Work_Archive/VPS-scripts_Web-V2
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases 11 Wiki Activity
Files
4af612d19ff441b0a707de97725f07a85f5545cf
VPS-scripts_Web-V2/installer.sh
bprieshof 75a550c57e Added Var parser for CMS
2019-12-12 12:02:07 +01:00

451 lines
13 KiB
Bash
Raw Blame History

#!/bin/bash
##--------------------##
# Legacy/Main Menu #
##--------------------##
sed -i -e 's/magenta/blue/g' /etc/newt/palette
if [ "$1" != "-l" ]; then
echo "Normal mode"
PKGM="debconf-apt-progress -- apt"
OUTPUT='/dev/null'
IMODE=n
fi
if [ "$1" = "-l" ]; then
echo "Legacy mode";
PKGM="apt"
OUTPUT='/dev/tty'
IMODE=l
fi
##---------------##
# Functions #
##---------------##
msg () {
if [ $IMODE = n ]; then
TERM=ansi whiptail --title "Info" --infobox "$1" 8 52
fi
if [ $IMODE = l ]; then
echo "$1"
fi
}
##---------------##
# Static-Vars #
##---------------##
#Git-repo
repo=https://git.ictmaatwerk.com/bprieshof/UBU-Web-V2
branch=master
#Installer-config
phpver=7.4
sqlver=8.0
cockpit=1
PHPMyadmin=1
#PackageManager-config
PKGA="add-apt-repository"
PKGI="${PKGM} install -y"
OUTPUT='/dev/null'
##--------------------------##
# Installer-Requirements #
##--------------------------##
msg "Starting installer." 8 78
$PKGM update > $OUTPUT 2>&1
$PKGI curl > $OUTPUT 2>&1
##--------##
# Menu #
##--------##
if [ $IMODE = n ]; then
domain=$(whiptail --nocancel --inputbox " Enter the domain without WWW " 11 82 --title "Config" 3>&1 1>&2 2>&3)
if (whiptail --title "Config" --yesno "Does www.${domain} exist in DNS" 8 78); then domainwww=1; else domainwww=1; fi
if (whiptail --title "Config" --yesno "Hostname with nxdi.nl" 11 82); then
hostname=$(whiptail --nocancel --inputbox " SystemID (eg: VCH001) without ".nxdi.nl" " 11 82 --title "Config" 3>&1 1>&2 2>&3)
hostname=$hostname".nxdi.nl"
else
hostname=$(whiptail --nocancel --inputbox " Hostname " 11 82 --title "Config" 3>&1 1>&2 2>&3)
fi
if (whiptail --title "Config" --yesno "Enable SSL on installation?" 11 82); then
sslenable=1
else
sslenable=0
fi
password=$(whiptail --nocancel --passwordbox "Please enter your password (should contain at least 2 digits and 6 characters)" 11 82 --title "Config" 3>&1 1>&2 2>&3)
email=$(whiptail --nocancel --inputbox " Enter the administrator e-mail" 11 82 --title "Config" 3>&1 1>&2 2>&3)
webserv=$(whiptail --title "Select Webserver" --radiolist "WebServer" 11 53 5 "Nginx:" "Will install NGINX Webserver." ON "Apache:" "Will install Apache Webserver." OFF 3>&1 1>&2 2>&3)
esws=$?
[[ "$esws" = 1 ]] && msg "Quiting installer." 8 78 && exit;
fi
if [ $IMODE = l ]; then
echo "" >/dev/null
echo "Enter the domain without WWW:"
read domain
while true; do
read -p "Does www.${domain} exist in DNS -> yes/no?" yn
case $yn in
[Yy]* ) domainwww=1
break;;
[Nn]* ) domainwww=0
break;;
* ) echo "Choose yes of no.";;
esac
done
while true; do
read -p "Hostname with nxdi.nl -> yes/no?" yn
case $yn in
[Nn]* )
echo 'Enter full hostname:'
read hostname
break;;
[Yy]* )
echo 'Hostname (eg: VCH001) without ".nxdi.nl":'
read hostname
hostname=$hostname".nxdi.nl"
break;;
* )echo "Choose yes or no.";;
esac
done
while true; do
read -p "Enable SSL on installation? -> yes/no?" yn
case $yn in
[Yy]* ) sslenable=1
break;;
[Nn]* ) sslenable=0
break;;
* ) echo "Choose yes of no.";;
esac
done
echo "Please enter your password (should contain at least 2 digits and 6 characters:"
read password
echo "Administrator E-mail:"
read email
echo "Select Webserver:"
PS3='Selected:'
options=("Nginx" "Apache" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Nginx")
webserv=Nginx:
break;;
"Apache")
webserv=Apache:
break;;
"Quit")
exit;;
*) echo "$REPLY is not a valid option!";;
esac
done
fi
webserv="${webserv//:}" && webserv="${webserv,,}"
curl "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/apt.list >>/tmp/apt.list
##----------##
# Addons #
##----------##
if [[ $webserv = "nginx" ]]; then
#NGINX Addon menu
if [ $IMODE = n ]; then
option=$(whiptail --nocancel --title "Which Nginx addons should be installed?" --checklist "Features" 11 110 5 "Memcached:" "Memcached is an open source, high-performance, distributed memory caching system." OFF "Redis Cache:" "Redis is an open source BSD licensed, in-memory data structure store." OFF 3>&1 1>&2 2>&3)
fi
if [ $IMODE = l ]; then
choice () {
local choice=$1
if [[ ${opts[choice]} ]] # toggle
then
opts[choice]=
else
opts[choice]=+
fi
}
PS3='Which Nginx addons should be installed?'
while :
do
echo ""
options=("Memcached ${opts[1]}" "Redis Cache ${opts[2]}" "Done")
select opt in "${options[@]}"
do
case $opt in
"Memcached ${opts[1]}")
choice 1
option="$option Memcache:"
break
;;
"Redis Cache ${opts[2]}")
choice 2
option="$option Redis Cache:"
break
;;
"Done")
break 2
;;
*) printf '%s\n' 'invalid option';;
esac
done
done
fi
fi
if [[ $webserv = "apache" ]]; then
#Apache Addon menu
if [ $IMODE = n ]; then
option=$(whiptail --nocancel --title "Which Apache addons should be installed?" --checklist "Features" 11 110 5 "Memcached:" "Memcached is an open source, high-performance, distributed memory caching system." OFF "Redis Cache:" "Redis is an open source BSD licensed, in-memory data structure store." OFF 3>&1 1>&2 2>&3)
fi
if [ $IMODE = l ]; then
choice () {
local choice=$1
if [[ ${opts[choice]} ]] # toggle
then
opts[choice]=
else
opts[choice]=+
fi
}
PS3='Which Apache addons should be installed?'
while :
do
clear
options=("Memcached ${opts[1]}" "Redis Cache ${opts[2]}" "Done")
select opt in "${options[@]}"
do
case $opt in
"Memcached ${opts[1]}")
choice 1
option="$option Memcache:"
break
;;
"Redis Cache ${opts[2]}")
choice 2
option="$option Redis Cache:"
break
;;
"Done")
break 2
;;
*) printf '%s\n' 'invalid option';;
esac
done
done
fi
fi
option="${option// /}" && option="${option/:/ }" && option="${option//:}" && option="${option,,}" && option="${option//'"'}"
echo "Generating Apt List for options"
for val1 in ${option[*]}; do
echo $val1 #TMP
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-apt.list; then
curl "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-apt.list >>/tmp/apt.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/apt.list; then
curl "$repo"/raw/branch/"$branch"/SubModules/"$val1"/apt.list >>/tmp/apt.list
fi
done
##-------##
# CMS #
##-------##
if [ $IMODE = n ]; then
function CMSM {
CMS=$(whiptail --nocancel --title "What CMS should be installed?" --radiolist "Features" 11 118 5 "Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF "Wordpress:" "WordPress is a content management system based on PHP." OFF "None:" "A plain webserver will be setup." OFF 3>&1 1>&2 2>&3)
if [ -z $CMS ]; then CMSM; fi
}
CMSM
fi
if [ $IMODE = l ]; then
echo "What CMS should be installed?"
PS3='Selected:'
options=("Nextcloud" "Wordpress" "None")
select opt in "${options[@]}"
do
case $opt in
"Nextcloud")
CMS=Nextcloud:
break;;
"Wordpress")
CMS=Wordpress:
break;;
"None")
CMS=None:
break;;
*) echo "$REPLY is not a valid option!";;
esac
done
fi
CMS="${CMS//:}" && CMS="${CMS,,}"
echo "Generating Apt List for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/apt.list >>/tmp/apt.list; then
curl "$repo"/raw/branch/"$branch"/CMS/"$CMS"/apt.list >>/tmp/apt.list
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-apt.list; then
curl "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-apt.list >>/tmp/apt.list
fi
##--------------------##
# Pre-Requirements #
##--------------------##
sed -i '/Port 22/c\Port 4242' /etc/ssh/sshd_config
msg "Preconfiguring."
$PKGI software-properties-common gnupg > $OUTPUT 2>&1
$PKGA universe -y > $OUTPUT 2>&1
$PKGA ppa:ondrej/php -y > $OUTPUT 2>&1
$PKGA ppa:certbot/certbot -y > $OUTPUT 2>&1
$PKGA ppa:chris-lea/redis-server -y > $OUTPUT 2>&1
$PKGM update
$PKGM upgrade -y
##-------------------##
# Pre-configuring #
##-------------------##
echo "Running preconf for Webserv"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/preconf.sh)
fi
echo "Running preconf for Options"
for val1 in ${option[*]}; do
echo $val1 #TMP
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/preconf.sh)
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-preconf.sh)
fi
done
echo "Running preconf for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/preconf.sh)
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh)
fi
##-------------##
# Installer #
##-------------##
$PKGM update
sed -i 's/PHPver/'$phpver'/g' /tmp/apt.list
cat /tmp/apt.list | xargs $PKGI
##---------------##
# Configuring #
##---------------##
echo "Running conf for Webserv"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/conf.sh)
fi
echo "Running conf for Options"
for val1 in ${option[*]}; do
echo $val1 #TMP
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/conf.sh)
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/SubModules/"$val1"/"$webserv"-conf.sh)
fi
done
echo "Setting up SSL"
if [ $sslenable = 1 ]; then
if [ $domainwww = 1 ]; then
certbot --"$webserv" -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
elif [ $domainwww = 0 ]; then
certbot --"$webserv" -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
fi
certbot --"$webserv" -n -d "$hostname" -m "$email" --hsts --redirect --no-eff-email --agree-tos
fi
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/EnableSSL.sh -O ~/activateSSL-$domain.sh
sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$domain'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh
wget -q -t7 "$repo"/raw/branch/"$branch"/Scripts/EnableSSL.sh -O ~/activateSSL-Backend.sh
sed -i -e 's/DOMAINname/'$hostname'/' -e 's/CONFname/'Backend'/' -e 's/DomainWWW/'0'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-HostName.sh
echo "Running conf for CMS"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/conf.sh)
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh)
fi
echo "Running conf for Backend"
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CMS/Backend/"$webserv"-conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CMS/Backend/"$webserv"-conf.sh)
fi
##------------##
# Fail2Ban #
##------------##
sed -i 's/root@localhost/'$email'/g' /etc/fail2ban/jail.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/sshd.local -O /etc/fail2ban/jail.d/sshd.local
if [[ $CMS == "Nextcloud" ]]; then
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/nextcloud.conf -O /etc/fail2ban/filter.d/nextcloud.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/nextcloud.local -O /etc/fail2ban/jail.d/nextcloud.local
fi
if [[ $CMS == "Wordpress" ]]; then
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/wordpress.conf -O /etc/fail2ban/filter.d/wordpress.conf
wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/wordpress.local -O /etc/fail2ban/jail.d/wordpress.local
fi
##-------##
# UFW #
##-------##
sed -i '/IPV6=/c\IPV6=yes' /etc/default/ufw
ufw default deny incoming > $OUTPUT 2>&1
ufw default allow outgoing > $OUTPUT 2>&1
ufw allow 80/tcp > $OUTPUT 2>&1
ufw allow 443/tcp > $OUTPUT 2>&1
ufw limit 4242/tcp > $OUTPUT 2>&1
echo "y" | ufw enable > $OUTPUT 2>&1
##------------##
# Services #
##------------##
systemctl restart sshd
Reference in New Issue View Git Blame Copy Permalink