bashclub.zamba-lxc-toolbox/src/open3a/install-service.sh

#!/bin/bash

# Authors:
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>

source /root/zamba.conf
source /root/constants-service.conf

webroot=/var/www/html

MYSQL_PASSWORD="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)"

apt update

DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq unzip sudo nginx-full mariadb-server mariadb-client php php-cli php-fpm php-mysql php-xml php-mbstring php-gd

mkdir /etc/nginx/ssl
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/open3a.key -out /etc/nginx/ssl/open3a.crt -subj "/CN=$LXC_HOSTNAME.$LXC_DOMAIN" -addext "subjectAltName=DNS:$LXC_HOSTNAME.$LXC_DOMAIN"

cat << EOF > /etc/nginx/sites-available/default
server {
    listen 80;
    listen [::]:80;
    server_name _;

    return 301 https://$LXC_HOSTNAME.$LXC_DOMAIN;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name $LXC_HOSTNAME.$LXC_DOMAIN;

    root $webroot;

    index index.php;

    ssl on;
    ssl_certificate /etc/nginx/ssl/open3a.crt;
    ssl_certificate_key /etc/nginx/ssl/open3a.key;

    location ~ .php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }
}

EOF

mysql -uroot -e "CREATE USER 'open3a'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD';
GRANT USAGE ON * . * TO 'open3a'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;
CREATE DATABASE IF NOT EXISTS open3a;
GRANT ALL PRIVILEGES ON open3a . * TO 'open3a'@'localhost';"

cd $webroot
wget https://www.open3a.de/download/open3A%203.5.zip -O $webroot/open3a.zip
unzip open3a.zip
rm open3a.zip
chmod 666 system/DBData/Installation.pfdb.php
chmod -R 777 specifics/
chmod -R 777 system/Backup
chown -R www-data:www-data $webroot

echo "sudo -u www-data /usr/bin/php $webroot/plugins/Installation/backup.php; for backup in \$(ls -r1 $webroot/system/Backup/*.gz | /bin/grep -v \$(date +%Y%m%d)); do /bin/rm \$backup;done" > /etc/cron.daily/open3a-backup
chmod +x /etc/cron.daily/open3a-backup

systemctl enable --now php7.4-fpm
systemctl restart php7.4-fpm nginx

echo -e "Your open3a installation is now complete. Please continue with setup in your Browser:\nURL:\t\thttp://$LXC_IP\nLogin:\t\tAdmin\nPassword:\tAdmin\n\nMysql-Settings:\nServer:\t\tlocalhost\nUser:\t\topen3a\nPassword:\t$MYSQL_PASSWORD\nDatabase:\topen3a"
Added open3a prototype 2021-05-13 14:16:49 +02:00			`#!/bin/bash`

			`# Authors:`
			`# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>`
			`# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>`
			`# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>`

			`source /root/zamba.conf`
			`source /root/constants-service.conf`

open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`webroot=/var/www/html`

Added open3a prototype 2021-05-13 14:16:49 +02:00			`MYSQL_PASSWORD="$(cat /dev/urandom \| tr -dc 'a-zA-Z0-9' \| fold -w 20 \| head -n 1)"`

			`apt update`

Fixed permissions on webroot, added sudo 2021-05-13 21:34:49 +02:00			`DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq unzip sudo nginx-full mariadb-server mariadb-client php php-cli php-fpm php-mysql php-xml php-mbstring php-gd`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`mkdir /etc/nginx/ssl`
			`openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/open3a.key -out /etc/nginx/ssl/open3a.crt -subj "/CN=$LXC_HOSTNAME.$LXC_DOMAIN" -addext "subjectAltName=DNS:$LXC_HOSTNAME.$LXC_DOMAIN"`

Added open3a prototype 2021-05-13 14:16:49 +02:00			`cat << EOF > /etc/nginx/sites-available/default`
			`server {`
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`listen 80;`
			`listen [::]:80;`
			`server_name _;`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`return 301 https://$LXC_HOSTNAME.$LXC_DOMAIN;`
			`}`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`
			`server_name $LXC_HOSTNAME.$LXC_DOMAIN;`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`root $webroot;`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`index index.php;`

			`ssl on;`
			`ssl_certificate /etc/nginx/ssl/open3a.crt;`
			`ssl_certificate_key /etc/nginx/ssl/open3a.key;`

			`location ~ .php$ {`
			`include snippets/fastcgi-php.conf;`
			`fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;`
			`}`
Added open3a prototype 2021-05-13 14:16:49 +02:00			`}`
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00
Added open3a prototype 2021-05-13 14:16:49 +02:00			`EOF`

			`mysql -uroot -e "CREATE USER 'open3a'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD';`
			`GRANT USAGE ON * . * TO 'open3a'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;`
			`CREATE DATABASE IF NOT EXISTS open3a;`
			`GRANT ALL PRIVILEGES ON open3a . * TO 'open3a'@'localhost';"`

open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`cd $webroot`
			`wget https://www.open3a.de/download/open3A%203.5.zip -O $webroot/open3a.zip`
Added open3a prototype 2021-05-13 14:16:49 +02:00			`unzip open3a.zip`
			`rm open3a.zip`
			`chmod 666 system/DBData/Installation.pfdb.php`
			`chmod -R 777 specifics/`
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`chmod -R 777 system/Backup`
			`chown -R www-data:www-data $webroot`
Added open3a prototype 2021-05-13 14:16:49 +02:00
open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`echo "sudo -u www-data /usr/bin/php $webroot/plugins/Installation/backup.php; for backup in \$(ls -r1 $webroot/system/Backup/*.gz \| /bin/grep -v \$(date +%Y%m%d)); do /bin/rm \$backup;done" > /etc/cron.daily/open3a-backup`
Added open3a prototype 2021-05-13 14:16:49 +02:00			`chmod +x /etc/cron.daily/open3a-backup`

open3a: migration to debian bullseye 2022-01-15 14:10:47 +01:00			`systemctl enable --now php7.4-fpm`
			`systemctl restart php7.4-fpm nginx`
Added open3a prototype 2021-05-13 14:16:49 +02:00
			`echo -e "Your open3a installation is now complete. Please continue with setup in your Browser:\nURL:\t\thttp://$LXC_IP\nLogin:\t\tAdmin\nPassword:\tAdmin\n\nMysql-Settings:\nServer:\t\tlocalhost\nUser:\t\topen3a\nPassword:\t$MYSQL_PASSWORD\nDatabase:\topen3a"`