Last active
April 11, 2019 00:54
-
-
Save MaxLazar/bee3efcbd878f3bddfc0f02cfdbb4b6d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!env bash | |
| # Nginx-Craft virtual host configuration file | |
| # @author MaxLazar | |
| # @copyright Copyright (c) 2018 | |
| # @link https://maxlazar.com/ | |
| # @package server-install-lemp | |
| # @since 1.0.0 | |
| # @license MIT | |
| # sudo sh install_server.sh | |
| # https://linuxize.com/post/how-to-add-swap-space-on-centos-7/ | |
| # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-enabling_and_disabling_selinux-disabling_selinux | |
| installCNMP(){ | |
| if [[ -e /etc/redhat-release ]]; then | |
| RELEASE_RPM=$(rpm -qf /etc/centos-release) | |
| RELEASE=$(rpm -q --qf '%{VERSION}' ${RELEASE_RPM}) | |
| if [ ${RELEASE} != "7" ]; then | |
| echo "Not CentOS release 7." | |
| exit 1 | |
| fi | |
| else | |
| echo "Not CentOS system." | |
| exit 1 | |
| fi | |
| rpm -q --qf '%{VERSION}' centos-release-7-5.1804.5.el7.centos.x86_64 | |
| echo Installing delta-rpm... | |
| yum install -y deltarpm > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Installing epel repositories... | |
| yum -y install epel-release > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 > /dev/null | |
| echo Installing webtatic repositories... | |
| rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm > /dev/null | |
| echo Remove Apache... | |
| yum -y remove httpd > /dev/null | |
| echo Installing ius repositories... | |
| curl -sS https://setup.ius.io/ | bash > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| rpm --import /etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY > /dev/null | |
| echo Installing MariaDB official repositories... | |
| cat > /etc/yum.repos.d/MariaDB.repo <<EOF | |
| [mariadb] | |
| name=MariaDB | |
| baseurl=http://yum.mariadb.org/10.3/centos7-amd64 | |
| gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB | |
| gpgcheck=1 | |
| EOF | |
| echo Installing support libs... | |
| yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel pcre-devel openssl openssl-devel gperftools-devel GeoIP-devel gd-devel libxml2-devel libxslt-devel > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| yum -y install mariadb-server nginx php72w-fpm php72w-opcache php72w php72w-cli php72w-bcmath php72w-common php72w-mbstring php72w-pdo_dblib php72w-pdo php72w-xml php72w-pecl-imagick php72w-intl php72w-gd php72w-soap php72w-mysqlnd php72w-pdo php72w-json ntp certbot yum-cron wget git firewalld certbot | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Setup TimeZone to East Cost... | |
| timedatectl set-timezone America/New_York | |
| echo Setup yum-cron... | |
| sed -i 's/update_cmd =.*/update_cmd = security/' /etc/yum/yum-cron.conf | |
| sed -i 's/apply_updates =.*/apply_updates = yes/' /etc/yum/yum-cron.conf | |
| echo Enabling services... | |
| systemctl enable nginx > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl enable mariadb > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl enable php-fpm > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl enable ntpd > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl enable yum-cron > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl enable firewalld > /dev/null | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Starting services... | |
| systemctl start nginx | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl start mariadb | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl start php-fpm | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl start ntpd | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl start yum-cron | |
| if [ $? != 0 ]; then exit 1; fi | |
| systemctl start firewalld | |
| if [ $? != 0 ]; then exit 1; fi | |
| echo Open ports... | |
| firewall-cmd --permanent --add-service=ssh | |
| firewall-cmd --permanent --add-service=http | |
| firewall-cmd --permanent --add-service=https | |
| firewall-cmd --zone=dmz --add-service=smtp --permanent | |
| firewall-cmd --zone=dmz --add-service=smtps --permanent | |
| firewall-cmd --reload | |
| echo Create a dhparam.pem ... | |
| openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 | |
| echo Enabling Lets Encrypt... | |
| yum -y install certbot python-certbot-nginx | |
| wget -O /etc/nginx/ssl/lets-encrypt-x3-cross-signed.pem "https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem" | |
| echo Create folders... | |
| mkdir /etc/nginx/{sites-available,sites-enabled} | |
| if [ -z "$1" ] | |
| then | |
| echo "No domains to create" | |
| else | |
| mkdir -p /var/www/$1/web/ | |
| fi | |
| echo Install composer... | |
| cd /tmp | |
| curl -sS https://getcomposer.org/installer | php | |
| mv composer.phar /usr/local/bin/composer | |
| echo Done~ | |
| } | |
| installCNMP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment