Udara-Dananjaya/Build a Workspace.sh

## Build a Workspace.sh
# Gain superuser privileges
sudo -i

# Create swap area for managing memory
# Create a swap file for efficient memory management.
# Adjust size (5024 MB) as needed.
sudo dd if=/dev/zero bs=1M count=5024 of=/mnt/swapfile.swap
sudo chmod 600 /mnt/swapfile.swap
sudo mkswap /mnt/swapfile.swap
sudo swapon /mnt/swapfile.swap
# Add swap entry to /etc/fstab to persist after reboots
echo '/mnt/swapfile.swap swap swap defaults 0 0' | sudo tee -a /etc/fstab

# Check available RAM and disk space
free -m       # Display RAM information
df -h         # Display disk space information

# Update the list of available software packages
sudo apt update -y

# Upgrade installed packages to their latest versions
sudo apt-get upgrade -y
sudo apt-get full-upgrade -y

# Install XRDP for remote desktop access
sudo apt-get install -y xrdp

# Install XFCE, a lightweight GUI environment
sudo apt-get install -y xfce4

# Restart the XRDP service
sudo service xrdp restart

# Enable OpenSSH in the firewall
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw enable  # Confirm with 'y'
sudo ufw status
sudo nano /etc/ssh/sshd_config  # Open SSH configuration file
# Set 'PasswordAuthentication' to 'yes'
#PasswordAuthentication yes
sudo ufw reload
sudo service ssh restart

# Change the password for the 'ubuntu' user
sudo -s
sudo passwd ubuntu

# Clear existing iptables rules
sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -F

# Define firewall rules for the specified ports and sources
# Subnet > Ingress Rule > Source CIDR > 0.0.0.0/0
# TCP PORTS :80,443 #HTTP and HTTPS
# TCP PORTS 3306 #MySQL Port
# TCP PORTS 3389 #RDP Port

# Install and configure the LAMP stack (Linux, Apache, MySQL, PHP)
sudo apt update
sudo apt install apache2  # Install the Apache web server
# systemctl enable apache2 # Enable Apache (optional)
systemctl status apache2   # Check Apache's status
sudo apt install mysql-server  # Install MySQL database server

# Secure the MySQL installation
mysql_secure_installation
# Follow the prompts and set up MySQL security options
"Press y|Y for Yes, any other key for No: Y
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
Please set the password for root here.
New password:
Re-enter new password:
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
"

# Install PHP and necessary extensions for MySQL connectivity
sudo apt install php libapache2-mod-php php-mysql

# Check PHP and MySQL versions
php -v    # Check PHP version
mysql -v  # Check MySQL version and then exit

# Configure Apache for virtual hosting
cd /etc/apache2/  # Navigate to the Apache configuration folder
ls                # List directory content
cd sites-available  # Navigate to the available sites configuration folder
sudo nano 000-default.conf  # Edit the default virtual host configuration
# Update DocumentRoot to /var/www/html for the default site
DocumentRoot /var/www/html #Sites on server
cd /var/www/html  # Navigate to the default website location

# Visit the server's IP address in a browser to check if it works

# Set up directory structure for multiple websites
# Connect to the server via SSH: ssh root@ip_address
cd /var/www/  # Navigate to the website location
mkdir site_name  # Create a new directory for the website
sudo chown -R www-data:www-data /var/www/site_name
sudo chmod -R 775 /var/www/site_name

# Navigate to the available sites configuration folder
cd /etc/apache2/sites-available
ls
cd sites-available
sudo nano site_name.conf
# Add the virtual host configuration for the new site

# <VirtualHost *:80>
#     ServerAdmin webmaster@localhost
#     ServerName your_domain
#     ServerAlias your_domain
#     DocumentRoot /var/www/site_name
#     ErrorLog ${APACHE_LOG_DIR}/error.log
#     CustomLog ${APACHE_LOG_DIR}/access.log combined
# </VirtualHost>

# Enable the new virtual host configuration
# Enable newly created virtual host configuration.
cd /etc/apache2/
sudo a2ensite site_name.conf
sudo systemctl reload apache2

# Install Let's Encrypt for SSL certificates
# Install Certbot for SSL certificates.
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache
sudo certbot --apache -d your_domain -d www.your_domain
systemctl reload apache2

# Verify Let's Encrypt certificates setup
# Check if SSL certificates are configured.
sudo ls /etc/letsencrypt/live/your_domain
	# Gain superuser privileges
	sudo -i

	# Create swap area for managing memory
	# Create a swap file for efficient memory management.
	# Adjust size (5024 MB) as needed.
	sudo dd if=/dev/zero bs=1M count=5024 of=/mnt/swapfile.swap
	sudo chmod 600 /mnt/swapfile.swap
	sudo mkswap /mnt/swapfile.swap
	sudo swapon /mnt/swapfile.swap
	# Add swap entry to /etc/fstab to persist after reboots
	echo '/mnt/swapfile.swap swap swap defaults 0 0' \| sudo tee -a /etc/fstab

	# Check available RAM and disk space
	free -m # Display RAM information
	df -h # Display disk space information

	# Update the list of available software packages
	sudo apt update -y

	# Upgrade installed packages to their latest versions
	sudo apt-get upgrade -y
	sudo apt-get full-upgrade -y

	# Install XRDP for remote desktop access
	sudo apt-get install -y xrdp

	# Install XFCE, a lightweight GUI environment
	sudo apt-get install -y xfce4

	# Restart the XRDP service
	sudo service xrdp restart

	# Enable OpenSSH in the firewall
	sudo ufw app list
	sudo ufw allow OpenSSH
	sudo ufw enable # Confirm with 'y'
	sudo ufw status
	sudo nano /etc/ssh/sshd_config # Open SSH configuration file
	# Set 'PasswordAuthentication' to 'yes'
	#PasswordAuthentication yes
	sudo ufw reload
	sudo service ssh restart

	# Change the password for the 'ubuntu' user
	sudo -s
	sudo passwd ubuntu

	# Clear existing iptables rules
	sudo iptables -P INPUT ACCEPT
	sudo iptables -P OUTPUT ACCEPT
	sudo iptables -P FORWARD ACCEPT
	sudo iptables -F

	# Define firewall rules for the specified ports and sources
	# Subnet > Ingress Rule > Source CIDR > 0.0.0.0/0
	# TCP PORTS :80,443 #HTTP and HTTPS
	# TCP PORTS 3306 #MySQL Port
	# TCP PORTS 3389 #RDP Port

	# Install and configure the LAMP stack (Linux, Apache, MySQL, PHP)
	sudo apt update
	sudo apt install apache2 # Install the Apache web server
	# systemctl enable apache2 # Enable Apache (optional)
	systemctl status apache2 # Check Apache's status
	sudo apt install mysql-server # Install MySQL database server

	# Secure the MySQL installation
	mysql_secure_installation
	# Follow the prompts and set up MySQL security options
	"Press y\|Y for Yes, any other key for No: Y
	Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
	Please set the password for root here.
	New password:
	Re-enter new password:
	Do you wish to continue with the password provided?(Press y\|Y for Yes, any other key for No) : Y
	Remove anonymous users? (Press y\|Y for Yes, any other key for No) : Y
	Disallow root login remotely? (Press y\|Y for Yes, any other key for No) : Y
	Remove test database and access to it? (Press y\|Y for Yes, any other key for No) : Y
	Reload privilege tables now? (Press y\|Y for Yes, any other key for No) : Y
	"

	# Install PHP and necessary extensions for MySQL connectivity
	sudo apt install php libapache2-mod-php php-mysql

	# Check PHP and MySQL versions
	php -v # Check PHP version
	mysql -v # Check MySQL version and then exit

	# Configure Apache for virtual hosting
	cd /etc/apache2/ # Navigate to the Apache configuration folder
	ls # List directory content
	cd sites-available # Navigate to the available sites configuration folder
	sudo nano 000-default.conf # Edit the default virtual host configuration
	# Update DocumentRoot to /var/www/html for the default site
	DocumentRoot /var/www/html #Sites on server
	cd /var/www/html # Navigate to the default website location

	# Visit the server's IP address in a browser to check if it works

	# Set up directory structure for multiple websites
	# Connect to the server via SSH: ssh root@ip_address
	cd /var/www/ # Navigate to the website location
	mkdir site_name # Create a new directory for the website
	sudo chown -R www-data:www-data /var/www/site_name
	sudo chmod -R 775 /var/www/site_name

	# Navigate to the available sites configuration folder
	cd /etc/apache2/sites-available
	ls
	cd sites-available
	sudo nano site_name.conf
	# Add the virtual host configuration for the new site

	# <VirtualHost *:80>
	# ServerAdmin webmaster@localhost
	# ServerName your_domain
	# ServerAlias your_domain
	# DocumentRoot /var/www/site_name
	# ErrorLog ${APACHE_LOG_DIR}/error.log
	# CustomLog ${APACHE_LOG_DIR}/access.log combined
	# </VirtualHost>

	# Enable the new virtual host configuration
	# Enable newly created virtual host configuration.
	cd /etc/apache2/
	sudo a2ensite site_name.conf
	sudo systemctl reload apache2

	# Install Let's Encrypt for SSL certificates
	# Install Certbot for SSL certificates.
	sudo add-apt-repository ppa:certbot/certbot
	sudo apt install python-certbot-apache
	sudo certbot --apache -d your_domain -d www.your_domain
	systemctl reload apache2

	# Verify Let's Encrypt certificates setup
	# Check if SSL certificates are configured.
	sudo ls /etc/letsencrypt/live/your_domain