shell_sequencer/seqs/webserver.sh

#!/bin/bash

serverName="nginx"
serverPackages="nginx"
databaseName="mariadb"
databasePackages="mariadb-server mariadb-client"
phpVersion="7.3"
phpName="php${phpVersion}"
phpPackages="${phpName}-fpm ${phpName}-json ${phpName}-mysql ${phpName}-curl ${phpName}-intl ${phpName}-gd ${phpName}-zip ${phpName}-xml ${phpName}-mbstring php-imagick php-apcu"

step_1_info() { echo -e "Installation of $serverName and ${databaseName} packages:\n                $serverPackages $databasePackages"; }
step_1_alias() { ALIAS=install; }
step_1() {
  exe apt update
  exe apt install $databasePackages
  saveReturn $?
  endReturn
  exe apt install $serverPackages
  saveReturn $?
  endReturn
}

step_2_info() { echo "Basic nginx configuration for initial letsencrypt certificate creation"; }
step_2() {
  # Writing acme-challenge code snipped for certbot web root authentication
  addConf -c "$snippetLetsencrypt" "$snippetLetsencryptLoc"

  # Writing minimal default (see below)
  addConf -c "$siteDefaultIp4" "$siteDefaultLoc"

  # try fix errors on first install attempt
  # (possible missing ipv6 support on system)
  if [ $ERNO -ne 0 ] ; then
    exe apt install nginx
  fi

  # create webroot 
  exe mkdir -p "$siteLetsencryptWww"

  echo -n "Restarting Nginx ... "
  exe service nginx restart && echo "ok"
  saveReturn $?
  endReturn
}

snippetLetsencryptLoc="/etc/nginx/snippets/letsencrypt.conf"
siteLetsencryptWww="/var/www/letsencrypt"
snippetLetsencrypt="\
  location ^~ /.well-known/acme-challenge/ {
  default_type \"text/plain\";
  root ${siteLetsencryptWww};
}"
siteDefaultLoc="/etc/nginx/sites-available/default"
siteDefaultIp4="server {
listen 80 default_server;

include ${snippetLetsencryptLoc}; 
}"

step_3_info() { echo "Secure mariadb installation"; }
step_3() {
  exe mysql_secure_installation
}

step_4_info() { echo "Mariadb configuration"; }
step_4() {
  addConf -c "$mariadbConfig" "$mariadbConfigLoc"

  echo -n "Restarting mysql ... "
  exe service mysql restart && echo "ok"
}

mariadbConfigLoc="/etc/mysql/mariadb.conf.d/90-myconfig.cnf"
mariadbConfig="\
  [mysqld]
  innodb_large_prefix=on
  innodb_file_format=barracuda
  innodb_file_per_table=true

  lower_case_table_names=0

#innodb_force_recovery=6"

step_5_info() { echo -e "Installation of $phpName packages:\n                $phpPackages"; }
step_5() {
  exe apt install $phpPackages
}

phpFpmConfigLocation="/etc/php/${phpVersion}/fpm/conf.d/90-custom_pi.ini"
phpFpmConfig="\
  post_max_size=64M
  upload_max_filesize=100M
  max_execution_time=600

  apc.enable_cli=1

  date.timezone = Europe/Berlin

  opcache.enable=1
  opcache.enable_cli=1
  opcache.interned_strings_buffer=8
  opcache.max_accelerated_files=10000
  opcache.memory_consumption=128
  opcache.save_comments=1
  opcache.revalidate_freq=1"

  phpCliConfigLocation="/etc/php/${phpVersion}/cli/conf.d/90-custom_pi.ini"
  phpCliConfig="\
    date.timezone = Europe/Berlin"

  step_6_info() { echo -e "Configuration of ${phpName} fpm and cli\n"; }
  step_6() {
    addConf -c "$phpFpmConfig" "$phpFpmConfigLocation"
    addConf -c "$phpCliConfig" "$phpCliConfigLocation"

    echo -n "Restarting ${phpName} ... "
    exe service ${phpName}-fpm restart && echo "ok"
  }

step_10_info() { echo -e "Create mysql database without specific characterset\n"; }
step_10_alias() { ALIAS="createdb"; }
step_10() {
  local mysqlDatabase
  local mysqlUser
  local mysqlPass

  echo "Existing mysql databases:"
  exe mysql -u root -e 'SHOW DATABASES;'

  read -p "Enter database name: " mysqlDatabase
  endCheckEmpty mysqlDatabase "database name"
  exe mysql -u root -e 'CREATE DATABASE '$mysqlDatabase';'
  saveReturn $?
  endReturn

  echo "Existing mysql user:"
  exe mysql -u root -e 'SELECT User, Host FROM mysql.user;'
  read -p "Enter mysql user name: " mysqlUser
  endCheckEmpty mysqlDatabase "user name"

  read -s -p "Enter mysql user password: " mysqlPass
  endCheckEmpty mysqlPass "password"
  exe mysql -u root -e 'CREATE USER '"'"$mysqlUser"'"'@'"'"'localhost'"'"' IDENTIFIED BY '"'"$mysqlPass"'"';'
  saveReturn $?
  endReturn

  exe mysql -u root -e 'GRANT ALL PRIVILEGES ON '$mysqlDatabase'.* TO '"'"$mysqlUser"'"'@'"'"'localhost'"'"';'
  saveReturn $?
  endReturn

  exe mysql -u root -e 'FLUSH PRIVILEGES;'
}

step_12_info() { echo -e "Create mysql database with characterset utf8mb4\n"; }
step_12_alias() { ALIAS="createdb_utf8mb4"; }
step_12() {
  local mysqlDatabase
  local mysqlUser
  local mysqlPass

  echo "Existing mysql databases:"
  exe mysql -u root -e 'SHOW DATABASES;'

  read -p "Enter database name: " mysqlDatabase
  endCheckEmpty mysqlDatabase "database name"
  # it is recommended NOT to use utf8mb4_general_ci anymore
  exe mysql -u root -e 'CREATE DATABASE '$mysqlDatabase' CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;'
  saveReturn $?
  endReturn

  echo "Existing mysql user:"
  exe mysql -u root -e 'SELECT User, Host FROM mysql.user;'
  read -p "Enter mysql user name: " mysqlUser
  endCheckEmpty mysqlDatabase "user name"

  read -s -p "Enter mysql user password: " mysqlPass
  endCheckEmpty mysqlPass "password"
  exe mysql -u root -e 'CREATE USER '"'"$mysqlUser"'"'@'"'"'localhost'"'"' IDENTIFIED BY '"'"$mysqlPass"'"';'
  saveReturn $?
  endReturn

  exe mysql -u root -e 'GRANT ALL PRIVILEGES ON '$mysqlDatabase'.* TO '"'"$mysqlUser"'"'@'"'"'localhost'"'"';'
  saveReturn $?
  endReturn

  exe mysql -u root -e 'FLUSH PRIVILEGES;'
}

step_14_info() { echo "Backup and restore a mysql database"; }
step_14_alias() { ALIAS="backup"; }
step_14() {
  echo "Dump the existing database with:"
  echo "  mysqldump --single-transaction nextcloud_db > NextcloudBackup_DB_\`date +\"%Y%m%d\"\`.sql"
  echo
  echo "Restore with:"
  echo "  mysql -e \"DROP DATABASE nextcloud_db\""
  echo "  mysql -e \"CREATE DATABASE nextcloud_db\""
  echo "  mysql nextcloud_db < NextcloudBackup_DB_20170912.sql"
}

VERSION_SEQREV=3
. sequencer.sh