Work_Archive/VPS-scripts_Ubuntu-Web-V1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
Files
035ef6e2d5966cc645e8ab45541bc57f553ec316
VPS-scripts_Ubuntu-Web-V1/installer.sh
bprieshof 035ef6e2d5 Update 'installer.sh'
2019-07-11 14:27:51 +02:00

357 lines
9.3 KiB
Bash
Raw Blame History

#!/bin/bash
###============================================================
## Ubuntu 18.04 Web Server Installer
###============================================================
## Zet comments hieronder:
#
#
#
##=============================================================
##----------##
# Menu #
##----------##
echo "Ubuntu 18.04 installatie script."
echo "Domein zonder www:"
read domain
while true; do
read -p "bestaat www.${domain} in DNS -> yes/no?" yn
case $yn in
[Yy]* ) domainwww=1
break;;
[Nn]* ) domainwww=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Hostname with ictmaatwerk-cs.nl -> yes/no?" yn
case $yn in
[Nn]* )
echo 'Enter full hostname:'
read hostname
break;;
[Yy]* )
echo 'Hostname (eg: VCH001) zonder ".ictmaatwerk-cs.nl":'
read hostname
hostname=$hostname".ictmaatwerk-cs.nl"
break;;
* )echo "Choose yes or no.";;
esac
done
echo "Algemeen wachtwoord:"
read password
echo "Administrator email:"
read email
echo "Webserver:"
PS3='Keuze:'
options=("Nginx, PHP-FPM" "Apache" "Other" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Nginx, PHP-FPM")
webserv=n
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/NGINX-Installer.sh
break;;
"Apache")
webserv=a
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Apache-Installer.sh
break;;
"Other")
webserv=o
break;;
"Quit")
exit;;
*) echo "Fout commando $REPLY";;
esac
done
if [ $webserv = o ]; then
PS3='Keuze:'
options=( "Nginx proxy" "Nginx proxy & standalone")
select opt in "${options[@]}"
do
case $opt in
"Nginx proxy")
webserv=np
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxySimple.sh
break;;
"Nginx proxy & standalone")
webserv=nps
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxyAdvanced.sh
break;;
*) echo "Fout commando $REPLY";;
esac
done
fi
if [ $webserv = n ]; then
while true; do
read -p "Brotli Precompression > yes/no?" yn
case $yn in
[Yy]* ) brotlinginx=1
break;;
[Nn]* ) brotlinginx=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Nextcloud Setup? > yes/no?" yn
case $yn in
[Yy]* ) nextcloud=1
break;;
[Nn]* ) nextcloud=0
break;;
* ) echo "Kies yes of no.";;
esac
done
else
brotlinginx=0
nextcloud=0
fi
while true; do
read -p "Password login uit zetten -> yes/no?" yn
case $yn in
[Yy]* ) sshkey=1
break;;
[Nn]* ) sshkey=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Enable per-domain data user-> yes/no?" yn
case $yn in
[Yy]* ) datauser=1
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-FTP/raw/branch/master/data-user_setup.sh -O /root/data-user_setup.sh
break;;
[Nn]* ) datauser=0
break;;
* ) echo "Choose yes or no.";;
esac
done
while true; do
read -p "Installeer Memcached -> yes/no?" yn
case $yn in
[Yy]* ) memcached=1
break;;
[Nn]* ) memcached=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Installeer Redis Cache -> yes/no?" yn
case $yn in
[Yy]* ) redis=1
break;;
[Nn]* ) redis=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Installeer Wordpress -> yes/no?" yn
case $yn in
[Yy]* ) wordpress=1
break;;
[Nn]* ) wordpress=0
break;;
* ) echo "Kies yes of no.";;
esac
done
##-----------------##
# Static-Vars #
##-----------------##
phpver=7.3
sqlver=5.7 #or 8.0
cockpit=1
##----------------##
# Pre-Config #
##----------------##
if [ ! -d ~/.ssh ]
then
mkdir ~/.ssh
fi
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> ~/.ssh/authorized_keys
echo "root:$password" | chpasswd
cd /tmp
#mv /boot/grub/menu.lst /boot/grub/menu.lst.bck
apt install -y software-properties-common
add-apt-repository -y ppa:certbot/certbot
add-apt-repository -y ppa:ondrej/php
apt update
apt upgrade -y
apt dist-upgrade -y
apt install -y rsync grsync sshpass
apt clean
apt autoremove -y
hostnamectl set-hostname $hostname
sed -i 's/;preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
timedatectl set-timezone Europe/Amsterdam
if free | awk '/^Swap:/ {exit !$2}'; then
echo "swap enabled"
else
fallocate -l 1G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile swap swap defaults 0 0' >> /etc/fstab
fi
sed -i 's/#/vm.swappiness=10/g' /etc/sysctl.conf
sed -i 's/#/vm.vfs_cache_pressure=50/g' /etc/sysctl.conf
sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw
sed -i "\$a0 3 * * 1 root apt update >/dev/null 2>&1&& apt upgrade -y >/dev/null 2>&1" /etc/crontab
systemctl restart cron
ufw allow OpenSSH
ufw allow 443/tcp
ufw allow 80/tcp
ufw limit ssh
echo "y" | ufw enable
mkdir /root/.ssh
apt install fail2ban -y
##-------------------##
# Install Phase #
##-------------------##
##-----------##
# MySQL #
##-----------##
if [ $newsql = 1 ]; then
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/mysql-${sqlver}.sh -O Mysql-Installer.sh
source Mysql-Installer.sh
fi
##---------------##
# Webserver #
##---------------##
wget $script -O Ubuntu-Web_Installer.sh
source Ubuntu-Web_Installer.sh
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database
##-------------##
# Cockpit #
##-------------##
if [ $cockpit = 1 ]; then
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Cockpit/raw/branch/master/Slave-installer.sh -O Slave-Installer.sh
source Slave-Installer.sh
fi
if [ $sshkey = 1 ]; then
sed -i 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
fi
##---------------##
# Wordpress #
##---------------##
if [ $wordpress = 1 ]; then
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzvf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
cat <<EOF > /var/www/"$domain"/html/wp-config.php
<?php
define('DB_NAME', '$db_name');
define('DB_USER', '$db_user');
define('DB_PASSWORD', '$db_pass');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' );
#define( 'WP_HOME', '' );
#define( 'ALTERNATE_WP_CRON', true );
#define('DISABLE_WP_CRON', 'true');
#define('WP_CRON_LOCK_TIMEOUT', 900);
#define('AUTOSAVE_INTERVAL', 300);
define( 'WP_MEMORY_LIMIT', '256M' );
define( 'DISALLOW_FILE_EDIT', true );
#define( 'EMPTY_TRASH_DAYS', 7 );
define( 'NOBLOGREDIRECT', 'https://$domain' );
#define( 'FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
#define( 'FS_CHMOD_FILE', ( 0644 & ~ umask() ) );
#define( 'WP_ALLOW_REPAIR', true );
#define( 'FORCE_SSL_ADMIN', true );
#define( 'AUTOMATIC_UPDATER_DISABLED', true );
#define( 'WP_AUTO_UPDATE_CORE', false );
$WPSalts
#\$table_prefix = '$db_name';
\$table_prefix = 'wp';
define('WP_DEBUG', false);
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
#\$memcached_servers = array(
# 'default' => array(
# '127.0.0.1:11211'
# )
#);
#define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '$password');
#define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php');
EOF
fi
##-------------------##
# Backup Script #
##-------------------##
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Backup/raw/branch/master/install-backup-tools.sh -O /root/install-backup-tools.sh
chmod +x /root/install-backup-tools.sh
##----------------##
# F2B Script #
##----------------##
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/Fail2Ban/setup-fail2banWP.sh -O /root/setup-fail2banWP.sh
chmod +x /root/setup-fail2banWP.sh
echo "Installatie geslaagd!"
##------------##
# Reboot #
##------------##
echo "Reboot in:"
sleep 1
echo 3
sleep 1
echo 2
sleep 1
echo 1
reboot
Reference in New Issue View Git Blame Copy Permalink