rbrisita · August 16, 2017 16:22
diff --git a/azure_article_install.sh b/azure_article_install.sh
 #!/usr/bin/env bash
 #
 # Author: Robert Brisita <[first-initial][last name] at gmail dot com>
 #
 # A non-interactive installation script for a Nginx Laravel application using MySQL.
 #
 # Tested on Ubuntu 16.04 LTS

 #####
 # Project details
 # Used in creating project and MySQL schema and credentials.
 # The database credentials mirror the DotEnv file (.env) Laravel uses.
 #####
 PROJECT_NAME=my_project

 DB_SCHEMA=homestead
 DB_USERNAME=homestead
 DB_PASSWORD=secret
 DB_ROOT_PASSWORD=secret


 # Turn off interactive prompt on server installs.
 DF_NI="DEBIAN_FRONTEND=noninteractive"

 #####
 # Update and Upgrade
 #####
 echo -e "\n*****\n* Updating Apt Package List.\n*****\n"
 sudo apt-get update

 echo -e "\n*****\n* Upgrade System Packages.\n*****\n"
 sudo "${DF_NI}" apt-get -y upgrade

 # Add the ability to add Personal Package Archive (PPA) (add-apt-repository) for more current software.
 sudo "${DF_NI}" apt-get -y install software-properties-common


 #####
 # NGINX
 #####
 echo -e "\n*****\n* Install Nginx.\n*****\n"
 sudo "${DF_NI}" apt-get -y install nginx


 #####
 # PHP
 #####
 echo -e "\n*****\n* Install PHP 7.1 and required packages.\n*****\n"
 # Add PPA to get PHP 7.1.
 sudo add-apt-repository -y ppa:ondrej/php
 sudo apt-get update

 # Install PHP
 # fpm - Installed first to satisfy PHP dependency request.
 # curl - This script and Composer needs curl to get some packages.
 # unzip/zip - Allows composer and Laravel to download and extract packages.
 # xml - Manipulate the dom.
 # mbstring - Handle multi-byte strings.
 sudo "${DF_NI}" apt-get -y install unzip php7.1-fpm php7.1 php7.1-curl php7.1-zip php7.1-xml php7.1-mbstring

 # Install Composer
 curl --silent --show-error https://getcomposer.org/installer | php
 sudo mv composer.phar /usr/local/bin/composer


 #####
 # NGINX and PHP
 #####
 # Modify Nginx default server block to use PHP for dynamic processing.
 # Copy file and create a new one.
 NGINX_PATH="/etc/nginx/sites-available/"
 DEFAULT_FILE="default"
 DATE=$(date +%Y-%m-%d:%H:%M:%S)
 sudo cp "${NGINX_PATH}${DEFAULT_FILE}" "${NGINX_PATH}backup_${DEFAULT_FILE}_${DATE}"

 # https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/
 HOST_NAME=$(hostname)
 sudo bash -c "cat > ${NGINX_PATH}${DEFAULT_FILE}" << EOF
 server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name ${HOST_NAME}.eastus.cloudapp.azure.com;

    location / {
 	try_files \$uri \$uri/ /index.php?\$query_string;
    }

    location ~ [^/]\.php(/|$) {
 	# Secure path parsing.
        include snippets/fastcgi-php.conf;

 	# Mitigate https://httpoxy.org/ vulnerabilities.
 	fastcgi_param HTTP_PROXY "";

        fastcgi_pass unix:/run/php/php7.1-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }
 }
 EOF

 echo -e "\n*****\n* Restarting Nginx.\n*****\n"
 sudo systemctl restart nginx


 #####
 # MYSQL
 #####
 # Cleanly get script directory.
 # -f, --canonicalize - Follow every symlink, all but the last component must exist.
 SCRIPT_DIR=$(readlink --canonicalize "${BASH_SOURCE[0]}")
 SCRIPT_DIR=$(dirname "${SCRIPT_DIR}")

 echo -e "\n*****\n* Installing MySQL and PHP driver.\n*****\n"
 sudo "${DF_NI}" apt-get -y install mysql-server php7.1-mysql

 echo -e "\n*****\n* Setting Password Lifetime to forever.\n*****\n"
 MYSQL_CNF=/etc/mysql/mysql.conf.d/mysqld.cnf
 PASSWORD_LIFETIME='default_password_lifetime = 0'

 # Look for the above line in it's own line.
 # -F, --fixed-strings - Interpret patterns as a set of fixed strings.
 # -q, --quiet, --silent - Suppress normal output; search until a match is found.
 # -x, --line-regexp - Only input lines selected against an entire fixed string.
 grep --fixed-strings --silent --line-regexp "${PASSWORD_LIFETIME}" "${MYSQL_CNF}"
 if [ "$?" -eq "0" ]
 then
 	echo -e "\n*****\n* Password Lifetime to forever already set.\n*****\n"
 else
 	# Configure MySQL Password Lifetime to forever.
 sudo bash -c "cat >> ${MYSQL_CNF}" << EOF
 ${PASSWORD_LIFETIME}
 EOF
 fi

 # Securely setup MySQL.
 echo -e "\n*****\n* Securing MySQL.\n*****\n"
 sudo "${SCRIPT_DIR}/./ni-msi.sh" "${DB_ROOT_PASSWORD}"

 # Setup up database the Homestead way and mirror Laravel's .env file.
 echo -e "\n*****\n* Creating user and database schema.\n*****\n"
 sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "CREATE USER IF NOT EXISTS '${DB_USERNAME}'@'0.0.0.0' IDENTIFIED BY '${DB_PASSWORD}';"
 sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "GRANT ALL ON *.* TO '${DB_USERNAME}'@'0.0.0.0' IDENTIFIED BY '${DB_PASSWORD}' WITH GRANT OPTION;"
 sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "GRANT ALL ON *.* TO '${DB_USERNAME}'@'%' IDENTIFIED BY '${DB_PASSWORD}' WITH GRANT OPTION;"
 sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "FLUSH PRIVILEGES;"
 sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "CREATE DATABASE IF NOT EXISTS ${DB_SCHEMA} character set UTF8mb4 collate utf8mb4_bin;"

 echo -e "\n*****\n* Restarting MySQL.\n*****\n"
 sudo systemctl restart mysql


 #####
 # NODEJS
 #####
 echo -e "\n*****\n* Install Node JS.\n*****\n"

 # Add PPA for NodeJS 6.x.
 curl --silent --location https://deb.nodesource.com/setup_6.x | sudo -E bash -

 # Install Node.
 sudo "${DF_NI}" apt-get -y install nodejs


 #####
 # LARAVEL PROJECT SPECIFIC
 # At this point one can inject there own project here.
 # This script creates a new one for simplicity.
 #####
 echo -e "\n*****\n* Creating Laravel Project.\n*****\n"
 composer create-project --prefer-dist laravel/laravel ${PROJECT_NAME}

 PROJECT_PATH="${HOME}/${PROJECT_NAME}"

 # Install PHP project dependencies.
 echo -e "\n*****\n* Install PHP Project Dependencies.\n*****\n"
 composer install --working-dir="${PROJECT_PATH}"

 # Install Node dependencies.
 echo -e "\n*****\n* Install Node Dependencies.\n*****\n"
 npm install --prefix "${PROJECT_PATH}/"

 # Create authentication tables and views.
 # Migrate tables.
 # Using --force to skip production warning
 echo -e "\n*****\n* Create MySQL Tables.\n*****\n"
 sudo php "${PROJECT_PATH}"/artisan make:auth --force
 sudo php "${PROJECT_PATH}"/artisan migrate --force

 # Change access permissions to Laravel's framework and log directories.
 STORAGE_PATH="${PROJECT_PATH}/storage"

 sudo chown -R www-data "${STORAGE_PATH}/framework"
 sudo chgrp -R www-data "${STORAGE_PATH}/framework"
 sudo chmod -R 0775 "${STORAGE_PATH}/framework"

 sudo chown -R www-data "${STORAGE_PATH}/logs"
 sudo chgrp -R www-data "${STORAGE_PATH}/logs"
 sudo chmod -R 0775 "${STORAGE_PATH}/logs"

 # Symlink project's public folder to /var/www/html.
 sudo rm -rf /var/www/html
 sudo ln -s "${HOME}/${PROJECT_NAME}/public" /var/www/html

 # You should see Laravel rendering on port 80.
 echo -e "\n*****\n* Open: http://${HOST_NAME}.eastus.cloudapp.azure.com in a broswer!\n*****\n"
 # EOF
	#!/usr/bin/env bash
	#
	# Author: Robert Brisita <[first-initial][last name] at gmail dot com>
	#
	# A non-interactive installation script for a Nginx Laravel application using MySQL.
	#
	# Tested on Ubuntu 16.04 LTS

	#####
	# Project details
	# Used in creating project and MySQL schema and credentials.
	# The database credentials mirror the DotEnv file (.env) Laravel uses.
	#####
	PROJECT_NAME=my_project

	DB_SCHEMA=homestead
	DB_USERNAME=homestead
	DB_PASSWORD=secret
	DB_ROOT_PASSWORD=secret


	# Turn off interactive prompt on server installs.
	DF_NI="DEBIAN_FRONTEND=noninteractive"

	#####
	# Update and Upgrade
	#####
	echo -e "\n****\n Updating Apt Package List.\n*****\n"
	sudo apt-get update

	echo -e "\n****\n Upgrade System Packages.\n*****\n"
	sudo "${DF_NI}" apt-get -y upgrade

	# Add the ability to add Personal Package Archive (PPA) (add-apt-repository) for more current software.
	sudo "${DF_NI}" apt-get -y install software-properties-common


	#####
	# NGINX
	#####
	echo -e "\n****\n Install Nginx.\n*****\n"
	sudo "${DF_NI}" apt-get -y install nginx


	#####
	# PHP
	#####
	echo -e "\n****\n Install PHP 7.1 and required packages.\n*****\n"
	# Add PPA to get PHP 7.1.
	sudo add-apt-repository -y ppa:ondrej/php
	sudo apt-get update

	# Install PHP
	# fpm - Installed first to satisfy PHP dependency request.
	# curl - This script and Composer needs curl to get some packages.
	# unzip/zip - Allows composer and Laravel to download and extract packages.
	# xml - Manipulate the dom.
	# mbstring - Handle multi-byte strings.
	sudo "${DF_NI}" apt-get -y install unzip php7.1-fpm php7.1 php7.1-curl php7.1-zip php7.1-xml php7.1-mbstring

	# Install Composer
	curl --silent --show-error https://getcomposer.org/installer \| php
	sudo mv composer.phar /usr/local/bin/composer


	#####
	# NGINX and PHP
	#####
	# Modify Nginx default server block to use PHP for dynamic processing.
	# Copy file and create a new one.
	NGINX_PATH="/etc/nginx/sites-available/"
	DEFAULT_FILE="default"
	DATE=$(date +%Y-%m-%d:%H:%M:%S)
	sudo cp "${NGINX_PATH}${DEFAULT_FILE}" "${NGINX_PATH}backup_${DEFAULT_FILE}_${DATE}"

	# https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/
	HOST_NAME=$(hostname)
	sudo bash -c "cat > ${NGINX_PATH}${DEFAULT_FILE}" << EOF
	server {
	listen 80 default_server;
	listen [::]:80 default_server;

	root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;

	server_name ${HOST_NAME}.eastus.cloudapp.azure.com;

	location / {
	try_files \$uri \$uri/ /index.php?\$query_string;
	}

	location ~ [^/]\.php(/\|$) {
	# Secure path parsing.
	include snippets/fastcgi-php.conf;

	# Mitigate https://httpoxy.org/ vulnerabilities.
	fastcgi_param HTTP_PROXY "";

	fastcgi_pass unix:/run/php/php7.1-fpm.sock;
	}

	location ~ /\.ht {
	deny all;
	}
	}
	EOF

	echo -e "\n****\n Restarting Nginx.\n*****\n"
	sudo systemctl restart nginx


	#####
	# MYSQL
	#####
	# Cleanly get script directory.
	# -f, --canonicalize - Follow every symlink, all but the last component must exist.
	SCRIPT_DIR=$(readlink --canonicalize "${BASH_SOURCE[0]}")
	SCRIPT_DIR=$(dirname "${SCRIPT_DIR}")

	echo -e "\n****\n Installing MySQL and PHP driver.\n*****\n"
	sudo "${DF_NI}" apt-get -y install mysql-server php7.1-mysql

	echo -e "\n****\n Setting Password Lifetime to forever.\n*****\n"
	MYSQL_CNF=/etc/mysql/mysql.conf.d/mysqld.cnf
	PASSWORD_LIFETIME='default_password_lifetime = 0'

	# Look for the above line in it's own line.
	# -F, --fixed-strings - Interpret patterns as a set of fixed strings.
	# -q, --quiet, --silent - Suppress normal output; search until a match is found.
	# -x, --line-regexp - Only input lines selected against an entire fixed string.
	grep --fixed-strings --silent --line-regexp "${PASSWORD_LIFETIME}" "${MYSQL_CNF}"
	if [ "$?" -eq "0" ]
	then
	echo -e "\n****\n Password Lifetime to forever already set.\n*****\n"
	else
	# Configure MySQL Password Lifetime to forever.
	sudo bash -c "cat >> ${MYSQL_CNF}" << EOF
	${PASSWORD_LIFETIME}
	EOF
	fi

	# Securely setup MySQL.
	echo -e "\n****\n Securing MySQL.\n*****\n"
	sudo "${SCRIPT_DIR}/./ni-msi.sh" "${DB_ROOT_PASSWORD}"

	# Setup up database the Homestead way and mirror Laravel's .env file.
	echo -e "\n****\n Creating user and database schema.\n*****\n"
	sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "CREATE USER IF NOT EXISTS '${DB_USERNAME}'@'0.0.0.0' IDENTIFIED BY '${DB_PASSWORD}';"
	sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "GRANT ALL ON . TO '${DB_USERNAME}'@'0.0.0.0' IDENTIFIED BY '${DB_PASSWORD}' WITH GRANT OPTION;"
	sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "GRANT ALL ON . TO '${DB_USERNAME}'@'%' IDENTIFIED BY '${DB_PASSWORD}' WITH GRANT OPTION;"
	sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "FLUSH PRIVILEGES;"
	sudo mysql --defaults-extra-file="${SCRIPT_DIR}/mysql_credentials.cnf" -e "CREATE DATABASE IF NOT EXISTS ${DB_SCHEMA} character set UTF8mb4 collate utf8mb4_bin;"

	echo -e "\n****\n Restarting MySQL.\n*****\n"
	sudo systemctl restart mysql


	#####
	# NODEJS
	#####
	echo -e "\n****\n Install Node JS.\n*****\n"

	# Add PPA for NodeJS 6.x.
	curl --silent --location https://deb.nodesource.com/setup_6.x \| sudo -E bash -

	# Install Node.
	sudo "${DF_NI}" apt-get -y install nodejs


	#####
	# LARAVEL PROJECT SPECIFIC
	# At this point one can inject there own project here.
	# This script creates a new one for simplicity.
	#####
	echo -e "\n****\n Creating Laravel Project.\n*****\n"
	composer create-project --prefer-dist laravel/laravel ${PROJECT_NAME}

	PROJECT_PATH="${HOME}/${PROJECT_NAME}"

	# Install PHP project dependencies.
	echo -e "\n****\n Install PHP Project Dependencies.\n*****\n"
	composer install --working-dir="${PROJECT_PATH}"

	# Install Node dependencies.
	echo -e "\n****\n Install Node Dependencies.\n*****\n"
	npm install --prefix "${PROJECT_PATH}/"

	# Create authentication tables and views.
	# Migrate tables.
	# Using --force to skip production warning
	echo -e "\n****\n Create MySQL Tables.\n*****\n"
	sudo php "${PROJECT_PATH}"/artisan make:auth --force
	sudo php "${PROJECT_PATH}"/artisan migrate --force

	# Change access permissions to Laravel's framework and log directories.
	STORAGE_PATH="${PROJECT_PATH}/storage"

	sudo chown -R www-data "${STORAGE_PATH}/framework"
	sudo chgrp -R www-data "${STORAGE_PATH}/framework"
	sudo chmod -R 0775 "${STORAGE_PATH}/framework"

	sudo chown -R www-data "${STORAGE_PATH}/logs"
	sudo chgrp -R www-data "${STORAGE_PATH}/logs"
	sudo chmod -R 0775 "${STORAGE_PATH}/logs"

	# Symlink project's public folder to /var/www/html.
	sudo rm -rf /var/www/html
	sudo ln -s "${HOME}/${PROJECT_NAME}/public" /var/www/html

	# You should see Laravel rendering on port 80.
	echo -e "\n****\n Open: http://${HOST_NAME}.eastus.cloudapp.azure.com in a broswer!\n*****\n"
	# EOF