Last active
January 21, 2019 19:11
-
-
Save grambas/71642fb9bebabd5010d5dacc05af9953 to your computer and use it in GitHub Desktop.
[Webserver]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Execute it as root, due to archiving permision conflicts | |
#CRONTAB entry for every day at 04:00 AM | |
#0 4 * * * /usr/local/bin/webserver-backup.sh >/dev/null 2>&1 | |
# DATABSE DATA | |
DB_USER="XXX" | |
DB_PASSWORD="XXX" | |
# PATH'S | |
OUTPUT_PATH="/srv/backup" | |
WWW_PATH="/srv/webserver" | |
TEMP_PATH="/srv/backup/temp" #where to store data temporary before archiving and encrypting | |
# FTP DATA (where to save backup) | |
FTP_LOGIN="XXX" | |
FTP_PASS="XXX" | |
REMOTE_PATH="BACKUPS/WEBSERVER/" | |
REMOTE_HOST="77.23.XXZ.XX" | |
PORT="21" | |
# OTHER CONSTS | |
DATE=`date +%Y-%m-%d` | |
LOG_DATE=`date +[%Y-%m-%d:%H:%M:%S]` | |
# create directory if not exist | |
mkdir -p "$TEMP_PATH" | |
# remove old backup data at webserver in case error occurred during upload. | |
rm -f $TEMP_PATH/*.sql > /dev/null 2>&1 | |
rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1 | |
rm -f $OUTPUT_PATH/*.tar.gz.asc > /dev/null 2>&1 | |
# get database table names | |
databases=`mysql --user=$DB_USER --password=$DB_PASSWORD -e "SHOW DATABASES;" | tr -d "| " | grep -v Database` | |
echo "$LOG_DATE DUMPING DATABASE TABLES" | |
for db in $databases; do | |
# Ignore default phpmyadmin tables | |
if [[ "$db" != "information_schema" ]] && [[ "$db" != _* ]] && [[ "$db" != mysql* ]] && [[ "$db" != "performance_schema" ]] ; then | |
name=$TEMP_PATH/$DATE-$db | |
echo "$LOG_DATE Dumped: $name" | |
mysqldump --force --opt --user=$DB_USER --password=$DB_PASSWORD --databases $db > $name.sql | |
fi | |
done | |
echo "$LOG_DATE DONE!" | |
# arhive dumped sql's and webserver directories | |
echo "$LOG_DATE Archieving data" | |
tar -czf $OUTPUT_PATH/$DATE-webserver.tar.gz -C $TEMP_PATH . -C $WWW_PATH . | |
echo "$LOG_DATE DONE!" | |
# ENCRYPT archive | |
# gpg -e -u "Sender User Name" -r "Receiver User Name" somefile | |
# --yes auto overwrite | |
echo "$LOG_DATE ENCRYPTING WEBSERVER" | |
/usr/bin/gpg --yes -e -a -r "mindaugas" $OUTPUT_PATH/$DATE-webserver.tar.gz | |
# remove archived after encryption | |
rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1 | |
echo "$LOG_DATE DONE!" | |
echo "$LOG_DATE UPLOADING TO REMOTE FTP" | |
sudo curl -T $OUTPUT_PATH/$DATE-webserver.tar.gz.asc ftp://$REMOTE_HOST:$PORT/$REMOTE_PATH/ --user $FTP_LOGIN:$FTP_PASS | |
echo "$LOG_DATE DONE!" | |
# CHECK IF BACKUP EXIST IN REMOTE FTP | |
if curl $OUTPUT_PATH/$DATE-webserver.tar.gz.asc ftp://$REMOTE_HOST:$PORT/$REMOTE_PATH/ -s | grep $DATE-webserver.tar.gz.asc; then | |
echo "$LOG_DATE ENCRYPTED ARCHIVE SUCCESFULLY UPLOADED!" | |
echo "$LOG_DATE DELETING TEMP DATA" | |
rm -f $TEMP_PATH/*.sql > /dev/null 2>&1 | |
rm -f $OUTPUT_PATH/*.tar.gz > /dev/null 2>&1 | |
rm -f $OUTPUT_PATH/*.tar.gz.asc > /dev/null 2>&1 | |
echo "$LOG_DATE DONE!"cronmt | |
echo "$LOG_DATE DO WEBSERVER BACKUP SUCCESS!" | /usr/local/bin/slackpost.sh | |
else | |
echo "$LOG_DATE [ERROR] NO BACKUP WAS FOUND AFTER UPLOAD!" | /usr/local/bin/slackpost.sh | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Hello, "$USER". This script will configurate your laravel file and folder permissions" | |
echo "You should run this script with sudo! Please ctr+c if you are not running this script with sudo" | |
echo "Enter web server user [ENTER]: " | |
read name | |
echo "You have selected user: $name" | |
echo "Enter laravel main path [ENTER]: " | |
read path | |
echo "You have selected path: $path" | |
echo "Please double check the input! Press n to cencel or y to agree and press [ENTER]" | |
read input | |
if [ "$input" != "y" ]; then | |
echo "Exiting script..." | |
exit 0 | |
fi | |
echo "Running: sudo chown -R $name:$name $path/" | |
sudo chown -R "$name":"$name" "$path"/ | |
echo "Done!" | |
echo "Running: sudo usermod -a -G $name root" | |
sudo usermod -a -G "$name" root | |
echo "Done!" | |
echo "Running: sudo find $path -type f -exec chmod 644 {} \;" | |
sudo find "$path" -type f -exec chmod 644 {} \; | |
echo "Done!" | |
echo "Running: sudo find $path -type d -exec chmod 755 {} \;" | |
sudo find "$path" -type d -exec chmod 755 {} \; | |
echo "Done!" | |
echo "Running: sudo chown -R $name:$name $path" | |
sudo chown -R "$name":"$name" "$path" | |
echo "Done!" | |
echo "Running: sudo find $path -type f -exec chmod 664 {} \;" | |
sudo find "$path" -type f -exec chmod 664 {} \; | |
echo "Done!" | |
echo "Running: sudo find $path -type d -exec chmod 775 {} \;" | |
sudo find "$path" -type d -exec chmod 775 {} \; | |
echo "Done!" | |
echo "Running: sudo chgrp -R $name storage bootstrap/cache" | |
sudo chgrp -R "$name" "$path"/storage "$path"/bootstrap/cache | |
echo "Done!" | |
echo "Running: sudo chmod -R ug+rwx storage bootstrap/cache" | |
sudo chmod -R ug+rwx "$path"/storage "$path"/bootstrap/cache | |
echo "Done!" | |
echo "Laravel folder & files permissions fixed successfuly!" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# This script configures WordPress file permissions based on recommendations | |
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions | |
# | |
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org> | |
# | |
WP_OWNER=www-data # <-- wordpress owner | |
WP_GROUP=www-data # <-- wordpress group | |
WP_ROOT=$1 # <-- wordpress root directory | |
WS_GROUP=www-data # <-- webserver group | |
# reset to safe defaults | |
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \; | |
find ${WP_ROOT} -type d -exec chmod 755 {} \; | |
find ${WP_ROOT} -type f -exec chmod 644 {} \; | |
# allow wordpress to manage wp-config.php (but prevent world access) | |
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php | |
chmod 660 ${WP_ROOT}/wp-config.php | |
# allow wordpress to manage wp-content | |
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \; | |
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \; | |
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo chown -R www-data:www-data /srv/www/example.com | |
sudo usermod -a -G www-data ftpuser | |
#directories to 755 and your files to 644... SET file permissions | |
#files | |
sudo find /srv/www/example.com -type f -exec chmod 644 {} \; | |
#dirs | |
sudo find /srv/www/example.com -type d -exec chmod 755 {} \; | |
sudo chown -R www-data:www-data /srv/www/example.com | |
#give permissions to owner and group | |
sudo find /srv/www/example.com -type f -exec chmod 664 {} \; | |
sudo find /srv/www/example.com -type d -exec chmod 775 {} \; | |
#cache+storage write permisions for laravel example | |
sudo chgrp -R www-data storage bootstrap/cache | |
sudo chmod -R ug+rwx storage bootstrap/cache |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment