jessetane/gist:91c29b8e5181c25196dd

## gistfile1.txt
#!/bin/bash
#
# lamp
#

augment() {

  # ls!
  sed -i 's/alias l=.*/l() { ls -alh --group-directories "$@"; }/' rootfs/root/.bashrc

  # /etc/network/interfaces
  cat > rootfs/etc/network/interfaces <<\EOF
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
  dns-nameservers 8.8.8.8 8.8.4.4
  up ip addr add $(cat /etc/network/ipv4) dev eth0
  up ip route add $(cat /etc/network/ipv4.gateway) dev eth0
  up ip route add default via $(cat /etc/network/ipv4.gateway)
iface eth0 inet6 manual
  dns-nameservers 2001:4860:4860::8888 2001:4860:4860::8844
  up ip -6 addr add $(cat /etc/network/ipv6)/64 dev eth0
  up ip -6 route add $(cat /etc/network/ipv6.gateway) dev eth0
  up ip -6 route add default via $(cat /etc/network/ipv6.gateway)
EOF

  # sources list
  echo "deb http://archive.ubuntu.com/ubuntu saucy main restricted universe multiverse" > rootfs/etc/apt/sources.list
  echo "deb http://archive.ubuntu.com/ubuntu saucy-updates main restricted universe multiverse" >> rootfs/etc/apt/sources.list
  echo "deb http://security.ubuntu.com/ubuntu saucy-security main restricted universe multiverse" >> rootfs/etc/apt/sources.list

  # prevent services from starting since container isn't runing yet
  cat > rootfs/usr/sbin/policy-rc.d <<EOF
#!/bin/sh
exit 101
EOF
  chmod +x rootfs/usr/sbin/policy-rc.d

  # locale
  chroot rootfs locale-gen en_US.UTF-8
  chroot rootfs update-locale LANG=en_US.UTF-8

  # update
  chroot rootfs apt-get update
  chroot rootfs apt-get upgrade -y

  # deps
  chroot rootfs <<EOF
debconf-set-selections <<< "mysql-server mysql-server/root_password password password"
debconf-set-selections <<< "mysql-server mysql-server/root_password_again password password"
debconf-set-selections <<< "postfix postfix/mailname string localhost"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
apt-get install -y\
  ufw man vim curl git ssh unzip build-essential apache2-mpm-event apache2-utils varnish\
  php5-cli php5-fpm php5-json php5-mysql php5-mcrypt php5-gd mysql-server postfix
EOF

  # php5-mcrypt bug
  cp rootfs/etc/php5/conf.d/mcrypt.ini rootfs/etc/php5/mods-available/
  chroot rootfs php5enmod mcrypt

  # php5-fpm use tcp
  sed -i 's|listen = /var/run/php5-fpm\.sock|listen = 9000|' rootfs/etc/php5/fpm/pool.d/www.conf

  # raise annoying 2M max filesize
  sed -i 's|^upload_max_filesize .*|upload_max_filesize = 100M|' rootfs/etc/php5/fpm/php.ini

  # ensure pass auth is on for ssh
  sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' rootfs/etc/ssh/sshd_config

  # apache modules
  chroot rootfs <<EOF
a2enmod rewrite
a2enmod proxy
a2enmod proxy_fcgi
a2enmod vhost_alias
EOF

  # apache listen on 8080 cos varnish
  sed -i 's/^Listen 80$/Listen 8080/' rootfs/etc/apache2/ports.conf

  # add our own custom vhost conf
  cat > rootfs/etc/apache2/sites-available/dynamic-vhosts.conf <<EOF
# show host header in logs
LogFormat "%{Host}i:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

# respect https when behind a proxy
SetEnvIf X-Forwarded-Proto https HTTPS=1

# allow .htaccess
<Directory /var/www/>
  AllowOverride all
</Directory>

# capture http host header to env
RewriteEngine on
RewriteRule ^ - [E=HTTP_HOST:%{HTTP_HOST}]

# if there is no dir for the host, use default
RewriteCond /var/www/%{HTTP_HOST} !-d
RewriteRule ^ - [E=HTTP_HOST:default]

# pick up any custom conf if existing
IncludeOptional /var/www/*/etc*/apache.conf*

# dynamic vhosting for static assets
RewriteCond %{REQUEST_URI} !^[^?]*\.php
RewriteRule ^/(.*)$ /var/www/%{ENV:HTTP_HOST}/www/$1

# catch requests for php files that don't exist so we don't send them to php-fpm
RewriteCond %{REQUEST_URI} ^[^?]*\.php
RewriteCond /var/www/%{ENV:HTTP_HOST}/www/%{REQUEST_URI} !-f
RewriteRule ^ / [PT]

# pass *.php to php-fpm via fcgi
ProxyPassInterpolateEnv On
ProxyPassMatch ^/([^?]*\.php.*)$ fcgi://127.0.0.1:9000/var/www/${HTTP_HOST}/www/$1 interpolate
EOF

  # enable dynamic vhosts
  rm rootfs/etc/apache2/sites-enabled/000-default.conf
  ln -s ../sites-available/dynamic-vhosts.conf rootfs/etc/apache2/sites-enabled/dynamic-vhosts.conf

  # setgid / perms on web root and create default web doc
  chroot rootfs <<EOF
chmod g+s /var/www
chgrp www-data /var/www
rm /var/www/index.html
EOF

  # varnish
  sed -i 's/DAEMON_OPTS="-a :6081 \\/DAEMON_OPTS="-a :80 \\/' rootfs/etc/default/varnish

  # apache ufw stupidity
  cp rootfs/etc/ufw/applications.d/apache2/apache2-utils.ufw.profile rootfs/etc/ufw/applications.d/
  rm -rf rootfs/etc/ufw/applications.d/apache2
  mv rootfs/etc/ufw/applications.d/apache2-utils.ufw.profile rootfs/etc/ufw/applications.d/apache2

  # setup firewall in rc.local cos ip6tables bug
  cat > rootfs/etc/rc.local <<EOF
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

ufw enable
ufw allow "OpenSSH"
ufw allow "Postfix"
ufw allow "Postfix SMTPS"
ufw allow "Postfix Submission"
ufw allow "Apache Full"

exit 0
EOF

  # nodejs
  install_node

  # phpmyadmin
  install_phpmyadmin

  # all done
  rm -f rootfs/usr/sbin/policy-rc.d
}

install_node() {
  chroot rootfs <<EOF
git clone https://github.com/visionmedia/n.git
cd n
make install
cd ..
rm -rf n
n $NODE_VERSION
EOF
}

install_phpmyadmin() {

  # download and unpack source code
  mkdir -p rootfs/var/www/phpmyadmin/{etc,www/phpmyadmin}
  cd rootfs/var/www/phpmyadmin/www/phpmyadmin
  curl -fL# https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE_"$(echo "$PHPMYADMIN_VERSION" | sed 's/\./_/g')".tar.gz -o phpmyadmin.tar.gz
  tar xvzf phpmyadmin.tar.gz --strip-components=1
  rm phpmyadmin.tar.gz
  cp config.sample.inc.php config.inc.php
  cd "$dir"

  # apache conf
  cat > rootfs/var/www/phpmyadmin/etc/apache.conf <<EOF
RewriteCond %{REQUEST_URI} ^/phpmyadmin
RewriteRule ^ - [E=HTTP_HOST:phpmyadmin]
EOF
}

install_wp() {

  # create a mysql db
  mkdir -p rootfs/var/lib/mysql/wordpress
  cat > rootfs/var/lib/mysql/wordpress/db.opt <<EOF
default-character-set=utf8
default-collation=utf8_general_ci
EOF
  chroot rootfs chown -R mysql:mysql /var/lib/mysql/wordpress

  # download and unpack source code
  mkdir -p rootfs/var/www/wordpress/www
  cd rootfs/var/www/wordpress/"$WORDPRESS_VERSION"/www
  curl -fL# https://wordpress.org/wordpress-"$WORDPRESS_VERSION".tar.gz -o wordpress.tar.gz
  tar xvzf wordpress.tar.gz --strip-components=1
  rm wordpress.tar.gz
  cd "$dir"

  #
  chroot rootfs <<EOF
chown -R root:www-data /var/www/wordpress/www
find /var/www/worpdress/www -type f -exec chmod g+s {} \;
touch /var/www/wordpress/www/.htaccess
chmod g+w /var/www/wordpress/www/.htaccess
chmod -R g+w /var/www/wordpress/www/wp-content/themes
ln -s /var/www/wordpress /var/www/default
ln -s /var/www/wordpress/www /root/wordpress
EOF
}

configure_gen_key() {
  head /dev/urandom | tr -dc 'a-zA-Z0-9-_!@#$%^&*/\()_+{}|:<>?=' | fold -w "$1" | head -n 1 | sed 's/[\&/]/\\&/g'
}

configure() {

  # hostname
  cat > rootfs/etc/hostname <<EOF
$hostname
EOF

  # ssh keys
  rm -f rootfs/root/.ssh/id_rsa*
  chroot rootfs ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa

  # ensure pass auth is on for ssh
  sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' rootfs/etc/ssh/sshd_config

  # phpmyadmin
  blowfish_secret=$(configure_gen_key 46)
  sed -i "s/^\(\$cfg\['blowfish_secret'\] = \).*/\1'$blowfish_secret';/" rootfs/var/www/phpmyadmin/www/phpmyadmin/config.inc.php

  # wp conf
  wp_auth_key="$(configure_gen_key 64)"
  wp_secure_auth_key="$(configure_gen_key 64)"
  wp_logged_in_key="$(configure_gen_key 64)"
  wp_nonce_key="$(configure_gen_key 64)"
  wp_auth_salt="$(configure_gen_key 64)"
  wp_secure_auth_salt="$(configure_gen_key 64)"
  wp_logged_in_salt="$(configure_gen_key 64)"
  wp_nonce_salt="$(configure_gen_key 64)"

  cat > rootfs/var/www/wordpress/www/wp-config.php <<EOF
<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, WordPress Language, and ABSPATH. You can find more information
 * by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
 * wp-config.php} Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', '$password');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         '$wp_auth_key');
define('SECURE_AUTH_KEY',  '$wp_secure_auth_key');
define('LOGGED_IN_KEY',    '$wp_logged_in_key');
define('NONCE_KEY',        '$wp_nonce_key');
define('AUTH_SALT',        '$wp_auth_salt');
define('SECURE_AUTH_SALT', '$wp_secure_auth_salt');
define('LOGGED_IN_SALT',   '$wp_logged_in_salt');
define('NONCE_SALT',       '$wp_nonce_salt');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
\$table_prefix  = 'wp_';

/**
 * WordPress Localized Language, defaults to English.
 *
 * Change this to localize WordPress. A corresponding MO file for the chosen
 * language must be installed to wp-content/languages. For example, install
 * de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German
 * language support.
 */
define('WPLANG', '');

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
  define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');
EOF

  # permissions
  chroot rootfs chown root:www-data /var/www/wordpress/www/wp-config.php

  # unix, mysql password
  if [ -n "$password" ]; then
    echo -e "root:$password" | chroot rootfs chpasswd

    # setting the mysql pass is a bit tricky - we need an upstart task cos the db has to be running!
    # chroot rootfs mysqladmin -u root -p'password' password "$password"
    cat > rootfs/etc/init/mysql-set-root-pass.conf <<EOF
start on started mysql
task
script
  mysqladmin -u root -p'password' password "$password"
  rm /etc/init/mysql-set-root-pass.conf
end script
EOF
  fi
}

NODE_VERSION="0.10.26"
PHPMYADMIN_VERSION="4.1.14"

. /etc/smpc/env.sh
. argue.sh

argue "$*"\
      "-n, --name, +"\
      "-p, --path, +"\
      "-f, --rootfs, +"\
      "-h, --hostname, +"\
      "-d, --directory, +"\
      "-p, --password, +"

dir="${opts[4]}"
hostname="${opts[3]}"
password="${opts[5]}"

cd "$dir"

# we already have an fs
if [ -d rootfs/bin ]; then
  configure

# try to start with debootstrap image in cache
elif [ -f "$MNT"/cache/debootstrap.tar.gz ]; then
  cp "$MNT"/cache/debootstrap.tar.gz ./
  cd rootfs
  tar xvzf ../debootstrap.tar.gz --strip-components=1
  cd ..
  rm debootstrap.tar.gz
  augment
  configure

# build up rootfs from scratch
else
  debootstrap --arch amd64 saucy wp http://archive.ubuntu.com/ubuntu
  augment
  configure
fi
	#!/bin/bash
	#
	# lamp
	#

	augment() {

	# ls!
	sed -i 's/alias l=.*/l() { ls -alh --group-directories "$@"; }/' rootfs/root/.bashrc

	# /etc/network/interfaces
	cat > rootfs/etc/network/interfaces <<\EOF
	# This file describes the network interfaces available on your system
	# and how to activate them. For more information, see interfaces(5).

	# The loopback network interface
	auto lo
	iface lo inet loopback

	auto eth0
	iface eth0 inet manual
	dns-nameservers 8.8.8.8 8.8.4.4
	up ip addr add $(cat /etc/network/ipv4) dev eth0
	up ip route add $(cat /etc/network/ipv4.gateway) dev eth0
	up ip route add default via $(cat /etc/network/ipv4.gateway)
	iface eth0 inet6 manual
	dns-nameservers 2001:4860:4860::8888 2001:4860:4860::8844
	up ip -6 addr add $(cat /etc/network/ipv6)/64 dev eth0
	up ip -6 route add $(cat /etc/network/ipv6.gateway) dev eth0
	up ip -6 route add default via $(cat /etc/network/ipv6.gateway)
	EOF

	# sources list
	echo "deb http://archive.ubuntu.com/ubuntu saucy main restricted universe multiverse" > rootfs/etc/apt/sources.list
	echo "deb http://archive.ubuntu.com/ubuntu saucy-updates main restricted universe multiverse" >> rootfs/etc/apt/sources.list
	echo "deb http://security.ubuntu.com/ubuntu saucy-security main restricted universe multiverse" >> rootfs/etc/apt/sources.list

	# prevent services from starting since container isn't runing yet
	cat > rootfs/usr/sbin/policy-rc.d <<EOF
	#!/bin/sh
	exit 101
	EOF
	chmod +x rootfs/usr/sbin/policy-rc.d

	# locale
	chroot rootfs locale-gen en_US.UTF-8
	chroot rootfs update-locale LANG=en_US.UTF-8

	# update
	chroot rootfs apt-get update
	chroot rootfs apt-get upgrade -y

	# deps
	chroot rootfs <<EOF
	debconf-set-selections <<< "mysql-server mysql-server/root_password password password"
	debconf-set-selections <<< "mysql-server mysql-server/root_password_again password password"
	debconf-set-selections <<< "postfix postfix/mailname string localhost"
	debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
	apt-get install -y\
	ufw man vim curl git ssh unzip build-essential apache2-mpm-event apache2-utils varnish\
	php5-cli php5-fpm php5-json php5-mysql php5-mcrypt php5-gd mysql-server postfix
	EOF

	# php5-mcrypt bug
	cp rootfs/etc/php5/conf.d/mcrypt.ini rootfs/etc/php5/mods-available/
	chroot rootfs php5enmod mcrypt

	# php5-fpm use tcp
	sed -i 's\|listen = /var/run/php5-fpm\.sock\|listen = 9000\|' rootfs/etc/php5/fpm/pool.d/www.conf

	# raise annoying 2M max filesize
	sed -i 's\|^upload_max_filesize .*\|upload_max_filesize = 100M\|' rootfs/etc/php5/fpm/php.ini

	# ensure pass auth is on for ssh
	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' rootfs/etc/ssh/sshd_config

	# apache modules
	chroot rootfs <<EOF
	a2enmod rewrite
	a2enmod proxy
	a2enmod proxy_fcgi
	a2enmod vhost_alias
	EOF

	# apache listen on 8080 cos varnish
	sed -i 's/^Listen 80$/Listen 8080/' rootfs/etc/apache2/ports.conf

	# add our own custom vhost conf
	cat > rootfs/etc/apache2/sites-available/dynamic-vhosts.conf <<EOF
	# show host header in logs
	LogFormat "%{Host}i:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

	# respect https when behind a proxy
	SetEnvIf X-Forwarded-Proto https HTTPS=1

	# allow .htaccess
	<Directory /var/www/>
	AllowOverride all
	</Directory>

	# capture http host header to env
	RewriteEngine on
	RewriteRule ^ - [E=HTTP_HOST:%{HTTP_HOST}]

	# if there is no dir for the host, use default
	RewriteCond /var/www/%{HTTP_HOST} !-d
	RewriteRule ^ - [E=HTTP_HOST:default]

	# pick up any custom conf if existing
	IncludeOptional /var/www//etc/apache.conf*

	# dynamic vhosting for static assets
	RewriteCond %{REQUEST_URI} !^[^?]*\.php
	RewriteRule ^/(.*)$ /var/www/%{ENV:HTTP_HOST}/www/$1

	# catch requests for php files that don't exist so we don't send them to php-fpm
	RewriteCond %{REQUEST_URI} ^[^?]*\.php
	RewriteCond /var/www/%{ENV:HTTP_HOST}/www/%{REQUEST_URI} !-f
	RewriteRule ^ / [PT]

	# pass *.php to php-fpm via fcgi
	ProxyPassInterpolateEnv On
	ProxyPassMatch ^/([^?]\.php.)$ fcgi://127.0.0.1:9000/var/www/${HTTP_HOST}/www/$1 interpolate
	EOF

	# enable dynamic vhosts
	rm rootfs/etc/apache2/sites-enabled/000-default.conf
	ln -s ../sites-available/dynamic-vhosts.conf rootfs/etc/apache2/sites-enabled/dynamic-vhosts.conf

	# setgid / perms on web root and create default web doc
	chroot rootfs <<EOF
	chmod g+s /var/www
	chgrp www-data /var/www
	rm /var/www/index.html
	EOF

	# varnish
	sed -i 's/DAEMON_OPTS="-a :6081 \\/DAEMON_OPTS="-a :80 \\/' rootfs/etc/default/varnish

	# apache ufw stupidity
	cp rootfs/etc/ufw/applications.d/apache2/apache2-utils.ufw.profile rootfs/etc/ufw/applications.d/
	rm -rf rootfs/etc/ufw/applications.d/apache2
	mv rootfs/etc/ufw/applications.d/apache2-utils.ufw.profile rootfs/etc/ufw/applications.d/apache2

	# setup firewall in rc.local cos ip6tables bug
	cat > rootfs/etc/rc.local <<EOF
	#!/bin/sh -e
	#
	# rc.local
	#
	# This script is executed at the end of each multiuser runlevel.
	# Make sure that the script will "exit 0" on success or any other
	# value on error.
	#
	# In order to enable or disable this script just change the execution
	# bits.
	#
	# By default this script does nothing.

	ufw enable
	ufw allow "OpenSSH"
	ufw allow "Postfix"
	ufw allow "Postfix SMTPS"
	ufw allow "Postfix Submission"
	ufw allow "Apache Full"

	exit 0
	EOF

	# nodejs
	install_node

	# phpmyadmin
	install_phpmyadmin

	# all done
	rm -f rootfs/usr/sbin/policy-rc.d
	}

	install_node() {
	chroot rootfs <<EOF
	git clone https://github.com/visionmedia/n.git
	cd n
	make install
	cd ..
	rm -rf n
	n $NODE_VERSION
	EOF
	}

	install_phpmyadmin() {

	# download and unpack source code
	mkdir -p rootfs/var/www/phpmyadmin/{etc,www/phpmyadmin}
	cd rootfs/var/www/phpmyadmin/www/phpmyadmin
	curl -fL# https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE_"$(echo "$PHPMYADMIN_VERSION" \| sed 's/\./_/g')".tar.gz -o phpmyadmin.tar.gz
	tar xvzf phpmyadmin.tar.gz --strip-components=1
	rm phpmyadmin.tar.gz
	cp config.sample.inc.php config.inc.php
	cd "$dir"

	# apache conf
	cat > rootfs/var/www/phpmyadmin/etc/apache.conf <<EOF
	RewriteCond %{REQUEST_URI} ^/phpmyadmin
	RewriteRule ^ - [E=HTTP_HOST:phpmyadmin]
	EOF
	}

	install_wp() {

	# create a mysql db
	mkdir -p rootfs/var/lib/mysql/wordpress
	cat > rootfs/var/lib/mysql/wordpress/db.opt <<EOF
	default-character-set=utf8
	default-collation=utf8_general_ci
	EOF
	chroot rootfs chown -R mysql:mysql /var/lib/mysql/wordpress

	# download and unpack source code
	mkdir -p rootfs/var/www/wordpress/www
	cd rootfs/var/www/wordpress/"$WORDPRESS_VERSION"/www
	curl -fL# https://wordpress.org/wordpress-"$WORDPRESS_VERSION".tar.gz -o wordpress.tar.gz
	tar xvzf wordpress.tar.gz --strip-components=1
	rm wordpress.tar.gz
	cd "$dir"

	#
	chroot rootfs <<EOF
	chown -R root:www-data /var/www/wordpress/www
	find /var/www/worpdress/www -type f -exec chmod g+s {} \;
	touch /var/www/wordpress/www/.htaccess
	chmod g+w /var/www/wordpress/www/.htaccess
	chmod -R g+w /var/www/wordpress/www/wp-content/themes
	ln -s /var/www/wordpress /var/www/default
	ln -s /var/www/wordpress/www /root/wordpress
	EOF
	}

	configure_gen_key() {
	head /dev/urandom \| tr -dc 'a-zA-Z0-9-_!@#$%^&*/\()_+{}\|:<>?=' \| fold -w "$1" \| head -n 1 \| sed 's/[\&/]/\\&/g'
	}

	configure() {

	# hostname
	cat > rootfs/etc/hostname <<EOF
	$hostname
	EOF

	# ssh keys
	rm -f rootfs/root/.ssh/id_rsa*
	chroot rootfs ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa

	# ensure pass auth is on for ssh
	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' rootfs/etc/ssh/sshd_config

	# phpmyadmin
	blowfish_secret=$(configure_gen_key 46)
	sed -i "s/^\(\$cfg\['blowfish_secret'\] = \).*/\1'$blowfish_secret';/" rootfs/var/www/phpmyadmin/www/phpmyadmin/config.inc.php

	# wp conf
	wp_auth_key="$(configure_gen_key 64)"
	wp_secure_auth_key="$(configure_gen_key 64)"
	wp_logged_in_key="$(configure_gen_key 64)"
	wp_nonce_key="$(configure_gen_key 64)"
	wp_auth_salt="$(configure_gen_key 64)"
	wp_secure_auth_salt="$(configure_gen_key 64)"
	wp_logged_in_salt="$(configure_gen_key 64)"
	wp_nonce_salt="$(configure_gen_key 64)"

	cat > rootfs/var/www/wordpress/www/wp-config.php <<EOF
	<?php
	/**
	* The base configurations of the WordPress.
	*
	* This file has the following configurations: MySQL settings, Table Prefix,
	* Secret Keys, WordPress Language, and ABSPATH. You can find more information
	* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
	* wp-config.php} Codex page. You can get the MySQL settings from your web host.
	*
	* This file is used by the wp-config.php creation script during the
	* installation. You don't have to use the web site, you can just copy this file
	* to "wp-config.php" and fill in the values.
	*
	* @package WordPress
	*/

	// MySQL settings - You can get this info from your web host //
	/** The name of the database for WordPress */
	define('DB_NAME', 'wordpress');

	/** MySQL database username */
	define('DB_USER', 'root');

	/** MySQL database password */
	define('DB_PASSWORD', '$password');

	/** MySQL hostname */
	define('DB_HOST', 'localhost');

	/** Database Charset to use in creating database tables. */
	define('DB_CHARSET', 'utf8');

	/** The Database Collate type. Don't change this if in doubt. */
	define('DB_COLLATE', '');

	/**#@+
	* Authentication Unique Keys and Salts.
	*
	* Change these to different unique phrases!
	* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
	* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
	*
	* @since 2.6.0
	*/
	define('AUTH_KEY', '$wp_auth_key');
	define('SECURE_AUTH_KEY', '$wp_secure_auth_key');
	define('LOGGED_IN_KEY', '$wp_logged_in_key');
	define('NONCE_KEY', '$wp_nonce_key');
	define('AUTH_SALT', '$wp_auth_salt');
	define('SECURE_AUTH_SALT', '$wp_secure_auth_salt');
	define('LOGGED_IN_SALT', '$wp_logged_in_salt');
	define('NONCE_SALT', '$wp_nonce_salt');

	/*#@-/

	/**
	* WordPress Database Table prefix.
	*
	* You can have multiple installations in one database if you give each a unique
	* prefix. Only numbers, letters, and underscores please!
	*/
	\$table_prefix = 'wp_';

	/**
	* WordPress Localized Language, defaults to English.
	*
	* Change this to localize WordPress. A corresponding MO file for the chosen
	* language must be installed to wp-content/languages. For example, install
	* de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German
	* language support.
	*/
	define('WPLANG', '');

	/**
	* For developers: WordPress debugging mode.
	*
	* Change this to true to enable the display of notices during development.
	* It is strongly recommended that plugin and theme developers use WP_DEBUG
	* in their development environments.
	*/
	define('WP_DEBUG', false);

	/* That's all, stop editing! Happy blogging. */

	/** Absolute path to the WordPress directory. */
	if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

	/** Sets up WordPress vars and included files. */
	require_once(ABSPATH . 'wp-settings.php');
	EOF

	# permissions
	chroot rootfs chown root:www-data /var/www/wordpress/www/wp-config.php

	# unix, mysql password
	if [ -n "$password" ]; then
	echo -e "root:$password" \| chroot rootfs chpasswd

	# setting the mysql pass is a bit tricky - we need an upstart task cos the db has to be running!
	# chroot rootfs mysqladmin -u root -p'password' password "$password"
	cat > rootfs/etc/init/mysql-set-root-pass.conf <<EOF
	start on started mysql
	task
	script
	mysqladmin -u root -p'password' password "$password"
	rm /etc/init/mysql-set-root-pass.conf
	end script
	EOF
	fi
	}

	NODE_VERSION="0.10.26"
	PHPMYADMIN_VERSION="4.1.14"

	. /etc/smpc/env.sh
	. argue.sh

	argue "$*"\
	"-n, --name, +"\
	"-p, --path, +"\
	"-f, --rootfs, +"\
	"-h, --hostname, +"\
	"-d, --directory, +"\
	"-p, --password, +"

	dir="${opts[4]}"
	hostname="${opts[3]}"
	password="${opts[5]}"

	cd "$dir"

	# we already have an fs
	if [ -d rootfs/bin ]; then
	configure

	# try to start with debootstrap image in cache
	elif [ -f "$MNT"/cache/debootstrap.tar.gz ]; then
	cp "$MNT"/cache/debootstrap.tar.gz ./
	cd rootfs
	tar xvzf ../debootstrap.tar.gz --strip-components=1
	cd ..
	rm debootstrap.tar.gz
	augment
	configure

	# build up rootfs from scratch
	else
	debootstrap --arch amd64 saucy wp http://archive.ubuntu.com/ubuntu
	augment
	configure
	fi