-
Notifications
You must be signed in to change notification settings - Fork 1
/
centmin.sh
74 lines (58 loc) · 2.49 KB
/
centmin.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
set -e
# Check if the system is RHEL 8.x or later
if [ -e /etc/redhat-release ]; then
RHEL_VERSION=$(grep -oP '\d+' /etc/redhat-release | head -1)
else
RHEL_VERSION=0
fi
if [ "$RHEL_VERSION" -ge 8 ]; then
PKG_MANAGER="dnf"
else
PKG_MANAGER="yum"
fi
# Function to check if the server is a VPS
is_vps() {
if [ -d "/proc/vz" ] || [ -d "/proc/xen" ]; then
return 0
else
return 1
fi
}
$PKG_MANAGER -y update
$PKG_MANAGER -y install nano wget yum-utils epel-release
$PKG_MANAGER -y update
# MariaDB 10.6 default with PHP 8.0 default
yum -y update
curl -O https://centminmod.com/betainstaller83.sh && chmod 0700 betainstaller83.sh && bash betainstaller83.sh
# Create initial persistent config file to override centmin.sh defaults
mkdir -p /etc/centminmod
wget https://raw.githubusercontent.com/tinof/centmininit/master/custom_config.inc -O /etc/centminmod/custom_config.inc
# CPU Governor High Performance mode for dedicated servers
# Pre-create Nginx HTTPS site’s dhparam file to speed up subsequent Nginx vhost creation
openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
# Setup extended CSF Firewall blocklists
/usr/local/src/centminmod/tools/csf-advancetweaks.sh
# Enable CSF Firewall native fail2ban-like support
csf --profile backup backup-b4-customregex
cp -a /usr/local/csf/bin/regex.custom.pm /usr/local/csf/bin/regex.custom.pm.bak
egrep 'CUSTOM1_LOG|CUSTOM2_LOG|CUSTOM3_LOG|CUSTOM4_LOG' /etc/csf/csf.conf
sed -i "s|CUSTOM1_LOG = .*|CUSTOM1_LOG = \"/home/nginx/domains/\*/log/access.log\"|" /etc/csf/csf.conf
sed -i "s|CUSTOM2_LOG = .*|CUSTOM2_LOG = \"/home/nginx/domains/\*/log/error.log\"|" /etc/csf/csf.conf
sed -i "s|CUSTOM3_LOG = .*|CUSTOM3_LOG = \"/var/log/nginx/localhost.access.log\"|" /etc/csf/csf.conf
sed -i "s|CUSTOM4_LOG = .*|CUSTOM4_LOG = \"/var/log/nginx/localhost.error.log\"|" /etc/csf/csf.conf
egrep 'CUSTOM1_LOG|CUSTOM2_LOG|CUSTOM3_LOG|CUSTOM4_LOG' /etc/csf/csf.conf
wget -O /usr/local/csf/bin/regex.custom.pm https://gist.github.com/centminmod/f5551b92b8aba768c3b4db84c57e756d/raw/regex.custom.pm
csf -ra
# Cloudflare cronjob setup
crontab -l > cronjoblist
sed -i '/csfcf.sh/d' cronjoblist
echo "23 */12 * * * /usr/local/src/centminmod/tools/csfcf.sh auto >/dev/null 2>&1" >> cronjoblist
crontab cronjoblist
# Install and configure MALDET
cd /usr/local/src/centminmod/addons
./maldet.sh
# Update packages from city-fan.org repo
$PKG_MANAGER update -y --enablerepo=city-fan.org --disableplugin=priorities
package-cleanup -y --oldkernels --count=1
echo "Done!"