brendanbbbb · November 16, 2019 13:17
diff --git a/cloudlinux-cpanel.sh b/cloudlinux-cpanel.sh
 #!/bin/bash
 # After installing CloudLinux from ISO we yum update, yum install open-vm-tools, reboot then
 # run this script to install cpanel with a basic config
 # Changes ssh port to 2022
 # Removes some detault software blockers for cpanel to install

 echo "CloudLinux OS customisation for CPANEL"

 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 CWD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 SSH_PORT=2022

 if [ ! -f /etc/redhat-release ]; then
        echo "CentOS not detected, aborting."
        exit 0
 fi

 echo "Detecting CloudLinux..."
 CL=$(grep "CloudLinux" /etc/redhat-release > /dev/null && echo SI || echo NO)
 if [ "$CL" = "NO" ]; then
        echo "CloudLinux not detected, beginning installation..."
        wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy -O $CWD/cldeploy
        CL_INSTALL="$CWD/cldeploy"
        echo ""
        echo "Server is licensed by Key or IP? [key/ip]"
        read CL_LICENCE_MODE
        if echo "$CL_LICENCE_MODE" | grep -iq "^key" ;then
                echo "Key: "
                read CL_LICENCE
                sh "$CL_INSTALL" -k "$CL_LICENCE"
        elif echo "$CL_LICENCE_MODE" | grep -iq "^ip" ;then
                sh "$CL_INSTALL" -i
        fi
        echo ""
        echo ""
        echo "######### Restart to apply new kernel? [y/n] #########"
        read REBOOT
        if echo "$REBOOT" | grep -iq "^y" ;then
                echo "Restart in 15 seconds..."
                sleep 15
                shutdown -rf now
        fi
 else
        echo "CloudLinux kernel detected, reconfigure / configure for the first time? [y/n]"
        read CL_CONFIGURE
 fi

 if echo "$CL_CONFIGURE" | grep -iq "^y" ;then
        echo "Configuring CloudLinux..."
 else
        echo "Aborting …"
        exit 0
 fi

 echo "Updating OS..."
 yum update -y
 yum groupinstall "Base" --skip-broken -y
 yum install screen -y

 # disable selinux
 sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
 sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
 /usr/sbin/setenforce 0

 iptables-save > /root/firewall.rules

 echo "Configuring Network..."
 find /etc/sysconfig/network-scripts/ -name "ifcfg-*" -not -name "ifcfg-lo" | while read ETHCFG
 do
        sed -i '/^NM_CONTROLLED=.*/d' $ETHCFG
        sed -i '/^PEERDNS=.*/d' $ETHCFG
        sed -i '/^DNS1=.*/d' $ETHCFG
        sed -i '/^DNS2=.*/d' $ETHCFG

        echo "PEERDNS=no" >> $ETHCFG
        echo "DNS1=1.1.1.1" >> $ETHCFG
        echo "DNS2=8.8.4.4" >> $ETHCFG

 done

 echo "Rewriting /etc/resolv.conf..."

 echo "nameserver 1.1.1.1" > /etc/resolv.conf # Cloudflare
 echo "nameserver 8.8.4.4" >> /etc/resolv.conf # Google


 echo "Configuring SSH..."
 sed -i 's/^X11Forwarding.*/X11Forwarding no/' /etc/ssh/sshd_config
 sed -i 's/#UseDNS.*/UseDNS no/' /etc/ssh/sshd_config

 echo "Changing SSH portdefault 22 to $SSH_PORT..."
 sed -i "s/^\(#\|\)Port.*/Port $SSH_PORT/" /etc/ssh/sshd_config

 service sshd restart

 # FIREWALL

 # IF YOU HAVE FIREWALLD
 if systemctl is-enabled firewalld | grep "^enabled$" > /dev/null; then
        echo "Removing firewalld as it doesnt work with cpanel ..."
        systemctl stop firewalld
        systemctl disable firewalld
        yum remove firewalld -y
 fi

 # IF YOU HAVE ONLY IPTABLES
 if [ -f /etc/sysconfig/iptables ]; then
        sed -i 's/dport 22 /dport 2022 /' /etc/sysconfig/iptables
        service iptables restart 2>/dev/null
 fi

 echo "Configuring FSCK..."
 grubby --update-kernel=ALL --args=fsck.repair=yes
 grep "fsck.repair" /etc/default/grub > /dev/null || sed 's/^GRUB_CMDLINE_LINUX="/&fsck.repair=yes /' /etc/default/grub

 echo "Configuring Yum-Cron..."
 yum -y install yum-cron
 sed -i 's/^apply_updates.*/apply_updates = yes/' /etc/yum/yum-cron.conf
 systemctl start yum-cron.service

 echo "Synchronizing date with time.cloudflare.com ..."
 ntpdate time.cloudflare.com
 #if [ -f /usr/share/zoneinfo/America/New_York ]; then
 #        echo "Seteando timezone a America/New_York..."
 #        mv /etc/localtime /etc/localtime.old
 #        ln -s /usr/share/zoneinfo/Australia/Sydney /etc/localtime
 #fi

 echo "Installing GIT..."
 yum install git -y

 echo "Installing CRON clean from Journal..."
 echo "30 22 * * * root /usr/bin/journalctl --vacuum-time=1d; /usr/sbin/service systemd-journald restart" > /etc/cron.d/clean_journal
 service crond restart

 echo "Disabling yum-cron..."
 yum erase yum-cron -y

 echo "Disabling NetworkMangaer ..."
 systemctl stop NetworkManager.service
 systemctl disable NetworkManager.service

 yum erase NetworkManager -y

 echo "####### INSTALLING CPANEL #######"
 if [ -f /usr/local/cpanel/cpanel ]; then
        echo "cPanel already detected, not installed, only configured (CTRL + C to cancel)"
        sleep 10
 else
        cd /usr/src/ && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
 fi
 echo "####### END INSTALLING CPANEL #######"
 echo "####### VERIFYING LICENSE #######" 
 ISLICENCED=$(/usr/local/cpanel/cpkeyclt 2>&1 | grep "Update succeeded" > /dev/null && echo OK || echo FAIL)
 if [ "$ISLICENCED" = "FAIL" ]; then
        echo "There is a problem with the license, verify it and then run this script again"
        exit 0
 fi
 echo "####### END VERIFYING LICENSE #######"

 # cpanel stuff

 #echo "Setup CAGEFS ..."
 #yum install cagefs -y
 #cagefsctl --init

 echo "Finalized!"
	#!/bin/bash
	# After installing CloudLinux from ISO we yum update, yum install open-vm-tools, reboot then
	# run this script to install cpanel with a basic config
	# Changes ssh port to 2022
	# Removes some detault software blockers for cpanel to install

	echo "CloudLinux OS customisation for CPANEL"

	PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	CWD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

	SSH_PORT=2022

	if [ ! -f /etc/redhat-release ]; then
	echo "CentOS not detected, aborting."
	exit 0
	fi

	echo "Detecting CloudLinux..."
	CL=$(grep "CloudLinux" /etc/redhat-release > /dev/null && echo SI \|\| echo NO)
	if [ "$CL" = "NO" ]; then
	echo "CloudLinux not detected, beginning installation..."
	wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy -O $CWD/cldeploy
	CL_INSTALL="$CWD/cldeploy"
	echo ""
	echo "Server is licensed by Key or IP? [key/ip]"
	read CL_LICENCE_MODE
	if echo "$CL_LICENCE_MODE" \| grep -iq "^key" ;then
	echo "Key: "
	read CL_LICENCE
	sh "$CL_INSTALL" -k "$CL_LICENCE"
	elif echo "$CL_LICENCE_MODE" \| grep -iq "^ip" ;then
	sh "$CL_INSTALL" -i
	fi
	echo ""
	echo ""
	echo "######### Restart to apply new kernel? [y/n] #########"
	read REBOOT
	if echo "$REBOOT" \| grep -iq "^y" ;then
	echo "Restart in 15 seconds..."
	sleep 15
	shutdown -rf now
	fi
	else
	echo "CloudLinux kernel detected, reconfigure / configure for the first time? [y/n]"
	read CL_CONFIGURE
	fi

	if echo "$CL_CONFIGURE" \| grep -iq "^y" ;then
	echo "Configuring CloudLinux..."
	else
	echo "Aborting …"
	exit 0
	fi

	echo "Updating OS..."
	yum update -y
	yum groupinstall "Base" --skip-broken -y
	yum install screen -y

	# disable selinux
	sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
	sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
	/usr/sbin/setenforce 0

	iptables-save > /root/firewall.rules

	echo "Configuring Network..."
	find /etc/sysconfig/network-scripts/ -name "ifcfg-*" -not -name "ifcfg-lo" \| while read ETHCFG
	do
	sed -i '/^NM_CONTROLLED=.*/d' $ETHCFG
	sed -i '/^PEERDNS=.*/d' $ETHCFG
	sed -i '/^DNS1=.*/d' $ETHCFG
	sed -i '/^DNS2=.*/d' $ETHCFG

	echo "PEERDNS=no" >> $ETHCFG
	echo "DNS1=1.1.1.1" >> $ETHCFG
	echo "DNS2=8.8.4.4" >> $ETHCFG

	done

	echo "Rewriting /etc/resolv.conf..."

	echo "nameserver 1.1.1.1" > /etc/resolv.conf # Cloudflare
	echo "nameserver 8.8.4.4" >> /etc/resolv.conf # Google


	echo "Configuring SSH..."
	sed -i 's/^X11Forwarding.*/X11Forwarding no/' /etc/ssh/sshd_config
	sed -i 's/#UseDNS.*/UseDNS no/' /etc/ssh/sshd_config

	echo "Changing SSH portdefault 22 to $SSH_PORT..."
	sed -i "s/^\(#\\|\)Port.*/Port $SSH_PORT/" /etc/ssh/sshd_config

	service sshd restart

	# FIREWALL

	# IF YOU HAVE FIREWALLD
	if systemctl is-enabled firewalld \| grep "^enabled$" > /dev/null; then
	echo "Removing firewalld as it doesnt work with cpanel ..."
	systemctl stop firewalld
	systemctl disable firewalld
	yum remove firewalld -y
	fi

	# IF YOU HAVE ONLY IPTABLES
	if [ -f /etc/sysconfig/iptables ]; then
	sed -i 's/dport 22 /dport 2022 /' /etc/sysconfig/iptables
	service iptables restart 2>/dev/null
	fi

	echo "Configuring FSCK..."
	grubby --update-kernel=ALL --args=fsck.repair=yes
	grep "fsck.repair" /etc/default/grub > /dev/null \|\| sed 's/^GRUB_CMDLINE_LINUX="/&fsck.repair=yes /' /etc/default/grub

	echo "Configuring Yum-Cron..."
	yum -y install yum-cron
	sed -i 's/^apply_updates.*/apply_updates = yes/' /etc/yum/yum-cron.conf
	systemctl start yum-cron.service

	echo "Synchronizing date with time.cloudflare.com ..."
	ntpdate time.cloudflare.com
	#if [ -f /usr/share/zoneinfo/America/New_York ]; then
	# echo "Seteando timezone a America/New_York..."
	# mv /etc/localtime /etc/localtime.old
	# ln -s /usr/share/zoneinfo/Australia/Sydney /etc/localtime
	#fi

	echo "Installing GIT..."
	yum install git -y

	echo "Installing CRON clean from Journal..."
	echo "30 22 * * * root /usr/bin/journalctl --vacuum-time=1d; /usr/sbin/service systemd-journald restart" > /etc/cron.d/clean_journal
	service crond restart

	echo "Disabling yum-cron..."
	yum erase yum-cron -y

	echo "Disabling NetworkMangaer ..."
	systemctl stop NetworkManager.service
	systemctl disable NetworkManager.service

	yum erase NetworkManager -y

	echo "####### INSTALLING CPANEL #######"
	if [ -f /usr/local/cpanel/cpanel ]; then
	echo "cPanel already detected, not installed, only configured (CTRL + C to cancel)"
	sleep 10
	else
	cd /usr/src/ && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
	fi
	echo "####### END INSTALLING CPANEL #######"
	echo "####### VERIFYING LICENSE #######"
	ISLICENCED=$(/usr/local/cpanel/cpkeyclt 2>&1 \| grep "Update succeeded" > /dev/null && echo OK \|\| echo FAIL)
	if [ "$ISLICENCED" = "FAIL" ]; then
	echo "There is a problem with the license, verify it and then run this script again"
	exit 0
	fi
	echo "####### END VERIFYING LICENSE #######"

	# cpanel stuff

	#echo "Setup CAGEFS ..."
	#yum install cagefs -y
	#cagefsctl --init

	echo "Finalized!"