Centmin Mod Latest Beta Release (NGINX, PHP 7.+, MariaDb...)

by plant
19 deployments · 5 still active · last rev. 1 month ago

Installs:
- Centmin Mod Latest Beta with NGINX, PHP 7.+: https://centminmod.com/
- Composer
- Yarn
- Gulp
- Bower
- nodejs
- PhpMyAdmin (Latest Stable version from Github)
- NewRelic Server + APM (provide keys in StackScript)

Other stuff
- Adds your public key to authorized_keys for easy SSH authorization
- Disable SSH password authentication
- Disables Pure-FTPD
- Allows your IP for /nginx-status
- Sets Hostname and FQDN (Fully Qualified Hostname)
- Sets timezone (default 'Europe/Copenhagen')
- Allows NewRelic, DeployHQ and your IP in CSF

You can monitor the progress of the install script using
tail -f /root/stackscript.log

Compatible with: CentOS 7
						#!/bin/bash
#
# DESCRIPTION
# Linode StackScript for setting up a CentOS 7 LEMP server with Centmin Mod (PPH 7.+, Nginx, MariaDb and more. http://centminmod.com/)
# Everything in this script might not fit your bill so feel free to copy/modify to fit your needs. 
# Any suggestions and/or improvements are more than welcome.
#
# AUTHOR Jens Sogaard (@jenssog)
#
#
#
# This block defines the variables the user of the script needs to input
# when deploying using this script.
#
#
#<UDF name="hostname" label="The hostname for the new Linode.">
# HOSTNAME=
#
#<UDF name="fqdn" label="The new Linode's Fully Qualified Domain Name">
# FQDN=
#
#<UDF name="timezone" label="Timezone - 'Europe/Copenhagen'" default="Europe/Copenhagen">
# TIMEZONE=""
#
#<UDF name="yourip" label="Your IP address (for /nginx-status page)" default="67.82.240.21">
# YOURIP=""
#
#<UDF name="pmapassword" label="Htaccess password for phpmyadmin (user: pma)">
# PMAPASSWORD=""
#
#<UDF name="yourpubkeypassword" label="Your public key for SSH authentication">
# YOURPUBKEYPASSWORD=""
#
#<UDF name="newrelicserverkey" label="NewRelic Server Key">
# NEWRELICSERVERKEY=""
#
#<UDF name="newrelicapmkey" label="NewRelic APM Key (application name will be set to HOSTNAME)">
# NEWRELICAPMKEY=""
#

# Redirect output of this script to our logfile
exec &> /root/stackscript.log

# This sets the variable $IPADDR to the IP address the new Linode receives.
IPADDR=$(/sbin/ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://')

# Add public key to authorized_keys
mkdir /root/.ssh
touch /root/.ssh/authorized_keys
echo "${YOURPUBKEYPASSWORD}" >> /root/.ssh/authorized_keys

# Disable SSH password auth. The below replaces all lines with "PasswordAuthentication ...."
sed -i 's/#*PasswordAuthentication [a-zA-Z]*/PasswordAuthentication no/' /etc/ssh/sshd_config
service sshd restart

# Set timezone
timedatectl set-timezone "$TIMEZONE"

# This section sets the hostname.
echo $HOSTNAME > /etc/hostname
hostname -F /etc/hostname

# This section sets the Fully Qualified Domain Name (FQDN) in the hosts file.
echo $IPADDR $FQDN $HOSTNAME >> /etc/hosts

# This updates the packages on the system from the distribution repositories.
yum -y update

# Install Centmin Mod beta with PHP 7.+
curl -O https://centminmod.com/betainstaller7.sh && chmod 0700 betainstaller7.sh && bash betainstaller7.sh

# Install Redis: https://community.centminmod.com/threads/how-to-install-redis-server-on-centmin-mod-lemp-stack.4546/
yum -y install redis --enablerepo=remi --disableplugin=priorities
chkconfig redis on
service redis start

# Allow your IP on YOUR.FQDN.COM/nginx-status
sed -i "s/.*#allow youripaddress;.*/allow ${YOURIP}; \#Your IP/" /usr/local/nginx/conf/conf.d/virtual.conf

# Make /nginx-status display html 
# CURRENTLY BROKEN
#sed -i '/deny all/avhost_traffic_status on; \
#vhost_traffic_status_display; \
#vhost_traffic_status_display_format html;' /usr/local/nginx/conf/conf.d/virtual.conf

# Phpmyadmin (I know Centmin Mod has an addon but I prefer it this way)
cd /usr/local/nginx/html
wget https://github.com/phpmyadmin/phpmyadmin/archive/STABLE.zip
unzip STABLE.zip -d phpmyadmin
rm -f STABLE.zip
cd phpmyadmin
cp -r phpmyadmin-STABLE/* .
rm -rf phpmyadmin-STABLE
composer install

# Phpmyadmin htaccess password
/usr/local/nginx/conf/htpasswd.sh create /usr/local/nginx/conf/htpasswd_phpmyadmin pma $PMAPASSWORD

# Phpmyadmin vhost
sed -i '/location \/ {/i \
\
location \/phpmyadmin { \
auth_basic "Restricted"; \
auth_basic_user_file /usr/local/nginx/conf/htpasswd_phpmyadmin; \
include /usr/local/nginx/conf/php.conf; \
}' /usr/local/nginx/conf/conf.d/virtual.conf

# PHP Enable openbasedir
sed -i 's/#fastcgi_param PHP_ADMIN_VALUE/fastcgi_param PHP_ADMIN_VALUE/' /usr/local/nginx/conf/php.conf

# CSF Firewall
csf -a 185.22.208.0/25 deployhq
csf -a 50.31.164.0/24 newrelic
csf -a 162.247.240.0/22 newrelic
csf -a 54.252.114.170 newrelic
csf -a 54.252.114.169 newrelic
csf -a 54.251.34.67 newrelic
csf -a 54.251.109.246 newrelic
csf -a 54.248.250.232 newrelic
csf -a 54.248.225.67 newrelic
csf -a 54.247.188.179 newrelic
csf -a 54.241.22.142 newrelic
csf -a 54.232.123.139 newrelic
csf -a 54.228.244.177 newrelic
csf -a 54.214.255.205 newrelic
csf -a 50.31.164.139 newrelic
csf -a 50.18.57.7 newrelic
csf -a 50.16.189.130 newrelic
csf -a 50.112.95.211 newrelic
csf -a 184.73.237.85 newrelic
csf -a 177.71.245.207 newrelic
csf -a $YOURIP Your IP
csf -r 

# Disables Pure-ftpd
service pure-ftpd stop
chkconfig pure-ftpd off

# Install Composer
cd /tmp
sudo curl -sS https://getcomposer.org/installer | php
mv composer.phar /usr/local/bin/composer

# Install Yarn, Bower, Gulp
yum install -y gcc-c++ make
curl -sL https://rpm.nodesource.com/setup_6.x | sudo -E bash -
yum install -y nodejs
npm install -g bower
npm install -g gulp
sudo wget https://dl.yarnpkg.com/rpm/yarn.repo -O /etc/yum.repos.d/yarn.repo
sudo yum install -y yarn

# NewRelic Server monitoring
# Install the newrelic-repo package, which configures a new package repository for yum:
rpm -Uvh https://download.newrelic.com/pub/newrelic/el5/i386/newrelic-repo-5-3.noarch.rpm

# Install the Server Monitor package
yum install -y newrelic-sysmond

# Add license key to config file: (See /etc/newrelic/nrsysmond.cfg for other config options)
nrsysmond-config --set license_key=$NEWRELICSERVER

# Start the daemon
/etc/init.d/newrelic-sysmond start

# NewRelic APM
sudo rpm -Uvh http://yum.newrelic.com/pub/newrelic/el5/x86_64/newrelic-repo-5-3.noarch.rpm
sudo yum install -y newrelic-php5
export NR_INSTALL_SILENT=1
export NR_INSTALL_KEY="$NEWRELICAPMKEY"
newrelic-install purge
newrelic-install install

# Replace default app name with HOSTNAME
sed -i "s/newrelic.appname = \"PHP Application\"/newrelic.appname = \"${HOSTNAME}\"/" /etc/centminmod/php.d/newrelic.ini

# Restart PHP-fpm and Nginx
nprestart

# And we are done
echo "############ WE ARE ALL DONE ############"