Installation script - automated - for an Nginx server with MySQL on Debian

server.sh

#!/bin/bash
#
# --------------------------------------------------------------------
# This is a free shell script under GNU GPL version 3.0 or above
# Copyright (C) 2005 ReFlectiv project.
# Feedback/comment/suggestions : http://www.reflectiv.net/
# -------------------------------------------------------------------------
#
# This script automatically set up a new *Debian* server (IMPORTANT : Debian!), by doing these actions :
#
# * Modification of the root password
# * Adding .email & .forward with the official root email
# * Sending an email to check sendmail
# * Adds French accents to shell
# * Define an hostname for the server
# * Creating users
# * Securing SSH
# * Update the system
# * Install unattended-upgrades
# * Install Fail2Ban
# * Install and set some security for :
# ** NGinx
# ** Mysql
# *** Execute mysql_secure_installation script
#
# @see http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers

# First of all, we check if the user is root
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
fi

echo "Installing VIM"
apt-get install --quiet vim

# Changing the password of the root user
read -e -p "Do you want to change the root password? [Y/n] : " change_password
if [[ ("$change_password" == "y" || "$change_password" == "Y" || "$change_password" == "") ]]; then
    passwd
fi

read -e -p "Admin contact email : " root_email

if [[ "$root_email" != "" ]]; then
    echo $root_email > ~/.email
    echo $root_email > ~/.forward
fi

# Adding French accents to bash
grep -q 'export LANG=fr_FR.UTF-8' ~/.bashrc || echo "export LANG=fr_FR.UTF-8" >> ~/.bashrc

# And adding it for all the newly created users :
grep -q 'export LANG=fr_FR.UTF-8' /etc/skel/.bashrc || echo "export LANG=fr_FR.UTF-8" >> /etc/skel/.bashrc

echo "Updating Server name"
read -e -p "New server name (like srv.company.tld) : " server_name
if [[ "$server_name" != "" ]]; then
    echo $server_name > /etc/hostname
    IP=$(ip addr show | grep eth0 | grep inet | tr -s " " | cut -f3 -d " " | cut -f1 -d "/")

    hosts_ip=$(grep -q $IP /etc/hosts)
    if [[ "$hosts_ip" != "" ]]; then
        sed -i "s/$IP.*/$IP $server_name/" /etc/hosts
    else
        echo "$IP $server_name" >> /etc/hosts
    fi

    hostname $server_name

    /etc/init.d/hostname.sh
fi

adduser cx42
mkdir /home/cx42/.ssh && chown cx42:cx42 /home/cx42/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlAKoEB/321gXVJdKQ4lZmSvkLec5Wsz75gF+eZY1CLcM+ytpyQrSkSTppdhmBG/BewipfCa5Hk32Un9AGSyk0CoVpm1NExeLuo2PvKW0ReL3u1SfvsUYqq6jEKbaUCPlaDk6JD1w+8RNboUHUTfUY1ZmkxmK8SPjLvakt4I4qF+BTNBm35twu9lk6KkZLpMnVTZt0YBKRilCBQNFFiiQnfc0Wk9Msn6YU2YcIER3ADY0hdYWxZ5ae/D7O6cGxV7ErBC9pTg+R+Y8mxKBgxYRXHDIsGc4NwB/rIRQ5Ru2DP9Qezqwqd7lmYf9jtpNj+pdSWi1Oe8nCo/1d43R9LKX/w== cx42@cx42-laptop" > /home/cx42/.ssh/authorized_keys

# SSH Server
echo "Improving security on SSH"

sed -i "s/#AuthorizedKeysFile/AuthorizedKeysFile/" /etc/ssh/sshd_config
sed -i "s/X11Forwarding yes/X11Forwarding no/" /etc/ssh/sshd_config
sed -i "s/PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config
echo "" >> /etc/ssh/sshd_config
echo "AllowUsers cx42" >> /etc/ssh/sshd_config

/etc/init.d/ssh restart

echo "Force update the server ..."
apt-get --quiet --yes update && apt-get --quiet --yes upgrade && apt-get dist-upgrade

echo "Automate installation of new upgrades ..."
apt-get --quiet --yes install unattended-upgrades

echo "Installing Fail2ban ..."
apt-get --quiet --yes install fail2ban

echo "Installing MySQL..."
apt-get --quiet --yes install mysql-server
mysql_secure_installation

echo "Installing various items":
apt-get install --quiet git python-pip python-dev libmysqlclient-dev

echo "Done!"