Plesk Onyx

by revmagi
51 deployments · 29 still active · last rev. 3 months ago

Plesk is the leading WebOps platform and Control Panel to build, secure and run websites, applications and hosting businesses.

Plesk takes only 15min to install through this simple stack script. After the installation, please go to https://your-ip-address:8443 and login with “admin” as a user and your defined password. For further post-install configuration, please refer to: https://docs.plesk.com/en-US/onyx/deployment-guide/plesk-installation-and-upgrade-on-single-server/plesk-single-server-postinstall-configuration.76454/

** DO NOT REBOOT FOR AT LEAST 30MIN as Plesk will update itself **

Compatible with: CentOS 7, Ubuntu 16.04 LTS, CentOS 6.8, Ubuntu 14.04 LTS
						#!/bin/bash

# This block defines the variables the user of the script needs to input
# when deploying using this script.
#
#
#<UDF name="hostname" label="The hostname for the new Linode.">
# HOSTNAME=
#
#<UDF name="fqdn" label="The new Linode's Fully Qualified Domain Name">
# FQDN=
#<UDF name="adminname" label="Plesk Admin Name">
# ADMINNAME=
#<UDF name="email" label="Plesk Admin Email Address">
# EMAIL=
#<UDF name="passwd" label="Plesk Admin Password">
# PASSWD=


# This sets the variable $IPADDR to the IP address the new Linode receives.
IPADDR=$(/sbin/ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://')

# This section sets the hostname.
echo $HOSTNAME > /etc/hostname
hostname -F /etc/hostname

# This section sets the Fully Qualified Domain Name (FQDN) in the hosts file.
echo $IPADDR $FQDN $HOSTNAME >> /etc/hosts

rm -Rf /etc/resolv.conf
touch /etc/resolv.conf
echo "nameserver 8.8.8.8" >> /etc/resolv.conf

################################################################################
##          Installation script for Plesk WordPress Server                    ##
################################################################################


yum -y install wget


# Edit variables for Plesk pre-configuration

passwd=$PASSWD
adminname=$ADMINNAME
hostname=$HOSTNAME
email=$EMAIL


touch /root/init.sh
echo "plesk bin init_conf --init -passwd $passwd -license_agreed true -trial_license true -hostname $hostname -email $email -name '$adminname'" >> /root/init.sh


# Plesk UI View - can be set to Service Provider View (spv) or Power User View (puv)
plesk_ui=puv

# Turn on Fail2Ban, yes or no, Keep in mind you need to provide temp license for initialization for this to work
fail2ban=yes

# Turn on http2
http2=yes

# Turn on Cloning - Set to "on" if this it to make a Golden Image, set to "off" if for remote installation
clone=off

# Test to make sure all initialization values are set



######### Do not edit below this line ###################
#########################################################

# Download Plesk AutoInstaller

echo "Downloading Plesk Auto-Installer"
wget https://installer.plesk.com/plesk-installer
echo

# Make Installed Executable

echo "Making Plesk Auto-Installer Executable"
chmod +x ./plesk-installer
echo

# Install Plesk with Required Components

echo "Starting Plesk Installation"
./plesk-installer install plesk --preset Recommended --with panel fail2ban l10n roundcube spamassassin modsecurity mod_fcgid webservers php7.1 php7.2 psa-firewall cloudflare 
echo
echo

# Initalize Plesk before Additional Configuration
# https://docs.plesk.com/en-US/onyx/cli-linux/using-command-line-utilities/init_conf-server-configuration.37843/

echo "Starting initialization process of your Plesk server"
#plesk bin init_conf --init -name $name -email $email -passwd $passwd -license_agreed true -trial_license true -hostname $hostname

sh /root/init.sh

echo



# Make sure Plesk UI and Plesk Update ports are allowed

echo "Setting Firewall to allow proper ports."
iptables -I INPUT -p tcp --dport 21 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 25 -j ACCEPT
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 110 -j ACCEPT
iptables -I INPUT -p tcp --dport 143 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p tcp --dport 465 -j ACCEPT
iptables -I INPUT -p tcp --dport 993 -j ACCEPT
iptables -I INPUT -p tcp --dport 995 -j ACCEPT
iptables -I INPUT -p tcp --dport 8443 -j ACCEPT
iptables -I INPUT -p tcp --dport 8447 -j ACCEPT
iptables -I INPUT -p tcp --dport 8880 -j ACCEPT
echo

#enable firewall
/usr/local/psa/bin/modules/firewall/settings -e
/usr/local/psa/bin/modules/firewall/settings -c


# Enable Modsecurity
# https://docs.plesk.com/en-US/onyx/administrator-guide/server-administration/web-application-firewall-modsecurity.73383/

echo "Turning on Modsecurity WAF Rules"
plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set tortix -waf-rule-set-update-period daily -waf-config-preset fast
aum configure
aum upgrade
plesk bin server_pref --update-web-app-firewall -waf-rule-engine on -waf-rule-set tortix -waf-rule-set-update-period daily -waf-config-preset fast


echo

# Enable Fail2Ban and Jails
# https://docs.plesk.com/en-US/onyx/cli-linux/using-command-line-utilities/ip_ban-ip-address-banning-fail2ban.73594/

if [ "$fail2ban" = "yes" ]; then
  echo "Configuring Fail2Ban and its Jails"
  plesk bin ip_ban --enable
  plesk bin ip_ban --enable-jails ssh
  plesk bin ip_ban --enable-jails recidive
  plesk bin ip_ban --enable-jails modsecurity
  plesk bin ip_ban --enable-jails plesk-proftpd
  plesk bin ip_ban --enable-jails plesk-postfix
  plesk bin ip_ban --enable-jails plesk-dovecot
  plesk bin ip_ban --enable-jails plesk-roundcube
  plesk bin ip_ban --enable-jails plesk-apache-badbot
  plesk bin ip_ban --enable-jails plesk-panel
  plesk bin ip_ban --enable-jails plesk-wordpress
  echo
fi

# Turn on http2
# https://docs.plesk.com/en-US/onyx/administrator-guide/web-servers/apache-and-nginx-web-servers-linux/http2-support-in-plesk.76461/

echo "turning on http2"
/usr/sbin/plesk bin http2_pref --enable


# Install Bundle Extensions
# https://docs.plesk.com/en-US/onyx/cli-linux/using-command-line-utilities/extension-extensions.71031/


echo "Installing Plesk Migration Manager"
plesk bin extension --install-url https://ext.plesk.com/packages/bebc4866-d171-45fb-91a6-4b139b8c9a1b-panel-migrator/download
plesk bin extension --install-url https://ext.plesk.com/packages/1e47ed49-bca9-46d6-8828-7d3c42a2f21b-nodejs/download
plesk bin extension --install-url https://ext.plesk.com/packages/09b5b77e-91e1-42cc-9eb4-fc70da1715d4-ruby/download
plesk bin extension --install-url https://ext.plesk.com/packages/585327df-b695-4b8f-9ade-2e9d1962d4c2-plesk-mobile/download
plesk bin extension --install-url https://ext.plesk.com/packages/1526dac1-9532-43b0-bfbe-e9e9a68f2ef1-amazon-rds-integration/download
plesk bin extension --install-url https://ext.plesk.com/packages/470269a6-5876-44f2-9af7-7f33e712b83e-joomla-toolkit/download
plesk bin extension --install-url https://ext.plesk.com/packages/2ae9cd0b-bc5c-4464-a12d-bd882c651392-xovi/download


echo  "You can now log into Plesk server with username 'admin' and the password you set."