-curl php${phpver}-gd php${phpver}-intl php${phpver}-soap php${phpver}-xml php${phpver}-xmlrpc php${phpver}-zip apt install -y libapache2-mod-php php${phpver}-mysql php${phpver}-cgi php${phpver}-common php-pear php${phpver}-mbstring php${phpver}-curl php${phpver}-gd php${phpver}-intl php${phpver}-soap php${phpver}-xml php${phpver}-xmlrpc php${phpver}-zip
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' /etc/php/"$phpver"/apache2/php.ini sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' /etc/php/"$phpver"/apache2/php.ini
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/"$phpver"/apache2/php.ini sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/"$phpver"/apache2/php.ini
@@ -79,20 +70,7 @@ sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/"$php
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/"$phpver"/apache2/php.ini sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/"$phpver"/apache2/php.ini
sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' /etc/php/"$phpver"/apache2/php.ini sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' /etc/php/"$phpver"/apache2/php.ini
sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/"$phpver"/apache2/php.ini sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/"$phpver"/apache2/php.ini
service apache2 restart
##----------------##
# PHPMyAdmin #
##----------------##
debconf-set-selections <<< "phpmyadmin phpmyadmin/dbconfig-install boolean true"
debconf-set-selections <<< "phpmyadmin phpmyadmin/app-password-confirm password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2"
apt install -y phpmyadmin
# Redirect phpmyadmin -> database
ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/database
a2disconf phpmyadmin
##-------------## ##-------------##
# Postfix # # Postfix #
@@ -160,69 +138,6 @@ elif [ $domainwww = 0 ]; then
echo "certbot --apache -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh echo "certbot --apache -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh
fi fi
##---------------##
# Wordpress #
##---------------##
if [ $wordpress = 1 ]; then
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
cat <<EOF > /var/www/"$domain"/html/wp-config.php
<?php
define('DB_NAME', '$db_name');
define('DB_USER', '$db_user');
define('DB_PASSWORD', '$db_pass');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' );
#define( 'WP_HOME', '' );
#define( 'ALTERNATE_WP_CRON', true );
#define('DISABLE_WP_CRON', 'true');
#define('WP_CRON_LOCK_TIMEOUT', 900);
#define('AUTOSAVE_INTERVAL', 300);
define( 'WP_MEMORY_LIMIT', '256M' );
define( 'DISALLOW_FILE_EDIT', true );
#define( 'EMPTY_TRASH_DAYS', 7 );
define( 'NOBLOGREDIRECT', 'https://$domain' );
#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
#define( 'WP_ALLOW_REPAIR', true );
#define( 'FORCE_SSL_ADMIN', true );
#define( 'AUTOMATIC_UPDATER_DISABLED', true );
#define( 'WP_AUTO_UPDATE_CORE', false );
$WPSalts
#\$table_prefix = '$db_name';
\$table_prefix = 'wp';
define('WP_DEBUG', false);
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
#\$memcached_servers = array(
# 'default' => array(
# '127.0.0.1:11211'
# )
#);
#define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '$password');
#define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php');
EOF
fi
##-----------------## ##-----------------##
# Opcache GUI # # Opcache GUI #
##-----------------## ##-----------------##

6
Apache_PHP-FPM_Installer.sh
View File

@@ -8,10 +8,10 @@
##============================================================= ##=============================================================
apachectl stop apachectl stop
apt install -y php-fpm apt install -y php${phpver}-fpm
a2enmod proxy_fcgi setenvif a2enmod proxy_fcgi setenvif
a2enconf php7.2-fpm a2enconf php${phpver}-fpm
a2dismod php7.2 a2dismod php${phpver}
a2dismod mpm_prefork a2dismod mpm_prefork
a2enmod mpm_worker a2enmod mpm_worker
apachectl start apachectl start

29
Modules/BackendToggle-Scripts/toggle-Netdata_NGINX.sh Normal file
View File

@@ -0,0 +1,29 @@
function usage {
echo "Usage: $0 [option...]" >&2
echo
echo " -e, Enable Netdata"
echo " -d, Disable Netdata"
echo
}
if [ -n "$1" ]; then
if [ "$1" = "-d" ]; then
echo "Disable Netdata"
sed -i '/deny all; #enables\/disables Netdata/c\ deny all; #enables\/disables Netdata' /etc/nginx/sites-available/Backend
systemctl stop netdata
systemctl disable netdata > /dev/null 2>&1
systemctl reload nginx
elif [ "$1" = "-e" ]; then
echo "Enable Netdata"
sed -i '/deny all; #enables\/disables Netdata/c\ #deny all; #enables\/disables Netdata' /etc/nginx/sites-available/Backend
systemctl start netdata
systemctl enable netdata > /dev/null 2>&1
systemctl reload nginx
else
usage
fi
else
usage
fi

25
Modules/BackendToggle-Scripts/toggle-PhpMyAdmin_NGINX.sh Normal file
View File

@@ -0,0 +1,25 @@
function usage {
echo "Usage: $0 [option...]" >&2
echo
echo " -e, Enable PhpMyadmin"
echo " -d, Disable PhpMyadmin"
echo
}
if [ -n "$1" ]; then
if [ "$1" = "-d" ]; then
echo "Disable PhpMyadmin"
sed -i '/deny all; #enables\/disables PHPMyadmin/c\ deny all; #enables\/disables PHPMyadmin' /etc/nginx/sites-available/Backend
systemctl reload nginx
elif [ "$1" = "-e" ]; then
echo "Enable PhpMyadmin"
sed -i '/deny all; #enables\/disables PHPMyadmin/c\ #deny all; #enables\/disables PHPMyadmin' /etc/nginx/sites-available/Backend
systemctl reload nginx
else
usage
fi
else
usage
fi

228
NGINX-Installer.sh
View File

@@ -15,9 +15,9 @@
mkdir -p /var/www/"$domain"/html mkdir -p /var/www/"$domain"/html
chmod -R 755 /var/www chmod -R 755 /var/www
##-------------------## ##-----------##
# NGINX + MySQL # # NGINX #
##-------------------## ##-----------##
if [ $brotlinginx = 1 ]; then if [ $brotlinginx = 1 ]; then
@@ -50,136 +50,21 @@ if [ $datauser= = 1 ]; then
fi fi
mkdir -p /etc/nginx mkdir -p /etc/nginx
apt install -y mysql-server
# mysql_secure_installation automated
mysqladmin -u root password "$password"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''"
mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/wprocket-nginx.conf -O /etc/nginx/wprocket-nginx.conf wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/wprocket-nginx.conf -O /etc/nginx/wprocket-nginx.conf
cat <<EOF > /etc/nginx/sites-available/"$domain" wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/Default-site-unconfigured -O /etc/nginx/sites-available/"$domain"
#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m; sed -i -e 's/DOMAINname/'$domain'/' -e 's/PHPver/'$phpver'/' /etc/nginx/sites-available/"$domain"
upstream netdata {
server 127.0.0.1:19999;
keepalive 64;
}
server {
listen 80;
server_name www.$domain;
return 301 http://$domain\$request_uri;
}
server {
listen 80;
listen [::]:80;
root /var/www/$domain/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name $domain;
#return 301 \$scheme:/\$domain\$request_uri; Redirect to non-www
#return 301 https://domein.nl$request_uri; Redirect to other domain
#add_header X-Cache "\$upstream_cache_status";
#netdata here
gzip on;
gzip_proxied any;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
gzip_comp_level 2;
gzip_disable "msie6";
gzip_buffers 16 8k;
location / {
#try_files \$uri \$uri/ =404;
try_files \$uri \$uri/ /index.php\$is_args\$args;
#try_files \$uri \$uri/ \$uri.html \$uri.php\$is_args\$query_string;
}
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)\$ {
expires max;
log_not_found off;
add_header Cache-Control "public, no-transform";
}
location ~ \.php\$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php$phpver-fpm.sock;
#fastcgi_cache MYAPP;
#fastcgi_cache_valid 200 302 301 1m;
#fastcgi_cache_valid 404 1m;
#fastcgi_cache_bypass \$no_cache;
#fastcgi_no_cache \$no_cache;
#fastcgi_cache_revalidate on;
#fastcgi_cache_background_update on;
#fastcgi_cache_lock on;
#fastcgi_cache_use_stale updating;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 256 16k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
}
location ~ /\.ht {
deny all;
}
location /phpmyadmin {
index index.php;
}
#Cache everything by default
set \$no_cache 0;
#Don't cache POST requests
if (\$request_method = POST) {
set \$no_cache 1;
}
#Don't cache if the URL contains a query string
if (\$query_string != "") {
set \$no_cache 1;
}
#Don't cache the following URLs
if (\$request_uri ~* "/(administrator/|login.php)") {
set \$no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if (\$http_cookie = "PHPSESSID") {
set \$no_cache 1;
}
# Increase bodysize for WP Rocket
client_max_body_size 256M;
## Rocket-Nginx configuration
#include wprocket-nginx.conf;
#Yoast SEO Sitemaps
location ~ ([^/]*)sitemap(.*).x(m|s)l$ {
## this rewrites sitemap.xml to /sitemap_index.xml
rewrite ^/sitemap.xml$ /sitemap_index.xml permanent;
## this makes the XML sitemaps work
rewrite ^/([a-z]+)?-?sitemap.xsl$ /index.php?xsl=$1 last;
rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
}
}
EOF
ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/ ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/Backend-unconfigured -O /etc/nginx/sites-available/Backend
sed -i -e 's/DOMAINname/'$hostname'/' -e 's/PHPver/'$phpver'/' /etc/nginx/sites-available/Backend
ln -s /etc/nginx/sites-available/Backend /etc/nginx/sites-enabled/
mkdir -p /opt/toggle
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Modules/BackendToggle-Scripts/toggle-Netdata_NGINX.sh -O /opt/toggle/toggle-Netdata.sh
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Modules/BackendToggle-Scripts/toggle-PhpMyAdmin.sh -O /opt/toggle/toggle-PhpMyAdmin.sh
##---------## ##---------##
# PHP # # PHP #
##---------## ##---------##
@@ -199,26 +84,14 @@ sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/"$phpver"/fpm/php.ini
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/www.confg -O /etc/php/"$phpver"/fpm/pool.d/www.conf wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/www.confg -O /etc/php/"$phpver"/fpm/pool.d/www.conf
sed -i 's/'rtag'/'"${phpver}"'/g' /etc/php/"$phpver"/fpm/pool.d/www.conf sed -i 's/'rtag'/'"${phpver}"'/g' /etc/php/"$phpver"/fpm/pool.d/www.conf
##----------------##
# PHPMyAdmin #
##----------------##
debconf-set-selections <<< "phpmyadmin phpmyadmin/dbconfig-install boolean true"
debconf-set-selections <<< "phpmyadmin phpmyadmin/app-password-confirm password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect"
apt install -y phpmyadmin
# Redirect phpmyadmin -> database
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database
##-------------## ##-------------##
# Postfix # # Postfix #
##-------------## ##-------------##
debconf-set-selections <<< "postfix postfix/mailname string $hostname" #cheking if postfix already was installed by the system and if yes it wil be removed to prevent config conflicts
if dpkg-query -Wf'${db:Status-abbrev}' postfix 2>/dev/null | grep -q '^i'; then apt purge -y postfix; fi
debconf-set-selections <<< "postfix postfix/mailname string $domain"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
apt install -y mailutils apt install -y mailutils
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
@@ -237,8 +110,6 @@ newaliases
apt install -y netdata apt install -y netdata
sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
ufw allow 19999/tcp
sed -i 's+#netdata here+location = /netdata {\n return 301 /netdata/;\n }\n\n location ~ /netdata/(?<ndpath>.*) {\n proxy_redirect off;\n proxy_set_header Host \$host;\n proxy_set_header X-Forwarded-Host \$host;\n proxy_set_header X-Forwarded-Server \$host;\n proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\n proxy_http_version 1.1;\n proxy_pass_request_headers on;\n proxy_set_header Connection "keep-alive";\n proxy_store off;\n proxy_pass http://netdata/\$ndpath\$is_args\$args;\n }+g' /etc/nginx/sites-available/"$domain"
systemctl stop netdata systemctl stop netdata
systemctl disable netdata systemctl disable netdata
@@ -268,68 +139,6 @@ if [ $redis = 1 ]; then
# systemctl disable redis # systemctl disable redis
fi fi
##---------------##
# Wordpress #
##---------------##
if [ $wordpress = 1 ]; then
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzvf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
cat <<EOF > /var/www/"$domain"/html/wp-config.php
<?php
define('DB_NAME', '$db_name');
define('DB_USER', '$db_user');
define('DB_PASSWORD', '$db_pass');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' );
#define( 'WP_HOME', '' );
#define( 'ALTERNATE_WP_CRON', true );
#define('DISABLE_WP_CRON', 'true');
#define('WP_CRON_LOCK_TIMEOUT', 900);
#define('AUTOSAVE_INTERVAL', 300);
define( 'WP_MEMORY_LIMIT', '256M' );
define( 'DISALLOW_FILE_EDIT', true );
#define( 'EMPTY_TRASH_DAYS', 7 );
define( 'NOBLOGREDIRECT', 'https://$domain' );
#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
#define( 'WP_ALLOW_REPAIR', true );
#define( 'FORCE_SSL_ADMIN', true );
#define( 'AUTOMATIC_UPDATER_DISABLED', true );
#define( 'WP_AUTO_UPDATE_CORE', false );
$WPSalts
#\$table_prefix = '$db_name';
\$table_prefix = 'wp';
define('WP_DEBUG', false);
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
#\$memcached_servers = array(
# 'default' => array(
# '127.0.0.1:11211'
# )
#);
#define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '$password');
#define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php');
EOF
fi
##---------------## ##---------------##
# Nextcloud # # Nextcloud #
##---------------## ##---------------##
@@ -353,6 +162,7 @@ elif [ $domainwww = 0 ]; then
certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh
fi fi
echo "certbot --nginx -n -d $hostname -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/backend_certbotactivate.sh
sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain" sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain" sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain" sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"

18
README.md
View File

@@ -3,6 +3,15 @@
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/installer.sh wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/installer.sh
bash installer.sh bash installer.sh
``` ```
**To enable logging for the installer use the folowing command**:
```
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/installer.sh
bash installer.sh 2>&1 | tee ~/output.log
```
### Notice, SSH Port has been set 4242
#### To set Netdata to monitor plugins: #### To set Netdata to monitor plugins:
Reinstall netdata manualy Reinstall netdata manualy
``` ```
@@ -10,6 +19,15 @@ apt install curl
bash <(curl -Ss https://my-netdata.io/kickstart-static64.sh) bash <(curl -Ss https://my-netdata.io/kickstart-static64.sh)
``` ```
#### This script uses the folowing repo's as dependencies:
```
* VPS-scripts/Ubuntu-Backup
* VPS-scripts/Ubuntu-Cockpit
* VPS-scripts/Ubuntu-FTP
* VPS-scripts/Ubuntu-MySQL
```
###### Nginx Brotli donwload ###### Nginx Brotli donwload
https://git.ictmaatwerk.com/deb/nginx-brotli/ https://git.ictmaatwerk.com/deb/nginx-brotli/

42
config/WordPress-Bare-Config.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
define('DB_NAME', 'DBName');
define('DB_USER', 'DBUser');
define('DB_PASSWORD', 'DBPass');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' );
#define( 'WP_HOME', '' );
#define( 'ALTERNATE_WP_CRON', true );
#define('DISABLE_WP_CRON', 'true');
#define('WP_CRON_LOCK_TIMEOUT', 900);
#define('AUTOSAVE_INTERVAL', 300);
define( 'WP_MEMORY_LIMIT', '256M' );
define( 'DISALLOW_FILE_EDIT', true );
#define( 'EMPTY_TRASH_DAYS', 7 );
define( 'NOBLOGREDIRECT', 'https://DOMAINname' );
define('FS_METHOD','direct');
#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
#define( 'WP_ALLOW_REPAIR', true );
#define( 'FORCE_SSL_ADMIN', true );
#define( 'AUTOMATIC_UPDATER_DISABLED', true );
#define( 'WP_AUTO_UPDATE_CORE', false );
#$table_prefix = 'DBName';
$table_prefix = 'wp';
WPsalty
define('WP_DEBUG', false);
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
#$memcached_servers = array(
# 'default' => array(
# '127.0.0.1:11211'
# )
#);
#define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '<RedisPassword>');
#define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php');

7
config/nextcloud/nextcloud-config.sh
View File

@@ -1,14 +1,15 @@
apt install -y libmagickcore-6.q16-3-extra apt install -y libmagickcore-6.q16-3-extra
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nextcloud/php-fpm.ini -O /etc/php/"$phpver"/fpm/php.ini wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nextcloud/php-fpm.ini -O /etc/php/"$phpver"/fpm/php.ini
cd /tmp cd /tmp
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` db_suffix=`expr $(ls -l /var/www | grep -c ^d)`
db_name="nextcloud_$db_suffix" db_name="nextcloud_$db_suffix"
db_user="nextcloud_$db_suffix" db_user="nextcloud_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32) db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://download.nextcloud.com/server/releases/latest-15.tar.bz2 -O /tmp/nextcloud.tar.bz2 wget https://download.nextcloud.com/server/releases/latest-18.tar.bz2 -O /tmp/nextcloud.tar.bz2
tar jxf /tmp/nextcloud.tar.bz2 -C /tmp tar jxf /tmp/nextcloud.tar.bz2 -C /tmp
cp -a /tmp/nextcloud/. /var/www/"$domain"/html cp -a /tmp/nextcloud/. /var/www/"$domain"/html

41
config/nginx/Backend-unconfigured Normal file
View File

@@ -0,0 +1,41 @@
server {
listen 80;
root /var/www/html;
index index.php index.html;
server_name DOMAINname;
location = /backend/netdata {
return 301 /backend/netdata/;
}
location ~ /backend/netdata/(?<ndpath>.*) {
deny all; #enables/disables Netdata
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
proxy_pass http://127.0.0.1:19999/$ndpath$is_args$args;
}
location /backend/database {
#deny all; #enables/disables PHPMyadmin
alias /usr/share/phpmyadmin;
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/phpPHPver-fpm.sock;
fastcgi_index index.php;
}
}
location ~ /\.ht {
deny all;
}
}

101
config/nginx/Default-site-unconfigured Normal file
View File

@@ -0,0 +1,101 @@
#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m;
server {
listen 80;
server_name www.DOMAINname;
return 301 http://DOMAINname$request_uri;
}
server {
listen 80;
listen [::]:80;
root /var/www/DOMAINname/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name DOMAINname;
#return 301 $scheme:/$domain$request_uri; Redirect to non-www
#return 301 https://domein.nl; Redirect to other domain
#add_header X-Cache "$upstream_cache_status";
gzip on;
gzip_proxied any;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
gzip_comp_level 2;
gzip_disable "msie6";
gzip_buffers 16 8k;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
#try_files $uri $uri/ $uri.html $uri.php$is_args$query_string;
}
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)$ {
expires max;
log_not_found off;
add_header Cache-Control "public, no-transform";
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/phpPHPver-fpm.sock;
#fastcgi_cache MYAPP;
#fastcgi_cache_valid 200 302 301 1m;
#fastcgi_cache_valid 404 1m;
#fastcgi_cache_bypass $no_cache;
#fastcgi_no_cache $no_cache;
#fastcgi_cache_revalidate on;
#fastcgi_cache_background_update on;
#fastcgi_cache_lock on;
#fastcgi_cache_use_stale updating;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 256 16k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
}
location ~ /\.ht {
deny all;
}
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST) {
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "") {
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|login.php)") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID") {
set $no_cache 1;
}
# Increase bodysize for WP Rocket
client_max_body_size 256M;
## Rocket-Nginx configuration
#include wprocket-nginx.conf;
#Yoast SEO Sitemaps
location ~ ([^/]*)sitemap(.*).x(m|s)l$ {
## this rewrites sitemap.xml to /sitemap_index.xml
rewrite ^/sitemap.xml$ /sitemap_index.xml permanent;
## this makes the XML sitemaps work
rewrite ^/([a-z]+)?-?sitemap.xsl$ /index.php?xsl= last;
rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=&sitemap_n= last;
}
}

14
config/nginx/Gitea-unconfigured Normal file
View File

@@ -0,0 +1,14 @@
server {
server_name DOMAINname;
client_max_body_size 40M;
listen 80 ;
location / {
proxy_pass http://localhost:3000;
proxy_hide_header X-Frame-Options;
}
location /.well-known {
alias /var/www/DOMAINname/.well-known;
}
}

62
config/nginx/ICTM_BCMS-site-unconfigured Normal file
View File

@@ -0,0 +1,62 @@
server {
listen 80;
server_name www.DOMAINname;
return 301 http://DOMAINname$request_uri;
}
server {
listen 80;
listen [::]:80;
index index.php index.html index.htm index.nginx-debian.html;
server_name DOMAINname;
gzip on;
gzip_proxied any;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
gzip_comp_level 2;
gzip_disable "msie6";
gzip_buffers 16 8k;
location ~* (.*) {
root /var/www/DOMAINname/html/public;
try_files $1 @app_index;
}
location @app_index {
root /var/www/DOMAINname/html/public;
fastcgi_pass unix:/run/php/phpPHPver-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_NAME /index.php;
}
location ~ /\.ht {
deny all;
}
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST) {
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "") {
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|login.php)") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID") {
set $no_cache 1;
}
}

9
config/nginx/nginx-default.conf
View File

@@ -28,11 +28,16 @@ http {
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
default_type text/html; default_type text/html;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_session_cache shared:SSL:20m; ssl_session_cache shared:SSL:20m;
ssl_session_timeout 180m; ssl_session_timeout 180m;
ssl_ecdh_curve secp384r1;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options sameorigin;
add_header X-Content-Type-Options nosniff;
add_header X-Xss-Protection "1; mode=block";
#access_log /var/log/nginx/access.log; #access_log /var/log/nginx/access.log;
access_log off; access_log off;

8
config/phpmyadmin/config.footer.inc.php
View File

@@ -1,8 +0,0 @@
<?php
/**
* Debian local configuration file
*
* In this file you may add PHP or HTML statements that will be used to define
* the footer for phpMyAdmin pages.
*/

8
config/phpmyadmin/config.header.inc.php
View File

@@ -1,8 +0,0 @@
<?php
/**
* Debian local configuration file
*
* In this file you may add PHP or HTML statements that will be used to define
* the header for phpMyAdmin pages.
*/

169
config/phpmyadmin/config.inc.php
View File

@@ -1,169 +0,0 @@
<?php
/**
* Debian local configuration file
*
* This file overrides the settings made by phpMyAdmin interactive setup
* utility.
*
* For example configuration see
* /usr/share/doc/phpmyadmin/examples/config.sample.inc.php
* or
* /usr/share/doc/phpmyadmin/examples/config.manyhosts.inc.php
*
* NOTE: do not add security sensitive data to this file (like passwords)
* unless you really know what you're doing. If you do, any user that can
* run PHP or CGI on your webserver will be able to read them. If you still
* want to do this, make sure to properly secure the access to this file
* (also on the filesystem level).
*/
if (!function_exists('check_file_access')) {
function check_file_access($path)
{
if (is_readable($path)) {
return true;
} else {
error_log(
'phpmyadmin: Failed to load ' . $path
. ' Check group www-data has read access and open_basedir restrictions.'
);
return false;
}
}
}
// Load secret generated on postinst
if (check_file_access('/var/lib/phpmyadmin/blowfish_secret.inc.php')) {
require('/var/lib/phpmyadmin/blowfish_secret.inc.php');
}
// Load autoconf local config
if (check_file_access('/var/lib/phpmyadmin/config.inc.php')) {
require('/var/lib/phpmyadmin/config.inc.php');
}
/**
* Server(s) configuration
*/
$i = 0;
// The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use $cfg['Servers'][0].
// You can disable a server config entry by setting host to ''.
$i++;
/**
* Read configuration from dbconfig-common
* You can regenerate it using: dpkg-reconfigure -plow phpmyadmin
*/
if (check_file_access('/etc/phpmyadmin/config-db.php')) {
require('/etc/phpmyadmin/config-db.php');
}
/* Configure according to dbconfig-common if enabled */
if (!empty($dbname)) {
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
if (empty($dbserver)) $dbserver = 'localhost';
$cfg['Servers'][$i]['host'] = $dbserver;
if (!empty($dbport) || $dbserver != 'localhost') {
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['port'] = $dbport;
}
//$cfg['Servers'][$i]['compress'] = false;
/* Select mysqli if your server has it */
$cfg['Servers'][$i]['extension'] = 'mysqli';
/* Optional: User for advanced features */
$cfg['Servers'][$i]['controluser'] = $dbuser;
$cfg['Servers'][$i]['controlpass'] = $dbpass;
/* Optional: Advanced phpMyAdmin features */
$cfg['Servers'][$i]['pmadb'] = $dbname;
$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
$cfg['Servers'][$i]['relation'] = 'pma__relation';
$cfg['Servers'][$i]['table_info'] = 'pma__table_info';
$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
$cfg['Servers'][$i]['column_info'] = 'pma__column_info';
$cfg['Servers'][$i]['history'] = 'pma__history';
$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
$cfg['Servers'][$i]['tracking'] = 'pma__tracking';
$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
$cfg['Servers'][$i]['recent'] = 'pma__recent';
$cfg['Servers'][$i]['favorite'] = 'pma__favorite';
$cfg['Servers'][$i]['users'] = 'pma__users';
$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
$cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
$cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
/* Uncomment the following to enable logging in to passwordless accounts,
* after taking note of the associated security risks. */
// $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
/* Advance to next server for rest of config */
$i++;
}
/* Authentication type */
//$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
//$cfg['Servers'][$i]['host'] = 'localhost';
//$cfg['Servers'][$i]['connect_type'] = 'tcp';
//$cfg['Servers'][$i]['compress'] = false;
/* Uncomment the following to enable logging in to passwordless accounts,
* after taking note of the associated security risks. */
// $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
/**
* phpMyAdmin configuration storage settings.
*/
/* User used to manipulate with storage */
// $cfg['Servers'][$i]['controlhost'] = '';
// $cfg['Servers'][$i]['controlport'] = '';
// $cfg['Servers'][$i]['controluser'] = 'pma';
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
/* Storage database and tables */
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
// $cfg['Servers'][$i]['relation'] = 'pma__relation';
// $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
// $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
// $cfg['Servers'][$i]['history'] = 'pma__history';
// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
// $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
// $cfg['Servers'][$i]['recent'] = 'pma__recent';
// $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
// $cfg['Servers'][$i]['users'] = 'pma__users';
// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
// $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
// $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
// $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
/* Contrib / Swekey authentication */
// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf';
/*
* End of servers configuration
*/
/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
/* Support additional configurations */
foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
{
include($filename);
}

80
config/phpmyadmin/vendor_config.php
View File

@@ -1,80 +0,0 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* File for vendor customisation, you can change here paths or some behaviour,
* which vendors such as Linux distributions might want to change.
*
* For changing this file you should know what you are doing. For this reason
* options here are not part of normal configuration.
*
* @package PhpMyAdmin
*/
if (! defined('PHPMYADMIN')) {
exit;
}
/**
* Path to vendor autoload file. Useful when you want to
* have have vendor dependencies somewhere else.
*/
define('AUTOLOAD_FILE', './vendor/autoload.php');
/**
* Directory where cache files are stored.
*/
define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');
/**
* Path to changelog file, can be gzip compressed. Useful when you want to
* have documentation somewhere else, eg. /usr/share/doc.
*/
define('CHANGELOG_FILE', './ChangeLog');
/**
* Path to license file. Useful when you want to have documentation somewhere
* else, eg. /usr/share/doc.
*/
define('LICENSE_FILE', './LICENSE');
/**
* Directory where SQL scripts to create/upgrade configuration storage reside.
*/
define('SQL_DIR', './sql/');
/**
* Directory where configuration files are stored.
* It is not used directly in code, just a convenient
* define used further in this file.
*/
define('CONFIG_DIR', '/etc/phpmyadmin/');
/**
* Filename of a configuration file.
*/
define('CONFIG_FILE', CONFIG_DIR . 'config.inc.php');
/**
* Filename of custom header file.
*/
define('CUSTOM_HEADER_FILE', CONFIG_DIR . 'config.header.inc.php');
/**
* Filename of custom footer file.
*/
define('CUSTOM_FOOTER_FILE', CONFIG_DIR . 'config.footer.inc.php');
/**
* Default value for check for version upgrades.
*/
define('VERSION_CHECK_DEFAULT', true);
/**
* Path to files with compiled locales (*.mo)
*/
define('LOCALE_PATH', './locale/');
/**
* Avoid referring to nonexistent files (causes warnings when open_basedir
* is used)
*/
define('K_PATH_IMAGES', '');

176
installer.sh
View File

@@ -49,14 +49,36 @@ echo "Administrator email:"
read email read email
echo "Webserver:" echo "Webserver:"
PS3='Keuze:' PS3='Keuze:'
options=("Apache" "Nginx proxy" "Nginx proxy & standalone" "Nginx, PHP-FPM" "Quit") options=("Nginx, PHP-FPM" "Apache" "Other" "Quit")
select opt in "${options[@]}" select opt in "${options[@]}"
do do
case $opt in case $opt in
"Nginx, PHP-FPM")
webserv=n
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/NGINX-Installer.sh
break;;
"Apache") "Apache")
webserv=a webserv=a
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Apache-Installer.sh script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Apache-Installer.sh
break;; break;;
"Other")
webserv=o
break;;
"Quit")
exit;;
*) echo "Fout commando $REPLY";;
esac
done
if [ $webserv = o ]; then
PS3='Keuze:'
options=( "Nginx proxy" "Nginx proxy & standalone")
select opt in "${options[@]}"
do
case $opt in
"Nginx proxy") "Nginx proxy")
webserv=np webserv=np
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxySimple.sh script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxySimple.sh
@@ -65,38 +87,11 @@ do
webserv=nps webserv=nps
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxyAdvanced.sh script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxyAdvanced.sh
break;; break;;
"Nginx, PHP-FPM")
webserv=n
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/NGINX-Installer.sh
break;;
"Quit")
exit;;
*) echo "Fout commando $REPLY";; *) echo "Fout commando $REPLY";;
esac esac
done done
fi
while true; do
read -p "Password login uit zetten -> yes/no?" yn
case $yn in
[Yy]* ) sshkey=1
break;;
[Nn]* ) sshkey=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Enable per-domain data user-> yes/no?" yn
case $yn in
[Yy]* ) datauser=1
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-FTP/raw/branch/master/data-user_setup.sh -O /root/data-user_setup.sh
break;;
[Nn]* ) datauser=0
break;;
* ) echo "Choose yes or no.";;
esac
done
if [ $webserv = n ]; then if [ $webserv = n ]; then
while true; do while true; do
@@ -124,7 +119,28 @@ else
nextcloud=0 nextcloud=0
fi fi
cockpit=1 while true; do
read -p "Password login uit zetten -> yes/no?" yn
case $yn in
[Yy]* ) sshkey=1
break;;
[Nn]* ) sshkey=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Enable per-domain data user-> yes/no?" yn
case $yn in
[Yy]* ) datauser=1
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-FTP/raw/branch/master/data-user_setup.sh -O /root/data-user_setup.sh
break;;
[Nn]* ) datauser=0
break;;
* ) echo "Choose yes or no.";;
esac
done
while true; do while true; do
read -p "Installeer Memcached -> yes/no?" yn read -p "Installeer Memcached -> yes/no?" yn
@@ -164,6 +180,9 @@ done
##-----------------## ##-----------------##
phpver=7.3 phpver=7.3
sqlver=8.0 #or 5.7
cockpit=1
PHPMyadmin=1
##----------------## ##----------------##
# Pre-Config # # Pre-Config #
@@ -175,16 +194,19 @@ then
mkdir ~/.ssh mkdir ~/.ssh
fi fi
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> ~/.ssh/authorized_keys echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> ~/.ssh/authorized_keys
sed -i '/Port 22/c\Port 4242' /etc/ssh/sshd_config
service sshd restart
echo "root:$password" | chpasswd echo "root:$password" | chpasswd
cd /tmp cd /tmp
#mv /boot/grub/menu.lst /boot/grub/menu.lst.bck #mv /boot/grub/menu.lst /boot/grub/menu.lst.bck
apt update #to avoid apt being unable to install software-properties-common
apt install -y software-properties-common apt install -y software-properties-common
add-apt-repository -y ppa:certbot/certbot add-apt-repository -y ppa:certbot/certbot
add-apt-repository -y ppa:ondrej/php add-apt-repository -y ppa:ondrej/php
apt update apt update
apt upgrade -y apt upgrade -y
apt dist-upgrade -y apt dist-upgrade -y
apt install -y rsync grsync sshpass apt install -y rsync sshpass
apt clean apt clean
apt autoremove -y apt autoremove -y
hostnamectl set-hostname $hostname hostnamectl set-hostname $hostname
@@ -205,10 +227,10 @@ sed -i 's/#/vm.vfs_cache_pressure=50/g' /etc/sysctl.conf
sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw
sed -i "\$a0 3 * * 1 root apt update >/dev/null 2>&1&& apt upgrade -y >/dev/null 2>&1" /etc/crontab sed -i "\$a0 3 * * 1 root apt update >/dev/null 2>&1&& apt upgrade -y >/dev/null 2>&1" /etc/crontab
systemctl restart cron systemctl restart cron
ufw allow OpenSSH
ufw allow 443/tcp ufw allow 443/tcp
ufw allow 80/tcp ufw allow 80/tcp
ufw limit ssh ufw limit 4242/tcp
echo "y" | ufw enable echo "y" | ufw enable
mkdir /root/.ssh mkdir /root/.ssh
@@ -219,56 +241,23 @@ apt install fail2ban -y
# Install Phase # # Install Phase #
##-------------------## ##-------------------##
echo "****************************" ##-----------##
sleep 0.5 # MySQL #
echo "Installatie duurt 5 minuten." ##-----------##
sleep 0.5
echo "****************************"
if [ $newsql = 1 ]; then
wget https://git.ictmaatwerk.com/VPS-scripts/MySQL/raw/branch/master/mysql-${sqlver}.sh -O Mysql-Installer.sh
source Mysql-Installer.sh
fi
##---------------##
# Webserver #
##---------------##
wget $script -O Ubuntu-Web_Installer.sh wget $script -O Ubuntu-Web_Installer.sh
source Ubuntu-Web_Installer.sh source Ubuntu-Web_Installer.sh
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database
##------------------##
# MySQL Config #
##------------------##
rm /etc/mysql/my.cnf
cat > /etc/mysql/my.cnf <<- "EOF"
# - "/etc/mysql/my.cnf" to set global options,
[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
innodb_buffer_pool_size = 1G # (adjust value here, 50%-70% of total RAM)
innodb_log_file_size = 256M
innodb_flush_log_at_trx_commit = 1 # may change to 2 or 0
innodb_flush_method = O_DIRECT
bind-address = 127.0.0.1
key_buffer_size = 16M
max_allowed_packet = 16M
thread_stack = 192K
thread_cache_size = 8
myisam-recover-options = BACKUP
#max_connections = 100
#table_open_cache = 64
#thread_concurrency = 10
query_cache_limit = 1M
query_cache_size = 16M
log_error = /var/log/mysql/error.log
expire_logs_days = 10
max_binlog_size = 100M
EOF
##-------------## ##-------------##
# Cockpit # # Cockpit #
@@ -279,17 +268,32 @@ if [ $cockpit = 1 ]; then
source Slave-Installer.sh source Slave-Installer.sh
fi fi
if [ $sshkey = 1 ]; then if [ $sshkey = 1 ]; then
sed -i 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config sed -i 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
fi fi
##------------------------## ##---------------##
# PHP-Myadmin update # # Wordpress #
##------------------------## ##---------------##
bash <(curl -s https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/PHPMyAdmin_Updater.sh) if [ $wordpress = 1 ]; then
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzvf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/WordPress-Bare-Config.php -O /var/www/"$domain"/html/wp-config.php
sed -i -e 's/DBPass/'$db_pass'/' -e 's/DBUser/'$db_user'/' -e 's/DBName/'$db_name'/' -e 's/DOMAINname/'$domain'/' /var/www/"$domain"/html/wp-config.php
printf '%s\n' "g/WPsalty/d" a "$WPSalts" . w | ed -s /var/www/"$domain"/html/wp-config.php
fi
##-------------------## ##-------------------##
# Backup Script # # Backup Script #

44
mysql-5.7.sh
View File

@@ -1,44 +0,0 @@
phpmyadminver=4.9.0.1
## mysql Password
#password=<set me for testing purposes>
##------------##
# MySQL #
##------------##
apt install -y mysql-server
mysqladmin -u root password "$password"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''"
mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
##----------------##
# PHPMyAdmin #
##----------------##
debconf-set-selections <<< "phpmyadmin phpmyadmin/dbconfig-install boolean true"
debconf-set-selections <<< "phpmyadmin phpmyadmin/app-password-confirm password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect"
apt install -y phpmyadmin
a2disconf phpmyadmin
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database
cd /tmp
mkdir /usr/share/phpmyadmin/
mkdir /etc/phpmyadmin
wget https://files.phpmyadmin.net/phpMyAdmin/$phpmyadminver/phpMyAdmin-$phpmyadminver-all-languages.tar.gz
tar xzf phpMyAdmin-$phpmyadminver-all-languages.tar.gz
mv phpMyAdmin-$phpmyadminver-all-languages/* /usr/share/phpmyadmin
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/phpmyadmin/vendor_config.php -O /usr/share/phpmyadmin/libraries/vendor_config.php

60
mysql-8.0.sh
View File

@@ -1,60 +0,0 @@
##------------##
# MySQL #
##------------##
## mysql Password
#password=<set me for testing purposes>
export DEBIAN_FRONTEND=noninteractive
apt install gnupg -y
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-codename select bionic'
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-distro select ubuntu'
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-url string http://repo.mysql.com/apt/'
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-preview select '
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-product select Ok'
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-server select mysql-8.0'
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-tools select '
debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/unsupported-platform select abort'
debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password $password"
debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password $password"
debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)"
wget https://dev.mysql.com/get/mysql-apt-config_0.8.13-1_all.deb -O /tmp/mysql-apt-conf.deb
dpkg -i /tmp/mysql-apt-conf.deb
apt-get update
apt-get install -y mysql-server
##-----------------##
# PhpMyAdmin #
##-----------------##
phpmyadminver=4.9.0.1
cd /tmp
mkdir /usr/share/phpmyadmin/
mkdir /etc/phpmyadmin
wget https://files.phpmyadmin.net/phpMyAdmin/$phpmyadminver/phpMyAdmin-$phpmyadminver-all-languages.tar.gz
tar xzf phpMyAdmin-$phpmyadminver-all-languages.tar.gz
mv phpMyAdmin-$phpmyadminver-all-languages/* /usr/share/phpmyadmin
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/phpmyadmin/vendor_config.php -O /usr/share/phpmyadmin/libraries/vendor_config.php
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/phpmyadmin/config.footer.inc.php -O /etc/phpmyadmin/config.footer.inc.php
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/phpmyadmin/config.header.inc.php -O /etc/phpmyadmin/config.header.inc.php
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/phpmyadmin/config.inc.php -O /etc/phpmyadmin/config.inc.php
touch /var/lib/phpmyadmin/config.inc.php
touch /etc/phpmyadmin/config-db.php
mkdir -p /var/lib/phpmyadmin/tmp/
chown -R www-data:www-data /var/lib/phpmyadmin/
blowsec=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
echo -e "<?php\n\n\$cfg['blowfish_secret'] = '$blowsec';\n\n?>" >> /var/lib/phpmyadmin/blowfish_secret.inc.php
mysql -u root --password="$password" < /usr/share/phpmyadmin/sql/create_tables.sql
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database

155
resources/wordpress.sh
View File

@@ -1,78 +1,79 @@
#============================================================================== #==============================================================================
# INSTALL SECOND WEBSITE WITH WORDPRESS # INSTALL SECOND WEBSITE WITH WORDPRESS
#============================================================================== #==============================================================================
echo Welk domein mag gekoppeld worden? Typ domein zonder www echo Welk domein mag gekoppeld worden? Typ domein zonder www
read domain read domain
echo Standaard wachtwoord? echo Standaard wachtwoord?
read passwd read passwd
echo Database user en name? echo Database user en name?
read db_name db_user read db_name db_user
echo Standaard wachtwoord echo Standaard wachtwoord
read passwd read passwd
db_pass=$(date +%s|sha256sum|base64|head -c 32) db_pass=$(date +%s|sha256sum|base64|head -c 32)
#-------------------# #-------------------#
# MYSQL CONFIG # # MYSQL CONFIG #
#-------------------# #-------------------#
mysql -u root -p"$passwd" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" mysql -u root -p"$passwd" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$passwd" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" mysql -u root -p"$passwd" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;" mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;"
#-------------------# #-------------------#
# WP - INSTALL # # WP - INSTALL #
#-------------------# #-------------------#
cd /tmp cd /tmp
curl -LO https://wordpress.org/latest.tar.gz curl -LO https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz tar xzvf latest.tar.gz
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html cp -a /tmp/wordpress/. /var/www/"$domain"/html
chown -R www-data:www-data /var/www/"$domain"/html chown -R www-data:www-data /var/www/"$domain"/html
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -) WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
cat <<EOF > /var/www/"$domain"/html/wp-config.php cat <<EOF > /var/www/"$domain"/html/wp-config.php
<?php <?php
define('DB_NAME', '$db_name'); define('DB_NAME', '$db_name');
define('DB_USER', '$db_user'); define('DB_USER', '$db_user');
define('DB_PASSWORD', '$db_pass'); define('DB_PASSWORD', '$db_pass');
define('DB_HOST', 'localhost'); define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8'); define('DB_CHARSET', 'utf8');
define('DB_COLLATE', ''); define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' ); #define( 'WP_SITEURL', '' );
#define( 'WP_HOME', '' ); define('FS_METHOD','direct');
#define( 'ALTERNATE_WP_CRON', true ); #define( 'WP_HOME', '' );
#define('DISABLE_WP_CRON', 'true'); #define( 'ALTERNATE_WP_CRON', true );
#define('WP_CRON_LOCK_TIMEOUT', 900); #define('DISABLE_WP_CRON', 'true');
#define('AUTOSAVE_INTERVAL', 300); #define('WP_CRON_LOCK_TIMEOUT', 900);
define( 'WP_MEMORY_LIMIT', '256M' ); #define('AUTOSAVE_INTERVAL', 300);
#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) ); define( 'WP_MEMORY_LIMIT', '256M' );
#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) ); #define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
#define( 'WP_ALLOW_REPAIR', true ); #define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
#define( 'FORCE_SSL_ADMIN', true ); #define( 'WP_ALLOW_REPAIR', true );
#define( 'AUTOMATIC_UPDATER_DISABLED', true ); #define( 'FORCE_SSL_ADMIN', true );
#define( 'WP_AUTO_UPDATE_CORE', false ); #define( 'AUTOMATIC_UPDATER_DISABLED', true );
$WPSalts #define( 'WP_AUTO_UPDATE_CORE', false );
\$table_prefix = '$db_name'; $WPSalts
\$table_prefix = '$db_name';
define('WP_DEBUG', false);
if ( !defined('ABSPATH') ) define('WP_DEBUG', false);
define('ABSPATH', dirname(__FILE__) . '/'); if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
#\$memcached_servers = array(
# 'default' => array( #\$memcached_servers = array(
# '127.0.0.1:11211' # 'default' => array(
# ) # '127.0.0.1:11211'
#); # )
#define('WP_REDIS_HOST', '127.0.0.1'); #);
#define('WP_REDIS_PASSWORD', '$passwd'); #define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PORT', '6379'); #define('WP_REDIS_PASSWORD', '$passwd');
require_once(ABSPATH . 'wp-settings.php'); #define('WP_REDIS_PORT', '6379');
EOF require_once(ABSPATH . 'wp-settings.php');
#-------------------# EOF
# OPCACHE GUI # #-------------------#
#-------------------# # OPCACHE GUI #
cd /tmp #-------------------#
curl -LO https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php cd /tmp
cp /tmp/index.php /tmp/opcache.php curl -LO https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php
cp -a /tmp/opcache.php /var/www/"$domain"/html cp /tmp/index.php /tmp/opcache.php
cat > /var/www/"$domain"/html/info.php <<- "EOF" cp -a /tmp/opcache.php /var/www/"$domain"/html
<?php cat > /var/www/"$domain"/html/info.php <<- "EOF"
phpinfo(); <?php
?> phpinfo();
?>
EOF EOF