#!/bin/bash #################################################################################################### #### author: SlickStack ############################################################################ #### link: https://slickstack.io ################################################################### #### mirror: https://mirrors.slickstack.io/bash/ss-install.txt ##################################### #### path: /var/www/ss-install ##################################################################### #### destination: n/a (not a boilerplate) ########################################################## #### purpose: Reinstalls the entire SlickStack LEMP environment and all modules (idempotent) ####### #### module version: Ubuntu 22.04 LTS ############################################################## #### sourced by: n/a (wget -O ss slick.fyi && bash ss) ############################################# #### bash aliases: ss install ###################################################################### #################################################################################################### ## SS-CONFIG MUST BE PROPERLY CONFIGURED AND ON CURRENT BUILD BEFORE RUNNING SS-INSTALL ## ## ENSURE THAT YOUR SS-CONFIG BUILD REMAINS CURRENT BY RUNNING SS-UPDATE-CONFIG ## #################################################################################################### #### TABLE OF CONTENTS (SS-Install) ################################################################ #################################################################################################### ## this is a brief summary of the different code snippets you will find in this script ## ## each section should be commented so you understand what is being accomplished ## ## A. Build Version ## A. Validate SS-Functions ## C. Source SS-Config + SS-Functions (After Validated) ## D. Touch Timestamp File ## C. Verify Environment Compatibility ## D. Check For Any Undefined Options ## E. Retrieve SS-Config Boilerplate ## F. Interactive Bash Setup Wizard (SS-Config) ## G. Activate SS-Config File Generated By Wizard ## H. Retrieve SS-Check ## I. Message (Last Chance To Exit) ## J. Message (Welcome Back If SS-Config Exists) ## K. Source SS-Config (After Setup Wizard Complete) ## L. Run SS-Check ## N. Upgrade Ubuntu Packages + Linux Kernel #################################################################################################### #### A. SS-Install: Build Version ################################################################## #################################################################################################### ## this build version ensures compatibility with ss-config boilerplate (on localhost) ## ## it must match the active ss-config build otherwise installing will fail ## SS_INSTALL_BUILD="JAN2023K" #################################################################################################### #### B. SS-Install: Validate SS-Functions ########################################################## #################################################################################################### ## this attempts to restore missing or outdated ss-functions from our public mirrors ## ## we perform this check before ss-install runs and before any cron job tasks ## ## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS ## SNIPPET: ss-install, ss cron jobs ## UPDATED: 31MAY2022 ## validate ss-functions ## VALIDATE_SS_FUNCTIONS=$(grep 'SS_EOF' /var/www/ss-functions 2> /dev/null) OUTDATED_SS_FUNCTIONS=$(find "/var/www/ss-functions" -mtime 2> /dev/null) if [[ -z "${VALIDATE_SS_FUNCTIONS}" ]] || [[ -n "${OUTDATED_SS_FUNCTIONS}" ]]; then wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=30 --timeout=300 --waitretry=15 -O /tmp/ss-functions https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-functions.txt VALIDATE_TMP_SS_FUNCTIONS=$(grep 'SS_EOF' /tmp/ss-functions 2> /dev/null) if [[ -n "${VALIDATE_TMP_SS_FUNCTIONS}" ]]; then mkdir -p /var/www > /dev/null 2>&1 mv -f /tmp/ss-functions /var/www/ss-functions chown root:root /var/www/ss-functions ## must be root:root chmod 0700 /var/www/ss-functions ## 0700 means only root can execute else wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=30 --timeout=300 --waitretry=15 -O /tmp/ss-functions https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-functions.txt VALIDATE_TMP_SS_FUNCTIONS=$(grep 'SS_EOF' /tmp/ss-functions 2> /dev/null) if [[ -n "${VALIDATE_TMP_SS_FUNCTIONS}" ]]; then mkdir -p /var/www > /dev/null 2>&1 mv -f /tmp/ss-functions /var/www/ss-functions chown root:root /var/www/ss-functions ## must be root:root chmod 0700 /var/www/ss-functions ## 0700 means only root can execute else wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=30 --timeout=300 --waitretry=15 -O /tmp/ss-functions https://sourceforge.net/p/slickstack/code/ci/master/tree/bash/ss-functions.txt?format=raw mkdir -p /var/www > /dev/null 2>&1 mv -f /tmp/ss-functions /var/www/ss-functions chown root:root /var/www/ss-functions ## must be root:root chmod 0700 /var/www/ss-functions ## 0700 means only root can execute fi fi fi #################################################################################################### #### C. SS-Install: Source SS-Config + SS-Functions (After Validated) ############################## #################################################################################################### ## at this point we have restored ss-functions and ss-config may or may not exist yet ## ## so we source ss-functions at this point but conditionally source ss-config ## ## source ss-config (if exists) ## SS_CONFIG="/var/www/ss-config" test -f "${SS_CONFIG}" && source "${SS_CONFIG}" ## source ss-functions ## source /var/www/ss-functions ## BELOW THIS RELIES ON SS-CONFIG AND SS-FUNCTIONS #################################################################################################### #### D. SS-Install: Touch Timestamp File ########################################################### #################################################################################################### ## this is a dummy timestamp file that will remember the last time this script was run ## ## it can be useful for developer reference and is sometimes used by SlickStack ## ## script timestamp ## ss_touch "${TIMESTAMP_SS_INSTALL}" #################################################################################################### #### C. SS-Install: Verify Environment Compatibility ############################################### #################################################################################################### ## never run ss-install unless the build version below matches active ss-config version ## ## in case of emergencies the SlickStack team might purposefully mismatch builds ## ## verify ss-install build matches ss-config (if exists) ## if [[ -f "/var/www/ss-config" ]] && [[ "${SS_BUILD}" != "${SS_INSTALL_BUILD}" ]]; then ss_echo "${COLOR_WARN}ss-install: Please run ss-update-config and then run ss-install again... ${NOCOLOR}" exit 1 fi ## verify supported ubuntu version ## if [[ "${UBUNTU_VERSION}" != @(22.04|20.04|18.04) ]]; then ss_echo "${COLOR_WARN}Exiting ss-install: SlickStack is designed for Ubuntu LTS (but this VPS is running ${UBUNTU_VERSION})... ${NOCOLOR}" exit 1 fi ## REDUCE THIS to be like 500mb or something ## verify at least 5GB free disk space remains ## # if [[ "${SYSTEM_DISK_FREE}" -lt 5242880 ]]; then ## 10G = 10485760 / 5GB = 5242880 # ss_echo "${COLOR_WARN}Exiting ss-install: It looks like your server has less than 5GB free space available, please upgrade your server and then run ss-install again. ${NOCOLOR}" # exit 1 # fi ## very not in docker/lxc container ## if [[ -f "/.dockerenv" ]] || grep -Eq '(lxc|docker)' /proc/1/cgroup; then ss_echo "${COLOR_WARN}Exiting ss-install: It appears your server is running Docker or another container... but SlickStack requires normal Ubuntu LTS without containers. ${NOCOLOR}" exit 1 fi #################################################################################################### #### D. SS-Install: Check For Any Undefined Options ################################################ #################################################################################################### ## SNIPPET: ss-install, ss-update-config ## UPDATED: 26MAR2022 ## below snippet will warn you and exit if undefined ss-config options are found to exist ## ## this way our team can be aware of bugs and avoid implementing unwanted options ## ## snippet variables ## SS_CONFIG_OPTION_PLACEHOLDER=$(grep -c '"@' /var/www/ss-config 2> /dev/null) ## verify no placeholders exist ## if [[ -f "/var/www/ss-config" ]]; then if [[ "${SS_CONFIG_OPTION_PLACEHOLDER}" -gt 0 ]]; then ss_echo "" ss_echo "${COLOR_WARN}ss-install: Replace all "@..." placeholders in ss-config and try again... ${NOCOLOR}" ss_echo "" exit 1 fi fi #################################################################################################### #### E. SS-Install: Retrieve SS-Config Boilerplate ################################################# #################################################################################################### ## here we retrieve the ss-config boilerplate from our public mirrors to begin wizard ## ## in case the first mirror fails to validate our backup mirrors will be tried ## ss_rm "${TMP_SS_CONFIG_WIZARD}" ## retrieve ss-config boilerplate ## ss_wget "${TMP_SS_CONFIG_WIZARD}" "${MIRROR_SS_CONFIG_SAMPLE}" VALIDATE_TMP_SS_CONFIG=$(grep 'SS_EOF' /tmp/ss-config-wizard 2> /dev/null) if [[ -z "${VALIDATE_TMP_SS_CONFIG}" ]]; then ss_wget "${TMP_SS_CONFIG_WIZARD}" "${MIRROR2_SS_CONFIG_SAMPLE}" fi if [[ -z "${VALIDATE_TMP_SS_CONFIG}" ]]; then ss_wget "${TMP_SS_CONFIG_WIZARD}" "${MIRROR3_SS_CONFIG_SAMPLE}" fi #################################################################################################### #### F. SS-Install: Interactive Bash Setup Wizard (SS-Config) ###################################### #################################################################################################### ## this basic wizard will allow you to interactively setup your ss-config file options ## ## advanced users can setup ss-config before running ss-install to avoid this ## ## clear screen ## clear -x ## check build version ## SS_BUILD_CURRENT=$(source /tmp/ss-config-wizard; echo "${SS_BUILD}" 2> /dev/null) ## intro variables ## FIRST_LINE="${COLOR_INFO}#### ${LIGHTGRAY}SlickStack build: ${LIGHTGREEN}${SS_BUILD_CURRENT} ${COLOR_INFO}${FILLER}${NOCOLOR}" FIRST_LINE_TRIM=${FIRST_LINE::120} SECOND_LINE="${COLOR_INFO}#### ${LIGHTGRAY}Ubuntu (OS) version: ${LIGHTGREEN}${UBUNTU_VERSION} LTS ${COLOR_INFO}${FILLER}${NOCOLOR}" SECOND_LINE_TRIM=${SECOND_LINE::120} THIRD_LINE="${COLOR_INFO}#### ${LIGHTGRAY}Server hostname: ${LIGHTGREEN}${SYSTEM_HOSTNAME} ${COLOR_INFO}${FILLER}${NOCOLOR}" THIRD_LINE_TRIM=${THIRD_LINE::120} FOURTH_LINE="${COLOR_INFO}#### ${LIGHTGRAY}Virtualization: ${LIGHTGREEN}${SYSTEM_VIRTUAL_UPPERCASE} (for best results use KVM servers) ${COLOR_INFO}${FILLER}${NOCOLOR}" FOURTH_LINE_TRIM=${FOURTH_LINE::120} FIFTH_LINE="${COLOR_INFO}#### ${LIGHTGRAY}Disk space: ${LIGHTGREEN}${SYSTEM_DISK_FREE_EASY} free space out of ${SYSTEM_DISK_TOTAL_EASY} total space (${SYSTEM_DISK_USED_PERCENT} currently used) ${COLOR_INFO}${FILLER}${NOCOLOR}" FIFTH_LINE_TRIM=${FIFTH_LINE::120} INTRO_SWAPFILE="${COLOR_INFO}#### ${LIGHTGRAY}Swapfile: ${LIGHTGREEN}${SYSTEM_SWAP_TOTAL_FINAL} (will be installed if not exists) ${COLOR_INFO}${FILLER}${NOCOLOR}" INTRO_SWAPFILE_TRIM=${INTRO_SWAPFILE::120} INTRO_MEMORY="${COLOR_INFO}#### ${LIGHTGRAY}RAM memory (total): ${LIGHTGREEN}${SYSTEM_RAM_TOTAL} (2GB+ best for WooCommerce and such) ${COLOR_INFO}${FILLER}${NOCOLOR}" INTRO_MEMORY_TRIM=${INTRO_MEMORY::120} SIXTH_LINE="${COLOR_INFO}#### ${LIGHTGRAY}vCPU cores: ${LIGHTGREEN}${SYSTEM_CPU_CORES} core(s) ${COLOR_INFO}${FILLER}${NOCOLOR}" SIXTH_LINE_TRIM=${SIXTH_LINE::120} EIGHT_LINE="${COLOR_INFO}#### ${LIGHTGRAY}IP Address (IPv4): ${LIGHTGREEN}${SYSTEM_IPV4_ADDRESS} ${COLOR_INFO}${FILLER}${NOCOLOR}" EIGHT_LINE_TRIM=${EIGHT_LINE::120} NINE_LINE="${COLOR_INFO}#### ${LIGHTGRAY}IP Address (IPv6): ${LIGHTGREEN}${SYSTEM_IPV6_ADDRESS} ${COLOR_INFO}${FILLER}${NOCOLOR}" NINE_LINE_TRIM=${NINE_LINE::120} ss_echo "${COLOR_INFO}" cat << "EOF" ___ __ __ __ _____/ (_)____/ /_______/ /_____ ______/ /__ / ___/ / / ___/ //_/ ___/ __/ __ `/ ___/ //_/ (__ ) / / /__/ ,< (__ ) /_/ /_/ / /__/ ,< /____/_/_/\___/_/|_/____/\__/\__,_/\___/_/|_| EOF ss_echo "${COLOR_RESET}" ## if ss-config file not exists ## if [[ ! -f "/var/www/ss-config" ]]; then ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "${FIRST_LINE_TRIM}" ss_echo "${SECOND_LINE_TRIM}" ss_echo "${THIRD_LINE_TRIM}" ss_echo "${FOURTH_LINE_TRIM}" ss_echo "${FIFTH_LINE_TRIM}" ss_echo "${INTRO_MEMORY_TRIM}" ss_echo "${INTRO_SWAPFILE_TRIM}" ss_echo "${SIXTH_LINE_TRIM}" ss_echo "${EIGHT_LINE_TRIM}" ss_echo "${NINE_LINE_TRIM}" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}Welcome to SlickStack! It appears your /var/www/ss-config file has not been ${COLOR_RESET}" ss_echo "${COLOR_WARN}setup yet and/or this is a new installation. Before proceeding, please ensure ${COLOR_RESET}" ss_echo "${COLOR_WARN}that your domain is active in Cloudflare, with proxying and Full SSL enabled, ${COLOR_RESET}" ss_echo "${COLOR_WARN}and that your A records for @ and www are pointing to the IP address of this ${COLOR_RESET}" ss_echo "${COLOR_WARN}cloud server, along with staging/dev subdomains if you will use those features. ${COLOR_RESET}" ss_echo "${COLOR_WARN}If you are not ready to install SlickStack on your production site, you can ${COLOR_RESET}" ss_echo "${COLOR_WARN}install on a temporary subdomain for testing, and later change domain settings ${COLOR_RESET}" ss_echo "${COLOR_WARN}in your ss-config file (simply run ss-install again after changing it). ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}SlickStack installs both self-signed OpenSSL and Lets Encrypt certs, but uses ${COLOR_RESET}" ss_echo "${COLOR_WARN}the OpenSSL by default. If you are not using Cloudflare, be sure to change ${COLOR_RESET}" ss_echo "${COLOR_WARN}settings to the Lets Encrypt cert to avoid browser warnings. ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}Please use the below wizard to configure required options, or hit Ctrl+C to ${COLOR_RESET}" wait_time=30 # seconds temp_cnt=${wait_time} while [[ ${temp_cnt} -gt 0 ]]; do ss_print "${COLOR_WARN}\rexit and configure your ss-config file manually: ${LIGHTGRAY}%2d ${NOCOLOR}" ${temp_cnt} sleep 1 ((temp_cnt--)) done ss_echo "" ss_echo "" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "${COLOR_INFO}#### SlickStack Interactive Setup Wizard (SS-Config) ########################### ${COLOR_RESET}" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "" ## replace root password fields with random strings ## ss_sed "s/@ROOT_PASSWORD/$(openssl rand -hex 12)/g" /tmp/ss-config-wizard ss_sed "s/@DB_PASSWORD_ROOT/$(openssl rand -hex 12)/g" /tmp/ss-config-wizard ## PROMPT: choose sudo username (default = batman) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose sudo username (for SSH):" ${LIGHTGREEN})" -e -i 'batman' ss_var_sudo_user || ss_var_sudo_user=batman ss_sed "s|@SUDO_USER|${ss_var_sudo_user}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose sudo password (default = random) ## sudopass_random=$(openssl rand -hex 12) read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose sudo password (should be strong): "${LIGHTGREEN})" -e -i ${sudopass_random} ss_var_sudo_password || ss_var_sudo_password=${sudopass_random} ss_sed "s|@SUDO_PASSWORD|${ss_var_sudo_password}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable SSH keys (default = false) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable SSH keys (advanced users only): "${LIGHTGREEN})" -e -i 'false' ss_var_ssh_keys || ss_var_ssh_keys=false ss_sed "s|@SSH_KEYS|${ss_var_ssh_keys}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: restrict SSH logins to specific IP address ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Restrict SSH access to specific IP address?: "${LIGHTGREEN})" -e -i 'false' ss_restrict_ssh_ip || ss_restrict_ssh_ip=false ss_sed "s|@SSH_RESTRICT_IP|${ss_restrict_ssh_ip}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: specify the IP address for SSH login ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Which IP address for SSH logins (ignore if disabled above)?: "${LIGHTGREEN})" -e -i '192.0.2.1' ss_ipv4_ssh_allow || ss_ipv4_ssh_allow=192.0.2.1 ss_sed "s|@SSH_IPV4|${ss_ipv4_ssh_allow}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose SFTP username (default = robin) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose SFTP username (limited access): "${LIGHTGREEN})" -e -i 'robin' ss_var_sftp_user || ss_var_sftp_user=robin ss_sed "s|@SFTP_USER|${ss_var_sftp_user}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose SFTP password (default = random) ## sftp_pass_random=$(openssl rand -hex 12) read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose SFTP password (should be strong): "${LIGHTGREEN})" -e -i ${sftp_pass_random} ss_var_sftp_password || ss_var_sftp_password=${sftp_pass_random} ss_sed "s|@SFTP_PASSWORD|${ss_var_sftp_password}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose app (default = wordpress) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose app (only wordpress supported currently): "${LIGHTGREEN})" -e -i 'wordpress' ss_var_app_name || ss_var_app_name=wordpress ss_sed "s|@SS_APP|${ss_var_app_name}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose default wp theme ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose default WordPress theme: "${LIGHTGREEN})" -e -i 'hovercraft' ss_var_default_wp_theme || ss_var_default_wp_theme=hovercraft ss_sed "s|@WP_DEFAULT_THEME|${ss_var_default_wp_theme}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose language (default = en_US) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose language (only affects minor features): "${LIGHTGREEN})" -e -i 'en_US' ss_var_language || ss_var_language=en_US ss_sed "s|@SS_LANGUAGE|${ss_var_language}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable plugin blacklist (default = true) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable the WordPress plugin blacklist: "${LIGHTGREEN})" -e -i 'true' ss_var_plugin_blacklist || ss_var_plugin_blacklist=true ss_sed "s|@SS_WORDPRESS_PLUGIN_BLACKLIST|${ss_var_plugin_blacklist}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: link your pilot file (default = blank) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Link to your pilot file (leave blank if none): "${LIGHTGREEN})" -e -i '' ss_var_pilot_file || ss_var_pilot_file= ss_sed "s|@SS_PILOT_FILE|${ss_var_pilot_file}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: using a remote database (default = wordpress) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Are you using a remote database: "${LIGHTGREEN})" -e -i 'false' ss_var_database_remote || ss_var_database_remote=false ss_sed "s|@SS_DATABASE_REMOTE|${ss_var_database_remote}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable public adminer link ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Make the adminer (phpmyadmin) link public?: "${LIGHTGREEN})" -e -i 'true' ss_var_adminer_public || ss_var_adminer_public=true ss_sed "s|@SS_ADMINER_PUBLIC|${ss_var_adminer_public}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database name (default = production) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database name (single database): "${LIGHTGREEN})" -e -i 'production' ss_var_db_name || ss_var_db_name=production ss_sed "s|@DB_NAME|${ss_var_db_name}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database user (default = robin) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database user (non-root user): "${LIGHTGREEN})" -e -i 'robin' ss_var_db_user || ss_var_db_user=robin ss_sed "s|@DB_USER|${ss_var_db_user}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database user password (default = random) ## db_pass_random=$(openssl rand -hex 12) read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database user password (should be strong): "${LIGHTGREEN})" -e -i ${db_pass_random} ss_var_db_password || ss_var_db_password=${db_pass_random} ss_sed "s|@DB_PASSWORD_USER|${ss_var_db_password}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database host ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database host (e.g. IP) without port: "${LIGHTGREEN})" -e -i '127.0.0.1' ss_var_db_host || ss_var_db_host=127.0.0.1 ss_sed "s|@DB_HOST|${ss_var_db_host}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database port ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database port (3306 if using localhost): "${LIGHTGREEN})" -e -i '3306' ss_var_db_port || ss_var_db_port=3306 ss_sed "s|@DB_PORT|${ss_var_db_port}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose database prefix ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose database table prefix: "${LIGHTGREEN})" -e -i 'wp_' ss_var_db_prefix || ss_var_db_prefix=wp_ ss_sed "s|@DB_PREFIX|${ss_var_db_prefix}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose site TLD (otherwise example.com) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose site TLD (subdomains not allowed): "${LIGHTGREEN})" -e -i 'example.com' ss_var_site_tld || ss_var_site_tld=${SS_TLD} ss_sed "s|@SITE_TLD|${ss_var_site_tld}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose site domain (otherwise www.example.com) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose site domain (subdirectories not allowed): "${LIGHTGREEN})" -e -i 'www.example.com' ss_var_site_domain || ss_var_site_tld=www.${SS_TLD} ss_sed "s|@SITE_DOMAIN|${ss_var_site_domain}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable noindex server (default = false) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable site noindexing (block robots): "${LIGHTGREEN})" -e -i 'false' ss_var_site_noindex || ss_var_site_noindex=false ss_sed "s|@SITE_NOINDEX|${ss_var_site_noindex}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable WP Multisite ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable WordPress Multisite (experimental): "${LIGHTGREEN})" -e -i 'false' ss_var_wp_multisite_status || ss_var_wp_multisite_status=false ss_sed "s|@WP_MULTISITE_STATUS|${ss_var_wp_multisite_status}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable Multisite subdomains ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable subdomains for WP Multisite?: "${LIGHTGREEN})" -e -i 'true' ss_var_wp_multisite_subdomains || ss_var_wp_multisite_subdomains=true ss_sed "s|@WP_MULTISITE_SUBDOMAINS|${ss_var_wp_multisite_subdomains}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable staging site ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable staging site (subdomain): "${LIGHTGREEN})" -e -i 'false' ss_var_staging_site || ss_var_staging_site=false ss_sed "s|@STAGING_SITE_STATUS|${ss_var_staging_site}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: protect staging site ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Password protect staging site: "${LIGHTGREEN})" -e -i 'false' ss_var_staging_site_protect || ss_var_staging_site_protect=false ss_sed "s|@STAGING_SITE_PROTECT|${ss_var_staging_site_protect}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: enable dev site ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Enable dev site (subdomain): "${LIGHTGREEN})" -e -i 'false' ss_var_dev_site || ss_var_dev_site=false ss_sed "s|@DEV_SITE_STATUS|${ss_var_dev_site}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: protect dev site ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Password protect dev site: "${LIGHTGREEN})" -e -i 'false' ss_var_dev_site_protect || ss_var_dev_site_protect=false ss_sed "s|@DEV_SITE_PROTECT|${ss_var_dev_site_protect}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose guest username (default = guest) ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose guest username (to view staging/dev): "${LIGHTGREEN})" -e -i 'guest' ss_var_guest_user || ss_var_guest_user=guest ss_sed "s|@GUEST_USER|${ss_var_guest_user}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: choose guest password (default = random) ## guest_pass_random=$(openssl rand -hex 12) read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Choose guest password (easy is fine): "${LIGHTGREEN})" -e -i ${guest_pass_random} ss_var_guest_password || ss_var_guest_password=${guest_pass_random} ss_sed "s|@GUEST_PASSWORD|${ss_var_guest_password}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" ## PROMPT: which remote backups do you want ## read -t 300 -p "$(ss_echo ${LIGHTGRAY}"Which remote backups do you want? (none|rsync|rclone): "${LIGHTGREEN})" -e -i 'none' ss_var_remote_backups || ss_var_remote_backups=none ss_sed "s|@SS_REMOTE_BACKUPS|${ss_var_remote_backups}|g" /tmp/ss-config-wizard ## new line ## ss_print "${COLOR_RESET}\n" #################################################################################################### #### G. SS-Install: Activate SS-Config File Generated By Wizard #################################### #################################################################################################### ss_mkdir /var/www ss_mv "${TMP_SS_CONFIG_WIZARD}" "${PATH_SS_CONFIG}" ss_chown root:root "${PATH_SS_CONFIG}" ## must be root:root chmod 0700 "${PATH_SS_CONFIG}" ## 0700 means only root can execute #################################################################################################### #### H. SS-Install: Retrieve SS-Check ############################################################## #################################################################################################### ## now that ss-config is configured we must retrieve ss-check script to prepare for next ## ## ss-check is a critical file at this stage for both automated and manual installs ## ## download current versions ## ss_wget "${TMP_SS_CHECK}" "${MIRROR_SS_CHECK}" VALIDATE_TMP_SS_CHECK=$(grep 'SS_EOF' "${TMP_SS_CHECK}" 2> /dev/null) if [[ -z "${VALIDATE_TMP_SS_CHECK}" ]]; then ss_wget "${TMP_SS_CHECK}" "${MIRROR2_SS_CHECK}" fi VALIDATE2_TMP_SS_CHECK=$(grep 'SS_EOF' "${TMP_SS_CHECK}" 2> /dev/null) if [[ -z "${VALIDATE2_TMP_SS_CHECK}" ]]; then ss_wget "${TMP_SS_CHECK}" "${MIRROR3_SS_CHECK}" fi ## copy files to destination ## ss_mv "${TMP_SS_CHECK}" "${PATH_SS_CHECK}" ss_chown root:root /var/www/ss* ## must be root:root chmod 0700 /var/www/ss* ## 0700 means root can execute #################################################################################################### #### SS-Install: Message ##################################################### #################################################################################################### ## this is a simple message that announces to the shell the purpose of this bash script ## ## it will only be noticed by sudo users who manually call ss core bash scripts ## ## force exit if SSH keys chosen ## SSHKEYS_CHOSEN=$(source /var/www/ss-config; echo ${SSH_KEYS} 2> /dev/null) if [[ "${SSHKEYS_CHOSEN}" == "true" ]] && [[ ! -f "/var/www/auth/id_rsa.pub" ]]; then ss_echo "${YELLOW}Exiting ss-install: Please upload your /var/www/auth/id_rsa.pub file before proceeding... ${NOCOLOR}" ss_echo "${YELLOW}Alternatively SlickStack will create a new key pair for you (just run ss-install again now)... ${NOCOLOR}" fi ## force exit if thirdparty SSL chosen ## THIRDPARTY_CHOSEN=$(source /var/www/ss-config; echo ${SSL_TYPE}) if [[ "${THIRDPARTY_CHOSEN}" == "thirdparty" ]] && [[ ! -f "/var/www/certs/thirdparty.pem" || ! -f "/var/www/certs/keys/thirdparty.key" ]]; then ss_echo "${YELLOW}Exiting ss-install: Since you chose thirdparty SSL please upload your cert/key before proceeding... ${NOCOLOR}" fi #################################################################################################### #### I. SS-Install: Message (Last Chance To Exit) ################################################## #################################################################################################### ## echo message ## ss_echo "${COLOR_WARN}Your /var/www/ss-config file is now ready! Ctrl+C to exit now if you ${COLOR_RESET}" WAIT_TIME_LAST_CHANCE="15" # seconds WAIT_TIME_LAST_CHANCE_TMP="${WAIT_TIME_LAST_CHANCE}" while [[ ${WAIT_TIME_LAST_CHANCE_TMP} -gt 0 ]]; do ss_print "${COLOR_WARN}\rwant to review options before proceeding, otherwise wait... ${COLOR_RESET}%2d ${COLOR_RESET}" ${WAIT_TIME_LAST_CHANCE_TMP} sleep 1 ((WAIT_TIME_LAST_CHANCE_TMP--)) done ## begin install message ## ss_echo "" ss_echo "" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "${COLOR_INFO}#### SlickStack Automated Installation (SS-Install) ############################ ${COLOR_RESET}" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_INFO}Running ss-install... ${COLOR_RESET}" #################################################################################################### #### J. SS-Install: Message (Welcome Back If SS-Config Exists) ##################################### #################################################################################################### ## in case ss-config file already exists in the proper location we skip to installation ## ## you can run the ss-install script as many times as you want without conflicts ## else ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "${FIRST_LINE_TRIM}" ss_echo "${SECOND_LINE_TRIM}" ss_echo "${THIRD_LINE_TRIM}" ss_echo "${FOURTH_LINE_TRIM}" ss_echo "${FIFTH_LINE_TRIM}" ss_echo "${INTRO_MEMORY_TRIM}" ss_echo "${INTRO_SWAPFILE_TRIM}" ss_echo "${SIXTH_LINE_TRIM}" ss_echo "${EIGHT_LINE_TRIM}" ss_echo "${NINE_LINE_TRIM}" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_INFO}Running ss-install... ${NOCOLOR}" fi #################################################################################################### #### K. SS-Install: Source SS-Config (After Setup Wizard Complete) ################################# #################################################################################################### ## here we must source ss-config again after the setup wizard has completed generation ## ## this is different than the conditional sourcing at the top of this script ## ## source ss-config ## source /var/www/ss-config #################################################################################################### #### L. SS-Install: Run SS-Check ################################################################### #################################################################################################### ## here we run ss-check after ss-config exists so that we can continue with installation ## ## whether or not user has exited the wizard to review ss-config it should work fine ## ## source ss-check ## source "${PATH_SS_CHECK}" #################################################################################################### ##### SS-Install: Reset Permissions (SlickStack) ################################################### #################################################################################################### ## SNIPPET: ss-check, ss-install, ss-worker, ss core cron jobs ss_mkdir /var/www ss_mkdir /var/www/auth ss_mkdir /var/www/backups ss_mkdir /var/www/backups/config ss_mkdir /var/www/backups/html ss_mkdir /var/www/backups/mysql ss_mkdir /var/www/backups/mysql/data ss_mkdir /var/www/cache ss_mkdir /var/www/cache/nginx ss_mkdir /var/www/cache/opcache ss_mkdir /var/www/cache/system ss_mkdir /var/www/certs ss_mkdir /var/www/certs/keys ss_mkdir /var/www/crons ss_mkdir /var/www/crons/custom ss_mkdir /var/www/html ss_mkdir /var/www/html/.well-known ss_mkdir /var/www/html/.well-known/acme-challenge ss_mkdir /var/www/logs ss_mkdir /var/www/meta ss_mkdir /var/www/meta/timestamps ss_mkdir /var/www/sites ss_touch /var/www/meta/.htpasswd ## if staging enabled if [[ "${STAGING_SITE}" != "false" ]]; then ss_mkdir /var/www/html/staging ss_mkdir /var/www/html/staging/.well-known ss_mkdir /var/www/html/staging/.well-known/acme-challenge fi ## if dev enabled if [[ "${DEV_SITE}" != "false" ]]; then ss_mkdir /var/www/html/dev ss_mkdir /var/www/html/dev/.well-known ss_mkdir /var/www/html/dev/.well-known/acme-challenge fi ## user/group ownership ## ss_chown root:root /var/www ## must be root:root ss_chown root:root /var/www/backups ## must be root:root ss_chown root:root /var/www/backups/config ## must be root:root ss_chown root:root /var/www/backups/mysql ## must be root:root ss_chown root:root /var/www/backups/mysql/data ## must be root:root ss_chown root:root /var/www/cache/system ## must be root:root ss_chown root:root /var/www/certs ## must be root:root ss_chown root:root /var/www/certs/keys ## must be root:root ss_chown root:root /var/www/crons ## must be root:root ss_chown root:root /var/www/crons/custom ## must be root:root #################################################################################################### #### N. SS-Update-Packages: Upgrade Ubuntu Packages + Linux Kernel ################################# #################################################################################################### ## the main purpose of ss-update is to upgrade all currently installed Ubuntu packages ## ## we use apt full-upgrade (not apt-get) in order to upgrade the Linux kernel ## ## run ss-update-modules ## source "${PATH_SS_UPDATE_MODULES}" #################################################################################################### #### SS-Install: Configure Ubuntu ################################################################## #################################################################################################### ## first we need to setup all users and passwords for Ubuntu and set sudo permissions ## ## this process will also set the default SSH port and disable root logins ## ## run ss-install-ubuntu-users ## source "${PATH_SS_INSTALL_UBUNTU_USERS}" ## run ss-install-ubuntu-bash ## source "${PATH_SS_INSTALL_UBUNTU_BASH}" ## run ss-install-ubuntu-ssh ## source "${PATH_SS_INSTALL_UBUNTU_SSH}" ## run ss-install-ubuntu-crontab ## source "${PATH_SS_INSTALL_UBUNTU_CRONTAB}" ## run ss-install-ubuntu-swapfile ## source "${PATH_SS_INSTALL_UBUNTU_SWAPFILE}" ## run ss-install-ubuntu-utils ## source "${PATH_SS_INSTALL_UBUNTU_UTILS}" ## run ss-install-ubuntu-kernel ## source "${PATH_SS_INSTALL_UBUNTU_KERNEL}" #################################################################################################### #### SS-Install: Install PHP-FPM (Before Nginx) #################################################### #################################################################################################### ## here we install the PHP-FPM module which includes OPcache for better performance ## ## FastCGI is configured to interface with Nginx using TCP (127.0.0.1:9000) ## ## run ss-install-php-packages ## source "${PATH_SS_INSTALL_PHP_PACKAGES}" ## run ss-install-php-config ## source "${PATH_SS_INSTALL_PHP_CONFIG}" #################################################################################################### #### SS-Install: Install Nginx (Includes SSL Certificates) ######################################### #################################################################################################### ## the Nginx installer includes OpenSSL and Lets Encrypt generation to avoid conflicts ## ## default settings allow for very high-traffic so CloudFlare is recommended ## ## run ss-install-nginx-packages ## source "${PATH_SS_INSTALL_NGINX_PACKAGES}" ## run ss-install-nginx-config ## source "${PATH_SS_INSTALL_NGINX_CONFIG}" #################################################################################################### #### SS-Install: Enable Maintenance Mode (After SSL Certs Installed) ############################### #################################################################################################### ## this is a nifty snippet that will put up a public maintenance page during install ## ## it helps prevent users from interacting with your website at this stage ## ## run ss-maintenance-enable ## source "${PATH_SS_MAINTENANCE_ENABLE}" #################################################################################################### #### SS-Install: Install MySQL ##################################################################### #################################################################################################### ## here we install MySQL server (no client) and users based on the ss-config settings ## ## root@localhost will use sockets and PHP apps will connect via 127.0.0.1 (TCP) ## ## run ss-install-mysql-packages ## source "${PATH_SS_INSTALL_MYSQL_PACKAGES}" ## run ss-install-mysql-config ## source "${PATH_SS_INSTALL_MYSQL_CONFIG}" #################################################################################################### #### SS-Install: Install Redis ##################################################################### #################################################################################################### ## Redis is only installed to enable object caching in WordPress (if plugin exists) ## ## full page caching is provided solely by Nginx FastCGI and not by Redis ## ## run ss-install-redis-packages ## source "${PATH_SS_INSTALL_REDIS_PACKAGES}" ## run ss-install-redis-config ## source "${PATH_SS_INSTALL_REDIS_CONFIG}" #################################################################################################### #### SS-Install: Install Adminer ################################################################### #################################################################################################### ## should be installed after PHP-FPM and Nginx modules to ensure seamless installation ## ## Adminer (similar to phpMyAdmin) can be publicly accessed at /adminer URI ## ## run ss-install-adminer ## source "${PATH_SS_INSTALL_ADMINER}" #################################################################################################### #### SS-Install: Install CMS (WordPress, PrestaShop, MediaWiki, Etc) ############################### #################################################################################################### ## this snippet fetches the latest stable version of WordPress from SlickStack mirrors ## ## major CMS releases (unpatched) are never considered stable for our purposes ## if [[ "${SS_APP}" == "wordpress" ]]; then ## run ss-install-wordpress-core ## source "${PATH_SS_INSTALL_WORDPRESS_CORE}" ## run ss-install-wordpress-config ## source "${PATH_SS_INSTALL_WORDPRESS_CONFIG}" ## run ss-install-wordpress-mu-plugins ## source "${PATH_SS_INSTALL_WORDPRESS_MU_PLUGINS}" ## run ss-install-wordpress-cli ## source "${PATH_SS_INSTALL_WORDPRESS_CLI}" fi if [[ "${SS_APP}" == "prestashop" ]]; then ## run ss-install-prestashop-core ## source "${PATH_SS_INSTALL_PRESTASHOP_CORE}" ## run ss-install-prestashop-config ## source "${PATH_SS_INSTALL_PRESTASHOP_CONFIG}" fi if [[ "${SS_APP}" == "mediawiki" ]]; then ## run ss-install-prestashop-core ## source "${PATH_SS_INSTALL_MEDIAWIKI_CORE}" ## run ss-install-prestashop-config ## source "${PATH_SS_INSTALL_MEDIAWIKI_CONFIG}" fi #################################################################################################### #### SS-Install: Sync Staging Site ################################################################# #################################################################################################### ## now that everything is setup and permissions fixed we sync production to staging ## ## it will only sync files/database if staging site is enabled in ss-config ## ## run ss-sync-staging ## source "${PATH_SS_SYNC_STAGING}" #################################################################################################### #### SS-Install: Install Rclone #################################################################### #################################################################################################### ## run ss-install-rclone-packages ## source "${PATH_SS_INSTALL_RCLONE_PACKAGES}" ## run ss-install-rclone-config ## source "${PATH_SS_INSTALL_RCLONE_CONFIG}" #################################################################################################### #### SS-Install: Install ClamAV #################################################################### #################################################################################################### ## this will install ClamAV for occassional malware logging: /var/www/logs/clamav.log ## ## keep in mind that infected files are not automatically cleaned or deleted ## ## run ss-install-clamav ## source "${PATH_SS_INSTALL_CLAMAV}" #################################################################################################### #### SS-Install: Install UFW Firewall ############################################################## #################################################################################################### ## here we install and configure the very simple UFW Firewall that Ubuntu maintains ## ## only ports 80, 443, and your designated SSH port (22) will be allowed ## ## run ss-install-ufw-packages ## source "${PATH_SS_INSTALL_UFW_PACKAGES}" ## run ss-install-ufw-config ## source "${PATH_SS_INSTALL_UFW_CONFIG}" #################################################################################################### #### SS-Install: Reset All Logs To NULL ############################################################ #################################################################################################### ## run ss-empty-logs ## source "${PATH_SS_EMPTY_LOGS}" #################################################################################################### #### SS-Install: Reset Permissions (All Permissions) ############################################### #################################################################################################### ## intuitively resets all file and user permissions across the entire SlickStack server ## ## depending on the CMS installed it will also reset those permissions as well ## ## run ss-perms ## source "${PATH_SS_PERMS}" #################################################################################################### #### SS-Install: Disable Maintenance Mode ########################################################## #################################################################################################### ## since everything is now setup including perms and staging we disable maintenance ## ## for good measure we also purge all caches immediately after this snippet ## ## run ss-maintenance-disable ## source "${PATH_SS_MAINTENANCE_DISABLE}" #################################################################################################### #### SS-Install: Clear Caches (All Caches) ######################################################### #################################################################################################### ## this clears all caches i.e. Nginx, OPcache, Redis object cache, and WP transients ## ## we run this after ss-perms and before ss-restart-modules to avoid conflicts ## ## run ss-purge-nginx ## source "${PATH_SS_PURGE_NGINX}" ## run ss-purge-opcache ## source "${PATH_SS_PURGE_OPCACHE}" ## run ss-purge-redis ## source "${PATH_SS_PURGE_REDIS}" ## run ss-purge-transients ## source "${PATH_SS_PURGE_TRANSIENTS}" #################################################################################################### #### SS-Install: Restart Modules (All Modules) ##################################################### #################################################################################################### ## this script is using init.d instead of systemd shortcuts to allow for absolute paths ## ## we are looking into including other snippets here such as unmasking (etc) ## ## run ss-restart-php ## source "${PATH_SS_RESTART_PHP}" ## run ss-restart-nginx ## source "${PATH_SS_RESTART_NGINX}" ## run ss-restart-redis ## source "${PATH_SS_RESTART_REDIS}" ## run ss-restart-mysql ## source "${PATH_SS_RESTART_MYSQL}" ## run ss-restart-ufw ## source "${PATH_SS_RESTART_UFW}" #################################################################################################### #### SS-Install: Validate Crontab ################################################################## #################################################################################################### ## this is a final check to ensure the root crontab was installed properly by ss-install ## ## otherwise it will attempt to reinstall the crontab one more time here ## ## validate crontab ## VALIDATE_CRONTAB=$(ss_grep_boolean 'SS_EOF' /var/spool/cron/crontabs/root) if [[ -z "${VALIDATE_CRONTAB}" ]]; then source "${PATH_SS_INSTALL_UBUNTU_CRONTAB}" fi #################################################################################################### #### SS-Install: Run SS-Stack-Overview ############################################################# #################################################################################################### ## the shell will echo the most important ss-config settings (and beyond) currently used ## ## this allows you to easily copy/paste for your records or for your clients ## ## run ss-stack-overview ## source "${PATH_SS_STACK_OVERVIEW}" #################################################################################################### #### SS-Install: MESSAGE (End) ##################################################################### #################################################################################################### if [[ "${SSH_KEYS}" == "true" ]]; then ss_echo "" ss_echo "${COLOR_WARN}Since you enabled SSH keys be sure to add your public key to: ${PATH_SSH_AUTHORIZED_KEYS_FILE} ${COLOR_RESET}" ss_echo "${COLOR_WARN}...or simply use the default public key if you prefer (we added it already). ${COLOR_RESET}" ss_echo "" fi ## confirm installation complete ## ss_echo "" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "${COLOR_INFO}#### Congrats! SlickStack installation is now complete. ######################## ${COLOR_RESET}" ss_echo "${COLOR_INFO}################################################################################ ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}Please write down your sudo user/password, as the root user will no longer ${COLOR_RESET}" ss_echo "${COLOR_WARN}have SSH access for security reasons. The WP Admin user/password is the same ${COLOR_RESET}" ss_echo "${COLOR_WARN}as your SFTP login until otherwise changed by your team. Use the bash alias ${COLOR_RESET}" ss_echo "${COLOR_WARN}ss to save on keystrokes (type ss help for a full list of commands). If this ${COLOR_RESET}" ss_echo "${COLOR_WARN}is the first time you installed SlickStack on this server, type bash below ${COLOR_RESET}" ss_echo "${COLOR_WARN}and hit ENTER to reload this shell session and activate these shortcuts. ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}If you are using Cloudflare, you can also enable DNSSEC and HSTS on their ${COLOR_RESET}" ss_echo "${COLOR_WARN}platform for extra security (recommended). For an extra boost, set Cloudflare ${COLOR_RESET}" ss_echo "${COLOR_WARN}Page Rules for /wp-content/* requests to [cache all] and force an edge TTL ${COLOR_RESET}" ss_echo "${COLOR_WARN}of 1 month. You can also set the minimum TLS version to 1.2+ as well, which ${COLOR_RESET}" ss_echo "${COLOR_WARN}helps ensure top scores on auditing tools such as SSL Labs. ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}To run ss-install again, simply run sudo bash /var/www/ss-install or if you ${COLOR_RESET}" ss_echo "${COLOR_WARN}reloaded your shell session already ss install should also work. Running the ${COLOR_RESET}" ss_echo "${COLOR_WARN}installation again usually resolves most issues. ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_WARN}Lastly, be sure to reboot your server, esp. on Ubuntu 22.04, as there are ${COLOR_RESET}" ss_echo "${COLOR_WARN}known issues with the Linux kernel requiring a reboot after updating. To do ${COLOR_RESET}" ss_echo "${COLOR_WARN}this simply run sudo reboot now. Cheers! ${COLOR_RESET}" ss_echo "" ss_echo "${COLOR_INFO}Ctrl/Cmd + click to open --> ${LIGHTGREEN}https://${SITE_DOMAIN}/wp-login.php ${COLOR_RESET}" ss_echo "" #################################################################################################### #### PLACEHOLDER: Reset Permissions (SlickStack Scripts) ########################################### #################################################################################################### ## we include this permissions reset in all cron jobs and bash scripts for redundancy ## ## chmod 0700 means only the root/sudo users can execute any SlickStack scripts ## ## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS ## SNIPPET: ss bash scripts, ss cron jobs ## UPDATED: 02JUL2022 chown root:root /var/www/ss* ## must be root:root chown root:root /var/www/crons/*cron* ## must be root:root chown root:root /var/www/crons/custom/*cron* ## must be root:root chmod 0700 /var/www/ss* ## 0700 means only root/sudo can execute chmod 0700 /var/www/crons/*cron* ## 0700 means only root/sudo can execute chmod 0700 /var/www/crons/custom/*cron* ## 0700 means only root/sudo can execute #################################################################################################### #### SlickStack: External References Used To Improve This Script (Thanks, Interwebz) ############### #################################################################################################### ## Ref: http://wproller.com ## ## Ref: https://github.com/bjornjohansen/deploy-wp-on-vps/blob/master/deploy.sh ## ## Ref: https://github.com/sm0k3net/Useful-Scripts/blob/master/wordpress.sh ## ## Ref: https://github.com/techandme/wordpress-vm ## ## Ref: https://github.com/QROkes/webinoly ## ## Ref: https://github.com/WordOps/WordOps ## ## Ref: https://www.isicca.com/en/lemp-howto-install-nginx-php7-mariadb/ ## ## Ref: https://gist.github.com/FeChagas/54b0cdf354b197dc8e417357d7687e8b ## ## Ref: https://github.com/GeekPress/WP-Quick-Install ## ## Ref: https://github.com/bajpangosh/High-Traffic-wordpress-server-configuration ## ## Ref: https://gist.github.com/nickfox-taterli/2c283d73ba817392fb0f9f15d9cfa514 ## ## Ref: https://gist.github.com/beardedinbinary/79d7ad34f9980f0a4c23 ## ## Ref: https://www.linuxbabe.com/security/letsencrypt-webroot-tls-certificate ## Ref: https://stackoverflow.com/questions/49668542/create-a-script-that-adds-lines-of-code-to-bashrc-then-reloads-the-terminal ## Ref: https://peteris.rocks/blog/unattended-installation-of-wordpress-on-ubuntu-server/ ## Ref: https://serverfault.com/questions/783527/non-interactive-silent-install-of-mysql-5-7-on-ubuntu-16-04-lts/830352#830352 ## Ref: https://www.percona.com/blog/2016/10/18/upgrading-to-mysql-5-7-beware-of-the-new-strict-mode/ ## Ref: https://stackoverflow.com/questions/3601515/how-to-check-if-a-variable-is-set-in-bash ## Ref: https://serverfault.com/questions/773964/calculating-the-percentage-of-the-total-available-memory-on-linux-as-an-integer ## Ref: https://stackoverflow.com/questions/29271593/bash-check-for-amount-of-memory-installed-on-a-system-as-sanity-check ## Ref: https://stackoverflow.com/questions/50177216/how-to-grant-all-privileges-to-root-user-in-mysql-8-0 ## Ref: https://stackoverflow.com/questions/28118296/bash-script-is-super-slow ## Ref: https://stackoverflow.com/questions/15445361/speeding-up-bash-scripts ## Ref: https://unix.stackexchange.com/questions/67057/bash-script-optimization-of-processing-speed ## Ref: https://unix.stackexchange.com/questions/313256/why-write-an-entire-bash-script-in-functions ## Ref: http://nginx.org/en/linux_packages.html ## Ref: https://www.digitalocean.com/community/questions/nginx-stable-or-mainline-for-production-server ## Ref: https://precisionsec.com/changing-the-wordpress-site-url-using-the-mysql-command-line/ ## Ref: https://magc.co/box/notes/change-wp-urls-mysql/ ## Ref: https://wordpress.stackexchange.com/questions/281814/wordpress-multisite-redirecting-to-wp-signup-php ## Ref: https://wordpress.stackexchange.com/questions/165507/site-redirecting-to-wp-signup-php ## Ref: https://askubuntu.com/questions/86849/how-to-unzip-a-zip-file-from-the-terminal ## Ref: https://www.computerhope.com/unix/rsync.htm ## Ref: https://lowendbox.com/blog/wordpress-cheap-vps-lowendscript/ ## Ref: https://unix.stackexchange.com/questions/67057/bash-script-optimization-of-processing-speed ## Ref: http://www.los-gatos.ca.us/davidbu/faster_sh.html ## Ref: https://blog.eduonix.com/shell-scripting/learn-how-to-write-interactive-shell-scripts/ ## Ref: https://www.stefanjudis.com/today-i-learned/how-to-add-interactive-questions-to-bash-scripts/ ## Ref: https://askubuntu.com/questions/998640/bash-interactive-script ## Ref: https://ryanstutorials.net/bash-scripting-tutorial/bash-input.php ## Ref: http://www.linfo.org/clear.html ## Ref: https://gist.github.com/jonsuh/3c89c004888dfc7352be ## Ref: https://stackoverflow.com/questions/2924697/how-does-one-output-bold-text-in-bash/2924755 ## Ref: https://medium.com/@jasonrigden/cowsay-is-the-most-important-unix-like-command-ever-35abdbc22b7f ## Ref: https://stackoverflow.com/questions/37052899/what-is-the-preferred-method-to-echo-a-blank-line-in-a-shell-script ## Ref: https://tldp.org/LDP/abs/html/options.html ## Ref: https://fernandobasso.dev/shell/shell-script-input-default-values.html ## Ref: https://stackoverflow.com/questions/10735574/include-source-script-if-it-exists-in-bash ## Ref: https://scripter.co/count-down-timer-in-shell/ ## Ref: https://stackoverflow.com/questions/4332478/read-the-current-text-color-in-a-xterm/4332530#4332530 ## Ref: https://stackoverflow.com/questions/24998434/read-command-display-the-prompt-in-color-or-enable-interpretation-of-backslas ## Ref: https://stackoverflow.com/questions/714915/using-the-passwd-command-from-within-a-shell-script/715802#comment52196688_19745733 ## Ref: https://askubuntu.com/questions/1214103/how-to-automate-changing-old-password ## Ref: https://unix.stackexchange.com/questions/223965/i-cant-change-users-passwd-on-ubuntu ## Ref: https://www.tecmint.com/fix-passwd-authentication-token-manipulation-error-in-linux/ ## Ref: https://stackoverflow.com/questions/4332478/read-the-current-text-color-in-a-xterm/4332530#4332530 ## Ref: https://medium.com/@smohajer85/bash-scripting-tutorial-part-11-8ce0c17b01c1 ## Ref: https://linuxhint.com/tput-printf-and-shell-expansions-how-to-create-awesome-outputs-with-bash-scripts/ ## Ref: https://stackoverflow.com/questions/8467424/echo-newline-in-bash-prints-literal-n ## Ref: https://askubuntu.com/questions/420784/what-do-the-disabled-login-and-gecos-options-of-adduser-command-stand ## Ref: https://stackoverflow.com/questions/55822739/does-echo-userpass-usr-sbin-chpasswd-override-the-root-password ## Ref: https://stackoverflow.com/questions/8110530/check-free-disk-space-for-current-partition-in-bash ## Ref: https://unix.stackexchange.com/questions/14961/how-to-find-out-which-interface-am-i-using-for-connecting-to-the-internet ## Ref: https://unix.stackexchange.com/questions/297139/sourcing-a-file-multiple-times-in-a-bash-script ## Ref: https://stackoverflow.com/questions/23513045/how-to-check-if-a-process-is-running-inside-docker-container ## Ref: https://stackoverflow.com/questions/20010199/how-to-determine-if-a-process-runs-inside-lxc-docker ## Ref: https://unix.stackexchange.com/questions/343942/shell-check-if-docker-container-is-existing ## Ref: https://stackoverflow.com/questions/20406134/read-a-bash-variable-assignment-from-other-file ## Ref: https://unix.stackexchange.com/questions/311758/remove-specific-word-in-variable ## Ref: https://stackoverflow.com/questions/13210880/replace-one-substring-for-another-string-in-shell-script ## Ref: https://stackoverflow.com/questions/11953185/counting-the-number-of-dots-in-a-string ## Ref: https://stackoverflow.com/questions/21157435/how-can-i-compare-a-string-to-multiple-correct-values-in-bash ## Ref: https://stackoverflow.com/questions/4792434/redis-on-web-server-front-end-or-database-server-back-end ## Ref: https://blog.danslimmon.com/2019/07/15/do-nothing-scripting-the-key-to-gradual-automation/ ## Ref: https://unix.stackexchange.com/questions/148761/how-do-i-suppress-stderr-warning-messages-from-a-command-inside-command-substitu ## Ref: https://unix.stackexchange.com/questions/510614/how-can-i-store-output-in-bash-variable-and-suppress-output-to-stderr-and-stdout ## Ref: https://patorjk.com/software/taag/#p=display&f=Slant&t=slickstack ## Ref: https://stackoverflow.com/questions/25214084/cant-get-ascii-art-to-echo-to-console/25214148 ## Ref: https://superuser.com/questions/315386/how-do-i-clear-my-bash-screen-while-maintaining-scrollback ## SS_EOF