liwen-ubuntu-lnmp-firewall-vpn

by sunliwen
477 deployments · 61 still active · last rev. 3 years ago

Ubuntu+LNMP+Security+VPN(L2TP+IPSec)

Sometimes PPTP will be blocked and L2TP+IPSec is better.
If you don't need LNMP, you can use #7248 which will only install Security+VPN.

Compatible with: Ubuntu 14.04 LTS, Ubuntu 12.04 LTS
Includes: liwen-ubuntu-lib
						#!/bin/bash

# By Sun Liwen <sunliwen@gmail.com>
 
######
#<udf name="INSTALL_MYSQL" label="Instal MySQL?" oneOf="Yes,No">
#<udf name="MYSQL_PASSWORD" label="MySQL root password" default="">
#<udf name="NGINX_VERSION" label="Install nginx from PPA" oneOf="Yes,No" example="See https://launchpad.net/~nginx/+archive/stable">
#<udf name="SSH_PORT" label="SSH port" default="22">
#<udf name="USER_NAME" label="Unprivileged User Account" />
#<udf name="USER_PASSWORD" label="Unprivileged User Password" />
#<udf name="USER_SSHKEY" label="Public Key for User" default="" />
#<udf name="SSH_ALLOW_USERS" label="SSH Allow Users directive, leave blank if you don't know what this is" default="" />
#<udf name="ROOT_EMAIL" label="Email alias for root" />
#<udf name="HOSTNAME" label="Hostname" default="" />
#<udf name="WHICH_KERNEL" label="Use ubuntu virtual kernel?" oneOf="No,Yes" />
#<udf name="INSTALL_PHP" label="Install PHP?" oneOf="Yes,No" />
#<udf name="VPN_SERVICENAME" label="VPN Service Name" default="l2tp" example="l2tp" />
#<udf name="VPN_PSK" label="PSK" default="fuckgfw" example="fuckgfw" />
#<udf name="VPN_IPRANGE" label="IP Range" default="10.0.100" example="10.0.100" />
#<udf name="VPN_USERNAME" label="Username" />
#<udf name="VPN_PASSWORD" label="Password" />

######

set -e

source <ssinclude StackScriptID="5710">

#update system and set hostname
prep_system

#setup firewall
install_ufw

#setup standard user
configure_user

#secure ssh
configure_ssh

#setup postfix
install_postfix

if [ "$INSTALL_MYSQL" == "Yes" ]
then
#setup mysql
install_mysql
fi

if [ "$INSTALL_PHP" == "Yes" ]
then
#setup php
install_php_fpm
fi

#setup nginx
install_nginx

#install monit/munin/security tools/other tools
install_monit
install_munin
install_security
install_tools
install_vpn

#set root .profile
set_root_profile

#cleanup
cleanup

#send notification
notification_email