Last active
December 9, 2023 18:07
-
-
Save bouroo/6ffbb5afe99acdf975d0664f2e6970f6 to your computer and use it in GitHub Desktop.
Update directadmin webserver and add some security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
wget -O /usr/local/directadmin/scripts/getDA.sh https://gist.github.com/bouroo/6ffbb5afe99acdf975d0664f2e6970f6/raw/a7028ed7fb57da830b0e5d7b2678cc18527d0cf0/getDA.sh && \ | |
/usr/local/directadmin/scripts/getDA.sh stable && \ | |
sleep 5 && \ | |
/usr/local/directadmin/directadmin set update_channel stable && \ | |
/usr/local/directadmin/directadmin config-set autoupdate 1 && \ | |
/usr/local/directadmin/scripts/getLicense.sh auto && \ | |
service directadmin restart | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
if [ $# -lt 1 ]; then | |
echo "Usage:"; | |
echo " $0 alpha" | |
echo " $0 beta" | |
echo " $0 current" | |
echo " $0 stable" | |
echo " $0 [commit-hash]" | |
exit 0; | |
fi | |
if [ $# -gt 1 ]; then | |
shift | |
fi | |
CHANNEL=$1 | |
OS_SLUG=linux_amd64 | |
if [ "$(uname)" = "FreeBSD" ]; then | |
OS_SLUG=freebsd_amd64 | |
fi | |
if [ "$(echo -n "${CHANNEL}" | wc -c)" -eq "40" ]; then | |
COMMIT="${CHANNEL}" | |
else | |
COMMIT=$(dig +short -t txt "$CHANNEL-version.directadmin.com" | sed 's|.*commit=\([0-9a-f]*\).*|\1|') | |
fi | |
if [ -z "${COMMIT}" ]; then | |
echo "Error detecting latest DA release" | |
exit 1 | |
fi | |
set -e | |
FILE="directadmin_${COMMIT}_${OS_SLUG}.tar.gz" | |
DOWNLOAD_URL="https://download.directadmin.com/${FILE}" | |
DISTDIR=$(mktemp -d) | |
cleanup() { | |
rm -rf ${DISTDIR} | |
} | |
trap cleanup EXIT | |
curl --location --progress-bar --connect-timeout 10 "${DOWNLOAD_URL}" --output "${DISTDIR}/${FILE}" | |
tar xzf "${DISTDIR}/${FILE}" -C /usr/local/directadmin | |
/usr/local/directadmin/directadmin p || true | |
/usr/local/directadmin/scripts/update.sh | |
echo 'action=directadmin&value=restart' >> /usr/local/directadmin/data/task.queue | |
echo "Update Successful." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
cd /usr/local/directadmin/custombuild && \ | |
./build set modsecurity yes && \ | |
./build set modsecurity_ruleset comodo && \ | |
./build set webserver openlitespeed && \ | |
./build set mod_ruid2 no && \ | |
./build set php1_mode lsphp && \ | |
./build set php2_mode lsphp && \ | |
./build set php3_mode lsphp && \ | |
./build set php4_mode lsphp && \ | |
./build set pureftpd_uploadscan yes && \ | |
./build update && \ | |
./build openlitespeed && \ | |
./build modsecurity && \ | |
./build php n && \ | |
./build pureftpd && \ | |
mkdir -p custom/openlitespeed/conf && \ | |
cp -p configure/openlitespeed/conf/httpd-modsecurity.conf custom/openlitespeed/conf/ && \ | |
perl -pi -e 's/SecRequestBodyAccess .*/SecRequestBodyAccess On/' custom/openlitespeed/conf/httpd-modsecurity.conf && \ | |
perl -pi -e 's/^SecDefaultAction /#SecDefaultAction /' custom/openlitespeed/conf/httpd-modsecurity.conf && \ | |
./build rewrite_confs | |
echo "plz add cronjob htaccess scan" | |
echo "*/3 * * * * root if ! find /home/*/domains/*/*_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then /usr/local/lsws/bin/lswsctrl restart; fi" | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh -e | |
# | |
# rc.local | |
# | |
# This script is executed at the end of each multiuser runlevel. | |
# Make sure that the script will "exit 0" on success or any other | |
# value on error. | |
# | |
# In order to enable or disable this script just change the execution | |
# bits. | |
# | |
# By default this script does nothing. | |
# workaround for pure-ftpd not accept login | |
/usr/local/directadmin/custombuild/build pureftpd > /dev/null 2>&1 | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
majversion=$(rpm --eval '%{centos_ver}') | |
if [ ${majversion} == 6 ]; then | |
chattr -i -a /usr/local/directadmin/directadmin | |
chattr -i -a /usr/local/directadmin/conf/license.key | |
wget -O directadmin_rhel6_amd64.tar.gz https://download.directadmin.com/directadmin_3eb92b2bee482dadfcfec4ee9916bf06283e4134_rhel6_amd64.tar.gz | |
cp -a /usr/local/directadmin /usr/local/directadmin_$(date +%Y%m%d) | |
tar xzf directadmin_rhel6_amd64.tar.gz -C /usr/local/directadmin | |
/usr/local/directadmin/directadmin permissions || true | |
/usr/local/directadmin/scripts/update.sh | |
service directadmin restart | |
fi | |
/usr/local/directadmin/custombuild/build update | |
/usr/local/directadmin/directadmin set update_channel stable | |
/usr/local/directadmin/directadmin config-set autoupdate 1 | |
/usr/local/directadmin/custombuild/build update_da | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
cd /usr/local/directadmin/custombuild | |
./build set webserver apache | |
./build set php1_release 8.2 | |
./build set php2_release 7.4 | |
./build set php3_release 5.6 | |
./build set php1_mode php-fpm | |
./build set php2_mode php-fpm | |
./build set php3_mode php-fpm | |
./build set php4_mode php-fpm | |
./build set mod_ruid2 no | |
./build set secure_php yes | |
#./build set mysql_inst mariadb | |
#./build set mariadb 10.6 | |
./build update | |
./build update_da | |
#./build update_versions | |
#./build mariadb | |
./build php n | |
./build apache | |
./build secure_php | |
./build rewrite_confs | |
httpd -v | |
chgrp apache /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
chmod 705 /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
cd /usr/local/directadmin/custombuild | |
./build set webserver nginx_apache | |
./build set php1_release 8.2 | |
./build set php2_release 7.4 | |
./build set php3_release 5.6 | |
./build set php1_mode php-fpm | |
./build set php2_mode php-fpm | |
./build set php3_mode php-fpm | |
./build set php4_mode php-fpm | |
./build set mod_ruid2 no | |
./build set secure_php yes | |
#./build set mysql_inst mariadb | |
#./build set mariadb 10.6 | |
./build update | |
./build update_da | |
#./build update_versions | |
#./build mariadb | |
./build php n | |
./build nginx_apache | |
./build secure_php | |
./build rewrite_confs | |
httpd -v | |
nginx -v | |
chgrp apache /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
chmod 705 /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
cd /usr/local/directadmin/custombuild | |
./build set webserver openlitespeed | |
./build set php1_release 8.2 | |
./build set php2_release 7.4 | |
./build set php3_release 5.6 | |
./build set php1_mode lsphp | |
./build set php2_mode lsphp | |
./build set php3_mode lsphp | |
./build set php4_mode lsphp | |
./build set secure_php yes | |
#./build set mysql_inst mariadb | |
#./build set mariadb 10.6 | |
./build update | |
./build update_da | |
#./build update_versions | |
#./build mariadb | |
./build php n | |
./build openlitespeed | |
./build secure_php | |
./build rewrite_confs | |
httpd -v | |
chgrp apache /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
chmod 705 /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl /usr/bin/python | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
yum install -y epel-release open-vm-tools bash-completion ncdu tmux htop glances | |
service vmtoolsd restart | |
yum update -y | |
/usr/local/directadmin/custombuild/build set_fastest && \ | |
/usr/local/directadmin/custombuild/build update && \ | |
/usr/local/directadmin/custombuild/build update_da && \ | |
/usr/local/directadmin/custombuild/build set phpmyadmin_public no && \ | |
/usr/local/directadmin/custombuild/build set custombuild_plugin yes && \ | |
/usr/local/directadmin/custombuild/build custombuild_plugin && \ | |
/usr/local/directadmin/custombuild/build phpmyadmin && \ | |
/usr/local/directadmin/directadmin set one_click_webmail_login 1 && \ | |
/usr/local/directadmin/directadmin set one_click_pma_login 1 && \ | |
/usr/local/directadmin/custombuild/build rewrite_confs && \ | |
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue && \ | |
echo "action=rewrite&value=nginx" >> /usr/local/directadmin/data/task.queue && \ | |
echo "action=rewrite&value=openlitespeed" >> /usr/local/directadmin/data/task.queue && \ | |
/usr/local/directadmin/custombuild/build phpmyadmin && \ | |
service directadmin restart && \ | |
/usr/local/directadmin/custombuild/build update_versions | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment