[Webserver]

backup.sh

 #!/bin/bash
# Execute it as root, due to archiving permision conflicts
#CRONTAB entry for every day at 04:00 AM
#0 4 * * * /usr/local/bin/webserver-backup.sh >/dev/null 2>&1

# DATABSE DATA
DB_USER="XXX"
DB_PASSWORD="XXX"

# PATH'S
OUTPUT_PATH="/srv/backup"
WWW_PATH="/srv/webserver"
TEMP_PATH="/srv/backup/temp" #where to store data temporary before archiving and encrypting

# FTP DATA (where to save backup)
FTP_LOGIN="XXX"
FTP_PASS="XXX"
REMOTE_PATH="BACKUPS/WEBSERVER/"
REMOTE_HOST="77.23.XXZ.XX"
PORT="21"

# OTHER CONSTS
DATE=`date +%Y-%m-%d`
LOG_DATE=`date +[%Y-%m-%d:%H:%M:%S]`

# create directory if not exist
mkdir -p "$TEMP_PATH"

# remove old backup data at webserver in case error occurred during upload.
rm -f $TEMP_PATH/*.sql > /dev/null 2>&1
rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1
rm -f $OUTPUT_PATH/*.tar.gz.asc > /dev/null 2>&1

# get database table names
databases=`mysql --user=$DB_USER --password=$DB_PASSWORD -e "SHOW DATABASES;" | tr -d "| " | grep -v Database`

echo "$LOG_DATE DUMPING DATABASE TABLES"
for db in $databases; do
	# Ignore default phpmyadmin tables
    if [[ "$db" != "information_schema" ]] && [[ "$db" != _* ]] && [[ "$db" != mysql* ]] && [[ "$db" != "performance_schema" ]] ; then
        name=$TEMP_PATH/$DATE-$db
        echo "$LOG_DATE Dumped: $name"
		mysqldump --force --opt --user=$DB_USER --password=$DB_PASSWORD --databases $db > $name.sql
    fi
done
echo "$LOG_DATE DONE!"


# arhive dumped sql's and webserver directories
echo "$LOG_DATE Archieving data"
tar -czf $OUTPUT_PATH/$DATE-webserver.tar.gz -C $TEMP_PATH . -C $WWW_PATH .
echo "$LOG_DATE DONE!"

# ENCRYPT archive
# gpg -e -u "Sender User Name" -r "Receiver User Name" somefile
# --yes auto overwrite
echo "$LOG_DATE ENCRYPTING WEBSERVER"
/usr/bin/gpg --yes -e -a -r "mindaugas" $OUTPUT_PATH/$DATE-webserver.tar.gz
# remove archived after encryption
rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1
echo "$LOG_DATE DONE!"


echo "$LOG_DATE UPLOADING TO REMOTE FTP"
sudo curl -T $OUTPUT_PATH/$DATE-webserver.tar.gz.asc ftp://$REMOTE_HOST:$PORT/$REMOTE_PATH/ --user $FTP_LOGIN:$FTP_PASS
echo "$LOG_DATE DONE!"

 
# CHECK IF BACKUP EXIST IN REMOTE FTP
if curl $OUTPUT_PATH/$DATE-webserver.tar.gz.asc ftp://$REMOTE_HOST:$PORT/$REMOTE_PATH/ -s | grep $DATE-webserver.tar.gz.asc; then
	echo "$LOG_DATE ENCRYPTED ARCHIVE SUCCESFULLY UPLOADED!"
	echo "$LOG_DATE DELETING TEMP DATA"
	rm -f $TEMP_PATH/*.sql > /dev/null 2>&1
	rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1
	rm -f $OUTPUT_PATH/*.tar.gz.asc > /dev/null 2>&1
	echo "$LOG_DATE DONE!"cronmt
	echo "$LOG_DATE DO WEBSERVER BACKUP SUCCESS!" | /usr/local/bin/slackpost.sh
else
  echo "$LOG_DATE [ERROR] NO BACKUP WAS FOUND AFTER UPLOAD!" | /usr/local/bin/slackpost.sh
fi

fix-laralve-permissions.sh

	 #!/bin/bash
echo "Hello, "$USER".  This script will configurate your laravel file and folder permissions"
echo "You should run this script with sudo! Please ctr+c if you are not running this script with sudo"
echo  "Enter web server user [ENTER]: "
read name
echo "You have selected user: $name"
echo "Enter laravel main path [ENTER]: "
read  path
echo "You have selected path: $path"
echo "Please double check the input! Press n to cencel or y to agree and press [ENTER]"
read input
if [ "$input"  !=  "y" ]; then
    echo "Exiting script..."
    exit 0
fi
echo "Running: sudo chown -R $name:$name $path/"
sudo chown -R "$name":"$name" "$path"/
echo "Done!"
echo "Running: sudo usermod -a -G $name root"
sudo usermod -a -G "$name" root
echo "Done!"
echo "Running: sudo find $path -type f -exec chmod 644 {} \;"
sudo find "$path" -type f -exec chmod 644 {} \;
echo "Done!"
echo "Running: sudo find $path -type d -exec chmod 755 {} \;"
sudo find "$path" -type d -exec chmod 755 {} \;
echo "Done!"
echo "Running: sudo chown -R $name:$name $path"
sudo chown -R "$name":"$name" "$path"
echo "Done!"
echo "Running: sudo find $path -type f -exec chmod 664 {} \;"
sudo find "$path" -type f -exec chmod 664 {} \;
echo "Done!"
echo "Running: sudo find $path -type d -exec chmod 775 {} \;"
sudo find "$path" -type d -exec chmod 775 {} \;
echo "Done!"
echo "Running: sudo chgrp -R $name storage bootstrap/cache"
sudo chgrp -R "$name" "$path"/storage "$path"/bootstrap/cache
echo "Done!"
echo "Running: sudo chmod -R ug+rwx storage bootstrap/cache"
sudo chmod -R ug+rwx "$path"/storage "$path"/bootstrap/cache
echo "Done!"
echo "Laravel folder & files permissions fixed successfuly!"

fix-wp-permissions.sh

#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
#
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;

permisions.sh

sudo chown -R www-data:www-data /srv/www/example.com
sudo usermod -a -G www-data ftpuser

#directories to 755 and your files to 644... SET file permissions

#files
sudo find /srv/www/example.com -type f -exec chmod 644 {} \;    
#dirs
sudo find /srv/www/example.com -type d -exec chmod 755 {} \;

sudo chown -R www-data:www-data /srv/www/example.com

#give permissions to owner and group
sudo find /srv/www/example.com -type f -exec chmod 664 {} \;    
sudo find /srv/www/example.com -type d -exec chmod 775 {} \;

#cache+storage write permisions for laravel example
sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache