Skip to content

Instantly share code, notes, and snippets.


robertsky/ Secret

Last active Aug 29, 2015
What would you like to do?
Install HHVM, Mariadb, nginx and WordPress
#!/bin/bash -x
# This is a beta script. Use at your own risk.
# version 0.0.2
echo "This script installs nginx, MariaDB, HHVM and WordPress on a clean Ubuntu trusty server."
# Prompts
## prompt for user_id
echo "Please enter User ID: "
read user_id
user_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1)
## prompt for domain name
echo "Please enter Domain Name: "
read domain_name
# Add keys
sudo apt-get update && sudo apt-get upgrade -y
wget -O - | sudo apt-key add -
echo deb trusty main | sudo tee /etc/apt/sources.list.d/hhvm.list
sudo apt-get install software-properties-common
#MariaDB 10.1
sudo apt-key adv --recv-keys --keyserver hkp:// 0xcbcb082a1bb943db
sudo add-apt-repository 'deb trusty main'
sudo apt-get update
# Do server install
sudo apt-get install nginx -y
sudo apt-get install hhvm -y
db_root_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1)
sudo debconf-set-selections <<< "mariadb-server-10.1 mysql-server/root_password password $db_root_pass"
sudo debconf-set-selections <<< "mariadb-server-10.1 mysql-server/root_password_again password $db_root_pass"
sudo apt-get install mariadb-server -y
# Configure
sudo /usr/share/hhvm/
sudo /etc/init.d/hhvm restart
sudo /etc/init.d/nginx restart
sudo update-rc.d hhvm defaults
sudo /usr/bin/update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60
## Add directories
sudo useradd -p $user_pass -G www-data -d /home/$user_id -m $user_id
mkdir /home/$user_id/www
mkdir /home/$user_id/www/$domain_name
chown -R www-data:www-data /home/$user_id/www
## Add nginx config files, part 1
cd /etc/nginx/
mkdir global
cat << EOF > /etc/nginx/global/wordpress.conf
# WordPress single blog rules.
# Designed to be included in any server {} block.
# This order might seem weird - this is attempted to match last if rules below fail.
location / {
try_files $uri $uri/ /index.php?$args;
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
# Pass all .php files onto a php-fpm/php-fcgi server.
include hhvm.conf;
cat << EOF > /etc/nginx/global/restrictions.conf
# Global restrictions configuration file.
# Designed to be included in any server {} block.</p>
location = /favicon.ico {
log_not_found off;
access_log off;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
# Do WordPress install
## create a tmp mysql script to create new database and user in mysql server
db_user_pass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12 | head -n 1)
mysql -uroot -p$db_root_pass -e "create schema $db_user;grant all privileges on $db_user.* to $db_user@localhost identified by '$db_user_pass';flush privileges;"
cd /home/$user_id
tar -zxvf latest.tar.gz
cp -R wordpress/* www/$domain_name
cd /home/$user_id/www/$domain_name
cp wp-config-sample.php wp-config.php
chown -R www-data:www-data *
chmod 640 wp-config.php
sed -i "s/database_name_here/$db_user/" wp-config.php
sed -i "s/username_here/$db_user/" wp-config.php
sed -i "s/password_here/$db_user_pass/" wp-config.php
for i in {1..8}
do sed -i "0,/put your unique phrase here/s/put your unique phrase here/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)/" wp-config.php
## Clean up
cd /home/$user_id
rm latest.tar.gz
rm -rf wordpress
# nginx config files part 2
cat << EOF > /etc/nginx/sites-available/$domain_name
server {
listen 80;
listen [::]:80;
root /home/$user_id/www/$domain_name;
server_name $domain_name www.$domain_name;
index index.html index.htm index.php;
access_log /var/log/nginx/$domain_name-access.log;
error_log /var/log/nginx/$domain_name-error.log;
charset utf-8;
include global/restrictions.conf;
include global/wordpress.conf;
# include /home/$user_id/www/$domain_name/nginx.conf; #For nginx rules generated by wt3c plugin
sudo ln -s /etc/nginx/sites-available/$domain_name /etc/nginx/sites-enabled/$domain_name
sudo /etc/init.d/nginx restart
cd ~
echo 'user_id="'"$user_id"'"' >> logins.file
echo 'user_pass="'"$user_pass"'"' >> logins.file
echo 'db_root_pass="'"$db_root_pass"'"' >> logins.file
echo 'db_user="'"$db_user"'"' >> logins.file
echo 'db_user_pass="'"$db_user_pass"'"' >> logins.file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.