admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

case 4586

Browse Source
This commit is contained in:
John Cardinal
2024-05-11 01:38:33 +00:00
parent d0ab3ea096
commit c93b5d9efc
1 changed files with 119 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
dist/8..2-ayiinit.sh vendored Normal file
View File

@@ -0,0 +1,119 @@
#!/bin/bash
# 1) create new droplet **DO NOT PICK IPV6 just the monitoring option**
# 2) immediately set subdomain name in networking
# 3) Add droplet into raven-server-standard-firewall
# 4) check DNS available using https://letsdebug.net/
# 5) Open putty, select X.onayanova.com, change ip to new droplet domain name and open it
# 6) apt-get update && apt-get dist-upgrade reboot
# 7) TRIAL: make calendar entry 8 days hence to decommision and blueberry color reminder 0 days 11am
# 8) nano ayinit.sh paste in this
# 9) CHANGE the values at the top of the script to the desired time zone (see rfdocs for list) and subdomain, Save and exit nano
# 9) chmod a+x ayinit.sh
# 10) ./ayinit.sh
# Done. If trial use response email template from rfdocs and set server path
TIMEZONE='America/Los_Angeles'
DOMAINNAME='nexttest.onayanova.com'
#############################
echo STARTING...
timedatectl set-timezone $TIMEZONE
# should already be done above
# apt-get update
# apt-get dist-upgrade -y
dpkg-reconfigure unattended-upgrades
echo SET SWAP FILE
fallocate -l 1G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
echo 'vm.swappiness=10' | sudo tee -a /etc/sysctl.conf
echo 'vm.vfs_cache_pressure=50' | sudo tee -a /etc/sysctl.conf
echo INSTALL .NET CORE
apt-get install -y aspnetcore-runtime-8.0
echo INSTALL POSTGRESQL
sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get -y install postgresql
sudo -u postgres psql -U postgres -d postgres -c "alter user postgres with password 'YOUR_PASSWORD_HERE';"
echo INSTALL REPORTING LIBS
# sudo apt-get install -yq gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 libgbm1 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget
sudo apt-get install -yq gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release libgbm-dev xdg-utils wget
# MORE TESTING IN LATEST UBUNTU NEEDED: sudo apt-get install libatk-bridge2.0-0 libxcomposite-dev libgbm-dev libxdamage1 libxrandr2
echo INSTALL AYANOVA
apt install zip unzip -y
mkdir /var/ayanova
mkdir /var/ayanova/data
mkdir /var/ayanova/Chrome
mkdir /var/ayanova/ChromeHeadlessShell
cd /var/ayanova
# NEXT VERSION FOR TESTING CHANGE FOR PRODUCTION
curl -O https://www.ayanova.com/download/next/ayanova-subscription-linux-x64-server.zip && unzip -o ayanova-subscription-linux-x64-server.zip
chown -vR :www-data /var/ayanova
chmod -R g+rw /var/ayanova/data
chmod -R g+rwx /var/ayanova/Chrome
chmod -R g+rwx /var/ayanova/ChromeHeadlessShell
chmod g+rw /var/ayanova/
echo '[Unit]' >> /etc/systemd/system/ayanova.service
echo 'Description=AyaNova server' >> /etc/systemd/system/ayanova.service
echo '' >> /etc/systemd/system/ayanova.service
echo '[Service]' >> /etc/systemd/system/ayanova.service
echo 'WorkingDirectory=/var/ayanova' >> /etc/systemd/system/ayanova.service
echo 'ExecStart=/usr/bin/dotnet /var/ayanova/AyaNova.dll' >> /etc/systemd/system/ayanova.service
echo 'Restart=always' >> /etc/systemd/system/ayanova.service
echo 'RestartSec=10' >> /etc/systemd/system/ayanova.service
echo 'KillSignal=SIGINT' >> /etc/systemd/system/ayanova.service
echo 'SyslogIdentifier=ayanova-server' >> /etc/systemd/system/ayanova.service
echo 'User=www-data' >> /etc/systemd/system/ayanova.service
echo 'Environment=ASPNETCORE_ENVIRONMENT=Production' >> /etc/systemd/system/ayanova.service
echo 'Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false' >> /etc/systemd/system/ayanova.service
echo '' >> /etc/systemd/system/ayanova.service
echo '[Install]' >> /etc/systemd/system/ayanova.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ayanova.service
systemctl enable ayanova.service
echo START AYANOVA SERVICE
systemctl start ayanova.service
echo INSTALL NGINX
apt install nginx -y
echo 'server {' > /etc/nginx/sites-available/default
echo ' listen 80;' >> /etc/nginx/sites-available/default
echo " server_name $DOMAINNAME;" >> /etc/nginx/sites-available/default
echo ' location / {' >> /etc/nginx/sites-available/default
echo ' add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;' >> /etc/nginx/sites-available/default
echo ' add_header X-XSS-Protection "1; mode=block" always;' >> /etc/nginx/sites-available/default
echo ' add_header X-Content-Type-Options "nosniff" always;' >> /etc/nginx/sites-available/default
echo ' add_header X-Frame-Options "SAMEORIGIN" always;' >> /etc/nginx/sites-available/default
echo ' add_header Referrer-Policy "strict-origin" always;' >> /etc/nginx/sites-available/default
echo ' gzip on;' >> /etc/nginx/sites-available/default
echo ' gzip_vary on;' >> /etc/nginx/sites-available/default
echo ' gzip_min_length 10240;' >> /etc/nginx/sites-available/default
echo ' gzip_proxied expired no-cache no-store private auth;' >> /etc/nginx/sites-available/default
echo ' gzip_http_version 1.1;' >> /etc/nginx/sites-available/default
echo ' gzip_types application/javascript text/css application/json text/plain;' >> /etc/nginx/sites-available/default
echo '' >> /etc/nginx/sites-available/default
echo ' proxy_pass http://127.0.0.1:7575;' >> /etc/nginx/sites-available/default
echo ' proxy_http_version 1.1;' >> /etc/nginx/sites-available/default
echo ' proxy_set_header Upgrade $http_upgrade;' >> /etc/nginx/sites-available/default
echo ' proxy_set_header Connection keep-alive;' >> /etc/nginx/sites-available/default
echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/default
echo ' proxy_cache_bypass $http_upgrade;' >> /etc/nginx/sites-available/default
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/default
echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/default
echo ' proxy_connect_timeout 3600;' >> /etc/nginx/sites-available/default
echo ' proxy_send_timeout 3600;' >> /etc/nginx/sites-available/default
echo ' proxy_read_timeout 3600;' >> /etc/nginx/sites-available/default
echo ' send_timeout 3600; ' >> /etc/nginx/sites-available/default
echo ' client_max_body_size 25M;' >> /etc/nginx/sites-available/default
echo ' }' >> /etc/nginx/sites-available/default
echo '}' >> /etc/nginx/sites-available/default
systemctl restart nginx
echo INSTALL CERTBOT
apt install certbot python3-certbot-nginx -y
echo GET CERTIFICATE
certbot --nginx --noninteractive --agree-tos --email ops@onayanova.com --no-eff-email -d $DOMAINNAME
echo ...COMPLETED