Last active
February 20, 2019 13:45
-
-
Save bekce/f7b8f466de33a94ace151535b45f68f4 to your computer and use it in GitHub Desktop.
My usual list of commands to be applied to a new centos 7 vps
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set -e | |
| yum -y update | |
| # Install Java | |
| cd /opt/ | |
| wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ | |
| "https://download.oracle.com/otn-pub/java/jdk/8u201-b09/42970487e3af4f5aa5bca3f542482c60/jdk-8u201-linux-x64.tar.gz" | |
| tar xzf jdk-8u201-linux-x64.tar.gz | |
| cd jdk1.8.0_201/ | |
| alternatives --install /usr/bin/java java /opt/jdk1.8.0_201/bin/java 2 | |
| alternatives --config java | |
| alternatives --install /usr/bin/jar jar /opt/jdk1.8.0_201/bin/jar 2 | |
| alternatives --install /usr/bin/javac javac /opt/jdk1.8.0_201/bin/javac 2 | |
| alternatives --set jar /opt/jdk1.8.0_201/bin/jar | |
| alternatives --set javac /opt/jdk1.8.0_201/bin/javac | |
| cat>/etc/profile.d/java.sh<<'EOF' | |
| export JAVA_HOME=/opt/jdk1.8.0_201 | |
| export JRE_HOME=/opt/jdk1.8.0_201/jre | |
| export PATH=$PATH:/opt/jdk1.8.0_201/bin:/opt/jdk1.8.0_201/jre/bin | |
| EOF | |
| source /etc/profile.d/java.sh | |
| # Install MongoDB | |
| cat>/etc/yum.repos.d/mongodb-org-4.0.repo<<EOF | |
| [mongodb-org-4.0] | |
| name=MongoDB Repository | |
| baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/ | |
| gpgcheck=1 | |
| enabled=1 | |
| gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc | |
| EOF | |
| yum install -y libcurl openssl mongodb-org | |
| systemctl enable mongod | |
| systemctl start mongod | |
| # Install Docker | |
| yum install -y yum-utils device-mapper-persistent-data lvm2 | |
| yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo | |
| yum install -y docker-ce docker-ce-cli containerd.io | |
| systemctl start docker | |
| systemctl enable docker | |
| docker ps | |
| # Fail2ban | |
| yum install epel-release | |
| yum install fail2ban | |
| cat>/etc/fail2ban/jail.local<<'EOF' | |
| [DEFAULT] | |
| bantime = 3600 | |
| banaction = iptables-multiport | |
| [sshd] | |
| enabled = true | |
| EOF | |
| systemctl enable fail2ban | |
| systemctl restart fail2ban | |
| # nginx | |
| yum install -y nginx | |
| systemctl enable nginx | |
| systemctl start nginx | |
| # sbt | |
| curl https://bintray.com/sbt/rpm/rpm | tee /etc/yum.repos.d/bintray-sbt-rpm.repo | |
| yum -y install sbt | |
| # maven | |
| cd /opt/ | |
| wget http://www-us.apache.org/dist/maven/maven-3/3.5.4/binaries/apache-maven-3.5.4-bin.tar.gz | |
| tar -xf apache-maven-3.5.4-bin.tar.gz | |
| cat>/etc/profile.d/maven.sh<<'EOF' | |
| export M2_HOME=/opt/apache-maven-3.5.4 | |
| export PATH=${M2_HOME}/bin:${PATH} | |
| EOF | |
| source /etc/profile.d/maven.sh | |
| # node | |
| curl -sL https://rpm.nodesource.com/setup_10.x | bash - | |
| yum install -y nodejs | |
| # certbot (via cloudflare dns plugin) | |
| yum install -y python2-certbot-dns-cloudflare | |
| cat>/root/cloudflare.ini<<'EOF' | |
| # Cloudflare API credentials used by Certbot https://certbot-dns-cloudflare.readthedocs.io/en/stable/ | |
| dns_cloudflare_email = my@email | |
| dns_cloudflare_api_key = # get credentials here: https://dash.cloudflare.com/profile | |
| EOF | |
| chmod 600 /root/cloudflare.ini | |
| certbot-2 certonly --dns-cloudflare --dns-cloudflare-credentials /root/cloudflare.ini \ | |
| --dns-cloudflare-propagation-seconds 60 -d "*.my.domain" -d my.domain | |
| export EDITOR="tee" | |
| echo "25 9 * * * PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin /usr/bin/certbot-2 renew --deploy-hook "/usr/bin/systemctl reload nginx" >> /root/certbot-cron.log 2>&1" | crontab -e |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment