diff --git a/lib/lemper-adduser.sh b/lib/lemper-adduser.sh index 84820b70..0c528b2a 100755 --- a/lib/lemper-adduser.sh +++ b/lib/lemper-adduser.sh @@ -22,7 +22,7 @@ #CMD_NAME="adduser" # Make sure only root can access and not direct access. -if ! declare -F "requires_root" &>/dev/null; then +if [[ "$(type -t requires_root)" != "function" ]]; then echo "Direct access to this script is not permitted." exit 1 fi diff --git a/scripts/bench.sh b/lib/lemper-bench.sh similarity index 63% rename from scripts/bench.sh rename to lib/lemper-bench.sh index b42c8432..5bfdb286 100755 --- a/scripts/bench.sh +++ b/lib/lemper-bench.sh @@ -29,10 +29,10 @@ echo "" # Network speed test benchmark. echo "### Network Speedtest Benchmark ###" -cachefly=$( wget -q -O /dev/null http://cachefly.cachefly.net/100mb.test 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) +cachefly=$( wget -q -O /dev/null https://cachefly.cachefly.net/100mb.test 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) echo "Download speed from CacheFly: $cachefly " -leaseweb=$( wget -q -O /dev/null http://mirror.leaseweb.com/speedtest/100mb.bin 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Leaseweb, Haarlem, NL: $leaseweb " +ovh=$( wget -q -O /dev/null https://proof.ovh.net/files/100Mb.dat 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) +echo "Download speed from OVH: $ovh " linodeatl=$( wget -q -O /dev/null http://speedtest.atlanta.linode.com/100MB-atlanta.bin 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) echo "Download speed from Linode, Atlanta, GA: $linodeatl " @@ -49,13 +49,5 @@ echo "Download speed from Linode, Tokyo, JP: $linodejp " linodesgp=$( wget -q -O /dev/null http://speedtest.singapore.linode.com/100MB-singapore.bin 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) echo "Download speed from Linode, Singapore, SGP: $linodesgp " -slsea=$( wget -q -O /dev/null http://speedtest.sea01.softlayer.com/downloads/test100.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Softlayer, Seattle, WA: $slsea " -slsjc=$( wget -q -O /dev/null http://speedtest.sjc01.softlayer.com/downloads/test100.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Softlayer, San Jose, CA: $slsjc " -sldal=$( wget -q -O /dev/null http://speedtest.dal05.softlayer.com/downloads/test100.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Softlayer, Dallas, TX: $sldal " -slwdc=$( wget -q -O /dev/null http://speedtest.wdc01.softlayer.com/downloads/test100.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Softlayer, Washington, DC: $slwdc " -slsng=$( wget -q -O /dev/null http://speedtest.sng01.softlayer.com/downloads/test100.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) -echo "Download speed from Softlayer, Singapore: $slsng " +vodafone=$( wget -q -O /dev/null http://212.183.159.230/100MB.zip 2>&1 | awk '/\/dev\/null/ {speed=$3 $4} END {gsub(/\(|\)/,"",speed); print speed}' ) +echo "Download speed from Vodafone: $vodafone " \ No newline at end of file diff --git a/lib/lemper-create.sh b/lib/lemper-create.sh index 1098c600..87b83bcc 100755 --- a/lib/lemper-create.sh +++ b/lib/lemper-create.sh @@ -22,7 +22,7 @@ CMD_PARENT="lemper-cli" CMD_NAME="create" # Make sure only root can access and not direct access. -if ! declare -F "requires_root" &>/dev/null; then +if [[ "$(type -t requires_root)" != "function" ]]; then echo "Direct access to this script is not permitted." exit 1 fi @@ -120,6 +120,7 @@ function create_vhost_default() { server { listen 80; listen [::]:80; + http2 off; server_name ${SERVERNAME}; @@ -239,6 +240,7 @@ function create_vhost_drupal() { server { listen 80; listen [::]:80; + http2 off; server_name ${SERVERNAME}; @@ -352,6 +354,7 @@ function create_vhost_laravel() { server { listen 80; listen [::]:80; + http2 off; server_name ${SERVERNAME}; @@ -466,6 +469,7 @@ function create_vhost_phalcon() { server { listen 80; listen [::]:80; + http2 off; server_name ${SERVERNAME}; @@ -1061,15 +1065,16 @@ function init_lemper_create() { create_fpm_pool_conf "${USERNAME}" "${PHP_VERSION}" > "/etc/php/${PHP_VERSION}/fpm/pool.d/${USERNAME}.conf" # Create default directories & log files. - run mkdir -p "/home/${USERNAME}/.lemper/tmp" - run mkdir -p "/home/${USERNAME}/.lemper/php/opcache" - run mkdir -p "/home/${USERNAME}/.lemper/php/sessions" - run mkdir -p "/home/${USERNAME}/.lemper/php/wsdlcache" - run mkdir -p "/home/${USERNAME}/cgi-bin" - run mkdir -p "/home/${USERNAME}/logs/php" - run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-fpm_slow.log" - run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-fpm_error.log" - run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-opcache_error.log" + run mkdir -p "/home/${USERNAME}/.lemper/tmp" && \ + run mkdir -p "/home/${USERNAME}/.lemper/php/opcache" && \ + run mkdir -p "/home/${USERNAME}/.lemper/php/sessions" && \ + run mkdir -p "/home/${USERNAME}/.lemper/php/wsdlcache" && \ + run mkdir -p "/home/${USERNAME}/cgi-bin" && \ + run mkdir -p "/home/${USERNAME}/logs/php" && \ + run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-fpm_slow.log" && \ + run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-fpm_error.log" && \ + run touch "/home/${USERNAME}/logs/php/php${PHP_VERSION}-opcache_error.log" && \ + run chmod 755 "/home/${USERNAME}" && \ run chown -hR "${USERNAME}:${USERNAME}" "/home/${USERNAME}/.lemper" "/home/${USERNAME}/cgi-bin" "/home/${USERNAME}/logs" # Restart PHP FPM. diff --git a/lib/lemper-fixpermission.sh b/lib/lemper-fixpermission.sh new file mode 100755 index 00000000..f42592fb --- /dev/null +++ b/lib/lemper-fixpermission.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +# Fix file permission +# Min. Requirement : GNU/Linux Ubuntu 18.04 +# Last Build : 07/07/2024 +# Author : MasEDI.Net (me@masedi.net) +# Since Version : 1.0.0 + +# Make sure only root can access and not direct access. +if [[ "$(type -t requires_root)" != "function" ]]; then + echo "Direct access to this script is not permitted." + exit 1 +fi + +# Usage: fixpermission path +function fixpermission() { + # Path file / directory + [ "${1}" = "" ] && return 0 + + find "${1}" -type d -print0 | xargs -0 chmod 755 + find "${1}" -type f -print0 | xargs -0 chmod 644 +} + +# Start running things from a call at the end so if this script is executed +# after a partial download it doesn't do anything. +fixpermission "$@" \ No newline at end of file diff --git a/lib/lemper-manage.sh b/lib/lemper-manage.sh index d31f4cda..9490f57d 100755 --- a/lib/lemper-manage.sh +++ b/lib/lemper-manage.sh @@ -22,7 +22,7 @@ CMD_PARENT="lemper-cli" CMD_NAME="manage" # Make sure only root can access and not direct access. -if ! declare -F "requires_root" &>/dev/null; then +if [[ "$(type -t requires_root)" != "function" ]]; then echo "Direct access to this script is not permitted." exit 1 fi @@ -485,14 +485,14 @@ function enable_ssl() { # Update vhost config. if [[ "${DRYRUN}" != true ]]; then # Ensure there is no HTTPS enabled server block. - if ! grep -qwE "^\ listen\ (\b[0-9]{1,3}\.){3}[0-9]{1,3}\b:443\ ssl\ http2" "/etc/nginx/sites-available/${DOMAIN}.conf"; then + if ! grep -qwE "^\ listen\ (\b[0-9]{1,3}\.){3}[0-9]{1,3}\b:443\ ssl" "/etc/nginx/sites-available/${DOMAIN}.conf"; then # Make backup first. run cp -f "/etc/nginx/sites-available/${DOMAIN}.conf" "/etc/nginx/sites-available/${DOMAIN}.nonssl-conf" # Change listening port to 443. if grep -qwE "^\ listen\ (\b[0-9]{1,3}\.){3}[0-9]{1,3}\b:80" "/etc/nginx/sites-available/${DOMAIN}.conf"; then - run sed -i "s/\:80/\:443\ ssl\ http2/g" "/etc/nginx/sites-available/${DOMAIN}.conf" + run sed -i "s/\:80/\:443\ ssl/g" "/etc/nginx/sites-available/${DOMAIN}.conf" else run sed -i "s/listen\ 80/listen\ 443\ ssl\ http2/g" "/etc/nginx/sites-available/${DOMAIN}.conf" fi @@ -500,6 +500,7 @@ function enable_ssl() { run sed -i "s/listen\ \[::\]:80/listen\ \[::\]:443\ ssl\ http2/g" "/etc/nginx/sites-available/${DOMAIN}.conf" # Enable SSL configs. + run sed -i "s/http2\ off/http2\ on/g" "/etc/nginx/sites-available/${DOMAIN}.conf" run sed -i "s/#ssl_certificate/ssl_certificate/g" "/etc/nginx/sites-available/${DOMAIN}.conf" run sed -i "s/#ssl_certificate_key/ssl_certificate_key/g" "/etc/nginx/sites-available/${DOMAIN}.conf" run sed -i "s/#ssl_trusted_certificate/ssl_trusted_certificate/g" "/etc/nginx/sites-available/${DOMAIN}.conf" @@ -989,22 +990,22 @@ function init_lemper_manage() { ;; -s | --enable-ssl) enable_ssl "${2}" - exit + exit 0 shift 2 ;; --disable-ssl) disable_ssl "${2}" - exit + exit 0 shift 2 ;; --remove-ssl) remove_ssl "${2}" - exit + exit 0 shift 2 ;; --renew-ssl) renew_ssl "${2}" - exit + exit 0 shift 2 ;; -b | --enable-brotli) diff --git a/lib/lemper-sslgen.sh b/lib/lemper-sslgen.sh index 5968abe7..2dfca971 100755 --- a/lib/lemper-sslgen.sh +++ b/lib/lemper-sslgen.sh @@ -22,7 +22,7 @@ #CMD_NAME="sslgen" # Make sure only root can access and not direct access. -if ! declare -F "requires_root" &>/dev/null; then +if [[ "$(type -t requires_root)" != "function" ]]; then echo "Direct access to this script is not permitted." exit 1 fi diff --git a/scripts/createssl.sh b/scripts/createssl.sh deleted file mode 100755 index 09c5b3f6..00000000 --- a/scripts/createssl.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/env bash -# Forked from https://gist.github.com/fideloper/9052820 - -SSL_DIR="/etc/ssl/xip.io" -DOMAIN="*.xip.io" -PASSPHRASE="vaprobash" - -SUBJ=" -C=US -ST=Connecticut -O=Vaprobash -localityName=New Haven -commonName=$DOMAIN -organizationalUnitName= -emailAddress= -" - -sudo mkdir -p "$SSL_DIR" - -sudo openssl genrsa -out "$SSL_DIR/xip.io.key" 1024 -sudo openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$SSL_DIR/xip.io.key" -out "$SSL_DIR/xip.io.csr" -passin pass:$PASSPHRASE -sudo openssl x509 -req -days 365 -in "$SSL_DIR/xip.io.csr" -signkey "$SSL_DIR/xip.io.key" -out "$SSL_DIR/xip.io.crt" - -# If apache, enable SSL via `sudo a2enmod ssl`, then restart `sudo service apache2 restart` -# If nginx, already enabled - -# If apache, edit vhost to include HTTPS portion -# If nginx, edit vhost to include HTTPS portion -# .. and then reload relevant service \ No newline at end of file diff --git a/scripts/fixpermission.sh b/scripts/fixpermission.sh deleted file mode 100755 index b0b05758..00000000 --- a/scripts/fixpermission.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -# Fix file permission -# Min. Requirement : GNU/Linux Ubuntu 18.04 -# Last Build : 17/07/2019 -# Author : MasEDI.Net (me@masedi.net) -# Since Version : 1.0.0 - -# directory -[ "${1}" = "" ] && return 0 - -find "${1}" -type d -print0 | xargs -0 chmod 755 -find "${1}" -type f -print0 | xargs -0 chmod 644 diff --git a/scripts/install_mariadb.sh b/scripts/install_mariadb.sh index d39d0e21..eb9c20aa 100755 --- a/scripts/install_mariadb.sh +++ b/scripts/install_mariadb.sh @@ -133,13 +133,13 @@ function init_mariadb_install() { run cp etc/systemd/mariadb.service /lib/systemd/system/ [[ ! -f /etc/systemd/system/multi-user.target.wants/mariadb.service && -f /lib/systemd/system/mariadb.service ]] && \ - run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/multi-user.target.wants/mariadb.service + run ln -sf /lib/systemd/system/mariadb.service /etc/systemd/system/multi-user.target.wants/mariadb.service [[ ! -f /etc/systemd/system/mysqld.service && -f /lib/systemd/system/mariadb.service ]] && \ - run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/mysqld.service + run ln -sf /lib/systemd/system/mariadb.service /etc/systemd/system/mysqld.service [[ ! -f /etc/systemd/system/mysql.service && -f /lib/systemd/system/mariadb.service ]] && \ - run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/mysql.service + run ln -sf /lib/systemd/system/mariadb.service /etc/systemd/system/mysql.service # Install default table. if [[ -n $(command -v mysql_install_db) ]]; then diff --git a/scripts/install_php.sh b/scripts/install_php.sh index bd1937ef..b861da7d 100755 --- a/scripts/install_php.sh +++ b/scripts/install_php.sh @@ -821,7 +821,7 @@ function install_sourceguardian_loader() { if curl -sLI "${SG_ZIP_URL}" | grep -q "HTTP/[.12]* [2].."; then run wget "${SG_ZIP_URL}" && \ - run tar -xzf "${SG_ZIP_FILENAME}" && \ + run tar -xf "${SG_ZIP_FILENAME}" && \ run mv -f "${BUILD_DIR}/sourceguardian" /usr/lib/php/loaders/ else error "Cannot download SourceGuardian PHP loader: 'sourceguardian_loaders.linux-${SG_ARCH}.tar.gz'." @@ -1050,7 +1050,7 @@ function init_php_install() { ;; 9 | "all") # Select all PHP versions (except EOL & Beta). - SELECTED_PHP_VERSIONS=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4" "8.0" "8.1" "8.2") + SELECTED_PHP_VERSIONS=("7.1" "7.2" "7.3" "7.4" "8.0" "8.1" "8.2" "8.3") ;; *) error "Your selected PHP version ${SELECTED_PHP} is not supported yet." diff --git a/scripts/install_tools.sh b/scripts/install_tools.sh index 0ed14d3f..c2dbc63d 100755 --- a/scripts/install_tools.sh +++ b/scripts/install_tools.sh @@ -53,6 +53,15 @@ function init_tools_install() { run cp -f lib/lemper-db.sh /etc/lemper/cli-plugins/lemper-db && \ run chmod ugo+x /etc/lemper/cli-plugins/lemper-db + run cp -f lib/lemper-sslgen.sh /etc/lemper/cli-plugins/lemper-selfssl && \ + run chmod ugo+x /etc/lemper/cli-plugins/lemper-selfssl + + run cp -f lib/lemper-fixpermission.sh /etc/lemper/cli-plugins/lemper-fixpermission && \ + run chmod ugo+x /etc/lemper/cli-plugins/lemper-fixpermission + + run cp -f lib/lemper-bench.sh /etc/lemper/cli-plugins/lemper-bench && \ + run chmod ugo+x /etc/lemper/cli-plugins/lemper-bench + # Remove old LEMPer CLI tool. [ -d /usr/local/lib/lemper ] && run rm -fr /usr/local/lib/lemper/lemper-* @@ -72,7 +81,6 @@ function init_tools_install() { # Install PHP Info run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php' - run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php56' run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php70' run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php71' run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php72' @@ -81,6 +89,7 @@ function init_tools_install() { run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php80' run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php81' run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php82' + run bash -c 'echo "" > /usr/share/nginx/html/lcp/phpinfo.php83' # Install Adminer for Web-based MySQL Administration Tool. [ ! -d /usr/share/nginx/html/lcp/dbadmin ] && run mkdir -p /usr/share/nginx/html/lcp/dbadmin @@ -225,9 +234,9 @@ EOL # Assign ownership properly. run chown -hR www-data:www-data /usr/share/nginx/html - #if [[ -x /usr/local/bin/lemper-cli && -d /usr/share/nginx/html/lcp ]]; then - # success "LEMPer CLI & web tools successfully installed." - #fi + if [[ -x /usr/local/bin/lemper-cli && -d /usr/share/nginx/html/lcp ]]; then + success "LEMPer CLI & web tools successfully installed." + fi } echo "[LEMPer CLI & Web Tools Installation]" diff --git a/scripts/utils.sh b/scripts/utils.sh index daf383cd..6f5853b6 100755 --- a/scripts/utils.sh +++ b/scripts/utils.sh @@ -693,6 +693,7 @@ function create_account() { run chmod 700 "/home/${LEMPER_USERNAME}/.ssh" && \ run touch "/home/${LEMPER_USERNAME}/.ssh/authorized_keys" && \ run chmod 600 "/home/${LEMPER_USERNAME}/.ssh/authorized_keys" && \ + run chmod 755 "/home/${LEMPER_USERNAME}" && \ run chown -hR "${LEMPER_USERNAME}:${LEMPER_USERNAME}" "/home/${LEMPER_USERNAME}" # Add account credentials to /srv/.htpasswd.