LEMP stack on Ubuntu 22.04 (2023)

gistfile1.txt

#!/bin/bash

# This script is meant to be run on a fresh Ubuntu 22.04 installation. 
# Tired of manually installing LEMP stack on Ubuntu? This script will do it for you.

# Ensure the script is run as root
if [ "$EUID" -ne 0 ]
  then echo "Please run as root"
  exit
fi

# Step 1: Update system packages
echo "Updating system packages..."
apt update && apt upgrade -y && apt dist-upgrade -y && apt autoremove -y && apt clean
echo "Package update complete."

# Step 2: Install Nginx using the official repository
echo "Installing dependencies required for Nginx installation..."
apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring

echo "Fetching the Nginx signing key..."
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
    | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

echo "Setting up the Nginx repository..."
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

echo "Pinning the Nginx repository to prioritize its packages..."
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
    | sudo tee /etc/apt/preferences.d/99nginx

echo "Updating apt packages list..."
apt update

echo "Installing Nginx..."
apt install nginx

echo "Nginx installation complete."

# Step 3: Install MariaDB
echo "Installing MariaDB..."
apt install mariadb-server -y
echo "MariaDB installation complete." # Remind user to run mysql_secure_installation in the end

# Step 4: Install PHP 8.2 using the official repository
echo "Adding the PHP 8.2 repository..."
sudo add-apt-repository ppa:ondrej/php -y

echo "Updating the package list..."
apt update

echo "Installing PHP 8.2 and necessary extensions..."
apt install php8.2-fpm php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-imagick php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-soap php8.2-zip php8.2-bcmath -y

echo "Configuring PHP settings..."
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/8.2/fpm/php.ini
sed -i 's/memory_limit = 128M/memory_limit = 512M/g' /etc/php/8.2/fpm/php.ini
sed -i 's/post_max_size = 8M/post_max_size = 128M/g' /etc/php/8.2/fpm/php.ini
sed -i 's/max_file_uploads = 20/max_file_uploads = 30/g' /etc/php/8.2/fpm/php.ini
sed -i 's/max_execution_time = 30/max_execution_time = 900/g' /etc/php/8.2/fpm/php.ini
sed -i 's/max_input_time = 60/max_input_time = 3000/g' /etc/php/8.2/fpm/php.ini
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 128M/g' /etc/php/8.2/fpm/php.ini
echo "Restarting PHP 8.2-FPM service..."
service php8.2-fpm restart

# Step 5: Adjust permissions for web directories
echo "Adjusting permissions for the web directories..."
chown -R www-data:www-data /var/www/
chmod -R 755 /var/www/
chown -R www-data:www-data /usr/share/nginx/
chmod -R 755 /usr/share/nginx/
echo "Permission adjustment complete."

# Step 6: Install redis
echo "Installing redis..."
curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list

sudo apt-get update
sudo apt-get install redis -y
systemctl enable redis-server.service # Enable redis to start on boot (it doesn't by default)
systemctl start redis-server.service
echo "Redis installation complete."

echo "Installing php redis extension..."
apt install php8.2-redis -y
echo "php redis extension installation complete."

# Step 7: Install certbot
echo "Installing certbot..."
snap install --classic certbot # snap works on Ubuntu by default, for other distros, read the instructions here: https://certbot.eff.org/instructions
ln -s /snap/bin/certbot /usr/bin/certbot
echo "Certbot installation complete."

# Step 8: Check if current folder has backup folder, if yes cd into it, else exit
if [ -d "backup" ]; then
  cd backup
else
    # Bail and remind user to run mysql_secure_installation
    echo "Please run mysql_secure_installation and update /etc/mysql/mariadb.conf.d/50-server.cnf as needed"
  exit
fi

# Step 9: Restore nginx config
echo "Restoring nginx config..."
cd nginx
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak # backup original nginx config
cp -r . /etc/nginx/ # cp all files inside current folder to /etc/nginx/
echo "Nginx config restored."

# Step 10: Move site files to /usr/share/nginx
cd ../
apt install zip unzip -y
unzip sites.zip -d /usr/share/nginx/
find /usr/share/nginx/ -type f -exec chmod 644 {} \; && find /usr/share/nginx/ -type d -exec chmod 755 {} \; && sudo chown -R www-data:www-data /usr/share/nginx/
echo "Site files restored."

# Step 11: Restore MariaDB database
echo "Restoring MariaDB database..."
cd db
# each file inside this folder has .sql extension, so we can use a for loop to iterate through all files and restore them. get database name from filename
for file in *.sql; do
    db_name="${file%.*}"
    mysql -u root -e "CREATE DATABASE $db_name"
    mysql -u root $db_name < $file
done
echo "MariaDB database restored."

# Step 12: Restart nginx
echo "Restarting nginx..."
service nginx restart
echo "Nginx restarted."

# Step 13: Restart php8.2-fpm
echo "Restarting php8.2-fpm..."
service php8.2-fpm restart
echo "php8.2-fpm restarted."

# Final step: Remind user to create user for each database and update wordpress/wp-config.php accordingly
echo "1. Please create user for each database and update wordpress/wp-config.php accordingly."
echo "Example: using mysql shell, run the following commands:"
echo "GRANT ALL PRIVILEGES ON database_name.* TO database_user@localhost IDENTIFIED BY 'user_password';"
echo "2. Please run mysql_secure_installation and update /etc/mysql/mariadb.conf.d/50-server.cnf as needed"