wordpress-tools/install.sh

#!/bin/bash
#
# wordpress-tools
# https://git.stack-source.com/msb/wordpress-tools
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>\
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

if [ "${EUID}" -ne 0 ]; then
  echo "You must be root to run this installer."
  exit
fi

if [ ! -f "/usr/local/bin/vhost.sh" ]; then
  echo "NOTICE: This package requires that Vhost Stack is installed first."
  echo "https://git.stack-source.com/msb/vhost-stack"
  exit 1
fi

# download & install wp-cli
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
mv wp-cli.phar /usr/local/bin/wp
chmod +x /usr/local/bin/wp

# configure wp-cli bash completion
cp etc/bash_completion.d/wp-cli /etc/bash_completion.d/
chmod 644 /etc/bash_completion.d/wp-cli

# install wp user scripts
cp local/bin/wp-* /usr/local/bin
chmod 755 /usr/local/bin/wp-*

# install & enable wp systemd cron
cp local/sbin/wp-cron.sh /usr/local/sbin/
chmod 755 /usr/local/sbin/wp-cron.sh
if [[ ! -d /usr/local/lib/systemd/system ]]; then
  mkdir -p /usr/local/lib/systemd/system
fi
cp local/systemd/wp-cron.* /usr/local/lib/systemd/system/
chmod 644 /usr/local/lib/systemd/system/wp-cron.*
systemctl enable wp-cron.timer
systemctl start wp-cron.timer

# enable wp-security, restricts access to wordpress directories
cp etc/apache2/conf-available/wp-security.conf /etc/apache2/conf-available/wp-security.conf
chmod 644 /etc/apache2/conf-available/wp-security.conf
a2enconf wp-security
systemctl reload apache2

# fail2ban wordpress configs
if [[ -d /etc/fail2ban/ ]]; then
  chmod 644 etc/fail2ban/filter.d/*
  cp -a etc/fail2ban/filter.d/* /etc/fail2ban/filter.d/
  chmod 644 etc/fail2ban/jail.d/*
  cp -a etc/fail2ban/jail.d/* /etc/fail2ban/jail.d/
  systemctl restart fail2ban
else
  echo "Fail2ban not installed, skipping fail2ban wordpress configs."
fi