#!/bin/bash ################################################# # phpmyadmin installer for Centmin Mod centminmod.com # written by George Liu (eva2000) ################################################# # If you have a fairly static IP address that doesn't change often # set STATICIP='y'. Otherwise leave as STATICIP='n' STATICIP='n' ################################################# VER='0.2.6' DT=$(date +"%d%m%y-%H%M%S") UPDATEDIR='/root/tools' BASEDIR='/usr/local/nginx/html' DIRNAME=$(echo "${RANDOM}_mysqladmin${RANDOM}") SALT=$(openssl rand -base64 9) USERPREFIX='admin' USER=$(echo "${USERPREFIX}${SALT}" | sed -e 's|\/||g' -e 's|\+||g') PASS=$(openssl rand -base64 21) PASS=$(echo "$PASS" | sed -e 's|\/||g' -e 's|\+||g') BLOWFISH=$(openssl rand -base64 32 | cut -c1-32) # BLOWFISH=$(pwgen -syn1 46) CURRENTIP=$(echo $SSH_CLIENT | awk '{print $1}') USERNAME='nginx' SSLHNAME=$(uname -n) VERSIONMINOR='04' # last 2 digits in Centmin Mod version i.e. 1.2.3-eva2000.04 VERSIONALLOW="1.2.3-eva2000.${VERSIONMINOR}" YARN_TMPDIR='/home/yarntmp-phpmyadmin' ################################################# # set locale temporarily to english # due to some non-english locale issues export LC_ALL=en_US.UTF-8 export LANG=en_US.UTF-8 export LANGUAGE=en_US.UTF-8 export LC_CTYPE=en_US.UTF-8 export COMPOSER_ALLOW_SUPERUSER=1 shopt -s expand_aliases for g in "" e f; do alias ${g}grep="LC_ALL=C ${g}grep" # speed-up grep, egrep, fgrep done # Memory calculations for dynamic memory limit determination TOTALMEM=$(cat /proc/meminfo | grep MemTotal | awk '{print $2}') TOTALMEMMB=`echo "scale=0;$TOTALMEM/1024" | bc` CHECKFREEMEM=$(cat /proc/meminfo | grep MemFree) if [[ "$CHECKFREEMEM" ]]; then FREEMEM=$(cat /proc/meminfo | grep MemFree | awk '{print $2}') FREEMEMMB=`echo "scale=0;$FREEMEM/1024" | bc` else FREEMEMMB='0' fi CHECKBUFFER=$(cat /proc/meminfo | grep Buffers) if [[ "$CHECKBUFFER" ]]; then BUFFERSMEM=$(cat /proc/meminfo | grep Buffers | awk '{print $2}') BUFFERSMB=`echo "scale=0;$BUFFERSMEM/1024" | bc` else BUFFERSMB='0' fi CHECKCACHED=$(cat /proc/meminfo | grep ^Cached) if [[ "$CHECKCACHED" ]]; then CACHEDMEM=$(cat /proc/meminfo | grep ^Cached | awk '{print $2}') CACHEDMB=`echo "scale=0;$CACHEDMEM/1024" | bc` else CACHEDMB='0' fi REALFREEMB=$(echo $FREEMEMMB+$BUFFERSMB+$CACHEDMB | bc) REALUSEDMEM=$(echo $TOTALMEMMB-$REALFREEMB | bc) # set php-fpm memory_limit to 4/9 th of available free memory MEMLIMIT=$(echo $REALFREEMB / 2.25 | bc) # echo "Total Mem: $TOTALMEMMB MB" # echo "Real Free Mem: $REALFREEMB MB" # echo "Mem Limit: $MEMLIMIT MB" ################################################# CENTMINLOGDIR='/root/centminlogs' FPMPOOLDIR='/usr/local/nginx/conf/phpfpmd' if [ ! -d "$YARN_TMPDIR" ]; then mkdir -p "$YARN_TMPDIR" chmod 1777 "$YARN_TMPDIR" export TMPDIR="$YARN_TMPDIR" fi if [[ "$(nginx -V 2>&1 | grep -Eo 'with-http_v2_module')" = 'with-http_v2_module' ]]; then HTTPTWO=y LISTENOPT='ssl http2' COMP_HEADER='#spdy_headers_comp 5' else HTTPTWO=n LISTENOPT='ssl spdy' COMP_HEADER='spdy_headers_comp 5' fi if [ ! -d "$CENTMINLOGDIR" ]; then mkdir -p $CENTMINLOGDIR fi if [ ! -d "$FPMPOOLDIR" ]; then mkdir -p $FPMPOOLDIR fi if [ ! -f /usr/bin/pwgen ]; then yum -y -q install pwgen fi # Setup Colours black='\E[30;40m' red='\E[31;40m' green='\E[32;40m' yellow='\E[33;40m' blue='\E[34;40m' magenta='\E[35;40m' cyan='\E[36;40m' white='\E[37;40m' boldblack='\E[1;30;40m' boldred='\E[1;31;40m' boldgreen='\E[1;32;40m' boldyellow='\E[1;33;40m' boldblue='\E[1;34;40m' boldmagenta='\E[1;35;40m' boldcyan='\E[1;36;40m' boldwhite='\E[1;37;40m' Reset="tput sgr0" # Reset text attributes to normal #+ without clearing screen. cecho () # Coloured-echo. # Argument $1 = message # Argument $2 = color { message=$1 color=$2 echo -e "$color$message" ; $Reset return } ################################################# # VERCHECK=$(cat /etc/centminmod-release) # MINORVER=$(cat /etc/centminmod-release | awk -F "." '{print $3}') # COMPARE=`expr $MINORVER \< $VERSIONMINOR` # if [[ "$VERCHECK" != "$VERSIONALLOW" && "$COMPARE" = '1' ]]; then # cecho "------------------------------------------------------------------------------" $boldgreen # cecho " $0 script requires centmin.sh from Centmin Mod" $boldyellow # cecho " version: $VERSIONALLOW + recompile PHP (menu option #5)" $boldyellow # echo "" # cecho " The following steps are required:" $boldyellow # echo "" # cecho " 1. Download and extract centmin-${VERSIONALLOW}.zip" $boldgreen # cecho " As per instructions at http://centminmod.com/download.html" $boldgreen # cecho " 2. Run the updated centmin.sh script version" $boldgreen # echo "" # cecho " ./centmin.sh" $boldwhite # echo "" # cecho " 3. Run menu option #5 to recompile PHP entering either the" $boldgreen # cecho " same PHP version or newer PHP 5.3.x or 5.4.x version" $boldgreen # cecho " 4. Download latest version phpmyadmin.sh Addon script from" $boldgreen # cecho " http://centminmod.com/centminmodparts/addons/phpmyadmin.sh" $boldgreen # cecho " Give script appropriate permissions via command:" $boldgreen # echo "" # cecho " chmod 0700 /full/path/to/where/you/downloaded/phpmyadmin.sh" $boldwhite # echo "" # cecho " 5. Add port 9418 to CSF Firewall /etc/csf/csf.conf append 9418 to existing" $boldgreen # cecho " TCP_IN / TCP_OUT list of ports. Then restart CSF Firewall via command:" $boldgreen # echo "" # cecho " csf -r" $boldwhite # echo "" # cecho " 6. Run phpmyadmin.sh script via commands:" $boldgreen # echo "" # cecho " cd /full/path/to/where/you/downloaded/" $boldwhite # cecho " ./phpmyadmin.sh install" $boldwhite # #echo "" # #cecho " Aborting script..." $boldyellow # cecho "------------------------------------------------------------------------------" $boldgreen # exit # fi ################################################# checkphpmyadmin() { if [[ "$(grep -rw server_name /usr/local/nginx/conf/conf.d/ | grep -w "$SSLHNAME" | wc -l)" -gt '1' ]]; then cecho "---------------------------------------------------------------" $boldyellow cecho "Warning: detected possible duplicate server_name entry" $boldgreen cecho "main hostname vhost server_name value has to be unique" $boldgreen cecho "and separate from any other nginx vhost site you addded" $boldgreen cecho "Check your server_name in /usr/local/nginx/conf/conf.d/virtual.conf" $boldgreen cecho "read Step 1 of Getting Started Guide for main hostname" $boldgreen cecho "proper setup https://centminmod.com/getstarted.html" $boldgreen cecho "---------------------------------------------------------------" $boldyellow exit fi if [[ -f /usr/local/nginx/conf/phpmyadmin_check ]]; then cecho "---------------------------------------------------------------" $boldyellow cecho "detected phpmyadmin install that already exists" $boldgreen cecho "aborting..." $boldgreen cecho "---------------------------------------------------------------" $boldyellow exit fi } ################################################# memlimitmsg() { echo "" cecho "Dynamically set PHP memory_limit based on available system memory..." $boldyellow echo "" cecho "Total Mem: $TOTALMEMMB MB" $boldyellow cecho "Real Free Mem: $REALFREEMB MB" $boldyellow cecho "Mem Limit: $MEMLIMIT MB" $boldyellow echo "" } ################################################# usercreate() { if [[ "$USERNAME" != 'nginx' ]]; then /usr/sbin/useradd -s /sbin/nologin -d /home/${USERNAME}/ -G nginx ${USERNAME} USERID=$(id ${USERNAME}) cecho "---------------------------------------------------------------" $boldgreen cecho "Create User: $USERNAME" $boldyellow cecho "$USERID" $boldyellow cecho "---------------------------------------------------------------" $boldgreen echo "" elif [[ "$USERNAME" = 'nginx' ]]; then cecho "---------------------------------------------------------------" $boldgreen cecho "User $USERNAME already exists" $boldyellow cecho "---------------------------------------------------------------" $boldgreen fi } ################################################# createpassword() { cecho "---------------------------------------------------------------" $boldyellow cecho "Create phpmyadmin htaccess user/pass..." $boldyellow cecho "python /usr/local/nginx/conf/htpasswd.py -c -b /usr/local/nginx/conf/htpassphpmyadmin $USER $PASS" $boldgreen cecho "---------------------------------------------------------------" $boldyellow python /usr/local/nginx/conf/htpasswd.py -c -b /usr/local/nginx/conf/htpassphpmyadmin $USER $PASS } ################################################# htpassdetails() { echo "" cecho "phpmyadmin htaccess login details:" $boldgreen cecho "Username: $USER" $boldgreen cecho "Password: $PASS" $boldgreen cecho "Allowed IP address: ${CURRENTIP}" $boldgreen echo "" cecho "---------------------------------------------------------------" $boldyellow } ################################################# myadmininstall() { if [[ ! -f /usr/bin/git ]]; then cecho "---------------------------------------------------------------" $boldyellow cecho "Installing git..." $boldgreen cecho "---------------------------------------------------------------" $boldyellow cecho "yum -q -y install git --disablerepo=CentALT" $boldgreen yum -q -y install git --disablerepo=CentALT echo "" fi cecho "---------------------------------------------------------------" $boldyellow cecho "Installing phpmyadmin from official git repository..." $boldgreen cecho "---------------------------------------------------------------" $boldyellow cecho "This process can take some time depending on" $boldyellow cecho "speed of the repository and your server..." $boldyellow echo "" cd $BASEDIR git clone -b STABLE --depth=1 https://github.com/phpmyadmin/phpmyadmin.git $DIRNAME cd $DIRNAME wget -cnv https://getcomposer.org/composer-stable.phar -O composer.phar echo y | php composer.phar update --no-dev if [ ! -f "$(which npm)" ]; then /usr/local/src/centminmod/addons/nodejs.sh install fi if [ ! -f /usr/bin/yarn ]; then npm install --location=global yarn fi # https://docs.phpmyadmin.net/en/latest/setup.html#installing-from-git if [ ! -f ${BASEDIR}/${DIRNAME}/themes/pmahomme/css/theme.css ]; then yarn install --production elif [ -f ${BASEDIR}/${DIRNAME}/themes/pmahomme/css/theme.css ]; then yarn install --production fi cp config.sample.inc.php config.inc.php chmod o-rw config.inc.php replace 'a8b7c6d' "${BLOWFISH}" -- config.inc.php sed -i "s|\['blowfish_secret'\] = ''|\['blowfish_secret'\] = '${BLOWFISH}'|g" config.inc.php sed -i 's/?>//g' config.inc.php echo "\$cfg['ExecTimeLimit'] = '28800';" >> config.inc.php echo "\$cfg['MemoryLimit'] = '0';" >> config.inc.php echo "\$cfg['ShowDbStructureCreation'] = 'true';" >> config.inc.php echo "\$cfg['ShowDbStructureLastUpdate'] = 'true';" >> config.inc.php echo "\$cfg['ShowDbStructureLastCheck'] = 'true';" >> config.inc.php echo "\$cfg['ShowPhpInfo'] = true;" >> config.inc.php echo "\$cfg['Export']['compression'] = 'gzip';" >> config.inc.php echo "\$cfg['LoginCookieValidity'] = 1440;" >> config.inc.php echo "?>" >> config.inc.php chown ${USERNAME}:nginx ${BASEDIR}/${DIRNAME} chown -R ${USERNAME}:nginx ${BASEDIR}/${DIRNAME} chmod g+rx ${BASEDIR}/${DIRNAME} if [[ ! -f "/usr/local/nginx/conf/phpmyadmin.conf" ]]; then cecho "---------------------------------------------------------------" $boldyellow cecho "Setup /usr/local/nginx/conf/phpmyadmin.conf ..." $boldgreen cecho "---------------------------------------------------------------" $boldyellow createpassword #history -d $((HISTCMD-2)) echo "" if [ -f /usr/local/nginx/conf/php_phpmyadmin_template.conf ]; then echo "\cp -af /usr/local/nginx/conf/php_phpmyadmin_template.conf /usr/local/nginx/conf/php_${DIRNAME}.conf" \cp -af /usr/local/nginx/conf/php_phpmyadmin_template.conf /usr/local/nginx/conf/php_${DIRNAME}.conf else echo "\cp -af /usr/local/nginx/conf/php.conf /usr/local/nginx/conf/php_${DIRNAME}.conf" \cp -af /usr/local/nginx/conf/php.conf /usr/local/nginx/conf/php_${DIRNAME}.conf fi sed -i 's/fastcgi_pass 127.0.0.1:9000/fastcgi_pass 127.0.0.1:9991/g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's/#fastcgi_pass 127.0.0.1:9991/fastcgi_pass 127.0.0.1:9991/g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's|fastcgi_pass phpbackend|#fastcgi_pass phpbackend|g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's|fastcgi_pass dft_php|#fastcgi_pass dft_php|g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's|fastcgi_keep_conn on|#fastcgi_keep_conn on|' /usr/local/nginx/conf/php_${DIRNAME}.conf if [[ -z "$(grep 'fastcgi_param HTTPS $server_https;' /usr/local/nginx/conf/php.conf)" ]]; then replace '#fastcgi_param HTTPS on;' 'fastcgi_param HTTPS on;' -- /usr/local/nginx/conf/php_${DIRNAME}.conf fi # sed -i 's/#fastcgi_pass unix:\/tmp\/php5-fpm.sock/fastcgi_pass unix:\/tmp\/phpfpm_myadmin.sock/g' /usr/local/nginx/conf/php_${DIRNAME}.conf # increase php-fpm timeouts sed -i 's/fastcgi_connect_timeout 60;/fastcgi_connect_timeout 3000;/g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's/fastcgi_send_timeout 180;/fastcgi_send_timeout 3000;/g' /usr/local/nginx/conf/php_${DIRNAME}.conf sed -i 's/fastcgi_read_timeout 180;/fastcgi_read_timeout 3000;/g' /usr/local/nginx/conf/php_${DIRNAME}.conf cat > "/usr/local/nginx/conf/phpmyadmin.conf" < "/usr/local/nginx/conf/phpmyadmin_https.conf" < "/usr/local/nginx/conf/phpmyadmin_https.conf" <> "/usr/local/nginx/conf/phpfpmd/phpfpm_myadmin.conf" < /tmp/req.cnf < /tmp/v3ext.cnf <&1 | grep LibreSSL | head -n1)" ]]; then CHACHACIPHERS='EECDH+CHACHA20:EECDH+CHACHA20-draft:' elif [[ "$(nginx -V 2>&1 | grep OpenSSL | head -n1)" ]]; then if [[ -f "${DIR_TMP}/openssl-${OPENSSL_VERSION}/crypto/chacha20poly1305/chacha20.c" ]]; then CHACHACIPHERS='EECDH+CHACHA20:EECDH+CHACHA20-draft:' elif [[ -f "${DIR_TMP}/openssl-${OPENSSL_VERSION}/crypto/chacha/chacha_enc.c" ]]; then CHACHACIPHERS='EECDH+CHACHA20:EECDH+CHACHA20-draft:' else CHACHACIPHERS="" fi else CHACHACIPHERS="" fi cat > "/usr/local/nginx/conf/conf.d/phpmyadmin_ssl.conf"< "/root/tools/phpmyadmin_update.sh" <&1 | tee \${CENTMINLOGDIR}/centminmod_phpmyadmin_update-\${DT}.log endtime=\$(date +%s.%N) INSTALLTIME=\$(echo "scale=2;\$endtime - \$starttime"|bc ) echo "" >> \${CENTMINLOGDIR}/centminmod_phpmyadmin_update-\${DT}.log echo "Total phpmyadmin Update Time: \$INSTALLTIME seconds" >> \${CENTMINLOGDIR}/centminmod_phpmyadmin_update-\${DT}.log EOF chmod 0700 /root/tools/phpmyadmin_update.sh cecho "---------------------------------------------------------------" $boldyellow cecho "Create cronjob for auto updating phpmyadmin:" $boldgreen cecho "/root/tools/phpmyadmin_update.sh" $boldgreen cecho "---------------------------------------------------------------" $boldyellow if [[ -z "$(crontab -l 2>&1 | grep phpmyadmin_update.sh)" ]]; then crontab -l > cronjoblist mkdir -p /etc/centminmod/cronjobs cp cronjoblist /etc/centminmod/cronjobs/cronjoblist-before-phpmyadmin-setup.txt echo "19 02 * * * /root/tools/phpmyadmin_update.sh >/dev/null 2>&1" >> cronjoblist cp cronjoblist /etc/centminmod/cronjobs/cronjoblist-after-phpmyadmin-setup.txt crontab cronjoblist rm -rf cronjoblist crontab -l fi fi } ################################################# myadminremove() { if [[ ! -d "$UPDATEDIR" ]]; then mkdir -p $UPDATEDIR fi if [[ -f "/root/tools/phpmyadmin_uninstall.sh" || ! -f "/root/tools/phpmyadmin_uninstall.sh" ]]; then cecho "---------------------------------------------------------------" $boldyellow cecho "Create uninstall script:" $boldgreen cecho "/root/tools/phpmyadmin_uninstall.sh" $boldgreen cecho "---------------------------------------------------------------" $boldyellow cat > "/root/tools/phpmyadmin_uninstall.sh" <&1 | tee \${CENTMINLOGDIR}/centminmod_phpmyadmin_uninstall-\${DT}.log endtime=\$(date +%s.%N) INSTALLTIME=\$(echo "scale=2;\$endtime - \$starttime"|bc ) echo "" >> \${CENTMINLOGDIR}/centminmod_phpmyadmin_uninstall-\${DT}.log echo "Total phpmyadmin Update Time: \$INSTALLTIME seconds" >> \${CENTMINLOGDIR}/centminmod_phpmyadmin_uninstall-\${DT}.log EOF chmod 0700 /root/tools/phpmyadmin_uninstall.sh fi } ################################################# myadminmsg() { echo "" cecho "---------------------------------------------------------------" $boldyellow cecho "Password protected ${DIRNAME}" $boldgreen cecho "at path ${BASEDIR}/${DIRNAME}" $boldgreen cecho "config.inc.php at: ${BASEDIR}/${DIRNAME}/config.inc.php" $boldgreen cecho " WEB url: " $boldgreen echo "" cecho " https://${SSLHNAME}/${DIRNAME}" $boldwhite echo "" cecho "Login with your MySQL root username / password" $boldgreen cecho "---------------------------------------------------------------" $boldyellow htpassdetails cecho "phpmyadmin update script at: /root/tools/phpmyadmin_update.sh" $boldgreen cecho "Add your own cron job to automatically run the update script i.e." $boldgreen echo "" cecho " 15 01 * * * /root/tools/phpmyadmin_update.sh" $boldwhite echo "" cecho "---------------------------------------------------------------" $boldyellow cecho "phpmyadmin uninstall script at: /root/tools/phpmyadmin_uninstall.sh" $boldgreen echo "" cecho " /root/tools/phpmyadmin_uninstall.sh" $boldwhite echo "" cecho "---------------------------------------------------------------" $boldyellow cecho "SSL vhost: /usr/local/nginx/conf/conf.d/phpmyadmin_ssl.conf" $boldgreen cecho "php-fpm includes: /usr/local/nginx/conf/php_${DIRNAME}.conf" $boldgreen cecho "php-fpm pool conf: /usr/local/nginx/conf/phpfpmd/phpfpm_myadmin.conf" $boldgreen cecho "dedicated php-fpm pool user: ${USERNAME}" $boldgreen cecho "dedicated php-fpm pool group: nginx" $boldgreen cecho "dedicated php error log: /var/log/php_myadmin_error.log" $boldgreen cecho "---------------------------------------------------------------" $boldyellow cecho "SSL vhost access log: /var/log/nginx/localhost_ssl.access.log" $boldgreen cecho "SSL vhost error log: /var/log/nginx/localhost_ssl.error.log" $boldgreen cecho "---------------------------------------------------------------" $boldyellow echo "" echo "phpmyadmin_install='y'" > /usr/local/nginx/conf/phpmyadmin_check } ################################################# case "$1" in install) checkphpmyadmin starttime=$(date +%s.%N) { #backup csf.conf cp -a /etc/csf/csf.conf /etc/csf/csf.conf-backup_beforephpmyadmin_${DT} usercreate myadmininstall sslvhost myadminupdater myadminremove myadminmsg } 2>&1 | tee ${CENTMINLOGDIR}/centminmod_phpmyadmin_install_${DT}.log endtime=$(date +%s.%N) INSTALLTIME=$(echo "scale=2;$endtime - $starttime"|bc ) echo "" >> ${CENTMINLOGDIR}/centminmod_phpmyadmin_install_${DT}.log echo "Total phpmyadmin Install Time: $INSTALLTIME seconds" >> ${CENTMINLOGDIR}/centminmod_phpmyadmin_install_${DT}.log cecho "---------------------------------------------------------------" $boldyellow cecho "Total phpmyadmin Install Time: $INSTALLTIME seconds" $boldgreen cecho "phpmyadmin install log located at:" $boldgreen cecho "${CENTMINLOGDIR}/centminmod_phpmyadmin_install_${DT}.log" $boldgreen cecho "---------------------------------------------------------------" $boldyellow ;; resetpwd) cecho "---------------------------------------------------------------" $boldyellow createpassword htpassdetails ;; *) echo "$0 install" echo "$0 resetpwd" ;; esac exit