diff --git a/vagrant/.gitignore b/vagrant/.gitignore index bb1dc73e..b58d1f63 100644 --- a/vagrant/.gitignore +++ b/vagrant/.gitignore @@ -1,2 +1,3 @@ .vagrant .vagrant/* +*log diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index 8cbdae4e..82b3b857 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -7,9 +7,9 @@ # you're doing. Vagrant.configure("2") do |config| config.vm.define "disroot_lan" do |disroot_lan| - disroot_lan.vm.box="debian/stretch64" + disroot_lan.vm.box="generic/debian9" disroot_lan.vm.hostname = 'disroot.lan' - disroot_lan.vm.box_url = "debian/stretch64" + disroot_lan.vm.box_url = "generic/debian9" disroot_lan.vm.synced_folder "provision/", "/vagrant/provision/" disroot_lan.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.12" diff --git a/vagrant/bootstrap.sh b/vagrant/bootstrap.sh index 7b19a783..eae13194 100755 --- a/vagrant/bootstrap.sh +++ b/vagrant/bootstrap.sh @@ -1,68 +1,67 @@ #!/usr/bin/env bash # Custom configuration -H2DIR="disroot.lan" -WEBROOT="/var/www/$H2DIR" -WWWUSER="www-data" +WEB_NAME="disroot.lan" +WEB_ROOT="/var/www/" +WWW_USER="www-data" # Provisioning actions # Add sury repository to sources.list for PHP7.1 -sudo apt install ca-certificates apt-transport-https +sudo apt-get -y update +sudo apt-get -y upgrade +sudo apt-get -y install ca-certificates apt-transport-https echo "deb https://packages.sury.org/php/ stretch main" | sudo tee -a /etc/apt/sources.list.d/php.list # Sury Key for PHP7.1 wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add - sudo apt-get -y update -echo "Installing Apache.." -sudo apt-get install -y apache2 composer +echo "Installing nginx.." +sudo apt-get install -y nginx-full composer echo "Installing php7.." -sudo apt-get install -y php7.1-zip php7.1-cli php7.1-curl php7.1-gd php7.1-mysql php7.1-mbstring php7.1-xml libapache2-mod-php7.1 php7.1-mcrypt php7.1-fpm - -# Enable all the Apache mods -sudo a2enmod proxy proxy_fcgi rewrite -sudo phpenmod mcrypt zip +sudo apt-get install -y php7.3-zip php7.3-cli php7.3-curl php7.3-gd php7.3-mbstring php7.3-xml php7.3-fpm # Create the Apache config files and restart webserver -sudo rsync -cr /vagrant/provision/etc/apache2/sites-available/ /etc/apache2/sites-available/ -sudo sed -i "s/ServerName V_DOMAIN_NAME/ServerName $H2DIR/g" /etc/apache2/sites-available/*.conf -sudo sed -i "s/V_DOMAIN_NAME/$H2DIR/g" /etc/apache2/sites-available/*.conf -sudo a2ensite "$H2DIR".conf -sudo a2enconf php-fpm -sudo rm /etc/apache2/sites-enabled/000-default.conf -sudo service apache2 restart +sudo rsync -cr /vagrant/provision/etc/nginx/sites-available /etc/nginx/ +sudo ln -s /etc/nginx/sites-available/"${WEB_NAME}".conf /etc/nginx/sites-enabled/"${WEB_NAME}".conf +sudo rm /etc/nginx/sites-enabled/default +sudo service nginx restart # Install GRAV in webroot -composer create-project getgrav/grav $WEBROOT -cd $WEBROOT -sudo chown -R www-data:www-data $WEBROOT +sudo chown -R ${WWW_USER}:${WWW_USER} /var/www +sudo wget https://getcomposer.org/download/1.8.0/composer.phar -O /usr/local/bin/composer && sudo chmod 755 /usr/local/bin/composer +echo "Git" +git clone -b master https://github.com/getgrav/grav.git "${WEB_ROOT}""${WEB_NAME}" +sudo chown -R ${WWW_USER}:${WWW_USER} "${WEB_ROOT}" + +echo "enter git" +cd "${WEB_ROOT}""${WEB_NAME}" +echo "composer" +sudo -u "${WWW_USER}" composer install --no-dev -o +sudo chown -R ${WWW_USER}:${WWW_USER} "${WEB_ROOT}" sudo chmod 775 -R bin/ -sudo -u www-data bin/grav install +sudo -u "${WWW_USER}" bin/grav install #sudo -u www-data bin/gpm install disroot -sudo -u www-data bin/gpm install language-selector -sudo -u www-data bin/gpm install form -sudo -u www-data sed -i 's/quark/disroot/g' $WEBROOT/user/config/system.yaml -sudo -u www-data ex -s -c '13i|redirect_default_route: true' -c x $WEBROOT/user/config/system.yaml -sudo -u www-data echo " +sudo -u "${WWW_USER}" bin/gpm install language-selector +sudo -u "${WWW_USER}" bin/gpm install form +sudo -u "${WWW_USER}" sed -i 's/quark/disroot/g' "${WEB_ROOT}""${WEB_NAME}"/user/config/system.yaml +sudo -u "${WWW_USER}" ex -s -c '13i|redirect_default_route: true' -c x "${WEB_ROOT}""${WEB_NAME}"/user/config/system.yaml +sudo -u "${WWW_USER}" echo " languages: supported: - en - es - fr - - it" >> $WEBROOT/user/config/system.yaml -sudo -u www-data sed -i '4d' $WEBROOT/user/config/system.yaml -sudo -u www-data ex -s -c "4i| alias: '/home'" -c x $WEBROOT/user/config/system.yaml -sudo -u www-data sed -i 's/false/true/g' $WEBROOT/user/plugins/language-selector/language-selector.yaml -#sudo -u www-data cp $WEBROOT/user/plugins/language-selector/templates/partials/language-selector.html.twig $WEBROOT/user/themes/disroot/templates/partials/ -#sudo -u www-data ex -s -c "9i| {% include 'partials/language-selector.hreflang.html.twig' %}" -c x $WEBROOT/user/themes/disroot/templates/partials/base.html.twig -#sudo -u www-data sed -i '2d' $WEBROOT/user/themes/disroot/css/layout.css + - it" >> "${WEB_ROOT}""${WEB_NAME}"/user/config/system.yaml +sudo -u "${WWW_USER}" sed -i '4d' "${WEB_ROOT}""${WEB_NAME}"/user/config/system.yaml +sudo -u "${WWW_USER}" ex -s -c "4i| alias: '/home'" -c x "${WEB_ROOT}""${WEB_NAME}"/user/config/system.yaml +sudo -u "${WWW_USER}" -i 's/false/true/g' "${WEB_ROOT}""${WEB_NAME}"/user/plugins/language-selector/language-selector.yaml # Add website domain to local /etc/hosts file -sudo sed -i "s/127.0.0.1\tlocalhost/127.0.0.1\tlocalhost $H2DIR/" /etc/hosts +sudo sed -i "s/127.0.0.1\tlocalhost/127.0.0.1\tlocalhost $WEB_NAME/" /etc/hosts #Add website pages in GRAV -#rm -rf /var/www/disroot.lan/user/pages -sudo mount -o bind /var/www/pages /var/www/disroot.lan/user/pages -chown www-data:www-data -R /var/www/disroot.lan/user/pages -sudo -u www-data ln -s /var/www/grav-theme-disroot /var/www/disroot.lan/user/themes/disroot +sudo mount -o bind /var/www/pages "${WEB_ROOT}""${WEB_NAME}"/user/pages +chown "${WWW_USER}":"${WWW_USER}" -R "${WEB_ROOT}""${WEB_NAME}"/user/pages +sudo -u www-data ln -s /var/www/grav-theme-disroot "${WEB_ROOT}""${WEB_NAME}"/user/themes/disroot exit 0 diff --git a/vagrant/provision/etc/apache2/sites-available/disroot.lan.conf b/vagrant/provision/etc/apache2/sites-available/disroot.lan.conf deleted file mode 100644 index e62baaab..00000000 --- a/vagrant/provision/etc/apache2/sites-available/disroot.lan.conf +++ /dev/null @@ -1,20 +0,0 @@ - - ServerName V_DOMAIN_NAME - - DocumentRoot /var/www/V_DOMAIN_NAME - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - - php_admin_value upload_max_filesize 100M - php_admin_value max_file_uploads 50 - - - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined - diff --git a/vagrant/provision/etc/nginx/sites-available/disroot.lan.conf b/vagrant/provision/etc/nginx/sites-available/disroot.lan.conf new file mode 100644 index 00000000..46bf4b85 --- /dev/null +++ b/vagrant/provision/etc/nginx/sites-available/disroot.lan.conf @@ -0,0 +1,39 @@ +server { + listen 80 ; + + root /var/www/disroot.lan; + index index.html index.php; + server_name grav.disroot.org; + server_tokens off; + add_header X-XSS-Protection "1; mode=block"; + + + location / { + try_files $uri $uri/ /index.php?_url=$uri&$query_string; + } + + location /favicon.ico { + alias /var/www/disroot.lan/favicon.png; + } + + # deny all direct access for these folders + location ~* /(.git|cache|bin|logs|backup|tests)/.*$ { return 403; } + + # deny running scripts inside core system folders + location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } + + # deny running scripts inside user folder + location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } + + # deny access to specific files in the root folder + location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; } + + location ~ \.php$ { + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; + } + +}