Last active
May 13, 2017 03:40
-
-
Save Setitch/6ee137cab0dd9bdd6f31 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Install ISPConfig3 on Ubuntu 16.04 64Bits | |
| ## Author: Nilton OS blog.linuxpro.com.br | |
| ## Updated: Seti the Dragon - chibi.pl | |
| ## old: http://blog.linuxpro.com.br/posts/instalando-ispconfig3-no-ubuntu-1404.html | |
| ## old: http://www.howtoforge.com/perfect-server-ubuntu-14.04-apache2-php-mysql-pureftpd-bind-dovecot-ispconfig-3-p2 | |
| ## | |
| ## new: https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/ | |
| apt-get update | |
| c_default="\e[37m" | |
| c_green="\e[92m" | |
| c_yellow="\e[33m" | |
| c_red="\e[91m" | |
| c_rred="\[31m" | |
| c_cyan="\e[36m" | |
| c_white="\e[39m" | |
| # 3. Change the Default Shell | |
| echo "Select NO"; | |
| dpkg-reconfigure dash | |
| # 4. Disable AppArmor | |
| service apparmor stop | |
| update-rc.d -f apparmor remove | |
| apt-get remove -y apparmor apparmor-utils | |
| # 5. Synchronize the System Clock | |
| apt-get -y install ntp ntpdate | |
| # 6. Install Postfix, Dovecot, MariaDB, rkhunter and binutils | |
| service sendmail stop; update-rc.d -f sendmail remove | |
| echo "Select INTERNET SITE, and proepr domain address (need dns configured on it)." | |
| apt-get -y install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo | |
| R="1"; | |
| while [ "$R" == "1" ]; | |
| do | |
| echo -en "Should database connection from remote host be active [${c_green}y${c_default}/${c_cyan}n${c_default}]?" | |
| read -p " "; | |
| if [[ $REPLY =~ ^[Yy]$ ]] | |
| then | |
| R="2"; | |
| else | |
| if [[ $REPLY =~ ^[Nn]$ ]] | |
| then | |
| R="0"; | |
| fi | |
| fi | |
| done | |
| if [ "$R" == "2"] | |
| sed -i 's|bind-address|#bind-address|' /etc/mysql/mariadb.conf.d/50-server.cnf | |
| else | |
| sed -i 's|#bind-address|bind-address|' /etc/mysql/mariadb.conf.d/50-server.cnf | |
| fi | |
| echo -en "File ${c_green}changed${c_default}" | |
| cat /etc/mysql/mariadb.conf.d/50-server.cnf | grep bind | |
| echo -n "Adjusting postfix configuration files"; | |
| ## Ajustando o arquivo /etc/postfix/master.cf do Postfix | |
| sed -i 's|#submission|submission|' /etc/postfix/master.cf | |
| sed -i 's|# -o syslog_name=postfix/submission| -o syslog_name=postfix/submission|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_tls_security_level=encrypt| -o smtpd_tls_security_level=encrypt|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf | |
| sed -i 's|#smtps|smtps|' /etc/postfix/master.cf | |
| sed -i 's|# -o syslog_name=postfix/smtps| -o syslog_name=postfix/smtps|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_tls_wrappermode=yes| -o smtpd_tls_wrappermode=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf | |
| service postfix restart | |
| echo -en "IMPORTANT: [empty, Y, <your pass>, <repeat your pass>, Y, Y, Y]! ${c_green}press any key to continue and set password${c_default}" | |
| read -p " "; | |
| mysql_secure_installation | |
| service mysql restart | |
| # 7. Install Amavisd-new, SpamAssassin, and Clamav | |
| apt-get install -y amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey | |
| service spamassassin stop | |
| update-rc.d -f spamassassin remove | |
| sed -i 's|AllowSupplementaryGroups false|AllowSupplementaryGroups true|' /etc/clamav/clamd.conf | |
| freshclam | |
| service clamav-daemon start | |
| # 7.1 Install Metronome XMPP Server (optional) | |
| R="1"; | |
| while [ "$R" == "1" ]; | |
| do | |
| echo -en "Install XMPP Server (Metronome) [${c_green}y${c_default}/${c_cyan}n${c_default}]?" | |
| read -p " "; | |
| if [[ $REPLY =~ ^[Yy]$ ]] | |
| then | |
| R="2"; | |
| else | |
| if [[ $REPLY =~ ^[Nn]$ ]] | |
| then | |
| R="0"; | |
| fi | |
| fi | |
| done | |
| if [ "$R" == "2"] | |
| then | |
| apt-get install -y git lua5.1 liblua5.1-0-dev lua-filesystem libidn11-dev libssl-dev lua-zlib lua-expat lua-event lua-bitop lua-socket lua-sec luarocks luarocks | |
| luarocks install lpc | |
| adduser --no-create-home --disabled-login --gecos 'Metronome' metronome | |
| cd /opt; git clone https://github.com/maranda/metronome.git metronome | |
| cd ./metronome; ./configure --ostype=debian --prefix=/usr | |
| make | |
| make install | |
| fi | |
| apt-get install -y git | |
| # 8. Install Apache, PHP, phpMyAdmin, FCGI, SuExec, Pear, and mcrypt | |
| echo -en "IMPORTANT: Select Apache2, others as you want. ${c_green}press any key to continue and set password${c_default}" | |
| apt-get install -y apache2 apache2-doc apache2-utils libapache2-mod-php php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi libapache2-mod-fcgid apache2-suexec-pristine php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby libapache2-mod-python php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip | |
| R="1"; | |
| while [ "$R" == "1" ]; | |
| do | |
| echo -en "Do you want to install very badly written phpmyadmin [${c_green}y${c_default}/${c_cyan}n${c_default}]?" | |
| read -p " "; | |
| if [[ $REPLY =~ ^[Yy]$ ]] | |
| then | |
| R="2"; | |
| else | |
| if [[ $REPLY =~ ^[Nn]$ ]] | |
| then | |
| R="0"; | |
| fi | |
| fi | |
| done | |
| if [ "$R" == "2"] | |
| then | |
| apt-get install -i phpmyadmin | |
| fi | |
| a2enmod suexec rewrite ssl actions include cgi | |
| a2enmod dav_fs dav auth_digest headers | |
| service apache2 restart | |
| R="1"; | |
| while [ "$R" == "1" ]; | |
| do | |
| echo -en "Activate serving of RubyFiles (.rb) through Apache2 [${c_green}y${c_default}/${c_cyan}n${c_default}]?" | |
| read -p " "; | |
| if [[ $REPLY =~ ^[Yy]$ ]] | |
| then | |
| R="2"; | |
| else | |
| if [[ $REPLY =~ ^[Nn]$ ]] | |
| then | |
| R="0"; | |
| fi | |
| fi | |
| done | |
| if [ "$R" == "2"] | |
| then | |
| sed -i 's|#application/x-ruby|application/x-ruby|' /etc/mime.types | |
| else | |
| sed -i 's|application/x-ruby|#application/x-ruby|' /etc/mime.types | |
| fi | |
| service apache2 restart | |
| sudo apt-get install apache2-suexec-custom | |
| sudo a2enmod suexec | |
| apt-get install php7.0-cgi | |
| # 8.1 PHP Opcode cache | |
| apt-get install -y php7.0-opcache php-apcu | |
| service apache2 restart | |
| # 8.2 PHP-FPM | |
| apt-get install -y libapache2-mod-fcgid php7.0-fpm | |
| a2enmod proxy_fcgi | |
| a2enmod actions fcgid alias | |
| service apache2 restart | |
| # 10.1 Install HHVM (HipHop Virtual Machine) | |
| apt-get install -y hhvm | |
| a2enmod fcgid | |
| # 9. Install Let's Encrypt | |
| cd /opt | |
| git clone https://github.com/letsencrypt/letsencrypt | |
| cd letsencrypt/ | |
| sudo -H ./letsencrypt-auto --help | |
| # 10. Install Mailman | |
| - TODO - never used! | |
| # 11. Install PureFTPd and Quota | |
| apt-get install -y pure-ftpd-common pure-ftpd-mysql quota quotatool | |
| sed -i 's|STANDALONE_OR_INETD=inetd|STANDALONE_OR_INETD=standalone|' /etc/default/pure-ftpd-common | |
| sed -i 's|VIRTUALCHROOT=false|VIRTUALCHROOT=true|' /etc/default/pure-ftpd-common | |
| echo 1 > /etc/pure-ftpd/conf/TLS | |
| mkdir -p /etc/ssl/private/ | |
| echo -en "Creating certificate for FTP - please fill data" | |
| openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem | |
| chmod 600 /etc/ssl/private/pure-ftpd.pem | |
| ## Quota | |
| sed -i "s|errors=remount-ro|errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0|" /etc/fstab | |
| mount -o remount / | |
| quotacheck -avugm | |
| quotaon -avug | |
| # 12. Install BIND DNS Server | |
| apt-get install -y bind9 dnsutils haveged | |
| # 13. Install Vlogger, Webalizer, and AWstats | |
| apt-get install -y vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl | |
| sed -i 's/^/#/' /etc/cron.d/awstats | |
| # 14. Install Jailkit | |
| apt-get install -y build-essential autoconf automake1.11 libtool flex bison debhelper binutils | |
| cd /tmp | |
| wget http://olivier.sessink.nl/jailkit/jailkit-2.19.tar.gz | |
| tar xvfz jailkit-2.19.tar.gz | |
| cd jailkit-2.19 | |
| ./debian/rules binary | |
| cd .. | |
| dpkg -i jailkit_2.19-1_*.deb | |
| rm -rf jailkit-2.19* | |
| # 17. Install ISPConfig 3 | |
| apt-get -y install php7.0-mysqli php7.0-mbstring | |
| cd /tmp | |
| wget -O ispconfig.tar.gz https://git.ispconfig.org/ispconfig/ispconfig3/repository/archive.tar.gz?ref=stable-3.1 | |
| tar xfz ispconfig.tar.gz | |
| cd ispconfig3*/install/ | |
| php -q install.php | |
| apt-get install -y libcurl3-dev php7.0-dev | |
| pecl install oauth | |
| echo "extension=oauth.so" > /etc/php/7.0/mods-available/oauth.ini | |
| phpenmod oauth | |
| rm /etc/apache2/sites-enabled/000-default.vhost | |
| apt-get -y install composer |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Changes to 16.04, some section needs to be rewritten a bit (adding other features).