#!/bin/bash
# @sacloud-once
# @sacloud-desc concrete5をインストールします。
# @sacloud-desc サーバ作成後、WebブラウザでサーバのIPアドレスにアクセスしてください。
# @sacloud-desc http://サーバのIPアドレス/
# @sacloud-desc (このスクリプトは、CentOS6.XもしくはScientific Linux6.Xでのみ動作します)
# @sacloud-password required shellarg maxlen=100 admin_password "adminのパスワード"
# @sacloud-text required shellarg maxlen=100 admin_email "adminのメールアドレス"
ADMIN_PASSWORD=@@@admin_password@@@
ADMIN_EMAIL=@@@admin_email@@@
#---------START OF iptables---------#
cat <<'EOT' > /etc/sysconfig/iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-SSH
-A INPUT -p TCP -m state --state NEW ! --syn -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p udp --sport 123 --dport 123 -j ACCEPT
-A INPUT -p udp --sport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A fail2ban-SSH -j RETURN
COMMIT
EOT
service iptables restart
#---------END OF iptables---------#
#---------START OF LAMP---------#
yum -y install expect httpd-devel mod_ssl php-devel php-pear mysql-server php-mbstring php-xml php-gd php-mysql|| exit 1
service httpd status >/dev/null 2>&1 || service httpd start
for i in {1..5}; do
sleep 1
service httpd status && break
[ "$i" -lt 5 ] || exit 1
done
chkconfig httpd on || exit 1
service mysqld status >/dev/null 2>&1 || service mysqld start
for i in {1..5}; do
sleep 1
service mysqld status && break
[ "$i" -lt 5 ] || exit 1
done
chkconfig mysqld on || exit 1
NEWMYSQLPASSWORD=`mkpasswd -l 32 -d 9 -c 9 -C 9 -s 0 -2`
/usr/bin/mysqladmin -u root password "$NEWMYSQLPASSWORD" || exit 1
cat <<EOT > /root/.my.cnf
[client]
host = localhost
user = root
password = $NEWMYSQLPASSWORD
socket = /var/lib/mysql/mysql.sock
EOT
chmod 600 /root/.my.cnf
#---------END OF LAMP---------#
#---------START OF concrete5---------#
USERNAME="c5_`mkpasswd -l 10 -C 0 -s 0`"
PASSWORD=`mkpasswd -l 32 -d 9 -c 9 -C 9 -s 0 -2`
curl -L http://direct.concrete5-japan.org/index.php/download_file/view/1310/45/ > c5.zip || exit 1
unzip c5.zip
mv concrete5.6.3.1.ja /var/www/$USERNAME
cd /var/www
curl -s -f -L https://raw2.github.com/concrete5/concrete5/master/cli/install-concrete5.php -O
chmod 700 /var/www/install-concrete5.php
mysql --defaults-file=/root/.my.cnf <<-EOT
CREATE DATABASE IF NOT EXISTS $USERNAME;
GRANT ALL ON $USERNAME.* TO '$USERNAME'@'localhost' IDENTIFIED BY '$PASSWORD';
FLUSH PRIVILEGES;
EOT
cat <<EOT > /etc/httpd/conf.d/$USERNAME.conf
<VirtualHost *:80>
DocumentRoot /var/www/$USERNAME
AllowEncodedSlashes On
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/$USERNAME">
Options FollowSymLinks MultiViews ExecCGI
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EOT
service httpd reload || exit 1
chown -R apache:apache /var/www || exit 1
./install-concrete5.php --db-server=localhost --db-username=$USERNAME --db-password=$PASSWORD --db-database=$USERNAME --starting-point=blank --admin-password=$ADMIN_PASSWORD --admin-email=$ADMIN_EMAIL --target=./$USERNAME --site=concrete5sample --core=./$USERNAME/concrete --reinstall=no