287 lines
8.9 KiB
Bash
287 lines
8.9 KiB
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
read_sensitive() {
|
|
# Securely read input into a variable
|
|
#
|
|
# Arguments:
|
|
# READVARIABLE <type: variable> <position: 1> <required: true>
|
|
# - A variable must be passed and the output of this function will be set to that variable
|
|
# e.g: read_sensitive MYVAR
|
|
#
|
|
# Usage:
|
|
# read_sensitive SOMEVAR
|
|
#
|
|
# POSIX Compliant:
|
|
# Yes
|
|
#
|
|
|
|
stty -echo
|
|
local INPUT
|
|
read -r INPUT
|
|
stty echo
|
|
printf "\n"
|
|
eval "${1}=${INPUT}"
|
|
}
|
|
|
|
echo_rgb() {
|
|
# Echo a colored string to the terminal based on rgb values
|
|
#
|
|
# Positional Arguments:
|
|
#
|
|
# message <type: string> <position: 1> <required: true>
|
|
# - The message to be printed to stdout
|
|
# red <type: int> <position: 2> <required: true>
|
|
# - The red value from 0 to 255
|
|
# green <type: int> <position: 3> <required: true>
|
|
# - The green value from 0 to 255
|
|
# blue <type: int> <position: 4> <required: true>
|
|
# - The blue value from 0 to 255
|
|
#
|
|
# Usage:
|
|
# echo_rgb "Yep" 10 8 30
|
|
#
|
|
# POSIX Compliant:
|
|
# N/A
|
|
#
|
|
|
|
local red
|
|
local green
|
|
local blue
|
|
local input
|
|
|
|
input="${1}"
|
|
red="${2}"
|
|
green="${3}"
|
|
blue="${4}"
|
|
|
|
printf "\e[0;38;2;%s;%s;%sm%s\e[m\n" "${red}" "${green}" "${blue}" "${input}"
|
|
}
|
|
|
|
log() {
|
|
# Print a message and send it to stdout or stderr depending upon log level, also configurable with debug etc.
|
|
#
|
|
# Arguments:
|
|
# level <type: string> <position: 1> <required: true>
|
|
# - The log level, defined within a case check in this function
|
|
# message <type: string> <position: 2> <required: true>
|
|
# - The info message
|
|
# line_number <type: int> <position: 3> <required: false>
|
|
# - The line number of the calling function (${LINNO})
|
|
#
|
|
# Usage:
|
|
# log "info" "Could not find that directory"
|
|
#
|
|
# POSIX Compliant:
|
|
# Yes
|
|
#
|
|
|
|
# Set debug status depending if a global debug variable has been set to either 1 or 0
|
|
local debug
|
|
if [ ${DEBUG} ]; then
|
|
debug=${DEBUG}
|
|
else
|
|
debug=0
|
|
fi
|
|
|
|
local FORMAT
|
|
FORMAT="[$(echo_rgb "$(date +%Y-%m-%dT%H:%M:%S)" 180 140 255)]"
|
|
|
|
# Convert the level to uppercase
|
|
local level
|
|
level=$(echo "${1}" | tr '[:lower:]' '[:upper:]')
|
|
|
|
local message
|
|
message="${2}"
|
|
|
|
case "${level}" in
|
|
INFO)
|
|
# Output all info log levels to stdout
|
|
printf "${FORMAT}[$(echo_rgb "INFO" 0 140 255)] %s\n" "${message}" >&1
|
|
return 0
|
|
;;
|
|
WARN | WARNING)
|
|
# Output all info log levels to stdout
|
|
printf "${FORMAT}[$(echo_rgb "WARNING" 255 255 0)] %s\n" "${message}" >&1
|
|
return 0
|
|
;;
|
|
DEBUG)
|
|
[[ ${debug} == 0 ]] && return
|
|
printf "${FORMAT}[$(echo_rgb "DEBUG" 0 160 110)] %s\n" "${message}" >&1
|
|
return 0
|
|
;;
|
|
ERROR)
|
|
# Output all error log levels to stderr
|
|
printf "${FORMAT}[$(echo_rgb "ERROR" 255 0 0)] %s\n" "${message}" >&2
|
|
return 0
|
|
;;
|
|
# Further log levels can be added by extending this switch statement with more comparisons
|
|
|
|
*) # Default case, no matches
|
|
# Returns non-zero code as an improper log option was passed, this helps with using `set -e`
|
|
printf "${FORMAT}[ERROR] %s\n" "Invalid log level passed, received level \"${level}\" with message \"${message}\"" >&2
|
|
return 1
|
|
;;
|
|
esac
|
|
}
|
|
|
|
[[ "$(id -u)" -ne 0 ]] && log "error" "$(basename "${0}") must be ran as root, exiting..." && exit 1
|
|
|
|
log "info" "Installing required php extensions"
|
|
sudo dnf install php-fpm php-common php-mysqlnd php-gd php-xml php-mbstring php-xml php-json php-process -y
|
|
log "info" "Finished installing required php extensions"
|
|
|
|
log "info" "Installing optional php extensions"
|
|
dnf install php-mysqlnd php-dom php-simplexml php-xml php-xmlreader php-curl php-exif php-ftp php-gd php-iconv \
|
|
php-mbstring php-posix php-sockets php-tokenizer -y
|
|
log "info" "Finished installing optional php extensions"
|
|
|
|
log "info" "Installing php 7.4"
|
|
log "info" "Installing the EPEL repository"
|
|
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
|
|
log "info" "Installing the REMI repository"
|
|
dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
|
|
log "info" "Adding dnf-utils"
|
|
dnf -y install dnf-utils
|
|
log "info" "Initial setup done, installing php7.4"
|
|
dnf module reset php -y
|
|
dnf module install php:remi-7.4
|
|
dnf update
|
|
log "info" "PHP 7.4 should be installed, can be verifed with \"php -v\""
|
|
|
|
cd /tmp
|
|
|
|
server_name="20r.gg"
|
|
full_server_name="www.${server_name}"
|
|
|
|
nginx_server_config=/etc/nginx/conf.d/"${server_name}".conf
|
|
log "info" "Creating config for ${full_server_name} for nginx located at ${nginx_server_config}"
|
|
cat << __EOF__ > "${nginx_server_config}"
|
|
server {
|
|
listen 80;
|
|
server_name ${full_server_name};
|
|
server_name ${server_name};
|
|
root /var/www/${server_name};
|
|
index index.php;
|
|
|
|
access_log /var/log/nginx/${full_server_name}.access.log;
|
|
error_log /var/log/nginx/${full_server_name}.error.log;
|
|
|
|
location = /favicon.ico {
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location / {
|
|
try_files \$uri \$uri/ /index.php?\$args;
|
|
}
|
|
|
|
location ~ \.php$ {
|
|
try_files \$uri =404;
|
|
fastcgi_pass 127.0.0.1:9000;
|
|
fastcgi_index index.php;
|
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
|
include fastcgi_params;
|
|
}
|
|
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
|
expires max;
|
|
log_not_found off;
|
|
}
|
|
|
|
}
|
|
__EOF__
|
|
log "info" "Configuration for ${server_name} created at ${nginx_server_config}"
|
|
|
|
server_sites_dir=/var/www/"${server_name}"/
|
|
|
|
log "info" "Creating ${server_sites_dir} if it doesn't exist"
|
|
mkdir -p "${server_sites_dir}"
|
|
|
|
log "info" "Giving nginx:nginx ownership over ${server_sites_dir}"
|
|
chown -R nginx:nginx "${server_sites_dir}"
|
|
|
|
log "info" "Setting SELinux settings for nginx"
|
|
chcon -t httpd_sys_rw_content_t "${server_sites_dir}" -R
|
|
|
|
log "info" "Verifying configuration files for nginx"
|
|
nginx -t
|
|
if [ "${?}" != 0 ]; then
|
|
log "error" "Nginx configuration file check failed, exiting..."
|
|
exit 1
|
|
fi
|
|
log "info" "Verification of nginx configuration successful"
|
|
|
|
log "info" "Restarting nginx & php-fpm"
|
|
systemctl restart nginx \
|
|
&& systemctl restart php-fpm \
|
|
&& log "info" "Successfully restarted nginx & php-fpm"
|
|
|
|
root_password=""
|
|
echo "Enter root's password (necessary for mysql commands):"
|
|
read_sensitive root_password
|
|
|
|
issue_mysql_command() {
|
|
mysql --user root --password="${root_password}" --execute "${1}"
|
|
log "debug" "Issued mysql command: mysql --user root --password=${root_password} --execute ${1}"
|
|
return "${?}"
|
|
}
|
|
|
|
log "info" "Creating database for wordpress"
|
|
issue_mysql_command "CREATE DATABASE wordpress;" \
|
|
&& log "info" "Successfully created wordpress database"
|
|
|
|
log "info" "Creating user admin@localhost with randomly generated password, details saved to ~/\"admin@localhost.wp\" file"
|
|
admin_localhost_password="$(openssl rand -base64 48)"
|
|
cat << __EOF__ > ~/admin@localhost.wp
|
|
Username: admin
|
|
Full User: admin@localhost
|
|
Password: ${admin_localhost_password}
|
|
__EOF__
|
|
issue_mysql_command "CREATE USER 'admin'@'localhost' IDENTIFIED by '${admin_localhost_password}';" \
|
|
&& log "info" "Successfully created user admin@localhost"
|
|
|
|
log "info" "Granting all privileges on the wordpress database to admin@localhost"
|
|
issue_mysql_command "GRANT ALL PRIVILEGES ON wordpress.* TO 'admin'@'localhost';" \
|
|
&& log "info" "Successfully granted all privileges for wordpress db to admin@localhost"
|
|
|
|
issue_mysql_command "FLUSH PRIVILEGES;"
|
|
|
|
log "info" "Downloading the latest wordpress version and installing to ${server_sites_dir}"
|
|
curl https://wordpress.org/latest.tar.gz --output wordpress_latest.tar.gz \
|
|
&& tar -xvf wordpress_latest.tar.gz >/dev/null 2>&1 \
|
|
&& cp -a wordpress/. "${server_sites_dir}" >/dev/null 2>&1 \
|
|
&& cp "${server_sites_dir}"/wp-config-sample.php "${server_sites_dir}"/wp-config.php \
|
|
&& log "info" "Successfully installed wordpress"
|
|
|
|
log "info" "Setting proper permissions for wordpress directory"
|
|
chmod -R 777 "${server_sites_dir}"/* # can't be fucked to figure out the correct perms :shrug:
|
|
|
|
wp_config_location="${server_sites_dir}"/wp-config.php
|
|
while read -r line; do
|
|
if [[ "${line}" == "define( 'DB_NAME',"* ]]; then
|
|
echo "define( 'DB_NAME', 'wordpress' );"
|
|
elif [[ "${line}" == "define( 'DB_USER',"* ]]; then
|
|
echo "define( 'DB_USER', 'admin' );"
|
|
elif [[ "${line}" == "define( 'DB_HOST'"* ]]; then
|
|
echo "define( 'DB_HOST', 'localhost' );"
|
|
elif [[ "${line}" == "define( 'DB_PASSWORD'"* ]]; then
|
|
echo "define( 'DB_PASSWORD', '${admin_localhost_password}' );"
|
|
elif [[ "${line}" == *"Add any custom values between this line and"* ]]; then
|
|
echo "${line}"
|
|
echo "define('FS_METHOD', 'direct'); // Allow plugins to be installed"
|
|
else
|
|
echo "${line}"
|
|
fi
|
|
done < "${wp_config_location}" > "wp.temp" && mv "wp.temp" "${wp_config_location}"
|
|
|
|
systemctl restart php-fpm
|
|
systemctl restart nginx
|
|
|
|
log "info" "Installation finished!" |