From a945feb02f6d64df2219ea1044251a7fe2ea98fc Mon Sep 17 00:00:00 2001 From: Mateja Date: Sat, 3 Apr 2021 00:37:03 +0200 Subject: Initial commit. --- lemp | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 lemp (limited to 'lemp') diff --git a/lemp b/lemp new file mode 100644 index 0000000..967dac8 --- /dev/null +++ b/lemp @@ -0,0 +1,75 @@ +#!/usr/bin/env bash + +# Secure SSHD +# ssh-copy-id user@hostname +# PasswordAuth no + +# Update server +apt update +apt upgrade + +#Setting up firewall +ufw default deny incoming +ufw default allow outgoing +ufw default deny routed +ufw allow 22/tcp +ufw allow 80/tcp +ufw allow 443/tcp +ufw enable +systemctl enable --now ufw + +# Installing necessary packages +apt install ufw curl +apt install nginx mariadb-server php-fpm php-mysql +apt install php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip +apt install python3-certbot-nginx + +systemctl restart php7.3-fpm.service + +# Setting up Nginx +mkdir -p /var/www/example.com + +cat > /etc/nginx/sites-available/example.com << EOF +server { + listen 80; + listen [::]:80; + + root /var/www/example.com; + index index.php index.html index.htm; + + server_name example.com; + + location = /favicon.ico { log_not_found off; access_log off; } + location = /robots.txt { log_not_found off; access_log off; allow all; } + + location ~* \.(gif|jpeg|jpg|png)$ { + expires max; + log_not_found off; + } + + location / { + # try_files $uri $uri/ =404; + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ \.php$ { + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + } +} +EOF +## Test Nginx config with nginx -t +cat > /var/www/example.com/index.php << EOF + +EOF +ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/ +systemctl restart nginx + +# HTTPS +certbot --nginx -d example.com +systemctl restart nginx + +# MariaDB +mysql_secure_installation -- cgit v1.2.3