From daa7e1fc71dcf0d76330b5bc1b04f6170c54387b Mon Sep 17 00:00:00 2001 From: owanes <owain.jones@noc.ac.uk> Date: Wed, 14 Oct 2015 11:07:38 +0100 Subject: [PATCH] update install.sh --- install.sh | 46 +++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 41 insertions(+), 5 deletions(-) diff --git a/install.sh b/install.sh index 9bdd480..3a4c7b9 100644 --- a/install.sh +++ b/install.sh @@ -2,9 +2,12 @@ # Install the packages we need to set up our gliders website + backend. # This file doubles up as notes/instructions. +# Installed on a VirtualBox VM with 512mb RAM, 1 CPU, 8gb storage +# Add a second 'Host Only' network adapter to allow SSH/web connections +# from host machine. + # Based on a clean CentOS 7 minimal x64 installation # (CentOS-7-x86_64-Minimal-1503-01) -# Installed on a VirtualBox VM with 512mb RAM, 1 CPU, 8gb storage # All configuration during CentOS install process was left as defaults # Base installation chosen. # One user added: gliders, pw: gliders9876 @@ -14,7 +17,7 @@ yum check-update yum update # Install needed tools -yum install git rsync wget +yum install git rsync wget vim ansible tmux htop iotop dstat lsof ipython # And development tools (needed to compile python libs from pip) yum groupinstall "Development Tools" @@ -25,18 +28,26 @@ python -m easy_install pip pip install pandas # Install (& configure) sendmail -yum install sendmail +yum install sendmail sendmail-cf m4 +systemctl enable sendmail # Install & config MariaDB (MySQL) yum install mariadb mariadb-server +mysql_secure_installation +# ^ mariadb root pw was set to gliders9876, anon users + test db removed, +# remote root login disabled +systemctl enable mariadb # Install a relevant python ORM library # TODO: Pick one we like the most! # Big ones like SQLAlchemy? # owanes quite likes the look of https://storm.canonical.com/ :) +pip install storm # Install PHP -yum install php php-fpm php-pecl-apcu +yum install php php-fpm php-apc +cp php-fpm-www.conf /etc/php-fpm.d/www.conf +systemctl enable php-fpm # As for the webserver -- either apache or nginx... # nginx is nice and fast, apache gets better support from @@ -47,8 +58,33 @@ yum install php php-fpm php-pecl-apcu yum install epel-release # enables another software repo yum check-update yum install nginx +useradd -m gliders +gpasswd -a nginx gliders +gpasswd -a apache gliders +mkdir -p /home/gliders/www +chmod -R g+x /home/gliders +cp nginx.conf /etc/nginx/ +cp gliders.nginx.conf /etc/nginx/conf.d/ +systemctl enable nginx + +# Install fail2ban +yum install fail2ban +systemctl enable fail2ban # Allow web through the firewall firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https -firewall-cmd --reload \ No newline at end of file +firewall-cmd --permanent --zone=public --add-service=8080/tcp +firewall-cmd --reload + +# Pull glider website and glider scripts from git repos +mkdir -p /home/gliders/code +mkdir -p /home/gliders/pythonenv +cd /home/gliders/code +ssh-keygen +# Add contents of /home/gliders/.ssh/id_rsa.pub to GitLab +git clone git@gitlab.noc.soton.ac.uk:allore/Website-Scripts.git + +# Restart (needed to get firewall to open ports for web, kernel might be +# updated etc.) +reboot \ No newline at end of file -- GitLab