Last active
December 15, 2020 11:38
-
-
Save peter279k/cab67ba6207ec291747cc3cc6071a519 to your computer and use it in GitHub Desktop.
The customized Packaggist mirror installer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# You should look at the following URL's in order to grasp a solid understanding | |
# of Nginx configuration files in order to fully unleash the power of Nginx. | |
# https://www.nginx.com/resources/wiki/start/ | |
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ | |
# https://wiki.debian.org/Nginx/DirectoryStructure | |
# | |
# In most cases, administrators will remove this file from sites-enabled/ and | |
# leave it as reference inside of sites-available where it will continue to be | |
# updated by the nginx packaging team. | |
# | |
# This file will automatically load configuration files provided by other | |
# applications, such as Drupal or Wordpress. These applications will be made | |
# available underneath a path with that package name, such as /drupal8. | |
# | |
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. | |
## | |
# Default server configuration | |
# | |
server { | |
listen 80 default_server; | |
listen [::]:80 default_server; | |
# SSL configuration | |
# | |
# listen 443 ssl default_server; | |
# listen [::]:443 ssl default_server; | |
# | |
# Note: You should disable gzip for SSL traffic. | |
# See: https://bugs.debian.org/773332 | |
# | |
# Read up on ssl_ciphers to ensure a secure configuration. | |
# See: https://bugs.debian.org/765782 | |
# | |
# Self signed certs generated by the ssl-cert package | |
# Don't use them in a production server! | |
# | |
# include snippets/snakeoil.conf; | |
root /var/www/html/public; | |
# Add index.php to the list if you are using PHP | |
index index.html index.htm index.nginx-debian.html; | |
server_name _; | |
location / { | |
# First attempt to serve request as file, then | |
# as directory, then fall back to displaying a 404. | |
gzip_static on; | |
gunzip on; | |
try_files $uri $uri/ =404; | |
} | |
# pass PHP scripts to FastCGI server | |
# | |
location ~ \.php$ { | |
include snippets/fastcgi-php.conf; | |
# # With php-fpm (or other unix sockets): | |
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; | |
# # With php-cgi (or other tcp sockets): | |
# fastcgi_pass 127.0.0.1:9000; | |
} | |
# deny access to .htaccess files, if Apache's document root | |
# concurs with nginx's one | |
# | |
location ~ /\.git { | |
deny all; | |
} | |
} | |
# Virtual Host configuration for example.com | |
# | |
# You can move that to a different file under sites-available/ and symlink that | |
# to sites-enabled/ to enable it. | |
# | |
#server { | |
# listen 80; | |
# listen [::]:80; | |
# | |
# server_name example.com; | |
# | |
# root /var/www/example.com; | |
# index index.html; | |
# | |
# location / { | |
# try_files $uri $uri/ =404; | |
# } | |
#} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
worker_processes auto; | |
pid /run/nginx.pid; | |
include /etc/nginx/modules-enabled/*.conf; | |
events { | |
worker_connections 4096; | |
# multi_accept on; | |
} | |
http { | |
## | |
# Basic Settings | |
## | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
server_tokens off; | |
# server_names_hash_bucket_size 64; | |
# server_name_in_redirect off; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
## | |
# SSL Settings | |
## | |
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE | |
ssl_prefer_server_ciphers on; | |
## | |
# Logging Settings | |
## | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
## | |
# Gzip Settings | |
## | |
gzip on; | |
gzip_static on; | |
gunzip on; | |
gzip_disable "msie6"; | |
gzip_vary on; | |
gzip_proxied any; | |
gzip_comp_level 6; | |
gzip_buffers 16 8k; | |
gzip_http_version 1.1; | |
gzip_min_length 256; | |
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
## | |
# Virtual Host Configs | |
## | |
include /etc/nginx/conf.d/*.conf; | |
include /etc/nginx/sites-enabled/*; | |
} | |
#mail { | |
# # See sample authentication script at: | |
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript | |
# | |
# # auth_http localhost/auth.php; | |
# # pop3_capabilities "TOP" "USER"; | |
# # imap_capabilities "IMAP4rev1" "UIDPLUS"; | |
# | |
# server { | |
# listen localhost:110; | |
# protocol pop3; | |
# proxy on; | |
# } | |
# | |
# server { | |
# listen localhost:143; | |
# protocol imap; | |
# proxy on; | |
# } | |
#} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
green_color='\e[0;32m' | |
red_color='\e[0;31m' | |
rest_color='\e[0m' | |
echo -e "${green_color}Install Packagist Mirror has been started...${rest_color}" | |
echo -e "${green_color}Note: This Bash Script is avaialble for Ubuntu 18.04 and Ubuntu 20.04 on 'host' at this moment...${rest_color}" | |
echo -e "${green_color}To install the mirror as well, It recommends using clean Linux Ubuntu distributions...${rest_color}" | |
sudo_prefix="sudo " | |
if [[ ${USER} == "root" ]]; then | |
sudo_prefix="" | |
else | |
echo -e "${red_color}Don't forget to setup ${USER} having the sudo privilege...${rest_color}" | |
fi; | |
${sudo_prefix} apt-get update | |
${sudo_prefix} apt-get install -y software-properties-common locales wget gzip curl git cron tzdata ufw | |
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu $(lsb_release -sc) main" | ${sudo_prefix}tee /etc/apt/sources.list.d/ondrej.list | |
echo "deb-src http://ppa.launchpad.net/ondrej/php/ubuntu $(lsb_release -sc) main" | ${sudo_prefix}tee -a /etc/apt/sources.list.d/ondrej.list | |
${sudo_prefix}apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 14AA40EC0831756756D7F66C4F4EA0AAE5267A6C | |
${sudo_prefix}apt-get update | |
${sudo_prefix}apt-get install -y apt-transport-https git apt-utils php7.3-cli php7.3-curl php7.3-zip zip unzip php7.3-json php7.3-mbstring | |
${sudo_prefix}apt-get install -y php7.3-xml php7.3-dom php7.3-xsl php7.3-fpm nginx | |
echo -e "${green_color}Enabling Nginx service on background...${rest_color}" | |
${sudo_prefix}systemctl enable --now nginx | |
${sudo_prefix}systemctl start nginx | |
echo -e "${green_color}Enabling Cron service on background...${rest_color}" | |
${sudo_prefix}systemctl enable --now cron | |
${sudo_prefix}systemctl start cron | |
${sudo_prefix}ufw status | grep inactive | |
if [[ $? != 0 ]]; then | |
${sudo_prefix}ufw allow http | |
else | |
echo -e "${red_color}I strong recommend enabling ufw to protect your Server...${rest_color}" | |
fi; | |
echo -e "${green_color}Setup system locale setting...${rest_color}" | |
${sudo_prefix}locale-gen "en_US.UTF-8" | |
echo 'LC_ALL="en_US.UTF-8"' | ${sudo_prefix}tee /etc/default/locale | |
echo 'LANG="en_US.UTF-8"' | ${sudo_prefix}tee /etc/default/locale | |
echo -e "${green_color}Setup system timezone with interactive...${rest_color}" | |
${sudo_prefix}dpkg-reconfigure tzdata | |
read -p "Please inpput current hostname: " host_name | |
if [[ ${host_name} == "" ]]; then | |
echo -e "${red_color}The hostname is not set...${rest_color}" | |
read -p "Do you want to set this $(hostname)? [Y/n] " answer | |
if [[ ${answer} == "Y" || ${answer} == "y" ]]; then | |
host_name=$(hostname) | |
else | |
echo -e "${red_color}Stopped.${rest_color}" | |
exit 1; | |
fi; | |
fi; | |
echo -e "${green_color}Copy nginx.conf file to /etc/nginx/nginx.conf and nginx-default file to /etc/nginx/sites-available/default${rest_color}" | |
if [[ ! -f "${HOME}/nginx.conf" ]]; then | |
echo "${HOME}/nginx.conf file is not existed..." | |
read -p "Do you want to skip this copy? [Y/n] " skip_answer | |
if [[ ${skip_answer} == "Y" || ${skip_answer} == "y" ]]; then | |
echo -e "${red_color}Skipped...${rest_color}" | |
else | |
exit 1; | |
fi; | |
fi; | |
if [[ ${skip_answer} != "Y" && ${skip_answer} != "y" ]]; then | |
${sudo_prefix}cp "${HOME}/nginx.conf" /etc/nginx/nginx.conf | |
fi; | |
if [[ ! -f "${HOME}/nginx-default" ]]; then | |
echo -e "${red_color}${HOME}/nginx-default file is not existed...${rest_color}" | |
read -p "Do you want to skip this copy? [Y/n] " skip_answer | |
if [[ ${skip_answer} == "Y" || ${skip_answer} == "y" ]]; then | |
echo "Skipped..." | |
else | |
exit 1; | |
fi; | |
fi; | |
if [[ ${skip_answer} != "Y" && ${skip_answer} != "y" ]]; then | |
${sudo_ptrfix}cp "${HOME}/nginx-default" /etc/nginx/sites-available/default | |
fi; | |
read -p "Do you want to remove all files and folders on /var/www/html/ folder? [Y/n] " remove_answer | |
if [[ ${remove_answer} == "Y" || ${remove_answer} == "y" ]]; then | |
${sudo_prefix}rm -rf /var/www/html/* | |
${sudo_prefix}rm -rf /var/www/html/.* 2> /dev/null | |
else | |
read -p "Do you want to update packagist-mirror repository? [Y/n] " update_answer | |
fi; | |
echo -e "${green_color}Check Nginx configuration syntax...${rest_color}" | |
${sudo_prefix}nginx -t | |
if [[ $? != 0 ]]; then | |
echo -e "${red_color}Check Nginx configuration is failed... Stopped.${rest_color}" | |
exit 1; | |
fi; | |
${sudo_prefix}systemctl restart nginx | |
cd /var/www/html | |
if [[ ${remove_answer} == "Y" || ${remove_answer} == "y" ]]; then | |
git clone https://github.com/webysther/packagist-mirror . | |
${sudo_prefix}chown -R www-data:www-data /var/www/html/ | |
${sudo_prefix}chmod -R ug+rwx /var/www/html/public/ | |
fi; | |
curl -sS https://getcomposer.org/installer | php | |
php ./composer.phar install -n | |
read -p "Do you want to update dependencies with \"composer update -n\" ? [Y/n] " update_package_answer | |
if [[ ${update_answer} == "Y" || ${update_answer} == "y" ]]; then | |
git pull origin master | |
fi; | |
if [[ ${update_package_answer} == "Y" || ${update_package_answer} == "y" ]]; then | |
php ./composer.phar update -n | |
fi; | |
if [[ ! -f "${HOME}/.env" ]]; then | |
echo -e "${red_color}Please setup ${HOME}/.env file and refer ${PWD}/.env.example file to create...${rest_color}" | |
exit 1; | |
fi; | |
if [[ -f "${HOME}/.env" ]]; then | |
cp "${HOME}/.env" /var/www/html/.env | |
fi; | |
read -p "Do you want to sync mirror now? [Y/n] " sync_mirror_ans | |
if [[ ${sync_mirror_ans} == "Y" || ${sync_mirror_ans} == "y" ]]; then | |
echo -e "${green_color}Sync the mirror firstly...${rest_color}" | |
php bin/mirror create -vvv | |
fi; | |
echo -e "${green_color}Setup the Cronjob file to /var/spool/cron/crontabs/root file...${rest_color}" | |
echo -e "${green_color}The original Cronjob file is copied to /var/spool/cron/crontabs/root.back...${rest_color}" | |
${sudo_prefix}cp /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.back | |
${sudo_prefix}rm -f /var/spool/cron/crontabs/root | |
echo "*/5 * * * * cd /var/www/html/ && php bin/mirror create -vvv" | ${sudo_prefix}tee -a /var/spool/cron/crontabs/root | |
echo "*/10 * * * * cd /var/www/html/ && git pull origin master --no-edit" | ${sudo_prefix}tee -a /var/spool/cron/crontabs/root | |
${sudo_prefix}chmod 0600 /var/spool/cron/crontabs/root | |
${sudo_prefix}systemctl restart cron | |
echo -e "${green_color}Update and clean packages...${rest_color}" | |
${sudo_prefix}apt-get dist-upgrade -y | |
${sudo_prefix}apt-get autoremove -y | |
${sudo_prefix}apt-get clean | |
echo -e "${green_color}The Packagist Mirror has been installed successfully.${rest_color}" | |
read -p "Do you want to install and configure Let's encrypt x3 SSL with Certbot? [Y/n] " install_answer | |
if [[ ${install_answer} == "Y" || ${install_answer} == "y" ]]; then | |
echo -e "${green_color}Install required packages...${rest_color}" | |
if [[ $(lsb_release -sc) == "bionic" ]]; then | |
${sudo_prefix}apt-get update | |
${sudo_prefix}apt-get install -y software-properties-common | |
${sudo_prefix}add-apt-repository universe | |
${sudo_ptrfix}add-apt-repository -y ppa:certbot/certbot | |
${sudo_prefix}apt-get update | |
fi; | |
${sudo_prefix}apt-get install -y certbot python3-certbot-nginx | |
echo -e "${green_color}Start generating and configuring cert automatically...${rest_color}" | |
${sudo_prefix}certbot --nginx | |
if [[ $? != 0 ]]; then | |
echo -e "${red_color}Something error happen during certbot running... Stopped.${rest_color}" | |
exit 1; | |
fi; | |
echo "00 23 * * * certbot renew --dry-run" | ${sudo_prefix}tee -a /var/spool/cron/crontabs/root | |
${sudo_prefix}chmod 0600 /var/spool/cron/crontabs/root | |
${sudo_prefix}systemctl restart cron | |
${sudo_prefix}ufw status | grep inactive | |
if [[ $? != 0 ]]; then | |
${sudo_prefix}ufw allow https | |
fi; | |
fi; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment