#!/bin/bash
set -e
LANG=C
# @sacloud-once
# @sacloud-desc サーバ作成後、サーバのIPアドレスをhostsに登録してブラウザでアクセスしてください。
# @sacloud-desc (このスクリプトは、CentOS6.XもしくはScientific Linux6.Xでのみ動作します)
# @sacloud-desc Movable TypeダウンロードURL 入力例: https://xxxxxxxxxxxxxxxxxx/
# @sacloud-text required shellarg maxlen=200 durl "Movable TypeダウンロードURL"
# @sacloud-password required shellarg maxlen=100 rootpw "MySQLのパスワード"
DURL=@@@durl@@@
ROOTPW=@@@rootpw@@@

## eth0をhosts登録
cp -p /etc/hosts{,.orig}
echo $(ip a show dev eth0 | egrep '(inet )' | awk '{print $2}' | sed -e 's/\/[0-9]*//g') ${HOSTNAME} | awk '{print $1"\t""\t"$2}' | tee -a /etc/hosts

## ドキュメントルート作成とMovable Typeダウンロード
HOME=/root
export HOME
mkdir -p /var/www
mkdir -p ${HOME}/src
cd ${HOME}/src
FILENAME=$(basename ${DURL} | awk 'BEGIN {FS="?"} {print $1}')
curl -o ${FILENAME} ${DURL}
unzip ${FILENAME}
mv $(ls | grep -v zip$) /var/www/html
cd ${HOME}

## iptables設定
service iptables stop
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
service iptables start
chkconfig iptables on

## MySQLインストール
yum -y install http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm
yum -y install mysql-community-server
service mysqld start
chkconfig mysqld on
mysql -u root -e "SET PASSWORD FOR root@localhost=PASSWORD('${ROOTPW}');"
mysql -u root -p${ROOTPW} -e "SET PASSWORD FOR root@\"${HOSTNAME}\"=PASSWORD('${ROOTPW}');"
mysql -u root -p${ROOTPW} -e "SET PASSWORD FOR root@127.0.0.1=PASSWORD('${ROOTPW}');"
mysql -u root -p${ROOTPW} -e "SET PASSWORD FOR root@\"::1\"=PASSWORD('${ROOTPW}');"
mysql -u root -p${ROOTPW} -e "delete from mysql.user where password='';"
mysql -u root -p${ROOTPW} -e 'FLUSH PRIVILEGES;'

## database「mt」作成
mysql -u root -p${ROOTPW} -e "create database mt;"


## nginx+FCGIインストール
yum -y install http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
cp -p /etc/yum.repos.d/nginx.repo /etc/yum.repos.d/nginx.repo.orig
sed -i 's/centos/mainline\/centos/' /etc/yum.repos.d/nginx.repo
yum -y install perl-DBI perl-DBD-MySQL perl-Archive-Zip perl-XML-SAX perl-XML-LibXML perl-XML-NamespaceSupport perl-Digest-SHA perl-GD gd libXpm perl-Crypt-SSLeay perl-Archive-Tar perl-IO-Zlib perl-Package-Constants ImageMagick-perl perl-Time-HiRes
yum -y --enablerepo=epel install perl-FCGI perl-Crypt-DSA
yum -y --enablerepo=rpmforge install perl-XML-SAX-Expat perl-Imager
yum -y install nginx
cp -p /etc/nginx/nginx.conf{,.orig}
sed -i "s/worker_processes[[:space:]]\+[0-9]\+/worker_processes $(cat /proc/cpuinfo | grep processor | wc -l)/g" /etc/nginx/nginx.conf
mkdir -p /etc/nginx/conf.d/BACKUP
mv /etc/nginx/conf.d/*.conf /etc/nginx/conf.d/BACKUP/
cat << _EOL_ | tee /etc/nginx/conf.d/000_MT.conf
server {
    listen       80;
    server_name  ${HOSTNAME};
    location / {
        root   /var/www/html;
        index  index.html index.htm index.cgi index.pl;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
    location ~ .pl$ {
        gzip off;
        root   /var/www/html;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass 127.0.0.1:8999;
        fastcgi_index index.pl;
        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
    }
    location ~ .cgi$ {
        gzip off;
        root   /var/www/html;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass 127.0.0.1:8999;
        fastcgi_index index.cgi;
        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
    }
}
_EOL_

## fastcgi-wrapper.pl 作成
curl -L -o /usr/bin/fastcgi-wrapper.pl http://www.linode.com/docs/assets/642-fastcgi-wrapper.sh
chmod 700 /usr/bin/fastcgi-wrapper.pl

## perl-fastcgi initスクリプト作成
PERLFCGIDAEMON=/etc/rc.d/init.d/perl-fastcgi
curl -L -o ${PERLFCGIDAEMON} http://www.linode.com/docs/assets/641-init-rpm.sh
sed -i '/^#[[:space:]][ndpc][gerio]*/d' ${PERLFCGIDAEMON}
sed -i '2s/^#$/# perl-fastcgi/' ${PERLFCGIDAEMON}
sed -i '3s/^#$/# description: this script starts and stops the perl-fastcgi daemon/' ${PERLFCGIDAEMON}
sed -i "3a # chkconfig: - 85 15" ${PERLFCGIDAEMON}
sed -i s/^nginx=[\"\/[:alnum:]]*/perlfastcgi='"\/usr\/bin\/fastcgi-wrapper.pl"'/ ${PERLFCGIDAEMON}
sed -i 's/prog=\$(basename \$nginx)/prog=\$\(basename perl\)/' ${PERLFCGIDAEMON}
sed -i s/^NGINX_[[:alnum:]_=\"\\./]*// ${PERLFCGIDAEMON}
sed -i 's/lockfile=\/var\/lock\/subsys\/nginx/lockfile\=\/var\/lock\/subsys\/perl-fastcgi/' ${PERLFCGIDAEMON}
sed -i 's/\[ -x $nginx ] || exit [0-9]/[ -x $perlfastcgi ] || exit 5/' ${PERLFCGIDAEMON}
sed -i 's/\[ -f $NGINX_CONF_FILE ] || exit [0-9]//' ${PERLFCGIDAEMON}
sed -i 's/daemon $nginx -c $NGINX_CONF_FILE/daemon $perlfastcgi/' ${PERLFCGIDAEMON}
sed -i 's/configtest || return $?//g' ${PERLFCGIDAEMON}
sed -i 's/killproc $nginx -HUP/stop ; start/' ${PERLFCGIDAEMON}
sed -i '60,62d' ${PERLFCGIDAEMON}
sed -i 's/restart|configtest/restart/' ${PERLFCGIDAEMON}
sed -i "95s/|configtest//" ${PERLFCGIDAEMON}

chmod 700 ${PERLFCGIDAEMON}
chkconfig --add perl-fastcgi
chkconfig perl-fastcgi on
service perl-fastcgi start
service nginx start
chkconfig nginx on
yum -y update
reboot