80 lines
1.5 KiB
Markdown
80 lines
1.5 KiB
Markdown
|
|
|
|
system.sh
|
|
|
|
|
|
```bash
|
|
|
|
#system init
|
|
if [ "$#" -ne 2 ]; then
|
|
echo "Usage: $0 <servername> <mol-user-password>"
|
|
exit 1
|
|
fi
|
|
|
|
hostnamectl set-hostname $1
|
|
adduser moluser
|
|
usermod -aG sudo moluser
|
|
echo "moluser:$2" | sudo chpasswd
|
|
|
|
#packages install
|
|
apt install mc nginx docker docker-compose composer npm mariadb-server -y
|
|
|
|
npm install -g typescript
|
|
|
|
#node exporter run + cerberus prometheus add
|
|
|
|
|
|
|
|
#mariadb config
|
|
bind_address:0.0.0.0
|
|
|
|
#remote config for cloud init
|
|
sudo -u www-data ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
|
|
|
|
#sudo sed -i 's#www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin#www-data:x:33:33:www-data:/var/www:/bin/bash#' /etc/passwd
|
|
sudo usermod -s /bin/bash www-data
|
|
#logging
|
|
sudo sed -i '/^#\?\(PrintLastLog\|LogLevel\|X11Forwarding\)/d; $a\
|
|
PrintLastLog yes\
|
|
LogLevel VERBOSE\
|
|
X11Forwarding no' /etc/ssh/sshd_config
|
|
systemctl restart sshd
|
|
|
|
echo -e "www-data ALL=(ALL) NOPASSWD: /usr/bin/docker\nwww-data ALL=(ALL) NOPASSWD: /usr/sbin/nginx\nwww-data ALL=(ALL) NOPASSWD: /usr/bin/docker-compose" | sudo tee /etc/sudoers.d/01-www-cloud-permissions
|
|
sudo chmod 440 /etc/sudoers.d/01-www-cloud-permissions
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
Get /var/www/.ssh/id_rsa.pub to bitbucket repository
|
|
Add /var/www/authorized_keys key of cloud server
|
|
|
|
```bash
|
|
|
|
#repos init
|
|
mkdir /srv/www
|
|
mkdir /srv/docker
|
|
mkdir /srv/docker/clients
|
|
chown -R www-data:www-data /srv/www
|
|
chown -R www-data:www-data /srv/docker
|
|
|
|
#get repos (alfa + websocket host)
|
|
|
|
#template .env set for building
|
|
|
|
#repos init
|
|
|
|
|
|
#nginx config for websocket service
|
|
nginx -s reload
|
|
|
|
#supervisor config
|
|
|
|
``` |