Work_Archive/VPS-scripts_Web-V2
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases 11 Wiki Activity

Compare commits

base: Work_Archive:Main-v0.1-Stable
Branches Tags
Work_Archive:main
Work_Archive:Main-V2.1 Work_Archive:Main-V2.0-Stable Work_Archive:Main-v1.2-Stable Work_Archive:Main-v1.1-Stable Work_Archive:Main-v1.0.1-Stable Work_Archive:Main-v1.0.0-Stable Work_Archive:Main-v0.1.1-Stable Work_Archive:Main-v0.1-Stable Work_Archive:Core-v1.2-Stable Work_Archive:Core-v1.1-Stable Work_Archive:Core-v1-Stable
..
compare: Work_Archive:Main-v1.2-Stable
Branches Tags
Work_Archive:main
Work_Archive:Main-V2.1 Work_Archive:Main-V2.0-Stable Work_Archive:Main-v1.2-Stable Work_Archive:Main-v1.1-Stable Work_Archive:Main-v1.0.1-Stable Work_Archive:Main-v1.0.0-Stable Work_Archive:Main-v0.1.1-Stable Work_Archive:Main-v0.1-Stable Work_Archive:Core-v1.2-Stable Work_Archive:Core-v1.1-Stable Work_Archive:Core-v1-Stable

105 Commits
Main-v0.1- ... Main-v1.2-

Author SHA1 Message Date
Bram Prieshof
8cafe06982 Reset branch in installer after merge 2020-12-18 15:31:36 +01:00
Bram Prieshof
eee605d34d Merge pull request 'PHP 8 intergration readiness' (#11) from PHP8-Testing into master 
Reviewed-on: https://git.ictmaatwerk.com/VPS-scripts/Web-V2/pulls/11
 2020-12-18 15:30:17 +01:00
Bram Prieshof
22ca4d3464 updated phpupdater for apache 2020-12-18 14:35:13 +01:00
Bram Prieshof
d889f248e6 Prepared php updater for EL 2020-12-17 15:14:18 +01:00
Bram Prieshof
9115a36148 fixed oopsie 2020-12-16 14:35:54 +01:00
Bram Prieshof
a24e075714 Fixed typo, after inital update for php module 
Fixes: #10
 2020-12-16 14:27:31 +01:00
Bram Prieshof
c5d70cc455 Updated php module to support mutiple php versions 2020-12-16 13:25:11 +01:00
Bram Prieshof
e570e4b88c Added tmp folder to php basedir's 2020-12-16 10:52:41 +01:00
Bram Prieshof
1f006a056c Set branch in installer to master after merge from centos-testing 2020-12-10 14:40:37 +01:00
Bram Prieshof
2501e3ff3d Merge 'Centos Testing' to 'master' 2020-12-10 14:39:15 +01:00
Bram Prieshof
a87850f6d0 Fixed nginx-nonPHP CMS 2020-12-10 13:45:20 +01:00
Bram Prieshof
ba80b923d0 Added nano to pkg list 2020-12-10 13:09:49 +01:00
Bram Prieshof
74d76cdf15 Fixed use of incorect var for OS detection 2020-12-10 11:30:08 +01:00
Bram Prieshof
9e9211c475 Fixed Fail2Ban for centos 2020-12-09 21:35:01 +01:00
Bram Prieshof
d6cebfefb2 Fixed oopsie 2020-12-09 18:35:17 +01:00
Bram Prieshof
2170468a30 Fixed accidentally removed linux for F2B centos 2020-12-09 18:35:03 +01:00
Bram Prieshof
377c3e6e50 Added bugfix to apache for centos 2020-12-09 18:04:48 +01:00
Bram Prieshof
92b487345e Cleanup apache 2020-12-09 17:26:38 +01:00
Bram Prieshof
fe742ec534 Fixed oopsie 2020-12-09 15:29:02 +01:00
Bram Prieshof
95f2a19422 Updated apache module to use vars 2020-12-09 15:13:23 +01:00
Bram Prieshof
2a6de08f75 Fixed fail2ban and replaced cent8 with el8 2020-12-09 13:29:25 +01:00
Bram Prieshof
b112be5aeb Added tar to Installer-Requirements 2020-12-09 12:21:17 +01:00
Bram Prieshof
7e65bec375 new pkgmanager var also added to installer 2020-12-09 11:33:42 +01:00
Bram Prieshof
1e09184895 Added more vars for pkgmanager 
PKGUC: Clear and update repo cache
PKGUP: Running updates
 2020-12-09 11:32:45 +01:00
Bram Prieshof
3179abbb6c Fixed backend uploads 2020-12-04 19:04:27 +01:00
Bram Prieshof
74f12decdf Adapted nextcloud init to support redis on Centos 2020-12-04 18:13:30 +01:00
Bram Prieshof
bcb714db44 added bzip2 for nextcloud 2020-12-04 17:38:00 +01:00
Bram Prieshof
93184de8eb Fixed oopsie in Selinux webdir 2020-12-04 17:22:53 +01:00
Bram Prieshof
06a7814d98 Updated SeLinux for web folder once again 2020-12-04 17:04:53 +01:00
Bram Prieshof
aebf9c97e4 Fixed oopsie 2020-12-04 16:05:19 +01:00
Bram Prieshof
f3b2d3cfb5 updated wp init script 
Replaced wp with /usr/local/bin/wp,
because centos sudo failed to detect wp command
 2020-12-04 15:56:05 +01:00
Bram Prieshof
38d7b021de Fixed php pkg list and SeLinux 2020-12-04 15:52:41 +01:00
Bram Prieshof
ae6a1f7433 Updated nextcloud pkg list 2020-12-04 14:10:21 +01:00
Bram Prieshof
752f777697 Fixed oopsie 2020-12-04 13:54:58 +01:00
Bram Prieshof
bc511b4c73 Updated password generator for mysql db creation 2020-12-04 12:53:04 +01:00
Bram Prieshof
574e61b085 Updated Redis module for Centos compatibility 2020-12-04 11:10:57 +01:00
Bram Prieshof
be8d75bcab Replaced references php With vars 
Done because differences between distros is quite big,
and this was the beter solution then using alot of if statements

List of changes:
* Replaced service names php"$phpver"-fpm with $phpFPMService
* Replaced PHPver in package list with phpPkgName
* Replaced full php config path with $phpMainConf
* Replaced php pool path with $phpPoolDir
 2020-12-03 17:10:47 +01:00
Bram Prieshof
7fb0470f44 Made motd msg work in Centos, 
updated motd display to first check if file exists
 2020-12-03 14:07:35 +01:00
Bram Prieshof
eb83d11538 Fixed Selinx www folder 2020-12-03 13:36:55 +01:00
Bram Prieshof
18439cc934 Fixed non starting services 2020-12-03 13:12:12 +01:00
Bram Prieshof
17353040b6 Fixed typo 2020-12-03 12:26:40 +01:00
Bram Prieshof
c49a284e5e Fixed ufw no starting on boot 2020-12-03 12:05:37 +01:00
Bram Prieshof
a9f57d3513 Fixed UFW defaults for Centos 
Fixed selinux ssh port
 2020-12-03 11:28:41 +01:00
Bram Prieshof
859033a213 Fixed nginx pkg list for CentOS 2020-12-02 15:59:34 +01:00
Bram Prieshof
2cbaa6ce86 Fixed incorect Variable generic preconf 2020-12-02 15:53:15 +01:00
Bram Prieshof
f51b50debb added debug msg to preconfig 2020-12-02 15:25:45 +01:00
Bram Prieshof
061d97d5a0 Initial centos test/modifications 2020-12-02 14:54:22 +01:00
Bram Prieshof
d7fcf5e55c Update 'Scripts/SMI.sh' 2020-12-02 13:42:23 +01:00
Bram Prieshof
59a256c590 Fixed bug in "Set sitename" y/n question 2020-11-27 12:47:33 +01:00
Bram Prieshof
c3839afdc4 Set keyboard layout to us + Added bash-completion 2020-11-27 12:31:19 +01:00
Bram Prieshof
38b1e8560f Enabled Debian 10 for validation and testing 2020-11-26 15:13:11 +01:00
Bram Prieshof
4c25b3456f Added Apend scripts to documentation 2020-11-26 14:21:45 +01:00
Bram Prieshof
18ea88f6dc Added cron to pkg list 2020-11-26 13:48:58 +01:00
Bram Prieshof
3c7683684a update Wordpress salt use printf instead of ed 2020-11-25 15:46:00 +01:00
Bram Prieshof
0ab3c8bc44 added sudo to main PKG list 2020-11-25 14:33:57 +01:00
Bram Prieshof
64ce1701be Enabled Ubuntu 20.04 for validation and testing 2020-10-28 11:56:09 +01:00
Bram Prieshof
aeb20247ab Migrated to VPS-scripts 2020-10-16 10:30:29 +02:00
Bram Prieshof
be2cf222d9 fixed apache output 2020-10-15 14:29:21 +02:00
Bram Prieshof
8eb67bb10f Fixed CMS motd 2020-10-15 13:33:14 +02:00
Bram Prieshof
8ad35db685 updated postfix module and fixed CMS motd 2020-10-15 12:20:23 +02:00
Bram Prieshof
b475a7f365 Seperated Postfix into submodule 2020-10-14 15:04:50 +02:00
Bram Prieshof
0cb3113ede Output cleanup for whiptail 2020-10-09 15:09:58 +02:00
Bram Prieshof
abe8aefb10 Fixed oopsie 2020-10-09 14:19:02 +02:00
Bram Prieshof
de53e32441 fixed missing www Question whiptail menu 2020-10-09 14:15:43 +02:00
Bram Prieshof
79916b0fce fixed oopsie 2020-10-09 13:40:25 +02:00
Bram Prieshof
39510bbd1f Output cleanup normal and bug fixes 2020-10-09 12:18:48 +02:00
Bram Prieshof
976fcdf83d Ssl scipt only when ssl failed +cleanup ssl script 2020-10-08 14:24:21 +02:00
Bram Prieshof
a7cef49e4b Cleanup after failed ssl request 2020-10-08 14:19:52 +02:00
Bram Prieshof
89456991df Added failed-ssl fallback 2020-10-08 12:39:19 +02:00
Bram Prieshof
921cf142b8 Updated To-Do 2020-10-07 12:06:21 +02:00
Bram Prieshof
a9e25cbe40 Fixed enableSSL 2020-10-02 17:12:38 +02:00
Bram Prieshof
6550adcdec Allowed +1 occurrence in most sed commands 2020-10-02 16:28:34 +02:00
Bram Prieshof
a512a0bc5f Include ACME.sh Module 2020-10-02 14:49:22 +02:00
Bram Prieshof
1d7bc1e387 Replaced certbot with ACME.sh 2020-10-02 14:35:54 +02:00
b.waal
f3701924f0 Prepared for ACME.sh 2020-10-02 14:18:14 +02:00
b.waal
6d9faf6ecd Prepared for ACME.sh 2020-10-02 14:18:11 +02:00
b.waal
1c4ad0880e Prepared for ACME.sh 2020-10-02 14:18:08 +02:00
b.waal
ed4e0b51e9 Prepared for ACME.sh 2020-10-02 14:18:03 +02:00
b.waal
7d00f38378 Prepared for ACME.sh 2020-10-02 14:18:00 +02:00
b.waal
208df41550 Prepared for ACME.sh 2020-10-02 14:17:57 +02:00
b.waal
0d8cd7c98c Update 'Scripts/SMI.sh' 2020-10-02 11:18:20 +02:00
b.waal
250f731215 Update 'README.md' 2020-10-02 11:13:15 +02:00
b.waal
29e78ceacb Whiptail alignment 2020-10-02 11:12:27 +02:00
Bram Prieshof
6fd151096a Replaced wget in favor of curl 2020-10-01 12:04:06 +02:00
Bram Prieshof
4642319096 Init intergation of multi OS support, updated docs 2020-09-30 15:43:43 +02:00
Bram Prieshof
531088000a added wget as requirement 2020-09-25 14:29:10 +02:00
Bram Prieshof
2af62be7e1 Update 'CMS/wordpress/wordpress-init.sh' 2020-09-25 14:00:43 +02:00
Bram Prieshof
a154d5a3d5 Update 'CMS/wordpress/wordpress-init.sh' 2020-09-25 13:03:20 +02:00
Bram Prieshof
98f511d504 updated SMI 2020-09-25 11:03:55 +02:00
Bram Prieshof
89d974c6fd Set os specific pkg lists 2020-09-25 10:56:01 +02:00
Bram Prieshof
a4815095b7 Migration form apt.list to generic.pkg.list 2020-09-25 10:37:00 +02:00
Bram Prieshof
1599216685 Fixed output of new repo scipt 2020-09-24 13:01:29 +02:00
Bram Prieshof
84faba5a9f fixed oopsie 2020-09-24 12:51:34 +02:00
Bram Prieshof
9e9487c597 Updated methode of adding repo's 2020-09-24 12:13:05 +02:00
Bram Prieshof
adbb03e62f fixed typo apache config-script 2020-09-11 14:10:47 +02:00
Bram Prieshof
03773054de added php update tool for apache 2020-09-11 13:54:08 +02:00
Bram Prieshof
0b11896d0b fixed typo 2020-09-11 13:39:22 +02:00
Bram Prieshof
bf2368a7f3 Fixed oopsie 2020-09-11 13:27:32 +02:00
Bram Prieshof
52906fea36 added database redir from frond-end (apache) 2020-09-10 15:34:47 +02:00
Bram Prieshof
0b643f9e62 Update 'TO-DO_Wanted-Features.md' 2020-09-10 15:28:25 +02:00
Bram Prieshof
653548ee5e added database redir from frond-end 2020-09-10 14:39:45 +02:00
Bram Prieshof
c784751332 moved phpPHPver-apcu to general php 2020-09-10 13:37:47 +02:00
Bram Prieshof
031d3c705b moved phpPHPver-apcu to general php 2020-09-10 13:36:28 +02:00
Bram Prieshof
c8b4c7fc18 Added branchtype to allow for tags 2020-09-09 14:22:15 +02:00
Bram Prieshof
7d4eb9d953 Updating TO-DO lists 2020-09-04 16:20:48 +02:00
110 changed files with 1242 additions and 541 deletions
Expand all files Collapse all files

95
AppendCMS.sh
View File

@@ -4,11 +4,19 @@
if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi
source /etc/ICTM/selopts.list source /etc/ICTM/selopts.list
source /etc/ICTM/mainvar.list source /etc/ICTM/mainvar.list
rm /tmp/apt.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/ModulesMenu.list) if [ $webserv != nginx_nonphp ]; then
if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi
source /etc/ICTM/phpvar.list
fi
if [ $webserv = apache ]; then
if [ ! -f "/etc/ICTM/apachevar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GenerateApacheList.sh) ; fi
source /etc/ICTM/apachevar.list
fi
rm /tmp/pkg.list > $OUTPUT 2>&1
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list)
#Setting Menulist to webserver #Setting Menulist to webserver
declare -n CMSL="$webserv"CMSL declare -n CMSL="$webserv"CMSL
@@ -109,8 +117,8 @@ if [ $IMODE = l ]; then
done done
read -p "Set sitename to ${domain//./_}? (y/n)" choice read -p "Set sitename to ${domain//./_}? (y/n)" choice
case "$choice" in case "$choice" in
y|Y ) sitename=${domain//./_};; y*|Y* ) sitename=${domain//./_};;
n|N ) echo ""; n*|N* ) echo "";
while true; do while true; do
echo "Please enter sitename, Must NOT contain special characters, except: _";read sitename echo "Please enter sitename, Must NOT contain special characters, except: _";read sitename
if [[ $sitename == *['!'@#\$%^\&*()+,.]* ]] || [ -z "$sitename" ] if [[ $sitename == *['!'@#\$%^\&*()+,.]* ]] || [ -z "$sitename" ]
@@ -152,15 +160,24 @@ CMS="${CMS//:}" && CMS="${CMS,,}"
##-----------## ##-----------##
# AptList # # AptList #
##-----------## ##-----------##
msg " Generating apt list for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/apt.list >>/tmp/apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/generic.pkg.list; then
curl "$repo"/raw/branch/"$branch"/CMS/"$CMS"/apt.list >>/tmp/apt.list curl -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$PKGLIST".pkg.list; then
curl -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-generic.pkg.list; then
curl "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-apt.list >>/tmp/apt.list curl -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-"$PKGLIST".pkg.list; then
curl -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi fi
@@ -169,17 +186,17 @@ fi
##-----------## ##-----------##
msg " Running preconf for Webserv" msg " Running preconf for Webserv"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/appendCMS-preconf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/appendCMS-preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/appendCMS-preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/appendCMS-preconf.sh)
fi fi
msg " Running preconf for CMS" msg " Running preconf for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/preconf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/preconf.sh)
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh)
fi fi
@@ -187,9 +204,9 @@ fi
# Installer # # Installer #
##-------------## ##-------------##
$PKGM update $PKGUC
sed -i 's/PHPver/'$phpver'/g' /tmp/apt.list sed -i 's/PHPprefix/'$phpPkgName'/g' /tmp/pkg.list
cat /tmp/apt.list | xargs $PKGI cat /tmp/pkg.list | xargs $PKGI
##---------------## ##---------------##
@@ -197,8 +214,8 @@ cat /tmp/apt.list | xargs $PKGI
##---------------## ##---------------##
msg " Running conf for Webserv" msg " Running conf for Webserv"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/appendCMS-conf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/appendCMS-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/appendCMS-conf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/appendCMS-conf.sh)
fi fi
if [ $sslenable = 1 ]; then if [ $sslenable = 1 ]; then
@@ -210,26 +227,38 @@ msg " Setting up SSL"
fi fi
site_ext=ssl site_ext=ssl
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
certbot --"$certwebserv" certonly -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --issue --"$certwebserv" --ocsp --keylength 'ec-384' -d "$domain" -d "www.$domain" > $OUTPUT 2>&1
certsatus=$?
elif [ $domainwww = 0 ]; then elif [ $domainwww = 0 ]; then
certbot --"$certwebserv" certonly -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --issue --"$certwebserv" --ocsp --keylength 'ec-384' -d "$domain" > $OUTPUT 2>&1
certsatus=$?
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then if test $certsatus -eq 0
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh) then
site_ext="ssl"
else
site_ext="nossl"
rm -rf /etc/acmesh/certs/$domain*
fi
unset certsatus
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh)
fi fi
elif [ $sslenable = 0 ]; then elif [ $sslenable = 0 ]; then
site_ext=nossl site_ext=nossl
fi fi
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/EnableSSL.sh -O ~/activateSSL-$domain.sh if [ $site_ext = nossl ]; then
sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-$domain.sh
sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh
fi
msg " Running conf for CMS" msg " Running conf for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/conf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/conf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/conf.sh)
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh)
fi fi
##--------------------------## ##--------------------------##
@@ -253,4 +282,4 @@ systemctl reload fail2ban
##-------## ##-------##
msg " Added CMS!" msg " Added CMS!"
for f in /etc/update-motd.d/51*; do bash $f; done if stat --printf='' /etc/update-motd.d/51* 2>/dev/null; then for f in /etc/update-motd.d/51*; do bash $f; done; fi

91
AppendModule.sh
View File

@@ -4,15 +4,23 @@
if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi
##-----------------## ##-----------------##
# Fetching Vars # # Fetching Vars #
##-----------------## ##-----------------##
source /etc/ICTM/selopts.list source /etc/ICTM/selopts.list
source /etc/ICTM/mainvar.list source /etc/ICTM/mainvar.list
rm /tmp/apt.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/ModulesMenu.list) if [ $webserv != nginx_nonphp ]; then
if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi
source /etc/ICTM/phpvar.list
fi
if [ $webserv = apache ]; then
if [ ! -f "/etc/ICTM/apachevar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GenerateApacheList.sh) ; fi
source /etc/ICTM/apachevar.list
fi
rm /tmp/pkg.list
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list)
#Setting Menulist to webserver #Setting Menulist to webserver
declare -n CMSL="$webserv"CMSL declare -n CMSL="$webserv"CMSL
@@ -85,7 +93,7 @@ fi
if [ $IMODE = n ]; then if [ $IMODE = n ]; then
PasswordQuest PasswordQuest
option=$(whiptail --title "Title" --checklist "Features" 11 110 5 "${options[@]}" 3>&1 1>&2 2>&3) option=$(whiptail --title "Config" --checklist "Features" 11 110 5 "${options[@]}" 3>&1 1>&2 2>&3)
[[ "$?" = 1 ]] && msg " Quiting installer" 8 78 && exit; [[ "$?" = 1 ]] && msg " Quiting installer" 8 78 && exit;
fi fi
@@ -150,29 +158,44 @@ option="$option""$aonoption"
msg " Generating apt list for Options" msg " Generating apt list for Options"
for val1 in ${option[*]}; do for val1 in ${option[*]}; do
echo "$val1" #TMP modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1")
modListed=$(wget -t7 -qO - "$repo"/raw/branch/master/extModules.list|grep "$val1")
#Checking #Checking
if test -z "$modListed" if test -z "$modListed"
then then
#Fetching from local repo #Fetching from local repo
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/generic.pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/apt.list >>/tmp/apt.list curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-generic.pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-apt.list >>/tmp/apt.list curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$PKGLIST".pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-"$PKGLIST".pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi fi
else else
#Fetching from remote repo #Fetching from remote repo
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"generic.pkg.list; then
curl --retry 7 --retry-delay 5 -s "$modListed"apt.list >>/tmp/apt.list curl --retry 7 --retry-delay 5 -s "$modListed"generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed""$webserv"-apt.list; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed""$webserv"-generic.pkg.list; then
curl "$modListed""$webserv"-apt.list >>/tmp/apt.list curl "$modListed""$webserv"-generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/apt.list printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed""$PKGLIST".pkg.list; then
curl --retry 7 --retry-delay 5 -s "$modListed""$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed""$webserv"-"$PKGLIST".pkg.list; then
curl "$modListed""$webserv"-"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi fi
fi fi
done done
@@ -184,17 +207,17 @@ done
msg " Running preconf for Options" msg " Running preconf for Options"
for val1 in ${option[*]}; do for val1 in ${option[*]}; do
echo "$val1" #TMP msg "Pre-configuring $val1"
modListed=$(wget -t7 -qO - "$repo"/raw/branch/master/extModules.list|grep "$val1") modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1")
#Checking #Checking
if test -z "$modListed" if test -z "$modListed"
then then
#Fetching from local repo #Fetching from local repo
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/preconf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/preconf.sh)
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh)
fi fi
else else
#Fetching from remote repo #Fetching from remote repo
@@ -212,9 +235,9 @@ done
# Installer # # Installer #
##-------------## ##-------------##
$PKGM update $PKGUC
sed -i 's/PHPver/'$phpver'/g' /tmp/apt.list sed -i 's/PHPprefix/'$phpPkgName'/g' /tmp/pkg.list
cat /tmp/apt.list | xargs $PKGI cat /tmp/pkg.list | xargs $PKGI
##---------------## ##---------------##
@@ -223,17 +246,17 @@ cat /tmp/apt.list | xargs $PKGI
msg " Running conf for Options" msg " Running conf for Options"
for val1 in ${option[*]}; do for val1 in ${option[*]}; do
echo "$val1" #TMP msg "Configuring $val1"
modListed=$(wget -t7 -qO - "$repo"/raw/branch/master/extModules.list|grep "$val1") modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1")
#Checking #Checking
if test -z "$modListed" if test -z "$modListed"
then then
#Fetching from local repo #Fetching from local repo
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/conf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/conf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/conf.sh)
fi fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh; then if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh)
fi fi
else else
#Fetching from remote repo #Fetching from remote repo
@@ -252,4 +275,4 @@ done
##-------## ##-------##
msg " Added Module!" msg " Added Module!"
for f in /etc/update-motd.d/51*; do bash $f; done if stat --printf='' /etc/update-motd.d/51* 2>/dev/null; then for f in /etc/update-motd.d/51*; do bash $f; done; fi

4
CMS/Backend/Fpm-Pool.conf-unconfigured
View File

@@ -12,8 +12,8 @@ php_admin_value[post_max_size] = 16M
php_admin_value[max_input_time] = 15 php_admin_value[max_input_time] = 15
php_admin_value[cgi.fix_pathinfo] = 0 php_admin_value[cgi.fix_pathinfo] = 0
php_admin_value[allow_url_fopen] = Off php_admin_value[allow_url_fopen] = Off
php_admin_value[file_uploads] = Off php_admin_value[file_uploads] = On
php_admin_value[open_basedir] = /var/log/PhpMyAdmin:/usr/share/phpmyadmin:/var/lib/phpmyadmin:/etc/phpmyadmin php_admin_value[open_basedir] = /var/log/PhpMyAdmin:/usr/share/phpmyadmin:/var/lib/phpmyadmin:/etc/phpmyadmin:/tmp
php_admin_value[session.use_strict_mode] = 1 php_admin_value[session.use_strict_mode] = 1
php_admin_value[session.cookie_httponly] = 1 php_admin_value[session.cookie_httponly] = 1
;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict ;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict

8
CMS/Backend/apache-conf.sh
View File

@@ -1,4 +1,4 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/Backend/apache-siteBackend-unconfigured -O /tmp/apache-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/Backend/apache-siteBackend-unconfigured -o /tmp/apache-siteconf
sed -i -e 's/PHPver/'$phpver'/' -e 's/DOMAINname/'$hostname'/' /tmp/apache-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$hostname'/g' /tmp/apache-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' /etc/apache2/sites-available/Backend_"$site_ext".conf sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' "$apacheConfDir"/sites-available/Backend_"$siteBackend_ext".conf
systemctl reload apache2 systemctl reload $apacheService

6
CMS/Backend/conf.sh
View File

@@ -1,6 +1,6 @@
#Backend PHP Pool #Backend PHP Pool
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/Backend/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/Backend.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/Backend/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/Backend.conf
sed -i 's/PHPver/'$phpver'/' /etc/php/"$phpver"/fpm/pool.d/Backend.conf sed -i 's/PHPver/'$phpver'/' "$phpPoolDir"/Backend.conf
groupadd Backend groupadd Backend
useradd -g Backend Backend useradd -g Backend Backend
#PHPMyAdmin configuration #PHPMyAdmin configuration
@@ -8,7 +8,7 @@ touch /var/log/PhpMyAdmin/PhpMyAdmin_auth.log
chown Backend:Backend -R /usr/share/phpmyadmin chown Backend:Backend -R /usr/share/phpmyadmin
chown Backend:Backend -R /var/lib/phpmyadmin/tmp chown Backend:Backend -R /var/lib/phpmyadmin/tmp
chown Backend:Backend -R /var/log/PhpMyAdmin chown Backend:Backend -R /var/log/PhpMyAdmin
systemctl reload php"$phpver"-fpm systemctl reload "$phpFPMService"
#Auto disable backends at night #Auto disable backends at night
echo "0 0 * * * root bash /opt/toggle/toggle-Netdata.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend echo "0 0 * * * root bash /opt/toggle/toggle-Netdata.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend
echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend

6
CMS/Backend/nginx-conf.sh
View File

@@ -1,4 +1,4 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/Backend/nginx-siteBackend-unconfigured -O /tmp/nginx-backendconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/Backend/nginx-siteBackend-unconfigured -o /tmp/nginx-backendconf
sed -i -e 's/PHPver/'$phpver'/' -e 's/DOMAINname/'$hostname'/' /tmp/nginx-backendconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$hostname'/g' /tmp/nginx-backendconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-backendconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/Backend_"$site_ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-backendconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/Backend_"$siteBackend_ext"
systemctl reload nginx systemctl reload nginx

2
CMS/nextcloud/Fpm-Pool.conf-unconfigured
View File

@@ -4,7 +4,7 @@ group = SITEname
listen = /var/run/php/phpPHPver-fpm-SITEname.sock listen = /var/run/php/phpPHPver-fpm-SITEname.sock
listen.owner = www-data listen.owner = www-data
listen.group = www-data listen.group = www-data
php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[disable_functions] = exec,passthru,system
php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log
; OPCACHE SETTINGS ; OPCACHE SETTINGS
php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.memory_consumption] = 256

12
CMS/nextcloud/apache-conf.sh
View File

@@ -1,11 +1,11 @@
#Apache #Apache
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/Apache-unconfigured -O /tmp/apache-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/Apache-unconfigured -o /tmp/apache-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/apache-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/apache-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' /etc/apache2/sites-available/"$sitename"_"$site_ext".conf sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' "$apacheConfDir"/sites-available/"$sitename"_"$site_ext".conf
chown "$sitename":"$sitename" -R /var/www/"$domain"/html chown "$sitename":"$sitename" -R /var/www/"$domain"/html
#PHP #PHP
sed -i -e '/cgi.fix_pathinfo/c\php_admin_value[cgi.fix_pathinfo] = 1' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf sed -i -e '/cgi.fix_pathinfo/c\php_admin_value[cgi.fix_pathinfo] = 1' "$phpPoolDir"/$sitename.conf
sed -i -e '/security.limit_extensions/c\php_admin_value[security.limit_extensions] = .php' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf sed -i -e '/security.limit_extensions/c\php_admin_value[security.limit_extensions] = .php' "$phpPoolDir"/$sitename.conf
systemctl reload apache2 php$phpver-fpm systemctl reload $apacheService $phpFPMService

1
CMS/nextcloud/apt.list
View File

@@ -1 +0,0 @@
libmagickcore-6.q16-3-extra libxml2 openssl zlib1g libpng-dev phpPHPver-apcu phpPHPver-bcmath phpPHPver-gmp

1
CMS/nextcloud/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
libmagickcore-6.q16-3-extra zlib1g libpng-dev

39
CMS/nextcloud/conf.sh
View File

@@ -1,21 +1,21 @@
#PHP Pool #PHP Pool
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf
sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf
groupadd "$sitename" groupadd "$sitename"
useradd -g "$sitename" "$sitename" useradd -g "$sitename" "$sitename"
mkdir -p /var/www/"$domain"/html/data mkdir -p /var/www/"$domain"/html/data
#Getting Nextcloud #Getting Nextcloud
wget -t7 http://mirror.nxdi.nl/resources/nextcloud/latest.tar.bz2 -O /tmp/nextcloud.tar.bz2 curl --retry 7 --retry-delay 5 -s http://mirror.nxdi.nl/resources/nextcloud/latest.tar.bz2 -o /tmp/nextcloud.tar.bz2
tar jxf /tmp/nextcloud.tar.bz2 -C /tmp tar jxf /tmp/nextcloud.tar.bz2 -C /tmp
cp -a /tmp/nextcloud/. /var/www/"$domain"/html cp -a /tmp/nextcloud/. /var/www/"$domain"/html
touch /var/www/"$domain"/html/data/nextcloud.log touch /var/www/"$domain"/html/data/nextcloud.log > $OUTPUT 2>&1
#Creating DB #Creating DB
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="nextcloud_$db_suffix" db_name="nextcloud_$db_suffix"
db_user="nextcloud_$db_suffix" db_user="nextcloud_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32) db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' </dev/urandom | head -c 30 ; echo)
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" > $OUTPUT 2>&1 mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" > $OUTPUT 2>&1 mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';" > $OUTPUT 2>&1 mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';" > $OUTPUT 2>&1
@@ -29,30 +29,33 @@ cat <<EOF > /var/www/$domain/html/config/autoconfig.php
"dbname" => "${db_name}", "dbname" => "${db_name}",
"dbuser" => "${db_user}", "dbuser" => "${db_user}",
"dbpass" => "${db_pass}", "dbpass" => "${db_pass}",
"dbhost" => "localhost", "dbhost" => "127.0.0.1",
"dbtableprefix" => "", "dbtableprefix" => "",
"simpleSignUpLink.shown" => false, "simpleSignUpLink.shown" => false,
"directory" => "/var/www/$domain/html/data", "directory" => "/var/www/$domain/html/data",
); );
EOF EOF
#Setting Permsissions
chown "$sitename":"$sitename" -R /var/www/"$domain"/html chown "$sitename":"$sitename" -R /var/www/"$domain"/html
if [ "$shortdist" = "el8" ]; then
#Setting SeLiux perms for centos
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
restorecon -vr /var/www/ > $OUTPUT 2>&1
fi
#Makeing nextcloud Finalize script and setting login Notice #Makeing nextcloud Finalize script and setting login Notice
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/nextcloud-init.sh -O ~/NextcloudInit-"$sitename".sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/nextcloud-init.sh -o ~/NextcloudInit-"$sitename".sh
sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' ~/NextcloudInit-"$sitename".sh sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' ~/NextcloudInit-"$sitename".sh
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/MotdNextCloud -O /etc/update-motd.d/51-nextnotice curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/MotdNextCloud -o /etc/update-motd.d/51-nextnotice-"${sitename//_}"
sed -i -e 's/SITEname/'$sitename'/' /etc/update-motd.d/51-nextnotice sed -i -e 's/SITEname/'$sitename'/' /etc/update-motd.d/51-nextnotice-"${sitename//_}"
chmod +x /etc/update-motd.d/51-nextnotice chmod +x /etc/update-motd.d/51-nextnotice-"${sitename//_}"
#Nextcloud logging location
mkdir /var/log/nextcloud
chmod 774 -R /var/log/nextcloud
ln -s /var/www/"$domain"/html/data/nextcloud.log /var/log/nextcloud/"$sitename"
#fail2ban #fail2ban
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Jails/nextcloud_unconfigured -O /etc/fail2ban/jail.d/"$sitename"-nextcloud.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Jails/nextcloud_unconfigured -o /etc/fail2ban/jail.d/"$sitename"-nextcloud.local
sed -i 's/SITEname/'$sitename'/' /etc/fail2ban/jail.d/"$sitename"-nextcloud.local sed -i 's/DOMain/'$domain'/' /etc/fail2ban/jail.d/"$sitename"-nextcloud.local
systemctl reload php"$phpver"-fpm systemctl reload "$phpFPMService"

1
CMS/nextcloud/dnf.pkg.list Normal file
View File

@@ -0,0 +1 @@
ImageMagick-libs zlib libpng

1
CMS/nextcloud/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
libxml2 openssl PHPprefix-bcmath PHPprefix-gmp bzip2

7
CMS/nextcloud/nextcloud-init.sh
View File

@@ -7,17 +7,18 @@ sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_loca
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set skeletondirectory --value= sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set skeletondirectory --value=
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.local --value='\OC\Memcache\APCu' sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.local --value='\OC\Memcache\APCu'
if [ "$(systemctl is-active redis-server)" = "active" ]; then if [ "$(systemctl is-active redis-server)" = "active" ] || [ "$(systemctl is-active redis)" = "active" ]; then
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.distributed --value='\OC\Memcache\Redis' sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.distributed --value='\OC\Memcache\Redis'
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.locking --value='\OC\Memcache\Redis' sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.locking --value='\OC\Memcache\Redis'
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis host --value=localhost sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis host --value=localhost
sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis port --value=6379 sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis port --value=6379
else else
echo "Redis not installed or running on this system" echo "Redis running on this system"
fi fi
echo "*/5 * * * * SITEname php -f /var/www/DOMAINname/html/cron.php > /dev/null 2>&1" >> /etc/crontab echo "*/5 * * * * SITEname php -f /var/www/DOMAINname/html/cron.php > /dev/null 2>&1" >> /etc/crontab
rm -f /etc/update-motd.d/51-nextnotice sn2=SITEname
rm -f /etc/update-motd.d/51-nextnotice-${sn2//_}
#Remove script #Remove script
while true; do while true; do

6
CMS/nextcloud/nginx-conf.sh
View File

@@ -1,10 +1,10 @@
#Nextcloud major release version #Nextcloud major release version
#Configuring nginx #Configuring nginx
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/Nginx-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/Nginx-unconfigured -o /tmp/nginx-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext"
if [ $sslenable = 0 ]; then if [ $site_ext = nossl ]; then
sed -i -e '/fastcgi_param HTTPS/c\# fastcgi_param HTTPS' /etc/nginx/sites-available/"$sitename"_nossl sed -i -e '/fastcgi_param HTTPS/c\# fastcgi_param HTTPS' /etc/nginx/sites-available/"$sitename"_nossl
fi fi

1
CMS/none/Apache-unconfigured
View File

@@ -6,6 +6,7 @@ ErrorLog ${APACHE_LOG_DIR}/SITEname_error.log
DirectoryIndex index.php index.html index.htm DirectoryIndex index.php index.html index.htm
DocumentRoot /var/www/DOMAINname/html DocumentRoot /var/www/DOMAINname/html
#Include snippets/apa-backendredir.conf
<Directory /var/www/DOMAINname/html> <Directory /var/www/DOMAINname/html>
Options Indexes FollowSymLinks MultiViews Options Indexes FollowSymLinks MultiViews

2
CMS/none/Fpm-Pool.conf-unconfigured
View File

@@ -25,7 +25,7 @@ php_admin_value[max_input_time] = 15
php_admin_value[cgi.fix_pathinfo] = 0 php_admin_value[cgi.fix_pathinfo] = 0
php_admin_value[allow_url_fopen] = Off php_admin_value[allow_url_fopen] = Off
php_admin_value[file_uploads] = Off php_admin_value[file_uploads] = Off
php_admin_value[open_basedir] = /var/www/DOMAINname/html php_admin_value[open_basedir] = /var/www/DOMAINname/html:/tmp
php_admin_value[session.use_strict_mode] = 1 php_admin_value[session.use_strict_mode] = 1
php_admin_value[session.cookie_httponly] = 1 php_admin_value[session.cookie_httponly] = 1
;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict ;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict

2
CMS/none/Nginx-unconfigured
View File

@@ -11,6 +11,8 @@
gzip_comp_level 2; gzip_comp_level 2;
gzip_disable "msie6"; gzip_disable "msie6";
gzip_buffers 16 8k; gzip_buffers 16 8k;
#include snippets/ngx-backendredir.conf;
location / { location / {
#try_files $uri $uri/ =404; #try_files $uri $uri/ =404;

2
CMS/none/Nginx_nonphp-unconfigured
View File

@@ -16,6 +16,8 @@
#try_files $uri $uri/ =404; #try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args; try_files $uri $uri/ /index.php$is_args$args;
#try_files $uri $uri/ $uri.html $uri.php$is_args$query_string; #try_files $uri $uri/ $uri.html $uri.php$is_args$query_string;
#'forPHP-FrondControler' try_files $uri $uri/ $uri.html /index.php$is_args$query_string;
} }
location ~ /\.ht { location ~ /\.ht {

12
CMS/none/apache-conf.sh
View File

@@ -1,9 +1,5 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/none/Apache-unconfigured -O /tmp/apache-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Apache-unconfigured -o /tmp/apache-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/apache-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/apache-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' /etc/apache2/sites-available/"$sitename"_"$site_ext".conf sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' "$apacheConfDir"/sites-available/"$sitename"_"$site_ext".conf
mkdir -p /var/www/"$domain"/html
echo "<html><head></head><body>$webserv has been succsefully installed by the Wizard</body></html>" > /var/www/$domain/html/index.html systemctl reload $apacheService
chown "$sitename":"$sitename" -R /var/www/"$domain"/html
systemctl reload apache2

20
CMS/none/conf.sh
View File

@@ -1,12 +1,26 @@
#Creating webfolder
mkdir -p /var/www/"$domain"/html
#Ceating content
echo "<html><head></head><body>$webserv has been succsefully installed by the Wizard</body></html>" > /var/www/$domain/html/index.html
#Do not generate php pool when php is not installed #Do not generate php pool when php is not installed
if [ $webserv != nginx_nonphp ]; then if [ $webserv != nginx_nonphp ]; then
#Setup PHP Pool #Setup PHP Pool
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/none/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf
sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf
groupadd "$sitename" groupadd "$sitename"
useradd -g "$sitename" "$sitename" useradd -g "$sitename" "$sitename"
systemctl reload php"$phpver"-fpm systemctl reload $phpFPMService
#Setting Permsissions
chown "$sitename":"$sitename" -R /var/www/"$domain"/html
fi
if [ "$shortdist" = "el8" ]; then
#Setting SeLiux perms for centos
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
restorecon -vr /var/www/ > $OUTPUT 2>&1
fi fi

8
CMS/none/nginx-conf.sh
View File

@@ -1,9 +1,5 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/none/Nginx-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Nginx-unconfigured -o /tmp/nginx-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext"
mkdir -p /var/www/"$domain"/html
echo "<html><head></head><body>$webserv has been succsefully installed by the Wizard</body></html>" > /var/www/$domain/html/index.html
chown "$sitename":"$sitename" -R /var/www/"$domain"/html
systemctl reload nginx systemctl reload nginx

8
CMS/none/nginx_nonphp-conf.sh
View File

@@ -1,9 +1,5 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/none/Nginx_nonphp-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Nginx_nonphp-unconfigured -o /tmp/nginx-siteconf
sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/nginx-siteconf sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext"
mkdir -p /var/www/"$domain"/html
echo "<html><head></head><body>$webserv has been succsefully installed by the Wizard</body></html>" > /var/www/$domain/html/index.html
chown www-data:www-data -R /var/www/"$domain"/html
systemctl reload nginx systemctl reload nginx

1
CMS/wordpress/Apache-unconfigured
View File

@@ -6,6 +6,7 @@ ErrorLog ${APACHE_LOG_DIR}/SITEname_error.log
DirectoryIndex index.php index.html index.htm DirectoryIndex index.php index.html index.htm
DocumentRoot /var/www/DOMAINname/html DocumentRoot /var/www/DOMAINname/html
#Include snippets/apa-backendredir.conf
<Directory /var/www/DOMAINname/html> <Directory /var/www/DOMAINname/html>
Options FollowSymLinks Options FollowSymLinks

2
CMS/wordpress/Fpm-Pool.conf-unconfigured
View File

@@ -25,7 +25,7 @@ php_admin_value[max_input_time] = 30
php_admin_value[cgi.fix_pathinfo] = 0 php_admin_value[cgi.fix_pathinfo] = 0
php_admin_value[allow_url_fopen] = Off php_admin_value[allow_url_fopen] = Off
php_admin_value[file_uploads] = on php_admin_value[file_uploads] = on
php_admin_value[open_basedir] = "/var/www/DOMAINname/html" php_admin_value[open_basedir] = /var/www/DOMAINname/html:/tmp
php_admin_value[session.use_strict_mode] = 1 php_admin_value[session.use_strict_mode] = 1
php_admin_value[session.cookie_httponly] = 1 php_admin_value[session.cookie_httponly] = 1
;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict ;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict

3
CMS/wordpress/Nginx-unconfigured
View File

@@ -12,7 +12,8 @@ gzip_types text/plain text/css text/xml text/javascript application/javascript a
gzip_comp_level 2; gzip_comp_level 2;
gzip_disable "msie6"; gzip_disable "msie6";
gzip_buffers 16 8k; gzip_buffers 16 8k;
#include snippets/ngx-backendredir.conf;
location / { location / {
try_files $uri $uri/ /index.php$is_args$args; try_files $uri $uri/ /index.php$is_args$args;

6
CMS/wordpress/WordPress-unconfigured
View File

@@ -2,7 +2,7 @@
define('DB_NAME', 'DBName'); define('DB_NAME', 'DBName');
define('DB_USER', 'DBUser'); define('DB_USER', 'DBUser');
define('DB_PASSWORD', 'DBPass'); define('DB_PASSWORD', 'DBPass');
define('DB_HOST', 'localhost'); define('DB_HOST', '127.0.0.1');
define('DB_CHARSET', 'utf8'); define('DB_CHARSET', 'utf8');
define('DB_COLLATE', ''); define('DB_COLLATE', '');
#define( 'WP_SITEURL', '' ); #define( 'WP_SITEURL', '' );
@@ -25,8 +25,6 @@ define('FS_METHOD','direct');
#$table_prefix = 'DBName'; #$table_prefix = 'DBName';
$table_prefix = 'wp'; $table_prefix = 'wp';
WPsalty
define('WP_DEBUG', false); define('WP_DEBUG', false);
if ( !defined('ABSPATH') ) if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/'); define('ABSPATH', dirname(__FILE__) . '/');
@@ -39,4 +37,4 @@ if ( !defined('ABSPATH') )
#define('WP_REDIS_HOST', '127.0.0.1'); #define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '<RedisPassword>'); #define('WP_REDIS_PASSWORD', '<RedisPassword>');
#define('WP_REDIS_PORT', '6379'); #define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php');

8
CMS/wordpress/apache-conf.sh
View File

@@ -1,6 +1,6 @@
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/Apache-unconfigured -O /tmp/apache-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/Apache-unconfigured -o /tmp/apache-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/apache-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/apache-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' /etc/apache2/sites-available/"$sitename"_"$site_ext".conf sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/apache-siteconf' -e '/#ConfHere/c\' "$apacheConfDir"/sites-available/"$sitename"_"$site_ext".conf
chown "$sitename":"$sitename" -R /var/www/"$domain"/html chown "$sitename":"$sitename" -R /var/www/"$domain"/html
systemctl reload apache2 php$phpver-fpm systemctl reload $apacheService $phpFPMService

40
CMS/wordpress/conf.sh
View File

@@ -1,7 +1,7 @@
#WP-CLI #WP-CLI
if [ ! -f /usr/local/bin/wp ]; then if [ ! -f /usr/local/bin/wp ]; then
wget -q -t7 https://raw.githubusercontent.com/wp-cli/wp-cli/v2.4.0/utils/wp-completion.bash -O /etc/bash_completion.d/wp curl --retry 7 --retry-delay 5 -s https://raw.githubusercontent.com/wp-cli/wp-cli/v2.4.0/utils/wp-completion.bash -o /etc/bash_completion.d/wp
wget -q -t7 https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp curl --retry 7 --retry-delay 5 -s https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -o /usr/local/bin/wp
chmod +x /usr/local/bin/wp chmod +x /usr/local/bin/wp
fi fi
@@ -9,8 +9,8 @@ fi
db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1`
db_name="wp_$db_suffix" db_name="wp_$db_suffix"
db_user="wp_$db_suffix" db_user="wp_$db_suffix"
db_pass=$(date +%s|sha256sum|base64|head -c 32) db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' </dev/urandom | head -c 30 ; echo)
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -) WPSalts=$(curl --retry 7 --retry-delay 5 -s https://api.wordpress.org/secret-key/1.1/salt/)
#Setting up Database #Setting up Database
mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" > $OUTPUT 2>&1 mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" > $OUTPUT 2>&1
@@ -22,34 +22,44 @@ mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" > $OUTPUT 2>&1
mkdir -p /var/www/"$domain"/html mkdir -p /var/www/"$domain"/html
#Getting WordPress #Getting WordPress
wget -q -t7 http://mirror.nxdi.nl/resources/wordpress/latest.tar.gz -O /tmp/wp.tar.gz curl --retry 7 --retry-delay 5 -s http://mirror.nxdi.nl/resources/wordpress/latest.tar.gz -o /tmp/wp.tar.gz
tar -C /var/www/"$domain"/html -xzf /tmp/wp.tar.gz --strip 1 tar -C /var/www/"$domain"/html -xzf /tmp/wp.tar.gz --strip 1
rm /var/www/"$domain"/html/wp-config-sample.php rm /var/www/"$domain"/html/wp-config-sample.php
#Configuring WordPress #Configuring WordPress
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/WordPress-unconfigured -O /var/www/"$domain"/html/wp-config.php curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/WordPress-unconfigured -o /var/www/"$domain"/html/wp-config.php
sed -i -e 's/DBPass/'$db_pass'/' -e 's/DBUser/'$db_user'/' -e 's/DBName/'$db_name'/' -e 's/DOMAINname/'$domain'/' /var/www/"$domain"/html/wp-config.php sed -i -e 's/DBPass/'$db_pass'/' -e 's/DBUser/'$db_user'/' -e 's/DBName/'$db_name'/' -e 's/DOMAINname/'$domain'/' /var/www/"$domain"/html/wp-config.php
printf '%s\n' "g/WPsalty/d" a "$WPSalts" . w | ed -s /var/www/"$domain"/html/wp-config.php printf '%s\n' "$WPSalts" >> /var/www/"$domain"/html/wp-config.php
printf '%s\n' "require_once(ABSPATH . 'wp-settings.php');" >> /var/www/"$domain"/html/wp-config.php
#PHP Pool #PHP Pool
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf
sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf
groupadd "$sitename" groupadd "$sitename"
useradd -g "$sitename" "$sitename" useradd -g "$sitename" "$sitename"
systemctl reload php"$phpver"-fpm systemctl reload $phpFPMService
#fail2ban #fail2ban
if [ ! -f /etc/fail2ban/jail.d/wordpress-syslog.local ]; then if [ ! -f /etc/fail2ban/jail.d/wordpress-syslog.local ]; then
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Jails/wordpress-syslog.jail -O /etc/fail2ban/jail.d/wordpress-syslog.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Jails/wordpress-syslog.jail -o /etc/fail2ban/jail.d/wordpress-syslog.local
if [ "$shortdist" = "el8" ]; then
sed -i '/logpath/c\logpath = /var/log/messages' /etc/fail2ban/jail.d/wordpress-syslog.local
fi
fi fi
#Setting Permsissions #Setting Permsissions
chown "$sitename":"$sitename" -R /var/www/"$domain"/html chown "$sitename":"$sitename" -R /var/www/"$domain"/html
if [ "$shortdist" = "el8" ]; then
#Setting SeLiux perms for centos
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
restorecon -vr /var/www/ > $OUTPUT 2>&1
fi
#Makeing wordpress Finalize script and setting login Notice #Makeing wordpress Finalize script and setting login Notice
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/wordpress-init.sh -O ~/WordpressInit-"$sitename".sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/wordpress-init.sh -o ~/WordpressInit-"$sitename".sh
sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' ~/WordpressInit-"$sitename".sh sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' ~/WordpressInit-"$sitename".sh
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/MotdWordpress -O /etc/update-motd.d/51-wpnotice curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/MotdWordpress -o /etc/update-motd.d/51-wpnotice-"${sitename//_}"
sed -i -e 's/SITEname/'$sitename'/' /etc/update-motd.d/51-wpnotice sed -i -e 's/SITEname/'$sitename'/' /etc/update-motd.d/51-wpnotice-"${sitename//_}"
chmod +x /etc/update-motd.d/51-wpnotice chmod +x /etc/update-motd.d/51-wpnotice-"${sitename//_}"

6
CMS/wordpress/nginx-conf.sh
View File

@@ -1,7 +1,7 @@
#Configuring nginx #Configuring nginx
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/Nginx-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpress/Nginx-unconfigured -o /tmp/nginx-siteconf
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' -e 's/SITEname/'$sitename'/' /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext"
#Reloading Services #Reloading Services
systemctl reload nginx php$phpver-fpm systemctl reload nginx $phpFPMService

17
CMS/wordpress/wordpress-init.sh
View File

@@ -1,10 +1,13 @@
sudo -u SITEname wp --path=/var/www/DOMAINname/html core update sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html core update
sudo -u SITEname wp --path=/var/www/DOMAINname/html plugin update --all sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html theme update --all
sudo -u SITEname wp --path=/var/www/DOMAINname/html theme update --all sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html plugin install wp-fail2ban --activate
sudo -u SITEname wp --path=/var/www/DOMAINname/html plugin install wp-fail2ban --activate sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html plugin install all-in-one-wp-migration --activate
sudo -u SITEname wp --path=/var/www/DOMAINname/html plugin install all-in-one-wp-migration --activate sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html plugin install https://git.ictmaatwerk.com/downloads/wp/migrate.zip --activate
sudo -u SITEname wp --path=/var/www/DOMAINname/html plugin install https://git.ictmaatwerk.com/downloads/wp/migrate.zip --activate sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html cron event run wp_update_plugins
rm -f /etc/update-motd.d/51-wpnotice sudo -u SITEname /usr/local/bin/wp --path=/var/www/DOMAINname/html plugin update --all
echo -e "\e[96m Please update all-in-one-wp-migration-unlimited plugin manually\e[39m"
sn2=SITEname
rm -f /etc/update-motd.d/51-wpnotice-${sn2//_}
#Remove script #Remove script
while true; do while true; do

20
CoreModules/apache/appendCMS-conf.sh
View File

@@ -4,19 +4,19 @@
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site-wwwredir >> /etc/apache2/sites-available/"$sitename"_nossl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site-wwwredir >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
echo "" >> /etc/apache2/sites-available/"$sitename"_nossl.conf echo "" >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_ssl-wwwredir >> /etc/apache2/sites-available/"$sitename"_ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-wwwredir >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
echo "" >> /etc/apache2/sites-available/"$sitename"_ssl.conf echo "" >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> /etc/apache2/sites-available/"$sitename"_nossl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
sed -i -e 's/DOMAINname/'$domain'/' /etc/apache2/sites-available/"$sitename"_nossl.conf sed -i -e 's/DOMAINname/'$domain'/g' "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
ln -s /etc/apache2/sites-available/"$sitename"_nossl.conf /etc/apache2/sites-enabled/010-"$sitename".conf ln -s "$apacheConfDir"/sites-available/"$sitename"_nossl.conf "$apacheConfDir"/sites-enabled/010-"$sitename".conf
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> /etc/apache2/sites-available/"$sitename"_ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
sed -i -e 's/DOMAINname/'$domain'/' /etc/apache2/sites-available/"$sitename"_ssl.conf sed -i -e 's/DOMAINname/'$domain'/g' "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
systemctl reload apache2 systemctl reload $apacheService

1
CoreModules/apache/apt.list
View File

@@ -1 +0,0 @@
apache2 libapache2-mod-fcgid python-certbot-apache

1
CoreModules/apache/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
apache2 libapache2-mod-fcgid

67
CoreModules/apache/conf.sh
View File

@@ -1,52 +1,69 @@
systemctl stop apache2 systemctl stop $apacheService > $OUTPUT 2>&1
############## ##############
# Apache # # Apache #
############## ##############
a2dissite 000-default if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
a2dismod mpm_prefork a2dissite 000-default > $OUTPUT 2>&1
a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb a2dismod mpm_prefork > $OUTPUT 2>&1
a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb > $OUTPUT 2>&1
mkdir -p "$apacheConfDir"/snippets/
elif [ "$shortdist" = "el8" ]; then
echo 'IncludeOptional conf-enabled/*.conf' >>/etc/httpd/conf/httpd.conf
echo 'IncludeOptional sites-enabled/*.conf' >>/etc/httpd/conf/httpd.conf
sed -i -e '/User apache/c\User www-data' -e '/Group apache/c\Group www-data' /etc/httpd/conf/httpd.conf
sed -i 's/^/#/g' /etc/httpd/conf.d/welcome.conf
#Creating directories
mkdir -p /etc/httpd/{sites-available,sites-enabled,conf-enabled,conf-available,snippets}
#getting aditional apache config for centos
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/conf-httpd-custom.conf -o "$apacheConfDir"/conf-enabled/zzz-Httpd-custom.conf
fi
mkdir -p /etc/apache2/snippets/ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/snippets-ssl.conf -o "$apacheConfDir"/snippets/apa-ssl.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/snippets-ssl.conf -O /etc/apache2/snippets/apa-ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/snippets-backendredir.conf -o "$apacheConfDir"/snippets/apa-backendredir.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/conf-custom.conf -O /etc/apache2/conf-enabled/zzz-custom.conf sed -i -e 's/HOSTname/'$hostname'/' "$apacheConfDir"/snippets/apa-backendredir.conf
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/conf-custom.conf -o "$apacheConfDir"/conf-enabled/zzz-custom.conf
#Catch all (ip and unconfigured domains) #Catch all (ip and unconfigured domains)
wget - -t7 "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_CatchAll -O /etc/apache2/sites-available/CatchAll.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_CatchAll -o "$apacheConfDir"/sites-available/CatchAll.conf
ln -s /etc/apache2/sites-available/CatchAll.conf /etc/apache2/sites-enabled/999-CatchAll.conf ln -s "$apacheConfDir"/sites-available/CatchAll.conf "$apacheConfDir"/sites-enabled/999-CatchAll.conf
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site-wwwredir >> /etc/apache2/sites-available/"$sitename"_nossl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site-wwwredir >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
echo "" >> /etc/apache2/sites-available/"$sitename"_nossl.conf echo "" >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_ssl-wwwredir >> /etc/apache2/sites-available/"$sitename"_ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-wwwredir >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
echo "" >> /etc/apache2/sites-available/"$sitename"_ssl.conf echo "" >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> /etc/apache2/sites-available/"$sitename"_nossl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
sed -i -e 's/DOMAINname/'$domain'/' /etc/apache2/sites-available/"$sitename"_nossl.conf sed -i -e 's/DOMAINname/'$domain'/g' "$apacheConfDir"/sites-available/"$sitename"_nossl.conf
ln -s /etc/apache2/sites-available/"$sitename"_nossl.conf /etc/apache2/sites-enabled/010-"$sitename".conf ln -s "$apacheConfDir"/sites-available/"$sitename"_nossl.conf "$apacheConfDir"/sites-enabled/010-"$sitename".conf
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> /etc/apache2/sites-available/"$sitename"_ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
sed -i -e 's/DOMAINname/'$domain'/' /etc/apache2/sites-available/"$sitename"_ssl.conf sed -i -e 's/DOMAINname/'$domain'/g' "$apacheConfDir"/sites-available/"$sitename"_ssl.conf
#non-ssl-Backend #non-ssl-Backend
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> /etc/apache2/sites-available/Backend_nossl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site-unconfigured >> "$apacheConfDir"/sites-available/Backend_nossl.conf
sed -i -e 's/DOMAINname/'$hostname'/' /etc/apache2/sites-available/Backend_nossl.conf sed -i -e 's/DOMAINname/'$hostname'/g' "$apacheConfDir"/sites-available/Backend_nossl.conf
ln -s /etc/apache2/sites-available/Backend_nossl.conf /etc/apache2/sites-enabled/010-Backend.conf ln -s "$apacheConfDir"/sites-available/Backend_nossl.conf "$apacheConfDir"/sites-enabled/010-Backend.conf
#ssl-Backend #ssl-Backend
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> /etc/apache2/sites-available/Backend_ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> "$apacheConfDir"/sites-available/Backend_ssl.conf
sed -i -e 's/DOMAINname/'$hostname'/' /etc/apache2/sites-available/Backend_ssl.conf sed -i -e 's/DOMAINname/'$hostname'/g' "$apacheConfDir"/sites-available/Backend_ssl.conf
mkdir -p /opt/toggle mkdir -p /opt/toggle
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_APACHE.sh -O /opt/toggle/toggle-PhpMyAdmin.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_APACHE.sh -o /opt/toggle/toggle-PhpMyAdmin.sh
sed -i -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-PhpMyAdmin.sh
# custom Welcome page # custom Welcome page
echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /var/www/html/index.html echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /var/www/html/index.html
systemctl start apache2 systemctl start $apacheService > $OUTPUT 2>&1
systemctl enable $apacheService > $OUTPUT 2>&1

1
CoreModules/apache/config/apache2/conf-httpd-custom.conf Normal file
View File

@@ -0,0 +1 @@
Define APACHE_LOG_DIR /var/log/httpd

5
CoreModules/apache/config/apache2/site_ssl-unconfigured
View File

@@ -6,9 +6,8 @@
<VirtualHost *:443> <VirtualHost *:443>
ServerName DOMAINname ServerName DOMAINname
SSLEngine on SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/DOMAINname/cert.pem SSLCertificateFile /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAINname/privkey.pem SSLCertificateKeyFile /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key
SSLCertificateChainFile /etc/letsencrypt/live/DOMAINname/chain.pem
Include snippets/apa-ssl.conf Include snippets/apa-ssl.conf
#ConfHere #ConfHere

5
CoreModules/apache/config/apache2/site_ssl-wwwredir
View File

@@ -6,9 +6,8 @@
<VirtualHost *:443> <VirtualHost *:443>
ServerName www.DOMAINname ServerName www.DOMAINname
SSLEngine on SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/DOMAINname/cert.pem SSLCertificateFile /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAINname/privkey.pem SSLCertificateKeyFile /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key
SSLCertificateChainFile /etc/letsencrypt/live/DOMAINname/chain.pem
Include snippets/apa-ssl.conf Include snippets/apa-ssl.conf
Redirect permanent / https://DOMAINname/ Redirect permanent / https://DOMAINname/
</VirtualHost> </VirtualHost>

1
CoreModules/apache/config/apache2/snippets-backendredir.conf Normal file
View File

@@ -0,0 +1 @@
Redirect 301 /database http://HOSTname/backend/database

3
CoreModules/apache/config/apache2/snippets-ssl.conf
View File

@@ -3,5 +3,6 @@ Header always set Strict-Transport-Security "max-age=63072000"
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder on SSLHonorCipherOrder on
SSLOpenSSLConfCmd Curves secp384r1
SSLSessionTickets off SSLSessionTickets off
SSLUseStapling On SSLUseStapling On

1
CoreModules/apache/dnf.pkg.list Normal file
View File

@@ -0,0 +1 @@
httpd mod_fcgid mod_ssl

27
CoreModules/apache/phpupdate-handeler.sh Normal file
View File

@@ -0,0 +1,27 @@
if [ ! -f "/etc/ICTM/apachevar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GenerateApacheList.sh) ; fi
source /etc/ICTM/apachevar.list
for f in $apacheConfDir/sites-available/*; do
if [ $IMODE = n ] && [ $PhpPurge = 0 ]; then
if (whiptail --title "Update apache config ?" --yesno "Update php version in apache site: ${f##*/} ?" 8 78); then
sed -i "s/$phpver/$newphpver/" $f
fi
fi
if [ $IMODE = l ] && [ $PhpPurge = 0 ]; then
while true; do
read -p "Update php version in apache site: ${f##*/} ? -> yes/no?" yn
case $yn in
[Yy]* ) sed -i "s/$phpver/$newphpver/" $f
break;;
[Nn]* ) echo ""
break;;
* ) echo "Choose yes of no.";;
esac
done
fi
if [ $PhpPurge = 1 ]; then
sed -i "s/$phpver/$newphpver/" $f
fi
done
systemctl reload $apacheService

18
CoreModules/apache/preconf.sh
View File

@@ -1 +1,17 @@
$PKGA ppa:ondrej/apache2 -y -n > $OUTPUT 2>&1 if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
# Debian/Ubunbtu apache variables
apacheConfDir=/etc/apache2
apacheService=apache2
elif [ "$shortdist" = "el8" ]; then
# Centos Php variable
apacheConfDir=/etc/httpd
apacheService=httpd
fi
#Storing vars to config
for storeme in apacheService apacheConfDir; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/apachevar.list
done
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=apache osrel=$shortdist bash > $OUTPUT 2>&1 > $OUTPUT 2>&1

10
CoreModules/apache/ssl-handler.sh
View File

@@ -1,9 +1,9 @@
rm /etc/apache2/sites-enabled/010-"$sitename".conf rm "$apacheConfDir"/sites-enabled/010-"$sitename".conf
ln -s /etc/apache2/sites-available/"$sitename"_ssl.conf /etc/apache2/sites-enabled/010-"$sitename".conf ln -s "$apacheConfDir"/sites-available/"$sitename"_"$site_ext".conf "$apacheConfDir"/sites-enabled/010-"$sitename".conf
if [ -n "$sslfr" ]; then if [ -n "$sslfr" ]; then
rm /etc/apache2/sites-enabled/010-Backend.conf rm "$apacheConfDir"/sites-enabled/010-Backend.conf
ln -s /etc/apache2/sites-available/Backend_ssl.conf /etc/apache2/sites-enabled/010-Backend.conf ln -s "$apacheConfDir"/sites-available/Backend_"$siteBackend_ext".conf "$apacheConfDir"/sites-enabled/010-Backend.conf
fi fi
systemctl reload apache2 systemctl reload $apacheService

1
CoreModules/generic/apt.list
View File

@@ -1 +0,0 @@
mailutils htop ufw nload fail2ban

1
CoreModules/generic/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
cron

58
CoreModules/generic/conf.sh
View File

@@ -1,22 +1,26 @@
##-------------## ##----------##
# Postfix # # Centos #
##-------------## ##----------##
if [ "$shortdist" = "el8" ]; then
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf #SeLinux
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf semanage port -a -t ssh_port_t -p tcp 4242
sed -i 's/relayhost =/mydestination = '$hostname', localhost.'$hostname', '$hostname'/g' /etc/postfix/main.cf systemctl enable ufw > $OUTPUT 2>&1
echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf #Motd
cat <<EOF > /etc/aliases mkdir /etc/update-motd.d
# See man 5 aliases for format echo 'if stat --printf="" /etc/update-motd.d/51* 2>/dev/null; then for f in /etc/update-motd.d/51*; do bash $f; done; fi' >> /etc/profile
postmaster: root fi
root: $email
EOF
newaliases
##-------## ##-------##
# UFW # # UFW #
##-------## ##-------##
if [ "$shortdist" = "el8" ]; then
sed -i -e '/tuple/d' -e '/dapp/d' /usr/share/ufw/iptables/user.rules
sed -i -e '/tuple/d' -e '/dapp/d' /usr/share/ufw/iptables/user6.rules
echo "y" | ufw reset > $OUTPUT 2>&1
systemctl enable ufw > $OUTPUT 2>&1
fi
sed -i '/IPV6=/c\IPV6=yes' /etc/default/ufw sed -i '/IPV6=/c\IPV6=yes' /etc/default/ufw
ufw default deny incoming > $OUTPUT 2>&1 ufw default deny incoming > $OUTPUT 2>&1
ufw default allow outgoing > $OUTPUT 2>&1 ufw default allow outgoing > $OUTPUT 2>&1
@@ -30,18 +34,30 @@ echo "y" | ufw enable > $OUTPUT 2>&1
##------------## ##------------##
#General config #General config
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/jail.local -O /etc/fail2ban/jail.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/jail.local -o /etc/fail2ban/jail.local
#Custom Fiters #Custom Fiters
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Filters/nextcloud.filter -O /etc/fail2ban/filter.d/nextcloud.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Filters/nextcloud.filter -o /etc/fail2ban/filter.d/nextcloud.local
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Filters/phpmyadmin-authlog.filter -O /etc/fail2ban/filter.d/phpmyadmin-authlog.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Filters/phpmyadmin-authlog.filter -o /etc/fail2ban/filter.d/phpmyadmin-authlog.local
wget -q -t7 https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-hard.conf -O /etc/fail2ban/filter.d/wordpress-hard.local curl --retry 7 --retry-delay 5 -s https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-hard.conf -o /etc/fail2ban/filter.d/wordpress-hard.local
wget -q -t7 https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-soft.conf -O /etc/fail2ban/filter.d/wordpress-soft.local curl --retry 7 --retry-delay 5 -s https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-soft.conf -o /etc/fail2ban/filter.d/wordpress-soft.local
if [ "$shortdist" = "el8" ]; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/action.d/ufw.conf -o /etc/fail2ban/action.d/ufw.conf
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/selinux/policies/fail2ban-allowhttpd.te -o /tmp/fail2ban-allowhttpd.te
checkmodule -M -m -o /tmp/fail2ban-allowhttpd.mod /tmp/fail2ban-allowhttpd.te
semodule_package -o /tmp/fail2ban-allowhttpd.pp -m /tmp/fail2ban-allowhttpd.mod
semodule -i /tmp/fail2ban-allowhttpd.pp
fi
#Start fail2ban service
systemctl start fail2ban
systemctl enable fail2ban
#General jails #General jails
rm /etc/fail2ban/jail.d/* rm /etc/fail2ban/jail.d/*
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Jails/sshd.jail -O /etc/fail2ban/jail.d/sshd.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Jails/sshd.jail -o /etc/fail2ban/jail.d/sshd.local
if [ -z $disbackendcms ]; then if [ -z $disbackendcms ]; then
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/Jails/phpmyadmin.jail -O /etc/fail2ban/jail.d/phpmyadmin.local curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Jails/phpmyadmin.jail -o /etc/fail2ban/jail.d/phpmyadmin.local
fi fi

1
CoreModules/generic/dnf.pkg.list Normal file
View File

@@ -0,0 +1 @@
cronie policycoreutils-python-utils

1
CoreModules/generic/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
nano htop ufw nload fail2ban sudo bash-completion

97
CoreModules/generic/preconf.sh
View File

@@ -1,25 +1,77 @@
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
########################
# Debian/Ubunbtu #
########################
##--------------##
# Repositories #
##--------------##
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=universe osrel=$shortdist bash > $OUTPUT 2>&1
##------------##
# System #
##------------##
sed -i -e '/XKBLAYOUT=/c\XKBLAYOUT=us' -e '/XKBVARIANT=/c\XKBVARIANT="intl"' /etc/default/keyboard > $OUTPUT 2>&1
##-------------##
# Updates #
##-------------##
debconf-set-selections <<< 'libssl1.1:amd64 libraries/restart-without-asking boolean true'
$PKGUC
$PKGUP
##-------------##
# Postfix #
##-------------##
#Checking if postfix exists on this system and if so it wil be removed to prevent config conflicts
if dpkg-query -Wf'${db:Status-abbrev}' postfix 2>/dev/null | grep -q '^i'; then apt purge -y postfix > $OUTPUT 2>&1; fi
elif [ "$shortdist" = "el8" ]; then
################
# Centos #
################
##--------------##
# Repositories #
##--------------##
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=epel osrel=$shortdist bash > $OUTPUT 2>&1
##------------##
# System #
##------------##
localectl set-keymap us > $OUTPUT 2>&1
useradd -r -U -s /usr/sbin/nologin -d /var/www www-data > $OUTPUT 2>&1
systemctl disable firewalld --now > $OUTPUT 2>&1
##-------------##
# Postfix #
##-------------##
if dnf list installed postfix >/dev/null 2>&1; then dnf remove postfix -y; fi
fi
#################
# General #
#################
##-----------------------## ##-----------------------##
# Prerequisite packages # # Prerequisite packages #
##-----------------------## ##-----------------------##
$PKGI software-properties-common gnupg > $OUTPUT 2>&1 curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=init osrel=$shortdist bash > $OUTPUT 2>&1
##--------------## ##--------------##
# Repositories # # Repositories #
##--------------## ##--------------##
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=php osrel=$shortdist bash > $OUTPUT 2>&1
$PKGA universe -y > $OUTPUT 2>&1
$PKGA ppa:ondrej/php -y -n > $OUTPUT 2>&1
$PKGA ppa:certbot/certbot -y -n > $OUTPUT 2>&1
##-------------##
# Updates #
##-------------##
debconf-set-selections <<< 'libssl1.1:amd64 libraries/restart-without-asking boolean true'
$PKGM update
$PKGM upgrade -y
##------------## ##------------##
@@ -27,9 +79,9 @@ $PKGM upgrade -y
##------------## ##------------##
hostnamectl set-hostname $hostname hostnamectl set-hostname $hostname
sed -i 's/;preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg sed -i 's/;preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg > $OUTPUT 2>&1
timedatectl set-timezone Europe/Amsterdam timedatectl set-timezone Europe/Amsterdam > $OUTPUT 2>&1
sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config > $OUTPUT 2>&1
##----------## ##----------##
@@ -47,14 +99,3 @@ else
fi fi
echo "vm.swappiness=10" >> /etc/sysctl.conf echo "vm.swappiness=10" >> /etc/sysctl.conf
echo "vm.vfs_cache_pressure=50" >> /etc/sysctl.conf echo "vm.vfs_cache_pressure=50" >> /etc/sysctl.conf
##-------------##
# Postfix #
##-------------##
#Checking if postfix exists on this system and if so it wil be removed to prevent config conflicts
if dpkg-query -Wf'${db:Status-abbrev}' postfix 2>/dev/null | grep -q '^i'; then apt purge -y postfix > $OUTPUT 2>&1; fi
debconf-set-selections <<< "postfix postfix/mailname string $domain"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"

12
CoreModules/nginx/appendCMS-conf.sh
View File

@@ -4,19 +4,19 @@
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl
echo "" >> /etc/nginx/sites-available/"$sitename"_nossl echo "" >> /etc/nginx/sites-available/"$sitename"_nossl
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl
echo "" >> /etc/nginx/sites-available/"$sitename"_ssl echo "" >> /etc/nginx/sites-available/"$sitename"_ssl
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_nossl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_nossl
ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename"
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_ssl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_ssl
systemctl reload nginx systemctl reload nginx

1
CoreModules/nginx/apt.list
View File

@@ -1 +0,0 @@
nginx apache2-utils python-certbot-nginx

1
CoreModules/nginx/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
apache2-utils

36
CoreModules/nginx/conf.sh
View File

@@ -5,41 +5,43 @@ systemctl stop nginx
############# #############
mkdir -p /var/www/html /etc/nginx/sites-available /etc/nginx/sites-enabled /etc/nginx/snippets /etc/nginx/modules-available /etc/nginx/modules-enabled /etc/nginx/snippets/ mkdir -p /var/www/html /etc/nginx/sites-available /etc/nginx/sites-enabled /etc/nginx/snippets /etc/nginx/modules-available /etc/nginx/modules-enabled /etc/nginx/snippets/
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/fastcgi.conf -O /etc/nginx/fastcgi.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/fastcgi.conf -o /etc/nginx/fastcgi.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/fastcgi-php.conf -O /etc/nginx/snippets/fastcgi-php.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/fastcgi-php.conf -o /etc/nginx/snippets/fastcgi-php.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/snippets-ssl.conf -O /etc/nginx/snippets/ngx-ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/snippets-ssl.conf -o /etc/nginx/snippets/ngx-ssl.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/nginx-default.conf -O /etc/nginx/nginx.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/snippets-backendredir.conf -o /etc/nginx/snippets/ngx-backendredir.conf
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/nginx-default.conf -o /etc/nginx/nginx.conf
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl
echo "" >> /etc/nginx/sites-available/"$sitename"_nossl echo "" >> /etc/nginx/sites-available/"$sitename"_nossl
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl
echo "" >> /etc/nginx/sites-available/"$sitename"_ssl echo "" >> /etc/nginx/sites-available/"$sitename"_ssl
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_nossl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_nossl
ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename"
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_ssl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_ssl
#Backend #Backend
##non-ssl ##non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/Backend_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/Backend_nossl
sed -i -e 's/DOMAINname/'$hostname'/' /etc/nginx/sites-available/Backend_nossl sed -i -e 's/DOMAINname/'$hostname'/g' /etc/nginx/sites-available/Backend_nossl
ln -s /etc/nginx/sites-available/Backend_nossl /etc/nginx/sites-enabled/Backend ln -s /etc/nginx/sites-available/Backend_nossl /etc/nginx/sites-enabled/Backend
##ssl ##ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/Backend_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/Backend_ssl
sed -i -e 's/DOMAINname/'$hostname'/' /etc/nginx/sites-available/Backend_ssl sed -i -e 's/DOMAINname/'$hostname'/g' /etc/nginx/sites-available/Backend_ssl
mkdir -p /opt/toggle mkdir -p /opt/toggle
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/toggles/toggle-Netdata_NGINX.sh -O /opt/toggle/toggle-Netdata.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Netdata_NGINX.sh -o /opt/toggle/toggle-Netdata.sh
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_NGINX.sh -O /opt/toggle/toggle-PhpMyAdmin.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_NGINX.sh -o /opt/toggle/toggle-PhpMyAdmin.sh
# custom Welcome page # custom Welcome page
echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /usr/share/nginx/html/index.html echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /usr/share/nginx/html/index.html
systemctl start nginx systemctl start nginx > $OUTPUT 2>&1
systemctl enable nginx > $OUTPUT 2>&1

5
CoreModules/nginx/config/nginx/site_ssl-unconfigured
View File

@@ -13,8 +13,9 @@ server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name DOMAINname; server_name DOMAINname;
ssl_certificate /etc/letsencrypt/live/DOMAINname/fullchain.pem; ssl_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/live/DOMAINname/privkey.pem; ssl_certificate_key /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key;
ssl_trusted_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer;
include snippets/ngx-ssl.conf; include snippets/ngx-ssl.conf;

5
CoreModules/nginx/config/nginx/site_ssl-wwwredir
View File

@@ -11,8 +11,9 @@ server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name www.DOMAINname; server_name www.DOMAINname;
ssl_certificate /etc/letsencrypt/live/DOMAINname/fullchain.pem; ssl_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/live/DOMAINname/privkey.pem; ssl_certificate_key /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key;
ssl_trusted_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer;
include snippets/ngx-ssl.conf; include snippets/ngx-ssl.conf;
return 301 https://DOMAINname$request_uri; return 301 https://DOMAINname$request_uri;
} }

3
CoreModules/nginx/config/nginx/snippets-backendredir.conf Normal file
View File

@@ -0,0 +1,3 @@
location /database {
return 301 http://$hostname/backend/database;
}

6
CoreModules/nginx/config/nginx/snippets-ssl.conf
View File

@@ -1,5 +1,9 @@
resolver 8.8.8.8;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:le_nginx_SSL:1m; ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1440m; ssl_session_timeout 1440m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2 TLSv1.3; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"; ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
@@ -7,4 +11,4 @@ add_header X-Frame-Options sameorigin;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-Xss-Protection "1; mode=block"; add_header X-Xss-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=31536000" always; add_header Strict-Transport-Security "max-age=31536000" always;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; ssl_dhparam /etc/acmesh/certs/ssl-dhparams.pem;

1
CoreModules/nginx/dnf.pkg.list Normal file
View File

@@ -0,0 +1 @@
httpd-tools

1
CoreModules/nginx/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
nginx

3
CoreModules/nginx/preconf.sh
View File

@@ -1,2 +1 @@
echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" > /etc/apt/sources.list.d/nginx.list curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=nginx osrel=$shortdist bash > $OUTPUT 2>&1
curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -

6
CoreModules/nginx/ssl-handler.sh
View File

@@ -1,9 +1,9 @@
rm /etc/nginx/sites-enabled/"$sitename" rm /etc/nginx/sites-enabled/"$sitename"
ln -s /etc/nginx/sites-available/"$sitename"_ssl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_"$site_ext" /etc/nginx/sites-enabled/"$sitename"
if [ -n "$sslfr" ]; then if [ -n "$sslfr" ]; then
rm /etc/nginx/sites-enabled/Backend rm /etc/nginx/sites-enabled/Backend
ln -s /etc/nginx/sites-available/Backend_ssl /etc/nginx/sites-enabled/Backend ln -s /etc/nginx/sites-available/Backend_"$siteBackend_ext" /etc/nginx/sites-enabled/Backend
fi fi
systemctl reload nginx systemctl reload nginx

12
CoreModules/nginx_nonphp/appendCMS-conf.sh
View File

@@ -4,19 +4,19 @@
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl
echo "" >> /etc/nginx/sites-available/"$sitename"_nossl echo "" >> /etc/nginx/sites-available/"$sitename"_nossl
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl
echo "" >> /etc/nginx/sites-available/"$sitename"_ssl echo "" >> /etc/nginx/sites-available/"$sitename"_ssl
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_nossl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_nossl
ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename"
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_ssl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_ssl
systemctl reload nginx systemctl reload nginx

1
CoreModules/nginx_nonphp/apt.list
View File

@@ -1 +0,0 @@
nginx apache2-utils python-certbot-nginx

1
CoreModules/nginx_nonphp/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
apache2-utils

21
CoreModules/nginx_nonphp/conf.sh
View File

@@ -5,27 +5,28 @@ systemctl stop nginx
############# #############
mkdir -p /var/www/html /etc/nginx/sites-available /etc/nginx/sites-enabled /etc/nginx/snippets /etc/nginx/modules-available /etc/nginx/modules-enabled /etc/nginx/snippets/ mkdir -p /var/www/html /etc/nginx/sites-available /etc/nginx/sites-enabled /etc/nginx/snippets /etc/nginx/modules-available /etc/nginx/modules-enabled /etc/nginx/snippets/
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/fastcgi.conf -O /etc/nginx/fastcgi.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/fastcgi.conf -o /etc/nginx/fastcgi.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/snippets-ssl.conf -O /etc/nginx/snippets/ngx-ssl.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/snippets-ssl.conf -o /etc/nginx/snippets/ngx-ssl.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/nginx-default.conf -O /etc/nginx/nginx.conf curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/nginx-default.conf -o /etc/nginx/nginx.conf
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-wwwredir >> /etc/nginx/sites-available/"$sitename"_nossl
echo "" >> /etc/nginx/sites-available/"$sitename"_nossl echo "" >> /etc/nginx/sites-available/"$sitename"_nossl
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-wwwredir >> /etc/nginx/sites-available/"$sitename"_ssl
echo "" >> /etc/nginx/sites-available/"$sitename"_ssl echo "" >> /etc/nginx/sites-available/"$sitename"_ssl
fi fi
#non-ssl #non-ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site-unconfigured >> /etc/nginx/sites-available/"$sitename"_nossl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_nossl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_nossl
ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_nossl /etc/nginx/sites-enabled/"$sitename"
#ssl #ssl
wget -q -t7 -O - "$repo"/raw/branch/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/"$sitename"_ssl
sed -i -e 's/DOMAINname/'$domain'/' /etc/nginx/sites-available/"$sitename"_ssl sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_ssl
# custom Welcome page # custom Welcome page
echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /usr/share/nginx/html/index.html echo "<html><head></head><body>$webserv is functioning normally</body></html>" > /usr/share/nginx/html/index.html
systemctl start nginx systemctl start nginx > $OUTPUT 2>&1
systemctl enable nginx > $OUTPUT 2>&1

1
CoreModules/nginx_nonphp/dnf.pkg.list Normal file
View File

@@ -0,0 +1 @@
httpd-tools

1
CoreModules/nginx_nonphp/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
nginx

3
CoreModules/nginx_nonphp/preconf.sh
View File

@@ -1,5 +1,4 @@
echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" > /etc/apt/sources.list.d/nginx.list curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=nginx osrel=$shortdist bash > $OUTPUT 2>&1
curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -
#Disable PhpMyadmin and Backend cms #Disable PhpMyadmin and Backend cms
disbackendcms=1 disbackendcms=1

2
CoreModules/nginx_nonphp/ssl-handler.sh
View File

@@ -1,4 +1,4 @@
rm /etc/nginx/sites-enabled/"$sitename" rm /etc/nginx/sites-enabled/"$sitename"
ln -s /etc/nginx/sites-available/"$sitename"_ssl /etc/nginx/sites-enabled/"$sitename" ln -s /etc/nginx/sites-available/"$sitename"_"$site_ext" /etc/nginx/sites-enabled/"$sitename"
systemctl reload nginx systemctl reload nginx

20
Docs/docs/Dev-Adding-CMS.md
View File

@@ -3,10 +3,14 @@
* CMS/`<NewCmsName>`/ * CMS/`<NewCmsName>`/
* conf.sh * conf.sh
* preconf.sh * preconf.sh
* apt.list * generic.pkg.list
* apt.pkg.list
* dnf.pkg.list
* `<Webserver>`-conf.sh * `<Webserver>`-conf.sh
* `<Webserver>`-preconf.sh * `<Webserver>`-preconf.sh
* `<Webserver>`-apt.list * `<Webserver>`-generic.pkg.list
* `<Webserver>`-apt.pkg.list
* `<Webserver>`-dnf.pkg.list
* `<Webserver>`-unconfigured * `<Webserver>`-unconfigured
# File Explanation # File Explanation
@@ -14,10 +18,14 @@
| -------- | ------------ | | -------- | ------------ |
| preconf.sh | Pre config/apt install commands runs for all web servers | | preconf.sh | Pre config/apt install commands runs for all web servers |
| conf.sh | Configuration runs for all webservers | | conf.sh | Configuration runs for all webservers |
| apt.list | packagelist for all webservers | | generic.pkg.list | packagelist for this webserver and php for all distro's |
| apt.pkg.list | packagelist for this webserver and php for distro's that use apt |
| dnf.pkg.list | packagelist for this webserver and php for distro's that use dnf/yum |
| `<Webserver>`-preconf.sh | Pre config/apt install commands runs for specified webserver | | `<Webserver>`-preconf.sh | Pre config/apt install commands runs for specified webserver |
| `<Webserver>`-conf.sh | Configuration runs for specified webserver | | `<Webserver>`-conf.sh | Configuration runs for specified webserver |
| `<Webserver>`-apt.list | packagelist for specified webserver | | `<Webserver>`-generic.pkg.list | packagelist for specified webserver for all distro's|
| `<Webserver>`-apt.pkg.list | packagelist for specified webserver for distro's that use apt|
| `<Webserver>`-dnf.pkg.list | packagelist for specified webserver for distro's that use dnf/yum|
| `<Webserver>`-unconfigured | webserver(vhost) config | | `<Webserver>`-unconfigured | webserver(vhost) config |
@@ -26,7 +34,7 @@
## nginx-conf.sh ## nginx-conf.sh
``` ```
#Getting Nginx SiteConfig #Getting Nginx SiteConfig
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/<CMSName>/Nginx-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/<CMSName>/Nginx-unconfigured -o /tmp/nginx-siteconf
#Configuring Nginx SiteConfig #Configuring Nginx SiteConfig
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' /tmp/nginx-siteconf
@@ -43,7 +51,7 @@ systemctl reload nginx
``` ```
#Getting Nginx SiteConfig #Getting Nginx SiteConfig
wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/<CMSName>/Nginx-unconfigured -O /tmp/nginx-siteconf curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/<CMSName>/Nginx-unconfigured -o /tmp/nginx-siteconf
#Configuring Nginx SiteConfig #Configuring Nginx SiteConfig
sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/' /tmp/nginx-siteconf

16
Docs/docs/Dev-Adding-Modules.md
View File

@@ -5,10 +5,14 @@ In both cases the file structure is expected as shown below
# List of possible Files and expected Structure # List of possible Files and expected Structure
* conf.sh * conf.sh
* preconf.sh * preconf.sh
* apt.list * generic.pkg.list
* apt.pkg.list
* dnf.pkg.list
* `<webserver>`-conf.sh * `<webserver>`-conf.sh
* `<webserver>`-preconf.sh * `<webserver>`-preconf.sh
* `<webserver>`-apt.list * `<Webserver>`-generic.pkg.list
* `<Webserver>`-apt.pkg.list
* `<Webserver>`-dnf.pkg.list
* config/* * config/*
## The internal module location ## The internal module location
@@ -19,10 +23,14 @@ SubModules/`<ModuleName>`
| -------- | ------------ | | -------- | ------------ |
| preconf.sh | Pre config/apt install commands runs for all web servers | | preconf.sh | Pre config/apt install commands runs for all web servers |
| conf.sh| Configuration runs for all webservers | | conf.sh| Configuration runs for all webservers |
| apt.list | packagelist for all webservers | | generic.pkg.list | packagelist for this webserver and php for all distro's |
| apt.pkg.list | packagelist for this webserver and php for distro's that use apt |
| dnf.pkg.list | packagelist for this webserver and php for distro's that use dnf/yum |
| `<Webserver>`-preconf.sh | Pre config/apt install commands runs for specified webserver | | `<Webserver>`-preconf.sh | Pre config/apt install commands runs for specified webserver |
| `<Webserver>`-conf.sh | Configuration runs for specified webserver | | `<Webserver>`-conf.sh | Configuration runs for specified webserver |
| `<Webserver>`-apt.list | packagelist for specified webserver | | `<Webserver>`-generic.pkg.list | packagelist for specified webserver for all distro's|
| `<Webserver>`-apt.pkg.list | packagelist for specified webserver for distro's that use apt|
| `<Webserver>`-dnf.pkg.list | packagelist for specified webserver for distro's that use dnf/yum|
| config/* | Directory for config files | | config/* | Directory for config files |

8
Docs/docs/Dev-Adding-Webserver.md
View File

@@ -2,7 +2,9 @@
* CoreModules/`<webserverName>`/ * CoreModules/`<webserverName>`/
* conf.sh * conf.sh
* preconf.sh * preconf.sh
* apt.list * generic.pkg.list
* apt.pkg.list
* dnf.pkg.list
* appendCMS-conf.sh * appendCMS-conf.sh
* config/* * config/*
# File Explanation # File Explanation
@@ -10,7 +12,9 @@
| -------- | ------------ | | -------- | ------------ |
| preconf.sh | Pre config/apt install commands (ex: repo setup) | | preconf.sh | Pre config/apt install commands (ex: repo setup) |
| conf.sh | Configuration for webserver and php | | conf.sh | Configuration for webserver and php |
| apt.list | packagelist for this webserver and php | | generic.pkg.list | packagelist for this webserver and php for all distro's |
| apt.pkg.list | packagelist for this webserver and php for distro's that use apt |
| dnf.pkg.list | packagelist for this webserver and php for distro's that use dnf/yum |
| appendCMS-conf.sh | Runs when a domain gets added after inital install by appendCMS.sh | | appendCMS-conf.sh | Runs when a domain gets added after inital install by appendCMS.sh |
# Defining in the menu # Defining in the menu

25
Docs/docs/User-MainInfo.md
View File

@@ -1,26 +1,37 @@
# Getting/using the Normal installer (installer.sh): # Getting/using the Normal installer (installer.sh):
Using curl
``` ```
#Get installer.sh from the repo and store it at: /tmp/installer.sh curl https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -o /tmp/installer.sh
bash /tmp/installer.sh
```
Using wget
```
wget https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh bash /tmp/installer.sh
``` ```
# Getting/using the Legacy installer (installer.sh): # Getting/using the Legacy installer (installer.sh):
Using curl
``` ```
#Get installer.sh from the repo and store it at: /tmp/installer.sh curl https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -o /tmp/installer.sh
bash /tmp/installer.sh -l 2>&1 | tee ~/output.log bash /tmp/installer.sh -l 2>&1 | tee ~/output.log
``` ```
Using wget
```
wget https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh -l 2>&1 | tee ~/output.log
```
# Adding a Domain (AppendCMS.sh): # Adding a Domain (AppendCMS.sh):
The script wil get most information it need from stored config, only the new domain and the mysql root password need to be entered. The script wil get most information it need from stored config, only the new domain and the mysql root password need to be entered.
``` ```
#Get the AppendCMS.sh from the repo and store it at: /tmp/AppendCMS.sh bash <(curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/AppendCMS.sh)
bash /tmp/AppendCMS.sh
``` ```
# Adding a Module/Option (AppendModule.sh): # Adding a Module/Option (AppendModule.sh):
The script wil get most information it need from stored config The script wil get most information it need from stored config
``` ```
#Get the AppendCMS.sh from the repo and store it at: /tmp/AppendModule.sh bash <(curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/AppendModule.sh)
bash /tmp/AppendModule.sh
``` ```

2
Docs/mkdocs.yml
View File

@@ -1,7 +1,7 @@
site_name: Web-V2 site_name: Web-V2
theme: slate theme: slate
repo_name: 'Git Repo' repo_name: 'Git Repo'
repo_url: https://git.ictmaatwerk.com/bprieshof/UBU-Web-V2/src/branch/master repo_url: https://git.ictmaatwerk.com/VPS-scripts/Web-V2/src/branch/master
nav: nav:
- User: 'User-MainInfo.md' - User: 'User-MainInfo.md'
- Development: - Development:

9
ModulesMenu.list
View File

@@ -15,12 +15,14 @@ nginxCMSL+=("Wordpress:" "WordPress is a content management system based on PHP.
nginxCMSL+=("Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF) nginxCMSL+=("Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF)
#Options #Options
nginxOptions=("Redis:" "Redis caching" OFF) nginxOptions=("Redis:" "Redis caching" OFF)
nginxOptions+=("Postfix:" "Mail MTA" OFF)
##Nginx ##Nginx
#CMSList #CMSList
nginx_nonphpCMSL=("None:" "A plain webserver will be setup." OFF) nginx_nonphpCMSL=("None:" "A plain webserver will be setup." OFF)
#Options #Options
nginx_nonphpOptions=("Redis:" "Redis caching" OFF) nginx_nonphpOptions=("Redis:" "Redis caching" OFF)
nginx_nonphpOptions+=("Postfix:" "Mail MTA" OFF)
##Apache ##Apache
#CMSList #CMSList
@@ -29,6 +31,7 @@ apacheCMSL+=("Wordpress:" "WordPress is a content management system based on PHP
apacheCMSL+=("Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF) apacheCMSL+=("Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF)
#Options #Options
apacheOptions=("Redis:" "Redis caching" OFF) apacheOptions=("Redis:" "Redis caching" OFF)
apacheOptions+=("Postfix:" "Mail MTA" OFF)
fi fi
if [ $IMODE = l ]; then if [ $IMODE = l ]; then
@@ -39,18 +42,18 @@ webservers=("Nginx" "Nginx_nonphp" "Apache" "Quit")
#CMSList #CMSList
nginxCMSL=("None" "Wordpress" "Nextcloud") nginxCMSL=("None" "Wordpress" "Nextcloud")
#Options #Options
nginxOptions=("Redis:") nginxOptions=("Redis:" "Postfix:")
##Nginx-nonphp ##Nginx-nonphp
#CMSList #CMSList
nginx_nonphpCMSL=("None") nginx_nonphpCMSL=("None")
#Options #Options
nginx_nonphpOptions=("Redis:") nginx_nonphpOptions=("Redis:" "Postfix:")
##Apache ##Apache
#CMSList #CMSList
apacheCMSL=("None" "Wordpress" "Nextcloud") apacheCMSL=("None" "Wordpress" "Nextcloud")
#Options #Options
apacheOptions=("Redis:") apacheOptions=("Redis:" "Postfix:")
fi fi

105
PhpUpdater.sh
View File

@@ -1,11 +1,18 @@
#sysCheck #sysCheck
if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi
rm /tmp/pkg.list
PKGI="${PKGM} install -y --no-install-recommends"
#Getting variables #Getting variables
source /etc/ICTM/mainvar.list source /etc/ICTM/mainvar.list
PPAversion=`apt list php | egrep -o "([0-9]{1,}.)+[0-9]{1,}" | cut -c 3-` && PPAversion=`echo $PPAversion | awk '{print $1; }' | cut -f1 -d"+"` if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi
if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi
source /etc/ICTM/phpvar.list
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
apt update
RepoVersion=`apt list |grep php | grep deb.sury.org| cut -f1 -d"-"| tail -1 |sed 's/php//'`
elif [ "$shortdist" = "el8" ]; then
dnf check-update --refresh
RepoVersion=`dnf list php* | awk '{print $1; }' | cut -f1 -d"-"| tail -1 |sed 's/php//' | sed 's/./&./1'`
fi
msg () { msg () {
if [ $IMODE = n ]; then if [ $IMODE = n ]; then
TERM=ansi whiptail --title "Info" --msgbox "$1" 8 52 TERM=ansi whiptail --title "Info" --msgbox "$1" 8 52
@@ -19,39 +26,25 @@ msg "Current php version: $phpver"
if [ $IMODE = n ]; then if [ $IMODE = n ]; then
# Legacy/Main Menu # Legacy/Main Menu
PKGP="debconf-apt-progress -- apt purge -y" PKGD="debconf-apt-progress -- apt purge -y"
#Menu #Menu
if (whiptail --title "Set new php version?" --yesno "Install php version $PPAversion ?" 8 78); then if (whiptail --title "Set new php version?" --yesno "Install php version $RepoVersion ?" 8 78); then
newphpver=$PPAversion newphpver=$RepoVersion
else else
newphpver=$(whiptail --inputbox "Please enter the version to install" --title "Custom" 8 39 3>&1 1>&2 2>&3) newphpver=$(whiptail --inputbox "Please enter the version to install" --title "Custom" 8 39 3>&1 1>&2 2>&3)
fi fi
#Install
apt list --installed | less | grep php$phpver | cut -f1 -d"/" | sed "s/$phpver/$newphpver/" | xargs $PKGI
#Config
cp /etc/php/$phpver/fpm/pool.d/* /etc/php/$newphpver/fpm/pool.d/
#Purge
if (whiptail --title "Set new php version?" --yesno "Remove php $phpver ?" 8 78); then
PhpPurge=1
$PKGP -y php$phpver*
else
PhpPurge=0
fi
fi fi
if [ $IMODE = l ]; then if [ $IMODE = l ]; then
# Legacy/Main Menu # Legacy/Main Menu
PKGP="apt purge -y" PKGD="apt purge -y"
#Menu #Menu
while true; do while true; do
read -p "Set phpversion to version $PPAversion ? -> yes/no?" yn read -p "Set phpversion to version $RepoVersion ? -> yes/no?" yn
case $yn in case $yn in
[Yy]* ) newphpver=$PPAversion [Yy]* ) newphpver=$RepoVersion
break;; break;;
[Nn]* ) echo ""; [Nn]* ) echo "";
echo "Please enter php version to install:";read newphpver echo "Please enter php version to install:";read newphpver
@@ -59,18 +52,56 @@ if [ $IMODE = l ]; then
* ) echo "Choose yes or no.";; * ) echo "Choose yes or no.";;
esac esac
done done
fi
#Genereating vars for new php version
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
# Debian/Ubunbtu Php variables
newphpPoolDir=/etc/php/${newphpver}/fpm/pool.d
newphpPkgName=php${newphpver}
newphpMainConf=/etc/php/${newphpver}/fpm/php.ini
newphpFPMService=php${newphpver}-fpm
PKGP=$PKGD
apt list --installed | less | grep php$phpver | cut -f1 -d"/" | sed "s/$phpPkgName/$newphpPkgName/" > /tmp/pkg.list
elif [ "$shortdist" = "el8" ]; then
# Centos Php variable
newphpPoolDir=/etc/opt/remi/php${newphpver//.}/php-fpm.d/
newphpPkgName=php${newphpver//.}-php
newphpMainConf=/etc/opt/remi/php${newphpver//.}/php.ini
newphpFPMService=php${newphpver//.}-php-fpm
PKGP="dnf remove -y"
dnf list --installed | sort | grep $phpPkgName | awk '{print $1;}' | cut -f1 -d"." | sed "s/$phpPkgName/$newphpPkgName/" > /tmp/pkg.list
fi
#Install #Install
apt list --installed | less | grep php$phpver | cut -f1 -d"/" | sed "s/$phpver/$newphpver/" | xargs $PKGI
if [ ${newphpver//.} -ge 80 ] && [ ${newphpver//.} -lt 90 ]; then
sed -i -e "s/$newphpPkgName-xmlrpc//g" -e "s/$newphpPkgName-json//g" /tmp/pkg.list
fi
cat /tmp/pkg.list | xargs $PKGI
#Config #Config
cp /etc/php/$phpver/fpm/pool.d/* /etc/php/$newphpver/fpm/pool.d/ systemctl stop $newphpFPMService
cp $phpPoolDir/* $newphpPoolDir
if [ $IMODE = n ]; then
#Purge
if (whiptail --title "Set new php version?" --yesno "Remove php $phpver ?" 8 78); then
PhpPurge=1
$PKGP -y $phpPkgName*
else
PhpPurge=0
fi
fi
if [ $IMODE = l ]; then
#Purge #Purge
while true; do while true; do
read -p "Remove php $phpver ? -> yes/no?" yn read -p "Remove php $phpver ? -> yes/no?" yn
case $yn in case $yn in
[Yy]* ) PhpPurge=1 ; $PKGP php$phpver* [Yy]* ) PhpPurge=1 ; $PKGP $phpPkgName*
break;; break;;
[Nn]* ) PhpPurge=0 ; echo "" [Nn]* ) PhpPurge=0 ; echo ""
break;; break;;
@@ -79,13 +110,23 @@ if [ $IMODE = l ]; then
done done
fi fi
for f in /etc/php/$newphpver/fpm/pool.d/*; do for f in $newphpPoolDir/*; do
sed -i "s/$phpver/$newphpver/" $f sed -i "s/$phpver/$newphpver/" $f
sed -i "s/${phpver//.}/${newphpver//.}/" $f
done done
systemctl reload php$newphpver-fpm
systemctl start $newphpFPMService
systemctl enable $newphpFPMService
sed -i "/phpver/c\phpver=\"$newphpver\"" /etc/ICTM/mainvar.list sed -i "/phpver/c\phpver=\"$newphpver\"" /etc/ICTM/mainvar.list
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/phpupdate-handeler.sh; then mv /etc/ICTM/phpvar.list /etc/ICTM/phpvar"$phpver".list
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/phpupdate-handeler.sh) for storeme in newphpPoolDir newphpPkgName newphpMainConf newphpFPMService; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/phpvar.list
done
sed -i 's/new//' /etc/ICTM/phpvar.list
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/phpupdate-handeler.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/phpupdate-handeler.sh)
fi fi

36
README.md
View File

@@ -1,17 +1,41 @@
# Ubuntu-Web-V2 # Web-V2
**Get Started with the graphical installer**: ## Geting started
**Default/Graphical installer**:
Using curl
``` ```
wget https://git.ictmaatwerk.com/bprieshof/UBU-Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh curl https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -o /tmp/installer.sh
bash /tmp/installer.sh bash /tmp/installer.sh
``` ```
**Legacy Installer for developing and debugging**: Using wget
``` ```
wget https://git.ictmaatwerk.com/bprieshof/UBU-Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh wget https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh
```
**Legacy Installer for developing and debugging**:
Using curl
```
curl https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -o /tmp/installer.sh
bash /tmp/installer.sh -l 2>&1 | tee ~/output.log bash /tmp/installer.sh -l 2>&1 | tee ~/output.log
```
Using wget
```
wget https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh -l 2>&1 | tee ~/output.log
```
## Adding extra CMS/Site after instalation
```
bash <(curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/AppendCMS.sh)
``` ```
#### This script uses the following repo's as dependencies: ## Adding extra Module after instalation
```
bash <(curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Web-V2/raw/branch/master/AppendModule.sh)
```
### This script uses the following repo's as dependencies:
``` ```
* VPS-scripts/Unattended-Security-Updates * VPS-scripts/Unattended-Security-Updates
* VPS-scripts/Ubuntu-MySQL * VPS-scripts/Ubuntu-MySQL

43
Scripts/EnableSSL.sh
View File

@@ -4,13 +4,13 @@ source /etc/ICTM/mainvar.list
sitename=CONFname sitename=CONFname
domain=DOMAINname domain=DOMAINname
domainwww=DomainWWW domainwww=DomainWWW
email=Email
webserv=WebServer webserv=WebServer
webservice=WebServer webservice=WebServer
#Correcting service name for Apache #Correcting service name for Apache
if [ $webservice = apache ]; then if [ $webservice = apache ]; then\
webservice=apache2 source /etc/ICTM/apachevar.list
webservice="$apacheService"
ext=.conf ext=.conf
fi fi
@@ -27,24 +27,27 @@ systemctl reload $webservice
#Enabling SSL #Enabling SSL
if [ $domainwww = 1 ]; then if [ $domainwww = 1 ]; then
certbot --"$webserv" certonly -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --issue --"$webserv" --ocsp --keylength 'ec-384' -d "$domain" -d "www.$domain"
certsatus=$?
elif [ $domainwww = 0 ]; then elif [ $domainwww = 0 ]; then
certbot --"$webserv" certonly -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --issue --"$webserv" --ocsp --keylength 'ec-384' -d "$domain"
fi certsatus=$?
fi
if test $certsatus -eq 0
then
site_ext="ssl"
else
site_ext="nossl"
rm -rf /etc/acmesh/certs/$domain*
echo "LE failed, restoring configuration"
fi
unset certsatus
#Restoring config #Restoring config
sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e "/#ConfHere1/ r /tmp/"$sitename"-config" -e '/#ConfHere/c\' /etc/"$webservice"/sites-available/"$sitename"_ssl"$ext" sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e "/#ConfHere1/ r /tmp/"$sitename"-config" -e '/#ConfHere/c\' /etc/"$webservice"/sites-available/"$sitename"_"$site_ext""$ext"
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh)
#Remove script if [ $site_ext = ssl ]; then
while true; do rm -- "$0"
read -p "Remove this script -> yes/no?" yn fi
case $yn in
[Nn]* )
break;;
[Yy]* )
rm -- "$0"
break;;
* )echo "Choose yes or no.";;
esac
done

19
Scripts/GenerateApacheList.sh Normal file
View File

@@ -0,0 +1,19 @@
if [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi
source /etc/ICTM/mainvar.list
if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
# Debian/Ubunbtu apache variables
apacheConfDir=/etc/apache2
apacheService=apache2
elif [ "$shortdist" = "el8" ]; then
# Centos Php variable
apacheConfDir=/etc/httpd
apacheService=httpd
fi
#Storing vars to config
for storeme in apacheService apacheConfDir; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/apachevar.list
done

23
Scripts/GeneratePhplist.sh Normal file
View File

@@ -0,0 +1,23 @@
if [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi
source /etc/ICTM/mainvar.list
if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
# Debian/Ubunbtu Php variables
phpPoolDir=/etc/php/${phpver}/fpm/pool.d
phpPkgName=php${phpver}
phpMainConf=/etc/php/${phpver}/fpm/php.ini
phpFPMService=php${phpver}-fpm
elif [ "$shortdist" = "el8" ]; then
# Centos Php variable
phpPoolDir=/etc/opt/remi/php${phpver//.}/php-fpm.d/
phpPkgName=php${phpver//.}-php
phpMainConf=/etc/opt/remi/php${phpver//.}/php.ini
phpFPMService=php${phpver//.}-php-fpm
fi
#Storing vars to config
for storeme in phpPoolDir phpPkgName phpMainConf phpFPMService; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/phpvar.list
done

14
Scripts/MicroOSDetect.sh Normal file
View File

@@ -0,0 +1,14 @@
dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then
shortdist=ubu1804
elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then
shortdist=ubu2004
elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
shortdist=deb10
elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then
shortdist=el8
else
echo "This os in known"
fi

87
Scripts/SMI.sh
View File

@@ -12,7 +12,7 @@ SMI_config=no
SMI_ModuleName=<ModuleName> SMI_ModuleName=<ModuleName>
#Enforcing Legacy Mode #Enforcing Legacy Mode
PKGM="apt" APTMODE="apt"
OUTPUT='/dev/tty' OUTPUT='/dev/tty'
IMODE=l IMODE=l
@@ -23,20 +23,58 @@ sslenable=1
password=TestP@ssword123 password=TestP@ssword123
email=test@mail.local email=test@mail.local
webserv=nginx webserv=nginx
#PackageManager-config
dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then
PKGM="$APTMODE"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=ubu1804
elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then
echo "Ubuntu 20.04 is not yet fully tested, not recommended for production server"
PKGM="$APTMODE"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=ubu2004
elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
echo "Debian 10 Detected"
PKGM="$APTMODE"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=deb10
elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then
echo "Centos 8 Detected"
PKGM="dnf"
PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y"
PKGLIST="dnf"
shortdist=el8
echo "This OS is not supported"
exit
else
echo "This OS is not supported"
exit
fi
unset dist_ver dist APTMODE
#Repo Vars #Repo Vars
repo=https://git.ictmaatwerk.com/bprieshof/UBU-Web-V2 repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2
branch=master branch=master
branchtype=branch
###Select Module type ###Select Module type
##Uncomment for CoreModules ##Uncomment for CoreModules
mtype=""$repo"/raw/branch/"$branch"/CoreModules/"$SMI_ModuleName"" mtype=""$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$SMI_ModuleName""
##Uncomment for SubModules ##Uncomment for SubModules
#mtype=""$repo"/raw/branch/"$branch"/SubModules/"$SMI_ModuleName"" #mtype=""$repo"/raw/"$branchtype"/"$branch"/SubModules/"$SMI_ModuleName""
##Uncomment for CMS ##Uncomment for CMS
#mtype=""$repo"/raw/branch/"$branch"/CMS/"$SMI_ModuleName"" #mtype=""$repo"/raw/"$branchtype"/"$branch"/CMS/"$SMI_ModuleName""
##Uncomment for External Module ##Uncomment for External Module
#mtype=""$repo"/raw/branch/"$branch"" #mtype=""$repo"/raw/"$branchtype"/"$branch""
#SelfBuilding Vars #SelfBuilding Vars
PKGI="${PKGM} install -y" PKGI="${PKGM} install -y"
@@ -62,31 +100,42 @@ fi
##--------------------------## ##--------------------------##
msg " Starting installer" 8 78 msg " Starting installer" 8 78
$PKGM update > $OUTPUT 2>&1 $PKGUC > $OUTPUT 2>&1
$PKGI curl > $OUTPUT 2>&1 $PKGI curl > $OUTPUT 2>&1
##-------------------------## ##-------------------------##
# Generating APT list # # Generating APT list #
##-------------------------## ##-------------------------##
#General aptList #Remove existing pkgList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/"$webserv"-apt.list; then rm -f /tmp/pkg.list
curl "$mtype"/"$webserv"-apt.list >>/tmp/apt.list
#General pkgList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/generic.pkg.list; then
curl "$mtype"/generic.pkg.list >>/tmp/pkg.list
fi fi
#Webserver specific aptList if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/"$PKGLIST".pkg.list; then
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/apt.list; then curl "$mtype"/"$PKGLIST".pkg.list >>/tmp/pkg.list
curl "$mtype"/apt.list >>/tmp/apt.list
fi fi
#Webserver specific pkgList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/"$webserv"-generic.pkg.list; then
curl "$mtype"/"$webserv"-generic.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/"$webserv"-"$PKGLIST".pkg.list; then
curl "$mtype"/"$webserv"-"$PKGLIST".pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
##--------------------## ##--------------------##
# Pre-Requirements # # Pre-Requirements #
##--------------------## ##--------------------##
msg " Preconfiguring" msg " Preconfiguring"
$PKGI software-properties-common gnupg > $OUTPUT 2>&1 curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=init osrel=$shortdist bash > $OUTPUT 2>&1
$PKGM update $PKGUC
$PKGM upgrade -y $PKGUP
##-------------------## ##-------------------##
@@ -106,9 +155,9 @@ fi
# Installer # # Installer #
##-------------## ##-------------##
$PKGM update $PKGUC
sed -i 's/PHPver/'$phpver'/g' /tmp/apt.list sed -i 's/PHPprefix/'$phpPkgName'/g' /tmp/pkg.list
cat /tmp/apt.list | xargs $PKGI cat /tmp/pkg.list | xargs $PKGI
##---------------## ##---------------##

8
Scripts/toggles/toggle-PhpMyAdmin_APACHE.sh
View File

@@ -20,13 +20,13 @@ if [ -n "$1" ]; then
if [[ "$1" = "-d" && "$PhpMA" != 0 ]]; then if [[ "$1" = "-d" && "$PhpMA" != 0 ]]; then
echo "Disable PhpMyadmin" echo "Disable PhpMyadmin"
sed -i '/PhpMA=/c\PhpMA=0' /etc/ICTM/toggle.conf sed -i '/PhpMA=/c\PhpMA=0' /etc/ICTM/toggle.conf
sed -i --follow-symlinks '/#enables\/disables PHPMyadmin/!b;n;cdeny from all' /etc/apache2/sites-enabled/010-Backend.conf sed -i --follow-symlinks '/#enables\/disables PHPMyadmin/!b;n;cdeny from all' /APADIR/sites-enabled/010-Backend.conf
systemctl reload apache2 systemctl reload APASRV
elif [[ "$1" = "-e" && "$PhpMA" != 1 ]]; then elif [[ "$1" = "-e" && "$PhpMA" != 1 ]]; then
echo "Enable PhpMyadmin" echo "Enable PhpMyadmin"
sed -i '/PhpMA=/c\PhpMA=1' /etc/ICTM/toggle.conf sed -i '/PhpMA=/c\PhpMA=1' /etc/ICTM/toggle.conf
sed -i --follow-symlinks '/#enables\/disables PHPMyadmin/!b;n;c#deny from all' /etc/apache2/sites-enabled/010-Backend.conf sed -i --follow-symlinks '/#enables\/disables PHPMyadmin/!b;n;c#deny from all' /APADIR/sites-enabled/010-Backend.conf
systemctl reload apache2 systemctl reload APASRV
elif [[ "$1" = "-h" ]]; then elif [[ "$1" = "-h" ]]; then
usage usage
else else

1
SubModules/php-fpm/apt.list
View File

@@ -1 +0,0 @@
phpPHPver-imagick php-pear phpPHPver-cli phpPHPver-fpm phpPHPver-mysql phpPHPver-cgi phpPHPver-common phpPHPver-mbstring phpPHPver-curl phpPHPver-gd phpPHPver-intl phpPHPver-soap phpPHPver-xml phpPHPver-xmlrpc phpPHPver-zip

39
SubModules/php-fpm/conf.sh
View File

@@ -1,17 +1,32 @@
systemctl stop php${phpver}-fpm systemctl stop $phpFPMService
############### ###############
# PHP-FPM # # PHP-FPM #
############### ###############
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' "$phpMainConf"
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' "$phpMainConf"
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.enable=1/opcache.enable=1/g' "$phpMainConf"
sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' "$phpMainConf"
sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=50000/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=50000/g' "$phpMainConf"
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' "$phpMainConf"
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' "$phpMainConf"
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' "$phpMainConf"
sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' "$phpMainConf"
sed -i 's/post_max_size = 8/post_max_size = 64/g' /etc/php/"$phpver"/fpm/php.ini sed -i 's/post_max_size = 8/post_max_size = 64/g' "$phpMainConf"
if [ "$shortdist" = "el8" ]; then
# Centos Mysql config
echo "pdo_mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini
echo "mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini
echo "mysqli.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini
echo "d /run/php 0755 www-data www-data - -" > /usr/lib/tmpfiles.d/php-custom.conf
#Centos php Bin
sudo ln -s /usr/bin/php${phpver//.} /usr/bin/php
#Centos SeLinux
setsebool -P httpd_can_network_connect 1
fi
systemctl start $phpFPMService
systemctl enable $phpFPMService
systemctl start php${phpver}-fpm

1
SubModules/php-fpm/php7x/apt.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
php-pear PHPprefix-mysql

1
SubModules/php-fpm/php7x/dnf.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
PHPprefix-pear PHPprefix PHPprefix-mysqlnd

1
SubModules/php-fpm/php7x/generic.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
PHPprefix-imagick PHPprefix-cli PHPprefix-apcu PHPprefix-fpm PHPprefix-cgi PHPprefix-common PHPprefix-mbstring PHPprefix-curl PHPprefix-gd PHPprefix-intl PHPprefix-soap PHPprefix-xml PHPprefix-xmlrpc PHPprefix-zip

1
SubModules/php-fpm/php8x/apt.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
php-pear PHPprefix-mysql

1
SubModules/php-fpm/php8x/dnf.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
PHPprefix-pear PHPprefix PHPprefix-mysqlnd

1
SubModules/php-fpm/php8x/generic.php.pkg.list Normal file
View File

@@ -0,0 +1 @@
PHPprefix-imagick PHPprefix-cli PHPprefix-apcu PHPprefix-fpm PHPprefix-cgi PHPprefix-common PHPprefix-mbstring PHPprefix-curl PHPprefix-gd PHPprefix-intl PHPprefix-soap PHPprefix-xml PHPprefix-zip

39
SubModules/php-fpm/preconf.sh Normal file
View File

@@ -0,0 +1,39 @@
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
# Debian/Ubunbtu Php variables
phpPoolDir=/etc/php/${phpver}/fpm/pool.d
phpPkgName=php${phpver}
phpMainConf=/etc/php/${phpver}/fpm/php.ini
phpFPMService=php${phpver}-fpm
elif [ "$shortdist" = "el8" ]; then
# Centos Php variable
phpPoolDir=/etc/opt/remi/php${phpver//.}/php-fpm.d/
phpPkgName=php${phpver//.}-php
phpMainConf=/etc/opt/remi/php${phpver//.}/php.ini
phpFPMService=php${phpver//.}-php-fpm
#Creating Socket directory
mkdir -p /var/run/php
fi
#Setting php version branch
if [ ${phpver//.} -ge 70 ] && [ ${phpver//.} -lt 80 ] ; then
phpVerBranch=7x
elif [ ${phpver//.} -ge 80 ] && [ ${phpver//.} -lt 90 ]; then
phpVerBranch=8x
fi
#Getting php pkglist
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/php-fpm/php"$phpVerBranch"/generic.php.pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/php-fpm/php"$phpVerBranch"/generic.php.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/php-fpm/php"$phpVerBranch"/"$PKGLIST".php.pkg.list; then
curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/php-fpm/php"$phpVerBranch"/"$PKGLIST".php.pkg.list >>/tmp/pkg.list
printf " " >>/tmp/pkg.list
fi
#Storing vars to config
for storeme in phpPoolDir phpPkgName phpMainConf phpFPMService phpVerBranch; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/phpvar.list
done

1
SubModules/postfix/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
mailutils

18
SubModules/postfix/conf.sh Normal file
View File

@@ -0,0 +1,18 @@
##-------------##
# Postfix #
##-------------##
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf
sed -i 's/relayhost =/mydestination = '$hostname', localhost.'$hostname', '$hostname'/g' /etc/postfix/main.cf
echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf
cat <<EOF > /etc/aliases
# See man 5 aliases for format
postmaster: root
root: $email
EOF
newaliases
systemctl start postfix
systemctl enable postfix
systemctl reload postfix

1
SubModules/postfix/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
postfix

13
SubModules/postfix/preconf.sh Normal file
View File

@@ -0,0 +1,13 @@
if [ -z "${domain}" ]; then
if [ $IMODE = n ]; then
domain=$(whiptail --nocancel --inputbox " Enter the domain without WWW " 11 82 --title "Config" 3>&1 1>&2 2>&3)
elif [ $IMODE = l ]; then
echo "Enter the domain without WWW:"
read domain
fi
fi
if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then
debconf-set-selections <<< "postfix postfix/mailname string $domain"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
fi

1
SubModules/redis/apt.list
View File

@@ -1 +0,0 @@
redis-server phpPHPver-redis

1
SubModules/redis/apt.pkg.list Normal file
View File

@@ -0,0 +1 @@
redis-server

2
SubModules/redis/conf.sh
View File

@@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
systemctl enable --now redis-server systemctl enable --now $redisService

Some files were not shown because too many files have changed in this diff Show More