Work_Archive/VPS-scripts_Ubuntu-Web-V1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
Files
5b539a545f7d61520e085c14bfc52298a621b974
VPS-scripts_Ubuntu-Web-V1/installer.sh

322 lines
8.6 KiB
Bash
Raw Blame History

#!/bin/bash
###============================================================
## Ubuntu 18.04 Web Server Installer
###============================================================
## Zet comments hieronder:
#
#
#
##=============================================================
##----------##
# Menu #
##----------##
echo "Ubuntu 18.04 installatie script."
echo "Domein zonder www:"
read domain
while true; do
read -p "bestaat www.${domain} in DNS -> yes/no?" yn
case $yn in
[Yy]* ) domainwww=1
break;;
[Nn]* ) domainwww=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Hostname with ictmaatwerk-cs.nl -> yes/no?" yn
case $yn in
[Nn]* )
echo 'Enter full hostname:'
read hostname
break;;
[Yy]* )
echo 'Hostname (eg: VCH001) zonder ".ictmaatwerk-cs.nl":'
read hostname
hostname=$hostname".ictmaatwerk-cs.nl"
break;;
* )echo "Choose yes or no.";;
esac
done
echo "Algemeen wachtwoord:"
read password
echo "Administrator email:"
read email
echo "Webserver:"
PS3='Keuze:'
options=("Nginx, PHP-FPM" "Apache" "Other" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Nginx, PHP-FPM")
webserv=n
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/NGINX-Installer.sh
break;;
"Apache")
webserv=a
newsql=1
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/Apache-Installer.sh
break;;
"Other")
webserv=o
break;;
"Quit")
exit;;
*) echo "Fout commando $REPLY";;
esac
done
if [ $webserv = o ]; then
PS3='Keuze:'
options=( "Nginx proxy" "Nginx proxy & standalone")
select opt in "${options[@]}"
do
case $opt in
"Nginx proxy")
webserv=np
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxySimple.sh
break;;
"Nginx proxy & standalone")
webserv=nps
script=https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/RevProxyAdvanced.sh
break;;
*) echo "Fout commando $REPLY";;
esac
done
fi
if [ $webserv = n ]; then
while true; do
read -p "Brotli Precompression > yes/no?" yn
case $yn in
[Yy]* ) brotlinginx=1
break;;
[Nn]* ) brotlinginx=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Nextcloud Setup? > yes/no?" yn
case $yn in
[Yy]* ) nextcloud=1
break;;
[Nn]* ) nextcloud=0
break;;
* ) echo "Kies yes of no.";;
esac
done
else
brotlinginx=0
nextcloud=0
fi
while true; do
read -p "Password login uit zetten -> yes/no?" yn
case $yn in
[Yy]* ) sshkey=1
break;;
[Nn]* ) sshkey=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Enable per-domain data user-> yes/no?" yn
case $yn in
[Yy]* ) datauser=1
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-FTP/raw/branch/master/data-user_setup.sh -O /root/data-user_setup.sh
break;;
[Nn]* ) datauser=0
break;;
* ) echo "Choose yes or no.";;
esac
done
while true; do
read -p "Installeer Memcached -> yes/no?" yn
case $yn in
[Yy]* ) memcached=1
break;;
[Nn]* ) memcached=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Installeer Redis Cache -> yes/no?" yn
case $yn in
[Yy]* ) redis=1
break;;
[Nn]* ) redis=0
break;;
* ) echo "Kies yes of no.";;
esac
done
while true; do
read -p "Installeer Wordpress -> yes/no?" yn
case $yn in
[Yy]* ) wordpress=1
break;;
[Nn]* ) wordpress=0
break;;
* ) echo "Kies yes of no.";;
esac
done
##-----------------##
# Static-Vars #
##-----------------##
phpver=7.3
sqlver=8.0 #or 5.7
cockpit=1
PHPMyadmin=1
##----------------##
# Pre-Config #
##----------------##
if [ ! -d ~/.ssh ]
then
mkdir ~/.ssh
fi
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> ~/.ssh/authorized_keys
sed -i '/Port 22/c\Port 4242' /etc/ssh/sshd_config
service sshd restart
echo "root:$password" | chpasswd
cd /tmp
#mv /boot/grub/menu.lst /boot/grub/menu.lst.bck
apt install -y software-properties-common
add-apt-repository -y ppa:certbot/certbot
add-apt-repository -y ppa:ondrej/php
apt update
apt upgrade -y
apt dist-upgrade -y
apt install -y rsync sshpass
apt clean
apt autoremove -y
hostnamectl set-hostname $hostname
sed -i 's/;preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
timedatectl set-timezone Europe/Amsterdam
if free | awk '/^Swap:/ {exit !$2}'; then
echo "swap enabled"
else
fallocate -l 1G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile swap swap defaults 0 0' >> /etc/fstab
fi
sed -i 's/#/vm.swappiness=10/g' /etc/sysctl.conf
sed -i 's/#/vm.vfs_cache_pressure=50/g' /etc/sysctl.conf
sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw
sed -i "\$a0 3 * * 1 root apt update >/dev/null 2>&1&& apt upgrade -y >/dev/null 2>&1" /etc/crontab
systemctl restart cron
ufw allow 443/tcp
ufw allow 80/tcp
ufw limit 4242/tcp
echo "y" | ufw enable
mkdir /root/.ssh
apt install fail2ban -y
##-------------------##
# Install Phase #
##-------------------##
##-----------##
# MySQL #
##-----------##
if [ $newsql = 1 ]; then
wget https://git.ictmaatwerk.com/VPS-scripts/MySQL/raw/branch/master/mysql-${sqlver}.sh -O Mysql-Installer.sh
source Mysql-Installer.sh
fi
##---------------##
# Webserver #
##---------------##
wget $script -O Ubuntu-Web_Installer.sh
source Ubuntu-Web_Installer.sh
ln -s /usr/share/phpmyadmin /var/www/"$domain"/database
##-------------##
# Cockpit #
##-------------##
if [ $cockpit = 1 ]; then
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Cockpit/raw/branch/master/Slave-installer.sh -O Slave-Installer.sh
source Slave-Installer.sh
fi
if [ $sshkey = 1 ]; then
sed -i 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
fi
##---------------##
# Wordpress #
##---------------##
if [ $wordpress = 1 ]; then
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix"
db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzvf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/html
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/WordPress-Bare-Config.php -O /var/www/"$domain"/html/wp-config.php
sed -i -e 's/DBPass/'$db_pass'/' -e 's/DBUser/'$db_user'/' -e 's/DBName/'$db_name'/' -e 's/DOMAINname/'$domain'/' /var/www/"$domain"/html/wp-config.php
printf '%s\n' "g/WPsalty/d" a "$WPSalts" . w | ed -s /var/www/"$domain"/html/wp-config.php
fi
##-------------------##
# Backup Script #
##-------------------##
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Backup/raw/branch/master/install-backup-tools.sh -O /root/install-backup-tools.sh
chmod +x /root/install-backup-tools.sh
##----------------##
# F2B Script #
##----------------##
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/Fail2Ban/setup-fail2banWP.sh -O /root/setup-fail2banWP.sh
chmod +x /root/setup-fail2banWP.sh
echo "Installatie geslaagd!"
##------------##
# Reboot #
##------------##
echo "Reboot in:"
sleep 1
echo 3
sleep 1
echo 2
sleep 1
echo 1
reboot
Reference in New Issue View Git Blame Copy Permalink