antixrist/gist:454f046adfba119519b1 Secret

## gistfile1.txt
#!/bin/bash

# MySQL root password
ROOTPASS='yourMySqlPassword'
TIMEZONE='Europe/Moscow'

MYSQLPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12`
SFTPPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12`
PASSWORD=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12`
CONFIGKEY=`< /dev/urandom tr -dc _a-z-0-9 | head -c4`
CONNECTORSSUFFIX=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8`
##############

echo "Enter username for site and database:"
read USERNAME

echo "Enter domain"
read DOMAIN

##############

echo "Creating user and home directory..."
useradd $USERNAME -m -G sftp -s "/bin/false" -d "/var/www/$USERNAME"
if [ "$?" -ne 0 ]; then
	echo "Can't add user"
	exit 1
fi
echo $SFTPPASS > ./tmp
echo $SFTPPASS >> ./tmp
cat ./tmp | passwd $USERNAME
rm ./tmp

##############

mkdir /var/www/$USERNAME/www
mkdir /var/www/$USERNAME/tmp
chmod -R 755 /var/www/$USERNAME/
chown -R $USERNAME:$USERNAME /var/www/$USERNAME/
chown root:root /var/www/$USERNAME

echo "Creating vhost file"
echo "upstream backend-$USERNAME {server unix:/var/run/php5-$USERNAME.sock;}

server {
    server_name		i.$DOMAIN;
    location / {
	proxy_pass	http://$DOMAIN/i/;
    }
}
server {
    server_name		js.$DOMAIN;
    location / {
	proxy_pass	http://$DOMAIN/js/;
    }
}
server {
    server_name		www.$DOMAIN;
    return			301 \$scheme://$DOMAIN\$request_uri;
}
server {
    listen				80;
    server_name			$DOMAIN;
    charset				utf-8;
    root				/var/www/$USERNAME/www;
    access_log			/var/log/nginx/$USERNAME-access.log;
    error_log			/var/log/nginx/$USERNAME-error.log;
    index				index.php index.html;
    rewrite_log			on;

    location ~* ^/restricted/ {
	auth_basic           	'Go away!';
	auth_basic_user_file 	/var/www/$USERNAME/www/restricted/.htpasswd;
    }

    location ~* ^/(adminka|connectors|connectors-[_A-Z-a-z-0-9]+|_build)/ {
	location ~ \.php$ {
	    try_files 		\$uri =404;

	    include				fastcgi_params;
	    fastcgi_param		SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	    fastcgi_pass		backend-$USERNAME;
	}
	break;
	#rewrite (.*) $scheme://$host$1 break;
    }
    # Hide modx /core/ directory
    location ~* ^/core/ {
#		deny			all;
	return			404;
    }
    # If file and folder not exists -->
    location / {
	try_files		\$uri \$uri/ @rewrite;
    }
    # Redirect from index.html file to folder name
    location ~* ^(.*)/index\.html$ {
	if (\$request_uri ~* '^(.*)/index\.html$') {
#			rewrite		^(.*)/index\.html$ \$scheme://\$host\$1 permanent;
	    rewrite		^(.*)/index\.html$ \$scheme://\$host\$1/ permanent;
	}
    }
    # Redirect from index.php file to folder name
    location ~* ^(.*)/index\.php$ {
	if (\$request_uri ~* '^(.*)/index\.php$') {
#			rewrite		^(.*)/index\.php$ \$scheme://\$host\$1 permanent;
	    rewrite		^(.*)/index\.php$ \$scheme://\$host\$1/ permanent;
	}
	try_files 		\$uri =404;

	include			fastcgi_params;
	fastcgi_param		SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	fastcgi_pass		backend-$USERNAME;
    }
    # Remove double slashes in url
    location ~* .*//+.* {
	rewrite (.*)//+(.*) \$1/\$2 permanent;
    }
    # --> then redirect request to entry modx index.php
    location @rewrite {
	# add trailing slash
#		rewrite			(.*[^/])$ $scheme://$host$1/ permanent;
	# remove trailing slash
	rewrite			(.*)/$ \$scheme://\$host\$1 permanent;
	rewrite			^/(.*)$ /index.php?q=\$1 last;
    }
    # PHP handler
    location ~ \.php$ {
	try_files 		\$uri =404;

	include			fastcgi_params;
	fastcgi_param		SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	fastcgi_pass		backend-$USERNAME;
    }

    # Hide .htaccess/.htpassword files
    location ~ /\.ht {
#		deny			all;
	return			404;
    }

    # Custom error page
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
	internal;
    }
    error_page 404 /404.html;
    location = /404.html {
	internal;
    }
    error_page 403 /403.html;
    location = /403.html {
	internal;
    }

    # Include the basic h5bp config set
    include h5bp/basic.conf;
}
" > /etc/nginx/sites-available/$USERNAME.conf
ln -s /etc/nginx/sites-available/$USERNAME.conf /etc/nginx/sites-enabled/$USERNAME.conf

##############
echo "Creating php5-fpm config"

echo "[$USERNAME]

listen = /var/run/php5-$USERNAME.sock
listen.mode = 0666
user = $USERNAME
group = $USERNAME
chdir = /var/www/$USERNAME

php_admin_value[upload_tmp_dir] = /var/www/$USERNAME/tmp
php_admin_value[soap.wsdl_cache_dir] = /var/www/$USERNAME/tmp
php_admin_value[upload_max_filesize] = 100M
php_admin_value[post_max_size] = 100M
php_admin_value[open_basedir] = /var/www/$USERNAME/
#php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source,stream_socket_client,stream_set_write_buffer,stream_socket_sendto,highlight_file,com_load_typelib
php_admin_value[cgi.fix_pathinfo] = 0
php_admin_value[date.timezone] = $TIMEZONE
php_admin_value[session.gc_probability] = 1
php_admin_value[session.gc_divisor] = 100


pm = dynamic
pm.max_children = 10
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 4
" > /etc/php5/fpm/pool.d/$USERNAME.conf

##############

echo "Creating config.xml"
echo "<modx>
	<database_type>mysql</database_type>
	<database_server>localhost</database_server>
	<database>$USERNAME</database>
	<database_user>$USERNAME</database_user>
	<database_password>$MYSQLPASS</database_password>
	<database_connection_charset>utf8</database_connection_charset>
	<database_charset>utf8</database_charset>
	<database_collation>utf8_unicode_ci</database_collation>
	<table_prefix>modx_${USERNAME}_</table_prefix>
	<https_port>443</https_port>
	<http_host>$DOMAIN</http_host>
	<cache_disabled>0</cache_disabled>

	<inplace>1</inplace>

	<unpacked>0</unpacked>

	<language>ru</language>

	<cmsadmin>$USERNAME</cmsadmin>
	<cmspassword>$PASSWORD</cmspassword>
	<cmsadminemail>admin@$DOMAIN</cmsadminemail>

	<core_path>/var/www/$USERNAME/core/</core_path>

	<context_mgr_path>/var/www/$USERNAME/www/adminka/</context_mgr_path>
	<context_mgr_url>/adminka/</context_mgr_url>
	<context_connectors_path>/var/www/$USERNAME/www/connectors-$CONNECTORSSUFFIX/</context_connectors_path>
	<context_connectors_url>/connectors-$CONNECTORSSUFFIX/</context_connectors_url>
	<context_web_path>/var/www/$USERNAME/www/</context_web_path>
	<context_web_url>/</context_web_url>

	<remove_setup_directory>1</remove_setup_directory>
</modx>" > /var/www/$USERNAME/config.xml

#############

echo "Reloading nginx"
service nginx reload
echo "Reloading php5-fpm"
service php5-fpm reload

##############

echo "Creating database"

Q1="CREATE DATABASE IF NOT EXISTS $USERNAME DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;;"
Q2="GRANT ALTER,DELETE,DROP,CREATE,INDEX,INSERT,SELECT,UPDATE,CREATE TEMPORARY TABLES,LOCK TABLES ON $USERNAME.* TO '$USERNAME'@'localhost' IDENTIFIED BY '$MYSQLPASS';"
Q3="FLUSH PRIVILEGES;"
SQL="${Q1}${Q2}${Q3}"

mysql -uroot --password=$ROOTPASS -e "$SQL"

##############

echo "Installing MODx"

cd /var/www/$USERNAME/www/

echo "Getting file from modx.com..."
#sudo -u $USERNAME wget -O modx.zip http://modx.com/download/direct/modx-2.2.15-pl.zip
sudo -u $USERNAME wget -O modx.zip http://modx.com/download/latest/
#sudo -u $USERNAME wget -O modx.zip http://modx.com/download/direct/modx-2.3.1-pl.zip
echo "Unzipping file..."
sudo -u $USERNAME unzip "./modx.zip" -d ./ > /dev/null


ZDIR=`ls -F | grep "\/" | head -1`
if [ "${ZDIR}" = "/" ]; then
		echo "Failed to find directory..."; exit
fi

if [ -d "${ZDIR}" ]; then
		cd ${ZDIR}
		echo "Moving out of temp dir..."
		sudo -u $USERNAME mv ./* ../
		cd ../
		mv ./core/ ../core/
		sudo -u $USERNAME mv ./manager/ ./adminka/
		sudo -u $USERNAME mv ./connectors/ ./connectors-$CONNECTORSSUFFIX/
		rm -r "./${ZDIR}"

		echo "Removing zip file..."
		rm "./modx.zip"

		cd "setup"
		echo "Running setup..."
		sudo -u $USERNAME php ./index.php --core_path=/var/www/$USERNAME/core/  --installmode=new --config=/var/www/$USERNAME/config.xml

		echo "Done!"
else
		echo "Failed to find directory: ${ZDIR}"
		exit
fi

echo "#!/bin/bash

echo \"Set permissions for /var/www/$USERNAME/www...\";
echo \"CHOWN files...\";
chown -R $USERNAME:$USERNAME \"/var/www/$USERNAME/www\";
chown -R $USERNAME:$USERNAME \"/var/www/$USERNAME/core\";
echo \"CHMOD directories...\";
find \"/var/www/$USERNAME/www\" -type d -exec chmod 0755 '{}' \;
find \"/var/www/$USERNAME/core\" -type d -exec chmod 0755 '{}' \;
echo \"CHMOD files...\";
find \"/var/www/$USERNAME/www\" -type f -exec chmod 0644 '{}' \;
find \"/var/www/$USERNAME/core\" -type f -exec chmod 0644 '{}' \;
" > /var/www/$USERNAME/chmod
chmod +x /var/www/$USERNAME/chmod

echo "Done. Please visit http://$DOMAIN/adminka/ to login.
Manager user: $USERNAME
Manager password: $PASSWORD
SFTP password: $SFTPPASS
Mysql password: $MYSQLPASS" > /var/www/$USERNAME/pass.txt

cat /var/www/$USERNAME/pass.txt
	#!/bin/bash

	# MySQL root password
	ROOTPASS='yourMySqlPassword'
	TIMEZONE='Europe/Moscow'

	MYSQLPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 \| head -c12`
	SFTPPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 \| head -c12`
	PASSWORD=`< /dev/urandom tr -dc _A-Z-a-z-0-9 \| head -c12`
	CONFIGKEY=`< /dev/urandom tr -dc _a-z-0-9 \| head -c4`
	CONNECTORSSUFFIX=`< /dev/urandom tr -dc _A-Z-a-z-0-9 \| head -c8`
	##############

	echo "Enter username for site and database:"
	read USERNAME

	echo "Enter domain"
	read DOMAIN

	##############

	echo "Creating user and home directory..."
	useradd $USERNAME -m -G sftp -s "/bin/false" -d "/var/www/$USERNAME"
	if [ "$?" -ne 0 ]; then
	echo "Can't add user"
	exit 1
	fi
	echo $SFTPPASS > ./tmp
	echo $SFTPPASS >> ./tmp
	cat ./tmp \| passwd $USERNAME
	rm ./tmp

	##############

	mkdir /var/www/$USERNAME/www
	mkdir /var/www/$USERNAME/tmp
	chmod -R 755 /var/www/$USERNAME/
	chown -R $USERNAME:$USERNAME /var/www/$USERNAME/
	chown root:root /var/www/$USERNAME

	echo "Creating vhost file"
	echo "upstream backend-$USERNAME {server unix:/var/run/php5-$USERNAME.sock;}

	server {
	server_name i.$DOMAIN;
	location / {
	proxy_pass http://$DOMAIN/i/;
	}
	}
	server {
	server_name js.$DOMAIN;
	location / {
	proxy_pass http://$DOMAIN/js/;
	}
	}
	server {
	server_name www.$DOMAIN;
	return 301 \$scheme://$DOMAIN\$request_uri;
	}
	server {
	listen 80;
	server_name $DOMAIN;
	charset utf-8;
	root /var/www/$USERNAME/www;
	access_log /var/log/nginx/$USERNAME-access.log;
	error_log /var/log/nginx/$USERNAME-error.log;
	index index.php index.html;
	rewrite_log on;

	location ~* ^/restricted/ {
	auth_basic 'Go away!';
	auth_basic_user_file /var/www/$USERNAME/www/restricted/.htpasswd;
	}

	location ~* ^/(adminka\|connectors\|connectors-[_A-Z-a-z-0-9]+\|_build)/ {
	location ~ \.php$ {
	try_files \$uri =404;

	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	fastcgi_pass backend-$USERNAME;
	}
	break;
	#rewrite (.*) $scheme://$host$1 break;
	}
	# Hide modx /core/ directory
	location ~* ^/core/ {
	# deny all;
	return 404;
	}
	# If file and folder not exists -->
	location / {
	try_files \$uri \$uri/ @rewrite;
	}
	# Redirect from index.html file to folder name
	location ~* ^(.*)/index\.html$ {
	if (\$request_uri ~* '^(.*)/index\.html$') {
	# rewrite ^(.*)/index\.html$ \$scheme://\$host\$1 permanent;
	rewrite ^(.*)/index\.html$ \$scheme://\$host\$1/ permanent;
	}
	}
	# Redirect from index.php file to folder name
	location ~* ^(.*)/index\.php$ {
	if (\$request_uri ~* '^(.*)/index\.php$') {
	# rewrite ^(.*)/index\.php$ \$scheme://\$host\$1 permanent;
	rewrite ^(.*)/index\.php$ \$scheme://\$host\$1/ permanent;
	}
	try_files \$uri =404;

	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	fastcgi_pass backend-$USERNAME;
	}
	# Remove double slashes in url
	location ~* .//+. {
	rewrite (.)//+(.) \$1/\$2 permanent;
	}
	# --> then redirect request to entry modx index.php
	location @rewrite {
	# add trailing slash
	# rewrite (.*[^/])$ $scheme://$host$1/ permanent;
	# remove trailing slash
	rewrite (.*)/$ \$scheme://\$host\$1 permanent;
	rewrite ^/(.*)$ /index.php?q=\$1 last;
	}
	# PHP handler
	location ~ \.php$ {
	try_files \$uri =404;

	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
	fastcgi_pass backend-$USERNAME;
	}

	# Hide .htaccess/.htpassword files
	location ~ /\.ht {
	# deny all;
	return 404;
	}

	# Custom error page
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	internal;
	}
	error_page 404 /404.html;
	location = /404.html {
	internal;
	}
	error_page 403 /403.html;
	location = /403.html {
	internal;
	}

	# Include the basic h5bp config set
	include h5bp/basic.conf;
	}
	" > /etc/nginx/sites-available/$USERNAME.conf
	ln -s /etc/nginx/sites-available/$USERNAME.conf /etc/nginx/sites-enabled/$USERNAME.conf

	##############
	echo "Creating php5-fpm config"

	echo "[$USERNAME]

	listen = /var/run/php5-$USERNAME.sock
	listen.mode = 0666
	user = $USERNAME
	group = $USERNAME
	chdir = /var/www/$USERNAME

	php_admin_value[upload_tmp_dir] = /var/www/$USERNAME/tmp
	php_admin_value[soap.wsdl_cache_dir] = /var/www/$USERNAME/tmp
	php_admin_value[upload_max_filesize] = 100M
	php_admin_value[post_max_size] = 100M
	php_admin_value[open_basedir] = /var/www/$USERNAME/
	#php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source,stream_socket_client,stream_set_write_buffer,stream_socket_sendto,highlight_file,com_load_typelib
	php_admin_value[cgi.fix_pathinfo] = 0
	php_admin_value[date.timezone] = $TIMEZONE
	php_admin_value[session.gc_probability] = 1
	php_admin_value[session.gc_divisor] = 100


	pm = dynamic
	pm.max_children = 10
	pm.start_servers = 2
	pm.min_spare_servers = 2
	pm.max_spare_servers = 4
	" > /etc/php5/fpm/pool.d/$USERNAME.conf

	##############

	echo "Creating config.xml"
	echo "<modx>
	<database_type>mysql</database_type>
	<database_server>localhost</database_server>
	<database>$USERNAME</database>
	<database_user>$USERNAME</database_user>
	<database_password>$MYSQLPASS</database_password>
	<database_connection_charset>utf8</database_connection_charset>
	<database_charset>utf8</database_charset>
	<database_collation>utf8_unicode_ci</database_collation>
	<table_prefix>modx_${USERNAME}_</table_prefix>
	<https_port>443</https_port>
	<http_host>$DOMAIN</http_host>
	<cache_disabled>0</cache_disabled>

	<inplace>1</inplace>

	<unpacked>0</unpacked>

	<language>ru</language>

	<cmsadmin>$USERNAME</cmsadmin>
	<cmspassword>$PASSWORD</cmspassword>
	<cmsadminemail>admin@$DOMAIN</cmsadminemail>

	<core_path>/var/www/$USERNAME/core/</core_path>

	<context_mgr_path>/var/www/$USERNAME/www/adminka/</context_mgr_path>
	<context_mgr_url>/adminka/</context_mgr_url>
	<context_connectors_path>/var/www/$USERNAME/www/connectors-$CONNECTORSSUFFIX/</context_connectors_path>
	<context_connectors_url>/connectors-$CONNECTORSSUFFIX/</context_connectors_url>
	<context_web_path>/var/www/$USERNAME/www/</context_web_path>
	<context_web_url>/</context_web_url>

	<remove_setup_directory>1</remove_setup_directory>
	</modx>" > /var/www/$USERNAME/config.xml

	#############

	echo "Reloading nginx"
	service nginx reload
	echo "Reloading php5-fpm"
	service php5-fpm reload

	##############

	echo "Creating database"

	Q1="CREATE DATABASE IF NOT EXISTS $USERNAME DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;;"
	Q2="GRANT ALTER,DELETE,DROP,CREATE,INDEX,INSERT,SELECT,UPDATE,CREATE TEMPORARY TABLES,LOCK TABLES ON $USERNAME.* TO '$USERNAME'@'localhost' IDENTIFIED BY '$MYSQLPASS';"
	Q3="FLUSH PRIVILEGES;"
	SQL="${Q1}${Q2}${Q3}"

	mysql -uroot --password=$ROOTPASS -e "$SQL"

	##############

	echo "Installing MODx"

	cd /var/www/$USERNAME/www/

	echo "Getting file from modx.com..."
	#sudo -u $USERNAME wget -O modx.zip http://modx.com/download/direct/modx-2.2.15-pl.zip
	sudo -u $USERNAME wget -O modx.zip http://modx.com/download/latest/
	#sudo -u $USERNAME wget -O modx.zip http://modx.com/download/direct/modx-2.3.1-pl.zip
	echo "Unzipping file..."
	sudo -u $USERNAME unzip "./modx.zip" -d ./ > /dev/null



	ZDIR=`ls -F \| grep "\/" \| head -1`
	if [ "${ZDIR}" = "/" ]; then
	echo "Failed to find directory..."; exit
	fi

	if [ -d "${ZDIR}" ]; then
	cd ${ZDIR}
	echo "Moving out of temp dir..."
	sudo -u $USERNAME mv ./* ../
	cd ../
	mv ./core/ ../core/
	sudo -u $USERNAME mv ./manager/ ./adminka/
	sudo -u $USERNAME mv ./connectors/ ./connectors-$CONNECTORSSUFFIX/
	rm -r "./${ZDIR}"

	echo "Removing zip file..."
	rm "./modx.zip"

	cd "setup"
	echo "Running setup..."
	sudo -u $USERNAME php ./index.php --core_path=/var/www/$USERNAME/core/ --installmode=new --config=/var/www/$USERNAME/config.xml

	echo "Done!"
	else
	echo "Failed to find directory: ${ZDIR}"
	exit
	fi

	echo "#!/bin/bash

	echo \"Set permissions for /var/www/$USERNAME/www...\";
	echo \"CHOWN files...\";
	chown -R $USERNAME:$USERNAME \"/var/www/$USERNAME/www\";
	chown -R $USERNAME:$USERNAME \"/var/www/$USERNAME/core\";
	echo \"CHMOD directories...\";
	find \"/var/www/$USERNAME/www\" -type d -exec chmod 0755 '{}' \;
	find \"/var/www/$USERNAME/core\" -type d -exec chmod 0755 '{}' \;
	echo \"CHMOD files...\";
	find \"/var/www/$USERNAME/www\" -type f -exec chmod 0644 '{}' \;
	find \"/var/www/$USERNAME/core\" -type f -exec chmod 0644 '{}' \;
	" > /var/www/$USERNAME/chmod
	chmod +x /var/www/$USERNAME/chmod

	echo "Done. Please visit http://$DOMAIN/adminka/ to login.
	Manager user: $USERNAME
	Manager password: $PASSWORD
	SFTP password: $SFTPPASS
	Mysql password: $MYSQLPASS" > /var/www/$USERNAME/pass.txt

	cat /var/www/$USERNAME/pass.txt