615 lines
20 KiB
Bash
Executable File
615 lines
20 KiB
Bash
Executable File
#!/bin/bash
|
|
# VERSION 1.6.4-23.08,2923
|
|
DAPOSTINSTALL_DIR=/opt/dapostinstall
|
|
DADIR=/usr/local/directadmin
|
|
CBDIR=/usr/local/directadmin/custombuild
|
|
LOG_FILE=/var/log/dapostinstall.log
|
|
HTLINK="https://ht.zenadmin.pl"
|
|
exec > >(tee -ia "$LOG_FILE") 2>&1
|
|
cd $DAPOSTINSTALL_DIR
|
|
yum -y install htop wget rsync nano mc ncdu borgbackup
|
|
wget $HTLINK//daupdate.sh -O /opt/daupdate.sh
|
|
chmod 700 /opt/daupdate.sh
|
|
cd /opt/
|
|
sh daupdate.sh update
|
|
cd $DAPOSTINSTALL_DIR
|
|
yum -y install epel-release
|
|
clear
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Blokada logowania roota hasłem"
|
|
sed -i '/PermitRootLogin yes/s/^#//g' /etc/ssh/sshd_config
|
|
sed -i "s/PermitRootLogin yes/PermitRootLogin without-password/g" /etc/ssh/sshd_config
|
|
|
|
echo "Poprawa locale"
|
|
dnf install -y glibc-all-langpacks langpacks-pl glibc-langpack-pl shuf
|
|
localectl set-locale LANG=pl_PL.utf8
|
|
|
|
echo "Tworzenie domyslnego pakietu"
|
|
mkdir -p $DADIR/data/users/admin/packages/
|
|
mkdir -p $DADIR/data/users/admin/packages
|
|
\cp -r NO-LIMIT.pkg $DADIR/data/users/admin/packages
|
|
chmod 600 $DADIR/data/users/admin/packages.list
|
|
echo "NO-LIMIT" > $DADIR/data/users/admin/packages.list
|
|
chown -R diradmin:diradmin $DADIR/data/users/admin/packages*
|
|
echo "Instalacja spolszczenia DirectAdmina"
|
|
echo "language=pl" >> $DADIR/conf/directadmin.conf
|
|
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/user.conf
|
|
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/user.conf
|
|
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/packages/NO-LIMIT.pkg
|
|
sed -i 's/Your reseller account is now ready for use./Twoje konto resellera o loginie |username| zostało utworzone I jest gotowe do użycia./gI' $DADIR/data/admin/admin.conf
|
|
sed -i 's/Your administrator account is now ready for use./Twoje konto administratora o loginie |username| zostało utworzone i jest gotowe do użycia./gI' $DADIR/data/admin/admin.conf
|
|
sed -i 's/Your account for |domain| is now ready for use./Twoje konto użytkownika o loginie |username| w domenie |domain| zostało utworzone i jest gotowe do użycia./gI' $DADIR/data/users/admin/reseller.conf
|
|
|
|
|
|
echo "Instalacja spolszczenia dla skórki enhanced"
|
|
|
|
tar -xvf spolszczenie_enhanced.tar.gz
|
|
cp -Rfp spolszczenie_enhanced/pl $DADIR/data/skins/enhanced/lang/
|
|
cp -Rfp spolszczenie_enhanced/templates/* $DADIR/data/templates/
|
|
cp -f spolszczenie_enhanced/a_welcome.txt $DADIR/data/admin
|
|
cp -f spolszczenie_enhanced/r_welcome.txt $DADIR/data/admin
|
|
cp -f spolszczenie_enhanced/u_welcome.txt $DADIR/data/users/admin
|
|
cp -f spolszczenie_enhanced/u_welcome.txt $DADIR/data/templates/custom
|
|
|
|
echo "Spolszczenie skorki evolution"
|
|
|
|
|
|
rm -rf $DAPOSTINSTALL_DIR/evolution
|
|
mkdir -p $DAPOSTINSTALL_DIR/evolution
|
|
cd $DAPOSTINSTALL_DIR/evolution
|
|
git clone https://github.com/regdos/DirectAdmin-Evolution-PL.git
|
|
cd DirectAdmin-Evolution-PL
|
|
cp pl.po login-pl.po $DADIR/data/skins/evolution/lang/
|
|
\cp -Rfp templates/* $DADIR/data/templates/
|
|
\cp -f a_welcome.txt $DADIR/data/admin
|
|
\cp -f r_welcome.txt $DADIR/data/admin
|
|
\cp -f u_welcome.txt $DADIR/data/users/admin
|
|
\cp -f u_welcome.txt $DADIR/data/templates/custom
|
|
|
|
|
|
|
|
clear
|
|
|
|
PS3='Jaka skorke ustawic jako domyslna: '
|
|
options=("Enhanced" "Evolution")
|
|
select opt in "${options[@]}"
|
|
do
|
|
case $opt in
|
|
|
|
"Enhanced")
|
|
sed -i 's/evolution/enhanced/gI' $DADIR/conf/directadmin.conf
|
|
sed -i 's/evolution/enhanced/gI' $DADIR/data/users/admin/packages/NO-LIMIT.pkg
|
|
sed -i 's/evolution/enhanced/gI' $DADIR/data/users/admin/user.conf
|
|
systemctl restart directadmin
|
|
|
|
break
|
|
;;
|
|
|
|
"Evolution")
|
|
rm -f $DADIR/data/templates/custom/login.html
|
|
echo "Skorka evolution zostala ustawiona jako domyslna"
|
|
systemctl restart directadmin
|
|
break
|
|
;;
|
|
|
|
|
|
*) echo "Niewlasciwa opcja $REPLY";;
|
|
esac
|
|
done
|
|
|
|
echo "Wybierz tryb instalacji"
|
|
echo "Instalacja automatyczna instaluje wszystkie dodatki i przyjmuje domyslne ustawienia dla hitme."
|
|
echo "Instalacja niestandardowa pozwala pominac niektore komponenty, np. nie instalowac ModSecurity, okreslic inny niz 10022 port SSH czy serwery DNS niz standardowe dla hitme zadajac dodatkowe pytania podczas wykonywania skryptu"
|
|
|
|
PS3='Wybierz tryb instalacji: '
|
|
options=("Automatyczna" "Niestandardowa")
|
|
select opt in "${options[@]}"
|
|
do
|
|
case $opt in
|
|
|
|
"Automatyczna")
|
|
echo "Ustawienie DNSów hitme"
|
|
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/conf/directadmin.conf
|
|
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/conf/directadmin.conf
|
|
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/data/users/admin/user.conf
|
|
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/data/users/admin/user.conf
|
|
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/data/users/admin/reseller.conf
|
|
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/data/users/admin/reseller.conf
|
|
systemctl restart directadmin
|
|
|
|
echo "Ustawienie domyslnego portu SSH na 10022"
|
|
|
|
SSH_PORT=10022
|
|
sed -i '/Port 22/s/^#//g' /etc/ssh/sshd_config
|
|
sed -i "s/Port 22/Port 10022/g" /etc/ssh/sshd_config
|
|
sed -i "s/,22,/,22,10022,/g" /etc/csf/csf.conf
|
|
|
|
echo "Ustawienie dodatkowych zabezpieczen SSH"
|
|
|
|
tee -a /etc/ssh/sshd_config > /dev/null <<EOT
|
|
Match User root Address 185.242.134.0/24,185.242.133.37,185.242.134.92,185.242.134.93,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196
|
|
PubkeyAuthentication yes
|
|
PasswordAuthentication yes
|
|
PermitRootLogin yes
|
|
EOT
|
|
|
|
echo "Ustawienie kluczy logowania do DirectAdmina i kluczy SSH hitme"
|
|
|
|
cd /opt
|
|
sh daupdate.sh klucze
|
|
# sh daupdate keyput
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Instalacja Modsecurity i regułek malware experts"
|
|
|
|
wget $HTLINK/hitmemodsec.sh -O /opt/hitmemodsec.sh
|
|
sh /opt/hitmemodsec.sh
|
|
rm -f hitmemodsec.sh
|
|
daupdate antybots
|
|
|
|
echo "Instaluje branding hitme dla skorki evolution i serwera www"
|
|
cd $DAPOSTINSTALL_DIR
|
|
tar -xvf skin_customizations.tar -C $DADIR/data/users/admin/
|
|
cd $DAPOSTINSTALL_DIR
|
|
wget https://cdn.hitme.pl/da_templates.tar
|
|
tar -xf da_templates.tar
|
|
cp da_templates/*[1-9]* /home/admin/domains/default/
|
|
cp da_templates/index.html /home/admin/domains/default/index.html
|
|
cp da_templates/suspended.shtml /home/admin/domains/suspended/index.html
|
|
cp da_templates/index-hitme.html /var/www/html/index.html
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Instalacja Security headers"
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
cat security-headers.conf >>/etc/httpd/conf/extra/httpd-includes.conf
|
|
cd $CBDIR
|
|
./build rewrite_confs
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Instalacja certyfikatu Let's Encrypt"
|
|
$DADIR/scripts/letsencrypt.sh request_single `hostname` 4096
|
|
|
|
break
|
|
;;
|
|
|
|
"Niestandardowa")
|
|
read -p "Podaj adres NS1 [dns3.hitme.net.pl]: " NS1_DEFAULT
|
|
NS1_DEFAULT=${NS1_DEFAULT:-dns3.hitme.net.pl}
|
|
read -p "Podaj adres NS2 [dns4.hitme.net.pl]: " NS2_DEFAULT
|
|
NS2_DEFAULT=${NS2_DEFAULT:-dns4.hitme.net.pl}
|
|
|
|
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/conf/directadmin.conf
|
|
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/conf/directadmin.conf
|
|
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/data/users/admin/user.conf
|
|
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/data/users/admin/user.conf
|
|
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/data/users/admin/reseller.conf
|
|
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/data/users/admin/reseller.conf
|
|
systemctl restart directadmin
|
|
|
|
read -p "Podaj port SSH [10022]: " SSH_PORT
|
|
SSH_PORT=${SSH_PORT:-10022}
|
|
|
|
sed -i '/Port 22/s/^#//g' /etc/ssh/sshd_config
|
|
sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config
|
|
sed -i "s/,22,/,22,$SSH_PORT,/g" /etc/csf/csf.conf
|
|
|
|
while true; do
|
|
|
|
read -p "Czy aktywowac dodatkowe zabezpiecznia SSH (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Aktywacja dodatkowych zabezpieczen SSH"
|
|
tee -a /etc/ssh/sshd_config > /dev/null <<EOT
|
|
Match User root Address 185.242.134.0/24,185.242.133.37,185.242.134.92,185.242.134.93,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196
|
|
PubkeyAuthentication yes
|
|
PasswordAuthentication yes
|
|
PermitRootLogin yes
|
|
EOT
|
|
break;;
|
|
[nN] ) echo "Pomijam aktywacje dodatkowych zabezpieczen SSH";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac klucze logowania HITME do SSH (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instaluje klucze logowania HITME do SSH"
|
|
cd /opt
|
|
sh daupdate keyput
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje kluczy logowania do SSH";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac klucze logowania HITME do DirectAdmina (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instaluje klucze logowania HITME do DirectAdmina"
|
|
cd /opt
|
|
sh daupdate klucze
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje kluczy logowania do DirectAdmina";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
echo "Instalacja ModSecurity"
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac ModSecurity z reglłkami Malware Experts (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instaluje ModSecurity + Malware Experts"
|
|
wget $HTLINK/hitmemodsec.sh -O /opt/hitmemodsec.sh
|
|
sh /opt/hitmemodsec.sh
|
|
rm -f hitmemodsec.sh
|
|
daupdate antybots
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje ModSecurity";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac brandowanie hitme dla skorki evolution i serwera www (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instaluje branowanie hitme dla skorki evolution"
|
|
cd $DAPOSTINSTALL_DIR
|
|
tar -xvf skin_customizations.tar -C $DADIR/data/users/admin/
|
|
wget https://cdn.hitme.pl/da_templates.tar
|
|
tar -xf da_templates.tar
|
|
cp da_templates/*[1-9]* /home/admin/domains/default/
|
|
cp da_templates/index.html /home/admin/domains/default/index.html
|
|
cp da_templates/suspended.shtml /home/admin/domains/suspended/index.html
|
|
cp da_templates/index-hitme.html /var/www/html/index.html
|
|
cd $DAPOSTINSTALL_DIR
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje brandowania hitme dla skorki evolution";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
echo "Certyfikat SSL dla DirectAdmina"
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac Let's Encrypt dla DirectAdmina dla hostname `hostname` (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instaluje Let's encrypt"
|
|
$DADIR/scripts/letsencrypt.sh request_single `hostname` 4096
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje Let's Encrypt";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
while true; do
|
|
|
|
read -p "Czy instalowac Security Headers (T/N)? " yn
|
|
|
|
case $yn in
|
|
[Tt] ) echo "Instalacja Security Headers?"
|
|
cd $DAPOSTINSTALL_DIR
|
|
cat security-headers.conf >>/etc/httpd/conf/extra/httpd-includes.conf
|
|
cd $CBDIR
|
|
./build rewrite_confs
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
|
|
break;;
|
|
[nN] ) echo "Pomijam instalacje Security Headers";
|
|
break;;
|
|
* ) echo "Niewlasciwa odpowiedz";;
|
|
esac
|
|
|
|
done
|
|
|
|
break
|
|
;;
|
|
|
|
|
|
*) echo "Niewlasciwa opcja $REPLY";;
|
|
esac
|
|
done
|
|
|
|
|
|
echo -e "\e[96mMam wszystkie informacje - rozpoczynam konfiguracje\e[0m"
|
|
|
|
|
|
echo "Generowanie maila powitalnego"
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
chmod 755 da_cli.sh
|
|
|
|
echo "Generowanie hasla DirectAdmin"
|
|
|
|
echo "Generowanie hasla DirectAdmin"
|
|
|
|
min_length=1
|
|
max_length=24
|
|
|
|
special_chars='-._'
|
|
DA_ADMINPASS=$(
|
|
while true; do
|
|
base_part=$(tr -dc '[:alnum:]' < /dev/urandom | fold -w "$((RANDOM % (max_length - min_length - 1) + min_length - 1))" | head -n 1)
|
|
special_part=$(echo $special_chars | fold -w1 | shuf | head -n "$((RANDOM % 3 + 1))" | tr -d '\n')
|
|
password="${base_part:0:1}${special_part}${base_part:1}"
|
|
|
|
if echo "$password" | grep -qE '[[:digit:]]' && echo "$password" | grep -qE '[[:upper:]]' && echo "$password" | grep -qE '[-.,_]'; then
|
|
echo "$password"
|
|
break
|
|
fi
|
|
done
|
|
)
|
|
|
|
DA_OPTIONSCONF=$CBDIR/options.conf
|
|
DA_USERCONF=$DADIR/data/users/admin/user.conf
|
|
DA_HOSTNAME=$(hostname -f)
|
|
DA_IP=`cat $DA_USERCONF | grep ip= | cut -d= -f2`
|
|
DA_NS1=`cat $DA_USERCONF | grep ns1= | cut -d= -f2`
|
|
DA_NS2=`cat $DA_USERCONF | grep ns1= | cut -d= -f2`
|
|
DA_PHP1=`cat $DA_OPTIONSCONF | grep php1_release= | cut -d= -f2`
|
|
DA_PHP2=`cat $DA_OPTIONSCONF | grep php2_release= | cut -d= -f2`
|
|
DA_PHP3=`cat $DA_OPTIONSCONF | grep php3_release= | cut -d= -f2`
|
|
DA_PHP4=`cat $DA_OPTIONSCONF | grep php4_release= | cut -d= -f2`
|
|
sed -i 's/DA_HOSTNAME/'"$DA_HOSTNAME"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_HOSTNAME/'"$DA_HOSTNAME"'/g' options.conf
|
|
sed -i 's/DA_IP/'"$DA_IP"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_NS1/'"$DA_NS1"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_NS2/'"$DA_NS2"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_HASLO/'"$DA_ADMINPASS"'/g' mail_powitalny.txt
|
|
sed -i 's/SSH_PORT/'"$SSH_PORT"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_PHP1/'"$DA_PHP1"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_PHP2/'"$DA_PHP2"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_PHP3/'"$DA_PHP3"'/g' mail_powitalny.txt
|
|
sed -i 's/DA_PHP4/'"$DA_PHP4"'/g' mail_powitalny.txt
|
|
mv mail_powitalny.txt /root
|
|
|
|
echo "instalacja SpamBlocker"
|
|
cd $CBDIR
|
|
./build update
|
|
./build set eximconf yes
|
|
./build set eximconf_release 4.5
|
|
./build set blockcracking yes
|
|
./build set easy_spam_fighter yes
|
|
./build set spamd spamassassin
|
|
./build set exim yes
|
|
./build exim
|
|
./build set dovecot_conf yes
|
|
./build dovecot_conf
|
|
./build spamassassin
|
|
./build update
|
|
./build exim_conf
|
|
|
|
echo "Dodanie SpamAssassin dla wszystkich uzytkownikow"
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
cp user_create_post.sh $DADIR/scripts/custom/user_create_post.sh
|
|
chmod 755 $DADIR/scripts/custom/user_create_post.sh
|
|
|
|
|
|
echo "Aktywacja SpamAssassina dla obecnych użytkowników"
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
cp spam_assassin_all_users_on.sh $DADIR/scripts/custom/
|
|
chmod 755 $DADIR/scripts/custom/spam_assassin_all_users_on.sh
|
|
$DADIR/scripts/custom/spam_assassin_all_users_on.sh
|
|
|
|
echo "Naprawa komunikacji URIBL"
|
|
|
|
echo "dns_server 127.0.0.1 # Naprawa zapytan URIBL i DNSWL" >> /etc/mail/spamassassin/local.cf
|
|
|
|
echo "OneClick Roundcube"
|
|
cd $DADIR
|
|
./directadmin set one_click_webmail_login 1
|
|
service directadmin restart
|
|
cd custombuild
|
|
./build update
|
|
./build dovecot_conf
|
|
./build exim_conf
|
|
./build roundcube
|
|
|
|
echo "OneClick PhpMyAdmin"
|
|
cd $DADIR/
|
|
./directadmin set one_click_pma_login 1
|
|
systemctl restart directadmin
|
|
cd custombuild
|
|
./build update
|
|
./build phpmyadmin
|
|
|
|
echo "PhpMyAdmin tylko z poziomu DirectAdmina"
|
|
|
|
cd $CBDIR
|
|
./build update
|
|
./build set phpmyadmin_public no
|
|
./build phpmyadmin
|
|
systemctl restart directadmin
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Naprawa PhpMyAdmin"
|
|
cd $DAPOSTINSTALL_DIR
|
|
chmod 755 fix_phpmyadmin.sh
|
|
./fix_phpmyadmin.sh
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
|
|
echo "Automatyczna konfiguracja Thunderbirda"
|
|
mkdir -p /var/www/html/.well-known/autoconfig/mail/
|
|
cd $DAPOSTINSTALL_DIR
|
|
cp -f config-v1.1.xml /var/www/html/.well-known/autoconfig/mail/config-v1.1.xml
|
|
sed -i 's_nazwahosta_'$HOSTNAME'_g' /var/www/html/.well-known/autoconfig/mail/config-v1.1.xml
|
|
chown -R webapps:webapps /var/www/html/.well-known/autoconfig
|
|
mkdir -p $CBDIR/custom/ap2/conf/extra
|
|
cp -Rfp /etc/httpd/conf/extra/httpd-alias.conf $CBDIR/custom/ap2/conf/extra
|
|
echo "Alias /.well-known/autoconfig /var/www/html/.well-known/autoconfig" >> $CBDIR/custom/ap2/conf/extra/httpd-alias.conf
|
|
echo "Alias /poczta /var/www/html/roundcube" >> $CBDIR/custom/ap2/conf/extra/httpd-alias.conf
|
|
$CBDIR/build rewrite_confs
|
|
|
|
echo "Instalacja Imagick i WebP"
|
|
cd $DAPOSTINSTALL_DIR
|
|
dnf -y install mesa-libGL giflib freeglut
|
|
rpm -ivh libwebp-tools-1.0.0-8.el8_7.x86_64.rpm
|
|
dnf --enablerepo=powertools -y install giflib-devel
|
|
dnf -y install libwebp-devel libjpeg-devel libpng-devel libwebp-tools giflib libvpx libvpx-devel libtiff-devel libXpm-devel libpng-devel ImageMagick-devel
|
|
# $CBDIR/build set imagick yes
|
|
# $CBDIR/build imagick
|
|
sed -i 's/imagick=no/imagick=yes/g' /usr/local/directadmin/custombuild/php_extensions.conf
|
|
da build imagick
|
|
|
|
echo "Instalacja IMAP"
|
|
sed -i 's/imap=no/imap=yes/gI' $CBDIR/php_extensions.conf
|
|
$CBDIR/build php_imap
|
|
|
|
echo "Instalacja Memcache i redis"
|
|
yum -y install memcached libmemcached
|
|
systemctl enable memcached
|
|
systemctl restart memcached
|
|
yum -y install redis redis-devel
|
|
|
|
echo "Instalacja rozszerzen PECL od poralixa"
|
|
cd $DADIR/scripts/custom
|
|
wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/php/php-extension.sh -O php-extension.sh
|
|
chmod 750 php-extension.sh
|
|
./php-extension.sh install memcached
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
cd $CBDIR
|
|
touch custom/php_disable_functions
|
|
echo "exec,system,passthru,shell_exec,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname" > custom/php_disable_functions
|
|
./build secure_php
|
|
|
|
echo "Optymalizacja MySQL"
|
|
cd $DAPOSTINSTALL_DIR
|
|
\cp -f my.cnf /etc/my.cnf
|
|
systemctl restart mysqld
|
|
|
|
|
|
echo "Dodawanie subdomeny poczta do kazdej domeny"
|
|
|
|
mkdir -p $DADIR/data/templates/custom/
|
|
\cp virtual_host2.conf.CUSTOM.4.post $DADIR/data/templates/custom/virtual_host2.conf.CUSTOM.4.post
|
|
\cp virtual_host2_secure.conf.CUSTOM.4.post $DADIR/data/templates/custom/virtual_host2_secure.conf.CUSTOM.4.post
|
|
echo "action=rewrite&value=httpd" >> $DADIR/data/task.queue
|
|
cd $DADIR/data/templates
|
|
cp dns_a.conf custom/
|
|
cd custom
|
|
sed -i '/pop/i poczta=|IP|' $DADIR/data/templates/custom/dns_a.conf
|
|
|
|
echo "Instalacja bezpiecznego DMARC"
|
|
|
|
cd $DADIR/data/templates/custom
|
|
cp ../dns_txt.conf .
|
|
echo '_dmarc="v=DMARC1;p=quarantine;pct=100;sp=none;fo=0:d:s;aspf=s;adkim=r;"' >> dns_txt.conf
|
|
|
|
echo "Dopuszczenie wszystkich metod HTTPD"
|
|
|
|
cd $CBDIR
|
|
./build set http_methods ALL
|
|
./build rewrite_confs
|
|
|
|
echo "Instalacja composera"
|
|
cd $CBDIR
|
|
./build composer
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Instalacja wp-cli"
|
|
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
|
chmod +x wp-cli.phar
|
|
mv wp-cli.phar /usr/local/bin/wp
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Inne optymalizacje"
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
daupdate rblda_full
|
|
cd /opt
|
|
sh /opt/daupdate bbmysql
|
|
\cp $DAPOSTINSTALL_DIR/csfcf.sh /opt/csfcf.sh
|
|
chmod 700 /opt/csfcf.sh
|
|
sh /opt/csfcf.sh
|
|
echo "20 0 * * * sh /opt/csfcf.sh > /dev/null 2>&1" >>/var/spool/cron/root
|
|
|
|
echo "Usowanie dostepu do DA / IMAP z po za Polski"
|
|
wget --timeout=1 --tries=3 -O /opt/csf_off2222.sh https://ht.zenadmin.pl/da/csf_off2222.sh
|
|
|
|
systemctl restart sshd
|
|
csf -r
|
|
|
|
echo "poprawka too many users SSHD"
|
|
touch /etc/ssh/sshd_config_placebo
|
|
sed -i 's^/etc/ssh/sshd_config^/etc/ssh/sshd_config_placebo^g' $DADIR/conf/directadmin.conf
|
|
systemctl restart directadmin
|
|
|
|
echo "Instalacja NetData"
|
|
cd $CBDIR
|
|
./build netdata
|
|
|
|
echo "Instalacja REDISa"
|
|
cd $DADIR/scripts/custom
|
|
./php-extension.sh install redis
|
|
mkdir $DADIR/plugins/redis_management
|
|
cd $DAPOSTINSTALL_DIR
|
|
tar -zxf redis_management.tar.gz -C $DADIR/plugins/redis_management
|
|
$DADIR/plugins/redis_management/scripts/install.sh
|
|
cd $DAPOSTINSTALL_DIR
|
|
|
|
echo "Instalacja IMAPsync"
|
|
dnf -y install --enablerepo=powertools imapsync
|
|
mkdir $DADIR/plugins/imapsync
|
|
tar -zxf imapsync.tar.gz -C $DADIR/plugins/imapsync
|
|
$DADIR/plugins/imapsync/scripts/install.sh
|
|
echo 'imapsync=type=checkbox&string=IMAPsync migrations (plugin)&desc=Allow access to imapsync migrations&default=yes' >> /usr/local/directadmin/data/admin/custom_package_items.conf
|
|
echo 'imapsync=ON' >> /usr/local/directadmin/data/users/admin/user.conf
|
|
cp lang_pl.php $DADIR/plugins/imapsync/lang
|
|
|
|
# echo "Dodanie kolorowego prompta hitme"
|
|
# echo "PS1='\[\e[0;1;38;5;46m\]\u\[\e[0m\]@\[\e[0;1;38;5;214m\]\h\[\e[0m\][\[\e[0;1;97m\]\W\[\e[0m\]]\[\e[0;38;5;46m\]$ \[\e[0m\]'" | sudo tee -a /etc/profile
|
|
|
|
# echo "dodanie kolorowego prompta dla roota"
|
|
# echo "PS1='\[\e[0;1;91m\]\u\[\e[0m\]@\[\e[0;1;38;5;214m\]\h\[\e[0m\][\[\e[0;1;97m\]\W\[\e[0m\]]\[\e[0;1m\]# \[\e[0m\]'" | sudo tee -a /root/.bash_profile
|
|
|
|
echo "never_commands=custombuild:updates:license" >> /usr/local/directadmin/conf/directadmin.conf
|
|
systemctl restart directadmin
|
|
|
|
cd $DAPOSTINSTALL_DIR
|
|
echo "dodaje JIT dla PHP"
|
|
sh php_zmienne.sh
|
|
sh da_cli.sh disablenamed
|
|
sh da_cli.sh disablemultiserverpage
|
|
sh da_cli.sh disablecreateadmin
|
|
sh da_cli.sh changeuserpass admin $DA_ADMINPASS
|
|
sh da_cli.sh createemptybackup
|
|
|
|
|
|
clear
|
|
echo -e "\e[92mKonfiguracja zakonczona - usuwam pliki tymczasowe - tekst powitalny z uzupelnionymi odpowiednimi danymi znajdziesz w /root/mail_powitalny.txt\e[0m"
|
|
cd ~
|
|
exec >/dev/null 2>&1
|
|
rm -rf $DAPOSTINSTALL_DIR
|