#!/bin/bash
# CONFIGURE SERVER HOSTNAME
hostnamectl set-hostname example-hostname
# SWAP FILE
fallocate -l 2G /swapfile &&\
chmod 600 /swapfile &&\
mkswap /swapfile &&\
swapon /swapfile &&\
echo "/swapfile swap swap defaults 0 0" >> /etc/fstab &&\
free -h
# INSTALL MONITORING SOFTWARE SITE24x7
wget https://staticdownloads.site24x7.com/server/Site24x7InstallScript.sh \
&& bash Site24x7InstallScript.sh -i -key=58e634b5231ebd6e8fd832405298f883bd846e7c -automation=true
# CONFIGURE SERVER TIME
ln -fs /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime \
&& dpkg-reconfigure -f noninteractive tzdata
# INSTALL APACHE / PHP AND MYSQL-CLI
export DEBIAN_FRONTEND=noninteractive &&\
apt-get update && apt-get dist-upgrade -y &&\
add-apt-repository ppa:ondrej/php -y &&\
add-apt-repository ppa:ondrej/apache2 -y &&\
apt-get update &&\
apt-get install apache2 php8.3-fpm php8.3-mysql php8.3-xml php8.3-mbstring php8.3-gd php8.3-curl php8.3-zip -y &&\
a2enmod proxy proxy_fcgi headers expires rewrite ssl &&\
sed -i 's/post_max_size.*/post_max_size = 500M/' /etc/php/*/fpm/php.ini &&\
sed -i 's/upload_max_filesize.*/upload_max_filesize = 500M/' /etc/php/*/fpm/php.ini &&\
apt-get install -y mysql-clientMake sure device name is nvme1n1 by running lsblk.
Adjust that name (if necessary) in the command below to format the whole volume:
mkfs.ext4 /dev/nvme1n1Note de Filesystem UUID displayed by the previous command and put it in a variable like: export UUID=062b9719-74d1-4a39-99dd-70510bd40b1f, then:
echo "UUID='$UUID' /var/www ext4 defaults 0 0" >> /etc/fstab
systemctl daemon-reload
mkdir -p /var/www
mount -avi /etc/apache2/sites-enabled/example.com.conf<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin [email protected]
DocumentRoot "/var/www/site/public"
ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
# This is a trick to make the application think it's using HTTPS even when it's behind external HTTPS Proxy on port 80
ProxyFCGISetEnvIf "true" HTTPS "on"
#
<Directory /var/www/site/public>
Require all granted
Options +FollowSymLinks
AllowOverride All
</Directory>
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php8.3-fpm-site.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
Require all denied
</FilesMatch>
<FilesMatch "^\.ph(ar|p|ps|tml)$">
Require all denied
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin [email protected]
DocumentRoot "/var/www/site/public"
ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
<Directory /var/www/site/public>
Require all granted
Options +FollowSymLinks
AllowOverride All
</Directory>
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php8.3-fpm-site.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
Require all denied
</FilesMatch>
<FilesMatch "^\.ph(ar|p|ps|tml)$">
Require all denied
</FilesMatch>
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>In case you installed mysql-server aswell, you'll prolly need this:
vi /etc/mysql/mysql.conf.d/custom.cnf[mysqld]
default-authentication-plugin=mysql_native_password
sql_mode=""