oanhnn/amazon-linux2-user-data.sh

## amazon-linux2-user-data.sh
#!/bin/bash -ex

GITLABUSER=oanhnn
SSHUSER=oanhnn

addgroup dev
adduser --disabled-password --ingroup dev $SSHUSER
usermod -aG sudo $SSHUSER

mkdir -p /home/$SSHUSER/.ssh
wget -q -O /home/$SSHUSER/.ssh/authorized_keys https://gitlab.com/$GITLABUSER.keys
chown -R $SSHUSER:dev /home/$SSHUSER/.ssh
chmod 755 /home/$SSHUSER/.ssh
find /home/$SSHUSER/.ssh -type d -exec chmod 755 {} \;
find /home/$SSHUSER/.ssh -type f -exec chmod 600 {} \;

# update
yum update -y
yum install -y git wget curl gcc gcc-cc++ make

# install NGINX
amazon-linux-extras install -y nginx1.12
yum install -y nginx
systemctl enable nginx
systemctl start nginx

# install Redis
amazon-linux-extras install -y redis4.0
yum install -y redis
systemctl enable redis
systemctl start redis

# install MySQL server 5.7.x
yum localinstall -y https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm
yum-config-manager --disable mysql80-community
yum-config-manager --enable mysql57-community
yum install -y mysql-community-server
systemctl enable mysqld
systemctl start mysqld

# install NodeJS
curl -sL https://rpm.nodesource.com/setup_10.x | bash -
yum install -y nodejs
npm install -y -g laravel-echo-server

# install PHP7.2
amazon-linux-extras install -y php7.2
yum install -y php-bcmath php-cli php-fpm php-gd php-intl php-json php-mbstring php-mysqlnd php-opcache php-pdo php-pecl-zip php-xml

sed -i 's|;*expose_php=.*|expose_php=0|g' /etc/php.ini
sed -i 's|;*memory_limit = 128M|memory_limit = 512M|g' /etc/php.ini
sed -i 's|;*post_max_size = 8M|post_max_size = 50M|g' /etc/php.ini
sed -i 's|;*upload_max_filesize = 2M|upload_max_filesize = 10M|g' /etc/php.ini
sed -i 's|;*max_file_uploads = 20|max_file_uploads = 20|g' /etc/php.ini
sed -i 's|;*opcache.memory_consumption=128|opcache.memory_consumption=256|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.interned_strings_buffer=8|opcache.interned_strings_buffer=16|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.max_accelerated_files=4000|opcache.max_accelerated_files=10000|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.max_wasted_percentage=5|opcache.max_wasted_percentage=10|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.validate_timestamps=1|opcache.validate_timestamps=1|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.revalidate_freq=2|opcache.revalidate_freq=60|g' /etc/php.d/10-opcache.ini
sed -i 's|;*opcache.fast_shutdown=0|opcache.fast_shutdown=0|g' /etc/php.d/10-opcache.ini

# install Composer
if [[ "$HOME" == "" ]]; then
    export COMPOSER_HOME=/root
fi
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --quiet --install-dir=/usr/local/bin/ --filename=composer
rm -f composer-setup.php

# install some PECL packages
yum install -y php-devel php-pear ImageMagick-devel ImageMagick
pecl channel-update pecl.php.net
pecl install imagick redis xdebug
echo 'extension=imagick.so' > /etc/php.d/20-imagick.ini
echo 'extension=redis.so' > /etc/php.d/20-redis.ini
yum remove -y php-devel php-pear ImageMagick-devel
systemctl start php-fpm
systemctl enable php-fpm

# install wkhtmltopdf
yum localinstall -y https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox-0.12.5-1.centos7.x86_64.rpm

mkdir -p /var/www/html
usermod -a -G apache $SSHUSER
chown -R $SSHUSER:apache /var/www
chmod 2775 /var/www
find /var/www -type d -exec chmod 2775 {} \;
find /var/www -type f -exec chmod 0664 {} \;

## ubuntu-1804-user-data.sh
#!/bin/bash -ex

DEBIAN_FRONTEND=noninteractive
GITLABUSER=oanhnn
SSHUSER=oanhnn

# update
apt update -y
apt upgrade -y
apt autoremove -y
apt install -y git wget curl gcc g++ make

# add user
addgroup dev
adduser --disabled-password --ingroup dev $SSHUSER
usermod -aG sudo $SSHUSER
usermod -aG www-data $SSHUSER

mkdir -p /home/$SSHUSER/.ssh
wget -q -O /home/$SSHUSER/.ssh/authorized_keys https://gitlab.com/$GITLABUSER.keys
chown -R $SSHUSER:dev /home/$SSHUSER/.ssh
chmod 755 /home/$SSHUSER/.ssh
find /home/$SSHUSER/.ssh -type d -exec chmod 755 {} \;
find /home/$SSHUSER/.ssh -type f -exec chmod 600 {} \;

# install NGINX
apt install -y nginx
systemctl enable nginx
systemctl start nginx

# install Redis
apt install -y redis
systemctl enable redis-server
systemctl start redis-server

# install mariadb server 5.7.x
apt install -y mysql-server
systemctl enable mysql
systemctl start mysql

# install NodeJS
curl -sL https://deb.nodesource.com/setup_10.x | bash -
apt install -y nodejs
npm install -y -g laravel-echo-server

# install PHP
apt install -y php7.2-bcmath php7.2-cli php7.2-fpm php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-zip php7.2-xml php7.2-redis php7.2-imagick

sed -i 's|;cgi.fix_pathinfo=1|cgi.fix_pathinfo=0|g' /etc/php/7.2/fpm/php.ini
sed -i 's|;*expose_php=.*|expose_php=0|g' /etc/php/7.2/fpm/php.ini
#sed -i 's|;*memory_limit = 128M|memory_limit = 512M|g' /etc/php/7.2/fpm/php.ini
sed -i 's|;*post_max_size = 8M|post_max_size = 50M|g' /etc/php/7.2/fpm/php.ini
sed -i 's|;*upload_max_filesize = 2M|upload_max_filesize = 10M|g' /etc/php/7.2/fpm/php.ini
sed -i 's|;*max_file_uploads = 20|max_file_uploads = 20|g' /etc/php/7.2/fpm/php.ini

systemctl enable php7.2-fpm
systemctl start php7.2-fpm

# install Composer
if [[ "$HOME" == "" ]]; then
    export COMPOSER_HOME=/root
fi
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --quiet --install-dir=/usr/local/bin/ --filename=composer
rm -f composer-setup.php

# firewall
ufw allow ssh
ufw allow http
ufw allow https
#ufw enable

# www dir
mkdir -p /var/www/html
chown -R $SSHUSER:www-data /var/www
chmod 2775 /var/www

## ubuntu-elastic-search.sh
#!/bin/bash -ex

ES_VERSION="6.7.0"

# Get Elastic Search package
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-${ES_VERSION}.deb
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-${ES_VERSION}.deb.sha512

# checksum
shasum -a 512 -c elasticsearch-oss-${ES_VERSION}.deb.sha512

# Install Elastic Search
dpkg -i elasticsearch-oss-${ES_VERSION}.deb
rum elasticsearch-oss-${ES_VERSION}.deb

# Enable and start Elastic Search service
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl start elasticsearch.service

# Enable Firewall
ufw allow elasticsearch
	#!/bin/bash -ex

	GITLABUSER=oanhnn
	SSHUSER=oanhnn

	addgroup dev
	adduser --disabled-password --ingroup dev $SSHUSER
	usermod -aG sudo $SSHUSER

	mkdir -p /home/$SSHUSER/.ssh
	wget -q -O /home/$SSHUSER/.ssh/authorized_keys https://gitlab.com/$GITLABUSER.keys
	chown -R $SSHUSER:dev /home/$SSHUSER/.ssh
	chmod 755 /home/$SSHUSER/.ssh
	find /home/$SSHUSER/.ssh -type d -exec chmod 755 {} \;
	find /home/$SSHUSER/.ssh -type f -exec chmod 600 {} \;

	# update
	yum update -y
	yum install -y git wget curl gcc gcc-cc++ make

	# install NGINX
	amazon-linux-extras install -y nginx1.12
	yum install -y nginx
	systemctl enable nginx
	systemctl start nginx

	# install Redis
	amazon-linux-extras install -y redis4.0
	yum install -y redis
	systemctl enable redis
	systemctl start redis

	# install MySQL server 5.7.x
	yum localinstall -y https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm
	yum-config-manager --disable mysql80-community
	yum-config-manager --enable mysql57-community
	yum install -y mysql-community-server
	systemctl enable mysqld
	systemctl start mysqld

	# install NodeJS
	curl -sL https://rpm.nodesource.com/setup_10.x \| bash -
	yum install -y nodejs
	npm install -y -g laravel-echo-server

	# install PHP7.2
	amazon-linux-extras install -y php7.2
	yum install -y php-bcmath php-cli php-fpm php-gd php-intl php-json php-mbstring php-mysqlnd php-opcache php-pdo php-pecl-zip php-xml

	sed -i 's\|;expose_php=.\|expose_php=0\|g' /etc/php.ini
	sed -i 's\|;*memory_limit = 128M\|memory_limit = 512M\|g' /etc/php.ini
	sed -i 's\|;*post_max_size = 8M\|post_max_size = 50M\|g' /etc/php.ini
	sed -i 's\|;*upload_max_filesize = 2M\|upload_max_filesize = 10M\|g' /etc/php.ini
	sed -i 's\|;*max_file_uploads = 20\|max_file_uploads = 20\|g' /etc/php.ini
	sed -i 's\|;*opcache.memory_consumption=128\|opcache.memory_consumption=256\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.interned_strings_buffer=8\|opcache.interned_strings_buffer=16\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.max_accelerated_files=4000\|opcache.max_accelerated_files=10000\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.max_wasted_percentage=5\|opcache.max_wasted_percentage=10\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.validate_timestamps=1\|opcache.validate_timestamps=1\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.revalidate_freq=2\|opcache.revalidate_freq=60\|g' /etc/php.d/10-opcache.ini
	sed -i 's\|;*opcache.fast_shutdown=0\|opcache.fast_shutdown=0\|g' /etc/php.d/10-opcache.ini

	# install Composer
	if [[ "$HOME" == "" ]]; then
	export COMPOSER_HOME=/root
	fi
	php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
	php composer-setup.php --quiet --install-dir=/usr/local/bin/ --filename=composer
	rm -f composer-setup.php

	# install some PECL packages
	yum install -y php-devel php-pear ImageMagick-devel ImageMagick
	pecl channel-update pecl.php.net
	pecl install imagick redis xdebug
	echo 'extension=imagick.so' > /etc/php.d/20-imagick.ini
	echo 'extension=redis.so' > /etc/php.d/20-redis.ini
	yum remove -y php-devel php-pear ImageMagick-devel
	systemctl start php-fpm
	systemctl enable php-fpm

	# install wkhtmltopdf
	yum localinstall -y https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox-0.12.5-1.centos7.x86_64.rpm

	mkdir -p /var/www/html
	usermod -a -G apache $SSHUSER
	chown -R $SSHUSER:apache /var/www
	chmod 2775 /var/www
	find /var/www -type d -exec chmod 2775 {} \;
	find /var/www -type f -exec chmod 0664 {} \;
	#!/bin/bash -ex

	DEBIAN_FRONTEND=noninteractive
	GITLABUSER=oanhnn
	SSHUSER=oanhnn

	# update
	apt update -y
	apt upgrade -y
	apt autoremove -y
	apt install -y git wget curl gcc g++ make

	# add user
	addgroup dev
	adduser --disabled-password --ingroup dev $SSHUSER
	usermod -aG sudo $SSHUSER
	usermod -aG www-data $SSHUSER

	mkdir -p /home/$SSHUSER/.ssh
	wget -q -O /home/$SSHUSER/.ssh/authorized_keys https://gitlab.com/$GITLABUSER.keys
	chown -R $SSHUSER:dev /home/$SSHUSER/.ssh
	chmod 755 /home/$SSHUSER/.ssh
	find /home/$SSHUSER/.ssh -type d -exec chmod 755 {} \;
	find /home/$SSHUSER/.ssh -type f -exec chmod 600 {} \;

	# install NGINX
	apt install -y nginx
	systemctl enable nginx
	systemctl start nginx

	# install Redis
	apt install -y redis
	systemctl enable redis-server
	systemctl start redis-server

	# install mariadb server 5.7.x
	apt install -y mysql-server
	systemctl enable mysql
	systemctl start mysql

	# install NodeJS
	curl -sL https://deb.nodesource.com/setup_10.x \| bash -
	apt install -y nodejs
	npm install -y -g laravel-echo-server

	# install PHP
	apt install -y php7.2-bcmath php7.2-cli php7.2-fpm php7.2-gd php7.2-intl php7.2-json php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-zip php7.2-xml php7.2-redis php7.2-imagick

	sed -i 's\|;cgi.fix_pathinfo=1\|cgi.fix_pathinfo=0\|g' /etc/php/7.2/fpm/php.ini
	sed -i 's\|;expose_php=.\|expose_php=0\|g' /etc/php/7.2/fpm/php.ini
	#sed -i 's\|;*memory_limit = 128M\|memory_limit = 512M\|g' /etc/php/7.2/fpm/php.ini
	sed -i 's\|;*post_max_size = 8M\|post_max_size = 50M\|g' /etc/php/7.2/fpm/php.ini
	sed -i 's\|;*upload_max_filesize = 2M\|upload_max_filesize = 10M\|g' /etc/php/7.2/fpm/php.ini
	sed -i 's\|;*max_file_uploads = 20\|max_file_uploads = 20\|g' /etc/php/7.2/fpm/php.ini

	systemctl enable php7.2-fpm
	systemctl start php7.2-fpm

	# install Composer
	if [[ "$HOME" == "" ]]; then
	export COMPOSER_HOME=/root
	fi
	php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
	php composer-setup.php --quiet --install-dir=/usr/local/bin/ --filename=composer
	rm -f composer-setup.php

	# firewall
	ufw allow ssh
	ufw allow http
	ufw allow https
	#ufw enable

	# www dir
	mkdir -p /var/www/html
	chown -R $SSHUSER:www-data /var/www
	chmod 2775 /var/www
	#!/bin/bash -ex

	ES_VERSION="6.7.0"

	# Get Elastic Search package
	wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-${ES_VERSION}.deb
	wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-${ES_VERSION}.deb.sha512

	# checksum
	shasum -a 512 -c elasticsearch-oss-${ES_VERSION}.deb.sha512

	# Install Elastic Search
	dpkg -i elasticsearch-oss-${ES_VERSION}.deb
	rum elasticsearch-oss-${ES_VERSION}.deb

	# Enable and start Elastic Search service
	systemctl daemon-reload
	systemctl enable elasticsearch.service
	systemctl start elasticsearch.service

	# Enable Firewall
	ufw allow elasticsearch