###============================================================ ## Ubuntu 18.04 Apache NGINX Reverse Proxy Additional Domain Installer ###============================================================ ## Zet comments hieronder: # # # ##============================================================= ##----------## # Menu # ##----------## echo "Domein instellen als NGINX reverse proxy of als NGINX webserver?" PS3='Keuze:' options=("Reverse proxy" "Webserver") select opt in "${options[@]}" do case $opt in "Reverse proxy") domain_setup=1 break;; "Webserver") domain_setup=2 break;; *) echo "Fout commando $REPLY";; esac done ##----------------## # Pre-Config # ##----------------## # Set server IP variable for apache access server_ip=$(hostname -I|cut -f1 -d ' ') ##============## # Apache # ##============## ##-------------------## # Reverse Proxy # ##-------------------## if [ $domain_setup = 1 ]; then cat < /etc/apache2/sites-available/"$domain.conf" ServerName $domain ServerAlias www.$domain DocumentRoot /var/www/$domain/html AllowOverride All EOF a2ensite $domain fi ##===========## # NGINX # ##===========## ##-------------------## # Reverse Proxy # ##-------------------## if [ $domain_setup = 1 ]; then cat < /etc/nginx/sites-available/"$domain" server { listen 80; root /var/www/$domain/html; index index.php index.html index.htm; server_name $domain www.$domain; location / { proxy_pass http://$server_ip:8080; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$remote_addr; proxy_set_header Host \$host; } location ~ \.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)(\\n|\?ver=[0-9.])\$ { return 200; } location ~ /\.ht { deny all; } #listen 443 ssl; #ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem; #include /etc/letsencrypt/options-ssl-nginx.conf; #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; } EOF fi ##---------------## # Webserver # ##---------------## if [ $domain_setup = 2 ]; then cat < /etc/nginx/sites-available/"$domain" server { listen 80 default_server; root /var/www/$domain/html; index index.php index.html index.htm; server_name example.com www.example.com; location / { try_files \$uri \$uri/ /index.php; } location ~ \.php\$ { fastcgi_pass unix:/run/php/php7.2-fpm.sock; include snippets/fastcgi-php.conf; } } EOF fi ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/"$domain" ##===========## # Other # ##===========## ##-------------## # Certbot # ##-------------## #certbot --nginx -d "$domain" -d "www.$domain" #sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain" #sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain" #sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain" ##----------------## # PHPMyAdmin # ##----------------## # Redirect phpmyadmin -> database ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/phpmyadmin mv /var/www/"$domain"/html/phpmyadmin /var/www/"$domain"/html/database ##-------------## # Postfix # ##-------------## #debconf-set-selections <<< "postfix postfix/mailname string $domain" #debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" #apt install -y mailutils sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf cat < /etc/aliases # See man 5 aliases for format postmaster: root root: $email EOF newaliases ##-------------## # Netdata # ##-------------## #if [ $netdata = 1 ]; then #apt install -y netdata #sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf #ufw allow 19999/tcp # systemctl stop netdata # systemctl disable netdata #fi ##---------------## # Memcached # ##---------------## #if [ $memcached = 1 ]; then #apt install -y memcached # systemctl stop memcached # systemctl disable memcached #fi ##-----------## # Redis # ##-----------## #if [ $redis = 1 ]; then #apt install -y redis-server #sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf #sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf #sed -i 's/# requirepass foobared/requirepass '$password'/g' /etc/redis/redis.conf # systemctl stop redis # systemctl disable redis #fi ##---------------## # Wordpress # ##---------------## if [ $wordpress = 1 ]; then db_suffix=$(ls -l /var/www | grep -c ^d) db_name="wp_$db_suffix" db_user="wp_$db_suffix" db_pass=$(date +%s|sha256sum|base64|head -c 32) mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz tar xzvf /tmp/wp.tar.gz -C /tmp mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php cp -a /tmp/wordpress/. /var/www/"$domain"/html WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -) cat < /var/www/"$domain"/html/wp-config.php array( # '127.0.0.1:11211' # ) #); #define('WP_REDIS_HOST', '127.0.0.1'); #define('WP_REDIS_PASSWORD', '$password'); #define('WP_REDIS_PORT', '6379'); require_once(ABSPATH . 'wp-settings.php'); EOF fi ##-----------------## # Opcache GUI # ##-----------------## wget https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php -O /var/www/"$domain"/html/opcache.php ##--------------## # Info.php # ##--------------## cat > /var/www/"$domain"/html/info.php <<- "EOF"