Last active
January 21, 2020 01:57
-
-
Save MaxLazar/4e3f877d055899e820b411655c9d9221 to your computer and use it in GitHub Desktop.
install.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!env bash | |
| # Nginx-Craft virtual host configuration file | |
| # @author MaxLazar | |
| # @copyright Copyright (c) 2018 | |
| # @link https://maxlazar.com/ | |
| # @package server-install-lemp | |
| # @since 1.0.0 | |
| # @license MIT | |
| # sudo sh install_server.sh | |
| # https://linuxize.com/post/how-to-add-swap-space-on-centos-7/ | |
| # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-enabling_and_disabling_selinux-disabling_selinux | |
| installCNMP(){ | |
| if [[ -e /etc/redhat-release ]]; then | |
| RELEASE_RPM=$(sudo rpm -qf /etc/centos-release) | |
| RELEASE=$(sudo rpm -q --qf '%{VERSION}' ${RELEASE_RPM}) | |
| if [ ${RELEASE} != "7" ]; then | |
| echo "Not CentOS release 7." | |
| exit 1 | |
| fi | |
| else | |
| echo "Not CentOS system." | |
| exit 1 | |
| fi | |
| sudo rpm -q --qf '%{VERSION}' centos-release-7-5.1804.5.el7.centos.x86_64 | |
| echo Installing delta-rpm... | |
| sudo yum install -y deltarpm > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Installing epel repositories... | |
| sudo yum -y install epel-release > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 > /dev/null | |
| echo Installing webtatic repositories... | |
| sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm > /dev/null | |
| echo Remove Apache... | |
| sudo yum -y remove httpd > /dev/null | |
| echo Installing ius repositories... | |
| sudo curl -sS https://setup.ius.io/ | sudo bash > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo rpm --import /etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY > /dev/null | |
| echo Installing MariaDB official repositories... | |
| sudo cat > /etc/yum.repos.d/MariaDB.repo <<EOF | |
| [mariadb] | |
| name=MariaDB | |
| baseurl=http://yum.mariadb.org/10.3/centos7-amd64 | |
| gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB | |
| gpgcheck=1 | |
| EOF | |
| echo Installing support libs... | |
| sudo yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel pcre-devel openssl openssl-devel gperftools-devel GeoIP-devel gd-devel libxml2-devel libxslt-devel > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo yum -y install mariadb-server nginx php72w-fpm php72w-opcache php72w php72w-cli php72w-bcmath php72w-common php72w-mbstring php72w-pdo_dblib php72w-pdo php72w-xml php72w-pecl-imagick php72w-intl php72w-gd php72w-soap php72w-mysqlnd php72w-pdo php72w-json ntp certbot yum-cron wget git firewalld certbot | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Setup TimeZone to East Cost... | |
| sudo vtimedatectl set-timezone America/New_York | |
| echo Setup yum-cron... | |
| sudo sed -i 's/update_cmd =.*/update_cmd = security/' /etc/yum/yum-cron.conf | |
| sudo vsed -i 's/apply_updates =.*/apply_updates = yes/' /etc/yum/yum-cron.conf | |
| echo Enabling services... | |
| sudo systemctl enable nginx > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl enable mariadb > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl enable php-fpm > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl enable ntpd > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl enable yum-cron > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl enable firewalld > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Starting services... | |
| sudo systemctl start nginx | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl start mariadb | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl start php-fpm | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl start ntpd | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl start yum-cron | |
| if [ $? != 0 ]; then exit 1; fi | |
| sudo systemctl start firewalld | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Open ports... | |
| sudo firewall-cmd --permanent --add-service=ssh | |
| sudo firewall-cmd --permanent --add-service=http | |
| sudo firewall-cmd --permanent --add-service=https | |
| sudo firewall-cmd --zone=dmz --add-service=smtp --permanent | |
| sudo firewall-cmd --zone=dmz --add-service=smtps --permanent | |
| sudo firewall-cmd --reload | |
| echo Create a dhparam.pem ... | |
| sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 | |
| echo Enabling Lets Encrypt... | |
| sudo yum -y install certbot python-certbot-nginx | |
| sudo wget -O /etc/nginx/ssl/lets-encrypt-x3-cross-signed.pem "https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem" | |
| echo Create folders... | |
| sudo mkdir /etc/nginx/{sites-available,sites-enabled} | |
| if [ -z "$1" ] | |
| then | |
| echo "No domains to create" | |
| else | |
| sudo mkdir -p /var/www/$1/web/ | |
| fi | |
| echo Install composer... | |
| cd /tmp | |
| sudo curl -sS https://getcomposer.org/installer | sudo php | |
| sudo mv composer.phar /usr/local/bin/composer | |
| echo Done~ | |
| } | |
| installCNMP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment