forked from littlebizzy/slickstack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ss-install.txt
1081 lines (819 loc) · 50.9 KB
/
ss-install.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
#!/bin/bash
####################################################################################################
#### author: SlickStack ############################################################################
#### link: https://slickstack.io ###################################################################
#### mirror: https://mirrors.slickstack.io/bash/ss-install.txt #####################################
#### path: /var/www/ss-install #####################################################################
#### destination: n/a (not a boilerplate) ##########################################################
#### purpose: Reinstalls the entire SlickStack LEMP environment and all modules (idempotent) #######
#### module version: Ubuntu 20.04 LTS ##############################################################
#### sourced by: n/a (wget -O ss slick.fyi && bash ss) #############################################
#### bash aliases: ss install ######################################################################
####################################################################################################
## SS-CONFIG MUST BE PROPERLY CONFIGURED AND ON CURRENT BUILD BEFORE RUNNING SS-INSTALL ##
## ENSURE YOUR SS-CONFIG BUILD REMAINS CURRENT BY RUNNING SS-UPDATE OCCASIONALLY ##
## include SlickStack configuration (if exists) ##
SS_CONFIG="/var/www/ss-config"
test -f $SS_CONFIG && source $SS_CONFIG
####################################################################################################
#### SS-Functions: Critical Bash Variables #########################################################
####################################################################################################
## SNIPPET: ss-functions, ss-install
## these are kind of like enviroment variables that are used within various ss scripts ##
## we keep these variables together for easy reference and better organization ##
## ss variables ##
# SS_PS1=`PS1="\[\e[1;35m\]\u@$(hostname -f)\e[m\]:\[\e[45m\]\w\[\e[m\]$ "`
SS_LINUX_KERNEL=`uname -a`
SS_OS_VERSION=`lsb_release -ds`
SS_CPU_CORES=`grep -c ^processor /proc/cpuinfo 2>/dev/null || sysctl -n hw.ncpu || echo "$NUMBER_OF_PROCESSORS"`
SS_DISK_FREE=`df -k --output=avail "$PWD" | tail -n1`
# SS_MYSQL_VERSION=`mysqld --version`
# SS_MYSQL_SIZE=`mysql --execute="SELECT table_schema AS "wordpress", SUM(data_length + index_length) / 1024 / 1024 / 1024 AS "Size (GB)" FROM information_schema.TABLES GROUP BY table_schema";`
SS_NETWORK_INTERFACE=`ip route get 1.1.1.1 | head -n1 | awk '{print $5}'`
SS_IPV4_ADDRESS=`ip addr show $SS_NETWORK_INTERFACE | grep "inet " | awk '{ print $2;exit }' | cut -d/ -f1`
SS_IPV6_ADDRESS=`ip addr show $SS_NETWORK_INTERFACE | grep "inet6 " | awk '{ print $2;exit }' | cut -d/ -f1`
SS_HOSTNAME=`hostname -f`
SS_TLD=`hostname -d`
# SS_PHP_VERSION=`php -v | grep ^PHP | cut -d' ' -f2`
# SS_PHP_EXTENSIONS=`php -r "print_r(implode(', ', get_loaded_extensions()));"`
## old ##
UBUNTU_VERSION=`lsb_release -rs`
DISK_FREE=`df -k --output=avail "$PWD" | tail -n1`
NETWORK_INTERFACE=`ip route get 1.1.1.1 | head -n1 | awk '{print $5}'`
IPV4_ADDRESS=`ip addr show $NETWORK_INTERFACE | grep "inet " | awk '{ print $2;exit }' | cut -d/ -f1`
IPV6_ADDRESS=`ip addr show $NETWORK_INTERFACE | grep "inet6 " | awk '{ print $2;exit }' | cut -d/ -f1`
## ss-install-wordpress-config variables ##
TMP_WORDPRESS_CONFIG_PRODUCTION="/tmp/wp-config-production.txt"
TMP_WORDPRESS_CONFIG_STAGING="/tmp/wp-config-staging.txt"
TMP_WORDPRESS_CONFIG_DEV="/tmp/wp-config-dev.txt"
####################################################################################################
#### SS-Functions: Critical Bash Functions #########################################################
####################################################################################################
## SNIPPET: ss-functions, ss-install
## the below functions are sourced into every SlickStack script to ensure reliability ##
## this also speeds up processing times by avoiding repeated inline commands ##
## add-apt-repository alias flags ##
function add-apt-repository {
export DEBIAN_FRONTEND=noninteractive
export DEBIAN_PRIORITY=critical
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
command /usr/bin/add-apt-repository --yes "$@"
}
## apt alias flags ##
function apt {
export DEBIAN_FRONTEND=noninteractive
export DEBIAN_PRIORITY=critical
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
command /usr/bin/apt --yes --quiet --option Dpkg::Options::=--force-confold --option Dpkg::Options::=--force-confdef "$@"
}
## cp alias flags ##
function cp {
command cp -R -f -d --no-preserve=mode,ownership "$@"
}
## ln alias flags ##
function ln {
command ln -s -f "$@"
}
## mkdir alias flags ##
function mkdir {
command mkdir -p "$@"
}
## mysql alias flags ##
function mysql {
command mysql --user=root --host=localhost --protocol=socket --port=3306 --force "$@"
}
## mysqldump alias flags ##
function mysqldump {
# /usr/bin/mysqldump
command mysqldump --user=$DB_USER --password=$DB_PASSWORD --host=$DB_HOST --protocol=tcp --port=3306 --no-tablespaces --single-transaction --skip-lock-tables --dump-date --force "$@"
}
## rm alias flags ##
function rm {
command rm -R -f "$@"
}
## rsync alias flags ##
function rsync {
command rsync -aI --ignore-errors "$@"
}
## touch alias flags ##
function touch {
command touch -a "$@"
}
## unzip alias flags ##
function unzip {
command unzip -o "$@"
}
## wget alias flags ##
function wget {
command wget --quiet --no-check-certificate --no-cache --no-cookies --tries=3 --timeout=15 "$@"
}
####################################################################################################
#### SS-Functions: Pretty Colors + Styles For The Shell ############################################
####################################################################################################
## SNIPPET: ss-functions, ss-install
## these color variables help maintain cleaner and prettier Bash scripts in SlickStack ##
## we substitute e.g. ${PINK} within any echo line then use ${RESET} to revert ##
## pretty colors ##
NOCOLOR='\033[0m'
DARKRED='\033[0;31m'
LIGHTRED='\033[1;31m'
ORANGE='\033[0;33m'
YELLOW='\033[1;33m'
DARKGREEN='\033[0;32m'
LIGHTGREEN='\033[1;32m'
DARKCYAN='\033[0;36m'
LIGHTCYAN='\033[1;36m'
DARKBLUE='\033[0;34m'
LIGHTBLUE='\033[1;34m'
DARKPURPLE='\033[0;35m'
LIGHTPURPLE='\033[1;35m'
PURPLE='\033[0;35m'
PINK='\033[1;35m'
DARKGRAY='\033[1;30m'
LIGHTGRAY='\033[0;37m'
WHITE='\033[1;37m'
BGBLACK=$(tput setab 0) # black
BGRED=$(tput setab 1) # red
BGGREEN=$(tput setab 2) # green
BGYELLOW=$(tput setab 3) # yellow
BGBLUE=$(tput setab 4) # blue
BGPINK=$(tput setab 5) # magenta (pink)
BGCYAN=$(tput setab 6) # cyan
BGWHITE=$(tput setab 7) # white
## pretty styles ##
BOLD=$(tput bold) # bold (strong)
DIM=$(tput dim) # dim (half-bright)
NORMAL=$(tput sgr0) # reset all styles (normal)
RESET=$(tput sgr0) # reset all styles (normal)
BLINK=$(tput blink) # blink
UNDERLINE=$(tput smul) # underline
ENDUNDER=$(tput rmul) # end underline
REVERSE=$(tput rev) # reverse
STANDOUT=$(tput smso) # standout (highlight)
ENDSTAND=$(tput rmso) # end standout
####################################################################################################
#### SS-Install: Verify Environment Compatibility Before Proceeding ################################
####################################################################################################
## never run ss-install unless the build version below matches current ss-config version ##
## in case of emergencies the SlickStack team might purposefully mismatch builds ##
## ensure ss-config (if exists) build matches ss-install ##
if [[ -f "/var/www/ss-config" ]] && [[ "$SS_BUILD" != "NOV2021C" ]]; then
echo -e "${YELLOW}Exiting ss-install: Please run ss-update-config since your ss-config is outdated and try again... ${NOCOLOR}"
exit 1
fi
## verify optimal Ubuntu version ##
if [[ "${UBUNTU_VERSION}" != @(20.04|18.04) ]]; then
echo -e "${YELLOW}Exiting ss-install: SlickStack is designed for Ubuntu LTS (but this VPS is running ${UBUNTU_VERSION})... ${NOCOLOR}"
exit 1
fi
## ensure at least 5GB free disk space remains ##
if [[ $DISK_FREE -lt 5242880 ]]; then # 10G = 10485760 / 5GB = 5242880
echo -e ""
echo -e "${YELLOW}Exiting ss-install: It looks like your server has less than 5GB free space available, please upgrade your server and then run ss-install again. ${NOCOLOR}"
echo -e ""
exit 1
fi
## ensure not running in docker/lxc/container ##
if [[ -f /.dockerenv ]] || grep -Eq '(lxc|docker)' /proc/1/cgroup; then
echo -e ""
echo -e "${YELLOW}Exiting ss-install: It appears your server is running Docker or another container... but SlickStack requires normal Ubuntu LTS without containers. ${NOCOLOR}"
echo -e ""
exit 1
fi
####################################################################################################
#### SS-Update: Ensure Undefined Options Do Not Exist Before Proceeding ############################
####################################################################################################
## SNIPPET: ss-install, ss-update
## below snippet will warn you and exit if undefined ss-config options are found to exist ##
## this way our team can be aware of bugs and avoid implementing unwanted options ##
## warn if placeholders exist ##
SS_CONFIG_OPTION_PLACEHOLDER="$(grep -c '"@' /var/www/ss-config)"
if [[ "$SS_CONFIG_OPTION_PLACEHOLDER" -gt 0 ]]; then
echo -e "${LIGHTRED}Exiting ss-install: Your ss-config contains "@..." placeholders. Please input values and try again... ${NOCOLOR}"
exit 1
fi
####################################################################################################
#### SS-Install: Cleanup Temporary Files ###########################################################
####################################################################################################
## delete tmp files ##
rm /tmp/ss-config*
rm /tmp/config*
####################################################################################################
#### SS-Install: Interactive Bash Setup Wizard (Generate SS-Config) ################################
####################################################################################################
## this basic wizard will allow you to interactively setup your ss-config file options ##
## advanced users can setup ss-config before running ss-install to avoid this ##
## retrieve latest ss-config boilerplate (quietly) ##
wget -qO /tmp/ss-config https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-config-sample.txt
## check build ver ##
SS_BUILD_NOW=$(source /tmp/ss-config; echo $SS_BUILD)
## rainbow colors test ##
WELCOME_RAINBOW="${DARKRED}welcome ${LIGHTRED}to ${ORANGE}the ${YELLOW}magical ${DARKGREEN}world ${LIGHTGREEN}of ${DARKCYAN}ss ${LIGHTCYAN}where ${DARKBLUE}all ${LIGHTBLUE}your ${DARKPURPLE}dreams ${LIGHTPURPLE}come ${LIGHTGRAY}true${NOCOLOR}"
echo -e ""
echo -e "$WELCOME_RAINBOW"
## f*ck containers (first things first) ##
echo -e ""
echo -e "${LIGHTPURPLE} _____________________________ ${NOCOLOR}"
echo -e "${LIGHTPURPLE}< screw containers! excelsior > ${NOCOLOR}"
echo -e "${LIGHTPURPLE} ----------------------------- ${NOCOLOR}"
echo -e "${LIGHTPURPLE} \ ^__^ ${NOCOLOR}"
echo -e "${LIGHTPURPLE} \ (oo)\_______ ${NOCOLOR}"
echo -e "${LIGHTPURPLE} (__)\ )\/\ ${NOCOLOR}"
echo -e "${LIGHTPURPLE} ||----w | ${NOCOLOR}"
echo -e "${LIGHTPURPLE} || || ${NOCOLOR}"
echo -e ""
echo -e ""
if [[ ! -f "/var/www/ss-config" ]]; then
echo -e "${LIGHTGRAY}################################################################################${NOCOLOR}"
echo -e "${LIGHTGRAY}SlickStack build : ${LIGHTGREEN}$SS_BUILD_NOW${NOCOLOR}"
echo -e "${LIGHTGRAY}Ubuntu version : ${LIGHTGREEN}${UBUNTU_VERSION} LTS${NOCOLOR}"
echo -e "${LIGHTGRAY}Hostname (FQDN) : ${LIGHTGREEN}$SS_HOSTNAME${NOCOLOR}"
echo -e "${LIGHTGRAY}IP Address (IPv4) : ${LIGHTGREEN}$SS_IPV4_ADDRESS${NOCOLOR}"
echo -e "${LIGHTGRAY}IP Address (IPv6) : ${LIGHTGREEN}$SS_IPV6_ADDRESS${NOCOLOR}"
echo -e "${LIGHTGRAY}################################################################################${NOCOLOR}"
echo -e ""
echo -e "${YELLOW}Welcome to SlickStack! It appears that your ss-config file has not been ${NOCOLOR}"
echo -e "${YELLOW}setup yet. Please use the wizard to configure required options, or hit ${NOCOLOR}"
wait_time=30 # seconds
temp_cnt=${wait_time}
while [[ ${temp_cnt} -gt 0 ]];
do
printf "${YELLOW}\rCtrl+C to cancel wizard and configure ss-config manually: ${LIGHTGREEN}%2d ${NOCOLOR}" ${temp_cnt}
sleep 1
((temp_cnt--))
done
echo -e ""
echo -e ""
echo -e "${LIGHTPURPLE}###########################################################################${NOCOLOR}"
echo -e "${LIGHTPURPLE}#### SlickStack Interactive Setup Wizard (SS-Config) ######################${NOCOLOR}"
echo -e "${LIGHTPURPLE}###########################################################################${NOCOLOR}"
echo -e ""
## replace root password fields with random strings ##
sed -i "s/@ROOT_PASSWORD/$(openssl rand -hex 12)/g" /tmp/ss-config
sed -i "s/@DB_PASSWORD_ROOT/$(openssl rand -hex 12)/g" /tmp/ss-config
## PROMPT: choose sudo username (default = batman) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose sudo username (for SSH): "$NORMAL)" -e -i 'batman' ss_var_sudo_user || ss_var_sudo_user=batman
sed -i "s/@SUDO_USER/$ss_var_sudo_user/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose sudo password (default = random) ##
sudopass_random=$(openssl rand -hex 12)
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose sudo password (should be strong): "$NORMAL)" -e -i ${sudopass_random} ss_var_sudo_password || ss_var_sudo_password=${sudopass_random}
sed -i "s/@SUDO_PASSWORD/$ss_var_sudo_password/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose SSH port number (default = 22) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose SSH port (use 22 for best compatibility): "$NORMAL)" -e -i '22' ss_var_ssh_port || ss_var_ssh_port=22
sed -i "s/@SSH_PORT/$ss_var_ssh_port/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable SSH keys (default = false) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable SSH keys (advanced users only): "$NORMAL)" -e -i 'false' ss_var_ssh_keys || ss_var_ssh_keys=false
sed -i "s/@SSH_KEYS/$ss_var_ssh_keys/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose SFTP username (default = robin) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose SFTP username (limited access): "$NORMAL)" -e -i 'robin' ss_var_sftp_user || ss_var_sftp_user=robin
sed -i "s/@SFTP_USER/$ss_var_sftp_user/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose SFTP password (default = random) ##
sftp_pass_random=$(openssl rand -hex 12)
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose SFTP password (should be strong): "$NORMAL)" -e -i ${sftp_pass_random} ss_var_sftp_password || ss_var_sftp_password=${sftp_pass_random}
sed -i "s/@SFTP_PASSWORD/$ss_var_sftp_password/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose app (default = wordpress) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose app (only wordpress supported currently): "$NORMAL)" -e -i 'wordpress' ss_var_app_name || ss_var_app_name=wordpress
sed -i "s/@SS_APP/$ss_var_app_name/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable plugin blacklist (default = true) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable the WordPress plugin blacklist: "$NORMAL)" -e -i 'true' ss_var_plugin_blacklist || ss_var_plugin_blacklist=true
sed -i "s/@SS_WORDPRESS_PLUGIN_BLACKLIST/$ss_var_plugin_blacklist/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: link your pilot file (default = blank) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Link to your pilot file (leave blank if none): "$NORMAL)" -e -i 'https://gist.githubusercontent.com/...' ss_var_pilot_file || ss_var_pilot_file=
sed -i "s/@SS_PILOT_FILE/$ss_var_pilot_file/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: using a remote database (default = wordpress) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Are you using a remote database: "$NORMAL)" -e -i 'false' ss_var_database_remote || ss_var_database_remote=false
sed -i "s/@SS_DATABASE_REMOTE/$ss_var_database_remote/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose database name (default = production) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose database name (single database): "$NORMAL)" -e -i 'production' ss_var_db_name || ss_var_db_name=production
sed -i "s/@DB_NAME/$ss_var_db_name/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose database user (default = robin) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose database user (non-root user): "$NORMAL)" -e -i 'robin' ss_var_db_user || ss_var_db_user=robin
sed -i "s/@DB_USER/$ss_var_db_user/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose database user password (default = random) ##
db_pass_random=$(openssl rand -hex 12)
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose database user password (should be strong): "$NORMAL)" -e -i ${db_pass_random} ss_var_db_password || ss_var_db_password=${db_pass_random}
sed -i "s/@DB_PASSWORD_USER/$ss_var_db_password/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose database host ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose database host (IP address): "$NORMAL)" -e -i '127.0.0.1' ss_var_db_host || ss_var_db_host=127.0.0.1
sed -i "s/@DB_HOST/$ss_var_db_host/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose database prefix ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose database table prefix: "$NORMAL)" -e -i 'wp_' ss_var_db_prefix || ss_var_db_prefix=wp_
sed -i "s/@DB_PREFIX/$ss_var_db_prefix/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose site TLD (otherwise example.com) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose site TLD (subdomains not allowed): "$NORMAL)" -e -i "$SS_TLD" ss_var_site_tld || ss_var_site_tld="$SS_TLD"
sed -i "s/@SITE_TLD/$ss_var_site_tld/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose site domain (otherwise www.example.com) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose site domain (subdirectories not allowed): "$NORMAL)" -e -i "$SS_HOSTNAME" ss_var_site_domain || ss_var_site_domain="$SS_HOSTNAME"
sed -i "s/@SITE_DOMAIN/$ss_var_site_domain/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable noindex server (default = false) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable site noindexing (block robots): "$NORMAL)" -e -i 'false' ss_var_site_noindex || ss_var_site_noindex=false
sed -i "s/@SITE_NOINDEX/$ss_var_site_noindex/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: which SSL do you want ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose SSL cert [openssl|certbot]: "$NORMAL)" -e -i 'openssl' ss_var_ssl_type || ss_var_ssl_type=openssl
sed -i "s/@SSL_TYPE/$ss_var_ssl_type/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable WP Multisite ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable WordPress Multisite (experimental): "$NORMAL)" -e -i 'false' ss_var_wp_multisite_status || ss_var_wp_multisite_status=false
sed -i "s/@WP_MULTISITE_STATUS/$ss_var_wp_multisite_status/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose Cloudflare API key (otherwise 123456789) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose Cloudflare API key (account profile): "$NORMAL)" -e -i '123456789' ss_var_cloudflare_api_key || ss_var_cloudflare_api_key=123456789
sed -i "s/@CLOUDFLARE_API_KEY/$ss_var_cloudflare_api_key/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose Cloudflare API email (otherwise [email protected]) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose Cloudflare API email (account profile): "$NORMAL)" -e -i '[email protected]' ss_var_cloudflare_api_email || [email protected]
sed -i "s/@CLOUDFLARE_API_EMAIL/$ss_var_cloudflare_api_email/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable staging site ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable staging site (subdomain): "$NORMAL)" -e -i 'false' ss_var_staging_site || ss_var_staging_site=false
sed -i "s/@STAGING_SITE_STATUS/$ss_var_staging_site/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: protect staging site ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Password protect staging site: "$NORMAL)" -e -i 'false' ss_var_staging_site_protect || ss_var_staging_site_protect=false
sed -i "s/@STAGING_SITE_PROTECT/$ss_var_staging_site_protect/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: enable dev site ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Enable dev site (subdomain): "$NORMAL)" -e -i 'false' ss_var_dev_site || ss_var_dev_site=false
sed -i "s/@DEV_SITE_STATUS/$ss_var_dev_site/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: protect dev site ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Password protect dev site: "$NORMAL)" -e -i 'false' ss_var_dev_site_protect || ss_var_dev_site_protect=false
sed -i "s/@DEV_SITE_PROTECT/$ss_var_dev_site_protect/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose guest username (default = guest) ##
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose guest username (to view staging/dev): "$NORMAL)" -e -i 'guest' ss_var_guest_user || ss_var_guest_user=guest
sed -i "s/@GUEST_USER/$ss_var_guest_user/g" /tmp/ss-config
## new line ##
printf "\n"
## PROMPT: choose guest password (default = random) ##
guest_pass_random=$(openssl rand -hex 12)
read -t 300 -p "$(echo -e $LIGHTPURPLE"Choose guest password (easy is fine): "$NORMAL)" -e -i ${guest_pass_random} ss_var_guest_password || ss_var_guest_password=${guest_pass_random}
sed -i "s/@GUEST_PASSWORD/$ss_var_guest_password/g" /tmp/ss-config
## new line ##
printf "\n"
## copy files to their destinations ##
mkdir /var/www
cp /tmp/ss-config /var/www/ss-config
####################################################################################################
#### SS-Install: Message (Last Chance To Exit) #####################################################
####################################################################################################
## this is a simple message that announces to the shell the purpose of this bash script ##
## it will only be noticed by sudo users who manually call ss core bash scripts ##
## force exit if SSH keys chosen ##
SSHKEYS_CHOSEN=$(source /var/www/ss-config; echo $SSH_KEYS)
if [[ "$SSHKEYS_CHOSEN" == "true" ]] && [[ ! -f "/var/www/auth/id_rsa.pub" ]]; then
echo -e "${YELLOW}Exiting ss-install: Please upload your /var/www/auth/id_rsa.pub file before proceeding... ${NOCOLOR}"
echo -e "${YELLOW}Alternatively SlickStack will create a new key pair for you (just run ss-install again now)... ${NOCOLOR}"
fi
## force exit if thirdparty SSL chosen ##
THIRDPARTY_CHOSEN=$(source /var/www/ss-config; echo $SSL_TYPE)
if [[ "$THIRDPARTY_CHOSEN" == "thirdparty" ]] && [[ ! -f "/var/www/certs/thirdparty.pem" || ! -f "/var/www/certs/keys/thirdparty.key" ]]; then
echo -e "${YELLOW}Exiting ss-install: Since you chose thirdparty SSL please upload your cert/key before proceeding... ${NOCOLOR}"
fi
## echo message ##
echo -e "${YELLOW}Your /var/www/ss-config file is now setup, yay! Ctrl+C to exit now if you ${NOCOLOR}"
WAIT_TIME_LAST_CHANCE="15" # seconds
WAIT_TIME_LAST_CHANCE_TMP="${WAIT_TIME_LAST_CHANCE}"
while [[ ${WAIT_TIME_LAST_CHANCE_TMP} -gt 0 ]];
do
printf "${YELLOW}\rwant to review all options before proceeding, otherwise wait... ${LIGHTGREEN}%2d ${NOCOLOR}" ${WAIT_TIME_LAST_CHANCE_TMP}
sleep 1
((WAIT_TIME_LAST_CHANCE_TMP--))
done
echo -e ""
####################################################################################################
#### SS-Install: Welcome Back (If SS-Config Exists) ################################################
####################################################################################################
else
echo -e "${LIGHTGRAY}################################################################################${NOCOLOR}"
echo -e "${LIGHTGRAY}SlickStack build : ${LIGHTGREEN}$SS_BUILD_NOW${NOCOLOR}"
echo -e "${LIGHTGRAY}Ubuntu version : ${LIGHTGREEN}${UBUNTU_VERSION} LTS${NOCOLOR}"
echo -e "${LIGHTGRAY}Hostname (FQDN) : ${LIGHTGREEN}$SS_HOSTNAME${NOCOLOR}"
echo -e "${LIGHTGRAY}IP Address (IPv4) : ${LIGHTGREEN}$SS_IPV4_ADDRESS${NOCOLOR}"
echo -e "${LIGHTGRAY}IP Address (IPv6) : ${LIGHTGREEN}$SS_IPV6_ADDRESS${NOCOLOR}"
echo -e "${LIGHTGRAY}################################################################################${NOCOLOR}"
echo -e ""
echo -e "${PURPLE}Running ss-install: An ss-config file already exists so we will proceed using existing settings... ${NOCOLOR}"
sleep 10s
fi
####################################################################################################
#### SS-Install: Source SS-Config (After Setup Wizard Complete) ####################################
####################################################################################################
## here we must source ss-config again after the setup wizard has completed generation ##
## this is different than the conditional sourcing at the top of this script ##
## include SlickStack configuration ##
source /var/www/ss-config
####################################################################################################
#### SS-Install: Ensure Chosen Site Domain Is Not Sub-Subdomain (Unsupported) ######################
####################################################################################################
## for compatibility and stability reasons SlickStack does not support sub-subdomains ##
## this ensures that your SSL and Cloudflare especially will function properly ##
## calculate how many dots in chosen site domain ##
CALC_DOMAIN=${SITE_DOMAIN//$SITE_TLD/}
CALC_DOMAIN_SUB=$(echo "$CALC_DOMAIN" | grep -o "\." | wc -l)
## exit if the local domain (besides TLD) contains more than one dot ##
if [[ $CALC_DOMAIN_SUB -gt 1 ]]; then
echo -e ""
echo -e "${YELLOW}It appears your SITE_DOMAIN value is a sub-subdomain or is otherwise not ${NOCOLOR}"
echo -e "${YELLOW}compatible with SlickStack. Please edit ss-config and try again. ${NOCOLOR}"
echo -e ""
exit 1
fi
####################################################################################################
#### SS-Install: Retrieve Latest SS Core Cron Jobs + SS Core Bash Scripts ##########################
####################################################################################################
## now that ss-config is ready we must retrieve the latest core cron jobs and scripts ##
## download latest versions ##
wget -O /tmp/ss-functions https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-functions.txt
wget -O /tmp/ss-check https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-check.txt
## copy files to their destinations ##
cp /tmp/ss-functions /var/www/ss-functions
cp /tmp/ss-check /var/www/ss-check
## reset permissions ##
chown root:root /var/www/ss* ## must be root:root
chmod 0700 /var/www/ss* ## 0700 means root can execute
## run scripts ##
source /var/www/ss-check
source /var/www/ss-functions
####################################################################################################
#### SS-Install: Set Confold As Ubuntu Dpkg Default ################################################
####################################################################################################
## the first time you run ss-install we want to ensure that confold is dpkg default ##
## this helps to avoid overwriting module config files that SlickStack uses ##
## set confold as dpkg default (fail-safe in case apt upgrade called directly) ##
DEBIAN_FRONTEND=noninteractive dpkg --configure -a --force-confold
## update Ubuntu repo cache ##
apt update
## upgrade installed Ubuntu packages (LEMP modules) + but now Linux kernel (full-upgrade) ##
apt upgrade
####################################################################################################
#### SS-Install: Configure Ubuntu ##################################################################
####################################################################################################
## first we need to setup all users and passwords for Ubuntu and set sudo permissions ##
## this process will also set the default SSH port and disable root logins ##
## run ss-install-ubuntu-users ##
source "$PATH_SS_INSTALL_UBUNTU_USERS"
## SlickStack aims to emphasize traditional bash scripts but we still support aliases ##
## in most cases using aliases are not necessary but can help you save time ##
## run ss-install-ubuntu-bash ##
source "$PATH_SS_INSTALL_UBUNTU_BASH"
## run ss-install-ubuntu-ssh ##
source "$PATH_SS_INSTALL_UBUNTU_SSH"
## cron should be installed by default on Ubuntu but this script will install otherwise ##
## it will also install a crontab file and cron jobs from SlickStack mirrors ##
## run ss-install-ubuntu-crontab ##
source "$PATH_SS_INSTALL_UBUNTU_CRONTAB"
## run ss-install-ubuntu-swapfile ##
source "$PATH_SS_INSTALL_UBUNTU_SWAPFILE"
## run ss-install-ubuntu-utils ##
source "$PATH_SS_INSTALL_UBUNTU_UTILS"
## we save this for near last just in case the kernel gets messed up and requires fixing ##
## in SlickStack the kernel is modified to pretty much uncap all limitations ##
## run ss-install-ubuntu-kernel ##
source "$PATH_SS_INSTALL_UBUNTU_KERNEL"
####################################################################################################
#### SS-Install: Install PHP-FPM ###################################################################
####################################################################################################
## here we install the PHP-FPM module which includes OPcache for better performance ##
## FastCGI is configured to interface with Nginx using TCP (127.0.0.1:9000) ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-install-php-packages ##
source "$PATH_SS_INSTALL_PHP_PACKAGES"
## run ss-install-php-config ##
source "$PATH_SS_INSTALL_PHP_CONFIG"
fi
####################################################################################################
#### SS-Install: Install Nginx + SSL Certificates ##################################################
####################################################################################################
## the Nginx installer includes OpenSSL and Lets Encrypt generation to avoid conflicts ##
## default settings allow for very high-traffic so CloudFlare is recommended ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-install-nginx-packages ##
source "$PATH_SS_INSTALL_NGINX_PACKAGES"
## run ss-install-nginx-config ##
source "$PATH_SS_INSTALL_NGINX_CONFIG"
## run ss-install-nginx-ssl ##
# source "$PATH_SS_INSTALL_NGINX_SSL"
fi
####################################################################################################
#### SS-Install: Enable Maintenance Mode ###########################################################
####################################################################################################
## this is a nifty snippet that will put up a public maintenance page during install ##
## it helps prevent users from interacting with your website at this stage ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-maintenance-enable ##
source "$PATH_SS_MAINTENANCE_ENABLE"
fi
####################################################################################################
#### SS-Install: Install MySQL #####################################################################
####################################################################################################
## here we install MySQL server (no client) and users based on the ss-config settings ##
## root@localhost will use sockets and PHP apps will connect via 127.0.0.1 ##
## run ss-install-mysql-packages ##
source "$PATH_SS_INSTALL_MYSQL_PACKAGES"
## run ss-install-mysql-config ##
source "$PATH_SS_INSTALL_MYSQL_CONFIG"
## run ss-install-mysql-database ##
# source "$PATH_SS_INSTALL_MYSQL_DATABASE"
####################################################################################################
#### SS-Install: Install Redis #####################################################################
####################################################################################################
## Redis is only installed to enable object caching in WordPress (if plugin exists) ##
## full page caching is provided solely by Nginx FastCGI and not by Redis ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-install-redis-packages ##
source "$PATH_SS_INSTALL_REDIS_PACKAGES"
## run ss-install-redis-config ##
source "$PATH_SS_INSTALL_REDIS_CONFIG"
fi
####################################################################################################
#### SS-Install: Install Adminer ###################################################################
####################################################################################################
## should be installed after PHP-FPM and Nginx modules to ensure seamless installation ##
## Adminer (similar to phpMyAdmin) can be publicly accessed at /adminer URI ##
## run ss-install-adminer ##
source "$PATH_SS_INSTALL_ADMINER"
####################################################################################################
#### SS-Install: Install CMS (WordPress, PrestaShop, MediaWiki, Etc) ###############################
####################################################################################################
## SNIPPET: ss-install, ss-update
## this snippet fetches the latest stable version of WordPress from SlickStack mirrors ##
## major CMS releases (unpatched) are never considered stable for our purposes ##
if [[ "$SS_APP" == "wordpress" || -z "$SS_APP" ]]; then
## run ss-install-wordpress-core ##
source "$PATH_SS_INSTALL_WORDPRESS_CORE"
## here we retrieve latest wp-config.php boilerplate and customize per ss-config settings ##
## you should never make changes directly to wp-config.php in SlickStack servers ##
## run ss-install-wordpress-config ##
source "$PATH_SS_INSTALL_WORDPRESS_CONFIG"
## this will install the designated MU plugins and also Custom Functions and Object Cache ##
## with a few exceptions these can all be customized using ss-config settings ##
## run ss-install-wordpress-mu-plugins ##
source "$PATH_SS_INSTALL_WORDPRESS_MU_PLUGINS"
## run ss-install-wordpress-cli ##
source "$PATH_SS_INSTALL_WORDPRESS_CLI"
fi
## this snippet fetches the latest stable version of PrestaShop from SlickStack mirrors ##
## major CMS releases (unpatched) are never considered stable for our purposes ##
if [[ "$SS_APP" == "prestashop" ]]; then
## run ss-install-prestashop-core ##
source "$PATH_SS_INSTALL_PRESTASHOP_CORE"
## run ss-install-prestashop-config ##
source "$PATH_SS_INSTALL_PRESTASHOP_CONFIG"
fi
## this snippet fetches the latest stable version of MediaWiki from SlickStack mirrors ##
## major CMS releases (unpatched) are never considered stable for our purposes ##
if [[ "$SS_APP" == "mediawiki" ]]; then
## run ss-install-prestashop-core ##
source "$PATH_SS_INSTALL_MEDIAWIKI_CORE"
## run ss-install-prestashop-config ##
source "$PATH_SS_INSTALL_MEDIAWIKI_CONFIG"
fi
####################################################################################################
#### SS-Install: Install Rclone ########################################################
####################################################################################################
## run ss-install-rclone-packages ##
source "$PATH_SS_INSTALL_RCLONE_PACKAGES"
## run ss-install-rclone-config ##
source "$PATH_SS_INSTALL_RCLONE_CONFIG"
####################################################################################################
#### SS-Install: Install ClamAV ####################################################################
####################################################################################################
## this will install ClamAV for occassional malware logging: /var/www/logs/clamav.log ##
## keep in mind that infected files are not automatically cleaned or deleted ##
## run ss-install-clamav ##
source "$PATH_SS_INSTALL_CLAMAV"
####################################################################################################
#### SS-Install: Install UFW Firewall ##############################################################
####################################################################################################
## here we install and configure the very simple UFW Firewall that Ubuntu maintains ##
## only ports 80, 443, and your designated SSH port (22) will be allowed ##
## run ss-install-ufw-packages ##
source "$PATH_SS_INSTALL_UFW_PACKAGES"
## run ss-install-ufw-config ##
source "$PATH_SS_INSTALL_UFW_CONFIG"
####################################################################################################
#### SS-Install: Reset All Logs To NULL ############################################################
####################################################################################################
## run ss-empty-logs ##
source "$PATH_SS_EMPTY_LOGS"
####################################################################################################
#### SS-Install: Reset Permissions (All Permissions) ###############################################
####################################################################################################
## intuitively resets all file and user permissions across the entire SlickStack server ##
## depending on the CMS installed it will also reset those permissions as well ##
## run ss-perms ##
source "$PATH_SS_PERMS"
####################################################################################################
#### SS-Install: Disable Maintenance Mode ##########################################################
####################################################################################################
## run ss-maintenance-disable ##
source "$PATH_SS_MAINTENANCE_DISABLE"
####################################################################################################
#### SS-Install: Clear Caches (All Caches) #########################################################
####################################################################################################
## this clears all caches i.e. Nginx, OPcache, Redis object cache, and WP transients ##
## we run this after ss-perms and before ss-restart-modules to avoid conflicts ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-purge-nginx ##
source "$PATH_SS_PURGE_NGINX"
## run ss-purge-opcache ##
source "$PATH_SS_PURGE_OPCACHE"
## run ss-purge-redis ##
source "$PATH_SS_PURGE_REDIS"
## run ss-purge-transients ##
source "$PATH_SS_PURGE_TRANSIENTS"
fi
####################################################################################################
#### SS-Install: Restart Modules (All Modules) #####################################################
####################################################################################################
## this script is using init.d instead of systemd shortcuts to allow for absolute paths ##
## we are looking into including other snippets here such as unmasking (etc) ##
if [[ "$SS_APP" != "mysql" ]]; then
## run ss-restart-php ##
source "$PATH_SS_RESTART_PHP"
## run ss-restart-nginx ##
source "$PATH_SS_RESTART_NGINX"
## run ss-restart-redis ##
source "$PATH_SS_RESTART_REDIS"
fi
## run ss-restart-mysql ##
source "$PATH_SS_RESTART_MYSQL"
## run ss-restart-ufw ##
source "$PATH_SS_RESTART_UFW"
####################################################################################################
#### SS-Install: Run SS-Worker #########################################
####################################################################################################
## just in case any random things need to be done ##
## run ss-worker ##
source "$PATH_SS_WORKER"
####################################################################################################
#### SS-Install: Validate Crontab ##################################################################
####################################################################################################
## this is a final check to ensure the root crontab was installed properly by ss-install ##
## otherwise it will attempt to reinstall the crontab one more time here ##
## validate crontab ##
VALIDATE_CRONTAB=$(grep 'SS_EOF' /var/spool/cron/crontabs/root)
if [[ -z "$VALIDATE_CRONTAB" ]]; then
source "$PATH_SS_INSTALL_UBUNTU_CRONTAB"
fi
####################################################################################################
#### SS-Install: Display SlickStack Configuration Overview #########################################
####################################################################################################
## the shell will echo the most important ss-config settings (and beyond) currently used ##
## this allows you to easily copy/paste for your records or for your clients ##
## run ss-stack-overview ##
source "$PATH_SS_STACK_OVERVIEW"
####################################################################################################
#### SS-Install: MESSAGE (End) #####################################################################
####################################################################################################
if [[ "$SSH_KEYS" == "true" ]]; then
echo -e ""
echo -e "${YELLOW}Since you enabled SSH keys be sure to add your public key to: ${PATH_SSH_AUTHORIZED_KEYS_FILE}${NOCOLOR}"
echo -e "${YELLOW}...or simply use the default public key if you prefer (we added it already).${NOCOLOR}"
echo -e ""
fi
## confirm installation complete ##
echo -e ""
echo -e "${YELLOW}SlickStack install complete! Please note the sudo user and password above ${NOCOLOR}"
echo -e "${YELLOW}to avoid being locked out of your new server (the root user is disabled). ${NOCOLOR}"
echo -e "${YELLOW}Also, be sure to enable [Full SSL] mode in CloudFlare to avoid redirect ${NOCOLOR}"
echo -e "${YELLOW}loops (we do not recommend enabling HSTS, however). For an extra boost, ${NOCOLOR}"
echo -e "${YELLOW}use CloudFlare Page Rules to [cache all] for /wp-content/* requests, and ${NOCOLOR}"
echo -e "${YELLOW}to force-redirect (non)www domain requests too. Lastly be sure to set TLS ${NOCOLOR}"
echo -e "${YELLOW}version to 1.2+ in Cloudflare for top SSL Labs score. Cheers! ${NOCOLOR}"
echo -e ""
####################################################################################################
#### SS-Install: Cleanup Temporary Files ###########################################################
####################################################################################################
## delete tmp files ##
rm /tmp/config
rm /tmp/ss
####################################################################################################
#### SS-Install: Touch Timestamp File (End Script) #################################################
####################################################################################################
## this is a dummy timestamp file that will remember the last time this script was run ##
## it can be useful for developer reference and is sometimes used by SlickStack ##
## script timestamp ##