Last active
August 1, 2018 10:44
-
-
Save greenpeas/3523cfe667b04af61dd0afa2a7ac9878 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
ROOTPASS='myPasswordDb' | |
echo "Укажите имя приложения:" | |
read USERNAME | |
echo "Укажите домен:" | |
read DOMAIN | |
echo "Укажите порт проксирования до контейнера:" | |
read PORT | |
SFTPPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12` | |
MYSQLPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12` | |
groupadd $USERNAME | |
useradd -g $USERNAME -d /var/www/$USERNAME -m -s /bin/false $USERNAME | |
usermod -a -G web $USERNAME | |
usermod -a -G $USERNAME nginx | |
echo $SFTPPASS > ./tmp | |
echo $SFTPPASS >> ./tmp | |
cat ./tmp | passwd $USERNAME | |
rm ./tmp | |
chown root:root /var/www/$USERNAME | |
chmod 755 /var/www/$USERNAME/ | |
mkdir /var/www/$USERNAME/www -m 0750 | |
mkdir /var/www/$USERNAME/logs -m 0777 | |
echo "<?php phpinfo();" > /var/www/$USERNAME/www/index.php; | |
chown $USERNAME:$USERNAME /var/www/$USERNAME/www -R | |
chown $USERNAME:$USERNAME /var/www/$USERNAME/logs | |
echo "Какую версию PHP будем юзать?" | |
select PVER in "5.6-xsl" "7.1"; | |
do | |
case $PVER in | |
"5.6-xsl" ) | |
PHPVER='5.6-xsl' | |
break;; | |
* ) | |
PHPVER='7.1' | |
break;; | |
esac | |
done | |
echo "#!/bin/bash | |
# Путь к корню вашего проекта | |
DIR=\$(pwd) | |
docker stop $USERNAME-app | |
docker rm $USERNAME-app | |
# Теперь контейнер с приложением, связав его с БД-контейнером | |
docker run -d \\ | |
-p $PORT:9000 \\ | |
-v \$DIR/www:/var/www/html \\ | |
-e TERM=\"xterm\" \\ | |
-u \$(id -u $USERNAME):\$(id -g $USERNAME) \\ | |
-v /etc/passwd:/etc/passwd:ro \\ | |
-v /etc/group:/etc/group:ro \\ | |
--name $USERNAME-app \\ | |
--link maria-db:mysql \\ | |
--restart=always \\ | |
private/php-image:$PHPVER | |
docker ps | |
" > /var/www/$USERNAME/run.sh | |
echo "#!/bin/bash | |
set -e | |
echo \"Removing containers...\" | |
docker stop $USERNAME-app | |
docker rm $USERNAME-app | |
echo \"Done.\" | |
" > /var/www/$USERNAME/stop.sh | |
chmod +x /var/www/$USERNAME/run.sh | |
chmod +x /var/www/$USERNAME/stop.sh | |
echo "Конфигурируем виртуальный хост NGINX" | |
echo " | |
server { | |
listen 80; | |
server_name $DOMAIN www.$DOMAIN; | |
root /var/www/$USERNAME/www; | |
access_log /var/www/$USERNAME/logs/access.log; | |
error_log /var/www/$USERNAME/logs/error.log; | |
index index.php index.html; | |
rewrite_log on; | |
" > /etc/nginx/conf.d/$USERNAME.conf | |
echo "Укажите будущий WEB движок" | |
select ENGINE in "Yii" "MODx" "UMI" "Joomla" "Other"; | |
do | |
echo "Создание Nginx конфига для движка ${ENGINE}" | |
case $ENGINE in | |
MODx ) | |
echo " | |
location ~* ^/core/ { | |
deny all; | |
} | |
location / { | |
try_files \$uri \$uri/ @rewrite; | |
} | |
location @rewrite { | |
rewrite ^/(.*)\$ /index.php?q=\$1; | |
} | |
location ~ \.php$ { | |
root /var/www/html; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_pass 127.0.0.1:$PORT; | |
fastcgi_read_timeout 300; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
UMI ) | |
echo " | |
location ~* ^\/(classes|errors\/logs|sys\-temp|cache|xmldb|static|packages) { | |
deny all; | |
} | |
location ~* (\/for_del_connector\.php|\.ini|\.conf)\$ { | |
deny all; | |
} | |
location ~* ^(\/files\/|\/images\/) { | |
access_log off; | |
try_files \$uri =404; | |
} | |
location ~* ^\/images\/autothumbs\/ { | |
access_log off; | |
try_files \$uri @autothumbs =404; | |
} | |
location @autothumbs { | |
access_log off; | |
rewrite ^\/images\/autothumbs\/(.*)\$ /autothumbs.php?img=\$1\$query_string last; | |
} | |
location @clean_url { | |
rewrite ^/(.*)\$ /index.php?path=\$1 last; | |
} | |
location @dynamic { | |
try_files \$uri @clean_url; | |
} | |
location / { | |
rewrite ^\/robots\.txt /sbots.php?path=\$1 last; | |
rewrite ^\/sitemap\.xml /sitemap.php last; | |
rewrite ^\/\~\/([0-9]+)\$ /tinyurl.php?id=\$1 last; | |
rewrite ^\/(udata|upage|uobject|ufs|usel|ulang|utype|umess|uhttp):?(\/\/)?(.*)? /releaseStreams.php?scheme=\$1&path=\$3 last; | |
rewrite ^\/(.*)\.xml\$ /index.php?xmlMode=force&path=\$1 last; | |
rewrite ^(.*)\.json\$ /index.php?jsonMode=force&path=\$1 last; | |
if (\$cookie_umicms_session) { | |
error_page 412 = @dynamic; | |
return 412; | |
} | |
if (\$request_method = 'POST') { | |
error_page 412 = @dynamic; | |
return 412; | |
} | |
rewrite ^(.*)\$ /index.php?path=\$uri&\$args&umi_authorization=\$http_authorization last; | |
} | |
location ~* \.js\$ { | |
access_log off; | |
rewrite ^\/(udata|upage|uobject|ufs|usel|ulang|utype|umess|uhttp):?(\/\/)?(.*)? /releaseStreams.php?scheme=\$1&path=\$3 last; | |
try_files \$uri =404; | |
} | |
location ~* \.php\$ { | |
root /var/www/html; | |
fastcgi_pass 127.0.0.1:$PORT; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_param PHP_ADMIN_VALUE \"sendmail_path = /usr/sbin/sendmail -t -i -f webmaster@cgb-kislovodsk.ru\"; | |
fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)\$; | |
fastcgi_read_timeout 300; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
Joomla ) | |
echo " | |
location / { | |
try_files \$uri \$uri/ /index.php?\$args; | |
} | |
location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { | |
return 403; | |
} | |
location ~* \.php\$ { | |
include fastcgi_params; | |
root /var/www/html; | |
fastcgi_pass 127.0.0.1:$PORT; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)\$; | |
fastcgi_read_timeout 300; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
Yii|Other ) | |
echo " | |
location / { | |
try_files \$uri \$uri/ /index.php?\$args; | |
} | |
location ~ \.php$ { | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
root /var/www/html; | |
fastcgi_pass 127.0.0.1:$PORT; | |
fastcgi_read_timeout 300; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
esac | |
done | |
echo " | |
location ~ /\.ht { | |
deny all; | |
} | |
location ~* ^.+\.(jpg|jpeg|gif|css|png|js|ico|bmp|map|woff|woff2|ttf|pdf|flv)$ { | |
try_files \$uri =404; | |
access_log off; | |
expires 10d; | |
} | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
echo "Создаем файл конфигурации роьации логов" | |
echo "/var/www/$USERNAME/logs/*.log { | |
su root root | |
daily | |
missingok | |
rotate 52 | |
compress | |
delaycompress | |
notifempty | |
create 640 nginx adm | |
sharedscripts | |
postrotate | |
if [ -f /var/run/nginx.pid ]; then | |
kill -USR1 \`cat /var/run/nginx.pid\` | |
fi | |
endscript | |
} | |
" >> /etc/logrotate.d/$USERNAME | |
echo "Создать базу данных?" | |
select CDB in "Yes" "No"; | |
do | |
case $CDB in | |
Yes ) | |
echo "Создаем БД $USERNAME" | |
Q1="CREATE DATABASE IF NOT EXISTS `$USERNAME` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;" | |
Q2="GRANT ALTER,DELETE,DROP,CREATE,INDEX,INSERT,SELECT,UPDATE,CREATE TEMPORARY TABLES,LOCK TABLES ON `$USERNAME`.* TO '$USERNAME'@'%' IDENTIFIED BY '$MYSQLPASS';" | |
Q3="FLUSH PRIVILEGES;" | |
SQL="${Q1}${Q2}${Q3}" | |
mysql -h 172.17.0.2 -uroot --password=$ROOTPASS -e "$SQL" | |
break;; | |
* ) | |
MYSQLPASS="---" | |
break;; | |
esac | |
done | |
cd /var/www/$USERNAME/ | |
echo "Run docker application container" | |
/bin/bash /var/www/$USERNAME/run.sh | |
echo "Reloading nginx" | |
systemctl restart nginx.service | |
echo "Done. | |
User: $USERNAME | |
SFTP password: $SFTPPASS | |
Mysql password: $MYSQLPASS" > /var/www/$USERNAME/pass.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Строим образ контейнера БД | |
docker build --no-cache=true -t maria-db-image . | |
docker images |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM mariadb:10.1 | |
RUN apt-get update \ | |
&& apt-get -y install mc htop unzip \ | |
&& apt-get clean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
DIR=$(pwd) | |
# Стартуем контейнер с БД | |
docker run -ti -d \ | |
-p 3306:3306 \ | |
-v $DIR/data:/var/lib/mysql \ | |
-v $DIR/config:/etc/mysql/conf.d \ | |
-e MYSQL_ROOT_PASSWORD=MyRootPassword \ | |
--name maria-db \ | |
--restart=always \ | |
mariadb:10.1 | |
#maria-db-image | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
echo "Stopping maria-db" | |
docker stop maria-db | |
echo "Removing maria-db" | |
docker rm maria-db | |
echo "Done." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Строим образ контейнера приложения | |
docker build --no-cache=true -t private/php-image:7.1 . | |
docker images |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM php:7.1-fpm | |
RUN apt-get update \ | |
&& apt-get -y install unzip libpng-dev libmcrypt-dev \ | |
&& docker-php-ext-install pdo pdo_mysql mysqli gd mcrypt \ | |
&& apt-get clean | |
COPY php.ini /usr/local/etc/php/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[PHP] | |
log_errors = On | |
error_log = /dev/stderr | |
upload_max_filesize = 100M | |
post_max_size = 100M | |
max_execution_time = 180 | |
display_errors = Off | |
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT | |
[Date] | |
date.timezone = Europe/Moscow |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
ROOTPASS='MyPassword' | |
echo "Введите имя приложения" | |
read USERNAME | |
/bin/egrep -i "^${USERNAME}" /etc/passwd >/dev/null | |
if [ $? -eq 0 ]; then | |
echo "Начинаем удаление $USERNAME" | |
else | |
echo "Пользователь $USERNAME не найден" | |
exit | |
fi | |
echo "Stop docker application container" | |
/bin/bash /var/www/$USERNAME/stop.sh | |
# Удаляем пользователя из группы web | |
gpasswd -d $USERNAME web | |
# Удаляем nginx из группы пользователя | |
gpasswd -d nginx $USERNAME | |
userdel $USERNAME -f | |
/bin/egrep -i "^${USERNAME}" /etc/group >/dev/null | |
if [ $? -eq 0 ]; then | |
groupdel $USERNAME | |
fi | |
rm -Rf /var/www/$USERNAME | |
rm -f /etc/logrotate.d/$USERNAME | |
echo "Удаление пользователя БД и самой БД..." | |
mysql -h 172.17.0.2 -uroot --password=$ROOTPASS -e "DROP USER '$USERNAME'@'%'" | |
mysql -h 172.17.0.2 -uroot --password=$ROOTPASS -e "DROP DATABASE $USERNAME" | |
rm -f /etc/nginx/conf.d/$USERNAME.conf | |
echo "Reloading nginx..." | |
systemctl restart nginx.service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Путь к корню вашего проекта | |
DIR=$(pwd) | |
docker stop cvmr26-app | |
docker rm cvmr26-app | |
# Теперь контейнер с приложением, связав его с БД-контейнером | |
docker run -d \ | |
-p 9000:9000 \ | |
-v $DIR/www:/var/www/html \ | |
-e TERM="xterm" \ | |
-u $(id -u cvmr26):$(id -g cvmr26) \ | |
-v /etc/passwd:/etc/passwd:ro \ | |
-v /etc/group:/etc/group:ro \ | |
--name cvmr26-app \ | |
--link maria-db:mysql \ | |
--restart=always \ | |
private/php-image:7.1 | |
docker ps | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
echo "Removing containers..." | |
docker stop cvmr26-app | |
docker rm cvmr26-app | |
echo "Done." | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment