ansulev/inst-lemp-hhvm-aws-gcp-xenial.sh

## inst-lemp-hhvm-aws-gcp-xenial.sh
# update system
apt update -y && apt upgrade -y && apt autoremove -y && apt autoclean

# reboot
reboot

# remove dash
dpkg-reconfigure dash

# stop and disable sendmail if enabled
#service sendmail stop; update-rc.d -f sendmail remove

# remove apparmor if enabled
#service apparmor stop update-rc.d -f apparmor remove
#apt -y remove apparmor apparmor-utils

# ntp if needed
#apt -y install ntp ntpdate

# install mariadb client or/and server if needed
#apt -y install mariadb-client mariadb-server

# stop and disable apache2 if exist
#service apache2 stop
#update-rc.d -f apache2 remove

# create ssl certificate if needed
#mkdir /etc/ssl/private
#chmod 700 /etc/ssl/private
#sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
#openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

# install nginx fcgiwrap
apt -y install nginx fcgiwrap
service nginx start

# install php-fpm and some common modules - PHP 7.0
apt -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring php-apcu

# install php-fpm and some common modules - PHP 7.1
apt -y install software-properties-common
add-apt-repository -y ppa:ondrej/php
apt-get -y update
# all modules
apt -y install php7.1 php7.1-apc php7.1-bz2 php7.1-cgi php7.1-cli php7.1-common php7.1-curl php7.1-dev php7.1-enchant php7.1-fpm php7.1-gd php7.1-gmp php7.1-imap php7.1-interbase php7.1-intl php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-odbc php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-readline php7.1-recode php7.1-snmp php7.1-sqlite3 php7.1-sybase php7.1-tidy php7.1-xmlrpc php7.1-xsl php7.1-zip
# most common
apt -y install php7.1 php7.1-cli php7.1-common php7.1-json php7.1-opcache php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-zip php7.1-fpm

# PHP 7.2 - TODO

# enable needed modules
phpenmod mcrypt && phpenmod mbstring

# install apache2 if needed and module (correct php version)
apt install -y install apache2 libapache2-mod-php7.0

# for nginx - fix pathinfo (replace correct php version)
vim /etc/php/7.0/fpm/php.ini
[...]
cgi.fix_pathinfo=0
[...]
date.timezone=UTC
[...]
service php7.0-fpm reload
#????
vim /etc/nginx/nginx.conf
[...]
http {
[...]
        ## Detect when HTTPS is used
        map $scheme $fastcgi_https {
          default off;
          https on;

        }
[...]
}
[...]
#????
service nginx reload

apt -y install software-properties-common
# Key rotation is in progress as of November 2017; this is the old key:
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449
# And this is the new key:
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94
add-apt-repository "deb http://dl.hhvm.com/ubuntu xenial main"
apt update -y && apt -y install hhvm

add-apt-repository -y ppa:certbot/certbot
apt update -y && apt -y install certbot
certbot certonly --standalone --renew-by-default -d domain.xxx -d www.domain.xxx

#apt install ufw

vim /etc/nginx/sites-available/default
service nginx reload
vim /var/www/html/info.php

# install some useful tools
apt -y install htop iotop iftop nethogs elinks fail2ban

# and some dev tools
apt install -y git nodejs npm composer nano tree vim curl ftp -y

# clean up and reboot
apt -y autoremove && apt -y autoclean && apt -y clean
reboot

# list netstat
netstat -tlpn

# list running services
systemctl list-units --state=running | grep -v systemd | awk '{print $1}' | grep service
	# update system
	apt update -y && apt upgrade -y && apt autoremove -y && apt autoclean

	# reboot
	reboot

	# remove dash
	dpkg-reconfigure dash

	# stop and disable sendmail if enabled
	#service sendmail stop; update-rc.d -f sendmail remove

	# remove apparmor if enabled
	#service apparmor stop update-rc.d -f apparmor remove
	#apt -y remove apparmor apparmor-utils

	# ntp if needed
	#apt -y install ntp ntpdate

	# install mariadb client or/and server if needed
	#apt -y install mariadb-client mariadb-server

	# stop and disable apache2 if exist
	#service apache2 stop
	#update-rc.d -f apache2 remove

	# create ssl certificate if needed
	#mkdir /etc/ssl/private
	#chmod 700 /etc/ssl/private
	#sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
	#openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

	# install nginx fcgiwrap
	apt -y install nginx fcgiwrap
	service nginx start

	# install php-fpm and some common modules - PHP 7.0
	apt -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring php-apcu

	# install php-fpm and some common modules - PHP 7.1
	apt -y install software-properties-common
	add-apt-repository -y ppa:ondrej/php
	apt-get -y update
	# all modules
	apt -y install php7.1 php7.1-apc php7.1-bz2 php7.1-cgi php7.1-cli php7.1-common php7.1-curl php7.1-dev php7.1-enchant php7.1-fpm php7.1-gd php7.1-gmp php7.1-imap php7.1-interbase php7.1-intl php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-odbc php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-readline php7.1-recode php7.1-snmp php7.1-sqlite3 php7.1-sybase php7.1-tidy php7.1-xmlrpc php7.1-xsl php7.1-zip
	# most common
	apt -y install php7.1 php7.1-cli php7.1-common php7.1-json php7.1-opcache php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-zip php7.1-fpm

	# PHP 7.2 - TODO

	# enable needed modules
	phpenmod mcrypt && phpenmod mbstring

	# install apache2 if needed and module (correct php version)
	apt install -y install apache2 libapache2-mod-php7.0

	# for nginx - fix pathinfo (replace correct php version)
	vim /etc/php/7.0/fpm/php.ini
	[...]
	cgi.fix_pathinfo=0
	[...]
	date.timezone=UTC
	[...]
	service php7.0-fpm reload
	#????
	vim /etc/nginx/nginx.conf
	[...]
	http {
	[...]
	## Detect when HTTPS is used
	map $scheme $fastcgi_https {
	default off;
	https on;

	}
	[...]
	}
	[...]
	#????
	service nginx reload

	apt -y install software-properties-common
	# Key rotation is in progress as of November 2017; this is the old key:
	apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449
	# And this is the new key:
	apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94
	add-apt-repository "deb http://dl.hhvm.com/ubuntu xenial main"
	apt update -y && apt -y install hhvm

	add-apt-repository -y ppa:certbot/certbot
	apt update -y && apt -y install certbot
	certbot certonly --standalone --renew-by-default -d domain.xxx -d www.domain.xxx

	#apt install ufw

	vim /etc/nginx/sites-available/default
	service nginx reload
	vim /var/www/html/info.php

	# install some useful tools
	apt -y install htop iotop iftop nethogs elinks fail2ban

	# and some dev tools
	apt install -y git nodejs npm composer nano tree vim curl ftp -y

	# clean up and reboot
	apt -y autoremove && apt -y autoclean && apt -y clean
	reboot

	# list netstat
	netstat -tlpn

	# list running services
	systemctl list-units --state=running \| grep -v systemd \| awk '{print $1}' \| grep service