Created
March 10, 2010 11:46
-
-
Save dennyhalim/327789 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Easy Website Creation Tool with SuExec and FastCGI, version 0.1.1 | |
| # Made by Kijin Sung ([email protected]) | |
| # Based on http://www.linode.com/forums/viewtopic.php?t=2982 | |
| # With a few of my own modifications. | |
| # Made for Ubuntu 8.04 LTS & Apache 2.2, free to port and modify. | |
| # This script comes with no warranties whatsoever. Use at your own risk. | |
| # If you don't understand what this script does, don't use it | |
| # Notice: This script must always be run as root. | |
| # ---------------- INTRODUCTION ------------------------------------- | |
| # ------------------------------------------------------------------- | |
| # Now run the following commands prior to first use: | |
| # apt-get install apache2 apache2-mpm-worker libapache2-mod-fcgid | |
| # apt-get install php5-cgi webalizer | |
| # echo -e "\ncgi.fix_pathinfo = 1" >> /etc/php5/cgi/php.ini | |
| # a2enmod actions | |
| # a2enmod alias | |
| # a2enmod auth | |
| # a2enmod fcgid | |
| # a2enmod include | |
| # a2enmod mime | |
| # a2enmod rewrite | |
| # a2enmod suexec | |
| # In Ubuntu (and probably also in most other Debian-based distributions), | |
| # these commands will install the necessary packages, as well as making the requisite | |
| # change to php-cgi configuration (which is actually just adding one line at the end). | |
| # It'll also remove mpm-prefork and mod-php. We don't need these with our setup. | |
| # If you get any errors here, fix them before proceeding. | |
| # It is also highly recommended that you edit your ftp server's umask settings, | |
| # so that new directories have 750 permissions and new files have 640 permissions. | |
| # Under the settings used by this script, that is the maximum permissions required | |
| # for the proper operation of most static and dynamic websites. | |
| # If you use ProFTPd, edit /etc/proftpd/proftpd.conf | |
| # and change the line "Umask 022 022" to "Umask 137 027". | |
| # If you use vsftpd, edit /etc/vsftpd.conf | |
| # and set the umask to 027. | |
| # ---------------- USER CONFIGURATION ------------------------------- | |
| # ------------------------------------------------------------------- | |
| # You can set some parameters here. | |
| # Make sure that these parameters fit your needs. | |
| # dirbase is where all the virtual hosts will be created. | |
| # Default value is "/var/www" which is Apache's default document root. | |
| # Whatever you change it to, do NOT add a slash to the end of this variable!!! | |
| # If you change it to something else, e.g. "/home", then you must take extra steps | |
| # to make suexec work with a non-default document root. | |
| # One simple way to do this is to bind /home to /var/www. | |
| dirbase="/var/www" | |
| # dirprefix is a word that will be attached to the front of all directory names. | |
| # By default, this is left blank. It can be changed to something like "vhost_". | |
| dirprefix="" | |
| # dirpattern can be either "username" or "domain". | |
| # If set to "username", directory names will follow user names, e.g. "example". | |
| # If set to "domain", directory names will follow domain names, e.g. "example.com". | |
| dirpattern="username" | |
| # statscript is the location of the script that will automatically generate | |
| # Webalizer reports. This file need not exist, as it will be created at first run. | |
| # Make sure to add this script to root's crontab, by running "crontab -e" and | |
| # adding the following line (which will generate reports at 4:00 AM every day): | |
| # 00 04 * * * /root/ezstats.sh | |
| statscript="/root/ezstats.sh" | |
| # apacheuser is "www-data" by default. | |
| # Most Debian-based distros will follow this pattern, but change it if necessary. | |
| apacheuser="www-data" | |
| # ---------------- COLLECT INFORMATION ------------------------------------ | |
| # ------------------------------------------------------------------------- | |
| echo "+------------------------------------------------------------------+" | |
| echo "| Easy Website Creation Tool with SuExec and FastCGI ver. 0.1.1 |" | |
| echo "+------------------------------------------------------------------+" | |
| echo -n "Enter domain name (without www): " | |
| read domn | |
| echo -n "Enter new user name: " | |
| read usrn | |
| # ---------------- CREATE USER & GROUP ------------------------------------ | |
| # ------------------------------------------------------------------------- | |
| # Add user/group and ask for password. | |
| # If username already exists, exit with error. | |
| # Group is automatically created in Ubuntu, but let's check just in case. | |
| useradd $usrn || exit 1 | |
| passwd $usrn | |
| groupadd -f $usrn | |
| # Add Apache user to the same group. | |
| # This allows Apache to read files with 640 permissions. | |
| usermod -G $usrn -a $apacheuser | |
| # ---------------- CREATE USER DIRECTORY STRUCTURE ------------------------ | |
| # ------------------------------------------------------------------------- | |
| if [ "$dirpattern" == "username" ]; then | |
| dirname="$usrn" | |
| else | |
| dirname="$domn" | |
| fi | |
| dirn="$dirbase/$dirprefix$dirname" | |
| echo "Creating directory structure at $dirn" | |
| mkdir $dirn | |
| mkdir $dirn/cgi-bin | |
| mkdir $dirn/cgi-bin/php5-fcgi-wrapper | |
| mkdir $dirn/conf | |
| mkdir $dirn/lib | |
| mkdir $dirn/logs | |
| mkdir $dirn/public_html | |
| mkdir $dirn/public_html/stats | |
| mkdir $dirn/tmp | |
| # Set user's home directory. | |
| usermod -d $dirn $usrn | |
| # ---------------- CREATE CONFIG FILES ------------------------------------ | |
| # ------------------------------------------------------------------------- | |
| echo "Creating FastCGI configuration files" | |
| # FastCGI wrapper | |
| # This is the script that handles all .php files. | |
| cat > $dirn/cgi-bin/php5-fcgi-wrapper/wrapper <<- _EOF1_ | |
| #!/bin/sh | |
| export PHPRC=$dirn/conf | |
| export PHP_FCGI_CHILDREN=1 | |
| export PHP_FCGI_MAX_REQUESTS=5000 | |
| exec /usr/bin/php5-cgi | |
| _EOF1_ | |
| # User's default php.ini | |
| cat > $dirn/conf/php.ini <<- _EOF2_ | |
| include_path = ".:$dirn/lib" | |
| open_basedir = "$dirn:/tmp" | |
| _EOF2_ | |
| # Apache vhost config file | |
| # I have enabled per vhost server-side includes and indexfiles. | |
| # Per vhost logging is also enabled. (Also see Webalizer stats below) | |
| # Change this if you want to use different options. | |
| cat > /etc/apache2/sites-available/$domn <<- _EOF3_ | |
| <VirtualHost *> | |
| SuexecUserGroup $usrn $usrn | |
| ServerName $domn | |
| ServerAlias www.$domn | |
| DocumentRoot "$dirn/public_html" | |
| ScriptAlias /cgi-bin/ $dirn/cgi-bin/ | |
| <Directory $dirn/public_html> | |
| DirectoryIndex index.php index.shtml index.html index.htm | |
| Options -Indexes +IncludesNoExec | |
| AddType text/html .shtml | |
| AddOutputFilter INCLUDES .shtml | |
| Order allow,deny | |
| Allow from all | |
| </Directory> | |
| CustomLog /var/log/apache2/vhost_access.log combined | |
| CustomLog $dirn/logs/access.log combined | |
| ErrorLog $dirn/logs/error.log | |
| AddHandler php-fcgi .php | |
| Action php-fcgi /fcgi-bin/wrapper | |
| Alias /fcgi-bin/ $dirn/cgi-bin/php5-fcgi-wrapper/ | |
| <Location /fcgi-bin/> | |
| SetHandler fcgid-script | |
| Options +ExecCGI | |
| </Location> | |
| ReWriteEngine On | |
| ReWriteRule ^/fcgi-bin/[^/]*$ / [PT] | |
| </VirtualHost> | |
| _EOF3_ | |
| # Default html placeholder page | |
| cat > $dirn/public_html/index.html <<- _EOF4_ | |
| <html><head><title>New Website</title></head> | |
| <body><font face="Verdana" size="2"><br><center> | |
| This website is under construction.<br> | |
| Please check back later. | |
| </font></body></html> | |
| _EOF4_ | |
| # ---------------- SET OWNERSHIP AND PERMISSION --------------------------- | |
| # ------------------------------------------------------------------------- | |
| # Home directory must be owned by user, of course! | |
| echo "Setting Permissions" | |
| chown -R $usrn:$usrn $dirn | |
| # Log directory must be owned by www-data. | |
| # Otherwise Apache can't write logs to it. | |
| chown www-data:$usrn $dirn/logs | |
| touch $dirn/logs/access.log | |
| touch $dirn/logs/error.log | |
| # Never use permissions greater than 750 for directories | |
| # or greater than 640 for files. This also applies to .php files. | |
| # The only file that needs to be 750 is the FastCGI wrapper. | |
| # The wrapper & php-cgi executes .php files for you, so | |
| # .php files don't need to be executable themselves. | |
| chmod -R 750 $dirn | |
| chmod 640 $dirn/public_html/index.html | |
| chmod 640 $dirn/conf/php.ini | |
| chmod 640 $dirn/logs/* | |
| # ---------------- SETUP WEBALIZER STATS ---------------------------------- | |
| # ------------------------------------------------------------------------- | |
| # The stat script must be owned and executed by root. | |
| # You must add this script to crontab manually. | |
| echo "webalizer -p -n $domn -o $dirn/public_html/stats $dirn/logs/access.log" >> $statscript | |
| chown root $statscript | |
| chmod 700 $statscript | |
| # ---------------- RELOAD APACHE WEBSERVER -------------------------------- | |
| # ------------------------------------------------------------------------- | |
| a2ensite $domn | |
| /etc/init.d/apache2 reload | |
| echo "Done!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment