opexxx

setup_debian.sh

Jul 8th, 2014
315
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 9.82 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. function check_install {
  4.     if [ -z "`which "$1" 2>/dev/null`" ]
  5.     then
  6.         executable=$1
  7.         shift
  8. while [ -n "$1" ]
  9.         do
  10.             DEBIAN_FRONTEND=noninteractive apt-get -q -y install "$1"
  11.             print_info "$1 installed for $executable"
  12.             shift
  13. done
  14.     else
  15.         print_warn "$2 already installed"
  16.     fi
  17. }
  18.  
  19. function check_remove {
  20.     if [ -n "`which "$1" 2>/dev/null`" ]
  21.     then
  22.         DEBIAN_FRONTEND=noninteractive apt-get -q -y remove --purge "$2"
  23.         print_info "$2 removed"
  24.     else
  25.         print_warn "$2 is not installed"
  26.     fi
  27. }
  28.  
  29. function check_sanity {
  30.     # Do some sanity checking.
  31.     if [ $(/usr/bin/id -u) != "0" ]
  32.     then
  33.         die 'Must be run by root user'
  34.     fi
  35.  
  36.     if [ ! -f /etc/debian_version ]
  37.     then
  38.         die "Distribution is not supported"
  39.     fi
  40. }
  41.  
  42. function die {
  43.     echo "ERROR: $1" > /dev/null 1>&2
  44.     exit 1
  45. }
  46.  
  47. function get_domain_name() {
  48.     # Getting rid of the lowest part.
  49.     domain=${1%.*}
  50.     lowest=`expr "$domain" : '.*\.\([a-z][a-z]*\)'`
  51.     case "$lowest" in
  52.     com|net|org|gov|edu|co)
  53.         domain=${domain%.*}
  54.         ;;
  55.     esac
  56.     lowest=`expr "$domain" : '.*\.\([a-z][a-z]*\)'`
  57.     [ -z "$lowest" ] && echo "$domain" || echo "$lowest"
  58. }
  59.  
  60. function get_password() {
  61.     # Check whether our local salt is present.
  62.     SALT=/var/lib/radom_salt
  63.     if [ ! -f "$SALT" ]
  64.     then
  65.         head -c 512 /dev/urandom > "$SALT"
  66.         chmod 400 "$SALT"
  67.     fi
  68.     password=`(cat "$SALT"; echo $1) | md5sum | base64`
  69.     echo ${password:0:13}
  70. }
  71.  
  72. function install_dash {
  73.     check_install dash dash
  74.     rm -f /bin/sh
  75.     ln -s dash /bin/sh
  76. }
  77.  
  78. function install_dropbear {
  79.     check_install dropbear dropbear
  80.     check_install /usr/sbin/xinetd xinetd
  81.  
  82.     # Disable SSH
  83.     touch /etc/ssh/sshd_not_to_be_run
  84.     invoke-rc.d ssh stop
  85.  
  86.     # Enable dropbear to start. We are going to use xinetd as it is just
  87.     # easier to configure and might be used for other things.
  88.     cat > /etc/xinetd.d/dropbear <<END
  89. service ssh
  90. {
  91. socket_type = stream
  92. only_from = 0.0.0.0
  93. wait = no
  94. user = root
  95. protocol = tcp
  96. server = /usr/sbin/dropbear
  97. server_args = -i
  98. disable = no
  99. }
  100. END
  101.     invoke-rc.d xinetd restart
  102. }
  103.  
  104. function install_exim4 {
  105.     check_install mail exim4
  106.     if [ -f /etc/exim4/update-exim4.conf.conf ]
  107.     then
  108.         sed -i \
  109.             "s/dc_eximconfig_configtype='local'/dc_eximconfig_configtype='internet'/" \
  110.             /etc/exim4/update-exim4.conf.conf
  111.         invoke-rc.d exim4 restart
  112.     fi
  113. }
  114.  
  115. function install_mysql {
  116.     # Install the MySQL packages
  117.     check_install mysqld mysql-server
  118.     check_install mysql mysql-client
  119.  
  120.     # Install a low-end copy of the my.cnf to disable InnoDB, and then delete
  121.     # all the related files.
  122.     invoke-rc.d mysql stop
  123.     rm -f /var/lib/mysql/ib*
  124.     cat > /etc/mysql/conf.d/lowendbox.cnf <<END
  125. [mysqld]
  126. key_buffer = 8M
  127. query_cache_size = 0
  128. skip-innodb
  129. END
  130.     invoke-rc.d mysql start
  131.  
  132.     # Generating a new password for the root user.
  133.     passwd=`get_password root@mysql`
  134.     mysqladmin password "$passwd"
  135.     cat > ~/.my.cnf <<END
  136. [client]
  137. user = root
  138. password = $passwd
  139. END
  140.     chmod 600 ~/.my.cnf
  141. }
  142.  
  143. function install_nginx {
  144.     check_install nginx nginx
  145.    
  146.     # Need to increase the bucket size for Debian 5.
  147.     cat > /etc/nginx/conf.d/lowendbox.conf <<END
  148. server_names_hash_bucket_size 64;
  149. END
  150.  
  151.     invoke-rc.d nginx restart
  152. }
  153.  
  154. function install_php {
  155.     check_install php-cgi php5-cgi php5-cli php5-mysql
  156.     cat > /etc/init.d/php-cgi <<END
  157. #!/bin/bash
  158. ### BEGIN INIT INFO
  159. # Provides: php-cgi
  160. # Required-Start: networking
  161. # Required-Stop: networking
  162. # Default-Start: 2 3 4 5
  163. # Default-Stop: 0 1 6
  164. # Short-Description: Start the PHP FastCGI processes web server.
  165. ### END INIT INFO
  166.  
  167. PATH=/sbin:/bin:/usr/sbin:/usr/bin
  168. NAME="php-cgi"
  169. DESC="php-cgi"
  170. PIDFILE="/var/run/www/php.pid"
  171. FCGIPROGRAM="/usr/bin/php-cgi"
  172. FCGISOCKET="/var/run/www/php.sock"
  173. FCGIUSER="www-data"
  174. FCGIGROUP="www-data"
  175.  
  176. if [ -e /etc/default/php-cgi ]
  177. then
  178.     source /etc/default/php-cgi
  179. fi
  180.  
  181. [ -z "\$PHP_FCGI_CHILDREN" ] && PHP_FCGI_CHILDREN=1
  182. [ -z "\$PHP_FCGI_MAX_REQUESTS" ] && PHP_FCGI_MAX_REQUESTS=5000
  183.  
  184. ALLOWED_ENV="PATH USER PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS"
  185.  
  186. set -e
  187.  
  188. . /lib/lsb/init-functions
  189.  
  190. case "\$1" in
  191. start)
  192.     unset E
  193.     for i in \${ALLOWED_ENV}; do
  194.         E="\${E} \${i}=\${!i}"
  195.     done
  196.     log_daemon_msg "Starting \$DESC" \$NAME
  197.     env - \${E} start-stop-daemon --start -x \$FCGIPROGRAM -p \$PIDFILE \\
  198.         -c \$FCGIUSER:\$FCGIGROUP -b -m -- -b \$FCGISOCKET
  199.     log_end_msg 0
  200.     ;;
  201. stop)
  202.     log_daemon_msg "Stopping \$DESC" \$NAME
  203.     if start-stop-daemon --quiet --stop --oknodo --retry 30 \\
  204.         --pidfile \$PIDFILE --exec \$FCGIPROGRAM
  205.     then
  206.         rm -f \$PIDFILE
  207.         log_end_msg 0
  208.     else
  209.         log_end_msg 1
  210.     fi
  211.     ;;
  212. restart|force-reload)
  213.     \$0 stop
  214.     sleep 1
  215.     \$0 start
  216.     ;;
  217. *)
  218.     echo "Usage: \$0 {start|stop|restart|force-reload}" >&2
  219.     exit 1
  220.     ;;
  221. esac
  222. exit 0
  223. END
  224.     chmod 755 /etc/init.d/php-cgi
  225.     mkdir -p /var/run/www
  226.     chown www-data:www-data /var/run/www
  227.  
  228.     cat > /etc/nginx/fastcgi_php <<END
  229. location ~ \.php$ {
  230. include /etc/nginx/fastcgi_params;
  231.  
  232. fastcgi_index index.php;
  233. fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
  234. if (-f \$request_filename) {
  235. fastcgi_pass unix:/var/run/www/php.sock;
  236. }
  237. }
  238. END
  239.     update-rc.d php-cgi defaults
  240.     invoke-rc.d php-cgi start
  241. }
  242.  
  243. function install_syslogd {
  244.     # We just need a simple vanilla syslogd. Also there is no need to log to
  245.     # so many files (waste of fd). Just dump them into
  246.     # /var/log/(cron/mail/messages)
  247.     check_install /usr/sbin/syslogd inetutils-syslogd
  248.     invoke-rc.d inetutils-syslogd stop
  249.  
  250.     for file in /var/log/*.log /var/log/mail.* /var/log/debug /var/log/syslog
  251.     do
  252.         [ -f "$file" ] && rm -f "$file"
  253.     done
  254.     for dir in fsck news
  255.     do
  256.         [ -d "/var/log/$dir" ] && rm -rf "/var/log/$dir"
  257.     done
  258.  
  259.     cat > /etc/syslog.conf <<END
  260. *.*;mail.none;cron.none -/var/log/messages
  261. cron.* -/var/log/cron
  262. mail.* -/var/log/mail
  263. END
  264.  
  265.     [ -d /etc/logrotate.d ] || mkdir -p /etc/logrotate.d
  266.     cat > /etc/logrotate.d/inetutils-syslogd <<END
  267. /var/log/cron
  268. /var/log/mail
  269. /var/log/messages {
  270. rotate 4
  271. weekly
  272. missingok
  273. notifempty
  274. compress
  275. sharedscripts
  276. postrotate
  277. /etc/init.d/inetutils-syslogd reload >/dev/null
  278. endscript
  279. }
  280. END
  281.  
  282.     invoke-rc.d inetutils-syslogd start
  283. }
  284.  
  285. function install_wordpress {
  286.     check_install wget wget
  287.     if [ -z "$1" ]
  288.     then
  289.         die "Usage: `basename $0` wordpress <hostname>"
  290.     fi
  291.  
  292.     # Downloading the WordPress' latest and greatest distribution.
  293.     mkdir /tmp/wordpress.$$
  294.     wget -O - http://wordpress.org/latest.tar.gz | \
  295.         tar zxf - -C /tmp/wordpress.$$
  296.     mv /tmp/wordpress.$$/wordpress "/var/www/$1"
  297.     rm -rf /tmp/wordpress.$$
  298.     chown root:root -R "/var/www/$1"
  299.  
  300.     # Setting up the MySQL database
  301.     dbname=`echo $1 | tr . _`
  302.     userid=`get_domain_name $1`
  303.     # MySQL userid cannot be more than 15 characters long
  304.     userid="${userid:0:15}"
  305.     passwd=`get_password "$userid@mysql"`
  306.     cp "/var/www/$1/wp-config-sample.php" "/var/www/$1/wp-config.php"
  307.     sed -i "s/database_name_here/$dbname/; s/username_here/$userid/; s/password_here/$passwd/" \
  308.         "/var/www/$1/wp-config.php"
  309.     mysqladmin create "$dbname"
  310.     echo "GRANT ALL PRIVILEGES ON \`$dbname\`.* TO \`$userid\`@localhost IDENTIFIED BY '$passwd';" | \
  311.         mysql
  312.  
  313.     # Setting up Nginx mapping
  314.     cat > "/etc/nginx/sites-enabled/$1.conf" <<END
  315. server {
  316. server_name $1;
  317. root /var/www/$1;
  318. include /etc/nginx/fastcgi_php;
  319. location / {
  320. index index.php;
  321. if (!-e \$request_filename) {
  322. rewrite ^(.*)$ /index.php last;
  323. }
  324. }
  325. }
  326. END
  327.     invoke-rc.d nginx reload
  328. }
  329.  
  330. function print_info {
  331.     echo -n -e '\e[1;36m'
  332.     echo -n $1
  333.     echo -e '\e[0m'
  334. }
  335.  
  336. function print_warn {
  337.     echo -n -e '\e[1;33m'
  338.     echo -n $1
  339.     echo -e '\e[0m'
  340. }
  341.  
  342. function remove_unneeded {
  343.     # Some Debian have portmap installed. We don't need that.
  344.     check_remove /sbin/portmap portmap
  345.  
  346.     # Remove rsyslogd, which allocates ~30MB privvmpages on an OpenVZ system,
  347.     # which might make some low-end VPS inoperatable. We will do this even
  348.     # before running apt-get update.
  349.     check_remove /usr/sbin/rsyslogd rsyslog
  350.  
  351.     # Other packages that seem to be pretty common in standard OpenVZ
  352.     # templates.
  353.     check_remove /usr/sbin/apache2 'apache2*'
  354.     check_remove /usr/sbin/named bind9
  355.     check_remove /usr/sbin/smbd 'samba*'
  356.     check_remove /usr/sbin/nscd nscd
  357.  
  358.     # Need to stop sendmail as removing the package does not seem to stop it.
  359.     if [ -f /usr/lib/sm.bin/smtpd ]
  360.     then
  361.         invoke-rc.d sendmail stop
  362.         check_remove /usr/lib/sm.bin/smtpd 'sendmail*'
  363.     fi
  364. }
  365.  
  366. function update_upgrade {
  367.     # Run through the apt-get update/upgrade first. This should be done before
  368.     # we try to install any package
  369.     apt-get -q -y update
  370.     apt-get -q -y upgrade
  371. }
  372.  
  373. ########################################################################
  374. # START OF PROGRAM
  375. ########################################################################
  376. export PATH=/bin:/usr/bin:/sbin:/usr/sbin
  377.  
  378. check_sanity
  379. case "$1" in
  380. exim4)
  381.     install_exim4
  382.     ;;
  383. mysql)
  384.     install_mysql
  385.     ;;
  386. nginx)
  387.     install_nginx
  388.     ;;
  389. php)
  390.     install_php
  391.     ;;
  392. system)
  393.     remove_unneeded
  394.     update_upgrade
  395.     install_dash
  396.     install_syslogd
  397.     install_dropbear
  398.     ;;
  399. wordpress)
  400.     install_wordpress $2
  401.     ;;
  402. *)
  403.     echo 'Usage:' `basename $0` '[option]'
  404.     echo 'Available option:'
  405.     for option in system exim4 mysql nginx php wordpress
  406.     do
  407.         echo ' -' $option
  408.     done
  409.     ;;
  410. esac
Add Comment
Please, Sign In to add comment