#!/usr/bin/env bash # VPS Post install script # Michael Watters - wattersm@example.com # some edits by: Don R Johnson - djohnson@example.com # 11/26/2006 - Rewrite using python # 12/11/2006 - ETHDEV venet0:0 (was eth0) and FTPTYPE to pure not pro, and warning msg at end(clean when fixed) -don # 12/12/2006 - translated last bits of old install.pl (zone file creation portion) # 12/15/2006 - zone file was getting in the way of new accounts, disabling that chunk for now. # 4/15/2007 - Rewrite in bash, based on dedicated post install script. # 05/08/2007 - Added Nub Check - nickc # 06/14/2007 - Fixed bug in CPAN config file -- Mike Watters # 06/20/2007 - Removed CPAN config section, was causing problems. Added EULA skipper. # 08/12/2007 - More changes ## Nub Check [ -d "/vz" ] && echo "Abort: This is the parent server!" && exit 1; ## function get_data() { echo -n "What is the host name? " read NAME echo -n "Main IP Address? " read MAINIP echo -n "Root Password? " read ROOTPW echo -n "Contact E-mail? " read EMAIL } function set_passwd() { echo $ROOTPW | passwd --stdin root } function install_fantastico() { cd /usr/local/cpanel/whostmgr/docroot/cgi wget http://layer3.example.com/fantastico-files/fantastico_whm_admin.tgz tar xzpf fantastico_whm_admin.tgz rm -fv fantastico_whm_admin.tgz # Xcontroller cd /usr/local/cpanel/base/frontend rm -rf xcontroller rm -f xcontroller.tgz wget http://layer3.example.com/fantastico-files/xcontroller.tgz tar xzpf xcontroller.tgz chown -R root.root xcontroller/ rm -f xcontroller.tgz /usr/local/cpanel/bin/cachelangfiles cd /usr/local/cpanel/lang touch catalan french indonesian polish romanian spanish german italian portugues russian turkish } function disable_recursion() { cp /etc/named.conf /etc/named.conf.bak cat << EOF > /etc/named.conf key "rndc-key" { algorithm hmac-md5; secret ""; }; controls { inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; }; zone "." { type hint; file "/var/named/named.ca"; }; acl "trusted" { 127.0.0.1; 209.59.139.14; 69.16.234.126; 69.16.234.125; 69.16.234.124; 69.16.234.123; 69.16.234.122; }; options { allow-recursion { trusted; }; }; EOF /scripts/fixndc } function fix_apache() { sed -i "/^ServerAdmin/s/ServerAdmin\s*.*/ServerAdmin ${EMAIL}/g" /usr/local/apache/conf/httpd.conf } if [ ! -d /home/temp ]; then mkdir /home/temp fi if [ -z "$3" ]; then echo "Bad number of arguments.\n\n" exit 1 fi NAME=$1 MAINIP=$2 ROOTPW=$3 EMAIL=$4 # Change the root password # set_passwd domain=`echo $NAME | cut -d "." -f 2-` # Install Fantastico Add-on install_fantastico #done!, setup server settings (server setup tab) fix_apache # Change WHM Settings cat << EOF > /etc/wwwacct.conf ADDR $MAINIP CONTACTEMAIL $EMAIL CONTACTPAGER $EMAIL DEFMOD x ETHDEV venet0:0 FTPTYPE pureftpd HOMEDIR /home HOMEMATCH home HOST $NAME LOGSTYLE combined NS ns1.${domain} NS2 ns2.${domain} SCRIPTALIAS y EOF cat << EOF >> /var/cpanel/cpanel.config cpredirect=Origin Domain Name cpredirecthostname=0 cpredirectssl=Origin Domain Name EOF # Fix Bind echo -e "#SERVICE = PORT, SEND, RESPONSE, RESTART COMMAND\n\n service[bind]=x,x,x,/scripts/restartsrv bind,named,named|root|bind\n" > /etc/chkserv.d/bind #add vps ips(only 4 now) OCTET1=`echo $MAINIP | cut -d "." -f 1` OCTET2=`echo $MAINIP | cut -d "." -f 2` OCTET3=`echo $MAINIP | cut -d "." -f 3` OCTET4=`echo $MAINIP | cut -d "." -f 4` cat << EOF > /etc/ips $MAINIP $OCTET1.$OCTET2.$OCTET3.`echo $OCTET4+1 | bc`:$NETMASK:$OCTET1.$OCTET2.$OCTET3.255 $OCTET1.$OCTET2.$OCTET3.`echo $OCTET4+2 | bc`:$NETMASK:$OCTET1.$OCTET2.$OCTET3.255 $OCTET1.$OCTET2.$OCTET3.`echo $OCTET4+3 | bc`:$NETMASK:$OCTET1.$OCTET2.$OCTET3.255 EOF service ipaliases restart # Turn off recursive queries and other BIND stuff disable_recursion /scripts/rebuildnamedconf rndc reload #enable quotas /scripts/fixquotas cat << EOF > /etc/nameserverips $MAINIP=ns1.${domain} $OCTET1.$OCTET2.$OCTET3.`echo $OCTET4+1 | bc`=ns2.${domain} EOF # Install lpskel chmod 700 /home/temp cd /home/temp rm -f getpubkeys.sh rm -f install-yum.sh rm -f install-lpskel-yumconf.sh wget http://layer3.example.com/getpubkeys.sh wget http://layer3.example.com/install-yum.sh wget http://layer3.example.com/install-lpskel-yumconf.sh chmod +x getpubkeys.sh install-yum.sh install-lpskel-yumconf.sh mkdir /root/.gnupg gpg --list-keys ./getpubkeys.sh ./install-yum.sh ./install-lpskel-yumconf.sh rm -f getpubkeys.sh rm -f install-yum.sh rm -f install-lpskel-yumconf.sh echo -e "6\t1\t*\t*\t*\t /usr/bin/yum -c /usr/local/lp/configs/yum/yum.conf -y update" >> /var/spool/cron/root /etc/init.d/named restart /scripts/fixndc /scripts/fixndc rndc reload # Update chksrvd echo -e "antirelayd:1\ncpsrvd:1\nentropychat:0\nexim:1\neximstats:0\nftpd:1\nhttpd:1\nimap:1\ninterchange:0\nmysql:1\nnamed:1\npop:1\nspamd:1" > /etc/chkserv.d/chkservd.conf chkconfig popa3d off; chkconfig popa3ds off; /etc/init.d/xinetd stop; /etc/init.d/xinetd start /sbin/chkconfig pure-ftpd on # Run updates /scripts/mysqlup /scripts/upcp # Enable bash time stamps echo >> /etc/profile echo HISTTIMEFORMAT=\"%Y%m%d - %H:%M:%S - \" >> /etc/profile # Enable mod_security curl "http://root:${ROOTPW}@localhost:2086/scripts2/saveuthemes?themetype=modules&modsecurity=1.9.1-2.2" > /dev/null yum -y -c /usr/local/lp/configs/yum/yum.conf install lp-modsec-rules # Install clamAV and RBLs /usr/bin/yum -c /usr/local/lp/configs/yum/yum.conf -y install clamd clamav clamav-db echo "clamd:1" >> /etc/chkserv.d/chkservd.conf /etc/init.d/chkservd restart # Install Zend # Disabled for now, we need a way to automate this. # /scripts/installzendopt # Reset Cpanel SSL certs /scripts/rebuildcpanelsslcrt # Update IP Pool and activate WHM /scripts/rebuildippool touch /etc/.whostmgrft mkdir /var/cpanel/activate touch /var/cpanel/activate/1.1 # Install Mr. Radar rpm -e --nodeps centos-yumconf yum -y install php-mysql yum -y -c /usr/local/lp/configs/yum/yum.conf install yumconf-system rm -f /etc/yum.repos.d/system.repo yum -c /usr/local/lp/configs/yum/yum.conf -y install mm3k-client-pull # Add cron job to prevent license issues echo -e "0\t*/8\t*\t*\t*\t/usr/local/cpanel/cpkeyclt" >> /var/spool/cron/root # Restart POP and FTP /scripts/restartsrv_cppop /etc/init.d/pure-ftpd start chkconfig --add pure-ftpd # Clean up # whiptail --msgbox 'Shell-based portion of installation complete. Please contact your network administrator.' 8 55 echo -e "\n\n********************************************* Install finished. *********************************************\n" rm -f $0 exit