#!/bin/bash # # Author: Twily 2018 # Description: # New linux installation setup (server) made with debian in mind # Install webserver, ftpserver, mysqlserver and necessities # Automatically grab configurations for certain programs from twily.info # Prepares folder stuctures and permissions on www folder # Setup iptables configuration from twily.info # sudo apt install vsftpd nginx apache2 mysql-server php php-mysql php-mcrypt php-mbstring php-json php-gd php-fpm php-curl php-zip screen wget vim ranger unzip USER=admin sudo passwd $USER sudo systemctl stop apache2 sudo systemctl disable apache2 sudo systemctl restart nginx sudo systemctl enable nginx sudo usermod -g www-data $USER sudo chown root:www-data /var/www -Rv sudo chmod 775 /var/www -Rv sudo mv /var/www/html/index.html /var/www/html/index.apache2.html sudo mv /var/www/html/index.nginx-debian.html /var/www/html/index.html sudo bash -c "echo '' > /var/www/html/phpinfo.php"; wget https://twily.info/s/.screenrc -O ~/.screenrc mkdir -p ~/.vim/colors/ wget https://twily.info/s/.vim/colors/twily.vim -O ~/.vim/colors/twily.vim wget https://twily.info/s/.vimrc -O ~/.vimrc wget https://twily.info/s/.zshrc -O ~/.zshrc wget https://twily.info/s/.config/vsftpd.conf -O ~/vsftpd.conf sudo mv ~/vsftpd.conf /etc/vsftpd.conf sudo chown root:root /etc/vsftpd.conf sudo bash -c "echo '$USER' >> /etc/vsftpd.userlist" sudo systemctl restart vsftpd sudo systemctl enable vsftpd sudo mkdir /etc/iptables wget https://twily.info/s/.config/iptables.rules -O ~/iptables.rules sudo cp ~/iptables.rules /etc/iptables/rules.v4 sudo bash -c "iptables-restore < /etc/iptables/rules.v4" sudo bash -c "iptables-save > /etc/iptables/rules.v4" wget http://twily.info/s/scripts/ports -O ~/ports chmod +x ~/ports ln -s /var/www ~/_www ln -s /etc/nginx ~/_nginx ln -s /etc/apache2 ~/_apache2 ln -s /etc/php/7.0 ~/_php # # More (Not automatic) # IPTABLES: # run $ sudo vim /etc/network/if-pre-up.d/iptables # add > #!/bin/sh # add > /sbin/iptables-restore < /etc/iptables/rules.v4 # run $ sudo chmod +x /etc/network/if-pre-up.d/iptables # MySQL: # run $ mysql_secure_installation # run $ sudo mysql -u root # run > CREATE USER 'admin'@'localhost' IDENTIFIED BY 'password'; # run > GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost'; # run > FLUSH PRIVILEGES; # NGINX: # run $ sudo vim /etc/php/7.0/fpm/php.ini # edit > cgi.fix_pathinfo=0 # edit > post_max_size = 1G # edit > upload_max_filesize = 1G # run $ systemctl restart php7.0-fpm # run $ sudo vim /etc/nginx/sites-available/default # edit > index index.php index.html; # edit > server_name domain_or_ip; # uncomment > include snippets/fastcgi-php.conf; # uncomment > fastcgi_pass unix:/run/php/php7.0-fpm.sock; # add > fastcgi_buffers 8 16k; # add > fastcgi_buffer_size 32k; # uncomment > location ~ /\.ht { # run $ sudo vim /etc/nginx/nginx.conf # add(to http) > client_max_body_size 1G # run $ sudo nginx -t # run $ systemctl restart nginx # PHPMYADMIN: # run $ sudo apt install phpmyadmin # on prompt apache2 or lighthttp, press Tab then Enter (skip) # every other setting default - yes # run $ ln -s /usr/share/phpmyadmin /var/www/html/ # LETSENCRYPT: # run $ sudo apt install python-certbot-nginx # run $ sudo systemctl stop nginx # run $ sudo certbot certonly --standalone -d domain.com -d www.domain.com # run $ sudo chmod 755 /etc/letsencrypt/ -Rv # run $ ln -s /etc/letsencrypt/live/domain.com/cert.pem /var/www/cert.pem # run $ ln -s /etc/letsencrypt/live/domain.com/privkey.pem /var/www/key.pem # run $ sudo vim /etc/nginx/sites-available/default # add > server { # add > server_name www.domain.com; # add > return 301 https://domain.com$request_uri; } # add > server { # add(move) > listen 80 default_server; # add(move) > listen [::]:80 default_server; # add > server_name _; # add > return 301 https://domain.com/$request_uri; } # uncomment > listen 443 ssl default_server; # uncomment > listen[::]:443 ssl default_server; # uncomment > include snippets/snakeoil.conf; # run $ sudo vim /etc/nginx/snippets/snakeoil.conf # edit > ssl_certificate /var/www/cert.pem; # edit > ssl_certificate_key /var/www/key.pem; # run $ sudo systemctl start nginx #