From 5507df37e9a34bfcbce7b4d11eafd0f9d67fe8b2 Mon Sep 17 00:00:00 2001 From: Edi Septriyanto Date: Thu, 2 May 2024 00:30:03 +0700 Subject: [PATCH] Update installer config --- .env.dist | 24 +++++--- install.sh | 3 + scripts/install_dependencies.sh | 101 ++++++++++++++++++++++++-------- scripts/utils.sh | 4 +- 4 files changed, 96 insertions(+), 36 deletions(-) diff --git a/.env.dist b/.env.dist index f75f0a9..e9e1bde 100644 --- a/.env.dist +++ b/.env.dist @@ -78,7 +78,7 @@ INSTALL_NGINX=true NGINX_INSTALLER="repo" # Nginx repository source: ondrej | myguard -NGINX_REPO_SRC="ondrej" +NGINX_REPO_SRC="myguard" # Supported Nginx version: stable (lts) | latest (mainline), # version number e.g. 1.18.0 (only if Nginx build from source). @@ -116,10 +116,11 @@ NGX_HTTP_ECHO=false NGX_HTTP_FANCYINDEX=true NGX_HTTP_GEOIP=true -# GeoIP2 with MaxMind GeoLite2 database. GeoLite2 license key is required, -# Get it from here https://www.maxmind.com/en/geolite2/signup +# GeoIP2 with MaxMind GeoLite2 database. NGX_HTTP_GEOIP2=false -GEOLITE2_LICENSE_KEY="zHccSDDcvqS4A0Ps" + +# GeoLite2 license key is required, get it from here https://www.maxmind.com/en/geolite2/signup +GEOLITE2_LICENSE_KEY="" NGX_HTTP_HEADERS_MORE=true NGX_HTTP_IMAGE_FILTER=true @@ -171,7 +172,7 @@ PHP_VERSIONS="8.1 8.2 8.3" # Additional PHP modules (extensions) to install. # Installing multiple extension is supported, separate version by space. # Type only the extension name (without php*-). -PHP_EXTENSIONS="geoip gnupg imagick igbinary json mcrypt memcache memcached msgpack openswoole sodium" +PHP_EXTENSIONS="geoip gnupg imagick igbinary json mcrypt memcache memcached msgpack sodium" # DO NOT CHANGE DEFAULT_PHP_VERSION="8.2" @@ -213,7 +214,11 @@ IMAGEMAGICK_VERSION="7.1.0-21" [mysql] INSTALL_MYSQL=true + +# Currently only support mariadb. MYSQL_SERVER="mariadb" + +# MySQL / MariaDB version. MYSQL_VERSION="11.1" # Securing MySQL installation. @@ -313,7 +318,7 @@ INSTALL_MAILER=true INSTALL_SPFDKIM=true # Sender domain is required, if left empty it will be sets to the default hostname domain. -# Ensure that the hostname or sender domain already pointed to this server IP address. +# Ensure that the hostname or sender domain already pointed to the server's IP address. SENDER_DOMAIN="" [certbot] @@ -327,6 +332,9 @@ HOSTNAME_CERT_PATH="" # length of bits used for generating RSA key / Diffie-Helman params. KEY_HASH_LENGTH=2048 +# Python used for Certbot. +DEFAULT_PYTHON_VERSION="3.9.19" + [firewall] INSTALL_FW=true @@ -336,8 +344,8 @@ INSTALL_FW=true FW_CONFIGURATOR="ufw" [fail2ban] -INSTALL_FAIL2BAN=true +INSTALL_FAIL2BAN=false # Available installer: repo | source. -FAIL2BAN_INSTALLER="source" +FAIL2BAN_INSTALLER="repo" FAIL2BAN_VERSION="1.0.2" diff --git a/install.sh b/install.sh index 6947ee9..ca47bcb 100755 --- a/install.sh +++ b/install.sh @@ -283,6 +283,9 @@ Please Save the above Credentials & Keep it Secure! status "${CREDENTIALS}" + # Send credentials to admin email. + run bash -c "echo '${CREDENTIALS}' | mail -s 'LEMPer Stack Credentials for ${SERVER_IP}' ${LEMPER_ADMIN_EMAIL}" + # Save it to log file #save_log "${CREDENTIALS}" diff --git a/scripts/install_dependencies.sh b/scripts/install_dependencies.sh index 51b4348..f0cd6f6 100755 --- a/scripts/install_dependencies.sh +++ b/scripts/install_dependencies.sh @@ -47,8 +47,45 @@ run apt-get install -q -y \ re2c rsync software-properties-common sasl2-bin snap snmp sudo sysstat tar tzdata unzip wget \ whois xz-utils zlib1g-dev geoip-bin geoip-database gettext libgeoip-dev libpthread-stubs0-dev uuid-dev +if [[ ! -d /root/.gnupg ]]; then + run mkdir /root/.gnupg +fi + +## +# Install Python custom version +## +function install_python_from_source() { + local PYTHON_VERSION=${1} + + if [[ -z "${PYTHON_VERSION}" ]]; then + PYTHON_VERSION=${DEFAULT_PYTHON_VERSION:-"3.9.19"} + fi + + local CURRENT_DIR && \ + CURRENT_DIR=$(pwd) + + PYTHON_SRC="https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tgz" + + if curl -sLI "${PYTHON_SRC}" | grep -q "HTTP/[.12]* [2].."; then + run run cd "${BUILD_DIR}" && \ + run curl -sSL -o "Python-${PYTHON_VERSION}.tgz" "${PYTHON_SRC}" && \ + run tar -xzf "Python-${PYTHON_VERSION}.tgz" && \ + run cd "Python-${PYTHON_VERSION}" && \ + run ./configure --enable-shared --enable-optimizations --prefix=/usr/local LDFLAGS="-Wl,--rpath=/usr/local/lib" && \ + run make altinstall && \ + run update-alternatives --install /usr/bin/python python /usr/local/bin/python3.9 39 && \ + run update-alternatives --set python /usr/local/bin/python3.9 && \ + run curl -sSL -o "get-pip.py" "https://bootstrap.pypa.io/get-pip.py" && \ + run python get-pip.py && \ + run python -m pip install --upgrade pip && \ + run cd "${CURRENT_DIR}" || return 1 + else + error "Unable to download Python-${PYTHON_VERSION} source..." + fi +} + # Install Python 3 -echo "Installing Python..." +echo "Installing Python 3 package..." case "${DISTRIB_NAME}" in debian) @@ -58,37 +95,49 @@ case "${DISTRIB_NAME}" in run update-alternatives --install /usr/bin/python python "$(command -v python3)" 3 && \ run update-alternatives --set python /usr/bin/python3 ;; + buster | bullseye) + #DEADSNAKES_PPA="focal" + #run apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 + #run gpg --lock-never --keyserver hkp://keyserver.ubuntu.com:80 --no-default-keyring --keyring "/etc/apt/trusted.gpg.d/deadsnakes-${RELEASE_NAME}" --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 && \ + #run touch "/etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ + #run bash -c "echo 'deb https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu ${DEADSNAKES_PPA} main' > /etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ + #run bash -c "echo 'deb-src https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu ${DEADSNAKES_PPA} main' >> /etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ + #run apt-get update -q -y && \ + #run apt-get install -q -y python3.9 python3.9-dev python3.9-venv python3-pip && \ + #run update-alternatives --install /usr/bin/python python "$(command -v python3.9)" 39 && \ + #run update-alternatives --set python /usr/bin/python3.9 + + # Install Python 3 from source. + install_python_from_source "3.9.19" + ;; *) - # Add deadsnakes repository. - case "${RELEASE_NAME}" in - buster | bullseye) - DEADSNAKES_PPA="focal" - ;; - esac - - run touch "/etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ - run bash -c "echo 'deb https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu ${DEADSNAKES_PPA} main' > /etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ - run bash -c "echo 'deb-src https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu ${DEADSNAKES_PPA} main' >> /etc/apt/sources.list.d/deadsnakes-ppa-ubuntu-${DEADSNAKES_PPA}.list" && \ - run apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 - - run apt-get update -q -y && \ - run apt-get install -q -y python3.7 python3.7-dev python3.7-venv \ - python3.9 python3.9-dev python3.9-venv python3-pip && \ - run update-alternatives --install /usr/bin/python python "$(command -v python3.7)" 37 && \ - run update-alternatives --install /usr/bin/python python "$(command -v python3.9)" 39 && \ - run update-alternatives --set python /usr/bin/python3.7 + fail "Unable to install Python dependencies, this GNU/Linux distribution is not supported." ;; esac ;; ubuntu) # Install Python - run add-apt-repository ppa:deadsnakes/ppa -y && \ - run apt-get update -q -y && \ - run apt-get install -q -y python3.7 python3.7-dev python3.7-venv \ - python3.9 python3.9-dev python3.9-venv python3-pip && \ - run update-alternatives --install /usr/bin/python python "$(command -v python3.7)" 37 && \ - run update-alternatives --install /usr/bin/python python "$(command -v python3.9)" 39 && \ - run update-alternatives --set python /usr/bin/python3.7 + # python3.7 will be dropped on next Certbot release + # deadsnake ppa only support Focal & Jammy + case "${RELEASE_NAME}" in + focal | jammy) + run add-apt-repository ppa:deadsnakes/ppa -y && \ + run apt-get update -q -y && \ + run apt-get install -q -y python3.9 python3.9-dev python3.9-venv python3-pip && \ + run update-alternatives --install /usr/bin/python python "$(command -v python3.9)" 39 && \ + run update-alternatives --set python /usr/bin/python3.9 + + # Install Python 3 from source. + #install_python_from_source "3.9.19" + ;; + bionic) + # Install Python 3 from source. + install_python_from_source "3.9.19" + ;; + *) + fail "Unable to install Python dependencies, this GNU/Linux distribution is not supported." + ;; + esac ;; esac diff --git a/scripts/utils.sh b/scripts/utils.sh index 61ed740..daf383c 100755 --- a/scripts/utils.sh +++ b/scripts/utils.sh @@ -828,12 +828,12 @@ function footer_msg() { cat <<- EOL #==========================================================================# -# Thank's for installing LEMP Stack using LEMPer # +# Thank's for installing LEMP Stack with LEMPer # # Found any bugs/errors, or suggestions? please let me know # # If useful, don't forget to buy me a cup of coffee or milk :D # # My PayPal is always open for donation, here https://paypal.me/masedi # # # -# (c) 2014-2023 | MasEDI.Net | https://masedi.net/lemper # +# (c) 2014-2024 | MasEDI.Net | https://masedi.net/l/lemper # #==========================================================================# EOL }