diff --git a/CentOS/Install-LEMP-Stack.bash b/CentOS/Nginx/Install-LEMP-Stack.bash similarity index 98% rename from CentOS/Install-LEMP-Stack.bash rename to CentOS/Nginx/Install-LEMP-Stack.bash index 6f9538c..1868cbd 100755 --- a/CentOS/Install-LEMP-Stack.bash +++ b/CentOS/Nginx/Install-LEMP-Stack.bash @@ -105,6 +105,7 @@ log() { [[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1 + log "info" "Adding firewall rules for http & https" firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https @@ -139,7 +140,7 @@ log "info" "Updating php.ini located at ${PHP_INI_LOCATION}" while read -r line; do if [[ "${line}" == cgi.fix_pathinfo=* ]]; then # Overwrites cgi.fix_pathinfo by setting it to 1 - echo "${line//cgi.fix_path_info=*/cgi.fix_pathinfo=1}" + echo "${line//*cgi.fix_path_info=*;/cgi.fix_pathinfo=1}" else echo "${line}" fi diff --git a/CentOS/Nginx/Install-Wordpress.bash b/CentOS/Nginx/Install-Wordpress.bash new file mode 100644 index 0000000..338ccd6 --- /dev/null +++ b/CentOS/Nginx/Install-Wordpress.bash @@ -0,0 +1,271 @@ +#!/bin/bash + +set -e + +read_sensitive() { + # Securely read input into a variable + # + # Arguments: + # READVARIABLE + # - A variable must be passed and the output of this function will be set to that variable + # e.g: read_sensitive MYVAR + # + # Usage: + # read_sensitive SOMEVAR + # + # POSIX Compliant: + # Yes + # + + stty -echo + local INPUT + read -r INPUT + stty echo + printf "\n" + eval "${1}=${INPUT}" +} + +echo_rgb() { + # Echo a colored string to the terminal based on rgb values + # + # Positional Arguments: + # + # message + # - The message to be printed to stdout + # red + # - The red value from 0 to 255 + # green + # - The green value from 0 to 255 + # blue + # - The blue value from 0 to 255 + # + # Usage: + # echo_rgb "Yep" 10 8 30 + # + # POSIX Compliant: + # N/A + # + + local red + local green + local blue + local input + + input="${1}" + red="${2}" + green="${3}" + blue="${4}" + + printf "\e[0;38;2;%s;%s;%sm%s\e[m\n" "${red}" "${green}" "${blue}" "${input}" +} + +log() { + # Print a message and send it to stdout or stderr depending upon log level, also configurable with debug etc. + # + # Arguments: + # level + # - The log level, defined within a case check in this function + # message + # - The info message + # line_number + # - The line number of the calling function (${LINNO}) + # + # Usage: + # log "info" "Could not find that directory" + # + # POSIX Compliant: + # Yes + # + + # Set debug status depending if a global debug variable has been set to either 1 or 0 + local debug + if [ ${DEBUG} ]; then + debug=${DEBUG} + else + debug=0 + fi + + local FORMAT + FORMAT="[$(echo_rgb "$(date +%Y-%m-%dT%H:%M:%S)" 180 140 255)]" + + # Convert the level to uppercase + local level + level=$(echo "${1}" | tr '[:lower:]' '[:upper:]') + + local message + message="${2}" + + case "${level}" in + INFO) + # Output all info log levels to stdout + printf "${FORMAT}[$(echo_rgb "INFO" 0 140 255)] %s\n" "${message}" >&1 + return 0 + ;; + WARN | WARNING) + # Output all info log levels to stdout + printf "${FORMAT}[$(echo_rgb "WARNING" 255 255 0)] %s\n" "${message}" >&1 + return 0 + ;; + DEBUG) + [[ ${debug} == 0 ]] && return + printf "${FORMAT}[$(echo_rgb "DEBUG" 0 160 110)] %s\n" "${message}" >&1 + return 0 + ;; + ERROR) + # Output all error log levels to stderr + printf "${FORMAT}[$(echo_rgb "ERROR" 255 0 0)] %s\n" "${message}" >&2 + return 0 + ;; + # Further log levels can be added by extending this switch statement with more comparisons + + *) # Default case, no matches + # Returns non-zero code as an improper log option was passed, this helps with using `set -e` + printf "${FORMAT}[ERROR] %s\n" "Invalid log level passed, received level \"${level}\" with message \"${message}\"" >&2 + return 1 + ;; + esac +} + +[[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1 + +log "info" "Installing required php extensions" +sudo dnf install php-fpm php-common php-mysqlnd php-gd php-xml php-mbstring php-xml php-json php-process -y +log "info" "Finished installing required php extensions" + +log "info" "Installing optional php extensions" +dnf install php-mysqlnd php-dom php-simplexml php-xml php-xmlreader php-curl php-exif php-ftp php-gd php-iconv \ + php-mbstring php-posix php-sockets php-tokenizer -y +log "info" "Finished installing optional php extensions" + +cd /tmp + +server_name="example.20r" +full_server_name="www.${server_name}" + +nginx_server_config=/etc/nginx/conf.d/"${server_name}".conf +log "info" "Creating config for ${full_server_name} for nginx located at ${nginx_server_config}" +cat << __EOF__ > "${nginx_server_config}" +server { + listen 80; + server_name ${full_server_name}; + root /var/www/${server_name}; + index index.php; + + access_log /var/log/nginx/${full_server_name}.access.log; + error_log /var/log/nginx/${full_server_name}.error.log; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files \$uri \$uri/ /index.php?\$args; + } + + location ~ \.php$ { + try_files \$uri =404; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; + include fastcgi_params; + } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + expires max; + log_not_found off; + } + +} +__EOF__ +log "info" "Configuration for ${server_name} created at ${nginx_server_config}" + +server_sites_dir=/var/www/"${server_name}"/ + +log "info" "Creating ${server_sites_dir} if it doesn't exist" +mkdir -p "${server_sites_dir}" + +log "info" "Giving nginx:nginx ownership over ${server_sites_dir}" +chown -R nginx:nginx "${server_sites_dir}" + +log "info" "Setting SELinux settings for nginx" +chcon -t httpd_sys_rw_content_t "${server_sites_dir}" -R + +log "info" "Verifying configuration files for nginx" +nginx -t +if [ "${?}" != 0 ]; then + log "error" "Nginx configuration file check failed, exiting..." + exit 1 +fi +log "info" "Verification of nginx configuration successful" + +log "info" "Restarting nginx & php-fpm" +systemctl restart nginx \ + && systemctl restart php-fpm \ + && log "info" "Successfully restarted nginx & php-fpm" + +### SSL CONF SHOULD GO HERE + +### END SSL CONF + +root_password="" +echo "Enter root's password (necessary for mysql commands):" +read_sensitive root_password + +issue_mysql_command() { + mysql --user root --password="${root_password}" --execute "${1}" + log "debug" "Issued mysql command: mysql --user root --password=${root_password} --execute ${1}" + return "${?}" +} + +log "info" "Creating database for wordpress" +issue_mysql_command "CREATE DATABASE wordpress;" \ + && log "info" "Successfully created wordpress database" + +log "info" "Creating user admin@localhost with randomly generated password, details saved to ~/\"admin@localhost.wp\" file" +admin_localhost_password="$(openssl rand -base64 48)" +cat << __EOF__ > ~/admin@localhost.wp +Username: admin +Full User: admin@localhost +Password: ${admin_localhost_password} +__EOF__ +issue_mysql_command "CREATE USER 'admin'@'localhost' IDENTIFIED by '${admin_localhost_password}';" \ + && log "info" "Successfully created user admin@localhost" + +log "info" "Granting all privileges on the wordpress database to admin@localhost" +issue_mysql_command "GRANT ALL PRIVILEGES ON wordpress.* TO 'admin'@'localhost';" \ + && log "info" "Successfully granted all privileges for wordpress db to admin@localhost" + +issue_mysql_command "FLUSH PRIVILEGES;" + +log "info" "Downloading the latest wordpress version and installing to ${server_sites_dir}" +curl https://wordpress.org/latest.tar.gz --output wordpress_latest.tar.gz \ + && tar -xvf wordpress_latest.tar.gz >/dev/null 2>&1 \ + && cp -a wordpress/. "${server_sites_dir}" >/dev/null 2>&1 \ + && cp "${server_sites_dir}"/wp-config-sample.php "${server_sites_dir}"/wp-config.php \ + && log "info" "Successfully installed wordpress" + +wp_config_location="${server_sites_dir}"/wp-config.php +while read -r line; do + if [[ "${line}" == "define( 'DB_NAME',"* ]]; then + echo "define( 'DB_NAME', 'wordpress' );" + elif [[ "${line}" == "define( 'DB_USER',"* ]]; then + echo "define( 'DB_USER', 'admin' );" + elif [[ "${line}" == "define( 'DB_HOST'"* ]]; then + echo "define( 'DB_HOST', 'localhost' );" + elif [[ "${line}" == "define( 'DB_PASSWORD'"* ]]; then + echo "define( 'DB_PASSWORD', '${admin_localhost_password}' );" + else + echo "${line}" + fi +done < "${wp_config_location}" > "wp.temp" && mv "wp.temp" "${wp_config_location}" + +systemctl restart php-fpm +systemctl restart nginx + +log "info" "Installation finished!" \ No newline at end of file