Skip to content

Instantly share code, notes, and snippets.

@lucanos

lucanos/install_lamp.sh

Last active June 1, 2025 07:11
Show Gist options
  • Save lucanos/3c3afc99500b5cee325f1df487404328 to your computer and use it in GitHub Desktop.
Save lucanos/3c3afc99500b5cee325f1df487404328 to your computer and use it in GitHub Desktop.
Download ZIP
Bash Script to Automate LAMP installation on Amazon Linux 2023
Raw
install_lamp.sh
#!/bin/bash
set -e
DOMAIN="$1"
EMAIL="$2"
if [[ -z "$DOMAIN" || -z "$EMAIL" ]]; then
echo "Usage: bash install-lamp.sh <domain> <email>"
exit 1
fi
echo "Installing LAMP and Let's Encrypt SSL for $DOMAIN..."
# Update system
sudo dnf update -y
# Install Apache
sudo dnf install -y httpd mod_ssl
sudo systemctl enable httpd
sudo systemctl start httpd
# Create Apache VirtualHost for domain on port 80
echo "Creating Apache VirtualHost for $DOMAIN..."
sudo mkdir -p /var/www/${DOMAIN}/public_html
echo "<?php phpinfo(); ?>" | sudo tee /var/www/${DOMAIN}/public_html/info.php > /dev/null
sudo chown -R apache:apache /var/www/${DOMAIN}/public_html
cat <<EOF | sudo tee /etc/httpd/conf.d/${DOMAIN}.conf
<VirtualHost *:80>
ServerName ${DOMAIN}
DocumentRoot /var/www/${DOMAIN}/public_html
<Directory /var/www/${DOMAIN}/public_html>
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/httpd/${DOMAIN}_error.log
CustomLog /var/log/httpd/${DOMAIN}_access.log combined
</VirtualHost>
EOF
# Restart Apache to load new config
sudo systemctl restart httpd
# Install MariaDB (MySQL)
sudo dnf install -y mariadb105-server
sudo systemctl enable mariadb
sudo systemctl start mariadb
# Secure MariaDB
echo "Securing MariaDB..."
sudo mysql_secure_installation <<EOF
y
n
y
y
y
y
EOF
# Install PHP and extensions
sudo dnf install -y php php-mysqlnd php-cli php-common php-fpm php-json php-pdo
sudo systemctl restart httpd
# Install Certbot
sudo dnf install -y certbot python3-certbot-apache
# Issue Let's Encrypt SSL Certificate
echo "Issuing SSL certificate for $DOMAIN..."
sudo certbot --apache -d "$DOMAIN" --non-interactive --agree-tos --email "$EMAIL"
# Set permissions
sudo chown -R apache:apache /var/www/${DOMAIN}
sudo chmod -R 755 /var/www/${DOMAIN}
# Ensure cron.d exists and set up auto-renewal
echo "Setting up automatic certificate renewal..."
sudo mkdir -p /etc/cron.d
echo "0 0 * * * root certbot renew --quiet" | sudo tee /etc/cron.d/certbot-renew > /dev/null
# Final Apache restart
sudo systemctl restart httpd
echo "LAMP + SSL setup complete!"
echo "Visit https://$DOMAIN/info.php to verify the PHP installation."
Raw
wp_perms.sh
#!/bin/bash
# Usage:
# ./wordpress-perms.sh <wp_owner> <wp_group> <wp_root> <ws_group>
if [ "$#" -ne 4 ]; then
echo "Usage: $0 <wp_owner> <wp_group> <wp_root> <ws_group>"
exit 1
fi
WP_OWNER="$1"
WP_GROUP="$2"
WP_ROOT="$3"
WS_GROUP="$4"
echo "Setting WordPress file permissions..."
echo "WP_OWNER: $WP_OWNER"
echo "WP_GROUP: $WP_GROUP"
echo "WP_ROOT: $WP_ROOT"
echo "WS_GROUP: $WS_GROUP"
# Reset ownership and basic permissions
find "$WP_ROOT" -exec chown "$WP_OWNER:$WP_GROUP" {} \;
find "$WP_ROOT" -type d -exec chmod 755 {} \;
find "$WP_ROOT" -type f -exec chmod 644 {} \;
# Secure wp-config.php
chgrp "$WS_GROUP" "$WP_ROOT/wp-config.php"
chmod 660 "$WP_ROOT/wp-config.php"
# Secure .htaccess
touch "$WP_ROOT/.htaccess"
chgrp "$WS_GROUP" "$WP_ROOT/.htaccess"
chmod 664 "$WP_ROOT/.htaccess"
# Manage wp-content
find "$WP_ROOT/wp-content" -exec chgrp "$WS_GROUP" {} \;
find "$WP_ROOT/wp-content" -type d -exec chmod 775 {} \;
find "$WP_ROOT/wp-content" -type f -exec chmod 664 {} \;
echo "Permissions successfully set."
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment