###============================================================ ## Ubuntu 18.04 Apache NGINX Reverse Proxy Additional Domain Installer ###============================================================ ## Zet comments hieronder: # # # ##============================================================= ##----------------## # Pre-Config # ##----------------## # Set server IP variable for apache access server_ip=$(hostname -I|cut -f1 -d ' ') # Block direct apache acces ufw deny 8080/tcp ##-----------## # NGINX # ##-----------## cat < /etc/nginx/sites-available/"$domain" server { listen 80; server_name $domain www.$domain; root /var/www/$domain/html; index index.php index.htm index.html; location / { proxy_pass http://$server_ip:8080; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$remote_addr; proxy_set_header Host \$host; } location ~ \.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)(\\n|\?ver=[0-9.])\$ { return 200; } location ~ /\.ht { deny all; } #listen 443 ssl; #ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem; #include /etc/letsencrypt/options-ssl-nginx.conf; #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; } EOF ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/"$domain" ##------------## # Apache # ##------------## cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/"$domain.conf" cat < /etc/apache2/sites-available/"$domain.conf" ServerAdmin $email ServerName $domain ServerAlias www.$domain DocumentRoot /var/www/$domain/html ErrorLog \${APACHE_LOG_DIR}/error.log CustomLog \${APACHE_LOG_DIR}/access.log combined EOF a2ensite "$domain" ##----------------## # PHPMyAdmin # ##----------------## # Redirect phpmyadmin -> database ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/phpmyadmin mv /var/www/"$domain"/html/phpmyadmin /var/www/"$domain"/html/database ##-------------## # Postfix # ##-------------## #debconf-set-selections <<< "postfix postfix/mailname string $domain" #debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" #apt install -y mailutils sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf cat < /etc/aliases # See man 5 aliases for format postmaster: root root: $email EOF newaliases ##-------------## # Netdata # ##-------------## #if [ $netdata = 1 ]; then # apt install -y netdata # sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf # ufw allow 19999/tcp # systemctl stop netdata # systemctl disable netdata #fi ##---------------## # Memcached # ##---------------## #if [ $memcached = 1 ]; then # apt install -y memcached # systemctl stop memcached # systemctl disable memcached #fi ##-----------## # Redis # ##-----------## #if [ $redis = 1 ]; then # apt install -y redis-server # sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf # sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf # sed -i 's/# requirepass foobared/requirepass '$password'/g' /etc/redis/redis.conf # systemctl stop redis # systemctl disable redis #fi ##-------------## # Certbot # ##-------------## #certbot --nginx -d $domain -d www.$domain #sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain" #sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain" #sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain" ##---------------## # Wordpress # ##---------------## if [ $wordpress = 1 ]; then db_suffix=$(ls -l /var/www | grep -c ^d) db_name="wp_$db_suffix" db_user="wp_$db_suffix" db_pass=$(date +%s|sha256sum|base64|head -c 32) mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz tar xzvf /tmp/wp.tar.gz -C /tmp mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php cp -a /tmp/wordpress/. /var/www/"$domain"/html WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -) cat < /var/www/"$domain"/html/wp-config.php array( # '127.0.0.1:11211' # ) #); #define('WP_REDIS_HOST', '127.0.0.1'); #define('WP_REDIS_PASSWORD', '$password'); #define('WP_REDIS_PORT', '6379'); require_once(ABSPATH . 'wp-settings.php'); EOF fi ##-----------------## # Opcache GUI # ##-----------------## wget https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php -O /var/www/"$domain"/html/opcache.php ##--------------## # Info.php # ##--------------## cat > /var/www/"$domain"/html/info.php <<- "EOF"