s4wny/setup.sh

## setup.sh
sudo apt-get update


##
## Security
##

# Only allow key based logins (BE SURE TO SET UP SSH KEYS BEFORE EXECUTING THIS)
sed -n 'H;${x;s/\#PasswordAuthentication yes/PasswordAuthentication no/;p;}' /etc/ssh/sshd_config > tmp_sshd_config
cat tmp_sshd_config > /etc/ssh/sshd_config
rm tmp_sshd_config
sudo service ssh restart


##
## Bashfile
##

# .bashrc
cd ~
wget -O - https://raw.githubusercontent.com/s4wny/dotfiles/master/.bashrc.server >> .bashrc
source ~/.bashrc


##
## Swap file
##

sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo "/swapfile   none    swap    sw    0   0" >> /etc/fstab


##
## Common programs
##
sudo apt-get install git ruby php5-cli -y

# node + npm
curl -sL https://deb.nodesource.com/setup_4.x | sudo -E bash -
sudo apt-get install -y nodejs

# update npm (for some reason you need to do this twice, see http://askubuntu.com/a/562432)
npm install -g npm
npm install -g npm

# composer (php package manager)
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer

# npm packages
npm install -g grunt gulp


##
## Apache
##

sudo apt-get install apache2 -y
# modrewrite
a2enmod rewrite

# AllowOverrwrite thing


##
## MySQL
##

# Will prompt about a password for the user
sudo apt-get install mysql-server -y

sudo mysql_install_db

# Will prompt about:
# - Change pswd?
# - Remove anon usr?
# - Disallow root login remotely?
# - Remove test db?
# - Reload priv?
sudo mysql_secure_installation


##
## PHP
##
sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt php5-curl php5-mysql -y


##
## Letsencrypt (apache)
##
## Install a certifacte (requires user interaction(!))
## Setup autorenewal
##
## Change example.com to your domain
##
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

/opt/letsencrypt/letsencrypt-auto --apache -d example.com -d www.example.com
# need to test if the following line work:
sudo crontab -e "30 2 * * 1 /opt/letsencrypt/letsencrypt-auto certonly --apache --renew-by-default -d example.com -d www.example.com >> /var/log/le-renew.log"
	sudo apt-get update



	##
	## Security
	##

	# Only allow key based logins (BE SURE TO SET UP SSH KEYS BEFORE EXECUTING THIS)
	sed -n 'H;${x;s/\#PasswordAuthentication yes/PasswordAuthentication no/;p;}' /etc/ssh/sshd_config > tmp_sshd_config
	cat tmp_sshd_config > /etc/ssh/sshd_config
	rm tmp_sshd_config
	sudo service ssh restart



	##
	## Bashfile
	##

	# .bashrc
	cd ~
	wget -O - https://raw.githubusercontent.com/s4wny/dotfiles/master/.bashrc.server >> .bashrc
	source ~/.bashrc



	##
	## Swap file
	##

	sudo fallocate -l 4G /swapfile
	sudo chmod 600 /swapfile
	sudo mkswap /swapfile
	sudo swapon /swapfile
	echo "/swapfile none swap sw 0 0" >> /etc/fstab



	##
	## Common programs
	##
	sudo apt-get install git ruby php5-cli -y

	# node + npm
	curl -sL https://deb.nodesource.com/setup_4.x \| sudo -E bash -
	sudo apt-get install -y nodejs

	# update npm (for some reason you need to do this twice, see http://askubuntu.com/a/562432)
	npm install -g npm
	npm install -g npm

	# composer (php package manager)
	curl -sS https://getcomposer.org/installer \| sudo php -- --install-dir=/usr/local/bin --filename=composer

	# npm packages
	npm install -g grunt gulp



	##
	## Apache
	##

	sudo apt-get install apache2 -y
	# modrewrite
	a2enmod rewrite

	# AllowOverrwrite thing



	##
	## MySQL
	##

	# Will prompt about a password for the user
	sudo apt-get install mysql-server -y

	sudo mysql_install_db

	# Will prompt about:
	# - Change pswd?
	# - Remove anon usr?
	# - Disallow root login remotely?
	# - Remove test db?
	# - Reload priv?
	sudo mysql_secure_installation



	##
	## PHP
	##
	sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt php5-curl php5-mysql -y


	##
	## Letsencrypt (apache)
	##
	## Install a certifacte (requires user interaction(!))
	## Setup autorenewal
	##
	## Change example.com to your domain
	##
	sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

	/opt/letsencrypt/letsencrypt-auto --apache -d example.com -d www.example.com
	# need to test if the following line work:
	sudo crontab -e "30 2 * * 1 /opt/letsencrypt/letsencrypt-auto certonly --apache --renew-by-default -d example.com -d www.example.com >> /var/log/le-renew.log"