Wednesday, 8 April 2015

Centos 7 - install script

yum install epel-release -y
cd /
yum install -y wget mc sshpass unzip nano git
yum update -y

#disable SELINUX

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

setenforce Permissive

#change ssh port

cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)

sed -i 's/#Port 22/Port 27628/g' /etc/ssh/sshd_config
systemctl restart sshd.service
firewall-cmd --permanent --zone=public --add-port=27628/tcp
firewall-cmd --reload
firewall-cmd --permanent --zone=public --remove-port=22/tcp
firewall-cmd --reload


#install nginx

yum install nginx -y

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

sudo chkconfig --levels 235 nginx on

mkdir /var/www
chown -R nginx:nginx /var/www
mv -v /usr/share/nginx/html/ /var/www
chmod -R 0755 /var/www
#move directory to www and
#service nginx start

# Restrict access to site

 cd /etc/nginx/

printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password 

#Add  to site config:

# auth_basic "Restricted";

# auth_basic_user_file /etc/nginx/.htpasswd;

#install mySQL

yum -y install mariadb-server mariadb

sudo systemctl start mariadb

sudo mysql_secure_installation

sudo chkconfig --levels 235 mariadb on

#install  yii

yum -y php-*
yum -y install php-fpm php-mysql

sudo chkconfig --levels 235 php-fpm on

sed -i 's/;date.timezone =/date.timezone = America\/New_York/g' /etc/php.ini

sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf

service php-fpm restart

#copy your app to www, and

cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY

chown -R nginx:nginx /var/www/YOUR_APP

chmod -R 755 /var/www/YOUR_APP

chown nginx -R /var/www/YOUR_APP/web/runtime

chown nginx -R /var/www/YOUR_APP/www/assets 

#install mySQL

yum -y install mariadb-server mariadb

sudo systemctl start mariadb

sudo chkconfig --levels 235 mariadb on

sudo mysql_secure_installation

#Configure folders:

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf  /etc/nginx/sites-enabled/YOUR_APP.conf

# insert from here:

rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf

nano /etc/nginx/sites-available/YOUR_APP.conf

yum -y install php-xcache
yum -y install xcache-admin

#Pass gen:

#xcache.cacher =               On
#xcache.stat   =               On
#xcache.optimizer =            On
#copy /etc/php.d/xcache.ini

cp -avr /usr/share/xcache /var/www

chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf  /etc/nginx/sites-enabled/xcache.conf 

#copy xcache.conf config

firewall-cmd --permanent --zone=public --add-port=8091/tcp
firewall-cmd --reload

service nginx restart

#install  Zabbix client

#Attention, for  

rpm -Uvh

yum install –y zabbix zabbix-agent nano 

sed -i 's/Server= Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf

service zabbix-agent stop
service zabbix-agent start

chkconfig zabbix-agent on

#iptables -I INPUT 1 -p tcp --dport 10050 -j ACCEPT
#iptables -I INPUT 1 -p udp --dport 10050 -j ACCEPT

firewall-cmd --permanent --zone=public --add-port=10050/tcp

firewall-cmd --permanent --zone=public --add-port=10050/udp

firewall-cmd --reload

No comments:

Post a Comment