├── CentOS-7 ├── README.md ├── admin │ ├── README.md │ └── swap.sh ├── cms │ ├── README.md │ ├── mediawiki.sh │ ├── wordpress-nginx.yml │ ├── wordpress-openlitespeed.sh │ └── wordpress.sh ├── docker │ ├── README.md │ └── docker-centos.yml ├── languages │ ├── README.md │ └── nodejs.sh ├── no-sql │ ├── README.md │ ├── mongodb.yml │ └── redis.yml └── web-servers │ ├── README.md │ ├── lamp.yml │ ├── lemp.yml │ └── tomcat7.yml ├── CoreOS └── README.md ├── Debian-8 ├── README.md ├── admin │ ├── README.md │ └── swap.sh ├── cms │ ├── README.md │ ├── wordpress-openlitespeed.sh │ └── wordpress.sh ├── no-sql │ ├── README.md │ ├── mongodb.yml │ └── redis.yml └── web-servers │ ├── README.md │ ├── lamp-phpmyadmin.yml │ ├── lamp.yml │ ├── lemp.yml │ └── tomcat7.yml ├── Fedora-22 └── languages │ ├── README.md │ └── nodejs.sh ├── Fedora ├── README.md ├── admin │ ├── README.md │ └── swap.sh └── web-servers │ ├── README.md │ ├── lamp-hidden_versions.yml │ └── lamp.yml ├── LICENSE ├── README.md ├── Ubuntu-14.04 ├── README.md ├── admin │ ├── README.md │ ├── change.hostn.yml │ ├── postfix-send-only.yml │ ├── saltstack.bash │ └── swap.sh ├── cms │ ├── README.md │ ├── mediawiki.sh │ ├── wordpress-nginx.sh │ ├── wordpress-openlitespeed.sh │ └── wordpress.sh ├── desktop │ ├── README.md │ ├── kde-x2go.sh │ ├── lxde-x2go.sh │ └── xfce-x2go.sh ├── docker │ ├── README.md │ └── docker-ubuntu.yml ├── languages │ ├── README.md │ └── nodejs.sh ├── network │ ├── README.md │ └── open-vpn.yml ├── no-sql │ ├── README.md │ ├── mongodb.yml │ └── redis.yml └── web-servers │ ├── README.md │ ├── lamp-phpmyadmin.yml │ ├── lamp.yml │ ├── lemp.yml │ └── tomcat7.yml ├── Ubuntu-16.04 ├── admin │ ├── README.md │ └── swap.sh ├── cms │ ├── README.md │ ├── wordpress-openlitespeed.sh │ └── wordpress.sh └── web-servers │ ├── README.md │ ├── lamp.yml │ ├── lemp.yml │ └── tomcat8.yml └── examples ├── README.md ├── new_user.yml └── nginx.sh /CentOS-7/README.md: -------------------------------------------------------------------------------- 1 | CentOS 7 Scripts 2 | =========== 3 | 4 | The scripts in this directory are targeted at CentOS 7.x 5 | -------------------------------------------------------------------------------- /CentOS-7/admin/README.md: -------------------------------------------------------------------------------- 1 | Admin Scripts 2 | ============= 3 | 4 | swap.sh 5 | ------- 6 | 7 | This script will create and activate a swap file at `/swapfile` on your new droplet in the size you specify. An entry in `/etc/fstab` will also be made to automatically enable the swap file on boot. 8 | 9 | **Required input**: 10 | 11 | * `<%SWAP_FILE_SIZE%>` - The size of the swap file to create. E.g. "1G" -------------------------------------------------------------------------------- /CentOS-7/admin/swap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Swap File Creator 4 | # 5 | # This script will create and configure a swap file 6 | # on your droplet at creation time. 7 | 8 | # Swap file size 9 | # example swapsize="1G" 10 | swapsize="<%SWAP_FILE_SIZE%>" 11 | fallocate -l $swapsize /swapfile; 12 | chmod 600 /swapfile; 13 | mkswap /swapfile; 14 | swapon /swapfile; 15 | echo "/swapfile none swap sw 0 0" >> /etc/fstab; -------------------------------------------------------------------------------- /CentOS-7/cms/README.md: -------------------------------------------------------------------------------- 1 | # CMS Scripts 2 | 3 | ##wordpress.sh 4 | This script will install and configure Wordpress. This stack includes Apache2, PHP5, and MySQL. 5 | 6 | ## mediawiki.sh 7 | This script will install and configure MediaWiki with Apache, PHP, and MySQL. Details on the database user created can be found in the MOTD shown when you log in via ssh. After this script is complete you can browse to your new droplet's IP address to complete the setup. 8 | 9 | ## wordpress-openlitespeed.sh 10 | This script will install and configure WordPress with OpenLiteSpeed, LSPHP and MariaDB with a single click. The only thing the user may want to do is log into the WordPress admin dashboard and customize the site. 11 | 12 | The script will appear to complete, but will need up to 3 more minutes to actually finish. After this time, browsing to your droplet's assigned IP will take you to your WordPress site. 13 | 14 | _Note: Settings, such as the site title, the domain, and so on can be changed from the WordPress admin dashboard._ 15 | -------------------------------------------------------------------------------- /CentOS-7/cms/mediawiki.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # MediaWiki Setup Script 4 | # 5 | # This script will install and configure MediaWiki on 6 | # a CentOS 7 droplet 7 | 8 | # Generate root and wordpress mysql passwords 9 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 10 | mwmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 11 | 12 | # Write passwords to file 13 | echo "MySQL Passwords for this droplet " > /etc/motd; 14 | echo "-----------------------------------" >> /etc/motd; 15 | echo "Root MySQL Password: $rootmysqlpass" >> /etc/motd; 16 | echo "MediaWiki MySQL Database: mwdb" >> /etc/motd; 17 | echo "Mediawiki MySQL Username: mwsql" >> /etc/motd; 18 | echo "Mediawiki MySQL Password: $mwmysqlpass" >> /etc/motd; 19 | echo "-----------------------------------" >> /etc/motd; 20 | echo "You can remove this information with 'cat /dev/null > /etc/motd'" >> /etc/motd; 21 | 22 | yum -y install httpd mariadb-server mariadb php-mysql php php-mcrypt php-gd php-xml; 23 | systemctl start mariadb; 24 | # Set up database user 25 | /usr/bin/mysqladmin -u root -h localhost create mwdb; 26 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 27 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER mwsql@localhost IDENTIFIED BY '"$mwmysqlpass"'"; 28 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON mwdb.* TO mwsql@localhost"; 29 | 30 | 31 | rm -f /var/www/html/index.html; 32 | wget http://releases.wikimedia.org/mediawiki/1.25/mediawiki-1.25.1.tar.gz -O /root/mediawiki.tar.gz; 33 | cd /root; 34 | tar -zxf /root/mediawiki.tar.gz; 35 | cp -Rf /root/mediawiki-1.25.1/* /var/www/html/.; 36 | rm /root/mediawiki.tar.gz; 37 | rm -Rf /root/mediawiki-1.25.1; 38 | chown -Rf apache.apache /var/www/html; 39 | systemctl start httpd; 40 | 41 | cat /etc/motd.tail > /var/run/motd.dynamic; 42 | chmod 0660 /var/run/motd.dynamic; 43 | -------------------------------------------------------------------------------- /CentOS-7/cms/wordpress-nginx.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | write_files: 3 | - path: /etc/nginx/nginx.conf 4 | content: | 5 | user nginx; 6 | worker_processes auto; 7 | error_log /var/log/nginx/error.log; 8 | pid /run/nginx.pid; 9 | 10 | events { 11 | worker_connections 1024; 12 | } 13 | 14 | http { 15 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for"'; 18 | 19 | access_log /var/log/nginx/access.log main; 20 | 21 | sendfile on; 22 | tcp_nopush on; 23 | tcp_nodelay on; 24 | keepalive_timeout 65; 25 | types_hash_max_size 2048; 26 | 27 | include /etc/nginx/mime.types; 28 | default_type application/octet-stream; 29 | 30 | # Load modular configuration files from the /etc/nginx/conf.d directory. 31 | # See http://nginx.org/en/docs/ngx_core_module.html#include 32 | # for more information. 33 | include /etc/nginx/conf.d/*.conf; 34 | } 35 | 36 | - path: /etc/nginx/conf.d/default.conf 37 | content: | 38 | server { 39 | listen 80 default_server; 40 | listen [::]:80 default_server ipv6only=on; 41 | root /var/www/html; 42 | index index.php index.html index.htm; 43 | server_name localhost; 44 | location / { 45 | try_files $uri $uri/ /index.php?$args; 46 | # Uncomment to enable naxsi on this location 47 | # include /etc/nginx/naxsi.rules 48 | } 49 | error_page 404 /404.html; 50 | error_page 500 502 503 504 /50x.html; 51 | location = /50x.html { 52 | root /usr/share/nginx/html; 53 | } 54 | location ~ \.php$ { 55 | try_files $uri =404; 56 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 57 | fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; 58 | fastcgi_index index.php; 59 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 60 | include fastcgi_params; 61 | } 62 | } 63 | - path: /var/www/html/info.php 64 | content: | 65 | 68 | runcmd: 69 | - yum -y install epel-release 70 | - yum -y install unzip nginx php-fpm php-mysql mariadb-server mariadb 71 | - wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip 72 | - unzip /tmp/wordpress.zip -d /tmp/ 73 | - cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php 74 | - ROOTMYSQLPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 75 | - WPMYSQLPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 76 | - echo "Root MySQL Password $ROOTMYSQLPASS" > /root/passwords.txt 77 | - echo "Wordpress MySQL Password $WPMYSQLPASS" >> /root/passwords.txt 78 | - sed -i -e "s/database_name_here/wordpress/" /tmp/wordpress/wp-config.php 79 | - sed -i -e "s/username_here/wordpress/" /tmp/wordpress/wp-config.php 80 | - sed -i -e "s/password_here/$WPMYSQLPASS/" /tmp/wordpress/wp-config.php 81 | - for i in `seq 1 8`; do wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; done 82 | - systemctl enable mariadb 83 | - systemctl start mariadb 84 | - /usr/bin/mysqladmin -u root -h localhost create wordpress 85 | - /usr/bin/mysqladmin -u root -h localhost password $ROOTMYSQLPASS 86 | - /usr/bin/mysql -uroot -p$ROOTMYSQLPASS -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$WPMYSQLPASS"'" 87 | - /usr/bin/mysql -uroot -p$ROOTMYSQLPASS -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost" 88 | - mkdir -p /var/www/html 89 | - sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php.ini 90 | - sed -i -e "s|listen = 127.0.0.1:9000|listen = /var/run/php-fpm/php-fpm.sock|" /etc/php-fpm.d/www.conf 91 | - sed -i -e "s|user = apache|user = nginx|" /etc/php-fpm.d/www.conf 92 | - sed -i -e "s|group = apache|group = nginx|" /etc/php-fpm.d/www.conf 93 | - cp -Rf /tmp/wordpress/* /var/www/html/. 94 | - chown -Rf nginx.nginx /var/www/html/* 95 | - rm -f /var/www/html/index.html 96 | - rm -Rf /tmp/wordpress* 97 | - systemctl start php-fpm 98 | - systemctl enable php-fpm.service 99 | - systemctl enable nginx.service 100 | - systemctl restart nginx 101 | -------------------------------------------------------------------------------- /CentOS-7/cms/wordpress-openlitespeed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | curl -k -o /tmp/ols1clk.sh https://raw.githubusercontent.com/litespeedtech/ols1clk/master/ols1clk.sh 3 | chmod 700 /tmp/ols1clk.sh 4 | export IPADD=`ifconfig eth0 | grep 'inet ' | awk '{print $2}'` 5 | /tmp/ols1clk.sh --wordpressplus $IPADD --quiet 6 | cp /usr/local/lsws/password /root/passwords.txt 7 | -------------------------------------------------------------------------------- /CentOS-7/cms/wordpress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # WordPress Setup Script 4 | # 5 | # This script will install and configure Wordpress on 6 | # an CentOS 7 droplet 7 | 8 | # Generate root and wordPress mysql passwords 9 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 10 | wpmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 11 | 12 | # Write passwords to file 13 | echo "Root MySQL Password: $rootmysqlpass" > /root/passwords.txt; 14 | echo "Wordpress MySQL Password: $wpmysqlpass" >> /root/passwords.txt; 15 | 16 | 17 | # Update CentOS 18 | yum -y update; 19 | 20 | # Install Apache/MySQL 21 | yum -y install httpd php php-mysql mariadb-server mariadb unzip; 22 | 23 | # Start services 24 | systemctl start mariadb; 25 | systemctl start httpd; 26 | 27 | # Download and uncompress WordPress 28 | wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip; 29 | cd /tmp/; 30 | unzip /tmp/wordpress.zip; 31 | # Set up database user 32 | /usr/bin/mysqladmin -u root -h localhost create wordpress; 33 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 34 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$wpmysqlpass"'"; 35 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"; 36 | 37 | # Configure WordPress 38 | cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php; 39 | sed -i "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" /tmp/wordpress/wp-config.php; 40 | sed -i "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" /tmp/wordpress/wp-config.php; 41 | sed -i "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '$wpmysqlpass'/g" /tmp/wordpress/wp-config.php; 42 | 43 | for i in `seq 1 8` 44 | do 45 | wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); 46 | sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; 47 | done 48 | 49 | cp -Rf /tmp/wordpress/* /var/www/html/.; 50 | rm -f /var/www/html/index.html; 51 | chown -Rf apache:apache /var/www/html; 52 | systemctl enable httpd.service; 53 | systemctl enable mariadb.service; 54 | systemctl restart httpd.service; 55 | -------------------------------------------------------------------------------- /CentOS-7/docker/README.md: -------------------------------------------------------------------------------- 1 | Docker 2 | ====== 3 | 4 | docker-centos.yml 5 | ------------ 6 | 7 | Install the latest version of Docker from the upstream Yum repository. -------------------------------------------------------------------------------- /CentOS-7/docker/docker-centos.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | yum_repos: 3 | docker: 4 | baseurl: https://yum.dockerproject.org/repo/main/centos/7 5 | enabled: 1 6 | gpgcheck: 1 7 | gpgkey: https://yum.dockerproject.org/gpg 8 | name: Docker Repository 9 | packages: 10 | - docker-engine -------------------------------------------------------------------------------- /CentOS-7/languages/README.md: -------------------------------------------------------------------------------- 1 | # Languages & Frameworks 2 | 3 | ## nodejs.sh 4 | 5 | This script will identify and install the latest version of [node.js](https://nodejs.org/) from source on CentOS 7. -------------------------------------------------------------------------------- /CentOS-7/languages/nodejs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | yum -y groupinstall "Development Tools"; 3 | yum -y install python curl openssl openssl-devel pkgconfig; 4 | 5 | VERSION=`curl -s http://nodejs.org/dist/latest/SHASUMS.txt | awk '/node-v/ {print $2}' | head -1 | sed s/node-v// | sed s/-/\ / | awk '{print $1}'` 6 | url="http://nodejs.org/dist/v"$VERSION"/node-v"$VERSION".tar.gz" 7 | curl $url | tar -zxf - 8 | cd "node-v"$VERSION 9 | 10 | # Time to Install 11 | ./configure && 12 | make && 13 | make install && 14 | cd .. && 15 | rm -rf node-v$VERSION && 16 | node --version && 17 | exit -------------------------------------------------------------------------------- /CentOS-7/no-sql/README.md: -------------------------------------------------------------------------------- 1 | NoSQL 2 | ===== 3 | 4 | Scripts in this folder install and configure common [NoSql databases](https://www.digitalocean.com/community/tutorials/a-comparison-of-nosql-database-management-systems-and-models). 5 | 6 | mongodb.yml 7 | --------------- 8 | 9 | Installs the latest MongoDB release from their offical repositories. 10 | 11 | 12 | redis.yml 13 | --------------- 14 | 15 | Installs the latest Redis from source. By default, it is bound to localhost. An init script is installed to `/etc/init.d/redis_6379`. -------------------------------------------------------------------------------- /CentOS-7/no-sql/mongodb.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | yum_repos: 3 | mongodb-org-3.0: 4 | baseurl: https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.0/$basearch 5 | enabled: 1 6 | # Unforunately, RPMs are not currently signed https://jira.mongodb.org/browse/SERVER-8770 7 | gpgcheck: 0 8 | gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL 9 | name: Extra Packages for Enterprise Linux 5 - Testing 10 | packages: 11 | - mongodb-org 12 | runcmd: 13 | - service mongod start 14 | - chkconfig mongod on -------------------------------------------------------------------------------- /CentOS-7/no-sql/redis.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - gcc 4 | - glibc-devel 5 | - make 6 | - curl 7 | runcmd: 8 | - curl -sSL http://download.redis.io/releases/redis-stable.tar.gz -o /tmp/redis.tar.gz 9 | - mkdir -p /tmp/redis 10 | - tar -xzf /tmp/redis.tar.gz -C /tmp/redis --strip-components=1 11 | - make -C /tmp/redis 12 | - make -C /tmp/redis install 13 | - echo -n | /tmp/redis/utils/install_server.sh 14 | - rm -rf /tmp/redis* 15 | # See: http://redis.io/topics/faq 16 | - sysctl vm.overcommit_memory=1 17 | # Bind Redis to localhost. Comment out to make available externally. 18 | - sed -i -e 's/# bind 127.0.0.1/bind 127.0.0.1/g' /etc/redis/6379.conf 19 | - service redis_6379 restart 20 | - chkconfig redis_6379 on -------------------------------------------------------------------------------- /CentOS-7/web-servers/README.md: -------------------------------------------------------------------------------- 1 | Web Servers 2 | =========== 3 | 4 | lamp.yml 5 | --------------- 6 | 7 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-7) with Apache, PHP, and MySQL. 8 | 9 | 10 | lemp.yml 11 | --------------- 12 | 13 | Installs and configures a basic ["LEMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-centos-7) with Nginx from the upstream yum repository and PHP-FPM. 14 | 15 | 16 | tomcat7.yml 17 | ----------- 18 | 19 | Installs a basic [Tomcat 7 web server](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-7-on-centos-7-via-yum). The file `/root/tomcat` contains the automatically generated password to access the web managment interface. -------------------------------------------------------------------------------- /CentOS-7/web-servers/lamp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | - mariadb-server 5 | - mariadb 6 | - php 7 | - php-mysql 8 | write_files: 9 | - path: /var/www/html/info.php 10 | content: | 11 | 14 | runcmd: 15 | - systemctl start httpd.service 16 | - systemctl enable httpd.service 17 | - systemctl start mariadb 18 | - systemctl enable mariadb.service -------------------------------------------------------------------------------- /CentOS-7/web-servers/lemp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | write_files: 3 | - path: /etc/nginx/conf.d/default.conf 4 | content: | 5 | server { 6 | listen 80 default_server; 7 | listen [::]:80 default_server ipv6only=on; 8 | 9 | root /var/www/html; 10 | index index.php index.html index.htm; 11 | 12 | server_name localhost; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to displaying a 404. 17 | try_files $uri $uri/ =404; 18 | # Uncomment to enable naxsi on this location 19 | # include /etc/nginx/naxsi.rules 20 | } 21 | 22 | error_page 404 /404.html; 23 | error_page 500 502 503 504 /50x.html; 24 | location = /50x.html { 25 | root /usr/share/nginx/html; 26 | } 27 | 28 | location ~ \.php$ { 29 | try_files $uri =404; 30 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 31 | fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; 32 | fastcgi_index index.php; 33 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 34 | include fastcgi_params; 35 | } 36 | } 37 | - path: /var/www/html/info.php 38 | content: | 39 | 42 | runcmd: 43 | - rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm 44 | - yum -y install nginx php-fpm php-mysql mariadb-server mariadb 45 | - mkdir -p /var/www/html 46 | - cp /usr/share/nginx/html/index.html /var/www/html/ 47 | - sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php.ini 48 | - sed -i -e "s|listen = 127.0.0.1:9000|listen = /var/run/php-fpm/php-fpm.sock|" /etc/php-fpm.d/www.conf 49 | - systemctl start php-fpm 50 | - systemctl enable php-fpm.service 51 | - systemctl enable nginx.service 52 | - systemctl restart nginx -------------------------------------------------------------------------------- /CentOS-7/web-servers/tomcat7.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | package_upgrade: true 3 | packages: 4 | - tomcat 5 | - tomcat-webapps 6 | - tomcat-admin-webapps 7 | - tomcat-docs-webapp 8 | - tomcat-javadoc 9 | write_files: 10 | - path: /home/root/tomcat-users.xml 11 | content: | 12 | 13 | 14 | 15 | 16 | runcmd: 17 | # Set random Tomcat admin password. 18 | - TOMCATPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 19 | - sed -i -e "s/%PASS%/$TOMCATPASS/" /home/root/tomcat-users.xml 20 | - echo "Tomcat Username - admin" > /root/tomcat 21 | - echo "Tomcat Password - $TOMCATPASS" >> /root/tomcat 22 | - PUBLIC_IPV4=`curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address` 23 | - echo -e "\nAccess the managment interface at http://$PUBLIC_IPV4:8080/manager/html" >> /root/tomcat 24 | - mv /home/root/tomcat-users.xml /usr/share/tomcat/conf/tomcat-users.xml 25 | - systemctl start tomcat 26 | - systemctl enable tomcat -------------------------------------------------------------------------------- /CoreOS/README.md: -------------------------------------------------------------------------------- 1 | CoreOS Scripts 2 | =========== 3 | 4 | The scripts in this directory are targeted at CoreOS 5 | -------------------------------------------------------------------------------- /Debian-8/README.md: -------------------------------------------------------------------------------- 1 | Debian 8 Scripts 2 | =========== 3 | 4 | The scripts in this directory are targeted at Debian 8 5 | -------------------------------------------------------------------------------- /Debian-8/admin/README.md: -------------------------------------------------------------------------------- 1 | Admin Scripts 2 | ============= 3 | 4 | swap.sh 5 | ------- 6 | 7 | This script will create and activate a swap file at `/swapfile` on your new droplet in the size you specify. An entry in `/etc/fstab` will also be made to automatically enable the swap file on boot. 8 | 9 | **Required input**: 10 | 11 | * `<%SWAP_FILE_SIZE%>` - The size of the swap file to create. E.g. "1G" -------------------------------------------------------------------------------- /Debian-8/admin/swap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Swap File Creator 4 | # 5 | # This script will create and configure a swap file 6 | # on your droplet at creation time. 7 | 8 | # Swap file size 9 | # example swapsize="1G" 10 | swapsize="<%SWAP_FILE_SIZE%>" 11 | fallocate -l $swapsize /swapfile; 12 | chmod 600 /swapfile; 13 | mkswap /swapfile; 14 | swapon /swapfile; 15 | echo "/swapfile none swap sw 0 0" >> /etc/fstab; -------------------------------------------------------------------------------- /Debian-8/cms/README.md: -------------------------------------------------------------------------------- 1 | # CMS Scripts 2 | 3 | ##wordpress.sh 4 | This script will install and configure Wordpress. This stack includes Apache2, PHP5, and MySQL. 5 | 6 | ## wordpress-openlitespeed.sh 7 | This script will install and configure WordPress with OpenLiteSpeed, LSPHP and MariaDB with a single click. The only thing the user may want to do is log into the WordPress admin dashboard and customize the site. 8 | 9 | The script will appear to complete, but will need up to 3 more minutes to actually finish. After this time, browsing to your droplet's assigned IP will take you to your WordPress site. 10 | 11 | _Note: Settings, such as the site title, the domain, and so on can be changed from the WordPress admin dashboard._ 12 | -------------------------------------------------------------------------------- /Debian-8/cms/wordpress-openlitespeed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | curl -k -o /tmp/ols1clk.sh https://raw.githubusercontent.com/litespeedtech/ols1clk/master/ols1clk.sh 3 | chmod 700 /tmp/ols1clk.sh 4 | export IPADD=`ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}'` 5 | /tmp/ols1clk.sh --wordpressplus $IPADD --quiet 6 | cp /usr/local/lsws/password /root/passwords.txt 7 | -------------------------------------------------------------------------------- /Debian-8/cms/wordpress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # WordPress Setup Script 4 | # 5 | # This script will install and configure WordPress on 6 | # an Debian 8 droplet 7 | export DEBIAN_FRONTEND=noninteractive; 8 | 9 | # Generate root and wordpress mysql passwords 10 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 11 | wpmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 12 | 13 | # Write passwords to file 14 | echo "Root MySQL Password: $rootmysqlpass" > /root/passwords.txt; 15 | echo "Wordpress MySQL Password: $wpmysqlpass" >> /root/passwords.txt; 16 | 17 | 18 | # Update Ubuntu 19 | apt-get update; 20 | apt-get -y upgrade; 21 | 22 | # Install Apache/MySQL 23 | apt-get -y install apache2 php5 php5-mysql mysql-server mysql-client unzip; 24 | 25 | # Download and uncompress WordPress 26 | wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip; 27 | cd /tmp/; 28 | unzip /tmp/wordpress.zip; 29 | # Set up database user 30 | /usr/bin/mysqladmin -u root -h localhost create wordpress; 31 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 32 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$wpmysqlpass"'"; 33 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"; 34 | 35 | # Configure WordPress 36 | cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php; 37 | sed -i "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" /tmp/wordpress/wp-config.php; 38 | sed -i "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" /tmp/wordpress/wp-config.php; 39 | sed -i "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '$wpmysqlpass'/g" /tmp/wordpress/wp-config.php; 40 | 41 | for i in `seq 1 8` 42 | do 43 | wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); 44 | sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; 45 | done 46 | 47 | cp -Rf /tmp/wordpress/* /var/www/html/.; 48 | rm -f /var/www/html/index.html; 49 | chown -Rf www-data:www-data /var/www/html; 50 | a2enmod rewrite; 51 | service apache2 restart; 52 | -------------------------------------------------------------------------------- /Debian-8/no-sql/README.md: -------------------------------------------------------------------------------- 1 | NoSQL 2 | ===== 3 | 4 | Scripts in this folder install and configure common [NoSql databases](https://www.digitalocean.com/community/tutorials/a-comparison-of-nosql-database-management-systems-and-models). 5 | 6 | mongodb.yml 7 | --------------- 8 | 9 | Installs the latest MongoDB release from their offical repositories. 10 | 11 | 12 | redis.yml 13 | --------------- 14 | 15 | Installs the latest Redis from source. By default, it is bound to localhost and listens on port 6379. An init script is installed to `/etc/init.d/redis_6379`. -------------------------------------------------------------------------------- /Debian-8/no-sql/mongodb.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_sources: 3 | # Enable MongoDB repository 4 | - source: deb http://repo.mongodb.org/apt/debian wheezy/mongodb-org/3.0 main 5 | keyid: 7F0CEB10 6 | filename: mongodb.list 7 | apt_update: true 8 | packages: 9 | - mongodb-org -------------------------------------------------------------------------------- /Debian-8/no-sql/redis.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - gcc 5 | - libc6-dev 6 | - make 7 | - curl 8 | runcmd: 9 | - curl -sSL http://download.redis.io/releases/redis-stable.tar.gz -o /tmp/redis.tar.gz 10 | - mkdir -p /tmp/redis 11 | - tar -xzf /tmp/redis.tar.gz -C /tmp/redis --strip-components=1 12 | - make -C /tmp/redis 13 | - make -C /tmp/redis install 14 | - export PATH="$PATH:/usr/local/bin" 15 | - echo -n | /tmp/redis/utils/install_server.sh 16 | - rm -rf /tmp/redis* 17 | # See: http://redis.io/topics/faq 18 | - sysctl vm.overcommit_memory=1 19 | # Bind Redis to localhost. Comment out to make available externally. 20 | - sed -i -e 's/# bind 127.0.0.1/bind 127.0.0.1/g' /etc/redis/6379.conf 21 | - service redis_6379 restart -------------------------------------------------------------------------------- /Debian-8/web-servers/README.md: -------------------------------------------------------------------------------- 1 | Web Servers 2 | =========== 3 | 4 | lamp.yml 5 | --------------- 6 | 7 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-04) with Apache, PHP, and MySQL. 8 | 9 | 10 | lemp.yml 11 | --------------- 12 | 13 | Installs and configures a basic ["LEMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-14-04) with Nginx and PHP-FPM. 14 | 15 | 16 | lamp-phpmyadmin.yml 17 | --------------- 18 | 19 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-04) with Apache, PHP, and MySQL. In addition, [phpMyAdmin](https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-14-04) is also installed and configured. The file `/root/phpmyadmin` contains the automatically generated passwords for both the MySql root user and the `.htaccess` file protecting the phpMyAdmin login page. 20 | 21 | 22 | tomcat7.yml 23 | ----------- 24 | 25 | Installs a basic [Tomcat 7 web server](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-7-on-ubuntu-14-04-via-apt-get). The file `/root/tomcat` contains the automatically generated password to access the web managment interface. -------------------------------------------------------------------------------- /Debian-8/web-servers/lamp-phpmyadmin.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | package_upgrade: true 4 | packages: 5 | - apache2 6 | - apache2-utils 7 | - php5-mysql 8 | - mysql-server 9 | - libapache2-mod-php5 10 | - php5-mcrypt 11 | - php5-gd 12 | - php5-curl 13 | - phpmyadmin 14 | write_files: 15 | - path: /usr/share/phpmyadmin/.htaccess 16 | content: | 17 | AuthType Basic 18 | AuthName "Restricted Files" 19 | AuthUserFile /etc/phpmyadmin/.htpasswd 20 | Require valid-user 21 | runcmd: 22 | # Configure Apache 23 | - php5enmod mcrypt 24 | - sed -i -e "s/index.html index.cgi index.pl index.php/index.php index.html index.cgi index.pl/" /etc/apache2/mods-enabled/dir.conf 25 | - sed -i -e "s/index.php/index.php\n\tAllowOverride\ All/" /etc/phpmyadmin/apache.conf 26 | - ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf 27 | 28 | # Generate random passwords for the MySql root user and the .htaccess file 29 | - PHPMYADMINPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 30 | - MYSQLPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 31 | - mysqladmin -u root -h localhost password "$MYSQLPASS" 32 | - echo "[client]\npassword="$MYSQLPASS"\n" > /root/.my.cnf 33 | # The .htaccess username defaults to phpmyadmin. Update the line below to change that. 34 | - echo $PHPMYADMINPASS | htpasswd -c -i /etc/phpmyadmin/.htpasswd phpmyadmin 35 | - echo "phpMyAdmin Password - "$PHPMYADMINPASS"" > /root/phpmyadmin 36 | - echo "MySql Password - ""$MYSQLPASS""" >> /root/phpmyadmin 37 | 38 | # Enable the conf and restart Apache. 39 | - a2enconf phpmyadmin.conf 40 | - service apache2 restart -------------------------------------------------------------------------------- /Debian-8/web-servers/lamp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - apache2 5 | - php5-mysql 6 | - mysql-server 7 | - libapache2-mod-php5 8 | - php5-mcrypt 9 | - php5-gd 10 | - php5-curl 11 | write_files: 12 | - path: /var/www/html/info.php 13 | content: | 14 | 17 | runcmd: 18 | - sed -i -e "s/index.html index.cgi index.pl index.php/index.php index.html index.cgi index.pl/" /etc/apache2/mods-enabled/dir.conf 19 | - systemctl restart apache2 20 | -------------------------------------------------------------------------------- /Debian-8/web-servers/lemp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - nginx 5 | - php5-fpm 6 | - php5-mysql 7 | - mysql-server 8 | - php5-mcrypt 9 | - php5-gd 10 | - php5-curl 11 | write_files: 12 | - path: /etc/nginx/sites-available/default 13 | content: | 14 | server { 15 | listen 80 default_server; 16 | listen [::]:80 default_server ipv6only=on; 17 | 18 | root /var/www/html; 19 | index index.php index.html index.htm; 20 | 21 | server_name localhost; 22 | 23 | location / { 24 | # First attempt to serve request as file, then 25 | # as directory, then fall back to displaying a 404. 26 | try_files $uri $uri/ =404; 27 | # Uncomment to enable naxsi on this location 28 | # include /etc/nginx/naxsi.rules 29 | } 30 | 31 | error_page 404 /404.html; 32 | error_page 500 502 503 504 /50x.html; 33 | location = /50x.html { 34 | root /usr/share/nginx/html; 35 | } 36 | 37 | location ~ \.php$ { 38 | try_files $uri =404; 39 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 40 | fastcgi_pass unix:/var/run/php5-fpm.sock; 41 | fastcgi_index index.php; 42 | include fastcgi.conf; 43 | } 44 | } 45 | - path: /var/www/html/info.php 46 | content: | 47 | 50 | runcmd: 51 | - mkdir -p /var/www/html 52 | - cp /usr/share/nginx/html/index.html /var/www/html/ 53 | - sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php5/fpm/php.ini 54 | # Ensure backwards compatible with 14.04 55 | - file=/etc/nginx/fastcgi.conf; if [ ! -f "$file" ]; then ln -s /etc/nginx/fastcgi_params "$file"; fi 56 | - service nginx restart -------------------------------------------------------------------------------- /Debian-8/web-servers/tomcat7.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - curl 5 | - tomcat7 6 | - tomcat7-docs 7 | - tomcat7-admin 8 | - tomcat7-examples 9 | - default-jdk 10 | write_files: 11 | - path: /etc/tomcat7/tomcat-users.xml 12 | content: | 13 | 14 | 15 | 16 | 17 | runcmd: 18 | # Set random Tomcat admin password. 19 | - TOMCATPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 20 | - sed -i -e "s/%PASS%/$TOMCATPASS/" /etc/tomcat7/tomcat-users.xml 21 | - echo "Tomcat Username - admin" > /root/tomcat 22 | - echo "Tomcat Password - $TOMCATPASS" >> /root/tomcat 23 | - PUBLIC_IPV4=`curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address` 24 | - echo "\nAccess the managment interface at http://$PUBLIC_IPV4:8080/manager/html" >> /root/tomcat 25 | # Ensure Tomcat listens on IPv4 and optimize startup time by using a non-blocking entropy source. 26 | - echo "JAVA_OPTS=\"\$JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true -Djava.security.egd=file:/dev/./urandom\"" >> /etc/default/tomcat7 27 | - service tomcat7 restart -------------------------------------------------------------------------------- /Fedora-22/languages/README.md: -------------------------------------------------------------------------------- 1 | # Languages & Frameworks 2 | 3 | ## nodejs.sh 4 | 5 | This script will identify and install the latest version of [node.js](https://nodejs.org/) from source on Fedora 22. -------------------------------------------------------------------------------- /Fedora-22/languages/nodejs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | dnf -y group install "Development Tools"; 3 | dnf -y install python curl openssl openssl-devel pkgconfig gcc-c++; 4 | 5 | VERSION=`curl -s http://nodejs.org/dist/latest/SHASUMS.txt | awk '/node-v/ {print $2}' | head -1 | sed s/node-v// | sed s/-/\ / | awk '{print $1}'` 6 | url="http://nodejs.org/dist/v"$VERSION"/node-v"$VERSION".tar.gz" 7 | curl $url | tar -zxf - 8 | cd "node-v"$VERSION 9 | 10 | # Time to Install 11 | ./configure && 12 | make && 13 | make install && 14 | cd .. && 15 | rm -rf node-v$VERSION && 16 | node --version && 17 | exit -------------------------------------------------------------------------------- /Fedora/README.md: -------------------------------------------------------------------------------- 1 | Fedora Scripts 2 | ============== 3 | 4 | The scripts in this directory are targeted at Fedora. 5 | -------------------------------------------------------------------------------- /Fedora/admin/README.md: -------------------------------------------------------------------------------- 1 | # Admin Scripts 2 | 3 | ## swap.sh 4 | This script will create and activate a swap file at /swapfile on your new droplet, there are two different modes, automatic mode based on RedHat Enterprise Linux Storage Guide (https://goo.gl/kFGdnO) and manual mode, using the size you specify. An entry in /etc/fstab will also be made to automatically enable the swap file on boot. 5 | 6 | **Required input**: 7 | * `<%MODE%>` - Possible values will be "automatic" or "manual" 8 | 9 | **Optional input**: 10 | if <%MODE%> is set to "manual" then <%SWAP_FILE_SIZE%> where represents the size of the swap file to create. E.g. "1G" 11 | 12 | ### Tested on 13 | * Fedora 22 14 | * Fedora 23 15 | -------------------------------------------------------------------------------- /Fedora/admin/swap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Swap File Creator 4 | # 5 | # This script will create and configure a swap file 6 | # on your droplet at creation time. 7 | # Tested on: 8 | # Fedora 22 9 | # Fedora 23 10 | # 11 | # <%MODE%> Please replace using "automatic" or "manual" mode. 12 | # 13 | # * automatic mode: 14 | # 15 | # Based Red Hat Enterprise Linux Administration Guide 16 | # Swap should equal 2x physical RAM for up to 2 GB of physical RAM, 17 | # and then an additional 1x physical RAM for any amount above 2 GB, 18 | # but never less than 32 MB.For more informationm, please visit: 19 | # https://goo.gl/kFGdnO 20 | # 21 | # ╔════════════════════════╦═════════════════════════╗ 22 | # ║(M) Amount of RAM in G ║ (S) Amount of swap in G ║ 23 | # ╠════════════════════════╬═════════════════════════╣ 24 | # ║ M < 2G ║ S = M * 2G ║ 25 | # ╠════════════════════════╬═════════════════════════╣ 26 | # ║ 2G < M < 32G ║ S = M + 2G ║ 27 | # ╠════════════════════════╬═════════════════════════╣ 28 | # ║ 32G < M ║ S = 32G or S = M ║ 29 | # ╚════════════════════════╩═════════════════════════╝ 30 | # 31 | # 32 | # * manual mode: 33 | # * Replace <%SWAP_FILE_SIZE%> with your custom swap size 34 | 35 | mode=<%MODE%> 36 | 37 | function automatic() 38 | { 39 | min="2147483648" 40 | max="34359738368" 41 | echo "Detecting current RAM size..." 42 | ram_size="$(free -b | grep Mem | awk '{ print $2 }' )" 43 | echo "... Physical Memory Size: $ram_size" 44 | echo "Calculating recommended SWAP file size..." 45 | if [[ $ram_size -le $min ]] 46 | then 47 | echo "The RAM size is less than 2G" 48 | swapsize=$(( $ram_size * 2 )) 49 | echo "...recommended size: $swapsize" 50 | elif [[ $ram_size -ge $min ]] && [[ $ram_size -lt $max ]] 51 | then 52 | echo "The RAM size is equal to 2G and less than 32G" 53 | swapsize=$(( $ram_size + $min )) 54 | echo "...recommended size: $swapsize" 55 | elif [[ $ram_size -ge $max ]] 56 | then 57 | echo "The RAM size is greater than 32G" 58 | swapsize=$max 59 | echo "...recommended size: $swapsize" 60 | fi 61 | } 62 | 63 | if [[ $mode == automatic ]] 64 | then 65 | echo "Running automatic mode..." 66 | automatic 67 | elif [[ $mode == manual ]] 68 | then 69 | echo "Running on manual mode..." 70 | swapsize="<%SWAP_FILE_SIZE%>" 71 | fi 72 | 73 | fallocate -l $swapsize /swapfile 74 | chmod 600 /swapfile 75 | mkswap /swapfile -L swap 76 | swapon /swapfile 77 | echo "/swapfile swap swap sw 0 0" >> /etc/fstab 78 | -------------------------------------------------------------------------------- /Fedora/web-servers/README.md: -------------------------------------------------------------------------------- 1 | #Web Servers 2 | 3 | 4 | #lamp.yml 5 | 6 | Installs a basic "LAMP" stack. 7 | 8 | ## Tested on 9 | 10 | * Fedora 23 11 | 12 | #lamp-hidden_versions.yml 13 | Installs a basic "LAMP" stack and configure Apache HTTP Server and PHP to avoid version exposure. 14 | 15 | ## Tested on 16 | 17 | * Fedora 23 18 | 19 | -------------------------------------------------------------------------------- /Fedora/web-servers/lamp-hidden_versions.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | - mariadb-server 5 | - mariadb 6 | - php 7 | - php-mysql 8 | - php-gd 9 | - php-mcrypt 10 | runcmd: 11 | - echo "ServerSignature Off" >> /etc/httpd/conf/httpd.conf 12 | - echo "ServerTokens Prod" >> /etc/httpd/conf/httpd.conf 13 | - sed -i -e "s/expose_php = On/expose_php = Off/" /etc/php.ini 14 | - systemctl start httpd.service && systemctl enable httpd.service 15 | - systemctl start mariadb && systemctl enable mariadb.service 16 | 17 | -------------------------------------------------------------------------------- /Fedora/web-servers/lamp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | - mariadb-server 5 | - mariadb 6 | - php 7 | - php-mysql 8 | - php-gd 9 | - php-mcrypt 10 | write_files: 11 | - path: /var/www/html/info.php 12 | content: | 13 | 16 | runcmd: 17 | - 'chown apache:apache /var/www/html/info.php' 18 | - systemctl start httpd.service && systemctl enable httpd.service 19 | - systemctl start mariadb && systemctl enable mariadb.service 20 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015 DigitalOcean 2 | 3 | MIT License 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining 6 | a copy of this software and associated documentation files (the 7 | "Software"), to deal in the Software without restriction, including 8 | without limitation the rights to use, copy, modify, merge, publish, 9 | distribute, sublicense, and/or sell copies of the Software, and to 10 | permit persons to whom the Software is furnished to do so, subject to 11 | the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be 14 | included in all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 20 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 21 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 22 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | DigitalOcean User Scripts Library 2 | ================================= 3 | 4 | This repository contains a collection of scripts that can be used to help provision 5 | your Droplet on first boot. When creating a new Droplet, they can be provided as 6 | "user data." 7 | 8 | ![DigitalOcean Control Panel](https://assets.digitalocean.com/articles/metadata/user-data.png) 9 | 10 | For an introduction for the technologies involved, check out these articles from 11 | [the DigitalOcean Community](https://www.digitalocean.com/community/) as well as 12 | the [upstream cloud-init documentation](https://cloudinit.readthedocs.org/en/latest/): 13 | 14 | * [An Introduction to Droplet Metadata](https://www.digitalocean.com/community/tutorials/an-introduction-to-droplet-metadata) 15 | * [An Introduction to Cloud-Config Scripting](https://www.digitalocean.com/community/tutorials/an-introduction-to-cloud-config-scripting) 16 | * [How To Use Cloud-Config For Your Initial Server Setup](https://www.digitalocean.com/community/tutorials/how-to-use-cloud-config-for-your-initial-server-setup) 17 | 18 | 19 | Contributing 20 | ------------ 21 | 22 | Scripts in this repository can be in one of two formats, shell scripts and 23 | cloud-config files. In order to encourage simplicity and readability, it is 24 | highly encouraged to use the declarative cloud-config file format when possible. 25 | 26 | Each directory must contain a README.md file describing the scripts contained 27 | within it, including the target platform and a description of any needed user 28 | input. As these scripts are not interactive, please use the standardized 29 | format of **`<%DESCRIPTIVE_NAME%>`** for variables that should be provided by 30 | the user before running the script. (See the `examples/` directory.) 31 | 32 | Feedback 33 | -------- 34 | 35 | This project is an experiment, and it won't be successful without your feedback. 36 | Let us know what you think by [opening an issue here on GitHub](https://github.com/digitalocean/do_user_scripts/issues). 37 | -------------------------------------------------------------------------------- /Ubuntu-14.04/README.md: -------------------------------------------------------------------------------- 1 | Ubuntu 14.04 Scripts 2 | =========== 3 | 4 | The scripts in this directory are targeted at Ubuntu 14.04 LTS 5 | -------------------------------------------------------------------------------- /Ubuntu-14.04/admin/README.md: -------------------------------------------------------------------------------- 1 | Admin Scripts 2 | ============= 3 | 4 | change.hostn.yml 5 | ---------------- 6 | 7 | Example of changing the Droplet's hostname using a cloud-config file. Useful for cases where you want to name the Droplet something different than the hostname. 8 | 9 | **Required input**: 10 | 11 | * `<%HOSTNAME%>` - The hostname for your server. 12 | 13 | 14 | postfix-send-only.yml 15 | --------------------- 16 | 17 | Installs the Postfix SMTP server [configured in send-only mode](https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-as-a-send-only-smtp-server-on-ubuntu-14-04). 18 | 19 | **Optional input**: 20 | 21 | * `<%EMAIL_ADDR%>` - Email address to send test message to when installation is complete. 22 | 23 | swap.sh 24 | ------- 25 | 26 | This script will create and activate a swap file at `/swapfile` on your new droplet in the size you specify. An entry in `/etc/fstab` will also be made to automatically enable the swap file on boot. 27 | 28 | **Required input**: 29 | 30 | * `<%SWAP_FILE_SIZE%>` - The size of the swap file to create. E.g. "1G" 31 | 32 | saltstack.bash 33 | -------------- 34 | 35 | This script upgrades the system to the latest packages, installs salt-minion, and configures the master server. Please read the top of the file for more information. 36 | 37 | **Required input**: 38 | 39 | * `<%HOSTNAME%>` - The 'nice name' for your server. Not the FQDN. 40 | * `<%MASTER%>` - The IP address for the salt master server. Either local or public will work. 41 | -------------------------------------------------------------------------------- /Ubuntu-14.04/admin/change.hostn.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | hostname: <%HOSTNAME%> 3 | manage_etc_hosts: true 4 | -------------------------------------------------------------------------------- /Ubuntu-14.04/admin/postfix-send-only.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | package_upgrade: true 4 | packages: 5 | - mailutils 6 | runcmd: 7 | - sed -i 's/inet_interfaces = all/inet_interfaces = loopback-only/' /etc/postfix/main.cf 8 | - service postfix restart 9 | # Uncomment to send test email when configuration is complete. 10 | # - echo "Your server is now configured and ready for use." | mail -s "Server configuration complete" <%EMAIL_ADDR%> -------------------------------------------------------------------------------- /Ubuntu-14.04/admin/saltstack.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ## 4 | # Upgrade everything, install salt minion, and connect to salt master 5 | ## 6 | # This userdata script upgrades your system to the latest packages and 7 | # installs and configures salt-minion to connect to the master. To user 8 | # this script, you're expected to set the FQDN as your droplet name on 9 | # DigitalOcean's control panel (Thus setting rDNS/PTR). You need to 10 | # manually change the hostname (the human readable one) below. You also 11 | # need to set the salt master's IP address below. After, just paste this 12 | # script into the DigitalOcean creation page. 13 | ## 14 | # Made by Zachary DuBois (https://zacharydubois.me) - Under MIT. 15 | ## 16 | 17 | 18 | # Change to the desired hostname of your droplet (Human name, not FQDN). 19 | hostname="<%HOSTNAME%>" 20 | # Change to your saltstack master IP address (Private is prefered if you're in the same datacenter). 21 | master="<%MASTER%>" 22 | 23 | 24 | #### Don't edit below! #### 25 | 26 | # Get the meta information from DigitalOcean 27 | ip=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 28 | fqdn=$(curl -s http://169.254.169.254/metadata/v1/hostname) 29 | 30 | # Set the hostname 31 | echo "$hostname" > /etc/hostname 32 | hostname -F /etc/hostname 33 | 34 | # Create a temporary line in the hosts file that should get regenerated by the saltmaster. 35 | echo "$ip $fqdn $hostname" >> /etc/hosts 36 | cat /etc/hostname /etc/hosts 37 | 38 | # Get all updates 39 | apt-get update 40 | apt-get -y upgrade 41 | apt-get -y dist-upgrade 42 | apt-get autoremove --purge -y 43 | apt-get autoclean 44 | 45 | # Add the saltstack repository into sources.d 46 | echo 'deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main' > /etc/apt/sources.list.d/saltstack.list 47 | 48 | # Add the saltstack key into the APT keyring 49 | curl https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add - 50 | 51 | # Refresh package lists 52 | apt-get update 53 | 54 | # Install saltminion 55 | apt-get install -y salt-minion 56 | 57 | # Set the master IP in the minion configuration. 58 | sed -i 's/#master: salt/master: '$master'/g' /etc/salt/minion 59 | 60 | # Restart salt-minion 61 | service salt-minion restart 62 | 63 | # You're done! 64 | exit 0 65 | -------------------------------------------------------------------------------- /Ubuntu-14.04/admin/swap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Swap File Creator 4 | # 5 | # This script will create and configure a swap file 6 | # on your droplet at creation time. 7 | 8 | # Swap file size 9 | # example swapsize="1G" 10 | swapsize="<%SWAP_FILE_SIZE%>" 11 | fallocate -l $swapsize /swapfile; 12 | chmod 600 /swapfile; 13 | mkswap /swapfile; 14 | swapon /swapfile; 15 | echo "/swapfile none swap sw 0 0" >> /etc/fstab; -------------------------------------------------------------------------------- /Ubuntu-14.04/cms/README.md: -------------------------------------------------------------------------------- 1 | # CMS Scripts 2 | 3 | ##wordpress.sh 4 | This script will install and configure Wordpress. This stack includes Apache2, PHP5, and MySQL. 5 | 6 | ## mediawiki.sh 7 | This script will install and configure MediaWiki with Apache, PHP, and MySQL. Details on the database user created can be found in the MOTD shown when you log in via ssh. After this script is complete you can browse to your new droplet's IP address to complete the setup. 8 | 9 | ## wordpress-openlitespeed.sh 10 | This script will install and configure WordPress with OpenLiteSpeed, LSPHP and MariaDB with a single click. The only thing the user may want to do is log into the WordPress admin dashboard and customize the site. 11 | 12 | The script will appear to complete, but will need up to 3 more minutes to actually finish. After this time, browsing to your droplet's assigned IP will take you to your WordPress site. 13 | 14 | _Note: Settings, such as the site title, the domain, and so on can be changed from the WordPress admin dashboard._ 15 | -------------------------------------------------------------------------------- /Ubuntu-14.04/cms/mediawiki.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # MediaWiki Setup Script 4 | # 5 | # This script will install and configure MediaWiki on 6 | # an Ubuntu 14.04 droplet 7 | export DEBIAN_FRONTEND=noninteractive; 8 | 9 | # Generate root and wordpress mysql passwords 10 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 11 | mwmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 12 | 13 | 14 | # Write passwords to file 15 | echo "MySQL Passwords for this droplet " > /etc/motd.tail; 16 | echo "-----------------------------------" >> /etc/motd.tail; 17 | echo "Root MySQL Password: $rootmysqlpass" >> /etc/motd.tail; 18 | echo "MediaWiki MySQL Database: mwdb" >> /etc/motd.tail; 19 | echo "Mediawiki MySQL Username: mwsql" >> /etc/motd.tail; 20 | echo "Mediawiki MySQL Password: $mwmysqlpass" >> /etc/motd.tail; 21 | echo "-----------------------------------" >> /etc/motd.tail; 22 | echo "You can remove this information with 'rm -f /etc/motd.tail'" >> /etc/motd.tail; 23 | 24 | apt-get update; 25 | apt-get -y install apache2 mysql-server libapache2-mod-auth-mysql php5-mysql php5 libapache2-mod-php5 php5-mcrypt php5-gd php5-intl php-pear php5-dev make libpcre3-dev php-apc; 26 | 27 | # Set up database user 28 | /usr/bin/mysqladmin -u root -h localhost create mwdb; 29 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 30 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER mwsql@localhost IDENTIFIED BY '"$mwmysqlpass"'"; 31 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON mwdb.* TO mwsql@localhost"; 32 | 33 | 34 | rm -f /var/www/html/index.html; 35 | wget http://releases.wikimedia.org/mediawiki/1.25/mediawiki-1.25.1.tar.gz -O /root/mediawiki.tar.gz; 36 | cd /root; 37 | tar -zxf /root/mediawiki.tar.gz; 38 | cp -Rf /root/mediawiki-1.25.1/* /var/www/html/.; 39 | #rm /root/mediawiki.tar.gz; 40 | #rm -Rf /root/mediawiki-1.25.1; 41 | chown -Rf www-data.www-data /var/www/html; 42 | service apache2 restart; 43 | 44 | cat /etc/motd.tail > /var/run/motd.dynamic; 45 | chmod 0660 /var/run/motd.dynamic; 46 | -------------------------------------------------------------------------------- /Ubuntu-14.04/cms/wordpress-nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # WordPress Setup Script 4 | # 5 | # This script will install and configure WordPress on 6 | # an Ubuntu 14.04 droplet 7 | # Generate root and wordpress mysql passwords 8 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 9 | wpmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 10 | 11 | # Write passwords to file 12 | echo "MySQL Passwords for this droplet " > /etc/motd.tail; 13 | echo "-----------------------------------" >> /etc/motd.tail; 14 | echo "Root MySQL Password: $rootmysqlpass" >> /etc/motd.tail; 15 | echo "Wordpress MySQL Database: mwdb" >> /etc/motd.tail; 16 | echo "Wordpress MySQL Username: mwsql" >> /etc/motd.tail; 17 | echo "Wordpress MySQL Password: $wpmysqlpass" >> /etc/motd.tail; 18 | echo "-----------------------------------" >> /etc/motd.tail; 19 | echo "You can remove this information with 'rm -f /etc/motd.tail'" >> /etc/motd.tail; 20 | # Install mysql-server 21 | export DEBIAN_FRONTEND=noninteractive 22 | # Update Ubuntu 23 | apt-get update; 24 | apt-get -y upgrade; 25 | # Install Nginx/MySQL 26 | apt-get -y install debconf-utils 27 | echo mysql-server mysql-server/root_password password | sudo debconf-set-selections 28 | echo mysql-server mysql-server/root_password_again password | sudo debconf-set-selections 29 | sudo apt-get -y install mysql-server 30 | sudo apt-get install -y php5-fpm php5-mysql mysql-client unzip; 31 | echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/nginx-stable.list 32 | sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C300EE8C 33 | sudo apt-get update 34 | sudo apt-get -y install nginx 35 | #start nginx 36 | sudo service nginx start 37 | # Download and uncompress WordPress 38 | wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip; 39 | cd /tmp/ || exit; 40 | unzip /tmp/wordpress.zip; 41 | # Set up database user 42 | /usr/bin/mysqladmin -u root -h localhost create wordpress; 43 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 44 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$wpmysqlpass"'"; 45 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"; 46 | # Configure PHP 47 | sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php5/fpm/php.ini 48 | sed -i "s|listen = 127.0.0.1:9000|listen = /var/run/php5-fpm.sock|" /etc/php5/fpm/pool.d/www.conf; 49 | sudo service php5-fpm restart 50 | # Configure Nginx 51 | mv /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak 52 | cat > /etc/nginx/sites-available/default << "EOF" 53 | server { 54 | listen 80 default_server; 55 | listen [::]:80 default_server ipv6only=on; 56 | root /var/www/html; 57 | index index.php index.html index.htm; 58 | server_name localhost; 59 | location / { 60 | # First attempt to serve request as file, then 61 | # as directory, then fall back to displaying a 404. 62 | try_files $uri $uri/ /index.php?q=$uri&$args; 63 | # Uncomment to enable naxsi on this location 64 | # include /etc/nginx/naxsi.rules 65 | } 66 | error_page 404 /404.html; 67 | error_page 500 502 503 504 /50x.html; 68 | location = /50x.html { 69 | root /usr/share/nginx/html; 70 | } 71 | location ~ \.php$ { 72 | try_files $uri =404; 73 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 74 | fastcgi_pass unix:/var/run/php5-fpm.sock; 75 | fastcgi_index index.php; 76 | include fastcgi.conf; 77 | } 78 | } 79 | EOF 80 | 81 | cat /etc/nginx/sites-available/default 82 | # Add PHP info 83 | echo "" > /var/www/html/info.php 84 | # Configure Nginx sites-available 85 | sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/wordpress 86 | sudo rm /etc/nginx/sites-available/default 87 | sudo rm /etc/nginx/sites-enabled/default 88 | sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/wordpress 89 | #Configure WordPress 90 | cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php; 91 | sed -i "s|'DB_NAME', 'database_name_here'|'DB_NAME', 'wordpress'|g" /tmp/wordpress/wp-config.php; 92 | sed -i "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" /tmp/wordpress/wp-config.php; 93 | sed -i "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '$wpmysqlpass'/g" /tmp/wordpress/wp-config.php; 94 | for i in `seq 1 8` 95 | do 96 | wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); 97 | sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; 98 | done 99 | cp -Rf /tmp/wordpress/* /var/www/html/.; 100 | rm -f /var/www/index.html; 101 | chown -Rf www-data:www-data /var/www/html; 102 | service nginx restart; 103 | -------------------------------------------------------------------------------- /Ubuntu-14.04/cms/wordpress-openlitespeed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | curl -k -o /tmp/ols1clk.sh https://raw.githubusercontent.com/litespeedtech/ols1clk/master/ols1clk.sh 3 | chmod 700 /tmp/ols1clk.sh 4 | export IPADD=`ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}'` 5 | /tmp/ols1clk.sh --wordpressplus $IPADD --quiet 6 | cp /usr/local/lsws/password /root/passwords.txt 7 | -------------------------------------------------------------------------------- /Ubuntu-14.04/cms/wordpress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # WordPress Setup Script 4 | # 5 | # This script will install and configure WordPress on 6 | # an Ubuntu 14.04 droplet 7 | export DEBIAN_FRONTEND=noninteractive; 8 | 9 | # Generate root and wordpress mysql passwords 10 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 11 | wpmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 12 | 13 | 14 | # Write passwords to file 15 | echo "Root MySQL Password: $rootmysqlpass" > /root/passwords.txt; 16 | echo "Wordpress MySQL Password: $wpmysqlpass" >> /root/passwords.txt; 17 | 18 | 19 | # Update Ubuntu 20 | apt-get update; 21 | apt-get -y upgrade; 22 | 23 | # Install Apache/MySQL 24 | apt-get -y install apache2 php5 php5-mysql mysql-server mysql-client unzip; 25 | 26 | # Download and uncompress WordPress 27 | wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip; 28 | cd /tmp/; 29 | unzip /tmp/wordpress.zip; 30 | # Set up database user 31 | /usr/bin/mysqladmin -u root -h localhost create wordpress; 32 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 33 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$wpmysqlpass"'"; 34 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"; 35 | 36 | # Configure WordPress 37 | cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php; 38 | sed -i "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" /tmp/wordpress/wp-config.php; 39 | sed -i "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" /tmp/wordpress/wp-config.php; 40 | sed -i "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '$wpmysqlpass'/g" /tmp/wordpress/wp-config.php; 41 | for i in `seq 1 8` 42 | do 43 | wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); 44 | sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; 45 | done 46 | cp -Rf /tmp/wordpress/* /var/www/html/.; 47 | rm -f /var/www/html/index.html; 48 | chown -Rf www-data:www-data /var/www/html; 49 | a2enmod rewrite; 50 | service apache2 restart; 51 | -------------------------------------------------------------------------------- /Ubuntu-14.04/desktop/README.md: -------------------------------------------------------------------------------- 1 | #Desktop Scripts 2 | 3 | The scripts in this directory will automatically configure a remote desktop environment 4 | 5 | ## kde-x2go.sh 6 | This script will install kde using the kubuntu-desktop metapackage and set up an x2go server. This desktop environment can be accessed using the [x2go client](http://wiki.x2go.org/doku.php/doc:installation:x2goclient) and allows for logins using either a password or ssh key. 7 | 8 | ## lxde-x2go.sh 9 | This script will install lxde using the lubuntu-desktop metapackage and set up an x2go server. This desktop environment can be accessed using the [x2go client](http://wiki.x2go.org/doku.php/doc:installation:x2goclient) and allows for logins using either a password or ssh key. 10 | 11 | 12 | ## xfce-x2go.sh 13 | This script will install xfce using the xubuntu-desktop metapackage and set up an x2go server. This desktop environment can be accessed using the [x2go client](http://wiki.x2go.org/doku.php/doc:installation:x2goclient) and allows for logins using either a password or ssh key. -------------------------------------------------------------------------------- /Ubuntu-14.04/desktop/kde-x2go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This script will set up an xfce desktop environment which can be 4 | # accessed remotely via the x2goclient http://wiki.x2go.org/doku.php/doc:installation:x2goclient 5 | export DEBIAN_FRONTEND=noninteractive; 6 | apt-get update; 7 | apt-get -y install software-properties-common kubuntu-desktop; 8 | add-apt-repository -y ppa:x2go/stable; 9 | apt-get update; 10 | apt-get -y install x2goserver x2goserver-xsession; -------------------------------------------------------------------------------- /Ubuntu-14.04/desktop/lxde-x2go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This script will set up an lxde desktop environment which can be 4 | # accessed remotely via the x2goclient http://wiki.x2go.org/doku.php/doc:installation:x2goclient 5 | # This script also creates a shortcut for the "startlxde" command used by the default 6 | # x2go lxde session configuration. 7 | export DEBIAN_FRONTEND=noninteractive; 8 | apt-get update; 9 | apt-get -y install software-properties-common lubuntu-desktop; 10 | add-apt-repository -y ppa:x2go/stable; 11 | apt-get update; 12 | apt-get -y install x2goserver x2goserver-xsession; 13 | echo "#!/bin/sh" > /usr/bin/startlxde; 14 | echo "/usr/bin/lxsession -s Lubuntu -e LXDE" >> /usr/bin/startlxde; 15 | chmod +x /usr/bin/startlxde; -------------------------------------------------------------------------------- /Ubuntu-14.04/desktop/xfce-x2go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This script will set up an xfce desktop environment which can be 4 | # accessed remotely via the x2goclient http://wiki.x2go.org/doku.php/doc:installation:x2goclient 5 | export DEBIAN_FRONTEND=noninteractive; 6 | apt-get update; 7 | apt-get -y install software-properties-common xubuntu-desktop; 8 | add-apt-repository -y ppa:x2go/stable; 9 | apt-get update; 10 | apt-get -y install x2goserver x2goserver-xsession; -------------------------------------------------------------------------------- /Ubuntu-14.04/docker/README.md: -------------------------------------------------------------------------------- 1 | Docker 2 | ====== 3 | 4 | docker-ubuntu.yml 5 | ------------ 6 | 7 | Install the latest version of Docker from the upstream Apt repository. -------------------------------------------------------------------------------- /Ubuntu-14.04/docker/docker-ubuntu.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_sources: 3 | # Enable Docker repository 4 | - source: deb https://apt.dockerproject.org/repo ubuntu-trusty main 5 | keyid: 58118E89F3A912897C070ADBF76221572C52609D 6 | filename: docker.list 7 | apt_update: true 8 | packages: 9 | - docker-engine -------------------------------------------------------------------------------- /Ubuntu-14.04/languages/README.md: -------------------------------------------------------------------------------- 1 | # Languages & Frameworks 2 | 3 | ## nodejs.sh 4 | 5 | This script will identify and install the latest version of [node.js](https://nodejs.org/) from source on Ubuntu 14.04. -------------------------------------------------------------------------------- /Ubuntu-14.04/languages/nodejs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export DEBIAN_FRONTEND=noninteractive; 3 | apt-get update; 4 | VERSION=`curl -s http://nodejs.org/dist/latest/SHASUMS.txt | awk '/node-v/ {print $2}' | head -1 | sed s/node-v// | sed s/-/\ / | awk '{print $1}'` 5 | url="http://nodejs.org/dist/v"$VERSION"/node-v"$VERSION".tar.gz" 6 | curl $url | tar -zxf - 7 | cd "node-v"$VERSION 8 | # Doing Deps 9 | # For some reason everything after apt-get requires explicit && 10 | apt-get -y install build-essential openssl libssl-dev pkg-config && 11 | # Time to Install 12 | ./configure && 13 | make && 14 | make install && 15 | cd .. && 16 | rm -rf node-v$VERSION && 17 | node --version && 18 | exit 19 | -------------------------------------------------------------------------------- /Ubuntu-14.04/network/README.md: -------------------------------------------------------------------------------- 1 | Networking 2 | ========== 3 | 4 | 5 | open-vpn.yml 6 | --------------- 7 | 8 | Installs and configures a basic [OpenVPN server](https://www.digitalocean.com/community/tutorials//how-to-set-up-an-openvpn-server-on-ubuntu-14-04). A bundled client profile (`client.ovpn`) as well as a CA certificate (`ca.crt`), user certificate (`client1.key`), and user private key (`client1.crt`) are generated and can be found in the `/root` directory. Use these with your [OpenVPN client software](https://www.digitalocean.com/community/tutorials//how-to-set-up-an-openvpn-server-on-ubuntu-14-04#step-5-installing-the-client-profile). 9 | 10 | Uncomment the lines exporting indentity information for certificate and use you own information, or the defaults will be used. 11 | 12 | **Optional input**: 13 | 14 | * `<%COUNTRY%>` - A 2-character country code (defaults to US). 15 | * `<%PROVINCE%>` - A 2-character state or province code (defaults to CA). 16 | * `<%CITY%>` - City name (defaults to SanFrancisco). 17 | * `<%ORG%>` - Org/company name (defaults to Fort-Funston). 18 | * `<%EMAIL%>` - Email address (defaults to me@myhost.mydomain). 19 | * `<%ORG_UNIT%>` - Orgizational unit / department (defaults to MyOrganizationalUnit). -------------------------------------------------------------------------------- /Ubuntu-14.04/network/open-vpn.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - openvpn 5 | - easy-rsa 6 | - curl 7 | runcmd: 8 | - IPADDR=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 9 | - gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf 10 | - sed -i -e 's/dh dh1024.pem/dh dh2048.pem/' /etc/openvpn/server.conf 11 | - sed -i -e 's/;push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"/' /etc/openvpn/server.conf 12 | - sed -i -e 's/;push "dhcp-option DNS 208.67.222.222"/push "dhcp-option DNS 208.67.222.222"/' /etc/openvpn/server.conf 13 | - sed -i -e 's/;push "dhcp-option DNS 208.67.220.220"/push "dhcp-option DNS 208.67.220.220"/' /etc/openvpn/server.conf 14 | - sed -i -e 's/;user nobody/user nobody/' /etc/openvpn/server.conf 15 | - sed -i -e 's/;group nogroup/group nogroup/' /etc/openvpn/server.conf 16 | - echo 1 > /proc/sys/net/ipv4/ip_forward 17 | - sed -i -e 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf 18 | - ufw allow ssh 19 | - ufw allow 1194/udp 20 | - sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw 21 | - sed -i "1i# START OPENVPN RULES\n# NAT table rules\n*nat\n:POSTROUTING ACCEPT [0:0]\n# Allow traffic from OpenVPN client to eth0\n\n-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE\nCOMMIT\n# END OPENVPN RULES\n" /etc/ufw/before.rules 22 | - ufw --force enable 23 | 24 | - cp -r /usr/share/easy-rsa/ /etc/openvpn 25 | - mkdir /etc/openvpn/easy-rsa/keys 26 | - sed -i -e 's/KEY_NAME="EasyRSA"/KEY_NAME="server"/' /etc/openvpn/easy-rsa/vars 27 | - openssl dhparam -out /etc/openvpn/dh2048.pem 2048 28 | - cd /etc/openvpn/easy-rsa && . ./vars 29 | # Optionally set indentity information for certificates: 30 | # - export KEY_COUNTRY="<%COUNTRY%>" # 2-char country code 31 | # - export KEY_PROVINCE="<%PROVINCE%>" # 2-char state/province code 32 | # - export KEY_CITY="<%CITY%>" # City name 33 | # - export KEY_ORG="<%ORG%>" # Org/company name 34 | # - export KEY_EMAIL="<%EMAIL%>" # Email address 35 | # - export KEY_OU="<%ORG_UNIT%>" # Orgizational unit / department 36 | - cd /etc/openvpn/easy-rsa && ./clean-all 37 | - cd /etc/openvpn/easy-rsa && ./build-ca --batch 38 | - cd /etc/openvpn/easy-rsa && ./build-key-server --batch server 39 | - cp /etc/openvpn/easy-rsa/keys/server.crt /etc/openvpn 40 | - cp /etc/openvpn/easy-rsa/keys/server.key /etc/openvpn 41 | - cp /etc/openvpn/easy-rsa/keys/ca.crt /etc/openvpn 42 | - service openvpn start 43 | 44 | - cd /etc/openvpn/easy-rsa && ./build-key --batch client1 45 | - cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/easy-rsa/keys/client.ovpn 46 | - sed -i -e "s/my-server-1/$IPADDR/" /etc/openvpn/easy-rsa/keys/client.ovpn 47 | - sed -i -e 's/;user nobody/user nobody/' /etc/openvpn/easy-rsa/keys/client.ovpn 48 | - sed -i -e 's/;group nogroup/group nogroup/' /etc/openvpn/easy-rsa/keys/client.ovpn 49 | - sed -i -e 's/ca ca.crt//' /etc/openvpn/easy-rsa/keys/client.ovpn 50 | - sed -i -e 's/cert client.crt//' /etc/openvpn/easy-rsa/keys/client.ovpn 51 | - sed -i -e 's/key client.key//' /etc/openvpn/easy-rsa/keys/client.ovpn 52 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 53 | - cat /etc/openvpn/ca.crt >> /etc/openvpn/easy-rsa/keys/client.ovpn 54 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 55 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 56 | - openssl x509 -outform PEM -in /etc/openvpn/easy-rsa/keys/client1.crt >> /etc/openvpn/easy-rsa/keys/client.ovpn 57 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 58 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 59 | - cat /etc/openvpn/easy-rsa/keys/client1.key >> /etc/openvpn/easy-rsa/keys/client.ovpn 60 | - echo "" >> /etc/openvpn/easy-rsa/keys/client.ovpn 61 | 62 | - cp /etc/openvpn/easy-rsa/keys/client.ovpn /root/ 63 | - cp /etc/openvpn/easy-rsa/keys/client1.crt /root/ 64 | - cp /etc/openvpn/easy-rsa/keys/client1.key /root/ 65 | - cp /etc/openvpn/easy-rsa/keys/ca.crt /root/ 66 | -------------------------------------------------------------------------------- /Ubuntu-14.04/no-sql/README.md: -------------------------------------------------------------------------------- 1 | NoSQL 2 | ===== 3 | 4 | Scripts in this folder install and configure common [NoSql databases](https://www.digitalocean.com/community/tutorials/a-comparison-of-nosql-database-management-systems-and-models). 5 | 6 | mongodb.yml 7 | --------------- 8 | 9 | Installs the latest [MongoDB release](https://www.digitalocean.com/community/tutorials/how-to-install-mongodb-on-ubuntu-14-04) from their offical repositories. 10 | 11 | 12 | redis.yml 13 | --------------- 14 | 15 | Installs the latest Redis from source. By default, it is bound to localhost and listens on port 6379. An init script is installed to `/etc/init.d/redis_6379`. -------------------------------------------------------------------------------- /Ubuntu-14.04/no-sql/mongodb.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_sources: 3 | # Enable MongoDB repository 4 | - source: deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse 5 | keyid: 7F0CEB10 6 | filename: mongodb.list 7 | apt_update: true 8 | packages: 9 | - mongodb-org -------------------------------------------------------------------------------- /Ubuntu-14.04/no-sql/redis.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - gcc 5 | - libc6-dev 6 | - make 7 | - curl 8 | runcmd: 9 | - curl -sSL http://download.redis.io/releases/redis-stable.tar.gz -o /tmp/redis.tar.gz 10 | - mkdir -p /tmp/redis 11 | - tar -xzf /tmp/redis.tar.gz -C /tmp/redis --strip-components=1 12 | - make -C /tmp/redis 13 | - make -C /tmp/redis install 14 | - echo -n | /tmp/redis/utils/install_server.sh 15 | - rm -rf /tmp/redis* 16 | # See: http://redis.io/topics/faq 17 | - sysctl vm.overcommit_memory=1 18 | # Bind Redis to localhost. Comment out to make available externally. 19 | - sed -i -e 's/# bind 127.0.0.1/bind 127.0.0.1/g' /etc/redis/6379.conf 20 | - service redis_6379 restart -------------------------------------------------------------------------------- /Ubuntu-14.04/web-servers/README.md: -------------------------------------------------------------------------------- 1 | Web Servers 2 | =========== 3 | 4 | 5 | lamp.yml 6 | --------------- 7 | 8 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-04) with Apache, PHP, and MySQL. 9 | 10 | 11 | lemp.yml 12 | --------------- 13 | 14 | Installs and configures a basic ["LEMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-14-04) with Nginx and PHP-FPM. 15 | 16 | 17 | lamp-phpmyadmin.yml 18 | --------------- 19 | 20 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-04) with Apache, PHP, and MySQL. In addition, [phpMyAdmin](https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-14-04) is also installed and configured. The file `/root/phpmyadmin` contains the automatically generated passwords for both the MySql root user and the `.htaccess` file protecting the phpMyAdmin login page. 21 | 22 | 23 | tomcat7.yml 24 | ----------- 25 | 26 | Installs a basic [Tomcat 7 web server](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-7-on-ubuntu-14-04-via-apt-get). The file `/root/tomcat` contains the automatically generated password to access the web managment interface. -------------------------------------------------------------------------------- /Ubuntu-14.04/web-servers/lamp-phpmyadmin.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | package_upgrade: true 4 | packages: 5 | - apache2 6 | - apache2-utils 7 | - php5-mysql 8 | - mysql-server 9 | - libapache2-mod-php5 10 | - php5-mcrypt 11 | - php5-gd 12 | - php5-curl 13 | - phpmyadmin 14 | write_files: 15 | - path: /usr/share/phpmyadmin/.htaccess 16 | content: | 17 | AuthType Basic 18 | AuthName "Restricted Files" 19 | AuthUserFile /etc/phpmyadmin/.htpasswd 20 | Require valid-user 21 | runcmd: 22 | # Configure Apache 23 | - php5enmod mcrypt 24 | - sed -i -e "s/index.html index.cgi index.pl index.php/index.php index.html index.cgi index.pl/" /etc/apache2/mods-enabled/dir.conf 25 | - sed -i -e "s/index.php/index.php\n\tAllowOverride\ All/" /etc/phpmyadmin/apache.conf 26 | - ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf 27 | 28 | # Generate random passwords for the MySql root user and the .htaccess file 29 | - PHPMYADMINPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 30 | - MYSQLPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 31 | - mysqladmin -u root -h localhost password "$MYSQLPASS" 32 | - echo "[client]\npassword="$MYSQLPASS"\n" > /root/.my.cnf 33 | # The .htaccess username defaults to phpmyadmin. Update the line below to change that. 34 | - echo $PHPMYADMINPASS | htpasswd -c -i /etc/phpmyadmin/.htpasswd phpmyadmin 35 | - echo "phpMyAdmin Password - "$PHPMYADMINPASS"" > /root/phpmyadmin 36 | - echo "MySql Password - ""$MYSQLPASS""" >> /root/phpmyadmin 37 | 38 | # Enable the conf and restart Apache. 39 | - a2enconf phpmyadmin.conf 40 | - service apache2 restart -------------------------------------------------------------------------------- /Ubuntu-14.04/web-servers/lamp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - apache2 5 | - php5-mysql 6 | - mysql-server 7 | - libapache2-mod-php5 8 | - php5-mcrypt 9 | - php5-gd 10 | - php5-curl 11 | write_files: 12 | - path: /var/www/html/info.php 13 | content: | 14 | 17 | runcmd: 18 | - sed -i -e "s/index.html index.cgi index.pl index.php/index.php index.html index.cgi index.pl/" /etc/apache2/mods-enabled/dir.conf 19 | - service apache2 restart -------------------------------------------------------------------------------- /Ubuntu-14.04/web-servers/lemp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - nginx 5 | - php5-fpm 6 | - php5-mysql 7 | - mysql-server 8 | - php5-mcrypt 9 | - php5-gd 10 | - php5-curl 11 | write_files: 12 | - path: /etc/nginx/sites-available/default 13 | content: | 14 | server { 15 | listen 80 default_server; 16 | listen [::]:80 default_server ipv6only=on; 17 | 18 | root /var/www/html; 19 | index index.php index.html index.htm; 20 | 21 | server_name localhost; 22 | 23 | location / { 24 | # First attempt to serve request as file, then 25 | # as directory, then fall back to displaying a 404. 26 | try_files $uri $uri/ =404; 27 | # Uncomment to enable naxsi on this location 28 | # include /etc/nginx/naxsi.rules 29 | } 30 | 31 | error_page 404 /404.html; 32 | error_page 500 502 503 504 /50x.html; 33 | location = /50x.html { 34 | root /usr/share/nginx/html; 35 | } 36 | 37 | location ~ \.php$ { 38 | try_files $uri =404; 39 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 40 | fastcgi_pass unix:/var/run/php5-fpm.sock; 41 | fastcgi_index index.php; 42 | include fastcgi.conf; 43 | } 44 | } 45 | - path: /var/www/html/info.php 46 | content: | 47 | 50 | runcmd: 51 | - mkdir -p /var/www/html 52 | - cp /usr/share/nginx/html/index.html /var/www/html/ 53 | - sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php5/fpm/php.ini 54 | # Ensure backwards compatible with 14.04 55 | - file=/etc/nginx/fastcgi.conf; if [ ! -f "$file" ]; then ln -s /etc/nginx/fastcgi_params "$file"; fi 56 | - service nginx restart -------------------------------------------------------------------------------- /Ubuntu-14.04/web-servers/tomcat7.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - curl 5 | - tomcat7 6 | - tomcat7-docs 7 | - tomcat7-admin 8 | - tomcat7-examples 9 | - default-jdk 10 | write_files: 11 | - path: /etc/tomcat7/tomcat-users.xml 12 | content: | 13 | 14 | 15 | 16 | 17 | runcmd: 18 | # Set random Tomcat admin password. 19 | - TOMCATPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 20 | - sed -i -e "s/%PASS%/$TOMCATPASS/" /etc/tomcat7/tomcat-users.xml 21 | - echo "Tomcat Username - admin" > /root/tomcat 22 | - echo "Tomcat Password - $TOMCATPASS" >> /root/tomcat 23 | - PUBLIC_IPV4=`curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address` 24 | - echo "\nAccess the managment interface at http://$PUBLIC_IPV4:8080/manager/html" >> /root/tomcat 25 | # Ensure Tomcat listens on IPv4 and optimize startup time by using a non-blocking entropy source. 26 | - echo "JAVA_OPTS=\"\$JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true -Djava.security.egd=file:/dev/./urandom\"" >> /etc/default/tomcat7 27 | - service tomcat7 restart -------------------------------------------------------------------------------- /Ubuntu-16.04/admin/README.md: -------------------------------------------------------------------------------- 1 | Admin Scripts 2 | ============= 3 | 4 | swap.sh 5 | ------- 6 | 7 | This script will create and activate a swap file at `/swapfile` on your new droplet in the size you specify. An entry in `/etc/fstab` will also be made to automatically enable the swap file on boot. 8 | 9 | **Required input**: 10 | 11 | * `<%SWAP_FILE_SIZE%>` - The size of the swap file to create. E.g. "1G" 12 | -------------------------------------------------------------------------------- /Ubuntu-16.04/admin/swap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Swap File Creator 4 | # 5 | # This script will create and configure a swap file 6 | # on your droplet at creation time. 7 | 8 | # Swap file size 9 | # example swapsize="1G" 10 | swapsize="<%SWAP_FILE_SIZE%>" 11 | 12 | 13 | fallocate -l $swapsize /swapfile; 14 | chmod 600 /swapfile; 15 | mkswap /swapfile; 16 | swapon /swapfile; 17 | echo "/swapfile none swap sw 0 0" >> /etc/fstab; 18 | -------------------------------------------------------------------------------- /Ubuntu-16.04/cms/README.md: -------------------------------------------------------------------------------- 1 | # CMS Scripts 2 | 3 | ##wordpress.sh 4 | This script will install and configure Wordpress. This stack includes Apache2, PHP7, and MySQL. 5 | 6 | ## wordpress-openlitespeed.sh 7 | This script will install and configure WordPress with OpenLiteSpeed, LSPHP and MariaDB with a single click. The only thing the user may want to do is log into the WordPress admin dashboard and customize the site. 8 | 9 | The script will appear to complete, but will need up to 3 more minutes to actually finish. After this time, browsing to your droplet's assigned IP will take you to your WordPress site. 10 | 11 | _Note: Settings, such as the site title, the domain, and so on can be changed from the WordPress admin dashboard._ 12 | -------------------------------------------------------------------------------- /Ubuntu-16.04/cms/wordpress-openlitespeed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | curl -k -o /tmp/ols1clk.sh https://raw.githubusercontent.com/litespeedtech/ols1clk/master/ols1clk.sh 3 | chmod 700 /tmp/ols1clk.sh 4 | export IPADD=`ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}'` 5 | /tmp/ols1clk.sh --wordpressplus $IPADD --quiet 6 | cp /usr/local/lsws/password /root/passwords.txt 7 | -------------------------------------------------------------------------------- /Ubuntu-16.04/cms/wordpress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Wordpress Setup Script 4 | # 5 | # This script will install and configure WordPress on 6 | # an Ubuntu 16.04 droplet 7 | export DEBIAN_FRONTEND=noninteractive; 8 | 9 | # Generate root and WordPress mysql passwords 10 | rootmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 11 | wpmysqlpass=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -dc 'a-zA-Z0-9'`; 12 | 13 | # Write passwords to file 14 | echo "Root MySQL Password: $rootmysqlpass" > /root/passwords.txt; 15 | echo "Wordpress MySQL Password: $wpmysqlpass" >> /root/passwords.txt; 16 | 17 | 18 | # Update Ubuntu 19 | apt-get update; 20 | apt-get -y upgrade; 21 | 22 | # Install Apache/MySQL 23 | apt-get -y install apache2 php php-mysql libapache2-mod-php7.0 php7.0-mysql php7.0-curl php7.0-zip php7.0-json php7.0-xml mysql-server mysql-client unzip wget; 24 | 25 | # Download and uncompress WordPress 26 | wget https://wordpress.org/latest.zip -O /tmp/wordpress.zip; 27 | cd /tmp/; 28 | unzip /tmp/wordpress.zip; 29 | # Set up database user 30 | /usr/bin/mysqladmin -u root -h localhost create wordpress; 31 | /usr/bin/mysqladmin -u root -h localhost password $rootmysqlpass; 32 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "CREATE USER wordpress@localhost IDENTIFIED BY '"$wpmysqlpass"'"; 33 | /usr/bin/mysql -uroot -p$rootmysqlpass -e "GRANT ALL PRIVILEGES ON wordpress.* TO wordpress@localhost"; 34 | 35 | # Configure WordPress 36 | cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php; 37 | sed -i "s/'DB_NAME', 'database_name_here'/'DB_NAME', 'wordpress'/g" /tmp/wordpress/wp-config.php; 38 | sed -i "s/'DB_USER', 'username_here'/'DB_USER', 'wordpress'/g" /tmp/wordpress/wp-config.php; 39 | sed -i "s/'DB_PASSWORD', 'password_here'/'DB_PASSWORD', '$wpmysqlpass'/g" /tmp/wordpress/wp-config.php; 40 | 41 | for i in `seq 1 8` 42 | do 43 | wp_salt=$(~`+=,.;:/?|' | head -c 64 | sed -e 's/[\/&]/\\&/g'); 44 | sed -i "0,/put your unique phrase here/s/put your unique phrase here/$wp_salt/" /tmp/wordpress/wp-config.php; 45 | done 46 | 47 | cp -Rf /tmp/wordpress/* /var/www/html/.; 48 | rm -f /var/www/html/index.html; 49 | chown -Rf www-data:www-data /var/www/html; 50 | a2enmod rewrite; 51 | service apache2 restart; 52 | -------------------------------------------------------------------------------- /Ubuntu-16.04/web-servers/README.md: -------------------------------------------------------------------------------- 1 | Web Servers 2 | =========== 3 | 4 | lamp.yml 5 | --------------- 6 | 7 | Installs a basic ["LAMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04) with Apache, PHP, and MySQL. 8 | 9 | 10 | lemp.yml 11 | --------------- 12 | 13 | Installs and configures a basic ["LEMP" stack](https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04) with Nginx and PHP-FPM. 14 | 15 | tomcat8.yml 16 | --------------- 17 | 18 | Installs a basic [Tomcat 8 web server](https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04). The file `/root/tomcat` contains the automatically generated password to access the web managment interface. 19 | 20 | -------------------------------------------------------------------------------- /Ubuntu-16.04/web-servers/lamp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - apache2 5 | - php-mysql 6 | - mysql-server 7 | - libapache2-mod-php7.0 8 | - php7.0-mcrypt 9 | - php7.0-gd 10 | - php7.0-curl 11 | - php7.0-xml 12 | write_files: 13 | - path: /var/www/html/info.php 14 | content: | 15 | 18 | runcmd: 19 | - sed -i -e "s/index.html index.cgi index.pl index.php/index.php index.html index.cgi index.pl/" /etc/apache2/mods-enabled/dir.conf 20 | - service apache2 restart 21 | -------------------------------------------------------------------------------- /Ubuntu-16.04/web-servers/lemp.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - nginx 5 | - php7.0-fpm 6 | - php-mysql 7 | - mysql-server 8 | - php7.0-mcrypt 9 | - php7.0-gd 10 | - php7.0-curl 11 | - php7.0-xml 12 | write_files: 13 | - path: /etc/nginx/sites-available/default 14 | content: | 15 | server { 16 | listen 80 default_server; 17 | listen [::]:80 default_server ipv6only=on; 18 | 19 | root /var/www/html; 20 | index index.php index.html index.htm; 21 | 22 | server_name localhost; 23 | 24 | location / { 25 | # First attempt to serve request as file, then 26 | # as directory, then fall back to displaying a 404. 27 | try_files $uri $uri/ =404; 28 | # Uncomment to enable naxsi on this location 29 | # include /etc/nginx/naxsi.rules 30 | } 31 | 32 | error_page 404 /404.html; 33 | error_page 500 502 503 504 /50x.html; 34 | location = /50x.html { 35 | root /usr/share/nginx/html; 36 | } 37 | 38 | location ~ \.php$ { 39 | try_files $uri =404; 40 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 41 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 42 | fastcgi_index index.php; 43 | include fastcgi.conf; 44 | } 45 | } 46 | - path: /var/www/html/info.php 47 | content: | 48 | 51 | runcmd: 52 | - mkdir -p /var/www/html 53 | - cp /usr/share/nginx/html/index.html /var/www/html/ 54 | - sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php/7.0/fpm/php.ini 55 | # Ensure backwards compatible with 14.04 56 | - file=/etc/nginx/fastcgi.conf; if [ ! -f "$file" ]; then ln -s /etc/nginx/fastcgi_params "$file"; fi 57 | - service nginx restart 58 | -------------------------------------------------------------------------------- /Ubuntu-16.04/web-servers/tomcat8.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | apt_update: true 3 | packages: 4 | - default-jdk 5 | - tomcat8 6 | - tomcat8-docs 7 | - tomcat8-admin 8 | - tomcat8-examples 9 | write_files: 10 | - path: /etc/tomcat8/tomcat-users.xml 11 | content: | 12 | 13 | 17 | 18 | 19 | runcmd: 20 | # Set random Tomcat admin password. 21 | - TOMCATPASS=`dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev` 22 | - sed -i -e "s/%PASS%/$TOMCATPASS/" /etc/tomcat8/tomcat-users.xml 23 | - echo "Tomcat Username - admin" > /root/tomcat 24 | - echo "Tomcat Password - $TOMCATPASS" >> /root/tomcat 25 | - PUBLIC_IPV4=`curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address` 26 | - echo "\nAccess the managment interface at http://$PUBLIC_IPV4:8080/manager/html" >> /root/tomcat 27 | # Ensure Tomcat listens on IPv4 and optimize startup time by using a non-blocking entropy source. 28 | - echo "JAVA_OPTS=\"\$JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true -Djava.security.egd=file:/dev/./urandom\"" >> /etc/default/tomcat8 29 | - systemctl restart tomcat8 30 | -------------------------------------------------------------------------------- /examples/README.md: -------------------------------------------------------------------------------- 1 | Examples 2 | ======== 3 | 4 | Scripts in this directory are examples of the style used in this repository. 5 | 6 | new_user.yml 7 | ------------ 8 | 9 | This cloud-config file creates an new *passwordless* sudo user on the Droplet 10 | and adds the specified SSH public key to the account. 11 | 12 | **Required input**: 13 | 14 | * `<%USERNAME%>` - The name for the new user account. 15 | * `<%SSH_PUB_KEY%>` - The SSH public key, in the format: 16 | 17 | ``` 18 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDf0q4PyG0doiBQYV7OlOxbRjle026hJPBWD+eKHWuVXIpAiQlSElEBqQn0pOqNJZ3IBCvSLnrdZTUph4czNC4885AArS9NkyM7lK27Oo8RV888jWc8hsx4CD2uNfkuHL+NI5xPB/QT3Um2Zi7GRkIwIgNPN5uqUtXvjgA+i1CS0Ku4ld8vndXvr504jV9BMQoZrXEST3YlriOb8Wf7hYqphVMpF3b+8df96Pxsj0+iZqayS9wFcL8ITPApHi0yVwS8TjxEtI3FDpCbf7Y/DmTGOv49+AWBkFhS2ZwwGTX65L61PDlTSAzL+rPFmHaQBHnsli8U9N6E4XHDEOjbSMRX user@example.com 19 | ``` 20 | 21 | nginx.sh 22 | -------- 23 | 24 | This bash script installs Nginx and demonstrates using the DigitalOcean 25 | metadata service to find the `hostname` and IP address of the droplet. As it 26 | expects to find the default Nginx configuration at `/etc/nginx/sites-available/default`, 27 | it only targets Ubuntu and Debian. 28 | 29 | **Target**: Ubuntu, Debian -------------------------------------------------------------------------------- /examples/new_user.yml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | users: 3 | - name: <%USERNAME%> 4 | groups: sudo 5 | shell: /bin/bash 6 | sudo: ['ALL=(ALL) NOPASSWD:ALL'] 7 | ssh-authorized-keys: 8 | - <%SSH_PUB_KEY%> -------------------------------------------------------------------------------- /examples/nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | export DEBIAN_FRONTEND=noninteractive 4 | export HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname) 5 | export PUBLIC_IPV4=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 6 | 7 | # Install Nginx 8 | apt-get -y update 9 | apt-get -y install nginx 10 | 11 | # Write hostname and IP address to index.html 12 | mkdir -p /var/www/html 13 | sed -i -e "s|/usr/share/nginx/html|/var/www/html|g" /etc/nginx/sites-available/default 14 | echo -e "Droplet: $HOSTNAME
IP Address: $PUBLIC_IPV4" \ 15 | > /var/www/html/index.html 16 | service nginx restart --------------------------------------------------------------------------------