-
Notifications
You must be signed in to change notification settings - Fork 3
/
lamp-server.sh
executable file
·158 lines (124 loc) · 4.18 KB
/
lamp-server.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
#!/bin/bash
#
# Setup LAMP Server
#
# Assumes the host is clean unconfigured CentOS 6 / EL 6 derivatives (inc Amazon Linux AMI). Should be idempotent.
#
# Adlibre Pty Ltd 2012
#
## Configuration
ROOT_PASS_FILE='/etc/mysql_root_password'
SERVER_NAME=`hostname -d`
WWW_ROOT="/srv/www/${SERVER_NAME}"
USER='wwwpub'
## Constants
LOGFILE='install.log'
echo "### Beginning Install ###"
( # Start log capture
## Start
# Set password if not already exist
if [ ! -f ${ROOT_PASS_FILE} ]; then
DB_ROOT_PASS=`tr -cd "[:alnum:]" < /dev/urandom | head -c 10` # 10 char random password
touch ${ROOT_PASS_FILE}
chmod 600 ${ROOT_PASS_FILE}
echo ${DB_ROOT_PASS} > ${ROOT_PASS_FILE}
DB_ROOT_PASS_CURRENT=''
else
DB_ROOT_PASS=`cat ${ROOT_PASS_FILE}`
DB_ROOT_PASS_CURRENT=$DB_ROOT_PASS # Assume it was changed after install
fi
# Install base packages
yum -y install mysql-server
yum -y install php php-gd php-mcrypt php-pdo php-xml php-mysql httpd mod_ssl
# turn on services
chkconfig mysqld on
chkconfig httpd on
# Configure MySQL
service mysqld restart
# **sigh** http://bugs.mysql.com/bug.php?id=53796
yum -y install expect
# Use temp file for expect script (won't terminate when run from sub shell)
cat > /tmp/$$.expect << EOF
spawn /usr/bin/mysql_secure_installation
expect "Enter current password for root (enter for none):"
send "${DB_ROOT_PASS_CURRENT}\r"
expect -re "Set root password?|Change the root password?"
send "Y\r"
expect "New password:"
send "${DB_ROOT_PASS}\r"
expect "Re-enter new password:"
send "${DB_ROOT_PASS}\r"
expect "Remove anonymous users?"
send "Y\r"
expect "Disallow root login remotely?"
send "Y\r"
expect "Remove test database and access to it?"
send "Y\r"
expect "Reload privilege tables now?"
send "Y\r"
expect "Thanks for using MySQL!"
puts "Ended expect script."
expect eof
exit
EOF
expect /tmp/$$.expect
rm -f /tmp/$$.expect
# Configure MySQL
cp -n /etc/my.cnf /etc/my.cnf.orig # backup
# TODO: This config needs some generalisation. And should configure it's size based on host memory setting.
cat > /etc/my.cnf << EOF
# The MySQL server configuration
[mysqld]
datadir = /var/lib/mysql
port = 3306
socket = /var/lib/mysql/mysql.sock
user = mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links = 0
key_buffer_size = 256M
max_allowed_packet = 8M
table_open_cache = 512
sort_buffer_size = 2M
read_buffer_size = 2M
read_rnd_buffer_size = 8M
myisam_sort_buffer_size = 64M
thread_cache_size = 8
query_cache_size = 32M
# Important if you have lots of tables
table_cache = 4096
table_definition_cache = 4096
[mysqld_safe]
log-error = /var/log/mysqld.log
pid-file = /var/run/mysqld/mysqld.pid
EOF
# Configure PHP
cp -n /etc/php.ini /etc/php.ini.orig # backup
sed -i -e "s@^short_open_tag.*@short_open_tag = On@g" /etc/php.ini # Some plugins need this
sed -i -e "s@^zlib.output_compression.*@zlib.output_compression = On@g" /etc/php.ini # Turn this off if Apache is handing compression
sed -i -e "s@^post_max_size.*@post_max_size = 32M@g" /etc/php.ini # Allow for 32M Upload
sed -i -e "s@^upload_max_filesize.*@upload_max_filesize = 32M@g" /etc/php.ini # Allow for 32M Upload
# Setup web root / site
mkdir -p ${WWW_ROOT}
adduser -d ${WWW_ROOT} -M ${USER}
# Configure Apache
cp -n /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.orig # backup
sed -i -e "s@^ServerTokens.*@ServerTokens Prod@g" /etc/httpd/conf/httpd.conf
sed -i -e "s@^KeepAlive Off@KeepAlive On@g" /etc/httpd/conf/httpd.conf
sed -i -e "s@^KeepAliveTimeout .*@KeepAliveTimeout 5@g" /etc/httpd/conf/httpd.conf
sed -i -e "s@^#NameVirtualHost \*:80@NameVirtualHost \*:80@g" /etc/httpd/conf/httpd.conf # enable name based vhosts
cat > /etc/httpd/conf.d/${SERVER_NAME}.conf << EOF
#
# ${SERVER_NAME}
#
<VirtualHost *:80>
ServerAdmin web-admin@${SERVER_NAME}
ServerName ${SERVER_NAME}
DocumentRoot ${WWW_ROOT}
# Add additional config here
</VirtualHost>
EOF
# Start / Restart
service mysqld restart
service httpd restart
) 2>&1 1>> ${LOGFILE} | tee -a ${LOGFILE} # stderr to console, stdout&stderr to logfile
echo "### Install Complete ###"