From 60f9c2e96f1095ac86157b16c61611b1e79a3470 Mon Sep 17 00:00:00 2001 From: Matthew Saunders Brown Date: Thu, 6 May 2021 13:43:18 -0700 Subject: [PATCH] installer & readme --- README.md | 18 ++++++++++++++++-- install.sh | 34 +++++++++++++++++++++------------- 2 files changed, 37 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index e2d2be6..bdf3c27 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# vhost-stack +# Vhost Stack ## Install ``` @@ -8,9 +8,23 @@ cd vhost-stack bash install.sh ``` +Apache mod_macro gets configured with a ServerAlias for a subdomain of the domain name of this server. The idea is to have development hostnames that you can use before updating DNS when migrating existing sites. Check the ServerAlias configs in /etc/apache2/mods-available/macro.conf to make sure they are using the domain you wish, and optionally change or comment out the subdomain ServerAlias settings. -### configure a minimal smtp server so automated emails (cron etc) can be sent +## Let's Encrypt +For integrated Let's Encrypt certificate configuration install Let's Encrypt Tools: +https://git.stack-source.com/msb/letsencrypt-tools + +## WordPress +If you will be installing WordPress sites then install WordPress Tools: +https://git.stack-source.com/msb/wordpress-tools + +## Mail Server +For an integrated and full featured mail server configuration it's recommended to install vmail-stack: +https://git.stack-source.com/msb/vhost-stack +If you just want a minimal smtp mail server for getting automated emails (cron, website contact forms, etc.) off the server you can install and configure exim4-daemon-light with these commands: +``` apt -y install exim4-daemon-light mailutils sed -i "s|dc_eximconfig_configtype='local'|dc_eximconfig_configtype='internet'|g" /etc/exim4/update-exim4.conf.conf /usr/sbin/update-exim4.conf systemctl restart exim4 +``` diff --git a/install.sh b/install.sh index 5425271..9cd8feb 100755 --- a/install.sh +++ b/install.sh @@ -63,6 +63,9 @@ a2enconf php7.4-fpm phpMyAdmin cp etc/apache2/mods-available/* /etc/apache2/mods-available/ chmod 644 /etc/apache2/mods-available/*.conf chown root:root /etc/apache2/mods-available/*.conf +# set vhost subodmain to domain name of server, users may want to consider changing this to a custom domain. +vhostdomain=`hostname -d` +sed -i "s|.example.com|.$vhostdomain|g" /etc/apache2/mods-available/macro.conf a2enmod proxy_fcgi rewrite headers expires ssl http2 remoteip macro # # sed -i "s|CustomLog|#CustomLog|g" /etc/apache2/sites-available/000-default.conf sed -i "s|/var/www/html|/srv/www/html|g" /etc/apache2/sites-available/000-default.conf @@ -102,15 +105,24 @@ if [ -d /srv/www ]; then else if [ -d /var/www ]; then mv /var/www /srv/www - ln -s /srv/www /var/www else - mkdir /srv/www + install --owner=root --group=root --mode=755 --directory /srv/www fi + ln -s /srv/www /var/www +fi + +useradd --no-create-home --home-dir /srv/www --shell /usr/sbin/nologin --system --user-group vhost + +if [ -d /srv/www/html ]; then + chown -R vhost:vhost /srv/www/html +else + install --owner=vhost --group=vhost --mode=755 --directory /srv/www/html fi # install status.php cp html/status.php /srv/www/html chmod 644 /srv/www/html/status.php +chown vhost:vhost /srv/www/html/status.php # jailkit apt -y install jailkit @@ -128,7 +140,7 @@ echo "comment = php-cli and all required files" >> /etc/jailkit/jk_init.ini echo "paths = /usr/bin/php*, /usr/bin/phar*, /etc/php/*/cli/, /etc/php/*/mods-available/, /usr/lib/php/, /usr/share/php/" >> /etc/jailkit/jk_init.ini mkdir /usr/jails if ! [ -d "/usr/local/libexec" ]; then - mkdir /usr/local/libexec + install --owner=root --group=root --mode=755 --directory /usr/local/libexec fi cp libexec/command-not-found-handle /usr/local/libexec/command-not-found-handle chmod 755 /usr/local/libexec/command-not-found-handle @@ -173,11 +185,11 @@ echo "declare(strict_types=1);" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$cfg['blowfish_secret'] = '$blowfish_secret';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$i = 0;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$i++;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php -echo "\$cfg['Servers'][$i]['auth_type'] = 'cookie';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php -echo "\$cfg['Servers'][$i]['hide_db'] = 'information_schema|performance_schema|mysql';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php -echo "\$cfg['Servers'][$i]['host'] = '127.0.0.1';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php -echo "\$cfg['Servers'][$i]['compress'] = false;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php -echo "\$cfg['Servers'][$i]['AllowNoPassword'] = false;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php +echo "\$cfg['Servers'][\$i]['auth_type'] = 'cookie';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php +echo "\$cfg['Servers'][\$i]['hide_db'] = 'information_schema|performance_schema|mysql';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php +echo "\$cfg['Servers'][\$i]['host'] = '127.0.0.1';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php +echo "\$cfg['Servers'][\$i]['compress'] = false;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php +echo "\$cfg['Servers'][\$i]['AllowNoPassword'] = false;" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$cfg['UploadDir'] = '';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$cfg['SaveDir'] = '';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php echo "\$cfg['TempDir'] = '/tmp';" >> phpMyAdmin-5.1.0-all-languages/config.inc.php @@ -185,8 +197,4 @@ echo "\$cfg['PmaNoRelation_DisableWarning'] = true;" >> phpMyAdmin-5.1.0-all-lan mv phpMyAdmin-5.1.0-all-languages /srv/www/html/phpMyAdmin find /srv/www/html/phpMyAdmin -type d -exec chmod 755 {} + find /srv/www/html/phpMyAdmin -type f -exec chmod 644 {} + - - - - - +chown -R vhost:vhost /srv/www/html/phpMyAdmin