Flarum server installation script (english)

install.sh

#!/bin/bash

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[0;33m'
NC='\033[0m'

# Verify the script is running as root
if [[ $EUID -ne 0 ]]; then
   echo "Script must be executed as root." 
   exit 1
fi

# Request domain and database info
clear
echo -e "${GREEN}-------------------------------------------------"
echo -e "      Welcome to the Flarum Installer      "
echo -e "-------------------------------------------------${NC}\n"

# Ask for domain name
echo -e "${YELLOW}Domain name:${NC}"
read -p "(for example, example.com): " domain

# Verify the domain name is valid
if ! echo "$domain" | grep -P "^((?!-)[A-Za-z0-9-]{1,63}(?<!-)\\.)+[A-Za-z]{2,6}$" > /dev/null 2>&1; then
  echo -e "${RED}Domain name is not valid.${NC}"
  exit 1
fi

# Ask the user if they want to configure SSL
echo -e "\n${YELLOW}Do you want to configure SSL HTTPS (Yes or No)?${NC}"
read -p "Yes or No: " configure_ssl

if [[ $configure_ssl =~ ^[Yy][Ee][Ss]$ ]]; then
    # Request email address for Certbot if SSL is enabled
    echo -e "\n${YELLOW}E-mail address for SSL notifications:${NC}"
    read -p "Enter the e-mail address: " email

    # Verify the e-mail address is valid
    if ! echo "$email" | grep -P "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$" > /dev/null 2>&1; then
      echo -e "${RED}E-mail address is not valid.${NC}"
      exit 1
    fi
fi

# Ask for database name
echo -e "\n${YELLOW}Database name:${NC}"
read -p "Enter database name: " dbname

# Ask for database user
echo -e "\n${YELLOW}Database user:${NC}"
read -p "Enter database user: " dbuser

# Ask for database password
echo -e "\n${YELLOW}Database password:${NC}"
read -s -p "Enter database password: " dbpass
echo

generate_ssl() {
    if [[ $configure_ssl =~ ^[Yy][Ee][Ss]$ ]]; then
        certbot --nginx --non-interactive --agree-tos --email $email -d $domain
    fi
}

# Function to run mysql_secure_installation
secure_mysql() {
    SECURE_MYSQL=$(expect -c "
    set timeout 10
    spawn sudo mysql_secure_installation

    expect \"Enter current password for root (enter for none):\"
    send \"\r\"

    expect \"Change the root password?\"
    send \"n\r\"

    expect \"Remove anonymous users?\"
    send \"Y\r\"

    expect \"Disallow root login remotely?\"
    send \"Y\r\"

    expect \"Remove test database and access to it?\"
    send \"Y\r\"

    expect \"Reload privilege tables now?\"
    send \"Y\r\"

    expect eof
    ")

    echo "$SECURE_MYSQL"
}

# Function to install Composer
install_composer() {
    EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig)
    php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
    ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');")

    if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]; then
        echo "Composer installer check failed. Exit."
        rm composer-setup.php
        exit 1
    fi

    php composer-setup.php --install-dir=/usr/local/bin --filename=composer
    php -r "unlink('composer-setup.php');"
}

# Configure timezone data
dpkg-reconfigure tzdata

# Update the system
apt update && apt upgrade -y

# Install required packages
apt install -y zip unzip curl wget git php php-cli php-fpm php-json php-common php-mbstring php-gd php-xml php-mysql php-curl php-zip mariadb-server nginx expect certbot python3-certbot-nginx
rm -rf /var/www/html
apt autoremove -y --purge apache2 

# Enable required PHP modules
phpenmod dom gd json mbstring openssl pdo_mysql tokenizer

# Secure MariaDB installation
secure_mysql

# Create Flarum database
mysql -u root -e "CREATE DATABASE $dbname;"
mysql -u root -e "GRANT ALL ON $dbname.* TO '$dbuser' IDENTIFIED BY '$dbpass';"
mysql -u root -e "FLUSH PRIVILEGES;"

# Download and install Composer
install_composer

# Create Flarum directory
mkdir -p /var/www/flarum
chown -R www-data:www-data /var/www/flarum

# Retrieve major and minor version of PHP (ex. 8.2)
php_version=$(php -r 'echo PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;')

# Configure Nginx for Flarum
cat <<EOF | tee /etc/nginx/sites-available/flarum.conf
server {
    listen [::]:80;
    listen 80;
    server_name $domain;

    root /var/www/flarum/public;
    index index.php;

    location / {
        try_files \$uri \$uri/ /index.php?\$query_string;
    }

    location ~* \.php$ {
        fastcgi_pass unix:/run/php/php$php_version-fpm.sock;
        include fastcgi_params;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
    }
}
EOF

ln -s /etc/nginx/sites-available/flarum.conf /etc/nginx/sites-enabled/
rm -rf /etc/nginx/sites-available/default
rm -rf /etc/nginx/sites-enabled/default

# Generate SSL cert
if [[ $configure_ssl =~ ^[Yy][Ee][Ss]$ ]]; then
    generate_ssl
fi

# Test Nginx configuration
nginx -t

# Restart Nginx
systemctl restart nginx

# Download and install Flarum
cd /var/www/flarum
sudo -u www-data composer create-project flarum/flarum . --stability=beta
sudo -u www-data composer require flarum-lang/french
# Download and install plugin manager
sudo -u www-data composer require flarum/package-manager:"*"

echo -e "Flarum was installed with ${GREEN}success${NC} at ${domain}."