Last active
October 25, 2016 08:56
-
-
Save greenpeas/8858970 to your computer and use it in GitHub Desktop.
Создание площадки под сайт
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
source /root/sh/db.sh | |
TIMEZONE='Europe/Moscow' | |
MYSQLPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12` | |
SFTPPASS=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12` | |
PASSWORD=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12` | |
############## | |
echo "Укажите имя пользователя:" | |
read USERNAME | |
/bin/egrep -i "^${USERNAME}" /etc/passwd >/dev/null | |
if [ $? -eq 0 ]; then | |
echo "Пользователь $USERNAME уже существует" | |
exit | |
fi | |
echo "Укажите домен:" | |
read DOMAIN | |
############## | |
echo "Creating user and home directory..." | |
useradd $USERNAME -m -G webusers -s "/bin/false" -d "/home/$USERNAME" | |
if [ "$?" -ne 0 ]; then | |
echo "Can't add user" | |
exit 1 | |
fi | |
# Добавляем nginx в группу пользователя | |
usermod -a -G $USERNAME nginx | |
echo $SFTPPASS > ./tmp | |
echo $SFTPPASS >> ./tmp | |
cat ./tmp | passwd $USERNAME | |
rm ./tmp | |
############## | |
mkdir /home/$USERNAME/www -m 0750 | |
mkdir /home/$USERNAME/tmp -m 0700 | |
echo "<?php echo 'Hello world!';" > /home/$USERNAME/www/index.php | |
chown -R $USERNAME:$USERNAME /home/$USERNAME/ | |
chown root:root /home/$USERNAME | |
chmod 755 /home/$USERNAME/ | |
mkdir /home/$USERNAME/.ssh -m 0600 | |
chown $USERNAME:$USERNAME /home/$USERNAME/.ssh | |
mkdir /home/$USERNAME/logs -m 0777 | |
#chown nginx:nginx /home/$USERNAME/logs | |
mkdir /home/$USERNAME/backups | |
echo "upstream backend-$USERNAME {server unix:/var/run/php5-$USERNAME.sock;} | |
server { | |
listen 80; | |
server_name $DOMAIN www.$DOMAIN; | |
root /home/$USERNAME/www; | |
access_log /home/$USERNAME/logs/access.log; | |
error_log /home/$USERNAME/logs/error.log; | |
index index.php index.html; | |
rewrite_log on; | |
if (\$host != '$DOMAIN' ) { | |
rewrite ^/(.*)$ http://$DOMAIN/\$1 permanent; | |
}" > /etc/nginx/conf.d/$USERNAME.conf | |
echo "Укажите будущий WEB движок" | |
select ENGINE in "Yii" "MODx" "UMI" "Other"; | |
do | |
case $ENGINE in | |
MODx ) | |
echo "Creating vhost file for MODx" | |
echo " | |
location ~* ^/core/ { | |
deny all; | |
} | |
location / { | |
try_files \$uri \$uri/ @rewrite; | |
} | |
location @rewrite { | |
rewrite ^/(.*)\$ /index.php?q=\$1; | |
} | |
location ~ \.php$ { | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_pass backend-$USERNAME; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
UMI ) | |
echo "Creating vhost file for UMI" | |
echo " | |
location ~* ^\/(classes|errors\/logs|sys\-temp|cache|xmldb|static|packages) { | |
deny all; | |
} | |
location ~* (\/for_del_connector\.php|\.ini|\.conf)\$ { | |
deny all; | |
} | |
location ~* ^(\/files\/|\/images\/) { | |
try_files \$uri =404; | |
} | |
location ~* ^\/images\/autothumbs\/ { | |
try_files \$uri @autothumbs =404; | |
} | |
location @autothumbs { | |
rewrite ^\/images\/autothumbs\/(.*)\$ /autothumbs.php?img=\$1\$query_string last; | |
} | |
location @clean_url { | |
rewrite ^/(.*)\$ /index.php?path=\$1 last; | |
} | |
location @dynamic { | |
try_files \$uri @clean_url; | |
} | |
location / { | |
rewrite ^\/robots\.txt /sbots.php?path=\$1 last; | |
rewrite ^\/sitemap\.xml /sitemap.php last; | |
rewrite ^\/\~\/([0-9]+)\$ /tinyurl.php?id=\$1 last; | |
rewrite ^\/(udata|upage|uobject|ufs|usel|ulang|utype|umess|uhttp):?(\/\/)?(.*)? /releaseStreams.php?scheme=\$1&path=\$3 last; | |
rewrite ^\/(.*)\.xml\$ /index.php?xmlMode=force&path=\$1 last; | |
rewrite ^(.*)\.json\$ /index.php?jsonMode=force&path=\$1 last; | |
if (\$cookie_umicms_session) { | |
error_page 412 = @dynamic; | |
return 412; | |
} | |
if (\$request_method = 'POST') { | |
error_page 412 = @dynamic; | |
return 412; | |
} | |
rewrite ^(.*)\$ /index.php?path=\$uri&\$args&umi_authorization=\$http_authorization last; | |
} | |
location ~* \.js\$ { | |
rewrite ^\/(udata|upage|uobject|ufs|usel|ulang|utype|umess|uhttp):?(\/\/)?(.*)? /releaseStreams.php?scheme=\$1&path=\$3 last; | |
try_files \$uri =404; | |
} | |
location ~* \.php\$ { | |
include fastcgi_params; | |
fastcgi_pass backend-$USERNAME; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_param PHP_ADMIN_VALUE \"sendmail_path = /usr/sbin/sendmail -t -i -f webmaster@cgb-kislovodsk.ru\"; | |
fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)\$; | |
try_files \$uri =404; | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
break;; | |
Yii|Other ) | |
echo "Creating vhost file for Yii" | |
echo " | |
location / { | |
try_files \$uri \$uri/ /index.php?\$args; | |
} | |
location ~ \.php$ { | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; | |
fastcgi_pass backend-$USERNAME; | |
} | |
" >> test.conf | |
break;; | |
esac | |
done | |
echo " | |
location ~ /\.ht { | |
deny all; | |
} | |
location ~* ^.+\.(jpg|jpeg|gif|css|png|js|ico|bmp|map|woff|woff2|ttf)\$ { | |
try_files \$uri =404; | |
access_log off; | |
expires 2d; | |
break; | |
} | |
} | |
" >> /etc/nginx/conf.d/$USERNAME.conf | |
echo "Creating php-fpm config" | |
echo "[$USERNAME] | |
listen = /var/run/php5-$USERNAME.sock | |
listen.mode = 0660 | |
listen.owner = nginx | |
listen.group = nginx | |
user = $USERNAME | |
group = $USERNAME | |
chdir = /home/$USERNAME | |
php_admin_value[upload_tmp_dir] = /home/$USERNAME/tmp | |
php_admin_value[soap.wsdl_cache_dir] = /home/$USERNAME/tmp | |
php_admin_value[upload_max_filesize] = 100M | |
php_admin_value[post_max_size] = 100M | |
php_admin_value[open_basedir] = /home/$USERNAME/:/usr/share/pear:/usr/share/php | |
php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,show_source,stream_socket_client,stream_set_write_buffer,stream_socket_sendto,highlight_file,com_load_typelib | |
php_admin_value[cgi.fix_pathinfo] = 0 | |
php_admin_value[date.timezone] = $TIMEZONE | |
php_value[session.save_handler] = files | |
php_value[session.save_path] = /home/$USERNAME/tmp | |
php_admin_value[session.gc_probability] = 1 | |
php_admin_value[session.gc_divisor] = 100 | |
php_admin_value[error_log] = /home/$USERNAME/logs/php-fpm-error.log | |
pm = dynamic | |
pm.max_children = 10 | |
pm.start_servers = 2 | |
pm.min_spare_servers = 2 | |
pm.max_spare_servers = 4 | |
" > /etc/php-fpm.d/$USERNAME.conf | |
echo "Reloading nginx" | |
systemctl restart nginx.service | |
echo "Reloading php-fpm" | |
systemctl restart php-fpm.service | |
############## | |
echo "Создать базу данных?" | |
select CDB in "Yes" "No"; | |
do | |
case $CDB in | |
Yes ) | |
echo "Создаем БД $USERNAME" | |
Q1="CREATE DATABASE IF NOT EXISTS $USERNAME DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;" | |
Q2="GRANT ALTER,DELETE,DROP,CREATE,INDEX,INSERT,SELECT,UPDATE,CREATE TEMPORARY TABLES,LOCK TABLES ON $USERNAME.* TO '$USERNAME'@'localhost' IDENTIFIED BY '$MYSQLPASS';" | |
Q3="FLUSH PRIVILEGES;" | |
SQL="${Q1}${Q2}${Q3}" | |
mysql -uroot --password=$ROOTPASS -e "$SQL" | |
break;; | |
* ) | |
MYSQLPASS="---" | |
break;; | |
esac | |
done | |
echo "Done. | |
User: $USERNAME | |
SFTP password: $SFTPPASS | |
Mysql password: $MYSQLPASS" > /home/$USERNAME/pass.txt | |
cat /home/$USERNAME/pass.txt | |
chmod 0700 /home/$USERNAME/pass.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment