tentakelfabrik
/
mcp
1
0
Fork 0
Code Issues 8 Pull Requests 0 Releases 4 Wiki Activity
Browse Source

smaller bugfixes, change logic

release/0.1
Björn 4 years ago
parent
70244acee5
commit
3d86924418
11 changed files with 187 additions and 61 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +9
    -5
      app/Commands/Fail2banDisableCommand.php
  2. +14
    -6
      app/Commands/Fail2banEnableCommand.php
  3. +2
    -1
      app/Commands/LetsEncryptAddCommand.php
  4. +25
    -10
      app/Commands/LetsEncryptRemoveCommand.php
  5. +15
    -8
      app/Commands/MariadbInstallCommand.php
  6. +5
    -2
      app/Commands/MonitoringStateCommand.php
  7. +19
    -8
      app/Commands/NginxInstallCommand.php
  8. +12
    -4
      app/Commands/NodejsInstallCommand.php
  9. +55
    -15
      app/Commands/PhpFpmInstallCommand.php
  10. +30
    -1
      app/Helpers/InstallHelper.php
  11. +1
    -1
      resources/nginx/nginx.blade.php

+ 9
- 5
app/Commands/Fail2banDisableCommand.php View File

@ -6,15 +6,19 @@ use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
/** /**
* Disable Fail2ban Configuration
* *
* *
* *
*/ */
class Fail2banDisableCommand extends Command class Fail2banDisableCommand extends Command
{ {
const FAIL2BAN_JAIL_DIRECTORY = '/etc/fail2ban/jail.d';
const RESOURCES_JAIL_DIRECTORY = '/resources/fail2ban/jail.d';
// destination to jail
const DESTINATION_FAIL2BAN_JAIL_DIRECTORY = '/etc/fail2ban/jail.d';
// source to jail
const SOURCE_FAIL2BAN_JAIL_DIRECTORY = '/resources/fail2ban/jail.d';
/** /**
* The signature of the command. * The signature of the command.
* *
@ -39,7 +43,7 @@ class Fail2banDisableCommand extends Command
// getting configuration // getting configuration
$configuration = $this->argument('configuration'); $configuration = $this->argument('configuration');
$source = base_path().self::RESOURCES_JAIL_DIRECTORY.'/'.$configuration.'.conf';
$source = base_path().self::SOURCE_FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf';
// configuration not found // configuration not found
if (!file_exists($source)) { if (!file_exists($source)) {
@ -47,7 +51,7 @@ class Fail2banDisableCommand extends Command
exit(); exit();
} }
unlink(self::FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf');
unlink(self::DESTINATION_FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf');
exec('service fail2ban restart'); exec('service fail2ban restart');
$this->info('fail2ban...'.$configuration.' disabled'); $this->info('fail2ban...'.$configuration.' disabled');


+ 14
- 6
app/Commands/Fail2banEnableCommand.php View File

@ -5,17 +5,19 @@ namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule; use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
use Log;
/** /**
* Enable Fail2ban Configuration
* *
* *
* *
*/ */
class Fail2banEnableCommand extends Command class Fail2banEnableCommand extends Command
{ {
const FAIL2BAN_JAIL_DIRECTORY = '/etc/fail2ban/jail.d';
const RESOURCES_JAIL_DIRECTORY = '/resources/fail2ban/jail.d';
// destination to jail
const DESTINATION_FAIL2BAN_JAIL_DIRECTORY = '/etc/fail2ban/jail.d';
// source to jail
const SOURCE_FAIL2BAN_JAIL_DIRECTORY = '/resources/fail2ban/jail.d';
/** /**
* The signature of the command. * The signature of the command.
@ -41,7 +43,7 @@ class Fail2banEnableCommand extends Command
// getting configuration // getting configuration
$configuration = $this->argument('configuration'); $configuration = $this->argument('configuration');
$source = base_path().self::RESOURCES_JAIL_DIRECTORY.'/'.$configuration.'.conf';
$source = base_path().self::SOURCE_FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf';
// configuration not found // configuration not found
if (!file_exists($source)) { if (!file_exists($source)) {
@ -49,7 +51,13 @@ class Fail2banEnableCommand extends Command
exit(); exit();
} }
$destination = self::FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf';
$destination = self::DESTINATION_FAIL2BAN_JAIL_DIRECTORY.'/'.$configuration.'.conf';
// configuration already enabled
if (file_exists($destination)) {
$this->info('fail2ban...configuration already enabled');
exit();
}
copy($source, $destination); copy($source, $destination);
$this->info('fail2ban...'.$configuration.' enabled'); $this->info('fail2ban...'.$configuration.' enabled');


+ 2
- 1
app/Commands/LetsEncryptAddCommand.php View File

@ -6,6 +6,7 @@ use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
/** /**
* Add LetsEncrypt Certificate
* *
* *
* *
@ -24,7 +25,7 @@ class LetsEncryptAddCommand extends Command
* *
* @var string * @var string
*/ */
protected $description = 'Get Certificates from LetsEncrypt';
protected $description = 'Add Certificates from LetsEncrypt';
/** /**
* Execute the console command. * Execute the console command.


+ 25
- 10
app/Commands/LetsEncryptRemoveCommand.php View File

@ -12,6 +12,7 @@ use LaravelZero\Framework\Commands\Command;
*/ */
class LetsEncryptRemoveCommand extends Command class LetsEncryptRemoveCommand extends Command
{ {
// directory
const CERT_DIR = '/etc/certbot/'; const CERT_DIR = '/etc/certbot/';
/** /**
@ -40,18 +41,32 @@ class LetsEncryptRemoveCommand extends Command
foreach($domains as $domain) { foreach($domains as $domain) {
$archive = self::CERT_DIR.'archive/'.$domain;
$live = self::CERT_DIR.'live/'.$domain;
$renewal = self::CERT_DIR.'renewal/'.$domain;
$diretories = [
'archive' => self::CERT_DIR.'archive/'.$domain,
'live' => self::CERT_DIR.'live/'.$domain,
'renwal' => self::CERT_DIR.'renewal/'.$domain
];
rmdir($archiv);
rmdir($live);
rmdir($renewal);
$errors = 0;
if (file_exists($archiv) && file_exists($live) && file_exists($renewal)) {
$this->info('Certifikate for '.$domain.' ...deleted!');
} else {
$this->error('Certifikate for '.$domain.' ...not deleted!');
foreach($diretories as $diretory) {
if (!file_exists($diretory)) {
$errors++;
} else {
rmdir($archiv);
}
}
if ($errors === (count($diretories) - 1)) {
$this->error('Error! Certificate for '.$domain.' ...not found!');
}
if ($erros > 0 && $errors < (count($diretories) - 1)) {
$this->error('Trouble! Certificate for '.$domain.' ...delete! Some files were not found!');
}
if ($errors === 0) {
$this->info('Success! Certificate for '.$domain.' ...deleted!');
} }
} }
} }


+ 15
- 8
app/Commands/MariadbInstallCommand.php View File

@ -36,7 +36,7 @@ class MariadbInstallCommand extends Command
* *
* @var string * @var string
*/ */
protected $description = 'Install mariadb and set configuration';
protected $description = 'Install Mariadb and set configuration';
/** /**
* Execute the console command. * Execute the console command.
@ -47,8 +47,11 @@ class MariadbInstallCommand extends Command
{ {
$this->info('Mariadb install...'); $this->info('Mariadb install...');
exec('apt update 2>&1');
exec('apt install -y mariadb-server mariadb-client 2>&1');
exec('apt update 2>&1', $output);
exec('apt install -y mariadb-server mariadb-client 2>&1', $output);
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
if (Install::isReady('mariadb-server mariadb-client')) { if (Install::isReady('mariadb-server mariadb-client')) {
@ -68,27 +71,31 @@ class MariadbInstallCommand extends Command
$password = $generator->generatePasswords()[0]; $password = $generator->generatePasswords()[0];
// remove plugin for root and set password // remove plugin for root and set password
$this->info('Mariadb add password for root...');
exec('sudo mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD(\''.$password.'\') WHERE User=\'root\';"'); exec('sudo mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD(\''.$password.'\') WHERE User=\'root\';"');
exec('sudo mysql -u root -e "UPDATE mysql.user SET plugin=\'\' where User=\'root\';"'); exec('sudo mysql -u root -e "UPDATE mysql.user SET plugin=\'\' where User=\'root\';"');
// delete anonymous user
exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'\';"');
// make sure root can only access from local // make sure root can only access from local
$this->info('Mariadb make sure root can ony access from local...');
exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'root\' AND Host NOT IN (\'localhost\', \'127.0.0.1\', \'::1\');"'); exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'root\' AND Host NOT IN (\'localhost\', \'127.0.0.1\', \'::1\');"');
// delete anonymous user
$this->info('Mariadb delete anonymous user...');
exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'\';"');
// drop test database and anthing familiar // drop test database and anthing familiar
$this->info('Mariadb drop test and anthing familiar...');
exec('sudo mysql -u root -e "DROP DATABASE IF EXISTS test;"'); exec('sudo mysql -u root -e "DROP DATABASE IF EXISTS test;"');
exec('sudo mysql -u root -e "DELETE FROM mysql.db WHERE Db=\'test\' OR Db=\'test_%\';"'); exec('sudo mysql -u root -e "DELETE FROM mysql.db WHERE Db=\'test\' OR Db=\'test_%\';"');
// update privileges // update privileges
exec('sudo mysql -u root -e "FLUSH PRIVILEGES;"'); exec('sudo mysql -u root -e "FLUSH PRIVILEGES;"');
$this->info('Success! \o/ Check /root/mcp.log');
$this->info('Mariadb installing...Success! \o/ Check '.self::MCP_LOG_FILE);
file_put_contents(self::MCP_LOG_FILE, "Mariadb installed\nuser: root\npassword: $password\n--\n", FILE_APPEND); file_put_contents(self::MCP_LOG_FILE, "Mariadb installed\nuser: root\npassword: $password\n--\n", FILE_APPEND);
} else { } else {
$this->error('Failed!');
$this->error('Failed! Please check log-file!');
} }
} }
} }

+ 5
- 2
app/Commands/MonitoringStateCommand.php View File

@ -5,8 +5,11 @@ namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule; use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
use Log;
/**
*
*
*
*/
class MonitoringStateCommand extends Command class MonitoringStateCommand extends Command
{ {
/** /**


+ 19
- 8
app/Commands/NginxInstallCommand.php View File

@ -9,7 +9,7 @@ use App\Facades\Install;
use App\BladeFile; use App\BladeFile;
/** /**
*
* Nginx install
* *
* *
*/ */
@ -20,7 +20,7 @@ class NginxInstallCommand extends Command
* *
* @var string * @var string
*/ */
protected $signature = 'nginx:install {--user=www-data}';
protected $signature = 'nginx:install {--user=www-data} {--environment=production}';
/** /**
* The description of the command. * The description of the command.
@ -38,21 +38,28 @@ class NginxInstallCommand extends Command
{ {
$this->info('Nginx installing...'); $this->info('Nginx installing...');
exec('apt update 2>&1');
exec('apt install -y nginx 2>&1');
exec('apt update 2>&1', $output);
exec('apt install -y nginx 2>&1', $output);
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
// check if nginx is ready and installed // check if nginx is ready and installed
if (Install::isReady('nginx')) { if (Install::isReady('nginx')) {
$this->info('Nginx create configuration...');
// copy snippets // copy snippets
exec('cp '.base_path().'/resources/nginx/snippets/*.conf /etc/nginx/snippets'); exec('cp '.base_path().'/resources/nginx/snippets/*.conf /etc/nginx/snippets');
$configuration = [ $configuration = [
'user' => $this->option('user'), 'user' => $this->option('user'),
'env' => App::environment()
'environment' => $this->option('environment')
]; ];
// get workers // get workers
$output = [];
exec('echo $(grep ^processor /proc/cpuinfo | wc -l)', $output); exec('echo $(grep ^processor /proc/cpuinfo | wc -l)', $output);
$configuration['processes'] = $output[0]; $configuration['processes'] = $output[0];
@ -64,11 +71,15 @@ class NginxInstallCommand extends Command
$bladeFile->put('nginx', '/etc/nginx/nginx.conf', $configuration); $bladeFile->put('nginx', '/etc/nginx/nginx.conf', $configuration);
// adding ufw to nginx // adding ufw to nginx
exec('ufw allow "Nginx Full"');
$output = [];
$this->info('Nginx adding ufw rules...');
exec('ufw allow "Nginx Full" 2>&1', $output);
$this->line(implode("\n", $output));
$this->info('Success! \o/');
$this->info('Nginx installing...Success! \o/');
} else { } else {
$this->error('Failed! /o\\');
$this->error('Failed! Please check log-file!');
} }
} }
} }

+ 12
- 4
app/Commands/NodejsInstallCommand.php View File

@ -38,21 +38,29 @@ class NodejsInstallCommand extends Command
// getting configuration // getting configuration
$version = $this->argument('version'); $version = $this->argument('version');
exec('useradd -d /home/nodejs -m nodejs');
$this->info('Nodejs installing...');
exec('curl -sL https://deb.nodesource.com/setup_'.$version.'.x | sudo -E bash -'); exec('curl -sL https://deb.nodesource.com/setup_'.$version.'.x | sudo -E bash -');
exec('apt-get install -y nodejs -qq');
exec('apt-get install -y nodejs 2>&1');
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
$this->info('Nodejs add user...');
exec('useradd -d /home/nodejs -m nodejs', $output);
exec('sudo -Hu nodejs mkdir /home/nodejs/.npm'); exec('sudo -Hu nodejs mkdir /home/nodejs/.npm');
exec('sudo -Hu nodejs npm config set prefix /home/nodejs/.npm'); exec('sudo -Hu nodejs npm config set prefix /home/nodejs/.npm');
exec('echo -e "export PATH=/home/nodejs/.npm/bin:\$PATH" >> /home/nodejs/.bashrc'); exec('echo -e "export PATH=/home/nodejs/.npm/bin:\$PATH" >> /home/nodejs/.bashrc');
$this->info('Nodejs install npm & pm2...');
exec('npm install -g npm && npm install -g pm2'); exec('npm install -g npm && npm install -g pm2');
// check if nginx is ready and installed // check if nginx is ready and installed
if (Install::isReady('nodejs')) { if (Install::isReady('nodejs')) {
$this->info("Success!");
$this->info('Nginx installing...Success! \o/');
} else { } else {
$this->error("Failed! Please check log-file!");
$this->error('Failed! Please check log-file!');
} }
} }
} }

+ 55
- 15
app/Commands/PhpFpmInstallCommand.php View File

@ -4,20 +4,27 @@ namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule; use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
use Illuminate\Support\Facades\File;
use App\Facades\Install; use App\Facades\Install;
use Log;
class InstallPhpFpmCommand extends Command
/**
* Install php-fpm
*
*
*/
class PhpFpmInstallCommand extends Command
{ {
const FILE_PREFIX = '/etc/php';
const FILE_SUFFIX = '/fpm/pool.d/www.conf';
// packages to install
const PACKAGES = 'php-mysql php-pear php-gd php-common php-curl php-json php-mbstring php-xml php-zip php-bcmath';
/** /**
* The signature of the command. * The signature of the command.
* *
* @var string * @var string
*/ */
protected $signature = 'php-fpm:install';
protected $signature = 'php-fpm:install {--user=}';
/** /**
* The description of the command. * The description of the command.
@ -33,19 +40,52 @@ class InstallPhpFpmCommand extends Command
*/ */
public function handle() public function handle()
{ {
$this->info('Install PHP FPM');
$this->info('Php-fpm installing...');
exec('apt update 2>&1', $output);
exec('apt install -y php-fpm '.self::PACKAGES.' 2>&1', $output);
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
// scan for all versions
foreach(scandir(self::FILE_PREFIX) as $directory) {
// get path to www.conf
$file = self::FILE_PREFIX.'/'.$directory.self::FILE_SUFFIX;
exec('apt update 2>&1');
exec('apt install -y php-fpm php-curl php-mysql php-pear php-dev php-gd 2>&1');
if (file_exists($file)) {
if (Install::isReady('nginx')) {
// get user
$user = $this->option('user');
// get status of nginx
exec('nginx -v 2>&1', $output);
$status = "$output[0] installed";
if ($user) {
$output = [];
$this->info('Php-fpm change user...');
exec('sed -i "s/user = www-data/user = '.$user.'/g" '.$file, $output);
exec('sed -i "s/group = www-data/group = '.$user.'/g" '.$file, $output);
exec('sed -i "s/listen.owner = www-data/listen.owner = '.$user.'/g" '.$file, $output);
exec('sed -i "s/listen.group = www-data/listen.group = '.$user.'/g" '.$file, $output);
$this->line(implode("\n", $output));
}
$output = [];
$this->info('Php-fpm change mode...');
exec('sed -i "s/;listen.mode = 0660/listen.mode = 0660/g" '.$file, $output);
$this->line(implode("\n", $output));
}
}
$this->info($status);
Log::info($status);
// check if nginx is ready and installed
if (Install::isReady('php-fpm')) {
$this->info('Php-fpm installing...Success! \o/');
} else {
$this->error('Failed! Please check log-file!');
} }
} }
} }

+ 30
- 1
app/Helpers/InstallHelper.php View File

@ -2,11 +2,21 @@
namespace App\Helpers; namespace App\Helpers;
/**
*
*
*
*/
class InstallHelper class InstallHelper
{ {
//
// message for status
const PACKAGE_STATUS = 'Status: install ok installed'; const PACKAGE_STATUS = 'Status: install ok installed';
// not allowed message
const NOT_ALLOWED = [
'WARNING: apt does not have a stable CLI interface. Use with caution in scripts.'
];
/** /**
* check if a packege is installed * check if a packege is installed
* *
@ -25,4 +35,23 @@ class InstallHelper
return $result; return $result;
} }
/**
* apt add a Warning for no good,
*
*
* @return array
*/
public function filterAptMessages($output)
{
$results = [];
foreach($output as $message) {
if (!in_array($message, self::NOT_ALLOWED) && !empty($message)) {
$results[] = $message;
}
}
return $results;
}
} }

+ 1
- 1
resources/nginx/nginx.blade.php View File

@ -25,7 +25,7 @@ events {
http { http {
server_tokens off; server_tokens off;
@if ($env === 'development')
@if ($environment === 'development')
# error log will be only write from debug # error log will be only write from debug
error_log /var/log/nginx.error_log debug; error_log /var/log/nginx.error_log debug;


Write Preview
Loading…
Cancel
Save