corupta/neo4j-3.5-ubuntu.sh

## neo4j-3.5-ubuntu.sh
#!/usr/bin/env bash
wget -O - http://debian.neo4j.org/neotechnology.gpg.key | apt-key add -
echo 'deb http://debian.neo4j.org/repo stable/' > /etc/apt/sources.list.d/neo4j.list
apt-get update
apt-get -y install neo4j=1:3.5.14
cd /var/lib/neo4j/plugins || exit
wget https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/3.5.0.11/apoc-3.5.0.11-all.jar
wget https://github.com/neo4j-contrib/neo4j-graph-algorithms/releases/download/3.5.4.0/graph-algorithms-algo-3.5.4.0.jar
wget https://github.com/neo4j-contrib/spatial/releases/download/0.26.2-neo4j-3.5.2/neo4j-spatial-0.26.2-neo4j-3.5.2-server-plugin.jar
echo 'dbms.security.procedures.unrestricted=apoc.*, algo.*' >> /etc/neo4j/neo4j.conf
echo 'dbms.connectors.default_listen_address=0.0.0.0' >> /etc/neo4j/neo4j.conf
service neo4j restart

# RESTART ON REBOOT
cp /usr/bin/neo4j /etc/init.d/neo4j
echo '
#!/bin/sh

        OWNER=root #Set to the owner of the Neo4j installation

        case "$1" in
        "start")
            su - $OWNER -c "service neo4j start"
            ;;
        "stop")
            su - $OWNER -c "service neo4j stop"
            ;;
        "restart")
            su - $OWNER -c "service neo4j restart"
            ;;
        *)
            echo "Usage: $0 { start | stop | restart }"
            exit 1
            ;;
        esac
        exit 0
EOF
' > /etc/init.d/neo4j_ctl
chmod 744 /etc/init.d/neo4j_ctl
ln -s /etc/init.d/neo4j_ctl /etc/rc3.d/S40neo4j_ctl
ln -s /etc/init.d/neo4j_ctl /etc/rc5.d/S40neo4j_ctl
ln -s /etc/init.d/neo4j_ctl /etc/rc0.d/K30neo4j_ctl

# SSL PART
apt-get update
apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install -y certbot

# run 'sudo certbot certonly' to obtain ssl certificates, afterwards run /home/ubuntu/ssl-neo4j.sh
echo '#!/usr/bin/env bash
sudo chgrp -R neo4j /etc/letsencrypt/*
sudo chmod -R g+rx /etc/letsencrypt/*
cd /var/lib/neo4j/certificates
sudo mkdir -p revoked trusted bak/trusted bak/revoked
sudo mv neo4j.* bak
sudo mv trusted/neo4j.*  bak/trusted
sudo mv revoked/neo4j.*  bak/revoked
export MY_DOMAIN=graph.somehost.com
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem neo4j.cert
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/privkey.pem neo4j.key
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem trusted/neo4j.cert
echo "
bolt.ssl_policy=default
dbms.ssl.policy.default.base_directory=/var/lib/neo4j/certificates
dbms.ssl.policy.default.allow_key_generation=false
dbms.ssl.policy.default.private_key=/var/lib/neo4j/certificates/neo4j.key
dbms.ssl.policy.default.public_certificate=/var/lib/neo4j/certificates/neo4j.cert
dbms.ssl.policy.default.revoked_dir=/var/lib/neo4j/certificates/revoked
dbms.ssl.policy.default.client_auth=NONE
dbms.connectors.default_advertised_address=$MY_DOMAIN
" >> /etc/neo4j/neo4j.conf

service neo4j restart
' > /home/ubuntu/ssl-neo4j.sh

chmod +x /home/ubuntu/ssl-neo4j.sh
	#!/usr/bin/env bash
	wget -O - http://debian.neo4j.org/neotechnology.gpg.key \| apt-key add -
	echo 'deb http://debian.neo4j.org/repo stable/' > /etc/apt/sources.list.d/neo4j.list
	apt-get update
	apt-get -y install neo4j=1:3.5.14
	cd /var/lib/neo4j/plugins \|\| exit
	wget https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/3.5.0.11/apoc-3.5.0.11-all.jar
	wget https://github.com/neo4j-contrib/neo4j-graph-algorithms/releases/download/3.5.4.0/graph-algorithms-algo-3.5.4.0.jar
	wget https://github.com/neo4j-contrib/spatial/releases/download/0.26.2-neo4j-3.5.2/neo4j-spatial-0.26.2-neo4j-3.5.2-server-plugin.jar
	echo 'dbms.security.procedures.unrestricted=apoc., algo.' >> /etc/neo4j/neo4j.conf
	echo 'dbms.connectors.default_listen_address=0.0.0.0' >> /etc/neo4j/neo4j.conf
	service neo4j restart

	# RESTART ON REBOOT
	cp /usr/bin/neo4j /etc/init.d/neo4j
	echo '
	#!/bin/sh

	OWNER=root #Set to the owner of the Neo4j installation

	case "$1" in
	"start")
	su - $OWNER -c "service neo4j start"
	;;
	"stop")
	su - $OWNER -c "service neo4j stop"
	;;
	"restart")
	su - $OWNER -c "service neo4j restart"
	;;
	*)
	echo "Usage: $0 { start \| stop \| restart }"
	exit 1
	;;
	esac
	exit 0
	EOF
	' > /etc/init.d/neo4j_ctl
	chmod 744 /etc/init.d/neo4j_ctl
	ln -s /etc/init.d/neo4j_ctl /etc/rc3.d/S40neo4j_ctl
	ln -s /etc/init.d/neo4j_ctl /etc/rc5.d/S40neo4j_ctl
	ln -s /etc/init.d/neo4j_ctl /etc/rc0.d/K30neo4j_ctl

	# SSL PART
	apt-get update
	apt-get install software-properties-common
	add-apt-repository ppa:certbot/certbot
	apt-get update
	apt-get install -y certbot

	# run 'sudo certbot certonly' to obtain ssl certificates, afterwards run /home/ubuntu/ssl-neo4j.sh
	echo '#!/usr/bin/env bash
	sudo chgrp -R neo4j /etc/letsencrypt/*
	sudo chmod -R g+rx /etc/letsencrypt/*
	cd /var/lib/neo4j/certificates
	sudo mkdir -p revoked trusted bak/trusted bak/revoked
	sudo mv neo4j.* bak
	sudo mv trusted/neo4j.* bak/trusted
	sudo mv revoked/neo4j.* bak/revoked
	export MY_DOMAIN=graph.somehost.com
	sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem neo4j.cert
	sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/privkey.pem neo4j.key
	sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem trusted/neo4j.cert
	echo "
	bolt.ssl_policy=default
	dbms.ssl.policy.default.base_directory=/var/lib/neo4j/certificates
	dbms.ssl.policy.default.allow_key_generation=false
	dbms.ssl.policy.default.private_key=/var/lib/neo4j/certificates/neo4j.key
	dbms.ssl.policy.default.public_certificate=/var/lib/neo4j/certificates/neo4j.cert
	dbms.ssl.policy.default.revoked_dir=/var/lib/neo4j/certificates/revoked
	dbms.ssl.policy.default.client_auth=NONE
	dbms.connectors.default_advertised_address=$MY_DOMAIN
	" >> /etc/neo4j/neo4j.conf

	service neo4j restart
	' > /home/ubuntu/ssl-neo4j.sh

	chmod +x /home/ubuntu/ssl-neo4j.sh