Skip to content

Instantly share code, notes, and snippets.

@lennartvdd

lennartvdd/ubuntu-lemp-yii1-installer.sh

Last active January 16, 2018 06:04
Show Gist options
  • Save lennartvdd/8200f64ae2e377e6c29d to your computer and use it in GitHub Desktop.
Save lennartvdd/8200f64ae2e377e6c29d to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu LEMP installer (Yii 1.x)
Raw
ubuntu-lemp-yii1-installer.sh
#!/bin/bash
# This script does the following things
# - update apt respositories
# - Install:
# - nginx
# - memcaced
# - php5-fpm
# - php5-mysql
# - php5-curl
# - php-apc
# - php5-memcache
# - php5-sqlite
# - php5-gd
# - git
# - composer
# - Create a GIT User
# - Set up GIT bare repo
# - Set up GIT working directories for nginx
# - TODO: configure nginx to use PHP-FPM
# - TODO: perform initial checkout (run by codeship or manual remote push)
# - TODO: enable website in nginx (on catch-all vhost?)
# - TODO: optimize nginx performance
ValidHostnameRegex="^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$";
echo -n "App name: "
read APP
if [[ ! ${APP} =~ ^[a-zA-Z][a-zA-Z0-9_-]+$ ]]; then
echo "Invalid app name. Please simplify. No special chars. Start with a letter from the alphabet"
exit 1
fi
echo -n "App hostname: "
read APP_HOSTNAME
if [[ ! ${APP_HOSTNAME} =~ $ValidHostnameRegex ]]; then
echo "Invalid hostname. Please simplify. No special chars. Start with a letter from the alphabet"
exit 1
fi
echo -n "GIT branch: "
read GIT_BRANCH
if [[ ! ${GIT_BRANCH} =~ ^[a-zA-Z][a-zA-Z0-9/_-]+$ ]]; then
echo "Invalid git branch name. Please simplify. No special chars. Start with a letter from the alphabet"
exit 1
fi
GIT_USER=git
GIT_GROUP=git
GIT_HOME=/home/git
GIT_REPOSITORY=$GIT_HOME/$APP.git
WEBSERVER_USER=www-data
WEBSERVER_GROUP=www-data
APPLICATION_DIR=/var/www/$APP
#############################
set -e
if [[ $EUID -ne 0 ]]; then
echo "You must be a root user to run this script." 2>&1
exit 1
fi
# Set TimeZone
echo "Europe/Amsterdam" | tee /etc/timezone
dpkg-reconfigure --frontend noninteractive tzdata
apt-get update
echo "Installing Postfix. Please see https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid for install instructions."
read -p "Press [Enter] key to continue..."
echo "Again: make sure you follow the instructions here! https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid"
read -p "Have you read it? Press [Enter] key to continue for real this time..."
apt-get install -y libsasl2-modules postfix # manual configuration required here! See https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid
apt-get install -y nginx
apt-get install -y memcached
apt-get install -y php5-fpm php5-mysql php5-curl php-apc php5-memcache php5-sqlite php-soap php5-ldap php5-gd
apt-get install -y git
curl -sS https://getcomposer.org/installer | php && cp composer.phar /usr/local/bin/composer
# php.ini disable cgi.fix_pathinfo (security risk)
sed 's/^;\?\s\?cgi\.fix_pathinfo\s*=\s*[01]\s*$/cgi\.fix_pathinfo=0/' < /etc/php5/fpm/php.ini > /etc/php5/fpm/php.ini.tmp && mv /etc/php5/fpm/php.ini.tmp /etc/php5/fpm/php.ini
service php5-fpm restart
mkdir -p $APPLICATION_DIR
chown -R $WEBSERVER_USER:$WEBSERVER_GROUP $APPLICATION_DIR
chmod -R ug+rws $APPLICATION_DIR
#Set up git user and create a bare repository
useradd -m -s /bin/bash -G $WEBSERVER_GROUP $GIT_USER # TODO make /bin/nologin
su - $GIT_USER -c "mkdir -p "$GIT_REPOSITORY" && cd "$GIT_REPOSITORY"; git init --bare;"
# START: create 'hook/post-receive' script
echo '#!/bin/bash
export GIT_WORK_TREE='$APPLICATION_DIR'
GIT_BRANCH='$GIT_BRANCH'
YII_APP=$GIT_WORK_TREE/public_html
#################
set -e
echo "Deploying $GIT_BRANCH branch to local worktree..."
git checkout -f $GIT_BRANCH
echo "Setting permissions..."
chmod +x $YII_APP/protected/yiic
chmod 0777 $YII_APP/assets
chmod 0777 $YII_APP/protected/runtime
echo "Running migrations..."
$YII_APP/protected/yiic migrate --interactive=0
echo "Done deploying"
' > $GIT_REPOSITORY/hooks/post-receive
# END: create 'hook/post-receive' script
chmod 0775 $GIT_REPOSITORY/hooks/post-receive
chown -R $GIT_USER:$GIT_GROUP $GIT_HOME/*
echo '
server {
set $host_path "'$APPLICATION_DIR'";
server_name '$APP_HOSTNAME';
root $host_path/public_html;
set $yii_bootstrap "index.php";
charset utf-8;
location / {
index index.html $yii_bootstrap;
try_files $uri $uri/ /$yii_bootstrap?$args;
}
location ~ ^/(protected|framework|themes/\w+/views) {
deny all;
}
#avoid processing of calls to unexisting static files by yii
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
try_files $uri =404;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php {
fastcgi_split_path_info ^(.+\.php)(.*)$;
#let yii catch the calls to unexising PHP files
set $fsn /$yii_bootstrap;
if (-f $document_root$fastcgi_script_name){
set $fsn $fastcgi_script_name;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fsn;
#PATH_INFO and PATH_TRANSLATED can be omitted, but RFC 3875 specifies them for CGI
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fsn;
}
# prevent nginx from serving dotfiles (.htaccess, .svn, .git, etc.)
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}
' > /etc/nginx/sites-available/$APP
ln -s /etc/nginx/sites-available/$APP /etc/nginx/sites-enabled/$APP
service nginx restart
cat <<EOF > ~/install_notes.txt
Application environment is now configured.
Hostname: $APP_HOSTNAME
Appdir: $APPLICATION_DIR
GIT Branch: $GIT_BRANCH
You must perform the following tasks manually:
1. If you have not done it previously, configure postfix to use a sendhost like mandrillapp.
See: https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid
2. Add the CodeShip Project's SSH key to this server's git user authorized_keys file.
NOTE:
This is best done via the Google Developer console.
Prefix the key description with git@
3. Configure CodeShip Project Deployment (under Project Settings > Deployment)
$ git fetch --unshallow origin
$ git push git@[server hostname/ip]:{$APP}.git $GIT_BRANCH
4. Make a commit and push it to GitHub to start a build @ CodeShip. If the build succeeds, code is deployed to the server.
NOTE:
These instructions are for NEW apps. You can safely ignore this when restoring an existing application.
The first deployment will fail on migrations. You must come back here to configure the app.
1. Create config/main.php and config/console.php (database, caching, etc).
2. Configure database connections.
3. Run initial migrations
$ ./yiic migrate --interactive=0 --migrationPath=ext.apiAuth.migrations
$ ./yiic migrate --interactive=0
4. When using rights: install it manually by calling http://$APP_HOSTNAME/rights/install.
You can login using admin/admin.
NOTE: Don't forget to set module.rights.install=false in main.php after installing rights.
You have to do this manually. It's advised to change the default admin/admin password.
5. Set the $APP_HOSTNAME DNS to resolve to this server's public IP address when you have confirmed that everything works.
6. Optionally reconfigure the nginx virtualhost to use SSL. For more information, see:
https://www.digitalocean.com/community/tutorials/how-to-create-an-ssl-certificate-on-nginx-for-ubuntu-14-04#step-two-—-configure-nginx-to-use-ssl
EOF
cat ~/install_notes.txt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment