Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
set -e -x
# Update and upgrade packages
sudo apt-get update
sudo DEBIAN_FRONTEND=noninteractive apt-get -y upgrade
# Install AWS cli
sudo apt-get install -y python3-pip
sudo pip3 install awscli
# Set Variables
SSM_KEY=<Your SSM Parameter Name>
REGION=$(curl -s | grep region | awk -F\" '{print $4}')
HOSTNAME=$(curl -sf
TAG_VALUE=$(aws ec2 describe-tags --filters "Name=resource-id,Values=`ec2metadata --instance-id`" "Name=key,Values=Name" --query 'Tags[0].Value' --region $REGION --output=text | tr "[:upper:]" "[:lower:]")
# Set timezone to EST
sudo timedatectl set-timezone EST
# Install pre-requisites
sudo apt-get install -y jq apt-transport-https ca-certificates software-properties-common build-essential make gcc mysql-client mysql-common libmysqlclient-dev
# Add Node Repos
curl -sL | sudo -E bash -
curl -sS | sudo apt-key add -
echo "deb stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
# Add BrightBox Ruby repos
sudo add-apt-repository -y ppa:brightbox/ruby-ng
# Add Phusion Passenger repos
sudo apt-key adv --keyserver hkp:// --recv-keys 561F9B9CAC40B2F7
sudo sh -c 'echo deb bionic main > /etc/apt/sources.list.d/passenger.list'
# Add nginx repository / Cannot use custom nginx repo because of Passenger dependencies
#sudo add-apt-repository -y ppa:nginx/mainline
# Update package lists
sudo apt-get update
# Install Ruby and required libraries
sudo apt-get install -y zlib1g-dev libreadline-dev libssl-dev libyaml-dev curl imagemagick imagemagick-common libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev libffi-dev
sudo apt-get install -y ruby2.6 libruby2.6 ruby2.6-dev
#Install gems
sudo gem update --system
sudo gem install bundler
# Install nodejs
sudo apt-get install -y nodejs yarn
# Install nginx and Passenger
sudo apt-get -y install nginx nginx-common nginx-extras
sudo apt-get -y install passenger passenger-dev passenger-doc libnginx-mod-http-passenger
sudo rm /etc/nginx/sites-enabled/default
sudo service nginx restart
# Configure and install postfix
sudo debconf-set-selections <<< "postfix postfix/main_mailer_type select smarthost"
sudo debconf-set-selections <<< "postfix postfix/mailname string $HOSTNAME"nginx
sudo debconf-set-selections <<< "postfix postfix/relayhost string"
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y htop wget mailutils
# Configure Radius Auth
sudo apt-get install -y libpam-radius-auth
sudo sh -c 'echo <radius server 1> AWSR@d1UsS3cr37 3 >> /etc/pam_radius_auth.conf'
sudo sh -c 'echo <radius server 2> AWSR@d1UsS3cr37 3 >> /etc/pam_radius_auth.conf'
#sudo sh -c 'echo auth sufficient >> /etc/pam.d/sshd'
#sudo sh -c 'echo auth sufficient >> /etc/pam.d/sudo'
sudo sed -i "1 i\auth sufficient" /etc/pam.d/sshd
sudo sed -i "1 i\auth sufficient" /etc/pam.d/sudo
sudo sed -i "s/.*PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config
sudo service ssh reload
# Add local users
sudo useradd -m user1
sudo useradd -m user2
sudo useradd -m user3
# Give users sudo rights
sudo usermod -G admin user1
sudo usermod -G admin user2
sudo usermod -G admin user3
# Install CodeDeploy
# Fix needed to get installer to work with ruby2.6
perl -pi -e "s{\\['2.5', '2.4', '2.3', '2.2', '2.1', '2.0'\\]}{['2.6', '2.5', '2.4', '2.3', '2.2', '2.1', '2.0']}" install
sudo chmod +x ./install
sudo ./install auto
# Install/Configure AWS CloudWatch Logs
sudo dpkg -i -E ./amazon-cloudwatch-agent.deb
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c ssm:$SSM_KEY -s
# Symbolic Links
sudo ln -s /usr/bin/python3 /usr/local/bin/python
sudo ln -s /usr/bin/pip3 /usr/local/bin/pip
# Install TEST/ADMIN software
if [[ $TAG_VALUE =~ "test" ]] || [[ $TAG_VALUE =~ "admin" ]]; then
echo "This is a test or admin server.... Installing extra software"
# Install redis
sudo apt-get install -y redis-server
# Install memcached
sudp apt-get install -y memcached
# Install sidekiq
sudo gem install sidekiq
# Setup TEST passwords
sudo apt-get install -y apache2-utils
sudo htpasswd -b -c /etc/nginx/.htpasswd <user> <password>
echo "This is not a test or admin server."
# Install application 1 software
if [[ $TAG_VALUE =~ "application1" ]]; then
echo "This is a Application 1 server.... Installing extra software"
# Configure web root
sudo mkdir /var/www/root
sudo chown web.web /var/www/root
# Install postgres libs
sudo apt-get install -y libpq-dev
echo "This is not a Application 1 server."
# Install Application 2 software
if [[ $TAG_VALUE =~ "Application 2" ]]; then
echo "This is a Application 2 server.... Installing extra software"
sudo mkdir /var/www/root
sudo chown web.web /var/www/root
# Install postgres libs
sudo apt-get install -y libpq-dev
echo "This is not a Application 2 server."
echo "Installation Complete!"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment