Full LEMP & Wordpress installation via nginx

CentOS/Nginx/Install-LEMP-Stack.bash

@@ -105,6 +105,7 @@ log() {
 
 [[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1
 
+
 log "info" "Adding firewall rules for http & https"
 firewall-cmd --permanent --add-service=http
 firewall-cmd --permanent --add-service=https
@@ -139,7 +140,7 @@ log "info" "Updating php.ini located at ${PHP_INI_LOCATION}"
 while read -r line; do
   if [[ "${line}" == cgi.fix_pathinfo=* ]]; then
     # Overwrites cgi.fix_pathinfo by setting it to 1
-    echo "${line//cgi.fix_path_info=*/cgi.fix_pathinfo=1}"
+    echo "${line//*cgi.fix_path_info=*;/cgi.fix_pathinfo=1}"
   else
     echo "${line}"
   fi

CentOS/Nginx/Install-Wordpress.bash

@@ -0,0 +1,271 @@
+#!/bin/bash
+
+set -e
+
+read_sensitive() {
+  # Securely read input into a variable
+  #
+  # Arguments:
+  #   READVARIABLE <type: variable> <position: 1> <required: true>
+  #     - A variable must be passed and the output of this function will be set to that variable
+  #       e.g: read_sensitive MYVAR
+  #
+  # Usage:
+  #  read_sensitive SOMEVAR
+  #
+  # POSIX Compliant:
+  #   Yes
+  #
+
+  stty -echo
+  local INPUT
+  read -r INPUT
+  stty echo
+  printf "\n"
+  eval "${1}=${INPUT}"
+}
+
+echo_rgb() {
+  # Echo a colored string to the terminal based on rgb values
+  #
+  # Positional Arguments:
+  #
+  #   message <type: string> <position: 1> <required: true>
+  #     - The message to be printed to stdout
+  #   red <type: int> <position: 2> <required: true>
+  #     - The red value from 0 to 255
+  #   green <type: int> <position: 3> <required: true>
+  #     - The green value from 0 to 255
+  #   blue <type: int> <position: 4> <required: true>
+  #     - The blue value from 0 to 255
+  #
+  # Usage:
+  #   echo_rgb "Yep" 10 8 30
+  #
+  # POSIX Compliant:
+  #   N/A
+  #
+
+  local red
+  local green
+  local blue
+  local input
+
+  input="${1}"
+  red="${2}"
+  green="${3}"
+  blue="${4}"
+
+  printf "\e[0;38;2;%s;%s;%sm%s\e[m\n" "${red}" "${green}" "${blue}" "${input}"
+}
+
+log() {
+  # Print a message and send it to stdout or stderr depending upon log level, also configurable with debug etc.
+  #
+  # Arguments:
+  #   level <type: string> <position: 1> <required: true>
+  #     - The log level, defined within a case check in this function
+  #   message <type: string> <position: 2> <required: true>
+  #     - The info message
+  #   line_number <type: int> <position: 3> <required: false>
+  #     - The line number of the calling function (${LINNO})
+  #
+  # Usage:
+  #   log "info" "Could not find that directory"
+  #
+  # POSIX Compliant:
+  #   Yes
+  #
+
+  # Set debug status depending if a global debug variable has been set to either 1 or 0
+  local debug
+  if [ ${DEBUG} ]; then
+    debug=${DEBUG}
+  else
+    debug=0
+  fi
+
+  local FORMAT
+  FORMAT="[$(echo_rgb "$(date +%Y-%m-%dT%H:%M:%S)" 180 140 255)]"
+
+  # Convert the level to uppercase
+  local level
+  level=$(echo "${1}" | tr '[:lower:]' '[:upper:]')
+
+  local message
+  message="${2}"
+
+  case "${level}" in
+    INFO)
+      # Output all info log levels to stdout
+      printf "${FORMAT}[$(echo_rgb "INFO" 0 140 255)] %s\n" "${message}" >&1
+      return 0
+      ;;
+    WARN | WARNING)
+      # Output all info log levels to stdout
+      printf "${FORMAT}[$(echo_rgb "WARNING" 255 255 0)] %s\n" "${message}" >&1
+      return 0
+      ;;
+    DEBUG)
+      [[ ${debug} == 0 ]] && return
+      printf "${FORMAT}[$(echo_rgb "DEBUG" 0 160 110)] %s\n" "${message}" >&1
+      return 0
+      ;;
+    ERROR)
+      # Output all error log levels to stderr
+      printf "${FORMAT}[$(echo_rgb "ERROR" 255 0 0)] %s\n" "${message}" >&2
+      return 0
+      ;;
+    # Further log levels can be added by extending this switch statement with more comparisons
+
+    *) # Default case, no matches
+      # Returns non-zero code as an improper log option was passed, this helps with using `set -e`
+      printf "${FORMAT}[ERROR] %s\n" "Invalid log level passed, received level \"${level}\" with message \"${message}\"" >&2
+      return 1
+      ;;
+  esac
+}
+
+[[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1
+
+log "info" "Installing required php extensions"
+sudo dnf install php-fpm php-common php-mysqlnd php-gd php-xml php-mbstring php-xml php-json php-process -y
+log "info" "Finished installing required php extensions"
+
+log "info" "Installing optional php extensions"
+dnf install php-mysqlnd php-dom php-simplexml php-xml php-xmlreader php-curl php-exif php-ftp php-gd php-iconv \
+  php-mbstring php-posix php-sockets php-tokenizer -y
+log "info" "Finished installing optional php extensions"
+
+cd /tmp
+
+server_name="example.20r"
+full_server_name="www.${server_name}"
+
+nginx_server_config=/etc/nginx/conf.d/"${server_name}".conf
+log "info" "Creating config for ${full_server_name} for nginx located at ${nginx_server_config}"
+cat << __EOF__ > "${nginx_server_config}"
+server {
+    listen 80;
+    server_name ${full_server_name};
+    root /var/www/${server_name};
+    index index.php;
+
+    access_log /var/log/nginx/${full_server_name}.access.log;
+    error_log /var/log/nginx/${full_server_name}.error.log;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files \$uri \$uri/ /index.php?\$args;
+    }
+
+    location ~ \.php$ {
+        try_files \$uri =404;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
+        include fastcgi_params;
+    }
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        expires max;
+        log_not_found off;
+    }
+
+}
+__EOF__
+log "info" "Configuration for ${server_name} created at ${nginx_server_config}"
+
+server_sites_dir=/var/www/"${server_name}"/
+
+log "info" "Creating ${server_sites_dir} if it doesn't exist"
+mkdir -p "${server_sites_dir}"
+
+log "info" "Giving nginx:nginx ownership over ${server_sites_dir}"
+chown -R nginx:nginx "${server_sites_dir}"
+
+log "info" "Setting SELinux settings for nginx"
+chcon -t httpd_sys_rw_content_t "${server_sites_dir}" -R
+
+log "info" "Verifying configuration files for nginx"
+nginx -t
+if [ "${?}" != 0 ]; then
+  log "error" "Nginx configuration file check failed, exiting..."
+  exit 1
+fi
+log "info" "Verification of nginx configuration successful"
+
+log "info" "Restarting nginx & php-fpm"
+systemctl restart nginx \
+  && systemctl restart php-fpm \
+    && log "info" "Successfully restarted nginx & php-fpm"
+
+### SSL CONF SHOULD GO HERE
+
+### END SSL CONF
+
+root_password=""
+echo "Enter root's password (necessary for mysql commands):"
+read_sensitive root_password
+
+issue_mysql_command() {
+  mysql --user root --password="${root_password}" --execute "${1}"
+  log "debug" "Issued mysql command: mysql --user root --password=${root_password} --execute ${1}"
+  return "${?}"
+}
+
+log "info" "Creating database for wordpress"
+issue_mysql_command "CREATE DATABASE wordpress;" \
+  && log "info" "Successfully created wordpress database"
+
+log "info" "Creating user admin@localhost with randomly generated password, details saved to ~/\"admin@localhost.wp\" file"
+admin_localhost_password="$(openssl rand -base64 48)"
+cat << __EOF__ > ~/admin@localhost.wp
+Username: admin
+Full User: admin@localhost
+Password: ${admin_localhost_password}
+__EOF__
+issue_mysql_command "CREATE USER 'admin'@'localhost' IDENTIFIED by '${admin_localhost_password}';" \
+  && log "info" "Successfully created user admin@localhost"
+
+log "info" "Granting all privileges on the wordpress database to admin@localhost"
+issue_mysql_command "GRANT ALL PRIVILEGES ON wordpress.* TO 'admin'@'localhost';" \
+  && log "info" "Successfully granted all privileges for wordpress db to admin@localhost"
+
+issue_mysql_command "FLUSH PRIVILEGES;"
+
+log "info" "Downloading the latest wordpress version and installing to ${server_sites_dir}"
+curl https://wordpress.org/latest.tar.gz --output wordpress_latest.tar.gz \
+  && tar -xvf wordpress_latest.tar.gz >/dev/null 2>&1 \
+    && cp -a wordpress/. "${server_sites_dir}" >/dev/null 2>&1 \
+      && cp "${server_sites_dir}"/wp-config-sample.php "${server_sites_dir}"/wp-config.php \
+        && log "info" "Successfully installed wordpress"
+
+wp_config_location="${server_sites_dir}"/wp-config.php
+while read -r line; do
+  if [[ "${line}" == "define( 'DB_NAME',"* ]]; then
+    echo "define( 'DB_NAME', 'wordpress' );"
+  elif [[ "${line}" == "define( 'DB_USER',"* ]]; then
+    echo "define( 'DB_USER', 'admin' );"
+  elif [[ "${line}" == "define( 'DB_HOST'"* ]]; then
+    echo "define( 'DB_HOST', 'localhost' );"
+  elif [[ "${line}" == "define( 'DB_PASSWORD'"* ]]; then
+    echo "define( 'DB_PASSWORD', '${admin_localhost_password}' );"
+  else
+    echo "${line}"
+  fi
+done < "${wp_config_location}" > "wp.temp" && mv "wp.temp" "${wp_config_location}"
+
+systemctl restart php-fpm
+systemctl restart nginx
+
+log "info" "Installation finished!"