apt-get install console-cyrillic
dpkg-reconfigure locales
echo "deb http://nginx.org/packages/debian/ $(lsb_release -sc) nginx" >> /etc/apt/sources.list
echo "deb-src http://nginx.org/packages/debian/ $(lsb_release -sc) nginx" >> /etc/apt/sources.list
apt-get update
apt-get install nginx
cd /etc/nginx/conf.d/
cp default.conf <your-host-name>.conf
example of .conf file:
server {
listen 80;
server_name localhost; # or your domain
access_log /var/log/nginx/<your-host-name>.access.log main;
error_log /var/log/nginx/<your-host-name>.error.log;
root /var/www/<your-project-webroot>;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* ".+\.(?:ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|css|swf|js|atom|jpe?g|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$"
{
access_log off;
log_not_found off;
expires max;
}
# pass the PHP scripts to FastCGI server
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# deny access to .htaccess files, if Apache's document root
location ~ /\. {
deny all;
}
}
apt-get install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
apt-get update
apt-get install php7.2
apt-get install php7.2-cli php7.2-common php7.2-curl php7.2-gd php7.2-json php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-readline php7.2-xml php7.2-zip php7.2-soap php7.2-intl php7.2-fpm
Uncomment
;listen.owner = www-data
;listen.group = www-data
;listen.mode = 0660
at /etc/php/7.2/fpm/pool.d/www.conf and set the same user (www-data by default) for nginx
apt-get install git-core
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --filename=composer --install-dir=/usr/bin
rm composer-setup.php
composer global require "hirak/prestissimo"
composer global require "fxp/composer-asset-plugin"
ssh-keygen
cat ~/.ssh/id_rsa.pub -- copy public key and add to git repository
cd /var/
mkdir www && cd $_
chmod -R 755 .
chown -R www-data:www-data .
git clone <remote-of-your-project>
cd <your-project-dir>
rsync -zavP --exclude '*.zip' <your-project-dir>/ [email protected]:/var/www/<your-project-dir>
wget https://repo.percona.com/apt/percona-release_0.1-4.$(lsb_release -sc)_all.deb
dpkg -i percona-release_0.1-4.$(lsb_release -sc)_all.deb
apt-get update
apt-get install percona-server-server-5.5
If you get error with message like this:
"which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by"
It should to add line:
sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
to [mysqld] section in my.cnf.
apt-key adv --keyserver keyserver.ubuntu.com --recv E0C56BD4
echo "deb http://repo.yandex.ru/clickhouse/trusty stable main" | tee /etc/apt/sources.list.d/clickhouse.list
apt-get update
apt-get install clickhouse-server-common clickhouse-client
wget http://sphinxsearch.com/files/sphinxsearch_2.2.11-release-1~jessie_amd64.deb
dpkg -i sphinxsearch_2.2.11-release-1~jessie_amd64.deb
apt-get install libodbc1
apt-get install nodejs
apt-get install npm
npm install -g n
n latest
check version:
node -v
echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list
apt-get update
apt-get install certbot -t jessie-backports
apt-get install python-certbot-nginx
Generate keys:
certbot certonly
Enter path to yours webroot and host.
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
server {
listen 80;
server_name your-host.com www.your-host.com;
return 301 https://your-host.com$request_uri;
}
server {
listen 443 ssl;
server_name your-host.com;
# SSL begin
ssl_certificate_key /etc/letsencrypt/live/your-host.com/privkey.pem;
ssl_certificate /etc/letsencrypt/live/your-host.com/fullchain.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-S$
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
# SSL end
# Other nginx staff
}
Create mysql_dump.sh file:
#!/bin/sh
/usr/bin/mysqldump -u <user> -p<password> <database> --single-transaction | /bin/gzip -c > /var/ftp_root/backups/full_backup_`date +%Y-%m-%d_%H-%M-%S`.sql.gz
chmod 777 /var/ftp_root/backups/full_backup_`date +%Y-%m-%d_%H-%M-%S`.sql.gz
and add it to cron:
0 0 * * * sh /root/mysql_dump.sh
wget -O- https://raw.github.com/ajenti/ajenti/1.x/scripts/install-debian.sh | sh
apt-get install ajenti-v ajenti-v-nginx ajenti-v-mysql ajenti-v-php-fpm ajenti-v-mail ajenti-v-nodejs php5-mysql ajenti-v-ftp-vsftpdIf you have problems try:
apt-get install python-setuptools python-dev build-essential
easy_install -U gevent==1.1b4
Advanced vhost config for WP:
# This order might seem weird - this is attempted to match last if rules below fail.
location / {
try_files $uri $uri/ /index.php?$args;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
Add Erlang Solutions repo:
wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb && sudo dpkg -i erlang-solutions_1.0_all.deb
apt-get update
Install the Erlang/OTP platform and all of its applications:
sudo apt-get install esl-erlang
Install Elixir:
sudo apt-get install elixir
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -
apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-6.x.list
apt-get install elasticsearch
apt-get install default-jre
echo "deb http://ftp.utexas.edu/dotdeb/ stable all" >> /etc/apt/sources.list.d/dotdeb.list
echo "deb-src http://ftp.utexas.edu/dotdeb/ stable all" >> /etc/apt/sources.list.d/dotdeb.list
wget https://www.dotdeb.org/dotdeb.gpg
apt-key add dotdeb.gpg
apt-get update
apt-get install redis-server