Stanislas-Poisson/prepare-server.sh

## prepare-server.sh
#!/bin/bash
# title           : prepare-server.sh
# description     : This script will prepare a web server with Apache, Php7.0, MySQL, NodeJs and let'sencrypt
# author          : StanislasP
# date            : 2018-01-14
# version         : 0.1
# usage           : bash prepare-server.sh
# notes           : Change the contents of variables to correspond to your configuration.
#                   Upload this script on your server and make a chmod +x prepare-server.sh.
#                   Then run the script.
# bash_version    : 4.4.12(1)-release
############################################################################
################### ONLY CHANGE THE FOLLOWING VARIABLES ####################
############################################################################
# The locale to be installed
LOCALE_USE="fr_FR.UTF-8 UTF-8"
LANGUAGE_USE="fr_FR.UTF-8"
# The Tzdata to be installed
TIMEZONE_USE="Europe/Paris"
NTP_POOL_USE=".fr.pool.ntp.org"
# The NEW password for the root user of this server
USER_ROOT_PWD="server_root_password"
# The name and password for the ssh user (Only this user can connect with ssh after the run)
USER_SSH_NAME="shh_user"
USER_SSH_PWD="ssh_password"
# The name and password for the user used for the web directory
USER_WEB_NAME="web_user"
USER_WEB_PWD="web_password"
# The password for the root user of the mysql-server
MYSQL_PWD="mysql_root_password"
# The NEW port for the ssh connection from 1024 to 65535 and avoid registered service numbers cat /etc/services
SSH_PORT=37465
############################################################################
############## DO NOT CHANGE BELOW UNTIL YOU KNOW WHAT YOU DO ##############
############################################################################

# Update and upgrade the systeme
apt update
apt dist-upgrade --yes
apt upgrade --yes

# Change the locale
sed -i 's/# '${LOCALE_USE}'/'${LOCALE_USE}'/g' /etc/locale.gen
locale-gen fr_FR.UTF-8
dpkg-reconfigure -f noninteractive locales
cat >> /etc/default/locale << EOF
LANGUAGE = ${LANGUAGE_USE}
LC_ALL = ${LANGUAGE_USE}
LANG = ${LANGUAGE_USE}
EOF

# Change the timezone
echo ${TIMEZONE_USE} > /etc/timezone
dpkg-reconfigure -f noninteractive tzdata

# Install ntp to be on date
apt install -y ntp
cat > /etc/ntp.conf << EOF
server 0${.fr.pool.ntp.org} iburst dynamic
server 1${.fr.pool.ntp.org} iburst dynamic
server 2${.fr.pool.ntp.org} iburst dynamic
server 3${.fr.pool.ntp.org} iburst dynamic
EOF
/etc/init.d/ntp restart

# Add new user for ssh
useradd ${USER_SSH_NAME} --create-home -s /bin/bash
echo -e "${USER_SSH_PWD}\n${USER_SSH_PWD}" | passwd ${USER_SSH_NAME}
adduser ${USER_SSH_NAME} sudo

# Change params of SSH
sed -i 's/#Port 22/Port '${SSH_PORT}'/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
cat >> /etc/ssh/sshd_config << EOF
AllowUsers ${USER_SSH_NAME}
EOF

# Change password root
echo -e "${USER_ROOT_PWD}\n${USER_ROOT_PWD}" | passwd root

# Restart ssh
/etc/init.d/ssh restart

# Add new user for web
useradd ${USER_WEB_NAME} --create-home -s /bin/bash
echo -e "${USER_WEB_PWD}\n${USER_WEB_PWD}" | passwd ${USER_WEB_NAME}
adduser ${USER_SSH_NAME} www-data
adduser www-data ${USER_SSH_NAME}

# Install the following packages
apt install --yes apache2 mysql-client mysql-server php7.0 php7.0-bz2 php7.0-curl php7.0-gd php7.0-imap php7.0-json php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-xml php7.0-zip nodejs git imagemagick python make certbot python-certbot-apache

# Parametrage d'apache
a2enmod --quiet deflate expires headers http2 rewrite ssl
sed -i 's/ServerTokens OS/ServerTokens Prod/g' /etc/apache2/conf-available/security.conf
sed -i 's/ServerSignature On/ServerSignature Off/g' /etc/apache2/conf-available/security.conf

/etc/init.d/apache2 reload

# Secure MySQL
mysql_install_db
echo -e "\n\n${MYSQL_PWD}\n${MYSQL_PWD}\n\n\nn\n\n " | mysql_secure_installation 2>/dev/null

# Apply personalisation
echo "set number" >> ~/.vimrc

cat >> ~/.bashrc << EOF
PS1="\[\e[1;34m\](\t)\[\e[0m\] \[\e[0;31m\]\u@\h\[\e[0m\] \[\e[1;32m\][\w]\[\e[0m\] \[\e[0;35m\]>\[\e[0m\] "
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
alias cd..='cd ..'
alias ..='cd ..'
alias cl='clear'
alias serveur-maj='apt update && apt -y upgrade'
alias serveur-reboot='/sbin/reboot'
EOF

echo "set number" >> /home/${USER_SSH_NAME}/.vimrc

cat >> /home/${USER_SSH_NAME}/.bashrc << EOF
PS1="\[\e[1;34m\](\t)\[\e[0m\] \[\e[0;31m\]\u@\h\[\e[0m\] \[\e[1;32m\][\w]\[\e[0m\] \[\e[0;35m\]>\[\e[0m\] "
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
alias cd..='cd ..'
alias ..='cd ..'
alias cl='clear'
alias serveur-maj='apt update && apt -y upgrade'
alias serveur-reboot='/sbin/reboot'
EOF
	#!/bin/bash
	# title : prepare-server.sh
	# description : This script will prepare a web server with Apache, Php7.0, MySQL, NodeJs and let'sencrypt
	# author : StanislasP
	# date : 2018-01-14
	# version : 0.1
	# usage : bash prepare-server.sh
	# notes : Change the contents of variables to correspond to your configuration.
	# Upload this script on your server and make a chmod +x prepare-server.sh.
	# Then run the script.
	# bash_version : 4.4.12(1)-release
	############################################################################
	################### ONLY CHANGE THE FOLLOWING VARIABLES ####################
	############################################################################
	# The locale to be installed
	LOCALE_USE="fr_FR.UTF-8 UTF-8"
	LANGUAGE_USE="fr_FR.UTF-8"
	# The Tzdata to be installed
	TIMEZONE_USE="Europe/Paris"
	NTP_POOL_USE=".fr.pool.ntp.org"
	# The NEW password for the root user of this server
	USER_ROOT_PWD="server_root_password"
	# The name and password for the ssh user (Only this user can connect with ssh after the run)
	USER_SSH_NAME="shh_user"
	USER_SSH_PWD="ssh_password"
	# The name and password for the user used for the web directory
	USER_WEB_NAME="web_user"
	USER_WEB_PWD="web_password"
	# The password for the root user of the mysql-server
	MYSQL_PWD="mysql_root_password"
	# The NEW port for the ssh connection from 1024 to 65535 and avoid registered service numbers cat /etc/services
	SSH_PORT=37465
	############################################################################
	############## DO NOT CHANGE BELOW UNTIL YOU KNOW WHAT YOU DO ##############
	############################################################################

	# Update and upgrade the systeme
	apt update
	apt dist-upgrade --yes
	apt upgrade --yes

	# Change the locale
	sed -i 's/# '${LOCALE_USE}'/'${LOCALE_USE}'/g' /etc/locale.gen
	locale-gen fr_FR.UTF-8
	dpkg-reconfigure -f noninteractive locales
	cat >> /etc/default/locale << EOF
	LANGUAGE = ${LANGUAGE_USE}
	LC_ALL = ${LANGUAGE_USE}
	LANG = ${LANGUAGE_USE}
	EOF

	# Change the timezone
	echo ${TIMEZONE_USE} > /etc/timezone
	dpkg-reconfigure -f noninteractive tzdata

	# Install ntp to be on date
	apt install -y ntp
	cat > /etc/ntp.conf << EOF
	server 0${.fr.pool.ntp.org} iburst dynamic
	server 1${.fr.pool.ntp.org} iburst dynamic
	server 2${.fr.pool.ntp.org} iburst dynamic
	server 3${.fr.pool.ntp.org} iburst dynamic
	EOF
	/etc/init.d/ntp restart

	# Add new user for ssh
	useradd ${USER_SSH_NAME} --create-home -s /bin/bash
	echo -e "${USER_SSH_PWD}\n${USER_SSH_PWD}" \| passwd ${USER_SSH_NAME}
	adduser ${USER_SSH_NAME} sudo

	# Change params of SSH
	sed -i 's/#Port 22/Port '${SSH_PORT}'/g' /etc/ssh/sshd_config
	sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
	cat >> /etc/ssh/sshd_config << EOF
	AllowUsers ${USER_SSH_NAME}
	EOF

	# Change password root
	echo -e "${USER_ROOT_PWD}\n${USER_ROOT_PWD}" \| passwd root

	# Restart ssh
	/etc/init.d/ssh restart

	# Add new user for web
	useradd ${USER_WEB_NAME} --create-home -s /bin/bash
	echo -e "${USER_WEB_PWD}\n${USER_WEB_PWD}" \| passwd ${USER_WEB_NAME}
	adduser ${USER_SSH_NAME} www-data
	adduser www-data ${USER_SSH_NAME}

	# Install the following packages
	apt install --yes apache2 mysql-client mysql-server php7.0 php7.0-bz2 php7.0-curl php7.0-gd php7.0-imap php7.0-json php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-xml php7.0-zip nodejs git imagemagick python make certbot python-certbot-apache

	# Parametrage d'apache
	a2enmod --quiet deflate expires headers http2 rewrite ssl
	sed -i 's/ServerTokens OS/ServerTokens Prod/g' /etc/apache2/conf-available/security.conf
	sed -i 's/ServerSignature On/ServerSignature Off/g' /etc/apache2/conf-available/security.conf

	/etc/init.d/apache2 reload

	# Secure MySQL
	mysql_install_db
	echo -e "\n\n${MYSQL_PWD}\n${MYSQL_PWD}\n\n\nn\n\n " \| mysql_secure_installation 2>/dev/null

	# Apply personalisation
	echo "set number" >> ~/.vimrc

	cat >> ~/.bashrc << EOF
	PS1="\[\e[1;34m\](\t)\[\e[0m\] \[\e[0;31m\]\u@\h\[\e[0m\] \[\e[1;32m\][\w]\[\e[0m\] \[\e[0;35m\]>\[\e[0m\] "
	export LS_OPTIONS='--color=auto'
	eval "`dircolors`"
	alias ls='ls $LS_OPTIONS'
	alias ll='ls $LS_OPTIONS -l'
	alias l='ls $LS_OPTIONS -lA'
	alias rm='rm -i'
	alias cp='cp -i'
	alias mv='mv -i'
	alias cd..='cd ..'
	alias ..='cd ..'
	alias cl='clear'
	alias serveur-maj='apt update && apt -y upgrade'
	alias serveur-reboot='/sbin/reboot'
	EOF

	echo "set number" >> /home/${USER_SSH_NAME}/.vimrc

	cat >> /home/${USER_SSH_NAME}/.bashrc << EOF
	PS1="\[\e[1;34m\](\t)\[\e[0m\] \[\e[0;31m\]\u@\h\[\e[0m\] \[\e[1;32m\][\w]\[\e[0m\] \[\e[0;35m\]>\[\e[0m\] "
	export LS_OPTIONS='--color=auto'
	eval "`dircolors`"
	alias ls='ls $LS_OPTIONS'
	alias ll='ls $LS_OPTIONS -l'
	alias l='ls $LS_OPTIONS -lA'
	alias rm='rm -i'
	alias cp='cp -i'
	alias mv='mv -i'
	alias cd..='cd ..'
	alias ..='cd ..'
	alias cl='clear'
	alias serveur-maj='apt update && apt -y upgrade'
	alias serveur-reboot='/sbin/reboot'
	EOF