#!/bin/bash set -e read_sensitive() { # Securely read input into a variable # # Arguments: # READVARIABLE # - A variable must be passed and the output of this function will be set to that variable # e.g: read_sensitive MYVAR # # Usage: # read_sensitive SOMEVAR # # POSIX Compliant: # Yes # stty -echo local INPUT read -r INPUT stty echo printf "\n" eval "${1}=${INPUT}" } echo_rgb() { # Echo a colored string to the terminal based on rgb values # # Positional Arguments: # # message # - The message to be printed to stdout # red # - The red value from 0 to 255 # green # - The green value from 0 to 255 # blue # - The blue value from 0 to 255 # # Usage: # echo_rgb "Yep" 10 8 30 # # POSIX Compliant: # N/A # local red local green local blue local input input="${1}" red="${2}" green="${3}" blue="${4}" printf "\e[0;38;2;%s;%s;%sm%s\e[m\n" "${red}" "${green}" "${blue}" "${input}" } log() { # Print a message and send it to stdout or stderr depending upon log level, also configurable with debug etc. # # Arguments: # level # - The log level, defined within a case check in this function # message # - The info message # line_number # - The line number of the calling function (${LINNO}) # # Usage: # log "info" "Could not find that directory" # # POSIX Compliant: # Yes # # Set debug status depending if a global debug variable has been set to either 1 or 0 local debug if [ ${DEBUG} ]; then debug=${DEBUG} else debug=0 fi local FORMAT FORMAT="[$(echo_rgb "$(date +%Y-%m-%dT%H:%M:%S)" 180 140 255)]" # Convert the level to uppercase local level level=$(echo "${1}" | tr '[:lower:]' '[:upper:]') local message message="${2}" case "${level}" in INFO) # Output all info log levels to stdout printf "${FORMAT}[$(echo_rgb "INFO" 0 140 255)] %s\n" "${message}" >&1 return 0 ;; WARN | WARNING) # Output all info log levels to stdout printf "${FORMAT}[$(echo_rgb "WARNING" 255 255 0)] %s\n" "${message}" >&1 return 0 ;; DEBUG) [[ ${debug} == 0 ]] && return printf "${FORMAT}[$(echo_rgb "DEBUG" 0 160 110)] %s\n" "${message}" >&1 return 0 ;; ERROR) # Output all error log levels to stderr printf "${FORMAT}[$(echo_rgb "ERROR" 255 0 0)] %s\n" "${message}" >&2 return 0 ;; # Further log levels can be added by extending this switch statement with more comparisons *) # Default case, no matches # Returns non-zero code as an improper log option was passed, this helps with using `set -e` printf "${FORMAT}[ERROR] %s\n" "Invalid log level passed, received level \"${level}\" with message \"${message}\"" >&2 return 1 ;; esac } [[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1 log "info" "Installing required php extensions" sudo dnf install php-fpm php-common php-mysqlnd php-gd php-xml php-mbstring php-xml php-json php-process -y log "info" "Finished installing required php extensions" log "info" "Installing optional php extensions" dnf install php-mysqlnd php-dom php-simplexml php-xml php-xmlreader php-curl php-exif php-ftp php-gd php-iconv \ php-mbstring php-posix php-sockets php-tokenizer -y log "info" "Finished installing optional php extensions" log "info" "Installing php 7.4" log "info" "Installing the EPEL repository" dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm log "info" "Installing the REMI repository" dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm log "info" "Adding dnf-utils" dnf -y install dnf-utils log "info" "Initial setup done, installing php7.4" dnf module reset php -y dnf module install php:remi-7.4 dnf update log "info" "PHP 7.4 should be installed, can be verifed with \"php -v\"" cd /tmp server_name="20r.gg" full_server_name="www.${server_name}" nginx_server_config=/etc/nginx/conf.d/"${server_name}".conf log "info" "Creating config for ${full_server_name} for nginx located at ${nginx_server_config}" cat << __EOF__ > "${nginx_server_config}" server { listen 80; server_name ${full_server_name}; root /var/www/${server_name}; index index.php; access_log /var/log/nginx/${full_server_name}.access.log; error_log /var/log/nginx/${full_server_name}.error.log; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location / { try_files \$uri \$uri/ /index.php?\$args; } location ~ \.php$ { try_files \$uri =404; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; include fastcgi_params; } location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { expires max; log_not_found off; } } __EOF__ log "info" "Configuration for ${server_name} created at ${nginx_server_config}" server_sites_dir=/var/www/"${server_name}"/ log "info" "Creating ${server_sites_dir} if it doesn't exist" mkdir -p "${server_sites_dir}" log "info" "Giving nginx:nginx ownership over ${server_sites_dir}" chown -R nginx:nginx "${server_sites_dir}" log "info" "Setting SELinux settings for nginx" chcon -t httpd_sys_rw_content_t "${server_sites_dir}" -R log "info" "Verifying configuration files for nginx" nginx -t if [ "${?}" != 0 ]; then log "error" "Nginx configuration file check failed, exiting..." exit 1 fi log "info" "Verification of nginx configuration successful" log "info" "Restarting nginx & php-fpm" systemctl restart nginx \ && systemctl restart php-fpm \ && log "info" "Successfully restarted nginx & php-fpm" ### SSL CONF SHOULD GO HERE ### END SSL CONF root_password="" echo "Enter root's password (necessary for mysql commands):" read_sensitive root_password issue_mysql_command() { mysql --user root --password="${root_password}" --execute "${1}" log "debug" "Issued mysql command: mysql --user root --password=${root_password} --execute ${1}" return "${?}" } log "info" "Creating database for wordpress" issue_mysql_command "CREATE DATABASE wordpress;" \ && log "info" "Successfully created wordpress database" log "info" "Creating user admin@localhost with randomly generated password, details saved to ~/\"admin@localhost.wp\" file" admin_localhost_password="$(openssl rand -base64 48)" cat << __EOF__ > ~/admin@localhost.wp Username: admin Full User: admin@localhost Password: ${admin_localhost_password} __EOF__ issue_mysql_command "CREATE USER 'admin'@'localhost' IDENTIFIED by '${admin_localhost_password}';" \ && log "info" "Successfully created user admin@localhost" log "info" "Granting all privileges on the wordpress database to admin@localhost" issue_mysql_command "GRANT ALL PRIVILEGES ON wordpress.* TO 'admin'@'localhost';" \ && log "info" "Successfully granted all privileges for wordpress db to admin@localhost" issue_mysql_command "FLUSH PRIVILEGES;" log "info" "Downloading the latest wordpress version and installing to ${server_sites_dir}" curl https://wordpress.org/latest.tar.gz --output wordpress_latest.tar.gz \ && tar -xvf wordpress_latest.tar.gz >/dev/null 2>&1 \ && cp -a wordpress/. "${server_sites_dir}" >/dev/null 2>&1 \ && cp "${server_sites_dir}"/wp-config-sample.php "${server_sites_dir}"/wp-config.php \ && log "info" "Successfully installed wordpress" log "info" "Setting proper permissions for wp-content so plugins etc. can be installed" chmod -R 777 "${server_sites_dir}/wp-content" # can't be fucked to figure out the correct perms :shrug: wp_config_location="${server_sites_dir}"/wp-config.php while read -r line; do if [[ "${line}" == "define( 'DB_NAME',"* ]]; then echo "define( 'DB_NAME', 'wordpress' );" elif [[ "${line}" == "define( 'DB_USER',"* ]]; then echo "define( 'DB_USER', 'admin' );" elif [[ "${line}" == "define( 'DB_HOST'"* ]]; then echo "define( 'DB_HOST', 'localhost' );" elif [[ "${line}" == "define( 'DB_PASSWORD'"* ]]; then echo "define( 'DB_PASSWORD', '${admin_localhost_password}' );" elif [[ "${line}" == *"Add any custom values between this line and"* ]]; then echo "${line}" echo "define('FS_METHOD', 'direct'); // Allow plugins to be installed" else echo "${line}" fi done < "${wp_config_location}" > "wp.temp" && mv "wp.temp" "${wp_config_location}" systemctl restart php-fpm systemctl restart nginx log "info" "Installation finished!"