1.5 KiB
1.5 KiB
system.sh
#system init
if [ "$#" -ne 2 ]; then
echo "Usage: $0 <servername> <mol-user-password>"
exit 1
fi
hostnamectl set-hostname $1
adduser moluser
usermod -aG sudo moluser
echo "moluser:$2" | sudo chpasswd
#packages install
apt install mc nginx docker docker-compose composer npm mariadb-server -y
npm install -g typescript
#node exporter run + cerberus prometheus add
#mariadb config
bind_address:0.0.0.0
#remote config for cloud init
sudo -u www-data ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
#sudo sed -i 's#www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin#www-data:x:33:33:www-data:/var/www:/bin/bash#' /etc/passwd
sudo usermod -s /bin/bash www-data
#logging
sudo sed -i '/^#\?\(PrintLastLog\|LogLevel\|X11Forwarding\)/d; $a\
PrintLastLog yes\
LogLevel VERBOSE\
X11Forwarding no' /etc/ssh/sshd_config
systemctl restart sshd
echo -e "www-data ALL=(ALL) NOPASSWD: /usr/bin/docker\nwww-data ALL=(ALL) NOPASSWD: /usr/sbin/nginx\nwww-data ALL=(ALL) NOPASSWD: /usr/bin/docker-compose" | sudo tee /etc/sudoers.d/01-www-cloud-permissions
sudo chmod 440 /etc/sudoers.d/01-www-cloud-permissions
Get /var/www/.ssh/id_rsa.pub to bitbucket repository Add /var/www/authorized_keys key of cloud server
#repos init
mkdir /srv/www
mkdir /srv/docker
mkdir /srv/docker/clients
chown -R www-data:www-data /srv/www
chown -R www-data:www-data /srv/docker
#get repos (alfa + websocket host)
#template .env set for building
#repos init
#nginx config for websocket service
nginx -s reload
#supervisor config