56 lines
1.6 KiB
Bash
Executable File
56 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
clear
|
|
|
|
# *****************************************************************************
|
|
# Script: setup-nginx-webserver / setup-nginx.sh
|
|
# Author: Robert Partridge
|
|
# URL: https://gitea.techaddressed.com/robert/setup-nginx-webserver
|
|
# *****************************************************************************
|
|
|
|
# check for root privileges
|
|
if [ "$EUID" -ne 0 ]
|
|
then echo "PLEASE RUN THIS SCRIPT WITH ROOT PRIVILEGES"
|
|
exit
|
|
fi
|
|
|
|
# update system
|
|
apt update && apt dist-upgrade -y && apt autoremove -y && apt clean
|
|
|
|
# install packages except mariadb
|
|
apt install ntp sed git curl zip unzip nginx redis certbot ufw php-fpm php-curl php-mysql php-mbstring php-xml php-gd php-redis php-zip php-imagick php-bcmath php-intl php-tokenizer -y
|
|
|
|
# determine php version
|
|
PHP=`apt search php | grep fpm | grep security | cut -c 4-6`
|
|
|
|
# set PHP version in sites-available examples
|
|
sed -i 's/&&&/'${PHP}'/' config/example-standard
|
|
sed -i 's/&&&/'${PHP}'/' config/example-redirect-80
|
|
|
|
# copy config files
|
|
cp config/example* /etc/nginx/sites-available/
|
|
cp config/mime.types /etc/nginx/
|
|
cp config/nginx.conf /etc/nginx/
|
|
cp config/*realip.conf /etc/nginx/
|
|
cp config/php.ini /etc/php/${PHP}/fpm/
|
|
|
|
# restart services
|
|
systemctl restart nginx
|
|
systemctl restart php${PHP}-fpm
|
|
|
|
# install mariadb
|
|
apt install mariadb-server -y
|
|
|
|
# secure database
|
|
mysql_secure_installation
|
|
|
|
# configure ufw firewall but do not enable
|
|
ufw allow 80/tcp
|
|
ufw allow 443/tcp
|
|
|
|
# complete
|
|
echo
|
|
echo
|
|
echo "SETUP COMPLETE"
|
|
echo "UFW SET TO ALLOW PORTS 80/TCP AND 443/TCP"
|
|
echo "MAKE ADDITIONAL FIREWALL MODIFICATIONS IF NEEDED BEFORE ENABLING UFW"
|