Work_Archive/Vps-UBUNTU-SetupScripts
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

'RevProxySimple.sh' updaten

Browse Source
This commit is contained in:
ictmaatwerk
2018-09-21 12:53:58 +00:00
parent f9ceb1b518
commit fc54172ac5
1 changed files with 58 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
RevProxySimple.sh
View File

@@ -1,29 +1,43 @@
###==============================================### ###============================================================
## Apache Reverse Proxy NGINX Installer ## ## Ubuntu 18.04 Apache NGINX Reverse Proxy Installer
###==============================================### ###============================================================
## Zet comments hieronder:
#
#
#
##=============================================================
##----------------## ##----------------##
# Pre-Config # # Pre-Config #
##----------------## ##----------------##
# Set server IP variable for apache access
server_ip=$(hostname -I|cut -f1 -d ' ')
# Block direct apache acces # Block direct apache acces
#ufw deny 8080/tcp ufw deny 8080/tcp
# Setup domain folder # Setup domain folder
mkdir -p /var/www/"$domain"/public_html mkdir -p /var/www/"$domain"/html
chmod -R 755 /var/www
##-----------## ##-------------------##
# NGINX # # NGINX + MySQL #
##-----------## ##-------------------##
apt install -y nginx mysql-server-5.7 apt install -y nginx mysql-server-5.7
# mysql_secure_installation automated
mysqladmin -u root password "$DATABASE_PASS"
mysql -u root -p"$DATABASE_PASS" -e "UPDATE mysql.user SET Password=PASSWORD('$DATABASE_PASS') WHERE User='root'"
mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User=''"
mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -u root -p"$passwd" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
mysql -u root -p"$passwd" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$passwd"';"
mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;"
mysql -u root -p"$passwd" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
rm /etc/nginx/sites-enabled/default rm /etc/nginx/sites-enabled/default
cat <<EOF > /etc/nginx/sites-available/"$domain" cat <<EOF > /etc/nginx/sites-available/"$domain"
server { server {
listen 80; listen 80;
root /var/www/$domain/public_html; root /var/www/$domain/html;
index index.html index.htm index.php; index index.html index.htm index.php;
server_name $domain www.$domain; server_name $domain www.$domain;
@@ -36,7 +50,7 @@ server {
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$remote_addr; proxy_set_header X-Forwarded-For \$remote_addr;
proxy_set_header Host \$host; proxy_set_header Host \$host;
proxy_pass http://$server_ip:8080; proxy_pass http://127.0.0.1:8080;
} }
location ~ /\.ht { location ~ /\.ht {
@@ -52,14 +66,14 @@ ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/"$domain"
apt install -y apache2 apt install -y apache2
mv /etc/apache2/ports.conf /etc/apache2/ports.conf.default mv /etc/apache2/ports.conf /etc/apache2/ports.conf.default
echo "Listen $server_ip:8080" | tee /etc/apache2/ports.conf echo "Listen 127.0.0.1:8080" | tee /etc/apache2/ports.conf
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/"$domain".conf cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/"$domain".conf
cat <<EOF > /etc/apache2/sites-available/"$domain".conf cat <<EOF > /etc/apache2/sites-available/"$domain".conf
<VirtualHost *:8080> <VirtualHost *:8080>
ServerAdmin $email ServerAdmin $email
ServerName $domain ServerName $domain
ServerAlias www.$domain ServerAlias www.$domain
DocumentRoot /var/www/$domain/public_html DocumentRoot /var/www/$domain/html
ErrorLog \${APACHE_LOG_DIR}/error.log ErrorLog \${APACHE_LOG_DIR}/error.log
CustomLog \${APACHE_LOG_DIR}/access.log combined CustomLog \${APACHE_LOG_DIR}/access.log combined
</VirtualHost> </VirtualHost>
@@ -73,16 +87,28 @@ a2dissite 000-default
apt install -y libapache2-mod-php php-mysql php-cgi php-common php-pear php-mbstring php-curl php-gd php-intl php-soap php-xml php-xmlrpc php-zip apt install -y libapache2-mod-php php-mysql php-cgi php-common php-pear php-mbstring php-curl php-gd php-intl php-soap php-xml php-xmlrpc php-zip
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=50000/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/7.2/apache2/php.ini
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/7.2/apache2/php.ini
##----------------## ##----------------##
# phpMyAdmin # # PHPMyAdmin #
##----------------## ##----------------##
debconf-set-selections <<< "phpmyadmin phpmyadmin/dbconfig-install boolean true"
debconf-set-selections <<< "phpmyadmin phpmyadmin/app-password-confirm password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $password"
debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $passsword"
debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect"
apt install -y phpmyadmin apt install -y phpmyadmin
ln -s /usr/share/phpmyadmin /var/www/"$domain"/public_html/phpmyadmin ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/phpmyadmin
# Redirect phpmyadmin -> database # Redirect phpmyadmin -> database
mv /var/www/"$domain"/public_html/phpmyadmin /var/www/"$domain"/public_html/database mv /var/www/"$domain"/html/phpmyadmin /var/www/"$domain"/html/database
a2disconf phpmyadmin.conf a2disconf phpmyadmin.conf
systemctl restart apache2
##-------------## ##-------------##
# Postfix # # Postfix #
@@ -94,7 +120,6 @@ apt install -y mailutils
sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf
sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf
systemctl restart postfix
cat <<EOF > /etc/aliases cat <<EOF > /etc/aliases
# See man 5 aliases for format # See man 5 aliases for format
postmaster: root postmaster: root
@@ -109,6 +134,7 @@ newaliases
if [ $netdata = 1 ] if [ $netdata = 1 ]
then then
apt install -y netdata apt install -y netdata
sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
ufw allow 19999/tcp ufw allow 19999/tcp
# systemctl stop netdata # systemctl stop netdata
# systemctl disable netdata # systemctl disable netdata
@@ -121,7 +147,6 @@ fi
if [ $memcached = 1 ] if [ $memcached = 1 ]
then then
apt install -y memcached apt install -y memcached
systemctl restart memcached
# systemctl stop memcached # systemctl stop memcached
# systemctl disable memcached # systemctl disable memcached
fi fi
@@ -135,9 +160,7 @@ if [ $redis = 1 ]
apt install -y redis-server apt install -y redis-server
sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf sed -i 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf sed -i 's/# bind 127.0.0.1 ::1/bind 127.0.0.1 ::1/g' /etc/redis/redis.conf
sed -i 's/# requirepass foobared/requirepass '$passwd'/g' /etc/redis/redis.conf sed -i 's/# requirepass foobared/requirepass '$password'/g' /etc/redis/redis.conf
systemctl restart redis
systemctl restart redis.service
# systemctl stop redis # systemctl stop redis
# systemctl stop redis.service # systemctl stop redis.service
# systemctl disable redis # systemctl disable redis
@@ -148,26 +171,13 @@ fi
# Certbot # # Certbot #
##-------------## ##-------------##
add-apt-repository -y ppa:certbot/certbot #add-apt-repository -y ppa:certbot/certbot
apt install -y python-certbot-apache apt install -y python-certbot-apache
#certbot --apache -d $domain -d www.$domain #certbot --apache -d $domain -d www.$domain
#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/apache2/sites-available/"$domain" #sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/apache2/sites-available/"$domain"
#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/apache2/sites-available/"$domain" #sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/apache2/sites-available/"$domain"
#sed -i 's#include /etc/letsencrypt/options-ssl-apache.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/apache2/sites-available/"$domain" #sed -i 's#include /etc/letsencrypt/options-ssl-apache.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/apache2/sites-available/"$domain"
##-------------##
# php.ini #
##-------------##
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=256/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=50000/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.2/apache2/php.ini
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=0/g' /etc/php/7.2/apache2/php.ini
sed -i 's/; max_input_vars = 1000/max_input_vars = 10000/g' /etc/php/7.2/apache2/php.ini
systemctl restart apache2
##---------------## ##---------------##
# Wordpress # # Wordpress #
##---------------## ##---------------##
@@ -177,15 +187,15 @@ if [ $wordpress = 1 ]
db_name="wp_1" db_name="wp_1"
db_user="wp_1" db_user="wp_1"
db_pass=$(date +%s|sha256sum|base64|head -c 32) db_pass=$(date +%s|sha256sum|base64|head -c 32)
mysql -u root -p"$passwd" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
mysql -u root -p"$passwd" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
mysql -u root -p"$passwd" -e "FLUSH PRIVILEGES;" mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
tar xzvf /tmp/wp.tar.gz -C /tmp tar xzvf /tmp/wp.tar.gz -C /tmp
mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
cp -a /tmp/wordpress/. /var/www/"$domain"/public_html cp -a /tmp/wordpress/. /var/www/"$domain"/html
WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -) WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
cat <<EOF > /var/www/"$domain"/public_html/wp-config.php cat <<EOF > /var/www/"$domain"/html/wp-config.php
<?php <?php
define('DB_NAME', '$db_name'); define('DB_NAME', '$db_name');
define('DB_USER', '$db_user'); define('DB_USER', '$db_user');
@@ -222,23 +232,23 @@ if ( !defined('ABSPATH') )
# ) # )
#); #);
#define('WP_REDIS_HOST', '127.0.0.1'); #define('WP_REDIS_HOST', '127.0.0.1');
#define('WP_REDIS_PASSWORD', '$passwd'); #define('WP_REDIS_PASSWORD', '$password');
#define('WP_REDIS_PORT', '6379'); #define('WP_REDIS_PORT', '6379');
require_once(ABSPATH . 'wp-settings.php'); require_once(ABSPATH . 'wp-settings.php');
EOF EOF
fi fi
##-----------------## ##-----------------##
# OPCACHE GUI # # Opcache GUI #
##-----------------## ##-----------------##
wget https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php -O /var/www/"$domain"/public_html/opcache.php wget https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php -O /var/www/"$domain"/html/opcache.php
##--------------## ##--------------##
# info.php # # Info.php #
##--------------## ##--------------##
cat > /var/www/"$domain"/public_html/info.php <<- "EOF" cat > /var/www/"$domain"/html/info.php <<- "EOF"
<?php <?php
phpinfo(); phpinfo();
EOF EOF
@@ -247,5 +257,4 @@ EOF
# Html Folder Perms # # Html Folder Perms #
##-----------------------## ##-----------------------##
chown -R www-data:www-data /var/www/"$domain"/public_html chown -R www-data:www-data /var/www/"$domain"/html