Created
April 3, 2019 13:50
Star
You must be signed in to star a gist
ubuntu-18.04-ruby2.6-base-install.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e -x | |
# Update and upgrade packages | |
sudo apt-get update | |
sudo DEBIAN_FRONTEND=noninteractive apt-get -y upgrade | |
# Install AWS cli | |
sudo apt-get install -y python3-pip | |
sudo pip3 install awscli | |
# Set Variables | |
SSM_KEY=<Your SSM Parameter Name> | |
REGION=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | grep region | awk -F\" '{print $4}') | |
HOSTNAME=$(curl -sf http://169.254.169.254/latest/meta-data/hostname) | |
TAG_VALUE=$(aws ec2 describe-tags --filters "Name=resource-id,Values=`ec2metadata --instance-id`" "Name=key,Values=Name" --query 'Tags[0].Value' --region $REGION --output=text | tr "[:upper:]" "[:lower:]") | |
# Set timezone to EST | |
sudo timedatectl set-timezone EST | |
# Install pre-requisites | |
sudo apt-get install -y jq apt-transport-https ca-certificates software-properties-common build-essential make gcc mysql-client mysql-common libmysqlclient-dev | |
# Add Node Repos | |
curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash - | |
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - | |
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list | |
# Add BrightBox Ruby repos | |
sudo add-apt-repository -y ppa:brightbox/ruby-ng | |
# Add Phusion Passenger repos | |
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 | |
sudo sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger bionic main > /etc/apt/sources.list.d/passenger.list' | |
# Add nginx repository / Cannot use custom nginx repo because of Passenger dependencies | |
#sudo add-apt-repository -y ppa:nginx/mainline | |
# Update package lists | |
sudo apt-get update | |
# Install Ruby and required libraries | |
sudo apt-get install -y zlib1g-dev libreadline-dev libssl-dev libyaml-dev curl imagemagick imagemagick-common libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev libffi-dev | |
sudo apt-get install -y ruby2.6 libruby2.6 ruby2.6-dev | |
#Install gems | |
sudo gem update --system | |
sudo gem install bundler | |
# Install nodejs | |
sudo apt-get install -y nodejs yarn | |
# Install nginx and Passenger | |
sudo apt-get -y install nginx nginx-common nginx-extras | |
sudo apt-get -y install passenger passenger-dev passenger-doc libnginx-mod-http-passenger | |
sudo rm /etc/nginx/sites-enabled/default | |
sudo service nginx restart | |
# Configure and install postfix | |
sudo debconf-set-selections <<< "postfix postfix/main_mailer_type select smarthost" | |
sudo debconf-set-selections <<< "postfix postfix/mailname string $HOSTNAME"nginx | |
sudo debconf-set-selections <<< "postfix postfix/relayhost string 172.253.253.110" | |
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y htop wget mailutils | |
# Configure Radius Auth | |
sudo apt-get install -y libpam-radius-auth | |
sudo sh -c 'echo <radius server 1> AWSR@d1UsS3cr37 3 >> /etc/pam_radius_auth.conf' | |
sudo sh -c 'echo <radius server 2> AWSR@d1UsS3cr37 3 >> /etc/pam_radius_auth.conf' | |
#sudo sh -c 'echo auth sufficient pam_radius_auth.so >> /etc/pam.d/sshd' | |
#sudo sh -c 'echo auth sufficient pam_radius_auth.so >> /etc/pam.d/sudo' | |
sudo sed -i "1 i\auth sufficient pam_radius_auth.so" /etc/pam.d/sshd | |
sudo sed -i "1 i\auth sufficient pam_radius_auth.so" /etc/pam.d/sudo | |
sudo sed -i "s/.*PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config | |
sudo service ssh reload | |
# Add local users | |
sudo useradd -m user1 | |
sudo useradd -m user2 | |
sudo useradd -m user3 | |
# Give users sudo rights | |
sudo usermod -G admin user1 | |
sudo usermod -G admin user2 | |
sudo usermod -G admin user3 | |
# Install CodeDeploy | |
wget https://aws-codedeploy-us-east-1.s3.amazonaws.com/latest/install | |
# Fix needed to get installer to work with ruby2.6 | |
perl -pi -e "s{\\['2.5', '2.4', '2.3', '2.2', '2.1', '2.0'\\]}{['2.6', '2.5', '2.4', '2.3', '2.2', '2.1', '2.0']}" install | |
sudo chmod +x ./install | |
sudo ./install auto | |
# Install/Configure AWS CloudWatch Logs | |
wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb | |
sudo dpkg -i -E ./amazon-cloudwatch-agent.deb | |
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c ssm:$SSM_KEY -s | |
# Symbolic Links | |
sudo ln -s /usr/bin/python3 /usr/local/bin/python | |
sudo ln -s /usr/bin/pip3 /usr/local/bin/pip | |
# Install TEST/ADMIN software | |
if [[ $TAG_VALUE =~ "test" ]] || [[ $TAG_VALUE =~ "admin" ]]; then | |
echo "This is a test or admin server.... Installing extra software" | |
# Install redis | |
sudo apt-get install -y redis-server | |
# Install memcached | |
sudp apt-get install -y memcached | |
# Install sidekiq | |
sudo gem install sidekiq | |
# Setup TEST passwords | |
sudo apt-get install -y apache2-utils | |
sudo htpasswd -b -c /etc/nginx/.htpasswd <user> <password> | |
else | |
echo "This is not a test or admin server." | |
fi | |
# Install application 1 software | |
if [[ $TAG_VALUE =~ "application1" ]]; then | |
echo "This is a Application 1 server.... Installing extra software" | |
# Configure web root | |
sudo mkdir /var/www/root | |
sudo chown web.web /var/www/root | |
# Install postgres libs | |
sudo apt-get install -y libpq-dev | |
else | |
echo "This is not a Application 1 server." | |
fi | |
# Install Application 2 software | |
if [[ $TAG_VALUE =~ "Application 2" ]]; then | |
echo "This is a Application 2 server.... Installing extra software" | |
sudo mkdir /var/www/root | |
sudo chown web.web /var/www/root | |
# Install postgres libs | |
sudo apt-get install -y libpq-dev | |
else | |
echo "This is not a Application 2 server." | |
fi | |
echo "Installation Complete!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment