misc fixes

2023-11-19 11:04:50 +01:00 · 2023-11-19 11:04:50 +01:00 · c409589eab
commit c409589eab
parent 0cc2b94c7e
5 changed files with 65 additions and 1 deletions
--- a/assets/deploy-drupal.sh
+++ b/assets/deploy-drupal.sh
@ -6,6 +6,7 @@ cd ./public_html
 echo ""
 echo "Pulling down latest code."
 git pull --ff-only origin prod
+git submodule update --remote --recursive
 echo ""
 echo "Clearing drush caches."
 drush cache-clear drush
--- a/assets/drupal-ssl.nginxconf
+++ b/assets/drupal-ssl.nginxconf
@ -116,7 +116,7 @@ server {
    fastcgi_intercept_errors on;
    # fastcgi_buffer_size 16k;
    # fastcgi_buffers 4 16k;
-    fastcgi_pass unix:/run/php/php8.2-fpm.sock;
+    fastcgi_pass unix:/run/php/php8.1-fpm.sock;
  }
  # Fighting with Styles? This little gem is amazing.
  # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
--- a/bin/nfs.sh
+++ b/bin/nfs.sh
@ -0,0 +1,44 @@
+#!/bin/sh
+
+echo -e '\033[35m
+        __     
+ _ __  / _|___ 
+|  _ \| |_/ __|
+| | | |  _\__ \
+|_| |_|_| |___/
+                
+\033[0m'
+echo -e "\033[35;1mLEMP server (Nginx Mysql Php-fpm) \033[0m"
+
+
+apt install nfs-kernel-server
+vim /etc/exports 
+mkdir /home/proxmox-backup
+mkdir /home/urbackup
+
+ufw allow from 37.187.134.71 to any port nfs
+ufw allow from 37.187.134.71 to any port 111
+ufw allow proto udp from 37.187.134.71 to any port 32764:32769
+ufw allow proto tcp from 37.187.134.71 to any port 32764:32769
+
+ufw allow from 37.187.93.155 to any port nfs
+ufw allow from 37.187.93.155 to any port 111
+ufw allow proto udp from 37.187.93.155 to any port 32764:32769
+ufw allow proto tcp from 37.187.93.155 to any port 32764:32769
+
+ufw allow from 37.187.128.147 to any port nfs
+ufw allow from 37.187.128.147 to any port 111
+ufw allow proto udp from 37.187.128.147 to any port 32764:32769
+ufw allow proto tcp from 37.187.128.147 to any port 32764:32769
+
+
+ufw allow from 94.23.8.104 to any port nfs
+ufw allow from 94.23.8.104 to any port 111
+ufw allow proto udp from 94.23.8.104 to any port 32764:32769
+ufw allow proto tcp from 94.23.8.104 to any port 32764:32769
+
+systemctl restart nfs-server
+systemctl enable nfs-server
+
+vim /etc/ufw/user.rules
+
--- a/bin/webhook.sh
+++ b/bin/webhook.sh
@ -116,4 +116,6 @@ systemctl restart webhook

 ufw allow 9000

+echo "webhook done"
+echo "you can configure your webhook trigger with the following url :"
 echo "http://$_domain:9000/hooks/deploy_app_$_id"
--- a/readme.md
+++ b/readme.md
@ -32,6 +32,23 @@ chmod a+x install.sh

 ```

+5 steps
+
+* misc.sh
+* dotfliles.sh
+* user.sh
+* ssh.sh
+* firewall.sh
+* fail2ban.sh
+* email.sh
+* lemp.sh
+* mysqlbackup.sh
+* vhost.sh
+* gitbarrerepos.sh
+* webhook.sh
+* urbackup.sh
+* zabbix.sh
+* 

 ## ref
 http://www.debian.org/doc/manuals/securing-debian-howto/