forked from EvilTopHat/Wordpress_Diode_Setup
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup.sh
159 lines (141 loc) · 5.86 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
#!/bin/bash
echo "script must be run as root"
echo "if prompted press accept the qustions in the prompts to continue"
#genearte passwords
wordpress_user_admin="`openssl rand -hex 10`"
mysql_pass="`openssl rand -hex 64`"
mysql_user_pass="`openssl rand -hex 64`"
cd ~/
echo "installation and software passwords" > passwords.txt
echo "wordpress_admin_password=$wordpress_user_admin" >> passwords.txt
echo "mysql_root=$mysql_pass" >> passwords.txt
echo "mysql_wordpress=$mysql_user_pass" >> passwords.txt
#setup firewall to block all but ssh
ufw allow ssh
ufw --force enable
#update software
apt-get update && apt-get upgrade -y
#setup automatic updates TODO test
#apt-get install unattended-upgrades
#systemctl enable unattended-upgrades #should already be enabled but this line is just for double chekcing
#install packages
#https://ubuntu.com/tutorials/install-and-configure-wordpress#2-install-dependencies
apt-get install apache2 \
unzip \
ghostscript \
libapache2-mod-php \
mariadb-server \
php \
php-bcmath \
php-curl \
php-imagick \
php-intl \
php-json \
php-mbstring \
php-mysql \
php-xml \
php-zip -y
#install wordpress
mkdir -p /srv/www
chown www-data: /srv/www
curl https://wordpress.org/latest.tar.gz | sudo -u www-data tar zx -C /srv/www
#Configure Apache for WordPress
echo "<VirtualHost *:80>
DocumentRoot /srv/www/wordpress
<Directory /srv/www/wordpress>
Options FollowSymLinks
AllowOverride Limit Options FileInfo
DirectoryIndex index.php
Require all granted
</Directory>
<Directory /srv/www/wordpress/wp-content>
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>" > /etc/apache2/sites-available/wordpress.conf
#Enable the site
a2ensite wordpress
a2enmod rewrite
a2dissite 000-default
systemctl reload apache2
systemctl restart apache2
#start mysql and run secure script
systemctl start mariadb.service
mysql_secure_installation <<EOF
y
$mysql_pass
$mysql_pass
y
y
y
y
y
EOF
mysql --user="root" --password="$mysql_pass" --execute="CREATE DATABASE wordpress;"
mysql --user="root" --password="$mysql_pass" --execute="CREATE USER wordpress@localhost IDENTIFIED BY '$mysql_user_pass';"
mysql --user="root" --password="$mysql_pass" --execute="GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER ON wordpress.* TO wordpress@localhost;"
mysql --user="root" --password="$mysql_pass" --execute="FLUSH PRIVILEGES;"
#configure wordpress config
sudo -u www-data cp /srv/www/wordpress/wp-config-sample.php /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/database_name_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/username_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i -e "s/password_here/${mysql_user_pass}/g" /srv/www/wordpress/wp-config.php
wget -O /tmp/wp.keys https://api.wordpress.org/secret-key/1.1/salt/
sed -i "s/.*AUTH_KEY.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*SECURE_AUTH_KEY.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*LOGGED_IN_KEY.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*NONCE_KEY.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*AUTH_SALT.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*SECURE_AUTH_SALT.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*LOGGED_IN_SALT.*//" /srv/www/wordpress/wp-config.php
sed -i "s/.*NONCE_SALT.*/begin_insert_here/" /srv/www/wordpress/wp-config.php
sed -i '/begin_insert_here/r /tmp/wp.keys' /srv/www/wordpress/wp-config.php
sed -i "s/begin_insert_here//" /srv/www/wordpress/wp-config.php
rm /tmp/wp.keys
#ensure diode script deps
apt install unzip
#install diode and publish new site
curl -Ssf https://diode.io/install.sh | sh
export PATH=/root/opt/diode:$PATH
diode_address=`diode config 2>&1 | awk '/<address>/ { print $(NF) }'`
#install wordpress cli
wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/bin/wp
chmod +x /usr/bin/wp
#finish installation
wp core install --allow-root --path="/srv/www/wordpress" --title="wordpress diode" --url="http://${diode_address}.diode.link" --admin_email="admin@localhost.com" --admin_password="$wordpress_user_admin" --admin_user="admin"
#install plugins and theme
wp plugin install wp-fail2ban --allow-root --path="/srv/www/wordpress"
wp plugin activate wp-fail2ban --allow-root --path="/srv/www/wordpress"
wp plugin install relative-url --allow-root --path="/srv/www/wordpress"
wp plugin activate relative-url --allow-root --path="/srv/www/wordpress"
wp theme install --allow-root --path="/srv/www/wordpress" https://github.com/DiscipleTools/disciple-tools-theme/releases/latest/download/disciple-tools-theme.zip
wp theme activate --allow-root --path="/srv/www/wordpress" disciple-tools-theme
chown -Rf www-data.www-data /srv/www
#cp /etc/skel/.bashrc /root
#start diode CLI
echo "Starting http://${diode_address}.diode.link"
#Configure systemd for diode
echo "# Can be put into /etc/systemd/system/
[Unit]
Description=Diode blockchain network client
[Service]
Type=simple
ExecStart=/root/opt/diode/diode publish -public 80:80
Restart=always
RuntimeMaxSec=14400
ExecStartPre=/bin/sleep 60
User=root
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/diode.service
#Enable diode
systemctl enable diode
echo "Starting Diode - 60 second delay..."
systemctl start diode
systemctl status diode
echo "Done setting up the Diode CLI - it is now persistent on this system"
echo "You can type 'systemctl status diode' to get status on the Diode CLI in the future"
#display login instructions
echo "wordpress url is http://${diode_address}.diode.link"
echo "log into wordpress with the user name admin"
echo "and the password $wordpress_user_admin"
echo "remember to change the password and save it in a password manager"