-
-
Save Jimadine/20641c64cad46570c6950a0254780fae to your computer and use it in GitHub Desktop.
AtoM 2.6 manual installation steps ... automated
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -x | |
cd /tmp | |
# This is the key for the MySQL APT repo | |
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29 | |
add-apt-repository -y ppa:openjdk-r/ppa | |
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - | |
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-5.x.list | |
echo "deb http://repo.mysql.com/apt/ubuntu/ bionic mysql-8.0" | tee -a /etc/apt/sources.list.d/mysql.list | |
apt update | |
apt install -y debconf-utils | |
ROOT_SQL_PASS=changeme | |
debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password $ROOT_SQL_PASS" | |
debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password $ROOT_SQL_PASS" | |
debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)" | |
DEBIAN_FRONTEND=noninteractive apt install -y mysql-server | |
cat <<'MYSQLDCNF' > /etc/mysql/conf.d/mysqld.cnf | |
[mysqld] | |
sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION | |
optimizer_switch='block_nested_loop=off' | |
MYSQLDCNF | |
systemctl restart mysql | |
apt install -y openjdk-8-jre-headless software-properties-common elasticsearch nginx php7.2-cli php7.2-curl php7.2-json php7.2-ldap php7.2-mysql php7.2-opcache php7.2-readline php7.2-xml php7.2-fpm php7.2-mbstring php7.2-xsl php7.2-zip php-apcu php-memcache gearman-job-server imagemagick ghostscript poppler-utils ffmpeg | |
apt install -y --no-install-recommends fop libsaxon-java | |
systemctl enable elasticsearch | |
systemctl start elasticsearch | |
touch /etc/nginx/sites-available/atom | |
ln -sf /etc/nginx/sites-available/atom /etc/nginx/sites-enabled/atom | |
rm /etc/nginx/sites-enabled/default | |
cat <<'ATOMNGINX' > /etc/nginx/sites-available/atom | |
upstream atom { | |
server unix:/run/php7.2-fpm.atom.sock; | |
} | |
server { | |
listen 80; | |
root /usr/share/nginx/atom; | |
# http://wiki.nginx.org/HttpCoreModule#server_name | |
# _ means catch any, but it's better if you replace this with your server | |
# name, e.g. archives.foobar.com | |
server_name _; | |
client_max_body_size 72M; | |
# http://wiki.nginx.org/HttpCoreModule#try_files | |
location / { | |
try_files $uri /index.php?$args; | |
} | |
location ~ /\. { | |
deny all; | |
return 404; | |
} | |
location ~* (\.yml|\.ini|\.tmpl)$ { | |
deny all; | |
return 404; | |
} | |
location ~* /(?:uploads|files)/.*\.php$ { | |
deny all; | |
return 404; | |
} | |
location ~* /uploads/r/(.*)/conf/ { | |
} | |
location ~* ^/uploads/r/(.*)$ { | |
include /etc/nginx/fastcgi_params; | |
set $index /index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$index; | |
fastcgi_param SCRIPT_NAME $index; | |
fastcgi_pass atom; | |
} | |
location ~ ^/private/(.*)$ { | |
internal; | |
alias /usr/share/nginx/atom/$1; | |
} | |
location ~ ^/(index|qubit_dev)\.php(/|$) { | |
include /etc/nginx/fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_split_path_info ^(.+\.php)(/.*)$; | |
fastcgi_pass atom; | |
} | |
location ~* \.php$ { | |
deny all; | |
return 404; | |
} | |
} | |
ATOMNGINX | |
systemctl enable nginx | |
systemctl reload nginx | |
cat <<'PHPFPM' > /etc/php/7.2/fpm/pool.d/atom.conf | |
[atom] | |
; The user running the application | |
user = www-data | |
group = www-data | |
; Use UNIX sockets if Nginx and PHP-FPM are running in the same machine | |
listen = /run/php7.2-fpm.atom.sock | |
listen.owner = www-data | |
listen.group = www-data | |
listen.mode = 0600 | |
; The following directives should be tweaked based in your hardware resources | |
pm = dynamic | |
pm.max_children = 30 | |
pm.start_servers = 10 | |
pm.min_spare_servers = 10 | |
pm.max_spare_servers = 10 | |
pm.max_requests = 200 | |
chdir = / | |
; Some defaults for your PHP production environment | |
; A full list here: http://www.php.net/manual/en/ini.list.php | |
php_admin_value[expose_php] = off | |
php_admin_value[allow_url_fopen] = on | |
php_admin_value[memory_limit] = 512M | |
php_admin_value[max_execution_time] = 120 | |
php_admin_value[post_max_size] = 72M | |
php_admin_value[upload_max_filesize] = 64M | |
php_admin_value[max_file_uploads] = 10 | |
php_admin_value[cgi.fix_pathinfo] = 0 | |
php_admin_value[display_errors] = off | |
php_admin_value[display_startup_errors] = off | |
php_admin_value[html_errors] = off | |
php_admin_value[session.use_only_cookies] = 0 | |
; APC | |
php_admin_value[apc.enabled] = 1 | |
php_admin_value[apc.shm_size] = 64M | |
php_admin_value[apc.num_files_hint] = 5000 | |
php_admin_value[apc.stat] = 0 | |
; Zend OPcache | |
php_admin_value[opcache.enable] = 1 | |
php_admin_value[opcache.memory_consumption] = 192 | |
php_admin_value[opcache.interned_strings_buffer] = 16 | |
php_admin_value[opcache.max_accelerated_files] = 4000 | |
php_admin_value[opcache.validate_timestamps] = 0 | |
php_admin_value[opcache.fast_shutdown] = 1 | |
; This is a good place to define some environment variables, e.g. use | |
; ATOM_DEBUG_IP to define a list of IP addresses with full access to the | |
; debug frontend or ATOM_READ_ONLY if you want AtoM to prevent | |
; authenticated users | |
env[ATOM_DEBUG_IP] = "10.10.10.10,127.0.0.1" | |
env[ATOM_READ_ONLY] = "off" | |
PHPFPM | |
systemctl enable php7.2-fpm | |
systemctl start php7.2-fpm | |
php-fpm7.2 --test | |
systemctl status php7.2-fpm | |
systemctl status nginx | |
rm /etc/php/7.2/fpm/pool.d/www.conf | |
systemctl restart php7.2-fpm | |
# To fetch a pre-release version of AtoM from GH, replace the URL with e.g. https://github.com/artefactual/atom/archive/refs/heads/qa/2.x.tar.gz | |
wget https://storage.accesstomemory.org/releases/atom-2.6.4.tar.gz -O atom.tar.gz | |
mkdir /usr/share/nginx/atom | |
tar xzf atom.tar.gz -C /usr/share/nginx/atom --strip 1 | |
chown -R www-data:www-data /usr/share/nginx/atom | |
chmod o= /usr/share/nginx/atom | |
mysql -h localhost -u root -p$ROOT_SQL_PASS -e "CREATE DATABASE atom CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;" | |
mysql -h localhost -u root -p$ROOT_SQL_PASS -e "CREATE USER 'atom'@'localhost' IDENTIFIED BY '12345';" | |
mysql -h localhost -u root -p$ROOT_SQL_PASS -e "GRANT ALL PRIVILEGES ON atom.* TO 'atom'@'localhost';" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vagrant.configure("2") do |config| | |
config.vm.box = "ubuntu/bionic64" | |
config.vm.network "forwarded_port", guest: 80, host: 9000, host_ip: "127.0.0.1", auto_correct: true | |
config.vm.provider "virtualbox" do |vb| | |
vb.name = "_vanillaatom2" | |
vb.memory = 4096 | |
vb.cpus = 2 | |
# Set a Null file handler for the serial console per https://bugs.launchpad.net/cloud-images/+bug/1890942 | |
vb.customize [ "modifyvm", :id, "--uartmode1", "file", File::NULL ] | |
end | |
config.vm.provision :shell, :inline => "/vagrant/build_atom.sh" | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment