├── RELEASE ├── utils ├── screen-scrypt.sh ├── delcoin.sh ├── screen-stratum.sh ├── packagecompile.sh ├── compile.sh └── coin.list ├── changelog ├── conf ├── prerequisite.sh ├── getip.sh ├── editconf.py └── functions.sh ├── old ├── README-v0.1.md ├── install-v0.1.sh └── install-v0.11.sh ├── README.md ├── install-debug.sh └── install.sh /RELEASE: -------------------------------------------------------------------------------- 1 | 0.2 2 | -------------------------------------------------------------------------------- /utils/screen-scrypt.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | LOG_DIR=/var/log/yiimp 3 | WEB_DIR=/var/web 4 | STRATUM_DIR=/var/stratum 5 | USR_BIN=/usr/bin 6 | 7 | screen -dmS main bash $WEB_DIR/main.sh 8 | screen -dmS loop2 bash $WEB_DIR/loop2.sh 9 | screen -dmS blocks bash $WEB_DIR/blocks.sh 10 | screen -dmS debug tail -f $LOG_DIR/debug.log 11 | 12 | 13 | -------------------------------------------------------------------------------- /utils/delcoin.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 4 | # Web: https://www.xavatar.com 5 | # 6 | # Program: 7 | # Remove all coin in Yiimp 8 | # 9 | # 10 | ################################################################################ 11 | 12 | for line in $(cat coin.list); do 13 | yiimp coin "$line" delete; 14 | done 15 | -------------------------------------------------------------------------------- /utils/screen-stratum.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | STRATUM_DIR=/var/stratum 3 | 4 | screen -dmS groestl $STRATUM_DIR/run.sh groestl 5 | screen -dmS keccak $STRATUM_DIR/run.sh keccak 6 | screen -dmS neoscrypt $STRATUM_DIR/run.sh neo 7 | screen -dmS nist5 $STRATUM_DIR/run.sh nist5 8 | screen -dmS quark $STRATUM_DIR/run.sh quark 9 | screen -dmS scrypt $STRATUM_DIR/run.sh scrypt 10 | screen -dmS skein $STRATUM_DIR/run.sh skein 11 | screen -dmS x11 $STRATUM_DIR/run.sh x11 12 | screen -dmS xevan $STRATUM_DIR/run.sh xevan 13 | -------------------------------------------------------------------------------- /changelog: -------------------------------------------------------------------------------- 1 | Yiimp Install Scrypt v0.2 // 10.04.2020 2 | Thanks to cryptopool-builders !!!!!!!! 3 | 4 | Information => 5 | * Works with Ubuntu Server 16.04 / 18.04 6 | * Update PHP 7.3 7 | * Change Aptitude by APT 8 | * Remove question Panel Admin 9 | * Remove question Time Zone 10 | * Add screen-scrypt to crontab 11 | * Add script to remove all coin (utils/delcoin.sh) 12 | 13 | Fix => 14 | * Fix command cli « Yiimp » : OK 15 | * Fix Backup SQL FrontEnd : OK (/var/yiimp/sauv) 16 | * Fix Permission on some folder 17 | 18 | Change => 19 | * /etc/screen-scrypt.sh = add to crontab (main,loop2,blocks,debug) 20 | * /var/yiimp/sauv = Backup SQL FrontEnd 21 | -------------------------------------------------------------------------------- /utils/packagecompile.sh: -------------------------------------------------------------------------------- 1 | 2 | #!/bin/bash 3 | ################################################################################ 4 | # Original Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 5 | # Web: https://www.xavatar.com 6 | # 7 | # Program: 8 | # Install needed Package to compile crypto currency 9 | # 10 | # 11 | ################################################################################ 12 | 13 | # Installing Package to compile crypto currency 14 | output " " 15 | output "Installing needed Package to compile crypto currency" 16 | output " " 17 | sleep 3 18 | 19 | sudo apt -y install software-properties-common build-essential 20 | sudo apt -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext 21 | sudo apt -y install libminiupnpc10 libzmq5 22 | sudo apt -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev 23 | sudo apt -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler 24 | sudo add-apt-repository -y ppa:bitcoin/bitcoin 25 | sudo apt -y update 26 | sudo apt install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ 27 | -------------------------------------------------------------------------------- /conf/prerequisite.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##################################################### 3 | # Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox 4 | # Updated by cryptopool.builders for crypto use... 5 | # Modified by Xavatar 6 | ##################################################### 7 | 8 | echo 9 | echo 10 | echo -e "$CYAN => Check prerequisite : $COL_RESET" 11 | echo 12 | 13 | if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then 14 | DISTRO=18 15 | sudo chmod g-w /etc /etc/default /usr 16 | else [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/16\.04\.[0-9]/16.04/' `" != "Ubuntu 16.04 LTS" ]; 17 | DISTRO=16 18 | fi 19 | 20 | #TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}') 21 | #if [ $TOTAL_PHYSICAL_MEM -lt 1436000 ]; then 22 | # if [ ! -d /vagrant ]; then 23 | # TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000) 24 | # echo "Your Mining Pool Server needs more memory (RAM) to function properly." 25 | # echo "Please provision a machine with at least 1536 GB, 6 GB recommended." 26 | # echo "This machine has $TOTAL_PHYSICAL_MEM MB memory." 27 | # exit 28 | # fi 29 | #fi 30 | 31 | #if [ $TOTAL_PHYSICAL_MEM -lt 1436000 ]; then 32 | # echo "WARNING: Your Mining Pool Server has less than 1.5 GB of memory." 33 | # echo " It might run unreliably when under heavy load." 34 | #fi 35 | 36 | # Check swap 37 | #echo Checking if swap space is needed and if so creating... 38 | 39 | #SWAP_MOUNTED=$(cat /proc/swaps | tail -n+2) 40 | #SWAP_IN_FSTAB=$(grep "swap" /etc/fstab) 41 | #ROOT_IS_BTRFS=$(grep "\/ .*btrfs" /proc/mounts) 42 | #TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}') 43 | #AVAILABLE_DISK_SPACE=$(df / --output=avail | tail -n 1) 44 | #if 45 | # [ -z "$SWAP_MOUNTED" ] && 46 | # [ -z "$SWAP_IN_FSTAB" ] && 47 | # [ ! -e /swapfile ] && 48 | # [ -z "$ROOT_IS_BTRFS" ] && 49 | # [ $TOTAL_PHYSICAL_MEM -lt 1536000 ] && 50 | # [ $AVAILABLE_DISK_SPACE -gt 5242880 ] 51 | #then 52 | # echo "Adding a swap file to the system..." 53 | 54 | # Allocate and activate the swap file. Allocate in 1KB chuncks 55 | # doing it in one go, could fail on low memory systems 56 | # sudo fallocate -l 3G /swapfile 57 | # if [ -e /swapfile ]; then 58 | # sudo chmod 600 /swapfile 59 | # hide_output sudo mkswap /swapfile 60 | # sudo swapon /swapfile 61 | # echo "vm.swappiness=10" >> sudo /etc/sysctl.conf 62 | # fi 63 | # Check if swap is mounted then activate on boot 64 | # if swapon -s | grep -q "\/swapfile"; then 65 | # echo "/swapfile none swap sw 0 0" >> sudo /etc/fstab 66 | # else 67 | # echo "ERROR: Swap allocation failed" 68 | # fi 69 | #fi 70 | 71 | ARCHITECTURE=$(uname -m) 72 | if [ "$ARCHITECTURE" != "x86_64" ]; then 73 | if [ -z "$ARM" ]; then 74 | echo -e "$REDYiimP Install Script only supports x86_64 and will not work on any other architecture, like ARM or 32 bit OS. $COL_RESET" 75 | echo -e "$REDYour architecture is $ARCHITECTURE $COL_RESET" 76 | exit 77 | fi 78 | fi 79 | 80 | echo -e "$GREEN Done...$COL_RESET" -------------------------------------------------------------------------------- /utils/compile.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Original Author: crombiecrunch 4 | # Current Author: Xavatar 5 | # Web: https://www.xavatar.com 6 | # 7 | # Program: 8 | # After entering coin name and github link automatically build coin 9 | # 10 | # 11 | ################################################################################ 12 | output() { 13 | printf "\E[0;33;40m" 14 | echo $1 15 | printf "\E[0m" 16 | } 17 | displayErr() { 18 | echo 19 | echo $1; 20 | echo 21 | exit 1; 22 | } 23 | cd ~ 24 | 25 | if [[ ! -e 'CoinBuilds' ]]; then 26 | sudo mkdir CoinBuilds 27 | elif [[ ! -d 'CoinBuilds' ]]; then 28 | output "Coinbuilds already exists.... Skipping" 1>&2 29 | fi 30 | 31 | clear 32 | cd CoinBuilds 33 | output "This script assumes you already have the dependicies installed on your system!" 34 | output "" 35 | read -e -p "Enter the name of the coin : " coin 36 | read -e -p "Paste the github link for the coin : " git_hub 37 | 38 | if [[ ! -e '$coin' ]]; then 39 | sudo git clone $git_hub $coin 40 | elif [[ ! -d ~$CoinBuilds/$coin ]]; then 41 | output "Coinbuilds/$coin already exists.... Skipping" 1>&2 42 | output "Can not continue" 43 | exit 0 44 | fi 45 | 46 | cd "${coin}" 47 | 48 | if [ -f autogen.sh ]; then 49 | output " " 50 | output "Auto Compilation Starting " 51 | output " " 52 | output "Starting ./autogen.sh" 53 | output " " 54 | sudo chmod +x ./autogen.sh 55 | sudo ./autogen.sh 56 | output " " 57 | output "Starting ./configure" 58 | output " " 59 | sudo chmod +x ./configure 60 | sudo ./configure CPPFLAGS="-I/usr/local/include" 61 | sudo chmod +x share/genbuild.sh 62 | output " " 63 | output "Starting make" 64 | output " " 65 | sudo make 66 | output " " 67 | output "$coin_name finished and can be found in CoinBuilds/$coin/src/ Make sure you sudo strip Coind and coin-cli if it exists, copy to /usr/bin" 68 | output " " 69 | else 70 | cd src 71 | 72 | if [ -f rpcrawtransaction.cpp ]; then 73 | 74 | sudo sed -i 's///g' rpcrawtransaction.cpp 76 | 77 | if [[ ! -e 'obj' ]]; then 78 | output " " 79 | output "Creation directory obj" 80 | output " " 81 | sudo mkdir obj 82 | elif [[ ! -d 'obj' ]]; then 83 | output "Hey the developer did his job" 1>&2 84 | fi 85 | 86 | if [ -d 'leveldb' ]; then 87 | output " " 88 | output "Compilation libleveldb.a libmemenv.a" 89 | output " " 90 | cd leveldb 91 | sudo chmod +x build_detect_platform 92 | sudo make clean 93 | sudo make libleveldb.a libmemenv.a 94 | cd .. 95 | fi 96 | output " " 97 | output "SRC Compilation Starting " 98 | output " " 99 | sudo make -f makefile.unix 100 | output " " 101 | output "$coin finished and can be found in CoinBuilds/$coin/src/ Make sure you sudo strip Coind and coin-cli if it exists, copy to /usr/bin" 102 | output " " 103 | fi 104 | -------------------------------------------------------------------------------- /old/README-v0.1.md: -------------------------------------------------------------------------------- 1 | # Yiimp_install_scrypt v0.1 (update Avril, 2020) 2 | 3 | Site : https://www.xavatar.com 4 | 5 | Discord : https://discord.gg/zcCXjkQ 6 | 7 | TUTO Youtube (16.04 - Without SSL) : https://www.youtube.com/watch?v=vdBCw6_cyig 8 | 9 | TUTO Youtube (16.04 - With SSL) : https://www.youtube.com/watch?v=fWwGow_i-Vw 10 | 11 | Official Yiimp (used in this script for Yiimp Installation): https://github.com/tpruvot/yiimp 12 | 13 | Install script for yiimp on Ubuntu 17.10 : https://github.com/xavatar/yiimp_install_scrypt_ubuntu17.10 14 | 15 | Install script for yiimp on Ubuntu 18.04 : https://github.com/xavatar/yiimp_install_scrypt_ubuntu18.04 16 | 17 | 18 | *********************************** 19 | 20 | ## Install script for yiimp on Ubuntu Server 16.04 21 | 22 | USE THIS SCRIPT ON FRESH INSTALL UBUNTU Server 16.04 ! 23 | 24 | Connect on your VPS => 25 | - adduser pool 26 | - adduser pool sudo 27 | - su - pool 28 | - sudo apt-get -y install git 29 | - git clone https://github.com/xavatar/yiimp_install_scrypt.git 30 | - cd yiimp_install_scrypt/ 31 | - sudo bash install.sh (Do not run the script as root) 32 | - sudo bash screen-scrypt.sh (in tuto youtube, i launch the script with root... it does not matter) 33 | - NOT MANDATORY => sudo bash screen-stratum.sh (CONFIGURE BEFORE START this script... add or remove algo you use). 34 | 35 | Finish ! 36 | Go http://xxx.xxxxxx.xxx or https://xxx.xxxxxx.xxx (if you have chosen LetsEncrypt SSL). Enjoy ! 37 | 38 | ###### :bangbang: **YOU MUST UPDATE THE FOLLOWING FILES :** 39 | - **/var/web/serverconfig.php :** update this file to include your public ip (line = YAAMP_ADMIN_IP) to access the admin panel (Put your PERSONNAL IP, NOT IP of your VPS). update with public keys from exchanges. update with other information specific to your server.. 40 | - **/etc/yiimp/keys.php :** update with secrect keys from the exchanges (not mandatory) 41 | 42 | 43 | ###### :bangbang: **IMPORTANT** : 44 | 45 | - The configuration of yiimp and coin require a minimum of knowledge in linux 46 | - Your mysql information (login/Password) is saved in **~/.my.cnf** 47 | - **If you reboot your VPS**, you must restart screen-scrypt.sh (or add crontab) 48 | - Remember to restart **memcached service** after the db change (update or import new .sql) 49 | 50 | *********************************** 51 | 52 | ###### This script has an interactive beginning and will ask for the following information : 53 | 54 | - Enter time zone 55 | - Server Name 56 | - Are you using a subdomain 57 | - Enter support email 58 | - Set stratum to AutoExchange 59 | - New location for /site/adminRights 60 | - Your Public IP for admin access (Put your PERSONNAL IP, NOT IP of your VPS) 61 | - Install Fail2ban 62 | - Install UFW and configure ports 63 | - Install LetsEncrypt SSL 64 | 65 | *********************************** 66 | 67 | **This install script will get you 95% ready to go with yiimp. There are a few things you need to do after the main install is finished.** 68 | 69 | While I did add some server security to the script, it is every server owners responsibility to fully secure their own servers. After the installation you will still need to customize your serverconfig.php file to your liking, add your API keys, and build/add your coins to the control panel. 70 | 71 | There will be several wallets already in yiimp. These have nothing to do with the installation script and are from the database import from the yiimp github. 72 | 73 | If you need further assistance we have a small but growing discord channel at https://discord.gg/zcCXjkQ 74 | 75 | If this helped you or you feel giving please donate : 76 | - BTC Donation : 1C1hnjk3WhuAvUN6Ny6LTxPD3rwSZwapW7 77 | - BCH Donation : 1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz 78 | - ETH Donation : 0xc23E6902fF8Cd8878EDADE18Dc49B3505395F0a1 79 | -------------------------------------------------------------------------------- /conf/getip.sh: -------------------------------------------------------------------------------- 1 | ##################################################### 2 | # Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox 3 | # Updated by cryptopool.builders for crypto use... 4 | ##################################################### 5 | 6 | source /etc/functions.sh 7 | echo 8 | echo 9 | echo -e "$CYAN => Setting our global variables : $COL_RESET" 10 | echo 11 | 12 | # If the machine is behind a NAT, inside a VM, etc., it may not know 13 | # its IP address on the public network / the Internet. Ask the Internet 14 | # and possibly confirm with user. 15 | if [ -z "${PUBLIC_IP:-}" ]; then 16 | # Ask the Internet. 17 | GUESSED_IP=$(get_publicip_from_web_service 4) 18 | 19 | # On the first run, if we got an answer from the Internet then don't 20 | # ask the user. 21 | if [[ -z "${DEFAULT_PUBLIC_IP:-}" && ! -z "$GUESSED_IP" ]]; then 22 | PUBLIC_IP=$GUESSED_IP 23 | 24 | # On later runs, if the previous value matches the guessed value then 25 | # don't ask the user either. 26 | elif [ "${DEFAULT_PUBLIC_IP:-}" == "$GUESSED_IP" ]; then 27 | PUBLIC_IP=$GUESSED_IP 28 | fi 29 | 30 | if [ -z "${PUBLIC_IP:-}" ]; then 31 | input_box "Public IP Address" \ 32 | "Enter the public IP address of this machine, as given to you by your ISP. 33 | \n\nPublic IP address:" \ 34 | "$DEFAULT_PUBLIC_IP" \ 35 | PUBLIC_IP 36 | 37 | if [ -z "$PUBLIC_IP" ]; then 38 | # user hit ESC/cancel 39 | exit 40 | fi 41 | fi 42 | fi 43 | 44 | # Same for IPv6. But it's optional. Also, if it looks like the system 45 | # doesn't have an IPv6, don't ask for one. 46 | if [ -z "${PUBLIC_IPV6:-}" ]; then 47 | # Ask the Internet. 48 | GUESSED_IP=$(get_publicip_from_web_service 6) 49 | MATCHED=0 50 | if [[ -z "${DEFAULT_PUBLIC_IPV6:-}" && ! -z "$GUESSED_IP" ]]; then 51 | PUBLIC_IPV6=$GUESSED_IP 52 | elif [[ "${DEFAULT_PUBLIC_IPV6:-}" == "$GUESSED_IP" ]]; then 53 | # No IPv6 entered and machine seems to have none, or what 54 | # the user entered matches what the Internet tells us. 55 | PUBLIC_IPV6=$GUESSED_IP 56 | MATCHED=1 57 | elif [[ -z "${DEFAULT_PUBLIC_IPV6:-}" ]]; then 58 | DEFAULT_PUBLIC_IP=$(get_default_privateip 6) 59 | fi 60 | 61 | if [[ -z "${PUBLIC_IPV6:-}" && $MATCHED == 0 ]]; then 62 | input_box "IPv6 Address (Optional)" \ 63 | "Enter the public IPv6 address of this machine, as given to you by your ISP. 64 | \n\nLeave blank if the machine does not have an IPv6 address. 65 | \n\nPublic IPv6 address:" \ 66 | ${DEFAULT_PUBLIC_IPV6:-} \ 67 | PUBLIC_IPV6 68 | 69 | if [ ! $PUBLIC_IPV6_EXITCODE ]; then 70 | # user hit ESC/cancel 71 | exit 72 | fi 73 | fi 74 | fi 75 | 76 | # Get the IP addresses of the local network interface(s) that are connected 77 | # to the Internet. We need these when we want to have services bind only to 78 | # the public network interfaces (not loopback, not tunnel interfaces). 79 | # if [ -z "$PRIVATE_IP" ]; then 80 | # DEFAULT_PRIVATE_IP=$(get_default_privateip 4) 81 | # input_box "Private IP Address (Optional)" \ 82 | # "Enter the private IP address of this machine, as given to you by your ISP. 83 | # \n\nLeave as your public IP if the machine does not have a private IP address. 84 | # \n\nPrivate IP address:" \ 85 | # $DEFAULT_PRIVATE_IP \ 86 | # PRIVATE_IP 87 | # 88 | # if [ -z "$PRIVATE_IP" ]; then 89 | # user hit ESC/cancel 90 | # exit 91 | # fi 92 | # fi 93 | 94 | # Automatic configuration, e.g. as used in our Vagrant configuration. 95 | if [ "$PUBLIC_IP" = "auto" ]; then 96 | # Use a public API to get our public IP address, or fall back to local network configuration. 97 | PUBLIC_IP=$(get_publicip_from_web_service 4 || get_default_privateip 4) 98 | fi 99 | if [ "$PUBLIC_IPV6" = "auto" ]; then 100 | # Use a public API to get our public IPv6 address, or fall back to local network configuration. 101 | PUBLIC_IPV6=$(get_publicip_from_web_service 6 || get_default_privateip 6) 102 | fi 103 | 104 | echo -e "$GREEN Done...$COL_RESET" -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Yiimp_install_scrypt v0.2 (update Avril, 2020) 2 | 3 | Site : https://www.xavatar.com 4 | 5 | Discord : https://discord.gg/zcCXjkQ 6 | 7 | TUTO Youtube (16.04 / 18.04 - Without SSL) : https://www.youtube.com/watch?v=qE0rhfJ1g2k 8 | 9 | Official Yiimp (used in this script for Yiimp Installation): https://github.com/tpruvot/yiimp 10 | 11 | Original Yiimp Installer : https://github.com/cryptopool-builders/multipool_original_yiimp_installer 12 | 13 | 14 | *********************************** 15 | 16 | ## Install script for yiimp on Ubuntu Server 16.04 / 18.04 (use Tpruvot's Yiimp) 17 | 18 | USE THIS SCRIPT ON FRESH INSTALL UBUNTU Server 16.04 / 18.04 ! 19 | 20 | Connect on your VPS => 21 | - apt update 22 | - apt upgrade 23 | - reboot 24 | - adduser pool (pool it's just an example...) 25 | - adduser pool sudo 26 | - su - pool 27 | - sudo apt -y install git 28 | - git clone https://github.com/xavatar/yiimp_install_scrypt.git 29 | - cd yiimp_install_scrypt/ 30 | - bash install.sh (DO NOT RUN THE SCRIPT AS ROOT or SUDO) 31 | - At the end, you MUST REBOOT to finalize installation... 32 | 33 | Finish ! 34 | - Go http://xxx.xxx.xxx.xxx or https://xxx.xxx.xxx.xxx (if you have chosen LetsEncrypt SSL). Enjoy ! 35 | - Go http://xxx.xxx.xxx.xxx/AdminPanel or https://xxx.xxx.xxx.xxx/AdminPanel to access Panel Admin 36 | 37 | If you are issue after installation (nginx,mariadb... not found), use this script : bash install-debug.sh (watch the log during installation) 38 | 39 | ###### :bangbang: **Kudaraidee Install Script :** 40 | - Instead Tpruvot's Yiimp, you can use the Kudaraidee's Repo Yiimp : git clone -b Kudaraidee https://github.com/Kudaraidee/yiimp.git 41 | - It's an updated Yiimp, with more algo, some fix.... 42 | 43 | ###### :bangbang: **YOU MUST UPDATE THE FOLLOWING FILES :** 44 | - **/var/web/serverconfig.php :** update this file to include your public ip (line = YAAMP_ADMIN_IP) to access the admin panel (Put your PERSONNAL IP, NOT IP of your VPS). update with public keys from exchanges. update with other information specific to your server.. 45 | - **/etc/yiimp/keys.php :** update with secrect keys from the exchanges (not mandatory) 46 | - **If you want change 'AdminPanel' to access Panel Admin :** Edit this file "/var/web/yaamp/modules/site/SiteController.php" and Line 11 => change 'AdminPanel' 47 | 48 | 49 | ###### :bangbang: **IMPORTANT** : 50 | 51 | - The configuration of yiimp and coin require a minimum of knowledge in linux 52 | - Your mysql information (login/Password) is saved in **~/.my.cnf** 53 | 54 | *********************************** 55 | 56 | ###### This script has an interactive beginning and will ask for the following information : 57 | 58 | - Server Name (no http:// or www !!!!! Example : crypto.com OR pool.crypto.com OR 80.41.52.63) 59 | - Are you using a subdomain (mypoolx11.crypto.com) 60 | - Enter support email 61 | - Set stratum to AutoExchange 62 | - Your Public IP for admin access (Put your PERSONNAL IP, NOT IP of your VPS) 63 | - Install Fail2ban 64 | - Install UFW and configure ports 65 | - Install LetsEncrypt SSL 66 | 67 | *********************************** 68 | 69 | **This install script will get you 95% ready to go with yiimp. There are a few things you need to do after the main install is finished.** 70 | 71 | While I did add some server security to the script, it is every server owners responsibility to fully secure their own servers. After the installation you will still need to customize your serverconfig.php file to your liking, add your API keys, and build/add your coins to the control panel. 72 | 73 | There will be several wallets already in yiimp. These have nothing to do with the installation script and are from the database import from the yiimp github. 74 | 75 | If you need further assistance we have a small but growing discord channel at https://discord.gg/zcCXjkQ 76 | 77 | If this helped you or you feel giving please donate : 78 | - BTC Donation : 1C1hnjk3WhuAvUN6Ny6LTxPD3rwSZwapW7 79 | - BCH Donation : 1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz 80 | - ETH Donation : 0xc23E6902fF8Cd8878EDADE18Dc49B3505395F0a1 81 | -------------------------------------------------------------------------------- /conf/editconf.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | # 3 | # This is a helper tool for editing configuration files during the setup 4 | # process. The tool is given new values for settings as command-line 5 | # arguments. It comments-out existing setting values in the configuration 6 | # file and adds new values either after their former location or at the 7 | # end. 8 | # 9 | # The configuration file has settings that look like: 10 | # 11 | # NAME=VALUE 12 | # 13 | # If the -s option is given, then space becomes the delimiter, i.e.: 14 | # 15 | # NAME VALUE 16 | # 17 | # If the -c option is given, then the supplied character becomes the comment character 18 | # 19 | # If the -w option is given, then setting lines continue onto following 20 | # lines while the lines start with whitespace, e.g.: 21 | # 22 | # NAME VAL 23 | # UE 24 | 25 | import sys, re 26 | 27 | # sanity check 28 | if len(sys.argv) < 3: 29 | print("usage: python3 editconf.py /etc/file.conf [-s] [-w] [-c ] [-t] NAME=VAL [NAME=VAL ...]") 30 | sys.exit(1) 31 | 32 | # parse command line arguments 33 | filename = sys.argv[1] 34 | settings = sys.argv[2:] 35 | 36 | delimiter = "=" 37 | delimiter_re = r"\s*=\s*" 38 | comment_char = "#" 39 | folded_lines = False 40 | testing = False 41 | while settings[0][0] == "-" and settings[0] != "--": 42 | opt = settings.pop(0) 43 | if opt == "-s": 44 | # Space is the delimiter 45 | delimiter = " " 46 | delimiter_re = r"\s+" 47 | elif opt == "-w": 48 | # Line folding is possible in this file. 49 | folded_lines = True 50 | elif opt == "-c": 51 | # Specifies a different comment character. 52 | comment_char = settings.pop(0) 53 | elif opt == "-t": 54 | testing = True 55 | else: 56 | print("Invalid option.") 57 | sys.exit(1) 58 | 59 | # sanity check command line 60 | for setting in settings: 61 | try: 62 | name, value = setting.split("=", 1) 63 | except: 64 | import subprocess 65 | print("Invalid command line: ", subprocess.list2cmdline(sys.argv)) 66 | 67 | # create the new config file in memory 68 | 69 | found = set() 70 | buf = "" 71 | input_lines = list(open(filename)) 72 | 73 | while len(input_lines) > 0: 74 | line = input_lines.pop(0) 75 | 76 | # If this configuration file uses folded lines, append any folded lines 77 | # into our input buffer. 78 | if folded_lines and line[0] not in (comment_char, " ", ""): 79 | while len(input_lines) > 0 and input_lines[0][0] in " \t": 80 | line += input_lines.pop(0) 81 | 82 | # See if this line is for any settings passed on the command line. 83 | for i in range(len(settings)): 84 | # Check that this line contain this setting from the command-line arguments. 85 | name, val = settings[i].split("=", 1) 86 | m = re.match( 87 | "(\s*)" 88 | + "(" + re.escape(comment_char) + "\s*)?" 89 | + re.escape(name) + delimiter_re + "(.*?)\s*$", 90 | line, re.S) 91 | if not m: continue 92 | indent, is_comment, existing_val = m.groups() 93 | 94 | # If this is already the setting, do nothing. 95 | if is_comment is None and existing_val == val: 96 | # It may be that we've already inserted this setting higher 97 | # in the file so check for that first. 98 | if i in found: break 99 | buf += line 100 | found.add(i) 101 | break 102 | 103 | # comment-out the existing line (also comment any folded lines) 104 | if is_comment is None: 105 | buf += comment_char + line.rstrip().replace("\n", "\n" + comment_char) + "\n" 106 | else: 107 | # the line is already commented, pass it through 108 | buf += line 109 | 110 | # if this option oddly appears more than once, don't add the setting again 111 | if i in found: 112 | break 113 | 114 | # add the new setting 115 | buf += indent + name + delimiter + val + "\n" 116 | 117 | # note that we've applied this option 118 | found.add(i) 119 | 120 | break 121 | else: 122 | # If did not match any setting names, pass this line through. 123 | buf += line 124 | 125 | # Put any settings we didn't see at the end of the file. 126 | for i in range(len(settings)): 127 | if i not in found: 128 | name, val = settings[i].split("=", 1) 129 | buf += name + delimiter + val + "\n" 130 | 131 | if not testing: 132 | # Write out the new file. 133 | with open(filename, "w") as f: 134 | f.write(buf) 135 | else: 136 | # Just print the new file to stdout. 137 | print(buf) 138 | -------------------------------------------------------------------------------- /conf/functions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##################################################### 3 | # Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox 4 | # Updated by cryptopool.builders for crypto use... 5 | # Modified by Xavatar 6 | ##################################################### 7 | 8 | ESC_SEQ="\x1b[" 9 | COL_RESET=$ESC_SEQ"39;49;00m" 10 | RED=$ESC_SEQ"31;01m" 11 | GREEN=$ESC_SEQ"32;01m" 12 | YELLOW=$ESC_SEQ"33;01m" 13 | BLUE=$ESC_SEQ"34;01m" 14 | MAGENTA=$ESC_SEQ"35;01m" 15 | CYAN=$ESC_SEQ"36;01m" 16 | 17 | 18 | function spinner { 19 | local pid=$! 20 | local delay=0.75 21 | local spinstr='|/-\' 22 | while [ "$(ps a | awk '{print $1}' | grep $pid)" ]; do 23 | local temp=${spinstr#?} 24 | printf " [%c] " "$spinstr" 25 | local spinstr=$temp${spinstr%"$temp"} 26 | sleep $delay 27 | printf "\b\b\b\b\b\b" 28 | done 29 | printf " \b\b\b\b" 30 | } 31 | 32 | 33 | function hide_output { 34 | OUTPUT=$(tempfile) 35 | $@ &> $OUTPUT & spinner 36 | E=$? 37 | if [ $E != 0 ]; then 38 | echo 39 | echo FAILED: $@ 40 | echo ----------------------------------------- 41 | cat $OUTPUT 42 | echo ----------------------------------------- 43 | exit $E 44 | fi 45 | 46 | rm -f $OUTPUT 47 | } 48 | 49 | 50 | function apt_get_quiet { 51 | DEBIAN_FRONTEND=noninteractive hide_output sudo apt -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" "$@" 52 | } 53 | 54 | 55 | function apt_install { 56 | PACKAGES=$@ 57 | apt_get_quiet install $PACKAGES 58 | } 59 | 60 | 61 | function ufw_allow { 62 | if [ -z "$DISABLE_FIREWALL" ]; then 63 | sudo ufw allow $1 > /dev/null; 64 | fi 65 | } 66 | 67 | function restart_service { 68 | hide_output sudo service $1 restart 69 | } 70 | 71 | ## Dialog Functions ## 72 | function message_box { 73 | dialog --title "$1" --msgbox "$2" 0 0 74 | } 75 | 76 | function input_box { 77 | # input_box "title" "prompt" "defaultvalue" VARIABLE 78 | # The user's input will be stored in the variable VARIABLE. 79 | # The exit code from dialog will be stored in VARIABLE_EXITCODE. 80 | declare -n result=$4 81 | declare -n result_code=$4_EXITCODE 82 | result=$(dialog --stdout --title "$1" --inputbox "$2" 0 0 "$3") 83 | result_code=$? 84 | } 85 | 86 | function input_menu { 87 | # input_menu "title" "prompt" "tag item tag item" VARIABLE 88 | # The user's input will be stored in the variable VARIABLE. 89 | # The exit code from dialog will be stored in VARIABLE_EXITCODE. 90 | declare -n result=$4 91 | declare -n result_code=$4_EXITCODE 92 | local IFS=^$'\n' 93 | result=$(dialog --stdout --title "$1" --menu "$2" 0 0 0 $3) 94 | result_code=$? 95 | } 96 | 97 | function get_publicip_from_web_service { 98 | # This seems to be the most reliable way to determine the 99 | # machine's public IP address: asking a very nice web API 100 | # for how they see us. Thanks go out to icanhazip.com. 101 | # See: https://major.io/icanhazip-com-faq/ 102 | # 103 | # Pass '4' or '6' as an argument to this function to specify 104 | # what type of address to get (IPv4, IPv6). 105 | curl -$1 --fail --silent --max-time 15 icanhazip.com 2>/dev/null 106 | } 107 | 108 | function get_default_privateip { 109 | # Return the IP address of the network interface connected 110 | # to the Internet. 111 | # 112 | # Pass '4' or '6' as an argument to this function to specify 113 | # what type of address to get (IPv4, IPv6). 114 | # 115 | # We used to use `hostname -I` and then filter for either 116 | # IPv4 or IPv6 addresses. However if there are multiple 117 | # network interfaces on the machine, not all may be for 118 | # reaching the Internet. 119 | # 120 | # Instead use `ip route get` which asks the kernel to use 121 | # the system's routes to select which interface would be 122 | # used to reach a public address. We'll use 8.8.8.8 as 123 | # the destination. It happens to be Google Public DNS, but 124 | # no connection is made. We're just seeing how the box 125 | # would connect to it. There many be multiple IP addresses 126 | # assigned to an interface. `ip route get` reports the 127 | # preferred. That's good enough for us. See issue #121. 128 | # 129 | # With IPv6, the best route may be via an interface that 130 | # only has a link-local address (fe80::*). These addresses 131 | # are only unique to an interface and so need an explicit 132 | # interface specification in order to use them with bind(). 133 | # In these cases, we append "%interface" to the address. 134 | # See the Notes section in the man page for getaddrinfo and 135 | # https://discourse.mailinabox.email/t/update-broke-mailinabox/34/9. 136 | # 137 | # Also see ae67409603c49b7fa73c227449264ddd10aae6a9 and 138 | # issue #3 for why/how we originally added IPv6. 139 | 140 | target=8.8.8.8 141 | 142 | # For the IPv6 route, use the corresponding IPv6 address 143 | # of Google Public DNS. Again, it doesn't matter so long 144 | # as it's an address on the public Internet. 145 | if [ "$1" == "6" ]; then target=2001:4860:4860::8888; fi 146 | 147 | # Get the route information. 148 | route=$(ip -$1 -o route get $target | grep -v unreachable) 149 | 150 | # Parse the address out of the route information. 151 | address=$(echo $route | sed "s/.* src \([^ ]*\).*/\1/") 152 | 153 | if [[ "$1" == "6" && $address == fe80:* ]]; then 154 | # For IPv6 link-local addresses, parse the interface out 155 | # of the route information and append it with a '%'. 156 | interface=$(echo $route | sed "s/.* dev \([^ ]*\).*/\1/") 157 | address=$address%$interface 158 | fi 159 | 160 | echo $address 161 | 162 | } -------------------------------------------------------------------------------- /utils/coin.list: -------------------------------------------------------------------------------- 1 | 007 2 | URO 3 | CANN 4 | POT 5 | TAG 6 | DOGE 7 | RBY 8 | NOTE 9 | LTC 10 | NVC 11 | START 12 | 42 13 | JBS 14 | LSD 15 | J 16 | SLG 17 | VIK 18 | RPC 19 | XG 20 | DP 21 | MARYJ 22 | XMG 23 | RUBLE 24 | XCLD 25 | SWIFT 26 | ARCH 27 | GAIA 28 | WWC 29 | XRP 30 | LMR 31 | MNE 32 | CRW 33 | VDO 34 | NOPE 35 | XWT 36 | MUE 37 | DTC 38 | SRC 39 | QRK 40 | SMBR 41 | PXC 42 | FTC 43 | HYP 44 | LOG 45 | QBK 46 | CENT 47 | BLOCK 48 | CATC 49 | SCSY 50 | GUN 51 | ABY 52 | BALLS 53 | QSLV 54 | U 55 | BYC 56 | BUN 57 | UFO 58 | ZER 59 | ZNY 60 | VTC 61 | MRY 62 | HLC 63 | CRYPT 64 | ACHK 65 | BRXv2 66 | GSX 67 | PFC 68 | EXE 69 | MN 70 | VPN 71 | VIOR 72 | BAY 73 | HIC 74 | DEAF 75 | BTS 76 | CKC 77 | VIA 78 | ERM 79 | FUD 80 | AM 81 | FIND 82 | CBR 83 | SPR 84 | PTC 85 | METAL 86 | CXC 87 | ULTC 88 | SYS 89 | BCF 90 | DGC 91 | MONA 92 | MEC 93 | ANC 94 | RMS 95 | BTM 96 | WDC 97 | CAT 98 | HUC 99 | EVENT 100 | FAIR 101 | DS 102 | DGB 103 | BCENT 104 | SMLY 105 | XPY 106 | NOO 107 | SUPER 108 | VTR 109 | CLAM 110 | TTC 111 | XAI 112 | NKT 113 | FLO 114 | RDD 115 | NXT 116 | BC 117 | MYR-qubit 118 | UTC 119 | 888 120 | EFL 121 | DIME 122 | SLR 123 | WATER 124 | NLG 125 | GIVE 126 | WC 127 | NOBL 128 | BITS 129 | BLU 130 | OC 131 | THC 132 | ENRG 133 | SHIBE 134 | SFR 135 | NAUT 136 | VRC 137 | CURE 138 | SYNC 139 | BLC 140 | XSI 141 | XC 142 | XDQ 143 | MMXIV 144 | CAIX 145 | BBR 146 | HYPER 147 | CCN 148 | KTK 149 | MUGA 150 | VOOT 151 | BN 152 | XMR 153 | CLOAK 154 | CHCC 155 | BURN 156 | KORE 157 | RZR 158 | XDN 159 | MIN 160 | TECH 161 | GML 162 | TRK 163 | WKC 164 | QTL 165 | XXX 166 | AERO 167 | TRUST 168 | BRIT 169 | JUDGE 170 | NAV 171 | XST 172 | APEX 173 | ZET 174 | BTCD 175 | KEY 176 | NUD 177 | TRI 178 | PES 179 | ICG 180 | UNO 181 | ESC 182 | PINK 183 | IOC 184 | SDC 185 | RAW 186 | MAX 187 | LXC 188 | BOOM 189 | BOB 190 | UNAT 191 | MWC 192 | VAULT 193 | FC2 194 | SSD 195 | HAL 196 | BIG 197 | NEOS 198 | GB 199 | ROOT 200 | AXR 201 | RIPO 202 | FIBRE 203 | SHADE 204 | FLEX 205 | XBOT 206 | XCASH 207 | BURST 208 | LTCD 209 | CRAIG 210 | TIT 211 | BSTY 212 | GNS 213 | DCN 214 | PXI 215 | MLS 216 | ROS 217 | STV 218 | OPAL 219 | EXCL 220 | PYRA 221 | NET 222 | SEED 223 | PND 224 | GHC 225 | DOPE 226 | ONE 227 | BLEU 228 | BVC 229 | CAGE 230 | CDN 231 | CESC 232 | CLR 233 | CZC 234 | XVG 235 | DON 236 | FJC 237 | GCN 238 | GRN 239 | GUA 240 | HAM 241 | HEX 242 | HTML5 243 | IFC 244 | IRL 245 | KARM 246 | MINT 247 | MOON 248 | MTLMC 249 | NMC 250 | NYC 251 | ORB 252 | PAC 253 | PCC 254 | PHC 255 | PPC 256 | RC 257 | SXC 258 | TRL 259 | USD 260 | VTA 261 | XPM 262 | BTQ 263 | EMC2 264 | GIMP 265 | GRC 266 | KRYP 267 | MIC 268 | MOTO 269 | MSC 270 | NIC 271 | NWO 272 | PLCN 273 | PROZ 274 | SONG 275 | SPUDS 276 | SQC 277 | VOXP 278 | VTX 279 | XRC 280 | XSX 281 | AC 282 | ACOIN 283 | AGS 284 | ALF 285 | ALN 286 | AMC 287 | ARG 288 | AUR 289 | BCX 290 | BEN 291 | BET 292 | BNCR 293 | BOST 294 | BQC 295 | BTB 296 | BTE 297 | BTG 298 | BUK 299 | CACH 300 | CAP 301 | CASH 302 | CGB 303 | CINNI 304 | CMC 305 | CNC 306 | CNL 307 | COMM 308 | COOL 309 | CRACK 310 | CRC 311 | CSC 312 | DEM 313 | DMD 314 | DRKC 315 | DT 316 | DVC 317 | EAC 318 | ELC 319 | EMD 320 | EZC 321 | FFC 322 | FLT 323 | FRAC 324 | FRK 325 | FST 326 | GDC 327 | GLC 328 | GLD 329 | GLX 330 | GLYPH 331 | GUE 332 | HBN 333 | HVC 334 | ICB 335 | IXC 336 | JKC 337 | KDC 338 | KGC 339 | LAB 340 | LGD 341 | LK7 342 | LKY 343 | LTB 344 | LTCX 345 | LYC 346 | MED 347 | MNC 348 | MZC 349 | NAN 350 | NBL 351 | NEC 352 | NRB 353 | NRS 354 | NYAN 355 | OSC 356 | PHS 357 | Points 358 | PSEUD 359 | PTS 360 | PYC 361 | RT2 362 | RYC 363 | SAT2 364 | SBC 365 | SHLD 366 | SILK 367 | SMC 368 | SOLE 369 | SPA 370 | SPT 371 | SSV 372 | STR 373 | TAK 374 | TEK 375 | TES 376 | TGC 377 | TOR 378 | TRC 379 | UNB 380 | USDe 381 | XCR 382 | XJO 383 | XLB 384 | YAC 385 | YBC 386 | ZCC 387 | ZED 388 | ADT 389 | ASC 390 | BAT 391 | COL 392 | CPR 393 | CTM 394 | DBL 395 | DMC 396 | ELP 397 | FLAP 398 | GME 399 | LEAF 400 | LOT 401 | MEM 402 | MEOW 403 | MST 404 | RBBT 405 | RED 406 | TIPS 407 | TIX 408 | XNC 409 | ZEIT 410 | EQX 411 | UCI 412 | ggggg 413 | VMC 414 | GMC 415 | 2015 416 | HGC 417 | UIS 418 | SBIT 419 | BLK 420 | BCR 421 | XSP 422 | INCA 423 | NKA 424 | CON 425 | EAGS 426 | GP 427 | USDT 428 | XBS 429 | ARI 430 | DGD 431 | XPC 432 | XDE 433 | CSD 434 | RBR 435 | FSC2 436 | XWC 437 | 1CR 438 | ACH 439 | ADN 440 | BCN 441 | BELA 442 | C2 443 | CGA 444 | CHA 445 | CNMT 446 | CYC 447 | DIEM 448 | DSH 449 | FLDC 450 | GAP 451 | GDN 452 | GEMZ 453 | GOLD 454 | GRS 455 | HIRO 456 | HZ 457 | JLH 458 | LTBC 459 | MAID 460 | MCN 461 | MIL 462 | MMC 463 | MMNXT 464 | MNTA 465 | MRS 466 | NBT 467 | NOXT 468 | NXTI 469 | PIGGY 470 | PRC 471 | RIC 472 | SJCX 473 | SQL 474 | SRCC 475 | SWARM 476 | UNITY 477 | WOLF 478 | XAP 479 | XBC 480 | XCH 481 | XCN 482 | XCP 483 | XDP 484 | XUSD 485 | YACC 486 | GIG 487 | SOON 488 | OBS 489 | XFB 490 | CCC 491 | OMA 492 | CETI 493 | XPB 494 | BTCS 495 | MYST 496 | 10K 497 | XTR 498 | AMBER 499 | LQD 500 | GEO 501 | KOBO 502 | CELL 503 | CBX 504 | XPD 505 | NVCD 506 | PEN 507 | BEAN 508 | BITB 509 | DGORE 510 | XTC 511 | LTS 512 | SLM 513 | GRID 514 | SMAC 515 | DD 516 | CIN 517 | SUP 518 | LYB 519 | PTY 520 | GSM 521 | NSR 522 | MTR 523 | ECASH 524 | WBB 525 | XVC 526 | VOYA 527 | XCO 528 | ZRC 529 | UNC 530 | XFC 531 | XAU 532 | MINE 533 | ASN 534 | RBT 535 | LDOGE 536 | PAY 537 | OMC 538 | BITZ 539 | CRAVE 540 | ZIRK 541 | XDB 542 | DASH 543 | BTCRY 544 | ICASH 545 | 256 546 | SLFI 547 | XEM 548 | CC 549 | CAD 550 | EUR 551 | OCTO 552 | ICN 553 | URC 554 | CRY 555 | PXL 556 | QORA 557 | CYP 558 | MRP 559 | EKN 560 | EGG 561 | STP 562 | NXE 563 | AECC 564 | PLANET 565 | FIRE 566 | ANAL 567 | MTLMC3 568 | TWIST 569 | CRIME 570 | BTCR 571 | TEC 572 | KARMA 573 | TCX 574 | TAB 575 | NDOGE 576 | GIFT 577 | BBCC 578 | TRICK 579 | DGMS 580 | CCB 581 | OZC 582 | STK 583 | SIC 584 | DECR 585 | RICE 586 | XPRO 587 | TRON 588 | GIZ 589 | ETRUST 590 | LEA 591 | HZT 592 | P7C 593 | IEC 594 | 8BIT 595 | OK 596 | ACP 597 | CGN 598 | CF 599 | CTK 600 | NTRN 601 | COV 602 | SLING 603 | MYR 604 | UIS-skein 605 | UIS-qubit 606 | LUX 607 | DRZ 608 | 7 609 | HUGE 610 | BLITZ 611 | NIRO 612 | GRAM 613 | SIGU 614 | AIB 615 | UNAT-skein 616 | QTZ 617 | DOX 618 | XTP 619 | XNX 620 | XSEED 621 | XMS 622 | GUM 623 | SPHR 624 | TDFB 625 | BTX 626 | UNIT 627 | BUB 628 | GPH 629 | GRAV 630 | SPC 631 | CTO 632 | EPY 633 | GOAT 634 | PNC 635 | UTLE 636 | VIRAL 637 | ISL 638 | GAM 639 | PKB 640 | EPC 641 | VTN 642 | FCS 643 | TKT 644 | FSN 645 | BTI 646 | LIMX 647 | SHELL 648 | CLV 649 | TB 650 | BIT16 651 | 16BIT 652 | M1 653 | KRAK 654 | BA 655 | AST 656 | GRT 657 | BTA 658 | MRB 659 | PTA 660 | DCC 661 | ARB 662 | CORG 663 | DB 664 | EQM 665 | FADE 666 | SED 667 | SKB 668 | TNG 669 | TWERK 670 | CS 671 | GENIUS 672 | PRE 673 | NICE 674 | XNA 675 | 32BIT 676 | VCN 677 | CREVA 678 | ADC 679 | SNRG 680 | ECC 681 | RDN 682 | PSY 683 | TWLV 684 | VCOIN 685 | MOIN 686 | GREED 687 | EXB 688 | GLUCK 689 | DRA 690 | OPTION 691 | SEEDS 692 | NANAS 693 | BNB 694 | ARPA 695 | VAPOR 696 | DUB 697 | FIST 698 | XPH 699 | XCE 700 | DRKT 701 | ILM 702 | GEN 703 | TRANSF 704 | EOC 705 | SAK 706 | SEN 707 | HEDG 708 | ERC 709 | NODX 710 | WOC2 711 | CIRC 712 | SMSR 713 | GLOBE 714 | XVI 715 | FUTC 716 | BOD 717 | GTFO 718 | DIBS 719 | GRM 720 | GENE 721 | SPKTR 722 | BUCKS 723 | GENI 724 | INDEX 725 | POLY 726 | TAM 727 | HAZE 728 | TAGR 729 | EA 730 | SPEC 731 | XRA 732 | BLUS 733 | KC 734 | TENNET 735 | EXT 736 | SPX 737 | GMCX 738 | SJW 739 | BAM 740 | CRPS 741 | HXX 742 | FLAX 743 | CHC 744 | YOVI 745 | DRP 746 | XDC 747 | DOT 748 | WSX 749 | POP 750 | DARK 751 | SVC 752 | MDC 753 | 66 754 | $$$ 755 | XGR 756 | XPL 757 | KIWI 758 | NTC 759 | TTY 760 | TOP 761 | CIV 762 | GXG 763 | FTCC 764 | $MINE 765 | ADD 766 | $MINEW 767 | $MINEZ 768 | IPC 769 | SPN 770 | BSY 771 | DUCK 772 | UNIC 773 | FUNK 774 | CNO 775 | CHAO 776 | BLZ 777 | EMC 778 | OFF 779 | BDSM 780 | EXC 781 | FETISH 782 | SHA 783 | SKC 784 | MARS 785 | CX 786 | CDC 787 | ANI 788 | DUO 789 | GRW 790 | PLC 791 | V 792 | QUIT 793 | BNX 794 | ALCUREX 795 | BTRHA 796 | CV2 797 | DRM 798 | FAIL 799 | FIMK 800 | FRSH 801 | FX01 802 | HANSA 803 | ISO 804 | MRC 805 | NODE 806 | P0001 807 | PHO 808 | PPCD 809 | RUM 810 | TALK 811 | VAPE 812 | ZUR 813 | CARB 814 | IDC 815 | MCAR 816 | VERSA 817 | LFO 818 | FIC 819 | 2BACCO 820 | NUKE 821 | SPROUT 822 | MDT 823 | SPRTS 824 | CPN 825 | BSC 826 | BSD 827 | DIGS 828 | IBITS 829 | CPC 830 | AXIOM 831 | AEON 832 | ETH 833 | GCR 834 | MACRO 835 | TX 836 | SHF 837 | BCY 838 | PRIME 839 | EXP 840 | NEU 841 | SWING 842 | MAPC 843 | INFX 844 | SOIL 845 | OMNI 846 | AMP 847 | AGRS 848 | XLM 849 | BITCNY 850 | CUBE 851 | BST 852 | AMS 853 | SCRT 854 | SCOT 855 | CLUB 856 | BNT 857 | VOX 858 | MND 859 | FCT 860 | EGC 861 | SLS 862 | HIRE 863 | STEPS 864 | RADS 865 | DCR 866 | SEC 867 | DNET 868 | WARP 869 | CRBIT 870 | FUEL 871 | NOC 872 | TROLL 873 | BITUSD 874 | SC 875 | 1337 876 | ADCN 877 | AND 878 | ANTI 879 | APC 880 | AR2 881 | BAC 882 | BIC 883 | BIOS 884 | BTCHC 885 | CBIT 886 | CHIP 887 | CIONZ 888 | CRE 889 | CYG 890 | DEUR 891 | DROP 892 | EC 893 | EDRC 894 | FNX 895 | FLOZ 896 | FTP 897 | GCC 898 | GMX 899 | GSY 900 | HMP 901 | HNC 902 | HODL 903 | HTC 904 | KLC 905 | KNC 906 | MBL 907 | MI 908 | MMXVI 909 | NKC 910 | OP 911 | OPES 912 | PULSE 913 | RBIES 914 | REV 915 | TRBO 916 | SIB 917 | STS 918 | TBC 919 | VAL 920 | WLC 921 | WOP 922 | XCT 923 | XHI 924 | XID 925 | YOC 926 | PRT 927 | ZOOM 928 | LGBTQ 929 | BOLI 930 | DGCS 931 | ADZ 932 | RICHX 933 | REP 934 | RUBIT 935 | SANDG 936 | BRONZ 937 | X2 938 | LTCR 939 | EVO 940 | BTP 941 | CPNC 942 | EVIL 943 | JIF 944 | BTCU 945 | SPL 946 | BUZZ 947 | TRUMP 948 | DBIC 949 | FONZ 950 | GAME 951 | CFC 952 | VGC 953 | PR 954 | GRE-OLD 955 | EUC 956 | PAK 957 | CAPT 958 | I0C 959 | EBG 960 | BUMBA 961 | FLY 962 | WHIPPED 963 | SHND 964 | G3N 965 | UMO 966 | FOOT 967 | CHAI 968 | CZECO 969 | DRK 970 | HZDOGE 971 | STATS 972 | BANX 973 | MCZ 974 | MEME 975 | KUMA 976 | CHILD 977 | XQN 978 | DES 979 | UNF 980 | 981 | -------------------------------------------------------------------------------- /old/install-v0.1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Original Author: crombiecrunch 4 | # Fork Author: manfromafar 5 | # Current Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 6 | # Web: 7 | # 8 | # Program: 9 | # Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0.x 10 | # 11 | # 12 | ################################################################################ 13 | output() { 14 | printf "\E[0;33;40m" 15 | echo $1 16 | printf "\E[0m" 17 | } 18 | 19 | displayErr() { 20 | echo 21 | echo $1; 22 | echo 23 | exit 1; 24 | } 25 | 26 | output " " 27 | output "Make sure you double check before hitting enter! Only one shot at these!" 28 | output " " 29 | read -e -p "Enter time zone (e.g. America/New_York) : " TIME 30 | read -e -p "Server name (no http:// or www. just : example.com or pool.example.com) : " server_name 31 | read -e -p "Are you using a subdomain (pool.example.com?) [y/N] : " sub_domain 32 | read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL 33 | read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC 34 | read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel 35 | read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public 36 | read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban 37 | read -e -p "Install UFW and configure ports? [Y/n] : " UFW 38 | read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install 39 | 40 | 41 | # Update package and Upgrade Ubuntu 42 | output " " 43 | output "Updating system and installing required packages." 44 | output " " 45 | sleep 3 46 | 47 | sudo apt-get -y update 48 | sudo apt-get -y upgrade 49 | sudo apt-get -y autoremove 50 | 51 | 52 | # Switch Aptitude 53 | output " " 54 | output "Switching to Aptitude" 55 | output " " 56 | sleep 3 57 | 58 | sudo apt-get -y install aptitude 59 | 60 | 61 | # Installing Nginx 62 | output " " 63 | output "Installing Nginx server." 64 | output " " 65 | sleep 3 66 | 67 | sudo aptitude -y install nginx 68 | sudo rm /etc/nginx/sites-enabled/default 69 | sudo systemctl start nginx.service 70 | sudo systemctl enable nginx.service 71 | sudo systemctl start cron.service 72 | sudo systemctl enable cron.service 73 | 74 | 75 | # Making Nginx a bit hard 76 | echo 'map $http_user_agent $blockedagent { 77 | default 0; 78 | ~*malicious 1; 79 | ~*bot 1; 80 | ~*backdoor 1; 81 | ~*crawler 1; 82 | ~*bandit 1; 83 | } 84 | ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 85 | 86 | 87 | # Installing Mariadb 88 | output " " 89 | output "Installing Mariadb Server." 90 | output " " 91 | sleep 3 92 | 93 | # Create random password 94 | rootpasswd=$(openssl rand -base64 12) 95 | export DEBIAN_FRONTEND="noninteractive" 96 | sudo aptitude -y install mariadb-server 97 | sudo systemctl start mysql 98 | sudo systemctl enable mysql 99 | 100 | 101 | # Installing Installing php7.x 102 | output " " 103 | output "Installing php7.x" 104 | output " " 105 | sleep 3 106 | 107 | sudo aptitude -y install php7.0-fpm 108 | sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring 109 | sudo phpenmod mcrypt 110 | sudo phpenmod mbstring 111 | sudo systemctl start php7.0-fpm.service 112 | 113 | 114 | # Installing other needed files 115 | output " " 116 | output "Installing other needed files" 117 | output " " 118 | sleep 3 119 | 120 | sudo aptitude -y install libgmp3-dev 121 | sudo aptitude -y install libmysqlclient-dev 122 | sudo aptitude -y install libcurl4-gnutls-dev 123 | sudo aptitude -y install libkrb5-dev 124 | sudo aptitude -y install libldap2-dev 125 | sudo aptitude -y install libidn11-dev 126 | sudo aptitude -y install gnutls-dev 127 | sudo aptitude -y install librtmp-dev 128 | sudo aptitude -y install sendmail 129 | sudo aptitude -y install mutt 130 | sudo aptitude -y install git screen 131 | sudo aptitude -y install pwgen -y 132 | 133 | 134 | # Installing Package to compile crypto currency 135 | output " " 136 | output "Installing Package to compile crypto currency" 137 | output " " 138 | sleep 3 139 | 140 | sudo aptitude -y install software-properties-common build-essential 141 | sudo aptitude -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev 142 | sudo aptitude -y install libminiupnpc10 libzmq5 143 | sudo aptitude -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev 144 | sudo aptitude -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler 145 | sudo add-apt-repository -y ppa:bitcoin/bitcoin 146 | sudo apt-get -y update 147 | sudo apt-get install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ 148 | 149 | 150 | # Generating Random Passwords 151 | password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 152 | password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 153 | AUTOGENERATED_PASS=`pwgen -c -1 20` 154 | 155 | 156 | # Test Email 157 | output " " 158 | output "Testing to see if server emails are sent" 159 | output " " 160 | sleep 3 161 | 162 | if [[ "$root_email" != "" ]]; then 163 | echo $root_email > sudo tee --append ~/.email 164 | echo $root_email > sudo tee --append ~/.forward 165 | 166 | if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then 167 | echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message 168 | echo "You should receive this !" >> sudo tee --append /tmp/email.message 169 | echo "" >> sudo tee --append /tmp/email.message 170 | echo "Cheers" >> sudo tee --append /tmp/email.message 171 | sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message 172 | 173 | sudo rm -f /tmp/email.message 174 | echo "Mail sent" 175 | fi 176 | fi 177 | 178 | 179 | # Installing Fail2Ban & UFW 180 | output " " 181 | output "Some optional installs (Fail2Ban & UFW)" 182 | output " " 183 | sleep 3 184 | 185 | 186 | if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then 187 | sudo aptitude -y install fail2ban 188 | fi 189 | if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then 190 | sudo apt-get install ufw 191 | sudo ufw default deny incoming 192 | sudo ufw default allow outgoing 193 | sudo ufw allow ssh 194 | sudo ufw allow http 195 | sudo ufw allow https 196 | sudo ufw allow 3333/tcp 197 | sudo ufw allow 3339/tcp 198 | sudo ufw allow 3334/tcp 199 | sudo ufw allow 3433/tcp 200 | sudo ufw allow 3555/tcp 201 | sudo ufw allow 3556/tcp 202 | sudo ufw allow 3573/tcp 203 | sudo ufw allow 3535/tcp 204 | sudo ufw allow 3533/tcp 205 | sudo ufw allow 3553/tcp 206 | sudo ufw allow 3633/tcp 207 | sudo ufw allow 3733/tcp 208 | sudo ufw allow 3636/tcp 209 | sudo ufw allow 3737/tcp 210 | sudo ufw allow 3739/tcp 211 | sudo ufw allow 3747/tcp 212 | sudo ufw allow 3833/tcp 213 | sudo ufw allow 3933/tcp 214 | sudo ufw allow 4033/tcp 215 | sudo ufw allow 4133/tcp 216 | sudo ufw allow 4233/tcp 217 | sudo ufw allow 4234/tcp 218 | sudo ufw allow 4333/tcp 219 | sudo ufw allow 4433/tcp 220 | sudo ufw allow 4533/tcp 221 | sudo ufw allow 4553/tcp 222 | sudo ufw allow 4633/tcp 223 | sudo ufw allow 4733/tcp 224 | sudo ufw allow 4833/tcp 225 | sudo ufw allow 4933/tcp 226 | sudo ufw allow 5033/tcp 227 | sudo ufw allow 5133/tcp 228 | sudo ufw allow 5233/tcp 229 | sudo ufw allow 5333/tcp 230 | sudo ufw allow 5433/tcp 231 | sudo ufw allow 5533/tcp 232 | sudo ufw allow 5733/tcp 233 | sudo ufw allow 5743/tcp 234 | sudo ufw allow 3252/tcp 235 | sudo ufw allow 5755/tcp 236 | sudo ufw allow 5766/tcp 237 | sudo ufw allow 5833/tcp 238 | sudo ufw allow 5933/tcp 239 | sudo ufw allow 6033/tcp 240 | sudo ufw allow 5034/tcp 241 | sudo ufw allow 6133/tcp 242 | sudo ufw allow 6233/tcp 243 | sudo ufw allow 6333/tcp 244 | sudo ufw allow 6433/tcp 245 | sudo ufw allow 7433/tcp 246 | sudo ufw allow 8333/tcp 247 | sudo ufw allow 8463/tcp 248 | sudo ufw allow 8433/tcp 249 | sudo ufw allow 8533/tcp 250 | sudo ufw --force enable 251 | fi 252 | 253 | 254 | # Installing PhpMyAdmin 255 | output " " 256 | output "Installing phpmyadmin" 257 | output " " 258 | sleep 3 259 | 260 | echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections 261 | echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections 262 | echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections 263 | echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections 264 | echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections 265 | echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections 266 | sudo aptitude -y install phpmyadmin 267 | 268 | 269 | # Installing Yiimp 270 | output " " 271 | output " Installing Yiimp" 272 | output " " 273 | output "Grabbing yiimp fron Github, building files and setting file structure." 274 | output " " 275 | sleep 3 276 | 277 | 278 | # Generating Random Password for stratum 279 | blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 280 | 281 | # Compil Blocknotify 282 | cd ~ 283 | git clone https://github.com/tpruvot/yiimp.git 284 | cd $HOME/yiimp/blocknotify 285 | sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp 286 | sudo make 287 | 288 | # Compil iniparser 289 | cd $HOME/yiimp/stratum/iniparser 290 | sudo make 291 | 292 | # Compil Stratum 293 | cd $HOME/yiimp/stratum 294 | if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then 295 | sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile 296 | sudo make 297 | fi 298 | sudo make 299 | 300 | # Copy Files (Blocknotify,iniparser,Stratum) 301 | cd $HOME/yiimp 302 | sudo sed -i 's/AdminRights/'$admin_panel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php 303 | sudo cp -r $HOME/yiimp/web /var/ 304 | sudo mkdir -p /var/stratum 305 | cd $HOME/yiimp/stratum 306 | sudo cp -a config.sample/. /var/stratum/config 307 | sudo cp -r stratum /var/stratum 308 | sudo cp -r run.sh /var/stratum 309 | cd $HOME/yiimp 310 | sudo cp -r $HOME/yiimp/bin/. /bin/ 311 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ 312 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ 313 | sudo mkdir -p /etc/yiimp 314 | sudo mkdir -p /$HOME/backup/ 315 | #fixing yiimp 316 | sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp 317 | #fixing run.sh 318 | sudo rm -r /var/stratum/config/run.sh 319 | echo ' 320 | #!/bin/bash 321 | ulimit -n 10240 322 | ulimit -u 10240 323 | cd /var/stratum 324 | while true; do 325 | ./stratum /var/stratum/config/$1 326 | sleep 2 327 | done 328 | exec bash 329 | ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 330 | sudo chmod +x /var/stratum/config/run.sh 331 | 332 | 333 | # Update Timezone 334 | output " " 335 | output "Update default timezone." 336 | output " " 337 | 338 | # Check if link file 339 | sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime 340 | 341 | # Update time zone 342 | sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime 343 | sudo aptitude -y install ntpdate 344 | 345 | # Write time to clock. 346 | sudo hwclock -w 347 | 348 | 349 | # Making Web Server Magic Happen 350 | output " " 351 | output "Making Web Server Magic Happen!" 352 | output " " 353 | 354 | # Adding user to group, creating dir structure, setting permissions 355 | sudo mkdir -p /var/www/$server_name/html 356 | 357 | 358 | # Creating webserver initial config file 359 | output " " 360 | output "Creating webserver initial config file" 361 | output " " 362 | 363 | if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then 364 | echo 'include /etc/nginx/blockuseragents.rules; 365 | server { 366 | if ($blockedagent) { 367 | return 403; 368 | } 369 | if ($request_method !~ ^(GET|HEAD|POST)$) { 370 | return 444; 371 | } 372 | listen 80; 373 | listen [::]:80; 374 | server_name '"${server_name}"'; 375 | root "/var/www/'"${server_name}"'/html/web"; 376 | index index.html index.htm index.php; 377 | charset utf-8; 378 | 379 | location / { 380 | try_files $uri $uri/ /index.php?$args; 381 | } 382 | location @rewrite { 383 | rewrite ^/(.*)$ /index.php?r=$1; 384 | } 385 | 386 | location = /favicon.ico { access_log off; log_not_found off; } 387 | location = /robots.txt { access_log off; log_not_found off; } 388 | 389 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 390 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 391 | 392 | # allow larger file uploads and longer script runtimes 393 | client_body_buffer_size 50k; 394 | client_header_buffer_size 50k; 395 | client_max_body_size 50k; 396 | large_client_header_buffers 2 50k; 397 | sendfile off; 398 | 399 | location ~ ^/index\.php$ { 400 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 401 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 402 | fastcgi_index index.php; 403 | include fastcgi_params; 404 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 405 | fastcgi_intercept_errors off; 406 | fastcgi_buffer_size 16k; 407 | fastcgi_buffers 4 16k; 408 | fastcgi_connect_timeout 300; 409 | fastcgi_send_timeout 300; 410 | fastcgi_read_timeout 300; 411 | try_files $uri $uri/ =404; 412 | } 413 | location ~ \.php$ { 414 | return 404; 415 | } 416 | location ~ \.sh { 417 | return 404; 418 | } 419 | location ~ /\.ht { 420 | deny all; 421 | } 422 | location ~ /.well-known { 423 | allow all; 424 | } 425 | location /phpmyadmin { 426 | root /usr/share/; 427 | index index.php; 428 | try_files $uri $uri/ =404; 429 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 430 | deny all; 431 | } 432 | location ~ /phpmyadmin/(.+\.php)$ { 433 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 434 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 435 | include fastcgi_params; 436 | include snippets/fastcgi-php.conf; 437 | } 438 | } 439 | } 440 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 441 | 442 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 443 | sudo ln -s /var/web /var/www/$server_name/html 444 | sudo systemctl reload php7.0-fpm.service 445 | sudo systemctl restart nginx.service 446 | 447 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 448 | 449 | # Install SSL (with SubDomain) 450 | output " " 451 | output "Install LetsEncrypt and setting SSL (with SubDomain)" 452 | output " " 453 | 454 | sudo aptitude -y install letsencrypt 455 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" 456 | sudo rm /etc/nginx/sites-available/$server_name.conf 457 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 458 | # I am SSL Man! 459 | echo 'include /etc/nginx/blockuseragents.rules; 460 | server { 461 | if ($blockedagent) { 462 | return 403; 463 | } 464 | if ($request_method !~ ^(GET|HEAD|POST)$) { 465 | return 444; 466 | } 467 | listen 80; 468 | listen [::]:80; 469 | server_name '"${server_name}"'; 470 | # enforce https 471 | return 301 https://$server_name$request_uri; 472 | } 473 | 474 | server { 475 | if ($blockedagent) { 476 | return 403; 477 | } 478 | if ($request_method !~ ^(GET|HEAD|POST)$) { 479 | return 444; 480 | } 481 | listen 443 ssl http2; 482 | listen [::]:443 ssl http2; 483 | server_name '"${server_name}"'; 484 | 485 | root /var/www/'"${server_name}"'/html/web; 486 | index index.php; 487 | 488 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 489 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 490 | 491 | # allow larger file uploads and longer script runtimes 492 | client_body_buffer_size 50k; 493 | client_header_buffer_size 50k; 494 | client_max_body_size 50k; 495 | large_client_header_buffers 2 50k; 496 | sendfile off; 497 | 498 | # strengthen ssl security 499 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 500 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 501 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 502 | ssl_prefer_server_ciphers on; 503 | ssl_session_cache shared:SSL:10m; 504 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 505 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 506 | 507 | # Add headers to serve security related headers 508 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 509 | add_header X-Content-Type-Options nosniff; 510 | add_header X-XSS-Protection "1; mode=block"; 511 | add_header X-Robots-Tag none; 512 | add_header Content-Security-Policy "frame-ancestors 'self'"; 513 | 514 | location / { 515 | try_files $uri $uri/ /index.php?$args; 516 | } 517 | location @rewrite { 518 | rewrite ^/(.*)$ /index.php?r=$1; 519 | } 520 | 521 | 522 | location ~ ^/index\.php$ { 523 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 524 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 525 | fastcgi_index index.php; 526 | include fastcgi_params; 527 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 528 | fastcgi_intercept_errors off; 529 | fastcgi_buffer_size 16k; 530 | fastcgi_buffers 4 16k; 531 | fastcgi_connect_timeout 300; 532 | fastcgi_send_timeout 300; 533 | fastcgi_read_timeout 300; 534 | include /etc/nginx/fastcgi_params; 535 | try_files $uri $uri/ =404; 536 | } 537 | location ~ \.php$ { 538 | return 404; 539 | } 540 | location ~ \.sh { 541 | return 404; 542 | } 543 | 544 | location ~ /\.ht { 545 | deny all; 546 | } 547 | location /phpmyadmin { 548 | root /usr/share/; 549 | index index.php; 550 | try_files $uri $uri/ =404; 551 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 552 | deny all; 553 | } 554 | location ~ /phpmyadmin/(.+\.php)$ { 555 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 556 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 557 | include fastcgi_params; 558 | include snippets/fastcgi-php.conf; 559 | } 560 | } 561 | } 562 | 563 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 564 | fi 565 | 566 | sudo systemctl reload php7.0-fpm.service 567 | sudo systemctl restart nginx.service 568 | 569 | else 570 | echo 'include /etc/nginx/blockuseragents.rules; 571 | server { 572 | if ($blockedagent) { 573 | return 403; 574 | } 575 | if ($request_method !~ ^(GET|HEAD|POST)$) { 576 | return 444; 577 | } 578 | listen 80; 579 | listen [::]:80; 580 | server_name '"${server_name}"' www.'"${server_name}"'; 581 | root "/var/www/'"${server_name}"'/html/web"; 582 | index index.html index.htm index.php; 583 | charset utf-8; 584 | 585 | location / { 586 | try_files $uri $uri/ /index.php?$args; 587 | } 588 | location @rewrite { 589 | rewrite ^/(.*)$ /index.php?r=$1; 590 | } 591 | 592 | location = /favicon.ico { access_log off; log_not_found off; } 593 | location = /robots.txt { access_log off; log_not_found off; } 594 | 595 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 596 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 597 | 598 | # allow larger file uploads and longer script runtimes 599 | client_body_buffer_size 50k; 600 | client_header_buffer_size 50k; 601 | client_max_body_size 50k; 602 | large_client_header_buffers 2 50k; 603 | sendfile off; 604 | 605 | location ~ ^/index\.php$ { 606 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 607 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 608 | fastcgi_index index.php; 609 | include fastcgi_params; 610 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 611 | fastcgi_intercept_errors off; 612 | fastcgi_buffer_size 16k; 613 | fastcgi_buffers 4 16k; 614 | fastcgi_connect_timeout 300; 615 | fastcgi_send_timeout 300; 616 | fastcgi_read_timeout 300; 617 | try_files $uri $uri/ =404; 618 | } 619 | location ~ \.php$ { 620 | return 404; 621 | } 622 | location ~ \.sh { 623 | return 404; 624 | } 625 | location ~ /\.ht { 626 | deny all; 627 | } 628 | location ~ /.well-known { 629 | allow all; 630 | } 631 | location /phpmyadmin { 632 | root /usr/share/; 633 | index index.php; 634 | try_files $uri $uri/ =404; 635 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 636 | deny all; 637 | } 638 | location ~ /phpmyadmin/(.+\.php)$ { 639 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 640 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 641 | include fastcgi_params; 642 | include snippets/fastcgi-php.conf; 643 | } 644 | } 645 | } 646 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 647 | 648 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 649 | sudo ln -s /var/web /var/www/$server_name/html 650 | sudo systemctl reload php7.0-fpm.service 651 | sudo systemctl restart nginx.service 652 | 653 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 654 | 655 | # Install SSL (without SubDomain) 656 | output " " 657 | output "Install LetsEncrypt and setting SSL (without SubDomain)" 658 | output " " 659 | sleep 3 660 | 661 | sudo aptitude -y install letsencrypt 662 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" 663 | sudo rm /etc/nginx/sites-available/$server_name.conf 664 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 665 | # I am SSL Man! 666 | echo 'include /etc/nginx/blockuseragents.rules; 667 | server { 668 | if ($blockedagent) { 669 | return 403; 670 | } 671 | if ($request_method !~ ^(GET|HEAD|POST)$) { 672 | return 444; 673 | } 674 | listen 80; 675 | listen [::]:80; 676 | server_name '"${server_name}"'; 677 | # enforce https 678 | return 301 https://$server_name$request_uri; 679 | } 680 | 681 | server { 682 | if ($blockedagent) { 683 | return 403; 684 | } 685 | if ($request_method !~ ^(GET|HEAD|POST)$) { 686 | return 444; 687 | } 688 | listen 443 ssl http2; 689 | listen [::]:443 ssl http2; 690 | server_name '"${server_name}"' www.'"${server_name}"'; 691 | 692 | root /var/www/'"${server_name}"'/html/web; 693 | index index.php; 694 | 695 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 696 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 697 | 698 | # allow larger file uploads and longer script runtimes 699 | client_body_buffer_size 50k; 700 | client_header_buffer_size 50k; 701 | client_max_body_size 50k; 702 | large_client_header_buffers 2 50k; 703 | sendfile off; 704 | 705 | # strengthen ssl security 706 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 707 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 708 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 709 | ssl_prefer_server_ciphers on; 710 | ssl_session_cache shared:SSL:10m; 711 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 712 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 713 | 714 | # Add headers to serve security related headers 715 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 716 | add_header X-Content-Type-Options nosniff; 717 | add_header X-XSS-Protection "1; mode=block"; 718 | add_header X-Robots-Tag none; 719 | add_header Content-Security-Policy "frame-ancestors 'self'"; 720 | 721 | location / { 722 | try_files $uri $uri/ /index.php?$args; 723 | } 724 | location @rewrite { 725 | rewrite ^/(.*)$ /index.php?r=$1; 726 | } 727 | 728 | 729 | location ~ ^/index\.php$ { 730 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 731 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 732 | fastcgi_index index.php; 733 | include fastcgi_params; 734 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 735 | fastcgi_intercept_errors off; 736 | fastcgi_buffer_size 16k; 737 | fastcgi_buffers 4 16k; 738 | fastcgi_connect_timeout 300; 739 | fastcgi_send_timeout 300; 740 | fastcgi_read_timeout 300; 741 | include /etc/nginx/fastcgi_params; 742 | try_files $uri $uri/ =404; 743 | } 744 | location ~ \.php$ { 745 | return 404; 746 | } 747 | location ~ \.sh { 748 | return 404; 749 | } 750 | 751 | location ~ /\.ht { 752 | deny all; 753 | } 754 | location /phpmyadmin { 755 | root /usr/share/; 756 | index index.php; 757 | try_files $uri $uri/ =404; 758 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 759 | deny all; 760 | } 761 | location ~ /phpmyadmin/(.+\.php)$ { 762 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 763 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 764 | include fastcgi_params; 765 | include snippets/fastcgi-php.conf; 766 | } 767 | } 768 | } 769 | 770 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 771 | 772 | fi 773 | sudo systemctl reload php7.0-fpm.service 774 | sudo systemctl restart nginx.service 775 | fi 776 | 777 | 778 | # Config Database 779 | output " " 780 | output "Now for the database fun!" 781 | output " " 782 | sleep 3 783 | 784 | # Create database 785 | Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" 786 | Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" 787 | Q3="FLUSH PRIVILEGES;" 788 | SQL="${Q1}${Q2}${Q3}" 789 | sudo mysql -u root -p="" -e "$SQL" 790 | 791 | # Create stratum user 792 | Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" 793 | Q2="FLUSH PRIVILEGES;" 794 | SQL="${Q1}${Q2}" 795 | sudo mysql -u root -p="" -e "$SQL" 796 | 797 | #Create my.cnf 798 | 799 | echo ' 800 | [clienthost1] 801 | user=panel 802 | password='"${password}"' 803 | database=yiimpfrontend 804 | host=localhost 805 | [clienthost2] 806 | user=stratum 807 | password='"${password2}"' 808 | database=yiimpfrontend 809 | host=localhost 810 | [myphpadmin] 811 | user=phpmyadmin 812 | password='"${AUTOGENERATED_PASS}"' 813 | [mysql] 814 | user=root 815 | password='"${rootpasswd}"' 816 | ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 817 | sudo chmod 0600 ~/.my.cnf 818 | 819 | # Create keys file 820 | echo ' 821 | '"'"'); 827 | define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); 828 | define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); 829 | define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); 830 | define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); 831 | define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); 832 | define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); 833 | define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); 834 | define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); 835 | define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); 836 | define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); 837 | define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); 838 | define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); 839 | define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); 840 | ' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 841 | 842 | 843 | # Peforming the SQL import 844 | output " " 845 | output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you" 846 | output " " 847 | output "Peforming the SQL import" 848 | output " " 849 | sleep 3 850 | 851 | cd ~ 852 | cd yiimp/sql 853 | 854 | # Import sql dump 855 | sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 856 | 857 | # Oh the humanity! 858 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql 859 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql 860 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql 861 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql 862 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql 863 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql 864 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql 865 | sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql 866 | sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql 867 | sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql 868 | sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql 869 | sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql 870 | sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql 871 | sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql 872 | sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql 873 | sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql 874 | sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql 875 | 876 | 877 | # Generating a basic Yiimp serverconfig.php 878 | output " " 879 | output "Generating a basic Yiimp serverconfig.php" 880 | output " " 881 | sleep 3 882 | 883 | # Make config file 884 | echo ' 885 | 0.3 935 | define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); 936 | // nicehash keys deposit account & amount to deposit at a time 937 | define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); 938 | define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); 939 | define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); 940 | define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); 941 | $cold_wallet_table = array( 942 | '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, 943 | ); 944 | // Sample fixed pool fees 945 | $configFixedPoolFees = array( 946 | '"'"'zr5'"'"' => 2.0, 947 | '"'"'scrypt'"'"' => 20.0, 948 | '"'"'sha256'"'"' => 5.0, 949 | ); 950 | // Sample custom stratum ports 951 | $configCustomPorts = array( 952 | // '"'"'x11'"'"' => 7000, 953 | ); 954 | // mBTC Coefs per algo (default is 1.0) 955 | $configAlgoNormCoef = array( 956 | // '"'"'x11'"'"' => 5.0, 957 | ); 958 | ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 959 | 960 | 961 | # Updating stratum config files with database connection info 962 | output " " 963 | output "Updating stratum config files with database connection info." 964 | output " " 965 | sleep 3 966 | 967 | cd /var/stratum/config 968 | sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf 969 | sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf 970 | sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf 971 | sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf 972 | sudo sed -i 's/username = root/username = stratum/g' *.conf 973 | sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf 974 | cd ~ 975 | 976 | 977 | # Final Directory permissions 978 | output " " 979 | output "Final Directory permissions" 980 | output " " 981 | sleep 3 982 | 983 | whoami=`whoami` 984 | sudo mkdir /root/backup/ 985 | #sudo usermod -aG www-data $whoami 986 | #sudo chown -R www-data:www-data /var/log 987 | sudo chown -R www-data:www-data /var/stratum 988 | sudo chown -R www-data:www-data /var/web 989 | sudo touch /var/log/debug.log 990 | sudo chown -R www-data:www-data /var/log/debug.log 991 | sudo chmod -R 775 /var/www/$server_name/html 992 | sudo chmod -R 775 /var/web 993 | sudo chmod -R 775 /var/stratum 994 | sudo chmod -R 775 /var/web/yaamp/runtime 995 | sudo chmod -R 664 /root/backup/ 996 | sudo chmod -R 644 /var/log/debug.log 997 | sudo chmod -R 775 /var/web/serverconfig.php 998 | sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder 999 | sudo rm -rf /var/log/nginx/* 1000 | sudo systemctl reload php7.0-fpm.service 1001 | sudo systemctl restart nginx.service 1002 | 1003 | 1004 | output " " 1005 | output " " 1006 | output " " 1007 | output " " 1008 | output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.cnf. this installer did not directly install anything required to build coins." 1009 | output " " 1010 | output "Please make sure to change your wallet addresses in the /var/web/serverconfig.php file." 1011 | output " " 1012 | output "Please make sure to add your public and private keys." 1013 | output " " 1014 | output "TUTO Youtube : https://www.youtube.com/watch?v=vdBCw6_cyig" 1015 | output " " 1016 | output " " 1017 | -------------------------------------------------------------------------------- /old/install-v0.11.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Original Author: crombiecrunch 4 | # Fork Author: manfromafar 5 | # Current Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 6 | # Web: https://www.xavatar.com 7 | # 8 | # Program: 9 | # Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0 10 | # 11 | # 12 | ################################################################################ 13 | output() { 14 | printf "\E[0;33;40m" 15 | echo $1 16 | printf "\E[0m" 17 | } 18 | 19 | displayErr() { 20 | echo 21 | echo $1; 22 | echo 23 | exit 1; 24 | } 25 | 26 | #Add user group sudo + no password 27 | whoami=`whoami` 28 | sudo usermod -aG sudo ${whoami} 29 | echo '# yiimp 30 | # It needs passwordless sudo functionality. 31 | '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL 32 | ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 33 | 34 | #Copy needed files 35 | sudo cp -r ../utils/screen-scrypt.sh /etc/ 36 | sudo chmod +x /etc/screen-scrypt.sh 37 | 38 | 39 | clear 40 | output " " 41 | output "Yiimp Install Script v0.1" 42 | output "Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0" 43 | output " " 44 | sleep 3 45 | 46 | output " " 47 | output " " 48 | output "Make sure you double check before hitting enter! Only one shot at these!" 49 | output " " 50 | read -e -p "Enter time zone (e.g. America/New_York) : " TIME 51 | read -e -p "Server name (no http:// or www. just : example.com or pool.example.com) : " server_name 52 | read -e -p "Are you using a subdomain (pool.example.com?) [y/N] : " sub_domain 53 | read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL 54 | read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC 55 | read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel 56 | read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public 57 | read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban 58 | read -e -p "Install UFW and configure ports? [Y/n] : " UFW 59 | read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install 60 | 61 | 62 | # Update package and Upgrade Ubuntu 63 | output " " 64 | output "Updating system and installing required packages." 65 | output " " 66 | sleep 3 67 | 68 | sudo apt-get -y update 69 | sudo apt-get -y upgrade 70 | sudo apt-get -y autoremove 71 | 72 | 73 | # Switch Aptitude 74 | output " " 75 | output "Switching to Aptitude" 76 | output " " 77 | sleep 3 78 | 79 | sudo apt-get -y install aptitude 80 | 81 | 82 | # Installing Nginx 83 | output " " 84 | output "Installing Nginx server." 85 | output " " 86 | sleep 3 87 | 88 | sudo aptitude -y install nginx 89 | sudo rm /etc/nginx/sites-enabled/default 90 | sudo systemctl start nginx.service 91 | sudo systemctl enable nginx.service 92 | sudo systemctl start cron.service 93 | sudo systemctl enable cron.service 94 | 95 | 96 | # Making Nginx a bit hard 97 | echo 'map $http_user_agent $blockedagent { 98 | default 0; 99 | ~*malicious 1; 100 | ~*bot 1; 101 | ~*backdoor 1; 102 | ~*crawler 1; 103 | ~*bandit 1; 104 | } 105 | ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 106 | 107 | 108 | # Installing Mariadb 109 | output " " 110 | output "Installing Mariadb Server." 111 | output " " 112 | sleep 3 113 | 114 | # Create random password 115 | rootpasswd=$(openssl rand -base64 12) 116 | export DEBIAN_FRONTEND="noninteractive" 117 | sudo aptitude -y install mariadb-server 118 | sudo systemctl start mysql 119 | sudo systemctl enable mysql 120 | 121 | 122 | # Installing Installing php7.x 123 | output " " 124 | output "Installing php7.x" 125 | output " " 126 | sleep 3 127 | 128 | sudo aptitude -y install php7.0-fpm 129 | sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring 130 | sudo phpenmod mcrypt 131 | sudo phpenmod mbstring 132 | sudo systemctl start php7.0-fpm.service 133 | 134 | 135 | # Installing other needed files 136 | output " " 137 | output "Installing other needed files" 138 | output " " 139 | sleep 3 140 | 141 | sudo aptitude -y install libgmp3-dev 142 | sudo aptitude -y install libmysqlclient-dev 143 | sudo aptitude -y install libcurl4-gnutls-dev 144 | sudo aptitude -y install libkrb5-dev 145 | sudo aptitude -y install libldap2-dev 146 | sudo aptitude -y install libidn11-dev 147 | sudo aptitude -y install gnutls-dev 148 | sudo aptitude -y install librtmp-dev 149 | sudo aptitude -y install sendmail 150 | sudo aptitude -y install mutt 151 | sudo aptitude -y install git screen 152 | sudo aptitude -y install pwgen -y 153 | 154 | 155 | # Installing Package to compile crypto currency 156 | output " " 157 | output "Installing Package to compile crypto currency" 158 | output " " 159 | sleep 3 160 | 161 | sudo aptitude -y install software-properties-common build-essential 162 | sudo aptitude -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext 163 | sudo aptitude -y install libminiupnpc10 libzmq5 164 | sudo aptitude -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev 165 | sudo aptitude -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler 166 | sudo add-apt-repository -y ppa:bitcoin/bitcoin 167 | sudo apt-get -y update 168 | sudo apt-get install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ 169 | 170 | 171 | # Generating Random Passwords 172 | password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 173 | password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 174 | AUTOGENERATED_PASS=`pwgen -c -1 20` 175 | 176 | 177 | # Test Email 178 | output " " 179 | output "Testing to see if server emails are sent" 180 | output " " 181 | sleep 3 182 | 183 | if [[ "$root_email" != "" ]]; then 184 | echo $root_email > sudo tee --append ~/.email 185 | echo $root_email > sudo tee --append ~/.forward 186 | 187 | if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then 188 | echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message 189 | echo "You should receive this !" >> sudo tee --append /tmp/email.message 190 | echo "" >> sudo tee --append /tmp/email.message 191 | echo "Cheers" >> sudo tee --append /tmp/email.message 192 | sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message 193 | 194 | sudo rm -f /tmp/email.message 195 | echo "Mail sent" 196 | fi 197 | fi 198 | 199 | 200 | # Installing Fail2Ban & UFW 201 | output " " 202 | output "Some optional installs (Fail2Ban & UFW)" 203 | output " " 204 | sleep 3 205 | 206 | 207 | if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then 208 | sudo aptitude -y install fail2ban 209 | fi 210 | if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then 211 | sudo apt-get install ufw 212 | sudo ufw default deny incoming 213 | sudo ufw default allow outgoing 214 | sudo ufw allow ssh 215 | sudo ufw allow http 216 | sudo ufw allow https 217 | sudo ufw allow 3333/tcp 218 | sudo ufw allow 3339/tcp 219 | sudo ufw allow 3334/tcp 220 | sudo ufw allow 3433/tcp 221 | sudo ufw allow 3555/tcp 222 | sudo ufw allow 3556/tcp 223 | sudo ufw allow 3573/tcp 224 | sudo ufw allow 3535/tcp 225 | sudo ufw allow 3533/tcp 226 | sudo ufw allow 3553/tcp 227 | sudo ufw allow 3633/tcp 228 | sudo ufw allow 3733/tcp 229 | sudo ufw allow 3636/tcp 230 | sudo ufw allow 3737/tcp 231 | sudo ufw allow 3739/tcp 232 | sudo ufw allow 3747/tcp 233 | sudo ufw allow 3833/tcp 234 | sudo ufw allow 3933/tcp 235 | sudo ufw allow 4033/tcp 236 | sudo ufw allow 4133/tcp 237 | sudo ufw allow 4233/tcp 238 | sudo ufw allow 4234/tcp 239 | sudo ufw allow 4333/tcp 240 | sudo ufw allow 4433/tcp 241 | sudo ufw allow 4533/tcp 242 | sudo ufw allow 4553/tcp 243 | sudo ufw allow 4633/tcp 244 | sudo ufw allow 4733/tcp 245 | sudo ufw allow 4833/tcp 246 | sudo ufw allow 4933/tcp 247 | sudo ufw allow 5033/tcp 248 | sudo ufw allow 5133/tcp 249 | sudo ufw allow 5233/tcp 250 | sudo ufw allow 5333/tcp 251 | sudo ufw allow 5433/tcp 252 | sudo ufw allow 5533/tcp 253 | sudo ufw allow 5733/tcp 254 | sudo ufw allow 5743/tcp 255 | sudo ufw allow 3252/tcp 256 | sudo ufw allow 5755/tcp 257 | sudo ufw allow 5766/tcp 258 | sudo ufw allow 5833/tcp 259 | sudo ufw allow 5933/tcp 260 | sudo ufw allow 6033/tcp 261 | sudo ufw allow 5034/tcp 262 | sudo ufw allow 6133/tcp 263 | sudo ufw allow 6233/tcp 264 | sudo ufw allow 6333/tcp 265 | sudo ufw allow 6433/tcp 266 | sudo ufw allow 7433/tcp 267 | sudo ufw allow 8333/tcp 268 | sudo ufw allow 8463/tcp 269 | sudo ufw allow 8433/tcp 270 | sudo ufw allow 8533/tcp 271 | sudo ufw --force enable 272 | fi 273 | 274 | 275 | # Installing PhpMyAdmin 276 | output " " 277 | output "Installing phpmyadmin" 278 | output " " 279 | sleep 3 280 | 281 | echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections 282 | echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections 283 | echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections 284 | echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections 285 | echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections 286 | echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections 287 | sudo aptitude -y install phpmyadmin 288 | 289 | 290 | # Installing Yiimp 291 | output " " 292 | output " Installing Yiimp" 293 | output " " 294 | output "Grabbing yiimp fron Github, building files and setting file structure." 295 | output " " 296 | sleep 3 297 | 298 | 299 | # Generating Random Password for stratum 300 | blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 301 | 302 | # Compil Blocknotify 303 | cd ~ 304 | git clone https://github.com/tpruvot/yiimp.git 305 | cd $HOME/yiimp/blocknotify 306 | sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp 307 | sudo make 308 | 309 | # Compil iniparser 310 | cd $HOME/yiimp/stratum/iniparser 311 | sudo make 312 | 313 | # Compil Stratum 314 | cd $HOME/yiimp/stratum 315 | if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then 316 | sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile 317 | sudo make 318 | fi 319 | sudo make 320 | 321 | # Copy Files (Blocknotify,iniparser,Stratum) 322 | cd $HOME/yiimp 323 | sudo sed -i 's/AdminRights/'$admin_panel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php 324 | sudo cp -r $HOME/yiimp/web /var/ 325 | sudo mkdir -p /var/stratum 326 | cd $HOME/yiimp/stratum 327 | sudo cp -a config.sample/. /var/stratum/config 328 | sudo cp -r stratum /var/stratum 329 | sudo cp -r run.sh /var/stratum 330 | cd $HOME/yiimp 331 | sudo cp -r $HOME/yiimp/bin/. /bin/ 332 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ 333 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ 334 | sudo mkdir -p /etc/yiimp 335 | sudo mkdir -p /$HOME/backup/ 336 | #fixing yiimp 337 | sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp 338 | #fixing run.sh 339 | sudo rm -r /var/stratum/config/run.sh 340 | echo ' 341 | #!/bin/bash 342 | ulimit -n 10240 343 | ulimit -u 10240 344 | cd /var/stratum 345 | while true; do 346 | ./stratum /var/stratum/config/$1 347 | sleep 2 348 | done 349 | exec bash 350 | ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 351 | sudo chmod +x /var/stratum/config/run.sh 352 | 353 | 354 | # Update Timezone 355 | output " " 356 | output "Update default timezone." 357 | output " " 358 | 359 | # Check if link file 360 | sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime 361 | 362 | # Update time zone 363 | sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime 364 | sudo aptitude -y install ntpdate 365 | 366 | # Write time to clock. 367 | sudo hwclock -w 368 | 369 | 370 | # Making Web Server Magic Happen 371 | output " " 372 | output "Making Web Server Magic Happen!" 373 | output " " 374 | 375 | # Adding user to group, creating dir structure, setting permissions 376 | sudo mkdir -p /var/www/$server_name/html 377 | 378 | 379 | # Creating webserver initial config file 380 | output " " 381 | output "Creating webserver initial config file" 382 | output " " 383 | 384 | if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then 385 | echo 'include /etc/nginx/blockuseragents.rules; 386 | server { 387 | if ($blockedagent) { 388 | return 403; 389 | } 390 | if ($request_method !~ ^(GET|HEAD|POST)$) { 391 | return 444; 392 | } 393 | listen 80; 394 | listen [::]:80; 395 | server_name '"${server_name}"'; 396 | root "/var/www/'"${server_name}"'/html/web"; 397 | index index.html index.htm index.php; 398 | charset utf-8; 399 | 400 | location / { 401 | try_files $uri $uri/ /index.php?$args; 402 | } 403 | location @rewrite { 404 | rewrite ^/(.*)$ /index.php?r=$1; 405 | } 406 | 407 | location = /favicon.ico { access_log off; log_not_found off; } 408 | location = /robots.txt { access_log off; log_not_found off; } 409 | 410 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 411 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 412 | 413 | # allow larger file uploads and longer script runtimes 414 | client_body_buffer_size 50k; 415 | client_header_buffer_size 50k; 416 | client_max_body_size 50k; 417 | large_client_header_buffers 2 50k; 418 | sendfile off; 419 | 420 | location ~ ^/index\.php$ { 421 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 422 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 423 | fastcgi_index index.php; 424 | include fastcgi_params; 425 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 426 | fastcgi_intercept_errors off; 427 | fastcgi_buffer_size 16k; 428 | fastcgi_buffers 4 16k; 429 | fastcgi_connect_timeout 300; 430 | fastcgi_send_timeout 300; 431 | fastcgi_read_timeout 300; 432 | try_files $uri $uri/ =404; 433 | } 434 | location ~ \.php$ { 435 | return 404; 436 | } 437 | location ~ \.sh { 438 | return 404; 439 | } 440 | location ~ /\.ht { 441 | deny all; 442 | } 443 | location ~ /.well-known { 444 | allow all; 445 | } 446 | location /phpmyadmin { 447 | root /usr/share/; 448 | index index.php; 449 | try_files $uri $uri/ =404; 450 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 451 | deny all; 452 | } 453 | location ~ /phpmyadmin/(.+\.php)$ { 454 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 455 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 456 | include fastcgi_params; 457 | include snippets/fastcgi-php.conf; 458 | } 459 | } 460 | } 461 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 462 | 463 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 464 | sudo ln -s /var/web /var/www/$server_name/html 465 | sudo systemctl reload php7.0-fpm.service 466 | sudo systemctl restart nginx.service 467 | 468 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 469 | 470 | # Install SSL (with SubDomain) 471 | output " " 472 | output "Install LetsEncrypt and setting SSL (with SubDomain)" 473 | output " " 474 | 475 | sudo aptitude -y install letsencrypt 476 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" 477 | sudo rm /etc/nginx/sites-available/$server_name.conf 478 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 479 | # I am SSL Man! 480 | echo 'include /etc/nginx/blockuseragents.rules; 481 | server { 482 | if ($blockedagent) { 483 | return 403; 484 | } 485 | if ($request_method !~ ^(GET|HEAD|POST)$) { 486 | return 444; 487 | } 488 | listen 80; 489 | listen [::]:80; 490 | server_name '"${server_name}"'; 491 | # enforce https 492 | return 301 https://$server_name$request_uri; 493 | } 494 | 495 | server { 496 | if ($blockedagent) { 497 | return 403; 498 | } 499 | if ($request_method !~ ^(GET|HEAD|POST)$) { 500 | return 444; 501 | } 502 | listen 443 ssl http2; 503 | listen [::]:443 ssl http2; 504 | server_name '"${server_name}"'; 505 | 506 | root /var/www/'"${server_name}"'/html/web; 507 | index index.php; 508 | 509 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 510 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 511 | 512 | # allow larger file uploads and longer script runtimes 513 | client_body_buffer_size 50k; 514 | client_header_buffer_size 50k; 515 | client_max_body_size 50k; 516 | large_client_header_buffers 2 50k; 517 | sendfile off; 518 | 519 | # strengthen ssl security 520 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 521 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 522 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 523 | ssl_prefer_server_ciphers on; 524 | ssl_session_cache shared:SSL:10m; 525 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 526 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 527 | 528 | # Add headers to serve security related headers 529 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 530 | add_header X-Content-Type-Options nosniff; 531 | add_header X-XSS-Protection "1; mode=block"; 532 | add_header X-Robots-Tag none; 533 | add_header Content-Security-Policy "frame-ancestors 'self'"; 534 | 535 | location / { 536 | try_files $uri $uri/ /index.php?$args; 537 | } 538 | location @rewrite { 539 | rewrite ^/(.*)$ /index.php?r=$1; 540 | } 541 | 542 | 543 | location ~ ^/index\.php$ { 544 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 545 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 546 | fastcgi_index index.php; 547 | include fastcgi_params; 548 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 549 | fastcgi_intercept_errors off; 550 | fastcgi_buffer_size 16k; 551 | fastcgi_buffers 4 16k; 552 | fastcgi_connect_timeout 300; 553 | fastcgi_send_timeout 300; 554 | fastcgi_read_timeout 300; 555 | include /etc/nginx/fastcgi_params; 556 | try_files $uri $uri/ =404; 557 | } 558 | location ~ \.php$ { 559 | return 404; 560 | } 561 | location ~ \.sh { 562 | return 404; 563 | } 564 | 565 | location ~ /\.ht { 566 | deny all; 567 | } 568 | location /phpmyadmin { 569 | root /usr/share/; 570 | index index.php; 571 | try_files $uri $uri/ =404; 572 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 573 | deny all; 574 | } 575 | location ~ /phpmyadmin/(.+\.php)$ { 576 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 577 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 578 | include fastcgi_params; 579 | include snippets/fastcgi-php.conf; 580 | } 581 | } 582 | } 583 | 584 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 585 | fi 586 | 587 | sudo systemctl reload php7.0-fpm.service 588 | sudo systemctl restart nginx.service 589 | 590 | else 591 | echo 'include /etc/nginx/blockuseragents.rules; 592 | server { 593 | if ($blockedagent) { 594 | return 403; 595 | } 596 | if ($request_method !~ ^(GET|HEAD|POST)$) { 597 | return 444; 598 | } 599 | listen 80; 600 | listen [::]:80; 601 | server_name '"${server_name}"' www.'"${server_name}"'; 602 | root "/var/www/'"${server_name}"'/html/web"; 603 | index index.html index.htm index.php; 604 | charset utf-8; 605 | 606 | location / { 607 | try_files $uri $uri/ /index.php?$args; 608 | } 609 | location @rewrite { 610 | rewrite ^/(.*)$ /index.php?r=$1; 611 | } 612 | 613 | location = /favicon.ico { access_log off; log_not_found off; } 614 | location = /robots.txt { access_log off; log_not_found off; } 615 | 616 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 617 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 618 | 619 | # allow larger file uploads and longer script runtimes 620 | client_body_buffer_size 50k; 621 | client_header_buffer_size 50k; 622 | client_max_body_size 50k; 623 | large_client_header_buffers 2 50k; 624 | sendfile off; 625 | 626 | location ~ ^/index\.php$ { 627 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 628 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 629 | fastcgi_index index.php; 630 | include fastcgi_params; 631 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 632 | fastcgi_intercept_errors off; 633 | fastcgi_buffer_size 16k; 634 | fastcgi_buffers 4 16k; 635 | fastcgi_connect_timeout 300; 636 | fastcgi_send_timeout 300; 637 | fastcgi_read_timeout 300; 638 | try_files $uri $uri/ =404; 639 | } 640 | location ~ \.php$ { 641 | return 404; 642 | } 643 | location ~ \.sh { 644 | return 404; 645 | } 646 | location ~ /\.ht { 647 | deny all; 648 | } 649 | location ~ /.well-known { 650 | allow all; 651 | } 652 | location /phpmyadmin { 653 | root /usr/share/; 654 | index index.php; 655 | try_files $uri $uri/ =404; 656 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 657 | deny all; 658 | } 659 | location ~ /phpmyadmin/(.+\.php)$ { 660 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 661 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 662 | include fastcgi_params; 663 | include snippets/fastcgi-php.conf; 664 | } 665 | } 666 | } 667 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 668 | 669 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 670 | sudo ln -s /var/web /var/www/$server_name/html 671 | sudo systemctl reload php7.0-fpm.service 672 | sudo systemctl restart nginx.service 673 | 674 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 675 | 676 | # Install SSL (without SubDomain) 677 | output " " 678 | output "Install LetsEncrypt and setting SSL (without SubDomain)" 679 | output " " 680 | sleep 3 681 | 682 | sudo aptitude -y install letsencrypt 683 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" 684 | sudo rm /etc/nginx/sites-available/$server_name.conf 685 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 686 | # I am SSL Man! 687 | echo 'include /etc/nginx/blockuseragents.rules; 688 | server { 689 | if ($blockedagent) { 690 | return 403; 691 | } 692 | if ($request_method !~ ^(GET|HEAD|POST)$) { 693 | return 444; 694 | } 695 | listen 80; 696 | listen [::]:80; 697 | server_name '"${server_name}"'; 698 | # enforce https 699 | return 301 https://$server_name$request_uri; 700 | } 701 | 702 | server { 703 | if ($blockedagent) { 704 | return 403; 705 | } 706 | if ($request_method !~ ^(GET|HEAD|POST)$) { 707 | return 444; 708 | } 709 | listen 443 ssl http2; 710 | listen [::]:443 ssl http2; 711 | server_name '"${server_name}"' www.'"${server_name}"'; 712 | 713 | root /var/www/'"${server_name}"'/html/web; 714 | index index.php; 715 | 716 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 717 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 718 | 719 | # allow larger file uploads and longer script runtimes 720 | client_body_buffer_size 50k; 721 | client_header_buffer_size 50k; 722 | client_max_body_size 50k; 723 | large_client_header_buffers 2 50k; 724 | sendfile off; 725 | 726 | # strengthen ssl security 727 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 728 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 729 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 730 | ssl_prefer_server_ciphers on; 731 | ssl_session_cache shared:SSL:10m; 732 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 733 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 734 | 735 | # Add headers to serve security related headers 736 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 737 | add_header X-Content-Type-Options nosniff; 738 | add_header X-XSS-Protection "1; mode=block"; 739 | add_header X-Robots-Tag none; 740 | add_header Content-Security-Policy "frame-ancestors 'self'"; 741 | 742 | location / { 743 | try_files $uri $uri/ /index.php?$args; 744 | } 745 | location @rewrite { 746 | rewrite ^/(.*)$ /index.php?r=$1; 747 | } 748 | 749 | 750 | location ~ ^/index\.php$ { 751 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 752 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 753 | fastcgi_index index.php; 754 | include fastcgi_params; 755 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 756 | fastcgi_intercept_errors off; 757 | fastcgi_buffer_size 16k; 758 | fastcgi_buffers 4 16k; 759 | fastcgi_connect_timeout 300; 760 | fastcgi_send_timeout 300; 761 | fastcgi_read_timeout 300; 762 | include /etc/nginx/fastcgi_params; 763 | try_files $uri $uri/ =404; 764 | } 765 | location ~ \.php$ { 766 | return 404; 767 | } 768 | location ~ \.sh { 769 | return 404; 770 | } 771 | 772 | location ~ /\.ht { 773 | deny all; 774 | } 775 | location /phpmyadmin { 776 | root /usr/share/; 777 | index index.php; 778 | try_files $uri $uri/ =404; 779 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 780 | deny all; 781 | } 782 | location ~ /phpmyadmin/(.+\.php)$ { 783 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 784 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 785 | include fastcgi_params; 786 | include snippets/fastcgi-php.conf; 787 | } 788 | } 789 | } 790 | 791 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 792 | 793 | fi 794 | sudo systemctl reload php7.0-fpm.service 795 | sudo systemctl restart nginx.service 796 | fi 797 | 798 | 799 | # Config Database 800 | output " " 801 | output "Now for the database fun!" 802 | output " " 803 | sleep 3 804 | 805 | # Create database 806 | Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" 807 | Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" 808 | Q3="FLUSH PRIVILEGES;" 809 | SQL="${Q1}${Q2}${Q3}" 810 | sudo mysql -u root -p="" -e "$SQL" 811 | 812 | # Create stratum user 813 | Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" 814 | Q2="FLUSH PRIVILEGES;" 815 | SQL="${Q1}${Q2}" 816 | sudo mysql -u root -p="" -e "$SQL" 817 | 818 | #Create my.cnf 819 | 820 | echo ' 821 | [clienthost1] 822 | user=panel 823 | password='"${password}"' 824 | database=yiimpfrontend 825 | host=localhost 826 | [clienthost2] 827 | user=stratum 828 | password='"${password2}"' 829 | database=yiimpfrontend 830 | host=localhost 831 | [myphpadmin] 832 | user=phpmyadmin 833 | password='"${AUTOGENERATED_PASS}"' 834 | [mysql] 835 | user=root 836 | password='"${rootpasswd}"' 837 | ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 838 | sudo chmod 0600 ~/.my.cnf 839 | 840 | # Create keys file 841 | echo ' 842 | '"'"'); 849 | define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); 850 | define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); 851 | define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); 852 | define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); 853 | define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); 854 | define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); 855 | define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); 856 | define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); 857 | define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); 858 | define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); 859 | define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); 860 | define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); 861 | define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); 862 | ' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 863 | 864 | 865 | # Peforming the SQL import 866 | output " " 867 | output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you" 868 | output " " 869 | output "Peforming the SQL import" 870 | output " " 871 | sleep 3 872 | 873 | cd ~ 874 | cd yiimp/sql 875 | 876 | # Import sql dump 877 | sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 878 | 879 | # Oh the humanity! 880 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql 881 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql 882 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql 883 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql 884 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql 885 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql 886 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql 887 | sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql 888 | sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql 889 | sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql 890 | sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql 891 | sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql 892 | sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql 893 | sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql 894 | sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql 895 | sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql 896 | sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql 897 | 898 | 899 | # Generating a basic Yiimp serverconfig.php 900 | output " " 901 | output "Generating a basic Yiimp serverconfig.php" 902 | output " " 903 | sleep 3 904 | 905 | # Make config file 906 | echo ' 907 | 0.3 975 | define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); 976 | 977 | // nicehash keys deposit account & amount to deposit at a time 978 | define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); 979 | define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); 980 | define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); 981 | define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); 982 | 983 | $cold_wallet_table = array( 984 | '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, 985 | ); 986 | 987 | // Sample fixed pool fees 988 | $configFixedPoolFees = array( 989 | '"'"'zr5'"'"' => 2.0, 990 | '"'"'scrypt'"'"' => 20.0, 991 | '"'"'sha256'"'"' => 5.0, 992 | ); 993 | 994 | // Sample custom stratum ports 995 | $configCustomPorts = array( 996 | // '"'"'x11'"'"' => 7000, 997 | ); 998 | 999 | // mBTC Coefs per algo (default is 1.0) 1000 | $configAlgoNormCoef = array( 1001 | // '"'"'x11'"'"' => 5.0, 1002 | ); 1003 | ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 1004 | 1005 | 1006 | # Updating stratum config files with database connection info 1007 | output " " 1008 | output "Updating stratum config files with database connection info." 1009 | output " " 1010 | sleep 3 1011 | 1012 | cd /var/stratum/config 1013 | sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf 1014 | sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf 1015 | sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf 1016 | sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf 1017 | sudo sed -i 's/username = root/username = stratum/g' *.conf 1018 | sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf 1019 | cd ~ 1020 | 1021 | 1022 | # Final Directory permissions 1023 | output " " 1024 | output "Final Directory permissions" 1025 | output " " 1026 | sleep 3 1027 | 1028 | whoami=`whoami` 1029 | sudo usermod -aG www-data $whoami 1030 | sudo usermod -a -G www-data $whoami 1031 | 1032 | sudo find /var/web -type d -exec chmod 775 {} + 1033 | sudo find /var/web -type f -exec chmod 664 {} + 1034 | sudo chgrp www-data /var/web -R 1035 | sudo chmod g+w /var/web -R 1036 | 1037 | sudo mkdir /var/log/yiimp 1038 | sudo touch /var/log/yiimp/debug.log 1039 | sudo chgrp www-data /var/log/yiimp -R 1040 | sudo chmod 775 /var/log/yiimp -R 1041 | 1042 | sudo chgrp www-data /var/stratum -R 1043 | sudo chmod 775 /var/stratum 1044 | 1045 | sudo mkdir -p /var/yiimp/sauv 1046 | sudo chgrp www-data /var/yiimp -R 1047 | sudo chmod 775 /var/yiimp -R 1048 | 1049 | 1050 | #Add to contrab screen-scrypt 1051 | (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - 1052 | 1053 | #fix error screen main "service" 1054 | sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php 1055 | sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php 1056 | 1057 | #fix error screen main "backup sql frontend" 1058 | sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php 1059 | sudo sed -i '14d' /var/web/yaamp/defaultconfig.php 1060 | 1061 | #Misc 1062 | sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder 1063 | sudo rm -rf /var/log/nginx/* 1064 | 1065 | #Hold update OpenSSL 1066 | #If you want remove the hold : sudo apt-mark unhold openssl 1067 | sudo apt-mark hold openssl 1068 | 1069 | sudo systemctl reload php7.0-fpm.service 1070 | sudo systemctl restart nginx.service 1071 | 1072 | 1073 | output " " 1074 | output " " 1075 | output " " 1076 | output " " 1077 | output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.cnf. this installer did not directly install anything required to build coins." 1078 | output " " 1079 | output "Please make sure to change your wallet addresses in the /var/web/serverconfig.php file." 1080 | output " " 1081 | output "Please make sure to add your public and private keys." 1082 | output " " 1083 | output "TUTO Youtube : https://www.youtube.com/watch?v=vdBCw6_cyig" 1084 | output " " 1085 | output " " 1086 | echo -e "$RED***************************************************$COL_RESET" 1087 | echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" 1088 | echo -e "$RED***************************************************$COL_RESET" 1089 | echo 1090 | echo 1091 | -------------------------------------------------------------------------------- /install-debug.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Original Author: crombiecrunch 4 | # Modified by : Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 5 | # Web: https://www.xavatar.com 6 | # 7 | # Program: 8 | # Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 9 | # v0.2 (update Avril, 2020) 10 | # 11 | ################################################################################ 12 | 13 | 14 | output() { 15 | printf "\E[0;33;40m" 16 | echo $1 17 | printf "\E[0m" 18 | } 19 | 20 | displayErr() { 21 | echo 22 | echo $1; 23 | echo 24 | exit 1; 25 | } 26 | 27 | #Add user group sudo + no password 28 | whoami=`whoami` 29 | sudo usermod -aG sudo ${whoami} 30 | echo '# yiimp 31 | # It needs passwordless sudo functionality. 32 | '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL 33 | ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 34 | 35 | #Copy needed files 36 | sudo cp -r conf/functions.sh /etc/ 37 | sudo cp -r utils/screen-scrypt.sh /etc/ 38 | sudo cp -r conf/editconf.py /usr/bin/ 39 | sudo chmod +x /usr/bin/editconf.py 40 | sudo chmod +x /etc/screen-scrypt.sh 41 | 42 | source /etc/functions.sh 43 | 44 | 45 | clear 46 | echo 47 | echo -e "$GREEN************************************************************************$COL_RESET" 48 | echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" 49 | echo -e "$GREEN Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 $COL_RESET" 50 | echo -e "$GREEN************************************************************************$COL_RESET" 51 | echo 52 | sleep 3 53 | 54 | 55 | # Update package and Upgrade Ubuntu 56 | echo 57 | echo 58 | echo -e "$CYAN => Updating system and installing required packages :$COL_RESET" 59 | echo 60 | sleep 3 61 | 62 | sudo apt -y update 63 | sudo apt -y upgrade 64 | sudo apt -y autoremove 65 | sudo apt -y install dialog python3 python3-pip acl nano apt-transport-https 66 | echo -e "$GREEN Done...$COL_RESET" 67 | 68 | 69 | source conf/prerequisite.sh 70 | sleep 3 71 | source conf/getip.sh 72 | 73 | 74 | echo 'PUBLIC_IP='"${PUBLIC_IP}"' 75 | PUBLIC_IPV6='"${PUBLIC_IPV6}"' 76 | DISTRO='"${DISTRO}"' 77 | PRIVATE_IP='"${PRIVATE_IP}"'' | sudo -E tee conf/pool.conf >/dev/null 2>&1 78 | 79 | echo 80 | echo 81 | echo -e "$RED Make sure you double check before hitting enter! Only one shot at these! $COL_RESET" 82 | echo 83 | #read -e -p "Enter time zone (e.g. America/New_York) : " TIME 84 | read -e -p "Domain Name (no http:// or www. just : example.com or pool.example.com or 185.22.24.26) : " server_name 85 | read -e -p "Are you using a subdomain (mycryptopool.example.com?) [y/N] : " sub_domain 86 | read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL 87 | read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC 88 | #read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel 89 | read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public 90 | read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban 91 | read -e -p "Install UFW and configure ports? [Y/n] : " UFW 92 | read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install 93 | 94 | 95 | # Switch Aptitude 96 | #echo 97 | #echo -e "$CYAN Switching to Aptitude $COL_RESET" 98 | #echo 99 | #sleep 3 100 | #sudo apt -y install aptitude 101 | #echo -e "$GREEN Done...$COL_RESET $COL_RESET" 102 | 103 | 104 | # Installing Nginx 105 | echo 106 | echo 107 | echo -e "$CYAN => Installing Nginx server : $COL_RESET" 108 | echo 109 | sleep 3 110 | 111 | if [ -f /usr/sbin/apache2 ]; then 112 | echo -e "Removing apache..." 113 | apt-get -y purge apache2 apache2-* 114 | apt-get -y --purge autoremove 115 | fi 116 | 117 | sudo apt -y install nginx 118 | sudo rm /etc/nginx/sites-enabled/default 119 | sudo systemctl start nginx.service 120 | sudo systemctl enable nginx.service 121 | sudo systemctl start cron.service 122 | sudo systemctl enable cron.service 123 | sleep 5 124 | sudo systemctl status nginx | sed -n "1,3p" 125 | sleep 15 126 | echo 127 | echo -e "$GREEN Done...$COL_RESET" 128 | 129 | 130 | # Making Nginx a bit hard 131 | echo 'map $http_user_agent $blockedagent { 132 | default 0; 133 | ~*malicious 1; 134 | ~*bot 1; 135 | ~*backdoor 1; 136 | ~*crawler 1; 137 | ~*bandit 1; 138 | } 139 | ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 140 | 141 | 142 | # Installing Mariadb 143 | echo 144 | echo 145 | echo -e "$CYAN => Installing Mariadb Server : $COL_RESET" 146 | echo 147 | sleep 3 148 | 149 | # Create random password 150 | rootpasswd=$(openssl rand -base64 12) 151 | export DEBIAN_FRONTEND="noninteractive" 152 | sudo apt -y install mariadb-server 153 | sudo systemctl start mysql 154 | sudo systemctl enable mysql 155 | sleep 5 156 | sudo systemctl status mysql | sed -n "1,3p" 157 | sleep 15 158 | echo 159 | echo -e "$GREEN Done...$COL_RESET" 160 | 161 | 162 | # Installing Installing php7.3 163 | echo 164 | echo 165 | echo -e "$CYAN => Installing php7.3 : $COL_RESET" 166 | echo 167 | sleep 3 168 | 169 | source conf/pool.conf 170 | if [ ! -f /etc/apt/sources.list.d/ondrej-php-bionic.list ]; then 171 | sudo add-apt-repository -y ppa:ondrej/php 172 | fi 173 | sudo apt -y update 174 | 175 | if [[ ("$DISTRO" == "16") ]]; then 176 | sudo apt -y install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ 177 | php7.3-cgi php-pear php-auth imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ 178 | php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring 179 | #sudo phpenmod mcrypt 180 | #sudo phpenmod mbstring 181 | else 182 | sudo apt -y install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ 183 | php7.3-cgi php-pear imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ 184 | php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring \ 185 | libpsl-dev libnghttp2-dev 186 | fi 187 | sleep 5 188 | sudo systemctl start php7.3-fpm 189 | sudo systemctl status php7.3-fpm | sed -n "1,3p" 190 | sleep 15 191 | echo 192 | echo -e "$GREEN Done...$COL_RESET" 193 | 194 | 195 | # Installing other needed files 196 | echo 197 | echo 198 | echo -e "$CYAN => Installing other needed files : $COL_RESET" 199 | echo 200 | sleep 3 201 | 202 | sudo apt -y install libgmp3-dev libmysqlclient-dev libcurl4-gnutls-dev libkrb5-dev libldap2-dev libidn11-dev gnutls-dev \ 203 | librtmp-dev sendmail mutt screen git 204 | sudo apt -y install pwgen -y 205 | echo -e "$GREEN Done...$COL_RESET" 206 | sleep 3 207 | 208 | 209 | # Installing Package to compile crypto currency 210 | echo 211 | echo 212 | echo -e "$CYAN => Installing Package to compile crypto currency $COL_RESET" 213 | echo 214 | sleep 3 215 | 216 | sudo apt -y install software-properties-common build-essential 217 | sudo apt -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext 218 | sudo apt -y install libminiupnpc10 libzmq5 219 | sudo apt -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev 220 | sudo apt -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler 221 | sudo add-apt-repository -y ppa:bitcoin/bitcoin 222 | sudo apt -y update 223 | sudo apt -y install libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ 224 | echo -e "$GREEN Done...$COL_RESET" 225 | 226 | 227 | # Generating Random Passwords 228 | password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 229 | password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 230 | AUTOGENERATED_PASS=`pwgen -c -1 20` 231 | 232 | 233 | # Test Email 234 | echo 235 | echo 236 | echo -e "$CYAN => Testing to see if server emails are sent $COL_RESET" 237 | echo 238 | sleep 3 239 | 240 | if [[ "$root_email" != "" ]]; then 241 | echo $root_email > sudo tee --append ~/.email 242 | echo $root_email > sudo tee --append ~/.forward 243 | 244 | if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then 245 | echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message 246 | echo "You should receive this !" >> sudo tee --append /tmp/email.message 247 | echo "" >> sudo tee --append /tmp/email.message 248 | echo "Cheers" >> sudo tee --append /tmp/email.message 249 | sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message 250 | 251 | sudo rm -f /tmp/email.message 252 | echo "Mail sent" 253 | fi 254 | fi 255 | echo -e "$GREEN Done...$COL_RESET" 256 | 257 | # Installing Fail2Ban & UFW 258 | echo 259 | echo 260 | echo -e "$CYAN => Some optional installs (Fail2Ban & UFW) $COL_RESET" 261 | echo 262 | sleep 3 263 | 264 | 265 | if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then 266 | sudo apt -y install fail2ban 267 | sleep 5 268 | sudo systemctl status fail2ban | sed -n "1,3p" 269 | fi 270 | 271 | 272 | if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then 273 | sudo apt -y install ufw 274 | sudo ufw default deny incoming 275 | sudo ufw default allow outgoing 276 | sudo ufw allow ssh 277 | sudo ufw allow http 278 | sudo ufw allow https 279 | sudo ufw allow 3333/tcp 280 | sudo ufw allow 3339/tcp 281 | sudo ufw allow 3334/tcp 282 | sudo ufw allow 3433/tcp 283 | sudo ufw allow 3555/tcp 284 | sudo ufw allow 3556/tcp 285 | sudo ufw allow 3573/tcp 286 | sudo ufw allow 3535/tcp 287 | sudo ufw allow 3533/tcp 288 | sudo ufw allow 3553/tcp 289 | sudo ufw allow 3633/tcp 290 | sudo ufw allow 3733/tcp 291 | sudo ufw allow 3636/tcp 292 | sudo ufw allow 3737/tcp 293 | sudo ufw allow 3739/tcp 294 | sudo ufw allow 3747/tcp 295 | sudo ufw allow 3833/tcp 296 | sudo ufw allow 3933/tcp 297 | sudo ufw allow 4033/tcp 298 | sudo ufw allow 4133/tcp 299 | sudo ufw allow 4233/tcp 300 | sudo ufw allow 4234/tcp 301 | sudo ufw allow 4333/tcp 302 | sudo ufw allow 4433/tcp 303 | sudo ufw allow 4533/tcp 304 | sudo ufw allow 4553/tcp 305 | sudo ufw allow 4633/tcp 306 | sudo ufw allow 4733/tcp 307 | sudo ufw allow 4833/tcp 308 | sudo ufw allow 4933/tcp 309 | sudo ufw allow 5033/tcp 310 | sudo ufw allow 5133/tcp 311 | sudo ufw allow 5233/tcp 312 | sudo ufw allow 5333/tcp 313 | sudo ufw allow 5433/tcp 314 | sudo ufw allow 5533/tcp 315 | sudo ufw allow 5733/tcp 316 | sudo ufw allow 5743/tcp 317 | sudo ufw allow 3252/tcp 318 | sudo ufw allow 5755/tcp 319 | sudo ufw allow 5766/tcp 320 | sudo ufw allow 5833/tcp 321 | sudo ufw allow 5933/tcp 322 | sudo ufw allow 6033/tcp 323 | sudo ufw allow 5034/tcp 324 | sudo ufw allow 6133/tcp 325 | sudo ufw allow 6233/tcp 326 | sudo ufw allow 6333/tcp 327 | sudo ufw allow 6433/tcp 328 | sudo ufw allow 7433/tcp 329 | sudo ufw allow 8333/tcp 330 | sudo ufw allow 8463/tcp 331 | sudo ufw allow 8433/tcp 332 | sudo ufw allow 8533/tcp 333 | sudo ufw --force enable 334 | sleep 5 335 | sudo systemctl status ufw | sed -n "1,3p" 336 | fi 337 | 338 | 339 | echo 340 | echo -e "$GREEN Done...$COL_RESET" 341 | 342 | 343 | # Installing PhpMyAdmin 344 | echo 345 | echo 346 | echo -e "$CYAN => Installing phpMyAdmin $COL_RESET" 347 | echo 348 | sleep 3 349 | 350 | echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections 351 | echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections 352 | echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections 353 | echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections 354 | echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections 355 | echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections 356 | sudo apt -y install phpmyadmin 357 | echo -e "$GREEN Done...$COL_RESET" 358 | 359 | 360 | # Installing Yiimp 361 | echo 362 | echo 363 | echo -e "$CYAN => Installing Yiimp $COL_RESET" 364 | echo 365 | echo -e "Grabbing yiimp fron Github, building files and setting file structure." 366 | echo 367 | sleep 3 368 | 369 | 370 | # Generating Random Password for stratum 371 | blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 372 | 373 | # Compil Blocknotify 374 | cd ~ 375 | git clone https://github.com/tpruvot/yiimp 376 | cd $HOME/yiimp/blocknotify 377 | sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp 378 | sudo make 379 | 380 | # Compil iniparser 381 | cd $HOME/yiimp/stratum/iniparser 382 | sudo make 383 | 384 | # Compil Stratum 385 | cd $HOME/yiimp/stratum 386 | if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then 387 | sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile 388 | fi 389 | sudo make 390 | 391 | # Copy Files (Blocknotify,iniparser,Stratum) 392 | cd $HOME/yiimp 393 | sudo sed -i 's/AdminRights/'AdminPanel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php 394 | sudo cp -r $HOME/yiimp/web /var/ 395 | sudo mkdir -p /var/stratum 396 | cd $HOME/yiimp/stratum 397 | sudo cp -a config.sample/. /var/stratum/config 398 | sudo cp -r stratum /var/stratum 399 | sudo cp -r run.sh /var/stratum 400 | cd $HOME/yiimp 401 | sudo cp -r $HOME/yiimp/bin/. /bin/ 402 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ 403 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ 404 | sudo mkdir -p /etc/yiimp 405 | sudo mkdir -p /$HOME/backup/ 406 | #fixing yiimp 407 | sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp 408 | #fixing run.sh 409 | sudo rm -r /var/stratum/config/run.sh 410 | echo ' 411 | #!/bin/bash 412 | ulimit -n 10240 413 | ulimit -u 10240 414 | cd /var/stratum 415 | while true; do 416 | ./stratum /var/stratum/config/$1 417 | sleep 2 418 | done 419 | exec bash 420 | ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 421 | sudo chmod +x /var/stratum/config/run.sh 422 | 423 | echo -e "$GREEN Done...$COL_RESET" 424 | 425 | 426 | # Update Timezone 427 | echo 428 | echo 429 | echo -e "$CYAN => Update default timezone. $COL_RESET" 430 | echo 431 | 432 | echo -e " Setting TimeZone to UTC...$COL_RESET" 433 | if [ ! -f /etc/timezone ]; then 434 | echo "Setting timezone to UTC." 435 | echo "Etc/UTC" > sudo /etc/timezone 436 | sudo systemctl restart rsyslog 437 | fi 438 | sudo systemctl status rsyslog | sed -n "1,3p" 439 | echo 440 | echo -e "$GREEN Done...$COL_RESET" 441 | 442 | 443 | # Creating webserver initial config file 444 | echo 445 | echo 446 | echo -e "$CYAN => Creating webserver initial config file $COL_RESET" 447 | echo 448 | 449 | # Adding user to group, creating dir structure, setting permissions 450 | sudo mkdir -p /var/www/$server_name/html 451 | 452 | if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then 453 | echo 'include /etc/nginx/blockuseragents.rules; 454 | server { 455 | if ($blockedagent) { 456 | return 403; 457 | } 458 | if ($request_method !~ ^(GET|HEAD|POST)$) { 459 | return 444; 460 | } 461 | listen 80; 462 | listen [::]:80; 463 | server_name '"${server_name}"'; 464 | root "/var/www/'"${server_name}"'/html/web"; 465 | index index.html index.htm index.php; 466 | charset utf-8; 467 | 468 | location / { 469 | try_files $uri $uri/ /index.php?$args; 470 | } 471 | location @rewrite { 472 | rewrite ^/(.*)$ /index.php?r=$1; 473 | } 474 | 475 | location = /favicon.ico { access_log off; log_not_found off; } 476 | location = /robots.txt { access_log off; log_not_found off; } 477 | 478 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 479 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 480 | 481 | # allow larger file uploads and longer script runtimes 482 | client_body_buffer_size 50k; 483 | client_header_buffer_size 50k; 484 | client_max_body_size 50k; 485 | large_client_header_buffers 2 50k; 486 | sendfile off; 487 | 488 | location ~ ^/index\.php$ { 489 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 490 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 491 | fastcgi_index index.php; 492 | include fastcgi_params; 493 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 494 | fastcgi_intercept_errors off; 495 | fastcgi_buffer_size 16k; 496 | fastcgi_buffers 4 16k; 497 | fastcgi_connect_timeout 300; 498 | fastcgi_send_timeout 300; 499 | fastcgi_read_timeout 300; 500 | try_files $uri $uri/ =404; 501 | } 502 | location ~ \.php$ { 503 | return 404; 504 | } 505 | location ~ \.sh { 506 | return 404; 507 | } 508 | location ~ /\.ht { 509 | deny all; 510 | } 511 | location ~ /.well-known { 512 | allow all; 513 | } 514 | location /phpmyadmin { 515 | root /usr/share/; 516 | index index.php; 517 | try_files $uri $uri/ =404; 518 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 519 | deny all; 520 | } 521 | location ~ /phpmyadmin/(.+\.php)$ { 522 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 523 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 524 | include fastcgi_params; 525 | include snippets/fastcgi-php.conf; 526 | } 527 | } 528 | } 529 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 530 | 531 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 532 | sudo ln -s /var/web /var/www/$server_name/html 533 | sudo systemctl reload php7.3-fpm.service 534 | sudo systemctl restart nginx.service 535 | echo -e "$GREEN Done...$COL_RESET" 536 | 537 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 538 | 539 | 540 | # Install SSL (with SubDomain) 541 | echo 542 | echo -e "Install LetsEncrypt and setting SSL (with SubDomain)" 543 | echo 544 | 545 | sudo apt -y install letsencrypt 546 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" 547 | sudo rm /etc/nginx/sites-available/$server_name.conf 548 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 549 | # I am SSL Man! 550 | echo 'include /etc/nginx/blockuseragents.rules; 551 | server { 552 | if ($blockedagent) { 553 | return 403; 554 | } 555 | if ($request_method !~ ^(GET|HEAD|POST)$) { 556 | return 444; 557 | } 558 | listen 80; 559 | listen [::]:80; 560 | server_name '"${server_name}"'; 561 | # enforce https 562 | return 301 https://$server_name$request_uri; 563 | } 564 | 565 | server { 566 | if ($blockedagent) { 567 | return 403; 568 | } 569 | if ($request_method !~ ^(GET|HEAD|POST)$) { 570 | return 444; 571 | } 572 | listen 443 ssl http2; 573 | listen [::]:443 ssl http2; 574 | server_name '"${server_name}"'; 575 | 576 | root /var/www/'"${server_name}"'/html/web; 577 | index index.php; 578 | 579 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 580 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 581 | 582 | # allow larger file uploads and longer script runtimes 583 | client_body_buffer_size 50k; 584 | client_header_buffer_size 50k; 585 | client_max_body_size 50k; 586 | large_client_header_buffers 2 50k; 587 | sendfile off; 588 | 589 | # strengthen ssl security 590 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 591 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 592 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 593 | ssl_prefer_server_ciphers on; 594 | ssl_session_cache shared:SSL:10m; 595 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 596 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 597 | 598 | # Add headers to serve security related headers 599 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 600 | add_header X-Content-Type-Options nosniff; 601 | add_header X-XSS-Protection "1; mode=block"; 602 | add_header X-Robots-Tag none; 603 | add_header Content-Security-Policy "frame-ancestors 'self'"; 604 | 605 | location / { 606 | try_files $uri $uri/ /index.php?$args; 607 | } 608 | location @rewrite { 609 | rewrite ^/(.*)$ /index.php?r=$1; 610 | } 611 | 612 | 613 | location ~ ^/index\.php$ { 614 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 615 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 616 | fastcgi_index index.php; 617 | include fastcgi_params; 618 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 619 | fastcgi_intercept_errors off; 620 | fastcgi_buffer_size 16k; 621 | fastcgi_buffers 4 16k; 622 | fastcgi_connect_timeout 300; 623 | fastcgi_send_timeout 300; 624 | fastcgi_read_timeout 300; 625 | include /etc/nginx/fastcgi_params; 626 | try_files $uri $uri/ =404; 627 | } 628 | location ~ \.php$ { 629 | return 404; 630 | } 631 | location ~ \.sh { 632 | return 404; 633 | } 634 | 635 | location ~ /\.ht { 636 | deny all; 637 | } 638 | location /phpmyadmin { 639 | root /usr/share/; 640 | index index.php; 641 | try_files $uri $uri/ =404; 642 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 643 | deny all; 644 | } 645 | location ~ /phpmyadmin/(.+\.php)$ { 646 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 647 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 648 | include fastcgi_params; 649 | include snippets/fastcgi-php.conf; 650 | } 651 | } 652 | } 653 | 654 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 655 | fi 656 | 657 | sudo systemctl reload php7.3-fpm.service 658 | sudo systemctl restart nginx.service 659 | echo -e "$GREEN Done...$COL_RESET" 660 | 661 | 662 | else 663 | echo 'include /etc/nginx/blockuseragents.rules; 664 | server { 665 | if ($blockedagent) { 666 | return 403; 667 | } 668 | if ($request_method !~ ^(GET|HEAD|POST)$) { 669 | return 444; 670 | } 671 | listen 80; 672 | listen [::]:80; 673 | server_name '"${server_name}"' www.'"${server_name}"'; 674 | root "/var/www/'"${server_name}"'/html/web"; 675 | index index.html index.htm index.php; 676 | charset utf-8; 677 | 678 | location / { 679 | try_files $uri $uri/ /index.php?$args; 680 | } 681 | location @rewrite { 682 | rewrite ^/(.*)$ /index.php?r=$1; 683 | } 684 | 685 | location = /favicon.ico { access_log off; log_not_found off; } 686 | location = /robots.txt { access_log off; log_not_found off; } 687 | 688 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 689 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 690 | 691 | # allow larger file uploads and longer script runtimes 692 | client_body_buffer_size 50k; 693 | client_header_buffer_size 50k; 694 | client_max_body_size 50k; 695 | large_client_header_buffers 2 50k; 696 | sendfile off; 697 | 698 | location ~ ^/index\.php$ { 699 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 700 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 701 | fastcgi_index index.php; 702 | include fastcgi_params; 703 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 704 | fastcgi_intercept_errors off; 705 | fastcgi_buffer_size 16k; 706 | fastcgi_buffers 4 16k; 707 | fastcgi_connect_timeout 300; 708 | fastcgi_send_timeout 300; 709 | fastcgi_read_timeout 300; 710 | try_files $uri $uri/ =404; 711 | } 712 | location ~ \.php$ { 713 | return 404; 714 | } 715 | location ~ \.sh { 716 | return 404; 717 | } 718 | location ~ /\.ht { 719 | deny all; 720 | } 721 | location ~ /.well-known { 722 | allow all; 723 | } 724 | location /phpmyadmin { 725 | root /usr/share/; 726 | index index.php; 727 | try_files $uri $uri/ =404; 728 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 729 | deny all; 730 | } 731 | location ~ /phpmyadmin/(.+\.php)$ { 732 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 733 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 734 | include fastcgi_params; 735 | include snippets/fastcgi-php.conf; 736 | } 737 | } 738 | } 739 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 740 | 741 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 742 | sudo ln -s /var/web /var/www/$server_name/html 743 | sudo systemctl reload php7.3-fpm.service 744 | sudo systemctl restart nginx.service 745 | echo -e "$GREEN Done...$COL_RESET" 746 | 747 | 748 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 749 | 750 | # Install SSL (without SubDomain) 751 | echo 752 | echo -e "Install LetsEncrypt and setting SSL (without SubDomain)" 753 | echo 754 | sleep 3 755 | 756 | sudo apt -y install letsencrypt 757 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" 758 | sudo rm /etc/nginx/sites-available/$server_name.conf 759 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 760 | # I am SSL Man! 761 | echo 'include /etc/nginx/blockuseragents.rules; 762 | server { 763 | if ($blockedagent) { 764 | return 403; 765 | } 766 | if ($request_method !~ ^(GET|HEAD|POST)$) { 767 | return 444; 768 | } 769 | listen 80; 770 | listen [::]:80; 771 | server_name '"${server_name}"'; 772 | # enforce https 773 | return 301 https://$server_name$request_uri; 774 | } 775 | 776 | server { 777 | if ($blockedagent) { 778 | return 403; 779 | } 780 | if ($request_method !~ ^(GET|HEAD|POST)$) { 781 | return 444; 782 | } 783 | listen 443 ssl http2; 784 | listen [::]:443 ssl http2; 785 | server_name '"${server_name}"' www.'"${server_name}"'; 786 | 787 | root /var/www/'"${server_name}"'/html/web; 788 | index index.php; 789 | 790 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 791 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 792 | 793 | # allow larger file uploads and longer script runtimes 794 | client_body_buffer_size 50k; 795 | client_header_buffer_size 50k; 796 | client_max_body_size 50k; 797 | large_client_header_buffers 2 50k; 798 | sendfile off; 799 | 800 | # strengthen ssl security 801 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 802 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 803 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 804 | ssl_prefer_server_ciphers on; 805 | ssl_session_cache shared:SSL:10m; 806 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 807 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 808 | 809 | # Add headers to serve security related headers 810 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 811 | add_header X-Content-Type-Options nosniff; 812 | add_header X-XSS-Protection "1; mode=block"; 813 | add_header X-Robots-Tag none; 814 | add_header Content-Security-Policy "frame-ancestors 'self'"; 815 | 816 | location / { 817 | try_files $uri $uri/ /index.php?$args; 818 | } 819 | location @rewrite { 820 | rewrite ^/(.*)$ /index.php?r=$1; 821 | } 822 | 823 | 824 | location ~ ^/index\.php$ { 825 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 826 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 827 | fastcgi_index index.php; 828 | include fastcgi_params; 829 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 830 | fastcgi_intercept_errors off; 831 | fastcgi_buffer_size 16k; 832 | fastcgi_buffers 4 16k; 833 | fastcgi_connect_timeout 300; 834 | fastcgi_send_timeout 300; 835 | fastcgi_read_timeout 300; 836 | include /etc/nginx/fastcgi_params; 837 | try_files $uri $uri/ =404; 838 | } 839 | location ~ \.php$ { 840 | return 404; 841 | } 842 | location ~ \.sh { 843 | return 404; 844 | } 845 | 846 | location ~ /\.ht { 847 | deny all; 848 | } 849 | location /phpmyadmin { 850 | root /usr/share/; 851 | index index.php; 852 | try_files $uri $uri/ =404; 853 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 854 | deny all; 855 | } 856 | location ~ /phpmyadmin/(.+\.php)$ { 857 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 858 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 859 | include fastcgi_params; 860 | include snippets/fastcgi-php.conf; 861 | } 862 | } 863 | } 864 | 865 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 866 | 867 | echo -e "$GREEN Done...$COL_RESET" 868 | 869 | fi 870 | sudo systemctl reload php7.3-fpm.service 871 | sudo systemctl restart nginx.service 872 | fi 873 | 874 | 875 | # Config Database 876 | echo 877 | echo 878 | echo -e "$CYAN => Now for the database fun! $COL_RESET" 879 | echo 880 | sleep 3 881 | 882 | # Create database 883 | Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" 884 | Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" 885 | Q3="FLUSH PRIVILEGES;" 886 | SQL="${Q1}${Q2}${Q3}" 887 | sudo mysql -u root -p="" -e "$SQL" 888 | 889 | # Create stratum user 890 | Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" 891 | Q2="FLUSH PRIVILEGES;" 892 | SQL="${Q1}${Q2}" 893 | sudo mysql -u root -p="" -e "$SQL" 894 | 895 | #Create my.cnf 896 | 897 | echo ' 898 | [clienthost1] 899 | user=panel 900 | password='"${password}"' 901 | database=yiimpfrontend 902 | host=localhost 903 | [clienthost2] 904 | user=stratum 905 | password='"${password2}"' 906 | database=yiimpfrontend 907 | host=localhost 908 | [myphpadmin] 909 | user=phpmyadmin 910 | password='"${AUTOGENERATED_PASS}"' 911 | [mysql] 912 | user=root 913 | password='"${rootpasswd}"' 914 | ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 915 | sudo chmod 0600 ~/.my.cnf 916 | 917 | 918 | # Create keys file 919 | echo ' 920 | /dev/null 2>&1 941 | 942 | echo -e "$GREEN Done...$COL_RESET" 943 | 944 | 945 | # Peforming the SQL import 946 | echo 947 | echo 948 | echo -e "$CYAN => Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you $COL_RESET" 949 | echo 950 | echo -e "Performing the SQL import" 951 | echo 952 | sleep 3 953 | 954 | cd ~ 955 | cd yiimp/sql 956 | 957 | # Import sql dump 958 | sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 959 | 960 | # Oh the humanity! 961 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql 962 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql 963 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql 964 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql 965 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql 966 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql 967 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql 968 | sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql 969 | sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql 970 | sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql 971 | sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql 972 | sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql 973 | sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql 974 | sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql 975 | sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql 976 | sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql 977 | sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql 978 | echo -e "$GREEN Done...$COL_RESET" 979 | 980 | 981 | # Generating a basic Yiimp serverconfig.php 982 | echo 983 | echo 984 | echo -e "$CYAN => Generating a basic Yiimp serverconfig.php $COL_RESET" 985 | echo 986 | sleep 3 987 | 988 | # Make config file 989 | echo ' 990 | 0.3 1058 | define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); 1059 | 1060 | // nicehash keys deposit account & amount to deposit at a time 1061 | define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); 1062 | define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); 1063 | define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); 1064 | define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); 1065 | 1066 | $cold_wallet_table = array( 1067 | '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, 1068 | ); 1069 | 1070 | // Sample fixed pool fees 1071 | $configFixedPoolFees = array( 1072 | '"'"'zr5'"'"' => 2.0, 1073 | '"'"'scrypt'"'"' => 20.0, 1074 | '"'"'sha256'"'"' => 5.0, 1075 | ); 1076 | 1077 | // Sample custom stratum ports 1078 | $configCustomPorts = array( 1079 | // '"'"'x11'"'"' => 7000, 1080 | ); 1081 | 1082 | // mBTC Coefs per algo (default is 1.0) 1083 | $configAlgoNormCoef = array( 1084 | // '"'"'x11'"'"' => 5.0, 1085 | ); 1086 | ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 1087 | 1088 | echo -e "$GREEN Done...$COL_RESET" 1089 | 1090 | 1091 | # Updating stratum config files with database connection info 1092 | echo 1093 | echo 1094 | echo -e "$CYAN => Updating stratum config files with database connection info. $COL_RESET" 1095 | echo 1096 | sleep 3 1097 | 1098 | cd /var/stratum/config 1099 | sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf 1100 | sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf 1101 | sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf 1102 | sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf 1103 | sudo sed -i 's/username = root/username = stratum/g' *.conf 1104 | sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf 1105 | cd ~ 1106 | echo -e "$GREEN Done...$COL_RESET" 1107 | 1108 | 1109 | # Final Directory permissions 1110 | echo 1111 | echo 1112 | echo -e "$CYAN => Final Directory permissions $COL_RESET" 1113 | echo 1114 | sleep 3 1115 | 1116 | whoami=`whoami` 1117 | sudo usermod -aG www-data $whoami 1118 | sudo usermod -a -G www-data $whoami 1119 | 1120 | sudo find /var/web -type d -exec chmod 775 {} + 1121 | sudo find /var/web -type f -exec chmod 664 {} + 1122 | sudo chgrp www-data /var/web -R 1123 | sudo chmod g+w /var/web -R 1124 | 1125 | sudo mkdir /var/log/yiimp 1126 | sudo touch /var/log/yiimp/debug.log 1127 | sudo chgrp www-data /var/log/yiimp -R 1128 | sudo chmod 775 /var/log/yiimp -R 1129 | 1130 | sudo chgrp www-data /var/stratum -R 1131 | sudo chmod 775 /var/stratum 1132 | 1133 | sudo mkdir -p /var/yiimp/sauv 1134 | sudo chgrp www-data /var/yiimp -R 1135 | sudo chmod 775 /var/yiimp -R 1136 | 1137 | 1138 | #Add to contrab screen-scrypt 1139 | (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - 1140 | 1141 | #fix error screen main "service" 1142 | sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php 1143 | sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php 1144 | 1145 | #fix error screen main "backup sql frontend" 1146 | sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php 1147 | sudo sed -i '14d' /var/web/yaamp/defaultconfig.php 1148 | 1149 | #Misc 1150 | sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder 1151 | sudo rm -rf /var/log/nginx/* 1152 | 1153 | #Hold update OpenSSL 1154 | #If you want remove the hold : sudo apt-mark unhold openssl 1155 | sudo apt-mark hold openssl 1156 | 1157 | #Restart service 1158 | sudo systemctl restart cron.service 1159 | sudo systemctl restart mysql 1160 | sudo systemctl status mysql | sed -n "1,3p" 1161 | sudo systemctl restart nginx.service 1162 | sudo systemctl status nginx | sed -n "1,3p" 1163 | sudo systemctl restart php7.3-fpm.service 1164 | sudo systemctl status php7.3-fpm | sed -n "1,3p" 1165 | 1166 | 1167 | echo 1168 | echo -e "$GREEN Done...$COL_RESET" 1169 | sleep 3 1170 | 1171 | echo 1172 | echo 1173 | echo 1174 | echo -e "$GREEN***************************$COL_RESET" 1175 | echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" 1176 | echo -e "$GREEN Finish !!! $COL_RESET" 1177 | echo -e "$GREEN***************************$COL_RESET" 1178 | echo 1179 | echo 1180 | echo 1181 | echo -e "$CYAN Whew that was fun, just some reminders. $COL_RESET" 1182 | echo -e "$RED Your mysql information is saved in ~/.my.cnf. $COL_RESET" 1183 | echo 1184 | echo -e "$RED Yiimp at : http://"$server_name" (https... if SSL enabled)" 1185 | echo -e "$RED Yiimp Admin at : http://"$server_name"/site/AdminPanel (https... if SSL enabled)" 1186 | echo -e "$RED Yiimp phpMyAdmin at : http://"$server_name"/phpmyadmin (https... if SSL enabled)" 1187 | echo 1188 | echo -e "$RED If you want change 'AdminPanel' to access Panel Admin : Edit this file : /var/web/yaamp/modules/site/SiteController.php" 1189 | echo -e "$RED Line 11 => change 'AdminPanel' and use the new address" 1190 | echo 1191 | echo -e "$CYAN Please make sure to change your public keys / wallet addresses in the /var/web/serverconfig.php file. $COL_RESET" 1192 | echo -e "$CYAN Please make sure to change your private keys in the /etc/yiimp/keys.php file. $COL_RESET" 1193 | echo 1194 | echo -e "$CYAN TUTO Youtube : https://www.youtube.com/watch?v=qE0rhfJ1g2k $COL_RESET" 1195 | echo -e "$CYAN Xavatar WebSite : https://www.xavatar.com $COL_RESET" 1196 | echo 1197 | echo 1198 | echo -e "$RED***************************************************$COL_RESET" 1199 | echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" 1200 | echo -e "$RED***************************************************$COL_RESET" 1201 | echo 1202 | echo 1203 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################################################ 3 | # Original Author: crombiecrunch 4 | # Modified by : Xavatar (https://github.com/xavatar/yiimp_install_scrypt) 5 | # Web: https://www.xavatar.com 6 | # 7 | # Program: 8 | # Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 9 | # v0.2 (update Avril, 2020) 10 | # 11 | ################################################################################ 12 | 13 | 14 | output() { 15 | printf "\E[0;33;40m" 16 | echo $1 17 | printf "\E[0m" 18 | } 19 | 20 | displayErr() { 21 | echo 22 | echo $1; 23 | echo 24 | exit 1; 25 | } 26 | 27 | #Add user group sudo + no password 28 | whoami=`whoami` 29 | sudo usermod -aG sudo ${whoami} 30 | echo '# yiimp 31 | # It needs passwordless sudo functionality. 32 | '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL 33 | ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 34 | 35 | #Copy needed files 36 | sudo cp -r conf/functions.sh /etc/ 37 | sudo cp -r utils/screen-scrypt.sh /etc/ 38 | sudo cp -r conf/editconf.py /usr/bin/ 39 | sudo chmod +x /usr/bin/editconf.py 40 | sudo chmod +x /etc/screen-scrypt.sh 41 | 42 | source /etc/functions.sh 43 | 44 | 45 | clear 46 | echo 47 | echo -e "$GREEN************************************************************************$COL_RESET" 48 | echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" 49 | echo -e "$GREEN Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 $COL_RESET" 50 | echo -e "$GREEN************************************************************************$COL_RESET" 51 | echo 52 | sleep 3 53 | 54 | 55 | # Update package and Upgrade Ubuntu 56 | echo 57 | echo 58 | echo -e "$CYAN => Updating system and installing required packages :$COL_RESET" 59 | echo 60 | sleep 3 61 | 62 | hide_output sudo apt -y update 63 | hide_output sudo apt -y upgrade 64 | hide_output sudo apt -y autoremove 65 | apt_install dialog python3 python3-pip acl nano apt-transport-https 66 | echo -e "$GREEN Done...$COL_RESET" 67 | 68 | 69 | source conf/prerequisite.sh 70 | sleep 3 71 | source conf/getip.sh 72 | 73 | 74 | echo 'PUBLIC_IP='"${PUBLIC_IP}"' 75 | PUBLIC_IPV6='"${PUBLIC_IPV6}"' 76 | DISTRO='"${DISTRO}"' 77 | PRIVATE_IP='"${PRIVATE_IP}"'' | sudo -E tee conf/pool.conf >/dev/null 2>&1 78 | 79 | echo 80 | echo 81 | echo -e "$RED Make sure you double check before hitting enter! Only one shot at these! $COL_RESET" 82 | echo 83 | #read -e -p "Enter time zone (e.g. America/New_York) : " TIME 84 | read -e -p "Domain Name (no http:// or www. just : example.com or pool.example.com or 185.22.24.26) : " server_name 85 | read -e -p "Are you using a subdomain (mycryptopool.example.com?) [y/N] : " sub_domain 86 | read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL 87 | read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC 88 | #read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel 89 | read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public 90 | read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban 91 | read -e -p "Install UFW and configure ports? [Y/n] : " UFW 92 | read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install 93 | 94 | 95 | # Switch Aptitude 96 | #echo 97 | #echo -e "$CYAN Switching to Aptitude $COL_RESET" 98 | #echo 99 | #sleep 3 100 | #apt_install aptitude 101 | #echo -e "$GREEN Done...$COL_RESET $COL_RESET" 102 | 103 | 104 | # Installing Nginx 105 | echo 106 | echo 107 | echo -e "$CYAN => Installing Nginx server : $COL_RESET" 108 | echo 109 | sleep 3 110 | 111 | if [ -f /usr/sbin/apache2 ]; then 112 | echo -e "Removing apache..." 113 | hide_output apt-get -y purge apache2 apache2-* 114 | hide_output apt-get -y --purge autoremove 115 | fi 116 | 117 | apt_install nginx 118 | hide_output sudo rm /etc/nginx/sites-enabled/default 119 | hide_output sudo systemctl start nginx.service 120 | hide_output sudo systemctl enable nginx.service 121 | hide_output sudo systemctl start cron.service 122 | hide_output sudo systemctl enable cron.service 123 | sleep 5 124 | sudo systemctl status nginx | sed -n "1,3p" 125 | echo 126 | echo -e "$GREEN Done...$COL_RESET" 127 | 128 | 129 | # Making Nginx a bit hard 130 | echo 'map $http_user_agent $blockedagent { 131 | default 0; 132 | ~*malicious 1; 133 | ~*bot 1; 134 | ~*backdoor 1; 135 | ~*crawler 1; 136 | ~*bandit 1; 137 | } 138 | ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 139 | 140 | 141 | # Installing Mariadb 142 | echo 143 | echo 144 | echo -e "$CYAN => Installing Mariadb Server : $COL_RESET" 145 | echo 146 | sleep 3 147 | 148 | # Create random password 149 | rootpasswd=$(openssl rand -base64 12) 150 | export DEBIAN_FRONTEND="noninteractive" 151 | apt_install mariadb-server 152 | hide_output sudo systemctl start mysql 153 | hide_output sudo systemctl enable mysql 154 | sleep 5 155 | sudo systemctl status mysql | sed -n "1,3p" 156 | echo 157 | echo -e "$GREEN Done...$COL_RESET" 158 | 159 | 160 | # Installing Installing php7.3 161 | echo 162 | echo 163 | echo -e "$CYAN => Installing php7.3 : $COL_RESET" 164 | echo 165 | sleep 3 166 | 167 | source conf/pool.conf 168 | if [ ! -f /etc/apt/sources.list.d/ondrej-php-bionic.list ]; then 169 | hide_output sudo add-apt-repository -y ppa:ondrej/php 170 | fi 171 | hide_output sudo apt -y update 172 | 173 | if [[ ("$DISTRO" == "16") ]]; then 174 | apt_install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ 175 | php7.3-cgi php-pear php-auth imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ 176 | php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring 177 | #hide_output sudo phpenmod mcrypt 178 | #hide_output sudo phpenmod mbstring 179 | else 180 | apt_install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ 181 | php7.3-cgi php-pear imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ 182 | php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring \ 183 | libpsl-dev libnghttp2-dev 184 | fi 185 | sleep 5 186 | hide_output sudo systemctl start php7.3-fpm 187 | sudo systemctl status php7.3-fpm | sed -n "1,3p" 188 | echo 189 | echo -e "$GREEN Done...$COL_RESET" 190 | 191 | 192 | # Installing other needed files 193 | echo 194 | echo 195 | echo -e "$CYAN => Installing other needed files : $COL_RESET" 196 | echo 197 | sleep 3 198 | 199 | apt_install libgmp3-dev libmysqlclient-dev libcurl4-gnutls-dev libkrb5-dev libldap2-dev libidn11-dev gnutls-dev \ 200 | librtmp-dev sendmail mutt screen git 201 | apt_install pwgen -y 202 | echo -e "$GREEN Done...$COL_RESET" 203 | sleep 3 204 | 205 | 206 | # Installing Package to compile crypto currency 207 | echo 208 | echo 209 | echo -e "$CYAN => Installing Package to compile crypto currency $COL_RESET" 210 | echo 211 | sleep 3 212 | 213 | apt_install software-properties-common build-essential 214 | apt_install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext 215 | apt_install libminiupnpc10 libzmq5 216 | apt_install libcanberra-gtk-module libqrencode-dev libzmq3-dev 217 | apt_install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler 218 | hide_output sudo add-apt-repository -y ppa:bitcoin/bitcoin 219 | hide_output sudo apt -y update 220 | apt_install libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ 221 | echo -e "$GREEN Done...$COL_RESET" 222 | 223 | 224 | # Generating Random Passwords 225 | password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 226 | password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 227 | AUTOGENERATED_PASS=`pwgen -c -1 20` 228 | 229 | 230 | # Test Email 231 | echo 232 | echo 233 | echo -e "$CYAN => Testing to see if server emails are sent $COL_RESET" 234 | echo 235 | sleep 3 236 | 237 | if [[ "$root_email" != "" ]]; then 238 | echo $root_email > sudo tee --append ~/.email 239 | echo $root_email > sudo tee --append ~/.forward 240 | 241 | if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then 242 | echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message 243 | echo "You should receive this !" >> sudo tee --append /tmp/email.message 244 | echo "" >> sudo tee --append /tmp/email.message 245 | echo "Cheers" >> sudo tee --append /tmp/email.message 246 | sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message 247 | 248 | sudo rm -f /tmp/email.message 249 | echo "Mail sent" 250 | fi 251 | fi 252 | echo -e "$GREEN Done...$COL_RESET" 253 | 254 | # Installing Fail2Ban & UFW 255 | echo 256 | echo 257 | echo -e "$CYAN => Some optional installs (Fail2Ban & UFW) $COL_RESET" 258 | echo 259 | sleep 3 260 | 261 | 262 | if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then 263 | apt_install fail2ban 264 | sleep 5 265 | sudo systemctl status fail2ban | sed -n "1,3p" 266 | fi 267 | 268 | 269 | if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then 270 | apt_install ufw 271 | hide_output sudo ufw default deny incoming 272 | hide_output sudo ufw default allow outgoing 273 | hide_output sudo ufw allow ssh 274 | hide_output sudo ufw allow http 275 | hide_output sudo ufw allow https 276 | hide_output sudo ufw allow 3333/tcp 277 | hide_output sudo ufw allow 3339/tcp 278 | hide_output sudo ufw allow 3334/tcp 279 | hide_output sudo ufw allow 3433/tcp 280 | hide_output sudo ufw allow 3555/tcp 281 | hide_output sudo ufw allow 3556/tcp 282 | hide_output sudo ufw allow 3573/tcp 283 | hide_output sudo ufw allow 3535/tcp 284 | hide_output sudo ufw allow 3533/tcp 285 | hide_output sudo ufw allow 3553/tcp 286 | hide_output sudo ufw allow 3633/tcp 287 | hide_output sudo ufw allow 3733/tcp 288 | hide_output sudo ufw allow 3636/tcp 289 | hide_output sudo ufw allow 3737/tcp 290 | hide_output sudo ufw allow 3739/tcp 291 | hide_output sudo ufw allow 3747/tcp 292 | hide_output sudo ufw allow 3833/tcp 293 | hide_output sudo ufw allow 3933/tcp 294 | hide_output sudo ufw allow 4033/tcp 295 | hide_output sudo ufw allow 4133/tcp 296 | hide_output sudo ufw allow 4233/tcp 297 | hide_output sudo ufw allow 4234/tcp 298 | hide_output sudo ufw allow 4333/tcp 299 | hide_output sudo ufw allow 4433/tcp 300 | hide_output sudo ufw allow 4533/tcp 301 | hide_output sudo ufw allow 4553/tcp 302 | hide_output sudo ufw allow 4633/tcp 303 | hide_output sudo ufw allow 4733/tcp 304 | hide_output sudo ufw allow 4833/tcp 305 | hide_output sudo ufw allow 4933/tcp 306 | hide_output sudo ufw allow 5033/tcp 307 | hide_output sudo ufw allow 5133/tcp 308 | hide_output sudo ufw allow 5233/tcp 309 | hide_output sudo ufw allow 5333/tcp 310 | hide_output sudo ufw allow 5433/tcp 311 | hide_output sudo ufw allow 5533/tcp 312 | hide_output sudo ufw allow 5733/tcp 313 | hide_output sudo ufw allow 5743/tcp 314 | hide_output sudo ufw allow 3252/tcp 315 | hide_output sudo ufw allow 5755/tcp 316 | hide_output sudo ufw allow 5766/tcp 317 | hide_output sudo ufw allow 5833/tcp 318 | hide_output sudo ufw allow 5933/tcp 319 | hide_output sudo ufw allow 6033/tcp 320 | hide_output sudo ufw allow 5034/tcp 321 | hide_output sudo ufw allow 6133/tcp 322 | hide_output sudo ufw allow 6233/tcp 323 | hide_output sudo ufw allow 6333/tcp 324 | hide_output sudo ufw allow 6433/tcp 325 | hide_output sudo ufw allow 7433/tcp 326 | hide_output sudo ufw allow 8333/tcp 327 | hide_output sudo ufw allow 8463/tcp 328 | hide_output sudo ufw allow 8433/tcp 329 | hide_output sudo ufw allow 8533/tcp 330 | hide_output sudo ufw --force enable 331 | sleep 5 332 | sudo systemctl status ufw | sed -n "1,3p" 333 | fi 334 | 335 | 336 | echo 337 | echo -e "$GREEN Done...$COL_RESET" 338 | 339 | 340 | # Installing PhpMyAdmin 341 | echo 342 | echo 343 | echo -e "$CYAN => Installing phpMyAdmin $COL_RESET" 344 | echo 345 | sleep 3 346 | 347 | echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections 348 | echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections 349 | echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections 350 | echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections 351 | echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections 352 | echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections 353 | apt_install phpmyadmin 354 | echo -e "$GREEN Done...$COL_RESET" 355 | 356 | 357 | # Installing Yiimp 358 | echo 359 | echo 360 | echo -e "$CYAN => Installing Yiimp $COL_RESET" 361 | echo 362 | echo -e "Grabbing yiimp fron Github, building files and setting file structure." 363 | echo 364 | sleep 3 365 | 366 | 367 | # Generating Random Password for stratum 368 | blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` 369 | 370 | # Compil Blocknotify 371 | cd ~ 372 | hide_output git clone https://github.com/tpruvot/yiimp 373 | cd $HOME/yiimp/blocknotify 374 | sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp 375 | hide_output sudo make 376 | 377 | # Compil iniparser 378 | cd $HOME/yiimp/stratum/iniparser 379 | hide_output sudo make 380 | 381 | # Compil Stratum 382 | cd $HOME/yiimp/stratum 383 | if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then 384 | sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile 385 | fi 386 | hide_output sudo make 387 | 388 | # Copy Files (Blocknotify,iniparser,Stratum) 389 | cd $HOME/yiimp 390 | sudo sed -i 's/AdminRights/'AdminPanel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php 391 | sudo cp -r $HOME/yiimp/web /var/ 392 | sudo mkdir -p /var/stratum 393 | cd $HOME/yiimp/stratum 394 | sudo cp -a config.sample/. /var/stratum/config 395 | sudo cp -r stratum /var/stratum 396 | sudo cp -r run.sh /var/stratum 397 | cd $HOME/yiimp 398 | sudo cp -r $HOME/yiimp/bin/. /bin/ 399 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ 400 | sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ 401 | sudo mkdir -p /etc/yiimp 402 | sudo mkdir -p /$HOME/backup/ 403 | #fixing yiimp 404 | sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp 405 | #fixing run.sh 406 | sudo rm -r /var/stratum/config/run.sh 407 | echo ' 408 | #!/bin/bash 409 | ulimit -n 10240 410 | ulimit -u 10240 411 | cd /var/stratum 412 | while true; do 413 | ./stratum /var/stratum/config/$1 414 | sleep 2 415 | done 416 | exec bash 417 | ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 418 | sudo chmod +x /var/stratum/config/run.sh 419 | 420 | echo -e "$GREEN Done...$COL_RESET" 421 | 422 | 423 | # Update Timezone 424 | echo 425 | echo 426 | echo -e "$CYAN => Update default timezone. $COL_RESET" 427 | echo 428 | 429 | echo -e " Setting TimeZone to UTC...$COL_RESET" 430 | if [ ! -f /etc/timezone ]; then 431 | echo "Setting timezone to UTC." 432 | echo "Etc/UTC" > sudo /etc/timezone 433 | sudo systemctl restart rsyslog 434 | fi 435 | sudo systemctl status rsyslog | sed -n "1,3p" 436 | echo 437 | echo -e "$GREEN Done...$COL_RESET" 438 | 439 | 440 | # Creating webserver initial config file 441 | echo 442 | echo 443 | echo -e "$CYAN => Creating webserver initial config file $COL_RESET" 444 | echo 445 | 446 | # Adding user to group, creating dir structure, setting permissions 447 | sudo mkdir -p /var/www/$server_name/html 448 | 449 | if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then 450 | echo 'include /etc/nginx/blockuseragents.rules; 451 | server { 452 | if ($blockedagent) { 453 | return 403; 454 | } 455 | if ($request_method !~ ^(GET|HEAD|POST)$) { 456 | return 444; 457 | } 458 | listen 80; 459 | listen [::]:80; 460 | server_name '"${server_name}"'; 461 | root "/var/www/'"${server_name}"'/html/web"; 462 | index index.html index.htm index.php; 463 | charset utf-8; 464 | 465 | location / { 466 | try_files $uri $uri/ /index.php?$args; 467 | } 468 | location @rewrite { 469 | rewrite ^/(.*)$ /index.php?r=$1; 470 | } 471 | 472 | location = /favicon.ico { access_log off; log_not_found off; } 473 | location = /robots.txt { access_log off; log_not_found off; } 474 | 475 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 476 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 477 | 478 | # allow larger file uploads and longer script runtimes 479 | client_body_buffer_size 50k; 480 | client_header_buffer_size 50k; 481 | client_max_body_size 50k; 482 | large_client_header_buffers 2 50k; 483 | sendfile off; 484 | 485 | location ~ ^/index\.php$ { 486 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 487 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 488 | fastcgi_index index.php; 489 | include fastcgi_params; 490 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 491 | fastcgi_intercept_errors off; 492 | fastcgi_buffer_size 16k; 493 | fastcgi_buffers 4 16k; 494 | fastcgi_connect_timeout 300; 495 | fastcgi_send_timeout 300; 496 | fastcgi_read_timeout 300; 497 | try_files $uri $uri/ =404; 498 | } 499 | location ~ \.php$ { 500 | return 404; 501 | } 502 | location ~ \.sh { 503 | return 404; 504 | } 505 | location ~ /\.ht { 506 | deny all; 507 | } 508 | location ~ /.well-known { 509 | allow all; 510 | } 511 | location /phpmyadmin { 512 | root /usr/share/; 513 | index index.php; 514 | try_files $uri $uri/ =404; 515 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 516 | deny all; 517 | } 518 | location ~ /phpmyadmin/(.+\.php)$ { 519 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 520 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 521 | include fastcgi_params; 522 | include snippets/fastcgi-php.conf; 523 | } 524 | } 525 | } 526 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 527 | 528 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 529 | sudo ln -s /var/web /var/www/$server_name/html 530 | hide_output sudo systemctl reload php7.3-fpm.service 531 | hide_output sudo systemctl restart nginx.service 532 | echo -e "$GREEN Done...$COL_RESET" 533 | 534 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 535 | 536 | 537 | # Install SSL (with SubDomain) 538 | echo 539 | echo -e "Install LetsEncrypt and setting SSL (with SubDomain)" 540 | echo 541 | 542 | apt_install letsencrypt 543 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" 544 | sudo rm /etc/nginx/sites-available/$server_name.conf 545 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 546 | # I am SSL Man! 547 | echo 'include /etc/nginx/blockuseragents.rules; 548 | server { 549 | if ($blockedagent) { 550 | return 403; 551 | } 552 | if ($request_method !~ ^(GET|HEAD|POST)$) { 553 | return 444; 554 | } 555 | listen 80; 556 | listen [::]:80; 557 | server_name '"${server_name}"'; 558 | # enforce https 559 | return 301 https://$server_name$request_uri; 560 | } 561 | 562 | server { 563 | if ($blockedagent) { 564 | return 403; 565 | } 566 | if ($request_method !~ ^(GET|HEAD|POST)$) { 567 | return 444; 568 | } 569 | listen 443 ssl http2; 570 | listen [::]:443 ssl http2; 571 | server_name '"${server_name}"'; 572 | 573 | root /var/www/'"${server_name}"'/html/web; 574 | index index.php; 575 | 576 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 577 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 578 | 579 | # allow larger file uploads and longer script runtimes 580 | client_body_buffer_size 50k; 581 | client_header_buffer_size 50k; 582 | client_max_body_size 50k; 583 | large_client_header_buffers 2 50k; 584 | sendfile off; 585 | 586 | # strengthen ssl security 587 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 588 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 589 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 590 | ssl_prefer_server_ciphers on; 591 | ssl_session_cache shared:SSL:10m; 592 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 593 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 594 | 595 | # Add headers to serve security related headers 596 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 597 | add_header X-Content-Type-Options nosniff; 598 | add_header X-XSS-Protection "1; mode=block"; 599 | add_header X-Robots-Tag none; 600 | add_header Content-Security-Policy "frame-ancestors 'self'"; 601 | 602 | location / { 603 | try_files $uri $uri/ /index.php?$args; 604 | } 605 | location @rewrite { 606 | rewrite ^/(.*)$ /index.php?r=$1; 607 | } 608 | 609 | 610 | location ~ ^/index\.php$ { 611 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 612 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 613 | fastcgi_index index.php; 614 | include fastcgi_params; 615 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 616 | fastcgi_intercept_errors off; 617 | fastcgi_buffer_size 16k; 618 | fastcgi_buffers 4 16k; 619 | fastcgi_connect_timeout 300; 620 | fastcgi_send_timeout 300; 621 | fastcgi_read_timeout 300; 622 | include /etc/nginx/fastcgi_params; 623 | try_files $uri $uri/ =404; 624 | } 625 | location ~ \.php$ { 626 | return 404; 627 | } 628 | location ~ \.sh { 629 | return 404; 630 | } 631 | 632 | location ~ /\.ht { 633 | deny all; 634 | } 635 | location /phpmyadmin { 636 | root /usr/share/; 637 | index index.php; 638 | try_files $uri $uri/ =404; 639 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 640 | deny all; 641 | } 642 | location ~ /phpmyadmin/(.+\.php)$ { 643 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 644 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 645 | include fastcgi_params; 646 | include snippets/fastcgi-php.conf; 647 | } 648 | } 649 | } 650 | 651 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 652 | fi 653 | 654 | hide_output sudo systemctl reload php7.3-fpm.service 655 | hide_output sudo systemctl restart nginx.service 656 | echo -e "$GREEN Done...$COL_RESET" 657 | 658 | 659 | else 660 | echo 'include /etc/nginx/blockuseragents.rules; 661 | server { 662 | if ($blockedagent) { 663 | return 403; 664 | } 665 | if ($request_method !~ ^(GET|HEAD|POST)$) { 666 | return 444; 667 | } 668 | listen 80; 669 | listen [::]:80; 670 | server_name '"${server_name}"' www.'"${server_name}"'; 671 | root "/var/www/'"${server_name}"'/html/web"; 672 | index index.html index.htm index.php; 673 | charset utf-8; 674 | 675 | location / { 676 | try_files $uri $uri/ /index.php?$args; 677 | } 678 | location @rewrite { 679 | rewrite ^/(.*)$ /index.php?r=$1; 680 | } 681 | 682 | location = /favicon.ico { access_log off; log_not_found off; } 683 | location = /robots.txt { access_log off; log_not_found off; } 684 | 685 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 686 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 687 | 688 | # allow larger file uploads and longer script runtimes 689 | client_body_buffer_size 50k; 690 | client_header_buffer_size 50k; 691 | client_max_body_size 50k; 692 | large_client_header_buffers 2 50k; 693 | sendfile off; 694 | 695 | location ~ ^/index\.php$ { 696 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 697 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 698 | fastcgi_index index.php; 699 | include fastcgi_params; 700 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 701 | fastcgi_intercept_errors off; 702 | fastcgi_buffer_size 16k; 703 | fastcgi_buffers 4 16k; 704 | fastcgi_connect_timeout 300; 705 | fastcgi_send_timeout 300; 706 | fastcgi_read_timeout 300; 707 | try_files $uri $uri/ =404; 708 | } 709 | location ~ \.php$ { 710 | return 404; 711 | } 712 | location ~ \.sh { 713 | return 404; 714 | } 715 | location ~ /\.ht { 716 | deny all; 717 | } 718 | location ~ /.well-known { 719 | allow all; 720 | } 721 | location /phpmyadmin { 722 | root /usr/share/; 723 | index index.php; 724 | try_files $uri $uri/ =404; 725 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 726 | deny all; 727 | } 728 | location ~ /phpmyadmin/(.+\.php)$ { 729 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 730 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 731 | include fastcgi_params; 732 | include snippets/fastcgi-php.conf; 733 | } 734 | } 735 | } 736 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 737 | 738 | sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf 739 | sudo ln -s /var/web /var/www/$server_name/html 740 | hide_output sudo systemctl reload php7.3-fpm.service 741 | hide_output sudo systemctl restart nginx.service 742 | echo -e "$GREEN Done...$COL_RESET" 743 | 744 | 745 | if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then 746 | 747 | # Install SSL (without SubDomain) 748 | echo 749 | echo -e "Install LetsEncrypt and setting SSL (without SubDomain)" 750 | echo 751 | sleep 3 752 | 753 | apt_install letsencrypt 754 | sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" 755 | sudo rm /etc/nginx/sites-available/$server_name.conf 756 | sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 757 | # I am SSL Man! 758 | echo 'include /etc/nginx/blockuseragents.rules; 759 | server { 760 | if ($blockedagent) { 761 | return 403; 762 | } 763 | if ($request_method !~ ^(GET|HEAD|POST)$) { 764 | return 444; 765 | } 766 | listen 80; 767 | listen [::]:80; 768 | server_name '"${server_name}"'; 769 | # enforce https 770 | return 301 https://$server_name$request_uri; 771 | } 772 | 773 | server { 774 | if ($blockedagent) { 775 | return 403; 776 | } 777 | if ($request_method !~ ^(GET|HEAD|POST)$) { 778 | return 444; 779 | } 780 | listen 443 ssl http2; 781 | listen [::]:443 ssl http2; 782 | server_name '"${server_name}"' www.'"${server_name}"'; 783 | 784 | root /var/www/'"${server_name}"'/html/web; 785 | index index.php; 786 | 787 | access_log /var/log/nginx/'"${server_name}"'.app-access.log; 788 | error_log /var/log/nginx/'"${server_name}"'.app-error.log; 789 | 790 | # allow larger file uploads and longer script runtimes 791 | client_body_buffer_size 50k; 792 | client_header_buffer_size 50k; 793 | client_max_body_size 50k; 794 | large_client_header_buffers 2 50k; 795 | sendfile off; 796 | 797 | # strengthen ssl security 798 | ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; 799 | ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; 800 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 801 | ssl_prefer_server_ciphers on; 802 | ssl_session_cache shared:SSL:10m; 803 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; 804 | ssl_dhparam /etc/ssl/certs/dhparam.pem; 805 | 806 | # Add headers to serve security related headers 807 | add_header Strict-Transport-Security "max-age=15768000; preload;"; 808 | add_header X-Content-Type-Options nosniff; 809 | add_header X-XSS-Protection "1; mode=block"; 810 | add_header X-Robots-Tag none; 811 | add_header Content-Security-Policy "frame-ancestors 'self'"; 812 | 813 | location / { 814 | try_files $uri $uri/ /index.php?$args; 815 | } 816 | location @rewrite { 817 | rewrite ^/(.*)$ /index.php?r=$1; 818 | } 819 | 820 | 821 | location ~ ^/index\.php$ { 822 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 823 | fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; 824 | fastcgi_index index.php; 825 | include fastcgi_params; 826 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 827 | fastcgi_intercept_errors off; 828 | fastcgi_buffer_size 16k; 829 | fastcgi_buffers 4 16k; 830 | fastcgi_connect_timeout 300; 831 | fastcgi_send_timeout 300; 832 | fastcgi_read_timeout 300; 833 | include /etc/nginx/fastcgi_params; 834 | try_files $uri $uri/ =404; 835 | } 836 | location ~ \.php$ { 837 | return 404; 838 | } 839 | location ~ \.sh { 840 | return 404; 841 | } 842 | 843 | location ~ /\.ht { 844 | deny all; 845 | } 846 | location /phpmyadmin { 847 | root /usr/share/; 848 | index index.php; 849 | try_files $uri $uri/ =404; 850 | location ~ ^/phpmyadmin/(doc|sql|setup)/ { 851 | deny all; 852 | } 853 | location ~ /phpmyadmin/(.+\.php)$ { 854 | fastcgi_pass unix:/run/php/php7.3-fpm.sock; 855 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 856 | include fastcgi_params; 857 | include snippets/fastcgi-php.conf; 858 | } 859 | } 860 | } 861 | 862 | ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 863 | 864 | echo -e "$GREEN Done...$COL_RESET" 865 | 866 | fi 867 | hide_output sudo systemctl reload php7.3-fpm.service 868 | hide_output sudo systemctl restart nginx.service 869 | fi 870 | 871 | 872 | # Config Database 873 | echo 874 | echo 875 | echo -e "$CYAN => Now for the database fun! $COL_RESET" 876 | echo 877 | sleep 3 878 | 879 | # Create database 880 | Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" 881 | Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" 882 | Q3="FLUSH PRIVILEGES;" 883 | SQL="${Q1}${Q2}${Q3}" 884 | sudo mysql -u root -p="" -e "$SQL" 885 | 886 | # Create stratum user 887 | Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" 888 | Q2="FLUSH PRIVILEGES;" 889 | SQL="${Q1}${Q2}" 890 | sudo mysql -u root -p="" -e "$SQL" 891 | 892 | #Create my.cnf 893 | 894 | echo ' 895 | [clienthost1] 896 | user=panel 897 | password='"${password}"' 898 | database=yiimpfrontend 899 | host=localhost 900 | [clienthost2] 901 | user=stratum 902 | password='"${password2}"' 903 | database=yiimpfrontend 904 | host=localhost 905 | [myphpadmin] 906 | user=phpmyadmin 907 | password='"${AUTOGENERATED_PASS}"' 908 | [mysql] 909 | user=root 910 | password='"${rootpasswd}"' 911 | ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 912 | sudo chmod 0600 ~/.my.cnf 913 | 914 | 915 | # Create keys file 916 | echo ' 917 | /dev/null 2>&1 938 | 939 | echo -e "$GREEN Done...$COL_RESET" 940 | 941 | 942 | # Peforming the SQL import 943 | echo 944 | echo 945 | echo -e "$CYAN => Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you $COL_RESET" 946 | echo 947 | echo -e "Performing the SQL import" 948 | echo 949 | sleep 3 950 | 951 | cd ~ 952 | cd yiimp/sql 953 | 954 | # Import sql dump 955 | sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 956 | 957 | # Oh the humanity! 958 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql 959 | sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql 960 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql 961 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql 962 | sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql 963 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql 964 | sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql 965 | sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql 966 | sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql 967 | sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql 968 | sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql 969 | sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql 970 | sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql 971 | sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql 972 | sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql 973 | sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql 974 | sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql 975 | echo -e "$GREEN Done...$COL_RESET" 976 | 977 | 978 | # Generating a basic Yiimp serverconfig.php 979 | echo 980 | echo 981 | echo -e "$CYAN => Generating a basic Yiimp serverconfig.php $COL_RESET" 982 | echo 983 | sleep 3 984 | 985 | # Make config file 986 | echo ' 987 | 0.3 1055 | define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); 1056 | 1057 | // nicehash keys deposit account & amount to deposit at a time 1058 | define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); 1059 | define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); 1060 | define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); 1061 | define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); 1062 | 1063 | $cold_wallet_table = array( 1064 | '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, 1065 | ); 1066 | 1067 | // Sample fixed pool fees 1068 | $configFixedPoolFees = array( 1069 | '"'"'zr5'"'"' => 2.0, 1070 | '"'"'scrypt'"'"' => 20.0, 1071 | '"'"'sha256'"'"' => 5.0, 1072 | ); 1073 | 1074 | // Sample custom stratum ports 1075 | $configCustomPorts = array( 1076 | // '"'"'x11'"'"' => 7000, 1077 | ); 1078 | 1079 | // mBTC Coefs per algo (default is 1.0) 1080 | $configAlgoNormCoef = array( 1081 | // '"'"'x11'"'"' => 5.0, 1082 | ); 1083 | ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 1084 | 1085 | echo -e "$GREEN Done...$COL_RESET" 1086 | 1087 | 1088 | # Updating stratum config files with database connection info 1089 | echo 1090 | echo 1091 | echo -e "$CYAN => Updating stratum config files with database connection info. $COL_RESET" 1092 | echo 1093 | sleep 3 1094 | 1095 | cd /var/stratum/config 1096 | sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf 1097 | sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf 1098 | sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf 1099 | sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf 1100 | sudo sed -i 's/username = root/username = stratum/g' *.conf 1101 | sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf 1102 | cd ~ 1103 | echo -e "$GREEN Done...$COL_RESET" 1104 | 1105 | 1106 | # Final Directory permissions 1107 | echo 1108 | echo 1109 | echo -e "$CYAN => Final Directory permissions $COL_RESET" 1110 | echo 1111 | sleep 3 1112 | 1113 | whoami=`whoami` 1114 | sudo usermod -aG www-data $whoami 1115 | sudo usermod -a -G www-data $whoami 1116 | 1117 | sudo find /var/web -type d -exec chmod 775 {} + 1118 | sudo find /var/web -type f -exec chmod 664 {} + 1119 | sudo chgrp www-data /var/web -R 1120 | sudo chmod g+w /var/web -R 1121 | 1122 | sudo mkdir /var/log/yiimp 1123 | sudo touch /var/log/yiimp/debug.log 1124 | sudo chgrp www-data /var/log/yiimp -R 1125 | sudo chmod 775 /var/log/yiimp -R 1126 | 1127 | sudo chgrp www-data /var/stratum -R 1128 | sudo chmod 775 /var/stratum 1129 | 1130 | sudo mkdir -p /var/yiimp/sauv 1131 | sudo chgrp www-data /var/yiimp -R 1132 | sudo chmod 775 /var/yiimp -R 1133 | 1134 | 1135 | #Add to contrab screen-scrypt 1136 | (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - 1137 | 1138 | #fix error screen main "service" 1139 | sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php 1140 | sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php 1141 | 1142 | #fix error screen main "backup sql frontend" 1143 | sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php 1144 | sudo sed -i '14d' /var/web/yaamp/defaultconfig.php 1145 | 1146 | #Misc 1147 | sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder 1148 | sudo rm -rf /var/log/nginx/* 1149 | 1150 | #Hold update OpenSSL 1151 | #If you want remove the hold : sudo apt-mark unhold openssl 1152 | sudo apt-mark hold openssl 1153 | 1154 | #Restart service 1155 | sudo systemctl restart cron.service 1156 | sudo systemctl restart mysql 1157 | sudo systemctl status mysql | sed -n "1,3p" 1158 | sudo systemctl restart nginx.service 1159 | sudo systemctl status nginx | sed -n "1,3p" 1160 | sudo systemctl restart php7.3-fpm.service 1161 | sudo systemctl status php7.3-fpm | sed -n "1,3p" 1162 | 1163 | 1164 | echo 1165 | echo -e "$GREEN Done...$COL_RESET" 1166 | sleep 3 1167 | 1168 | echo 1169 | echo 1170 | echo 1171 | echo -e "$GREEN***************************$COL_RESET" 1172 | echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" 1173 | echo -e "$GREEN Finish !!! $COL_RESET" 1174 | echo -e "$GREEN***************************$COL_RESET" 1175 | echo 1176 | echo 1177 | echo 1178 | echo -e "$CYAN Whew that was fun, just some reminders. $COL_RESET" 1179 | echo -e "$RED Your mysql information is saved in ~/.my.cnf. $COL_RESET" 1180 | echo 1181 | echo -e "$RED Yiimp at : http://"$server_name" (https... if SSL enabled)" 1182 | echo -e "$RED Yiimp Admin at : http://"$server_name"/site/AdminPanel (https... if SSL enabled)" 1183 | echo -e "$RED Yiimp phpMyAdmin at : http://"$server_name"/phpmyadmin (https... if SSL enabled)" 1184 | echo 1185 | echo -e "$RED If you want change 'AdminPanel' to access Panel Admin : Edit this file : /var/web/yaamp/modules/site/SiteController.php" 1186 | echo -e "$RED Line 11 => change 'AdminPanel' and use the new address" 1187 | echo 1188 | echo -e "$CYAN Please make sure to change your public keys / wallet addresses in the /var/web/serverconfig.php file. $COL_RESET" 1189 | echo -e "$CYAN Please make sure to change your private keys in the /etc/yiimp/keys.php file. $COL_RESET" 1190 | echo 1191 | echo -e "$CYAN TUTO Youtube : https://www.youtube.com/watch?v=qE0rhfJ1g2k $COL_RESET" 1192 | echo -e "$CYAN Xavatar WebSite : https://www.xavatar.com $COL_RESET" 1193 | echo 1194 | echo 1195 | echo -e "$RED***************************************************$COL_RESET" 1196 | echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" 1197 | echo -e "$RED***************************************************$COL_RESET" 1198 | echo 1199 | echo 1200 | --------------------------------------------------------------------------------