-
-
Save robertsky/311d2f70cb78793b6a80 to your computer and use it in GitHub Desktop.
Install HHVM, Mariadb, nginx and WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -x | |
unset HISTFILE | |
# This is a beta script. Use at your own risk. | |
# version 0.0.2 | |
echo "This script installs nginx, MariaDB, HHVM and WordPress on a clean Ubuntu trusty server." | |
# Prompts | |
## prompt for user_id | |
echo "Please enter User ID: " | |
read user_id | |
user_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1) | |
## prompt for domain name | |
echo "Please enter Domain Name: " | |
read domain_name | |
# Add keys | |
sudo apt-get update && sudo apt-get upgrade -y | |
#HHVM | |
wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | sudo apt-key add - | |
echo deb http://dl.hhvm.com/ubuntu trusty main | sudo tee /etc/apt/sources.list.d/hhvm.list | |
sudo apt-get install software-properties-common | |
#MariaDB 10.1 | |
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db | |
sudo add-apt-repository 'deb http://sgp1.mirrors.digitalocean.com/mariadb/repo/10.1/ubuntu trusty main' | |
sudo apt-get update | |
# Do server install | |
sudo apt-get install nginx -y | |
sudo apt-get install hhvm -y | |
db_root_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1) | |
sudo debconf-set-selections <<< "mariadb-server-10.1 mysql-server/root_password password $db_root_pass" | |
sudo debconf-set-selections <<< "mariadb-server-10.1 mysql-server/root_password_again password $db_root_pass" | |
sudo apt-get install mariadb-server -y | |
# Configure | |
sudo /usr/share/hhvm/install_fastcgi.sh | |
sudo /etc/init.d/hhvm restart | |
sudo /etc/init.d/nginx restart | |
sudo update-rc.d hhvm defaults | |
sudo /usr/bin/update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60 | |
## Add directories | |
sudo useradd -p $user_pass -G www-data -d /home/$user_id -m $user_id | |
mkdir /home/$user_id/www | |
mkdir /home/$user_id/www/$domain_name | |
chown -R www-data:www-data /home/$user_id/www | |
## Add nginx config files, part 1 | |
cd /etc/nginx/ | |
mkdir global | |
cat << EOF > /etc/nginx/global/wordpress.conf | |
# WordPress single blog rules. | |
# Designed to be included in any server {} block. | |
# This order might seem weird - this is attempted to match last if rules below fail. | |
# http://wiki.nginx.org/HttpCoreModule | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
# Add trailing slash to */wp-admin requests. | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
# Directives to send expires headers and turn off 404 error logging. | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; log_not_found off; expires max; | |
} | |
# Pass all .php files onto a php-fpm/php-fcgi server. | |
include hhvm.conf; | |
EOF | |
cat << EOF > /etc/nginx/global/restrictions.conf | |
# Global restrictions configuration file. | |
# Designed to be included in any server {} block.</p> | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). | |
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) | |
location ~ /\. { | |
deny all; | |
} | |
# Deny access to any files with a .php extension in the uploads directory | |
# Works in sub-directory installs and also in multisite network | |
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) | |
location ~* /(?:uploads|files)/.*\.php$ { | |
deny all; | |
} | |
EOF | |
# Do WordPress install | |
## create a tmp mysql script to create new database and user in mysql server | |
d=${domain_name//[^[:alnum:]]/} | |
db_user=${d,,} | |
db_user_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1) | |
mysql -uroot -p$db_root_pass -e "create schema $db_user;grant all privileges on $db_user.* to $db_user@localhost identified by '$db_user_pass';flush privileges;" | |
cd /home/$user_id | |
wget http://wordpress.org/latest.tar.gz | |
tar -zxvf latest.tar.gz | |
cp -R wordpress/* www/$domain_name | |
cd /home/$user_id/www/$domain_name | |
cp wp-config-sample.php wp-config.php | |
chown -R www-data:www-data * | |
chmod 640 wp-config.php | |
sed -i "s/database_name_here/$db_user/" wp-config.php | |
sed -i "s/username_here/$db_user/" wp-config.php | |
sed -i "s/password_here/$db_user_pass/" wp-config.php | |
for i in {1..8} | |
do sed -i "0,/put your unique phrase here/s/put your unique phrase here/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)/" wp-config.php | |
done | |
## Clean up | |
cd /home/$user_id | |
rm latest.tar.gz | |
rm -rf wordpress | |
# nginx config files part 2 | |
cat << EOF > /etc/nginx/sites-available/$domain_name | |
server { | |
listen 80; | |
listen [::]:80; | |
root /home/$user_id/www/$domain_name; | |
server_name $domain_name www.$domain_name; | |
index index.html index.htm index.php; | |
access_log /var/log/nginx/$domain_name-access.log; | |
error_log /var/log/nginx/$domain_name-error.log; | |
charset utf-8; | |
include global/restrictions.conf; | |
include global/wordpress.conf; | |
# include /home/$user_id/www/$domain_name/nginx.conf; #For nginx rules generated by wt3c plugin | |
} | |
EOF | |
sudo ln -s /etc/nginx/sites-available/$domain_name /etc/nginx/sites-enabled/$domain_name | |
sudo /etc/init.d/nginx restart | |
cd ~ | |
echo 'user_id="'"$user_id"'"' >> logins.file | |
echo 'user_pass="'"$user_pass"'"' >> logins.file | |
echo 'db_root_pass="'"$db_root_pass"'"' >> logins.file | |
echo 'db_user="'"$db_user"'"' >> logins.file | |
echo 'db_user_pass="'"$db_user_pass"'"' >> logins.file |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment