some updates for buster

2019-10-21 16:00:06 +02:00 · 2019-10-21 16:00:06 +02:00 · 67b84ed088
commit 67b84ed088
parent 4ce386eeed
17 changed files with 117 additions and 110 deletions
--- a/assets/knockd.conf
+++ b/assets/knockd.conf
@ -18,7 +18,7 @@
 [SSH]
      sequence    = 7000,8000,9000
      seq_timeout = 5
-      # TODO do not limit port 22 to the ip as it don't work with 4G connection
+      # do not limit port 22 to the ip as it don't work with 4G connection
      # start_command = ufw insert 1 allow from %IP% to any port 22
      start_command = ufw allow ssh
      tcpflags    = syn
--- a/bin/autoupdate.sh
+++ b/bin/autoupdate.sh
@ -17,7 +17,7 @@ if [ "$EUID" -ne 0 ]; then
 fi

 echo "\033[35;1mInstalling apticron \033[0m"
-apt-get --yes --force-yes install apticron
+apt-get --yesinstall apticron

 sleep 3
 echo -n "Enter an email: "
--- a/bin/email.sh
+++ b/bin/email.sh
@ -28,7 +28,7 @@ fi

 # http://www.sycha.com/lamp-setup-debian-linux-apache-mysql-php#anchor13
 sleep 2
-apt-get --yes --force-yes install exim4
+apt-get --yesinstall exim4
 echo "\033[35;1mConfiguring EXIM4 \033[0m"
 while [ "$configexim" != "y" ] && [ "$configexim" != "n" ]
 do
--- a/bin/fail2ban.sh
+++ b/bin/fail2ban.sh
@ -2,14 +2,14 @@

 # TODO check if root

-echo -e '\033[35m
+echo '\033[35m
    ______      _ _____   __
   / ____/___ _(_) /__ \ / /_  ____ _____
  / /_  / __ `/ / /__/ // __ \/ __ `/ __ \
 / __/ / /_/ / / // __// /_/ / /_/ / / / /
 /_/    \__,_/_/_//____/_.___/\__,_/_/ /_/
 \033[0m'
-echo -e "\033[35;1mInstalling fall2ban \033[0m"
+echo "\033[35;1mInstalling fall2ban \033[0m"

 if [ "$EUID" -ne 0 ]; then
  echo "Please run as root"
@ -17,10 +17,10 @@ if [ "$EUID" -ne 0 ]; then
 fi

 sleep 2
-apt-get --yes --force-yes install fail2ban
+apt-get --yesinstall fail2ban
 cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
 # ToDo ask for email and configure jail.local with it
 touch /var/log/auth.log
 systemctl enable fail2ban
 systemctl restart fail2ban
-echo -e "\033[92;1mfail2ban installed and configured\033[Om"
+echo "\033[92;1mfail2ban installed and configured\033[Om"
--- a/bin/firewall.sh
+++ b/bin/firewall.sh
@ -2,14 +2,14 @@

 # TODO check if root

-echo -e '\033[35m
+echo '\033[35m
    ______________  _______       _____    __    __
   / ____/  _/ __ \/ ____/ |     / /   |  / /   / /
  / /_   / // /_/ / __/  | | /| / / /| | / /   / /
 / __/ _/ // _, _/ /___  | |/ |/ / ___ |/ /___/ /___
 /_/   /___/_/ |_/_____/  |__/|__/_/  |_/_____/_____/
 \033[0m'
-echo -e "\033[35;1mInstalling ufw and setup firewall (allowing only ssh and http) \033[0m"
+echo "\033[35;1mInstalling ufw and setup firewall (allowing only ssh and http) \033[0m"

 if [ "$EUID" -ne 0 ]; then
  echo "Please run as root"
@ -17,7 +17,7 @@ if [ "$EUID" -ne 0 ]; then
 fi

 sleep 2
-apt-get --yes --force-yes install ufw
+apt-get --yesinstall ufw
 # ufw allow ssh # knockd will open the ssh port
 ufw allow http
 ufw allow https
@ -26,4 +26,4 @@ ufw allow https

 ufw enable
 ufw status verbose
-echo -e "\033[92;1mufw installed and firwall configured\033[Om"
+echo "\033[92;1mufw installed and firwall configured\033[Om"
--- a/bin/ftp.sh
+++ b/bin/ftp.sh
@ -28,7 +28,7 @@ if [ ! -d "$_assets" ]; then
 fi

 echo "installing proftpd"
-apt-get --yes --force-yes install proftpd
+apt-get --yesinstall proftpd
 while [ "$_server_name" = "" ]
 do
 read -p "enter a server name ? " _server_name
--- a/bin/gitbarrerepos.sh
+++ b/bin/gitbarrerepos.sh
@ -4,14 +4,14 @@
 # get the current position
 _cwd="$(pwd)"

-echo -e '\033[35m
+echo '\033[35m
   _______ __
  / ____(_) /_
 / / __/ / __/
 / /_/ / / /_
 \____/_/\__/
 \033[0m'
-echo -e "\033[35;1mCreate new git barre repos and deploy script\033[0m"
+echo "\033[35;1mCreate new git barre repos and deploy script\033[0m"
 echo "Git barre repo will be installed in chosen user home directory"
 echo "git prod repos will be installed in public_html directory of provided domain, the domain have to exists as shortcut in chosen user/www before running this script. Please run first vhost.sh script and say yes to the question create a shortcut !"

@ -51,7 +51,7 @@ if [ "$vh" = "yes" ]; then
            user=""
          fi
        else
-          echo -e "user $user doesn't exists, you must provide an existing user"
+          echo "user $user doesn't exists, you must provide an existing user"
          user=""
        fi
      fi
--- a/bin/knockd.sh
+++ b/bin/knockd.sh
@ -2,14 +2,14 @@

 # TODO check if root

-echo -e '\033[35m
+echo '\033[35m
    __                    __       __
   / /______  ____  _____/ /______/ /
  / //_/ __ \/ __ \/ ___/ //_/ __  /
 / ,< / / / / /_/ / /__/ ,< / /_/ /
 /_/|_/_/ /_/\____/\___/_/|_|\__,_/
 \033[0m'
-echo -e "\033[35;1mInstalling knockd to control ssh port opening\033[0m"
+echo "\033[35;1mInstalling knockd to control ssh port opening\033[0m"

 if [ "$EUID" -ne 0 ]; then
  echo "Please run as root"
@ -29,7 +29,7 @@ if [ ! -d "$_assets" ]; then
 fi

 sleep 2
-apt-get --yes --force-yes install knockd
+apt-get --yesinstall knockd

 mv /etc/knockd.conf /etc/knockd.conf.ori
 cp "$_assets"/knockd.conf /etc/knockd.conf
@ -50,7 +50,7 @@ Alias=knockd.service" >> /lib/systemd/system/knockd.service
 systemctl enable knockd
 systemctl start knockd

-echo -e "\033[92;1mknockd installed and configured\033[Om"
-echo -e "\033[92;1mplease note this sequence for future ssh knocking\033[Om"
+echo "\033[92;1mknockd installed and configured\033[Om"
+echo "\033[92;1mplease note this sequence for future ssh knocking\033[Om"
 echo "$sq"
 sleep 3
--- a/bin/lemp.sh
+++ b/bin/lemp.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-echo -e '\033[35m
+echo '\033[35m
    __
   / /__  ____ ___  ____
  / / _ \/ __ `__ \/ __ \
@ -8,10 +8,10 @@ echo -e '\033[35m
 /_/\___/_/ /_/ /_/ .___/
                /_/
 \033[0m'
-echo -e "\033[35;1mLEMP server (Nginx Mysql Php-fpm) \033[0m"
+echo "\033[35;1mLEMP server (Nginx Mysql Php-fpm) \033[0m"

 if [ "$EUID" -ne 0 ]; then
-  echo -e "Please run as root"
+  echo "Please run as root"
  exit
 fi

@ -29,7 +29,7 @@ fi

 sleep 2

-echo -e '\033[35m
+echo '\033[35m
    __  ___                 __
   /  |/  /_  ___________ _/ /
  / /|_/ / / / / ___/ __ `/ /
@ -37,32 +37,32 @@ echo -e '\033[35m
 /_/  /_/\__, /____/\__, /_/
       /____/        /_/
 \033[0m'
-echo -e "\033[35;1minstalling Mysql \033[0m"
+echo "\033[35;1minstalling Mysql \033[0m"
 sleep 3
-apt-get --yes --force-yes install mariadb-server
+apt-get --yesinstall mariadb-server
 mysql_secure_installation

 cp "$_assets"/mysql/innodb-file-per-table.cnf /etc/mysql/conf.d/

 systemctl enable mariadb.service
 systemctl restart mariadb.service
-echo -e "\033[92;1mmysql installed\033[Om"
+echo "\033[92;1mmysql installed\033[Om"

-echo -e '\033[35m
+echo '\033[35m
    ____  __  ______
   / __ \/ / / / __ \
  / /_/ / /_/ / /_/ /
 / ____/ __  / ____/
 /_/   /_/ /_/_/
 \033[0m'
-echo -e "\033[35;1mInstalling PHP 7.0 \033[0m"
+echo "\033[35;1mInstalling PHP 7.0 \033[0m"
 sleep 3
-apt-get --yes --force-yes install php7.0-fpm php7.0-mysql php7.0-opcache php7.0-curl php7.0-mbstring php7.0-zip php7.0-xml php7.0-gd php7.0-mcrypt php-memcached php7.0-imagick
+apt-get --yesinstall php7.0-fpm php7.0-mysql php7.0-opcache php7.0-curl php7.0-mbstring php7.0-zip php7.0-xml php7.0-gd php7.0-mcrypt php-memcached php7.0-imagick

 mv /etc/php/7.0/fpm/php.ini /etc/php/7.0/fpm/php.ini.back
 cp "$_assets"/php-fpm.ini /etc/php/7.0/fpm/php.ini

-echo -e "Configuring PHP"
+echo "Configuring PHP"

 mkdir /var/log/php
 chown www-data /var/log/php
@ -71,16 +71,16 @@ cp "$_assets"/logrotate-php /etc/logrotate.d/php
 systemctl enable php7.0-fpm
 systemctl start php7.0-fpm

-# echo -e "Installing memecached"
+# echo "Installing memecached"
 # replaced by redis
-# apt-get --yes --force-yes install memcached
+# apt-get --yesinstall memcached
 # sed -i "s/-m\s64/-m 128/g" /etc/memcached.conf
 #
 # systemctl start memcached

-echo -e "\033[92;1mphp installed\033[Om"
+echo "\033[92;1mphp installed\033[Om"

-echo -e '\033[35m
+echo '\033[35m
    _   __      _
   / | / /___ _(_)___  _  __
  /  |/ / __ `/ / __ \| |/_/
@ -88,17 +88,17 @@ echo -e '\033[35m
 /_/ |_/\__, /_/_/ /_/_/|_|
      /____/
 \033[0m'
-echo -e "\033[35;1mInstalling Nginx \033[0m"
+echo "\033[35;1mInstalling Nginx \033[0m"
 sleep 3
-apt-get --yes --force-yes install nginx
+apt-get --yesinstall nginx
 mv /etc/nginx/sites-available/default /etc/nginx/sites-available/default.ori
 cp "$_assets"/default.nginxconf /etc/nginx/sites-available/default

 systemctl enable nginx
 systemctl restart nginx
-echo -e "\033[92;1mNginx installed\033[Om"
+echo "\033[92;1mNginx installed\033[Om"

-echo -e '\033[35m
+echo '\033[35m
           __          __  ___      ___       __          _
    ____  / /_  ____  /  |/  /_  __/   | ____/ /___ ___  (_)___
   / __ \/ __ \/ __ \/ /|_/ / / / / /| |/ __  / __ `__ \/ / __ \
@ -106,32 +106,32 @@ echo -e '\033[35m
 / .___/_/ /_/ .___/_/  /_/\__, /_/  |_\__,_/_/ /_/ /_/_/_/ /_/
 /_/         /_/           /____/
 \033[0m'
-echo -e "\033[35;1mInstalling phpMyAdmin \033[0m"
-apt-get --yes --force-yes install phpmyadmin
+echo "\033[35;1mInstalling phpMyAdmin \033[0m"
+apt-get --yesinstall phpmyadmin
 ln -s /usr/share/phpmyadmin /var/www/html/
 cp "$_assets"/nginx-phpmyadmin.conf > /etc/nginx/sites-available/phpmyadmin.conf
 ln -s /etc/nginx/sites-available/phpmyadmin.conf /etc/nginx/sites-enabled/phpmyadmin.conf

-# echo -e "\033[35;1msecuring phpMyAdmin \033[0m"
+# echo "\033[35;1msecuring phpMyAdmin \033[0m"
 # sed -i "s/DirectoryIndex index.php/DirectoryIndex index.php\nAllowOverride all/"
 # cp "$_assets"/phpmyadmin_htaccess > /usr/share/phpmyadmin/.htaccess
 # echo -n "define a user name for phpmyadmin : "
 # read un
 # htpasswd -c /etc/phpmyadmin/.htpasswd $un
 # service apache2 restart
-echo -e "\033[92;1mphpMyAdmin installed\033[Om"
-echo -e "\033[92;1mYou can access it at yourip/phpmyadmin\033[Om"
+echo "\033[92;1mphpMyAdmin installed\033[Om"
+echo "\033[92;1mYou can access it at yourip/phpmyadmin\033[Om"

-echo -e '\033[35m
+echo '\033[35m
    ____           ___
   / __ \___  ____/ (_)____
  / /_/ / _ \/ __  / / ___/
 / _, _/  __/ /_/ / (__  )
 /_/ |_|\___/\__,_/_/____/
 \033[0m'
-echo -e "\033[35;1mInstalling Redis \033[0m"
+echo "\033[35;1mInstalling Redis \033[0m"
 sleep 3
-apt-get --yes --force-yes install redis-server php-redis
+apt-get --yesinstall redis-server php-redis

 # TODO set maxmemory=2gb
 # TODO set maxmemory-policy=volatile-lru
@ -141,9 +141,9 @@ apt-get --yes --force-yes install redis-server php-redis
 systemctl enable redis-server
 systemctl restart redis-server
 systemctl restart php7.0-fpm
-echo -e "\033[92;1mRedis installed\033[Om"
+echo "\033[92;1mRedis installed\033[Om"

-echo -e '\033[35m
+echo '\033[35m
   ______
  / ____/___  ____ ___  ____  ____  ________  _____
 / /   / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/
@ -151,42 +151,42 @@ echo -e '\033[35m
 \____/\____/_/ /_/ /_/ .___/\____/____/\___/_/
                    /_/
 \033[0m'
-echo -e "\033[35;1mInstalling Composer \033[0m"
+echo "\033[35;1mInstalling Composer \033[0m"
 sleep 3
 export COMPOSER_HOME=/usr/local/composer
 curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer

-echo -e "\033[92;1mComposer installed\033[Om"
+echo "\033[92;1mComposer installed\033[Om"


-echo -e '\033[35m
+echo '\033[35m
    ____                  __
   / __ \_______  _______/ /_
  / / / / ___/ / / / ___/ __ \
 / /_/ / /  / /_/ (__  ) / / /
 /_____/_/   \__,_/____/_/ /_/
 \033[0m'
-echo -e "\033[35;1mInstalling Drush and DrupalConsole\033[0m"
+echo "\033[35;1mInstalling Drush and DrupalConsole\033[0m"
 sleep 3
 curl https://drupalconsole.com/installer -L -o /usr/local/bin/drupal
 chmod +x /usr/local/bin/drupal
 curl https://github.com/drush-ops/drush-launcher/releases/download/0.6.0/drush.phar -L -o /usr/local/bin/drush
 chmod +x /usr/local/bin/drush
-echo -e "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"
+echo "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"



 # TODO supervising
-# echo -e '\033[35m
+# echo '\033[35m
 #    __  ___          _ __      __  __  ___          _
 #   /  |/  /__  ___  (_) /_   _/_/ /  |/  /_ _____  (_)__
 #  / /|_/ / _ \/ _ \/ / __/ _/_/  / /|_/ / // / _ \/ / _ \
 # /_/  /_/\___/_//_/_/\__/ /_/   /_/  /_/\_,_/_//_/_/_//_/
 # \033[0m'
-# echo -e "\033[35;1mInstalling Munin \033[0m"
+# echo "\033[35;1mInstalling Munin \033[0m"
 # sleep 3
 # # https://www.howtoforge.com/tutorial/server-monitoring-with-munin-and-monit-on-debian/
-# apt-get --yes --force-yes install munin munin-node munin-plugins-extra
+# apt-get --yesinstall munin munin-node munin-plugins-extra
 # # Configure Munin
 # # enable plugins
 # ln -s /usr/share/munin/plugins/mysql_ /etc/munin/plugins/mysql_
@ -220,12 +220,12 @@ echo -e "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"
 #
 # service apache2 restart
 # service munin-node restart
-# echo -e "\033[92;1mMunin installed\033[Om"
+# echo "\033[92;1mMunin installed\033[Om"
 #
-# echo -e "\033[35;1mInstalling Monit \033[0m"
+# echo "\033[35;1mInstalling Monit \033[0m"
 # sleep 3
 # # https://www.howtoforge.com/tutorial/server-monitoring-with-munin-and-monit-on-debian/2/
-# apt-get --yes --force-yes install monit
+# apt-get --yesinstall monit
 # # TODO setup monit rc
 # cat "$_assets"/monitrc > /etc/monit/monitrc
 #
@ -241,7 +241,7 @@ echo -e "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"
 #     sed -i 's/PASSWD_TO_REPLACE/$passwda/g' /etc/monit/monitrc
 #     passok=1
 #   else
-#     echo -e "pass words don't match, please try again"
+#     echo "pass words don't match, please try again"
 #   fi
 # done
 #
@ -249,23 +249,23 @@ echo -e "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"
 # sed -i "s/server1\.example\.com/$HOSTNAME/g" /etc/monit/monitrc
 #
 # mkdir /var/www/html/monit
-# echo -e "hello" > /var/www/html/monit/token
+# echo "hello" > /var/www/html/monit/token
 #
 # service monit start
 #
-# echo -e "\033[92;1mMonit installed\033[Om"
+# echo "\033[92;1mMonit installed\033[Om"


-# echo -e '\033[35m
+# echo '\033[35m
 #     ___                __        __
 #    /   |_      _______/ /_____ _/ /_
 #   / /| | | /| / / ___/ __/ __ `/ __/
 #  / ___ | |/ |/ (__  ) /_/ /_/ / /_
 # /_/  |_|__/|__/____/\__/\__,_/\__/
 # \033[0m'
-# echo -e "\033[35;1mInstalling Awstat \033[0m"
+# echo "\033[35;1mInstalling Awstat \033[0m"
 # sleep 3
-# apt-get --yes --force-yes install awstats
+# apt-get --yesinstall awstats
 # # Configure AWStats
 # temp=`grep -i sitedomain /etc/awstats/awstats.conf.local | wc -l`
 # if [ $temp -lt 1 ]; then
@ -273,4 +273,4 @@ echo -e "\033[92;1mDrush and DrupalConsoleinstalled\033[Om"
 # fi
 # # Disable Awstats from executing every 10 minutes. Put a hash in front of any line.
 # sed -i 's/^[^#]/#&/' /etc/cron.d/awstats
-# echo -e "\033[92;1mAwstat installed\033[Om"
+# echo "\033[92;1mAwstat installed\033[Om"
--- a/bin/misc.sh
+++ b/bin/misc.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-echo -e '\033[35m
+echo '\033[35m
    __  ____
   /  |/  (_)_________
  / /|_/ / / ___/ ___/
@ -15,16 +15,17 @@ if [ "$EUID" -ne 0 ]; then
 fi

 sleep 2
-apt-get --yes --force-yes install vim curl
+# TODO --force-yes is deprecated, use one of the options starting with --allow instead.
+apt-get --yesinstall vim curl
 sed -i "s/^# en_GB.UTF-8/en_GB.UTF-8/g" /etc/locale.gen
 locale-gen
-apt-get --yes --force-yes install ntp
+apt-get --yesinstall ntp
 dpkg-reconfigure tzdata
-apt-get --yes --force-yes install tmux etckeeper needrestart htop lynx unzip
+apt-get --yesinstall tmux etckeeper needrestart htop lynx unzip

 # TODO cron
 # https://askubuntu.com/questions/56683/where-is-the-cron-crontab-log/121560#121560



-echo -e "\033[92;1mMisc done \033[Om"
+echo "\033[92;1mMisc done \033[Om"
--- a/bin/mysqlbackup.sh
+++ b/bin/mysqlbackup.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-echo -e '\033[35m
+echo '\033[35m
  __  __               _   ___          _
 |  \/  |_  _ ___ __ _| | | _ ) __ _ __| |___  _ _ __ ___
 | |\/| | || (_-</ _  | | | _ \/ _  / _| / / || |  _ (_-<
--- a/bin/urbackup.sh
+++ b/bin/urbackup.sh
@ -1,7 +1,7 @@
 #!/bin/sh


-echo -e '\033[35m
+echo '\033[35m
  _   _     _             _                ___ _    _         _
 | | | |_ _| |__  __ _ __| |___  _ _ __   / __| |  (_)___ _ _| |_
 | |_| |  _|  _ \/ _` / _| / / || |  _ \ | (__| |__| / -_)   \  _|
--- a/bin/user.sh
+++ b/bin/user.sh
@ -1,13 +1,13 @@
 #!/bin/sh

-echo -e '\033[35m
+echo '\033[35m
   __  _______ __________
  / / / / ___// ____/ __ \
 / / / /\__ \/ __/ / /_/ /
 / /_/ /___/ / /___/ _, _/
 \____//____/_____/_/ |_|
 \033[0m'
-echo -e "\033[35;1mCreate new user (you will be asked a user name and a password) \033[0m"
+echo "\033[35;1mCreate new user (you will be asked a user name and a password) \033[0m"

 if [ "$EUID" -ne 0 ]; then
  echo "Please run as root"
@ -37,12 +37,17 @@ do
  fi
 done

+# TODO 
+# ./install.sh: 42: bin/user.sh: adduser: not found
+# adding dev to admin group and limiting su to the admin group
+# ./install.sh: 44: bin/user.sh: groupadd: not found
+# ./install.sh: 45: bin/user.sh: usermod: not found
+# dpkg-statoverride: error: group 'admin' does not exist

-# read -p "Continue? (Y/N): " confirm && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
 adduser "$user"
 echo "adding $user to admin group and limiting su to the admin group"
 groupadd admin
 usermod -a -G admin "$user"
 # allow admin group to su
 dpkg-statoverride --update --add root admin 4750 /bin/su
-echo -e "\033[92;1muser $user configured\033[Om"
+echo "\033[92;1muser $user configured\033[Om"
--- a/bin/vhost.sh
+++ b/bin/vhost.sh
@ -1,12 +1,12 @@

-echo -e '\033[35m
+echo '\033[35m
        __               __
 _   __/ /_  ____  _____/ /_
 | | / / __ \/ __ \/ ___/ __/
 | |/ / / / / /_/ (__  ) /_
 |___/_/ /_/\____/____/\__/
 \033[0m'
-echo -e "\033[35;1mNginx VHOST install \033[0m"
+echo "\033[35;1mNginx VHOST install \033[0m"
 while [ "$vh" != "y" ] && [ "$vh" != "n" ]
 do
  echo -n "Should we install a vhost? [y|n] "
@ -50,8 +50,8 @@ if [ "$vh" = "y" ]; then
  # ask for let's encrypt
  while [ "$_letsencrypt" != "yes" ] && [ "$_letsencrypt" != "no" ]
  do
-    echo -e "\033[35;1mLet's encrypt \033[0m"
-    echo -e "Let's encrypt needs a public registered domain name with proper DNS records ( A records or CNAME records for subdomains pointing to your server)."
+    echo "\033[35;1mLet's encrypt \033[0m"
+    echo "Let's encrypt needs a public registered domain name with proper DNS records ( A records or CNAME records for subdomains pointing to your server)."
    echo -n "Should we install let's encrypt certificate with $_domain? [yes|no] "
    read _letsencrypt
  done
@ -61,7 +61,7 @@ if [ "$vh" = "y" ]; then
  # lets'encrypt
  # https://certbot.eff.org/lets-encrypt/debianstretch-nginx
  if [ "$_letsencrypt" = "yes" ]; then
-    apt-get --yes --force-yes install certbot
+    apt-get --yesinstall certbot
    certbot certonly --standalone -d "$_domain" --cert-name "$_domain"
    # TODO stop the whole process if letsencrypt faile
    mkdir -p /etc/nginx/ssl/certs/"$_domain"
@ -69,7 +69,7 @@ if [ "$vh" = "y" ]; then
    # renewing
    touch /var/spool/cron/crontabs/root
    crontab -l > mycron
-    echo -e "0 3 * * * certbot renew --pre-hook 'systemctl stop nginx' --post-hook 'systemctl start nginx' --cert-name $_domain" >> mycron
+    echo "0 3 * * * certbot renew --pre-hook 'systemctl stop nginx' --post-hook 'systemctl start nginx' --cert-name $_domain" >> mycron
    crontab mycron
    rm mycron
  fi
@ -124,14 +124,14 @@ if [ "$vh" = "y" ]; then
              user=""
            fi
          else
-            echo -e "user $user doesn't exists, you must provide an existing user"
+            echo "user $user doesn't exists, you must provide an existing user"
            user=""
          fi
        fi
      done
    fi

-    echo -e "shortcut will be installed for '$user'";
+    echo "shortcut will be installed for '$user'";
    sleep 3

    mkdir /home/"$user"/www/
@ -140,14 +140,14 @@ if [ "$vh" = "y" ]; then
    chown "$user":admin /home/"$user"/www/"$_domain"

  else
-    echo -e 'no shortcut installed'
+    echo 'no shortcut installed'
  fi
  # activate the vhost
  ln -s /etc/nginx/sites-available/"$_domain".conf /etc/nginx/sites-enabled/"$_domain".conf

  # restart nginx
  systemctl start nginx
-  echo -e "\033[92;1mvhost $_domain configured \033[Om"
+  echo "\033[92;1mvhost $_domain configured \033[Om"
 else
-  echo -e "Vhost installation aborted"
+  echo "Vhost installation aborted"
 fi
--- a/bin/zabbix.sh
+++ b/bin/zabbix.sh
@ -1,7 +1,7 @@
 #!/bin/sh


-echo -e '\033[35m
+echo '\033[35m
 _____         __    __    _
 /__  /  ____ _/ /_  / /_  (_)  __
  / /  / __ `/ __ \/ __ \/ / |/_/
@ -112,6 +112,6 @@ ufw allow from "$_ip" to any port 22
 systemctl restart zabbix-agent
 systemctl enable zabbix-agent

-echo -e "\033[92;1mZabbix-agent installed and configured, please add the host $_host_name in your zabbix-server \033[Om"
-echo -e "\033[92;1mAnd import requested templates in assets/zabbix/templates/ \033[Om"
-echo -e "\033[92;1mzabbix user mysql password is $_passwd \033[Om"
+echo "\033[92;1mZabbix-agent installed and configured, please add the host $_host_name in your zabbix-server \033[Om"
+echo "\033[92;1mAnd import requested templates in assets/zabbix/templates/ \033[Om"
+echo "\033[92;1mzabbix user mysql password is $_passwd \033[Om"
--- a/install.sh
+++ b/install.sh
@ -5,7 +5,7 @@
 # http://web-74.com/blog/reseaux/gerer-le-deploiement-facilement-avec-git/
 #

-echo -e '\033[35m
+echo '\033[35m
    ____       __    _                _____
   / __ \___  / /_  (_)___ _____     / ___/___  ______   _____  _____
  / / / / _ \/ __ \/ / __ `/ __ \    \__ \/ _ \/ ___/ | / / _ \/ ___/
@ -13,10 +13,10 @@ echo -e '\033[35m
 /_____/\___/_.___/_/\__,_/_/ /_/   /____/\___/_/    |___/\___/_/

 \033[0m'
-echo -e "\033[35;1mThis script has been tested only on Linux Debian 9 \033[0m"
+echo "\033[35;1mThis script has been tested only on Linux Debian 10 \033[0m"

 if [ "$EUID" -ne 0 ]; then
-  echo -e "Please run as root"
+  echo "Please run as root"
  exit
 fi

@ -24,7 +24,7 @@ echo -n "Should we start? [Y|n] "
 read yn
 yn=${yn:-y}
 if [ "$yn" != "y" ]; then
-  echo -e "aborting script!"
+  echo "aborting script!"
  exit
 fi

@ -48,7 +48,7 @@ done
 if [ "$securssh" = "yes" ]; then
  . bin/ssh.sh
 else
-  echo -e 'root user can still conect through ssh'
+  echo 'root user can still conect through ssh'
 fi


@ -58,7 +58,7 @@ yn=${yn:-y}
 if [ "$yn" = "y" ]; then
  . bin/ftp.sh
 else
-  echo -e 'ftp server not installed'
+  echo 'ftp server not installed'
 fi

 while [ "$lemp" != "yes" ] && [ "$lemp" != "no" ]
@ -69,7 +69,7 @@ done
 if [ "$lemp" = "yes" ]; then
  . bin/lemp.sh
 else
-  echo -e 'lemp server not installed'
+  echo 'lemp server not installed'
 fi

 while [ "$_install_vhost" != "yes" ] && [ "$_install_vhost" != "no" ]
@ -80,7 +80,7 @@ done
 if [ "$_install_vhost" = "yes" ]; then
  . bin/vhost.sh
 else
-  echo -e 'no vhost installed'
+  echo 'no vhost installed'
 fi

 while [ "$_install_zabbix_agent" != "yes" ] && [ "$_install_zabbix_agent" != "no" ]
@ -91,7 +91,7 @@ done
 if [ "$_install_zabbix_agent" = "yes" ]; then
  . bin/zabbix.sh
 else
-  echo -e 'zabbix-agent not installed'
+  echo 'zabbix-agent not installed'
 fi

 while [ "$_install_urbackup" != "yes" ] && [ "$_install_urbackup" != "no" ]
@ -102,14 +102,14 @@ done
 if [ "$_install_urbackup" = "yes" ]; then
  . bin/urbackup.sh
 else
-  echo -e 'urbackup client not installed'
+  echo 'urbackup client not installed'
 fi


 . bin/dotfiles.sh
 # . bin/autoupdate.sh

-# echo -e '\033[35m
+# echo '\033[35m
 #   ______________  _______
 #  /_  __/ ____/  |/  / __ \
 #   / / / __/ / /|_/ / /_/ /
@ -139,7 +139,7 @@ fi

 #   mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp
 #   chmod 1777 /tmp
-#   echo -e "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" >> /etc/fstab
+#   echo "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" >> /etc/fstab

 #   # Restore /tmp
 #   cp -Rpf /tmpbackup/* /tmp/ >/dev/null 2>&1
@ -156,14 +156,14 @@ fi
 #   # Remove old tmp dir
 #   rm -rf /var/tmpbackup

-#   echo -e "\033[35;1m /tmp and /var/tmp secured using tmpfs. \033[0m"
+#   echo "\033[35;1m /tmp and /var/tmp secured using tmpfs. \033[0m"
 # } # End function secure_tmp_tmpfs

 # check_tmp_secured
 # if [ $? = 0  ]; then
 #     secure_tmp_tmpfs
 # else
-#     echo -e "\033[35;1mFunction canceled. /tmp already secured. \033[0m"
+#     echo "\033[35;1mFunction canceled. /tmp already secured. \033[0m"
 # fi

 # TODO add warning message on ssh connection if system needs updates
@ -172,11 +172,11 @@ fi



-echo -e '\033[35m
+echo '\033[35m
                  __
  ___  ____  ____/ /
 / _ \/ __ \/ __  /
 /  __/ / / / /_/ /
 \___/_/ /_/\__,_/
 \033[0m'
-echo -e "\033[35;1m* * script done * * \033[0m"
+echo "\033[35;1m* * script done * * \033[0m"
--- a/readme.md
+++ b/readme.md
@ -4,7 +4,8 @@ Fail2ban, Ufw, Proftpd, Knockd, Nginx, Mariadb, php7.0-fpm, redis, vhosts, git b

 ## how to use it
 on a fresh install
-as root
+
+All commands below are run as root user. Either log in as root user directly or log in as your normal user and then use the command ```su -``` to become root user on your server before you proceed. IMPORTANT: You must use ```su -``` and not just ```su```, otherwise your PATH variable is set wrong by Debian.

 1 install git
 ```