Скрипт установки для Debian 10
Описание
- Автоматическая установка и обновление зависимых пакетов
- Автоматическая устанока и настройка серверов GIT, PHP 5.6, PHP-FPM, Nginx, Redis, MySQL (mariadb), RabbitMQ, Exim4
- Автоматическое конфигурирование пакетов
- Установка автоматического бекапа БД MySQL (https://github.com/Mirocow/mysql_utils.git)
- Устанока скрипта для создания сайта (https://github.com/Mirocow/site-create)
Установка
# nano debian-install.sh # bash ./debian-install.sh
В debian-install.sh вставляем ниже следующий текст и нащимаем Ctrl-x, затем y (сохраняем и выходим)
deb http://mirror.selectel.ru/debian buster main non-free contrib deb-src http://mirror.selectel.ru/debian buster main non-free contrib deb http://mirror.selectel.ru/debian-security buster/updates main contrib non-free deb-src http://mirror.selectel.ru/debian-security buster/updates main contrib non-free
#!/bin/sh distrib="buster" function info { echo " " echo -e "--> $1" echo " " } function check_result() { if [ $1 -ne 0 ]; then echo "Error: $2" exit $1 fi } function promptyn () { while true; do read -p "$1" yn case $yn in [Yy]* ) return 0;; [Nn]* ) return 1;; * ) echo "Please answer yes or no.";; esac done } function prompt () { while read -p "$1" variable && [[ -z "$variable" ]] ; do echo "$1" done echo $variable; } function installpkg() { for pkg in $@ do if [ $(dpkg-query -W -f='${Status}' $pkg 2>/dev/null | grep -c "ok installed") -eq 0 ]; then echo "Install $pkg ..." apt-get install $pkg; fi done } function set_default_value() { eval variable=\$$1 if [ -z "$variable" ]; then eval $1=$2 fi if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then eval $1=$2 fi } function h() { history| grep "$@"; } function install_elasticsearch() { VERSION=$1 es_memory='1024m' apt-get install openjdk-11-jdk rm /etc/alternatives/java ln -s /usr/lib/jvm/java-11-openjdk-amd64/bin/java /etc/alternatives/java export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 export PATH=$JAVA_HOME/bin:$PATH if [ ! -f elasticsearch-$VERSION.deb ]; then wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$VERSION.deb fi sudo dpkg -i elasticsearch-$VERSION.deb # be sure you add "action.disable_delete_all_indices" : true to the config!! info "Configuring ElasticSearch ${VERSION}" sed -i "/LimitFSIZE=infinity/a LimitMEMLOCK=infinity" /usr/lib/systemd/system/elasticsearch.service sed -i "s/#bootstrap.memory_lock: true/bootstrap.memory_lock: true/" /etc/elasticsearch/elasticsearch.yml sed -i "s/#network.host: 192.168.0.1/network.host: 0.0.0.0/" /etc/elasticsearch/elasticsearch.yml sed -i "s/#MAX_LOCKED_MEMORY=unlimited/MAX_LOCKED_MEMORY=unlimited/" /etc/default/elasticsearch sed -i "s/-Xms2g/-Xms${es_memory}/" /etc/elasticsearch/jvm.options sed -i "s/-Xmx2g/-Xmx${es_memory}/" /etc/elasticsearch/jvm.options # enabled update-rc.d elasticsearch defaults # start script service elasticsearch restart if [ -f /usr/bin/plugin ]; then rm /usr/bin/plugin fi sudo ln -s /usr/share/elasticsearch/bin/elasticsearch-plugin /usr/bin/plugin } if [ "x$(id -u)" != 'x0' ]; then check_result 1 "Script can be run executed only by root" fi apt-get update && apt-get upgrade -y installpkg apt apt-utils wget sudo nano rename debconf-utils pwgen mailutils curl dirmngr -y default_pass=$(pwgen -s 18 1 -n -c -s -y) hostname=$(prompt "Enter the Internet domain name (e.g. nixcraft.com) : "); if promptyn "Do you wish to install default programs? [mc, git, etc] " ; then info "Install default programs"; installpkg mc git mercurial bash-completion bzip2 numactl dnsutils -y fi if promptyn "Do you wish to install developers programs? [gcc, g++, etc] "; then info "Install development soft"; installpkg checkinstall gcc build-essential g++ libboost-dev libboost-program-options-dev libboost-all-dev libevent-dev uuid-dev clang cmake -y fi if promptyn "Do you wish to install system monitors? [htop, iptraf] "; then info "Install system monitors"; installpkg htop iptraf jnettop iftop -y fi if promptyn "Do you wish to uninstall systemd and install systemv? "; then installpkg sysvinit-core sysvinit-utils -y cp /usr/share/sysvinit/inittab /etc/inittab fi if promptyn "Do you wish to install FTP Server (PRO-Ftpd)? "; then installpkg proftpd -y fi if promptyn "Do you wish to install MySql? "; then installpkg software-properties-common -y if promptyn "Do you wish to install MySql (Percona) (y) or Mariadb (n)?"; then apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db echo " # Percona #deb http://repo.percona.com/apt ${distrib} testing #deb-src http://repo.percona.com/apt ${distrib} testing " > /etc/apt/sources.list.d/mysql.list apt-get update installpkg percona-server-server-5.7 percona-server-client-5.7 percona-server-common-5.7 percona-toolkit -y sevice mysql start check_result $? "mysql start failed" info "[client]\npassword='$f'\n" > /root/.my.cnf chmod 600 /root/.my.cnf mysql -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${default_pass}');" mysql -e "UPDATE mysql.user SET plugin = '' WHERE user = 'root' AND host = 'localhost';" mysql -e "DELETE FROM mysql.user WHERE User=''" mysql -e "DROP DATABASE test" >/dev/null 2>&1 mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" mysql -e "FLUSH PRIVILEGES" info "Install MySQL (Percona)" update-rc.d mysql defaults set_default_value 'mysql' 'true' else # for sid apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8 # for jessie apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db echo " # MariaDB 10.1 repository list - created 2016-08-05 19:23 UTC # http://downloads.mariadb.org/mariadb/repositories/ deb [arch=amd64,i386] http://mirror.timeweb.ru/mariadb/repo/10.1/debian ${distrib} main deb-src http://mirror.timeweb.ru/mariadb/repo/10.1/debian ${distrib} main " > /etc/apt/sources.list.d/mysql.list apt-get update installpkg mariadb-server mariadb-client mariadb-common --allow-unauthenticated service mysql start check_result $? "mysql start failed" info "[client]\npassword='${default_pass}'\n" > /root/.my.cnf chmod 600 /root/.my.cnf mysql -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${default_pass}');" mysql -e "UPDATE mysql.user SET plugin = '' WHERE user = 'root' AND host = 'localhost';" mysql -e "DELETE FROM mysql.user WHERE User=''" mysql -e "DROP DATABASE test" >/dev/null 2>&1 mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" mysql -e "FLUSH PRIVILEGES" info "Install MySQL (Mariadb)" update-rc.d mysql defaults set_default_value 'mysql' 'true' fi fi if promptyn "Do you wish to install PostgreSql? "; then installpkg postgresql-9.6 postgresql-contrib-9.6 -y echo "ALTER USER postgres WITH ENCRYPTED PASSWORD '${default_pass}';" |sudo -u postgres psql echo " local all postgres md5 " >> /etc/postgresql/9.6/main/pg_hba.conf service postgresql restart fi if promptyn "Do you wish to install Nginx? "; then wget -q http://nginx.org/keys/nginx_signing.key -O- | apt-key add - echo " # nginx deb http://nginx.org/packages/debian ${distrib} nginx deb-src http://nginx.org/packages/debian ${distrib} nginx " > /etc/apt/sources.list.d/nginx.list apt-get update service nginx stop > /dev/null 2>&1 installpkg nginx -y service nginx start check_result $? "nginx start failed" info "Install Nginx" update-rc.d nginx defaults set_default_value 'nginx' 'true' fi if promptyn "Do you wish to install PHP-FPM? "; then wget -q http://www.dotdeb.org/dotdeb.gpg -O- | apt-key add - php_ver=$(prompt "Please select php version like 5, 7.0, 7.1, 7.2, 7.3: ") echo " # php-fpm dotdeb deb http://packages.dotdeb.org ${distrib} all deb-src http://packages.dotdeb.org ${distrib} all " > /etc/apt/sources.list.d/php-fpm.list apt-get update service php${php_ver}-fpm stop >/dev/null 2>&1 if [ "$php_ver" == 5 ]; then installpkg -u -t stable php${php_ver} php${php_ver}-dev php${php_ver}-sqlite php${php_ver}-mcrypt php${php_ver}-xsl php${php_ver}-cli php${php_ver}-common php${php_ver}-mysql php${php_ver}-gd php${php_ver}-fpm php${php_ver}-cgi php-pear php${php_ver}-curl php${php_ver}-pgsql php${php_ver}-mbstring -y else installpkg -u -t stable php${php_ver} php${php_ver}-dev php${php_ver}-sqlite php${php_ver}-mcrypt php${php_ver}-xsl php${php_ver}-cli php${php_ver}-common php${php_ver}-mysql php${php_ver}-gd php${php_ver}-fpm php${php_ver}-cgi php-pear php${php_ver}-curl php${php_ver}-redis php${php_ver}-pgsql php${php_ver}-mbstring -y fi echo "cgi.fix_pathinfo = 0" >> /etc/php/${php_ver}/fpm/php.ini service php${php_ver}-fpm start check_result $? "php${php_ver}-fpm start failed" info "Install PHP-FPM" update-rc.d php${php_ver}-fpm defaults set_default_value "php${php_ver}-fpm" 'true' curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer fi if promptyn "Do you wish to install RabbitMQ? "; then wget -q http://packages.erlang-solutions.com/debian/erlang_solutions.asc -O- | apt-key add - wget -q https://www.rabbitmq.com/rabbitmq-signing-key-public.asc -O- | apt-key add - echo " # Erlang deb http://packages.erlang-solutions.com/debian ${distrib} contrib # RabbitMq deb http://www.rabbitmq.com/debian/ testing main " > /etc/apt/sources.list.d/rabbitmq.list apt-get update service rabbitmq-server start installpkg rabbitmq-server -y check_result $? "rabbitmq-server start failed" info "Install RabbitMQ" update-rc.d rabbitmq-server defaults set_default_value 'rabbitmq-server' 'true' fi if promptyn "Do you wish to install Redis server? "; then installpkg redis-server -y service redis-server start check_result $? "redis-server start failed" info "Install Redis" update-rc.d redis-server defaults set_default_value 'redis-server' 'true' fi if promptyn "Do you wish to install Elasticsearch server? "; then info "Elasticsearch versions you can see here: https://github.com/elastic/elasticsearch" elasticsearch_ver=$(prompt "Please select Elasticsearch version like 5.6.4, 5.6.6, 5.6.16, 6.1.1: ") install_elasticsearch $elasticsearch_ver fi if promptyn "Do you wish to install DNS server? "; then if promptyn "Do you wish to install bind (y) or pdns (n) server?"; then installpkg bind9 bind9utils bind9-libs -y service bind9 start info "Install DNS Server" set_default_value 'bind' 'true' else installpkg pdns-server pdns-backend-mysql pdns-recursor -y info "Install DNS Server" set_default_value 'pdns' 'true' fi fi if promptyn "Do you wish to install Shorewall? "; then installpkg shorewall -y fi if promptyn "Do you wish to install Postfix/Exim4? "; then installpkg exim4-daemon-heavy mailutils -y service exim4 stop > /dev/null 2>&1 gpasswd -a Debian-exim mail touch /etc/exim4/exim4.conf.template touch /etc/exim4/dnsbl.conf touch /etc/exim4/spam-blocks.conf touch /etc/exim4/white-blocks.conf chmod 640 /etc/exim4/exim4.conf.template rm -rf /etc/exim4/domains mkdir -p /etc/exim4/domains rm -f /etc/alternatives/mta ln -s /usr/sbin/exim4 /etc/alternatives/mta service sendmail stop > /dev/null 2>&1 service postfix stop > /dev/null 2>&1 service exim4 start check_result $? "exim4 start failed" update-rc.d exim4 defaults set_default_value 'exim' 'true' dpkg-reconfigure exim4-config fi if promptyn "Do you wish to install Dovecot? "; then gpasswd -a dovecot mail chown -R root:root /etc/dovecot* service dovecot stop > /dev/null 2>&1 installpkg dovecot-imapd dovecot-pop3d dovecot-common -y service dovecot start check_result $? "dovecot start failed" update-rc.d dovecot defaults set_default_value 'dovecot' 'true' fi if promptyn "Do you wish to install fail2ban? "; then installpkg fail2ban -y if [ "$exim" = 'no' ]; then fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local fi update-rc.d fail2ban defaults service fail2ban start check_result $? "fail2ban start failed" fi if promptyn "Do you wish to install Mysql backup system? "; then info "Install MySql backup system"; apt-get update installpkg git -y git clone https://github.com/Mirocow/mysql_utils.git /root/mysql_utils echo ' # Run MySql backup system 25 6 * * * root /bin/bash ~/mysql_utils/backup.sh --dir="/var/backups/mysql" --compress=bzip2 --exclude="mysql" --lifetime="3 day ago" ' >> /etc/crontab fi if promptyn "Do you wish to install create site script? "; then info "Install create site scriptm"; wget https://raw.githubusercontent.com/Mirocow/site-create/master/site-create.sh -O /root/site-create.sh fi rm /var/cache/apt/archives/*.deb -f if promptyn "Do you wish to set default shell settings? "; then info "Base system configure" echo ' ' >> ~/.bashrc source ~/.bashrc echo ' set tabsize "2" ' >> ~/.nanorc fi apt-get autoremove -y