/
autoLEMP.py
289 lines (224 loc) · 9.96 KB
/
autoLEMP.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
#!/usr/bin/env python
#here is where we import the subprocess package
from subprocess import Popen, PIPE,check_output #docs -- https://docs.python.org/2/library/subprocess.html
import webbrowser #for checking to see if our website has installed Nginx
import os #pretty standard import for operating system
#now that we loaded the package
#lets define a function that we can send terminal commands to run
def runCommand(someCommand):
"""test function just to show we can work with the terminal"""
print "Opening a terminal to execute: ",someCommand
proc = Popen(someCommand,stdout=PIPE,shell=True) #True opens a terminal instance using a string input
def runLocalCommand(someCommand):
"""this function opens a terminal instance and executes 'someCommand' but only does it locally """
print "Opening the terminal and using: ",someCommand
#proc = Popen(someCommand,stdout=PIPE,shell=True) #True opens its own terminal
proc = Popen(someCommand,shell=True)
proc_stdout = proc.communicate()
print proc_stdout
def runServerCommand(someCommand,user,whatIP):
"""this function adds the ssh user@server in front of the command to run instances on a server"""
#the key here was the "-t" flag and joining each command you send
#to the user@ip location
someCommand = "ssh -t "+user+"@"+whatIP+" '"+someCommand+"'"
print "Opening the Server running: ",someCommand
#proc = Popen(someCommand,stdout=PIPE,shell=True) #True opens its own terminal
proc = Popen(someCommand,shell=True)
proc_stdout = proc.communicate()[0]
print proc_stdout
#################Now explode the simple use to the make our LEMP Stack automation
"""
#HERE is the process --
#DISCLAIMER(s) -- if there are config files to edit -- which there are -- you are still going to have to refer to the tutorials
#to make sure you edit them correctly. This is just automating the bash commands for you
#also, this tutorial is meant for LINUX/UNIX only and is not made for Windows
0. Obtain a VPS through Digital Ocean by making a Droplet - know your IP (you can also purchase a URL if you want)
1. Connect to your Digital Ocean server from the terminal using SSH
-Tut = https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04
-skip = steps Four (and Five) could be skipped but that means you will have to enter your server passwd 2X more
2. Now we try and install LEMP
-Tut = https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04
3. Install Wordpress
-Tut = https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-16-04
4. Do LetsEncrypt -- now that you know how to run the server commands you got this
-Tut = https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
"""
def connectToServer(userAccount,whatIP):
bashCommand = 'ssh '+userAccount+'@'+whatIP+''
runLocalCommand(bashCommand)
def doServerUpdates(user,whatIP):
"""Good practice to always update your Linux when you first login"""
bash = 'sudo apt-get update && sudo apt-get upgrade'
runServerCommand(bash,user,whatIP)
def doUpdates():
"""this can do local linux updates"""
bash = 'sudo apt-get update && sudo apt-get upgrade'
runLocalCommand(bash)
def makeSudoUser(newUserName,whatIP):
"""adds the new user and gives them Sudo permission"""
makeNewUser = "adduser "+newUserName+""
runServerCommand(makeNewUser,'root',whatIP)
giveSudoPriv ="usermod -aG sudo "+newUserName+""
runServerCommand(giveSudoPriv,'root',whatIP)
def generateKeys(user,whatIP):
"""ONLY DO THIS ONCE!!"""
#removes any previous keys on both local and remote
b0 = "ssh-keygen -R "+whatIP+""
runLocalCommand(b0)
#this generates an RSA key locally
b1 = 'ssh-keygen'
runLocalCommand(b1)
#this copies that RSA to your remote server
b2 = 'ssh-copy-id '+user+'@'+whatIP+''
runLocalCommand(b2)
def setupFirewall(user,whatIP):
bash1 = 'sudo ufw app list' #just shows an an app list
bash2 = 'sudo ufw allow OpenSSH'
bash3 = 'sudo ufw enable'
bash4 = 'sudo ufw status'
bashes = [bash1,bash2,bash3,bash4]
for b in bashes:
runServerCommand(b,user,whatIP) #run b run!!
def installNginx(user,whatIP):
b1 = 'sudo apt-get update && sudo apt-get upgrade'
b2 = 'sudo apt-get install nginx'
b3 = "sudo ufw allow \'Nginx HTTP\'"
b4 = 'sudo ufw status'
#we know our domain IP -- so skip the icanhazip and the other one
bashes = [b1,b2,b3,b4]
for b in bashes:
runServerCommand(b,user,whatIP) #run b run!!
###at this point you should be up and running
##you can test by going to http://yourIP_or_domainName
b5 = "python -m webbrowser -t 'http://"+whatIP+"'"
runLocalCommand(b5)
def installMySQL(user,whatIP):
b1 = "sudo apt-get install mysql-server"
b2 = "sudo mysql_secure_installation"
##enter "Y" and enter 0 for a low security password...
##enter "Y" to the rest of the questions
bashes = [b1,b2]
for b in bashes:
runServerCommand(b,user,whatIP)
def installPHP(user,whatIP):
"""this takes some manual labor"""
b1 = "sudo apt-get install php-fpm php-mysql"
runServerCommand(b1,user,whatIP)
b2 = "sudo apt-get install php-fpm php-mysql"
runServerCommand(b2,user,whatIP)
##we need to configure the php.ini file manually by following
##Digital Ocean tutorial for /etc/php/7.0/fpm/php.ini
b3 = "sudo nano /etc/php/7.0/fpm/php.ini"
runServerCommand(b3,user,whatIP)
b4 = "sudo systemctl restart php7.0-fpm"
runServerCommand(b4,user,whatIP)
def configNginxPHP(user,whatIP):
"""this takes some manual labor"""
b1 = "sudo nano /etc/nginx/sites-available/default"
runServerCommand(b1,user,whatIP) #make the manual changes to config file
#test Nginx to see if you did it right
b2 = "sudo nano /etc/nginx/sites-available/default"
runServerCommand(b2,user,whatIP)
#restart Nginx
b3 = "sudo systemctl reload nginx"
runServerCommand(b3,user,whatIP)
def testInfoPHP(user,whatIP):
b1 = "sudo nano /var/www/html/info.php"
runServerCommand(b1,user,whatIP) #put in the PHP stuff from the tut
def checkForInfoPHP(user,whatIP):
b1 = "python -m webbrowser -t 'http://"+whatIP+"/info.php'"
runLocalCommand(b1)
def removeInfoPHP(user,whatIP):
b1 = "sudo rm /var/www/html/info.php"
runServerCommand(b1,user,whatIP)
def makeDBuser(user,whatIP):
b1="mysql -u root -p"
#db access stuff
runServerCommand(b1,user,whatIP)
def nginxAndWP(user,whatIP):
b1="sudo nano /etc/nginx/sites-available/default"
#change the sever block
runServerCommand(b1,user,whatIP)
b2="sudo nginx -t"
runServerCommand(b2,user,whatIP)
b3="sudo systemctl reload nginx"
runServerCommand(b3,user,whatIP)
def installPHPext(user,whatIP):
b1 = "sudo apt-get update && sudo apt-get install php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc"
runServerCommand(b1,user,whatIP)
#restart php
b2="sudo systemctl restart php7.0-fpm"
runServerCommand(b2,user,whatIP)
def downloadWP(user,whatIP):
b1 = "cd /tmp"
b2 = "curl -O https://wordpress.org/latest.tar.gz"
b3 = "tar xzvf latest.tar.gz"
b4 = "cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php"
b5 = "mkdir /tmp/wordpress/wp-content/upgrade"
b6 = "sudo cp -a /tmp/wordpress/. /var/www/html"
bashes = [b1,b2,b3,b4,b5,b6]
for b in bashes:
runServerCommand(b,user,whatIP)
def configWP(user,whatIP):
b1 = "sudo chown -R sammy:www-data /var/www/html"
b2 = "sudo find /var/www/html -type d -exec chmod g+s {} \;"
b3 = "sudo chmod g+w /var/www/html/wp-content"
b4 = "sudo chmod -R g+w /var/www/html/wp-content/themes"
b5 = "sudo chmod -R g+w /var/www/html/wp-content/plugins"
bashes = [b1,b2,b3,b4,b5]
for b in bashes:
runServerCommand(b,user,whatIP)
b6 = "curl -s https://api.wordpress.org/secret-key/1.1/salt/"
runServerCommand(b6,user,whatIP)
#this is where you have to copy the keys
b7 = "nano /var/www/html/wp-config.php"
runServerCommand(b7,user,whatIP)
def finishWP(user,whatIP):
b1 = "python -m webbrowser -t 'http://"+whatIP+""
runLocalCommand(b1)
def runOnce(newUser,myIP):
#first, we want to connect through SSH
connectToServer('root',myIP)
###make a new user name and give them SUDO permissions
newUser = newUser
makeSudoUser(newUser,myIP)
#generateKeys(newUser,myIP)
###test your sudo users access
connectToServer(newUser,myIP) #try and login as superuser
##generate a key
generateKeys(newUser,myIP)
def makeLEMP(newUser):
"""AUTOMATE MY LEMP install!!"""
###update the server
doServerUpdates(newUser,myIP)
###make sure to setup the firewall
setupFirewall(newUser,myIP)
#second, we want to install all the requirements following the tut
installNginx(newUser,myIP)
installMySQL(newUser,myIP)
installPHP(newUser,myIP) #you will need to do a manual part here for cgi.fix_pathinfo=0
configNginxPHP(newUser,myIP) #some more manual entering
testInfoPHP(newUser,myIP) #another manual enter for php
checkForInfoPHP(newUser,myIP) #shows the info page
removeInfoPHP(newUser,myIP) #dont forget to remove it
#third, now we go for Wordpress and make a database user
makeDBuser(newUser,myIP)
nginxAndWP(newUser,myIP)
installPHPext(newUser,myIP)
downloadWP(newUser,myIP)
configWP(newUser,myIP)
finishWP(newUser,myIP)
#if you are successful to this point -- this should work
b1 = "python -m webbrowser -t 'http://"+myIP+"'"
runLocalCommand(b1)
###first test
runCommand('cd ~/Desktop; ls; cd')
#if this worked you should see a list of whatever is on your desktop
###Globals
global myIP
global newUser
myIP = "YOUR IP ADD HERE"
newUser = "YOUR NEW USER NAME"
###Main Loop
#runOnce(newUser,myIP)
makeLEMP(newUser)