'Apache-RevProxNGINX-Installer.sh' updaten
This commit is contained in:
ictmaatwerk
@@ -11,13 +11,12 @@
|
|||||||
server_ip=$(hostname -I|cut -f1 -d ' ')
|
server_ip=$(hostname -I|cut -f1 -d ' ')
|
||||||
# Block direct apache acces
|
# Block direct apache acces
|
||||||
ufw deny 8080/tcp
|
ufw deny 8080/tcp
|
||||||
ufw allow from "$server_ip" proto tcp to any port 8080
|
|
||||||
|
|
||||||
#-------------------#
|
#-------------------#
|
||||||
# APACHE + PHP-FPM #
|
# APACHE + PHP-FPM #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt install apache2 php-fpm -y
|
apt install -y apache2 php-fpm
|
||||||
wget https://mirrors.edge.kernel.org/ubuntu/pool/multiverse/liba/libapache-mod-fastcgi/libapache2-mod-fastcgi_2.4.7~0910052141-1.2_amd64.deb
|
wget https://mirrors.edge.kernel.org/ubuntu/pool/multiverse/liba/libapache-mod-fastcgi/libapache2-mod-fastcgi_2.4.7~0910052141-1.2_amd64.deb
|
||||||
dpkg -i libapache2-mod-fastcgi_2.4.7~0910052141-1.2_amd64.deb
|
dpkg -i libapache2-mod-fastcgi_2.4.7~0910052141-1.2_amd64.deb
|
||||||
mv /etc/apache2/ports.conf /etc/apache2/ports.conf.default
|
mv /etc/apache2/ports.conf /etc/apache2/ports.conf.default
|
||||||
@@ -33,7 +32,7 @@ netstat -tlpn
|
|||||||
# MYSQL #
|
# MYSQL #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt install mysql-server-5.7 -y
|
apt install -y mysql-server-5.7
|
||||||
mysql_secure_installation
|
mysql_secure_installation
|
||||||
mysql -u root -p"$passwd" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
|
mysql -u root -p"$passwd" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
|
||||||
mysql -u root -p"$passwd" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$passwd"';"
|
mysql -u root -p"$passwd" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$passwd"';"
|
||||||
@@ -86,7 +85,7 @@ systemctl reload apache2
|
|||||||
# VHOST NGINX #
|
# VHOST NGINX #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt install nginx -y
|
apt install -y nginx
|
||||||
rm /etc/nginx/sites-enabled/default
|
rm /etc/nginx/sites-enabled/default
|
||||||
#mkdir -v /usr/share/nginx/$domain2
|
#mkdir -v /usr/share/nginx/$domain2
|
||||||
#echo "<?php phpinfo(); ?>" | tee /usr/share/nginx/$domain2/info.php
|
#echo "<?php phpinfo(); ?>" | tee /usr/share/nginx/$domain2/info.php
|
||||||
@@ -127,7 +126,7 @@ server {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location ~ \.php\$ {
|
location ~ \.php\$ {
|
||||||
proxy_pass http://$server_ip:8080;
|
proxy_pass http://127.0.0.1:8080;
|
||||||
proxy_set_header Host \$host;
|
proxy_set_header Host \$host;
|
||||||
proxy_set_header X-Real-IP \$remote_addr;
|
proxy_set_header X-Real-IP \$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||||
@@ -153,7 +152,7 @@ systemctl reload nginx
|
|||||||
# MOD_RPAF #
|
# MOD_RPAF #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt install unzip build-essential apache2-dev -y
|
apt install -y unzip build-essential apache2-dev
|
||||||
wget https://github.com/gnif/mod_rpaf/archive/stable.zip
|
wget https://github.com/gnif/mod_rpaf/archive/stable.zip
|
||||||
unzip stable.zip
|
unzip stable.zip
|
||||||
cd mod_rpaf-stable
|
cd mod_rpaf-stable
|
||||||
@@ -166,7 +165,7 @@ cat <<EOF > /etc/apache2/mods-available/rpaf.conf
|
|||||||
<IfModule mod_rpaf.c>
|
<IfModule mod_rpaf.c>
|
||||||
RPAF_Enable On
|
RPAF_Enable On
|
||||||
RPAF_Header X-Real-Ip
|
RPAF_Header X-Real-Ip
|
||||||
RPAF_ProxyIPs $server_ip
|
RPAF_ProxyIPs 127.0.0.1
|
||||||
RPAF_SetHostName On
|
RPAF_SetHostName On
|
||||||
RPAF_SetHTTPS On
|
RPAF_SetHTTPS On
|
||||||
RPAF_SetPort On
|
RPAF_SetPort On
|
||||||
@@ -180,16 +179,16 @@ systemctl reload apache2
|
|||||||
# CERTBOT #
|
# CERTBOT #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
add-apt-repository ppa:certbot/certbot -y
|
add-apt-repository -y ppa:certbot/certbot
|
||||||
apt update
|
apt update
|
||||||
apt install python-certbot-nginx -y
|
apt install -y python-certbot-nginx
|
||||||
#certbot --nginx -d $domain -d www.$domain
|
#certbot --nginx -d $domain -d www.$domain
|
||||||
|
|
||||||
#-------------------#
|
#-------------------#
|
||||||
# PHPMYADMIN #
|
# PHPMYADMIN #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt-get install phpmyadmin -y
|
apt install -y phpmyadmin
|
||||||
ln -s /usr/share/phpmyadmin /var/www/"$domain"/public_html
|
ln -s /usr/share/phpmyadmin /var/www/"$domain"/public_html
|
||||||
systemctl restart php7.2-fpm
|
systemctl restart php7.2-fpm
|
||||||
# Redirect phpmyadmin -> database
|
# Redirect phpmyadmin -> database
|
||||||
@@ -201,7 +200,9 @@ systemctl restart apache2
|
|||||||
# POSTFIX #
|
# POSTFIX #
|
||||||
#-------------------#
|
#-------------------#
|
||||||
|
|
||||||
apt install mailutils -y
|
debconf-set-selections <<< "postfix postfix/mailname string $domain"
|
||||||
|
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
|
||||||
|
apt install -y mailutils
|
||||||
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
|
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
|
||||||
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf
|
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf
|
||||||
sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf
|
sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf
|
||||||
@@ -219,7 +220,7 @@ newaliases
|
|||||||
|
|
||||||
if [ $netdata = 1 ]
|
if [ $netdata = 1 ]
|
||||||
then
|
then
|
||||||
apt install netdata -y
|
apt install -y netdata
|
||||||
ufw allow 19999/tcp
|
ufw allow 19999/tcp
|
||||||
# systemctl stop netdata
|
# systemctl stop netdata
|
||||||
# systemctl disable netdata
|
# systemctl disable netdata
|
||||||
@@ -232,7 +233,7 @@ fi
|
|||||||
|
|
||||||
if [ $memcached = 1 ]
|
if [ $memcached = 1 ]
|
||||||
then
|
then
|
||||||
apt-get install memcached -y
|
apt install -y memcached
|
||||||
systemctl restart memcached
|
systemctl restart memcached
|
||||||
# systemctl stop memcached
|
# systemctl stop memcached
|
||||||
# systemctl disable memcached
|
# systemctl disable memcached
|
||||||
@@ -245,7 +246,7 @@ fi
|
|||||||
|
|
||||||
if [ $redis = 1 ]
|
if [ $redis = 1 ]
|
||||||
then
|
then
|
||||||
apt install redis-server -y
|
apt install -y redis-server
|
||||||
sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
|
sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
|
||||||
sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
|
sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
|
||||||
sed -i 's/# requirepass foobared/requirepass '$passwd'/g' /etc/redis/redis.conf
|
sed -i 's/# requirepass foobared/requirepass '$passwd'/g' /etc/redis/redis.conf
|
||||||
|
|||||||
Reference in New Issue
Block a user