more fonction and some ascii :)

assets/apache2.conf

@@ -0,0 +1,277 @@
+# This is the main Apache server configuration file.  It contains the
+# configuration directives that give the server its instructions.
+# See http://httpd.apache.org/docs/2.2/ for detailed information about
+# the directives and /usr/share/doc/apache2-common/README.Debian.gz about
+# Debian specific hints.
+#
+#
+# Summary of how the Apache 2 configuration works in Debian:
+# The Apache 2 web server configuration in Debian is quite different to
+# upstream's suggested way to configure the web server. This is because Debian's
+# default Apache2 installation attempts to make adding and removing modules,
+# virtual hosts, and extra configuration directives as flexible as possible, in
+# order to make automating the changes and administering the server as easy as
+# possible.
+
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `--  ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf.d
+# | `-- *
+#   `-- sites-enabled
+#   `-- *
+#
+#
+# * apache2.conf is the main configuration file (this file). It puts the pieces
+#   together by including all remaining configuration files when starting up the
+#   web server.
+#
+#   In order to avoid conflicts with backup files, the Include directive is
+#   adapted to ignore files that:
+#   - do not begin with a letter or number
+#   - contain a character that is neither letter nor number nor _-:.
+#   - contain .dpkg
+#
+#   Yet we strongly suggest that all configuration files either end with a
+#   .conf or .load suffix in the file name. The next Debian release will
+#   ignore files not ending with .conf (or .load for mods-enabled).
+#
+# * ports.conf is always included from the main configuration file. It is
+#   supposed to determine listening ports for incoming connections, and which
+#   of these ports are used for name based virtual hosts.
+#
+# * Configuration files in the mods-enabled/ and sites-enabled/ directories
+#   contain particular configuration snippets which manage modules or virtual
+#   host configurations, respectively.
+#
+#   They are activated by symlinking available configuration files from their
+#   respective *-available/ counterparts. These should be managed by using our
+#   helpers a2enmod/a2dismod, a2ensite/a2dissite. See
+#   their respective man pages for detailed information.
+#
+# * Configuration files in the conf.d directory are either provided by other
+#   packages or may be added by the local administrator. Local additions
+#   should start with local- or end with .local.conf to avoid name clashes. All
+#   files in conf.d are considered (excluding the exceptions noted above) by
+#   the Apache 2 web server.
+#
+# * The binary is called apache2. Due to the use of environment variables, in
+#   the default configuration, apache2 needs to be started/stopped with
+#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
+#   work with the default configuration.
+
+
+# Global configuration
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE!  If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation (available
+# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+#ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+LockFile ${APACHE_LOCK_DIR}/accept.lock
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+##
+## Server-Pool Size Regulation (MPM specific)
+##
+
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxClients: maximum number of server processes allowed to start
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_prefork_module>
+    StartServers          5
+    MinSpareServers       5
+    MaxSpareServers      10
+    MaxClients          150
+    MaxRequestsPerChild   0
+</IfModule>
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
+#              graceful restart. ThreadLimit can only be changed by stopping
+#              and starting Apache.
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxClients: maximum number of simultaneous client connections
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_worker_module>
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          150
+    MaxRequestsPerChild   0
+</IfModule>
+
+# event MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxClients: maximum number of simultaneous client connections
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_event_module>
+    StartServers          1
+    MinSpareThreads       2
+    MaxSpareThreads       5
+    ThreadLimit           20
+    ThreadsPerChild       20
+    MaxClients            60
+    MaxRequestsPerChild   5000
+</IfModule>
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives.  See also the AllowOverride
+# directive.
+#
+
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<Files ~ "^\.ht">
+    Order allow,deny
+    Deny from all
+    Satisfy all
+</Files>
+
+# TuxLite. Better to put this block here compared to Debian's default
+<Directory />
+    Options -Indexes FollowSymLinks
+    AllowOverride All
+    Order allow,deny
+    allow from all
+</Directory>
+
+#
+# DefaultType is the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value.  If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+# It is also possible to omit any default MIME type and let the
+# client's browser guess an appropriate action instead. Typically the
+# browser will decide based on the file's extension then. In cases
+# where no good assumption can be made, letting the default MIME type
+# unset is suggested  instead of forcing the browser to accept
+# incorrect  metadata.
+#
+DefaultType None
+
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see the comments above for details.
+
+# Include generic snippets of statements
+Include conf.d/
+
+# Include the virtual host configurations:
+Include sites-enabled/
+

gitbarrerepos.sh

@@ -0,0 +1,64 @@
+#!/bin/sh
+# bachir soussi chiadmi
+
+# get the current position
+_cwd="$(pwd)"
+
+
+while [ "$_bare_name" = "" ]
+do
+read -p "enter the bare repos folder name ? " _host_name
+if [ "$_bare_name" != "" ]; then
+  read -p "is bare folder name $_bare_name correcte [y|n] " validated
+  if [ "$validated" = "y" ]; then
+    break
+  else
+    _bare_name=""
+  fi
+fi
+done
+
+
+while [ "$_prod_folder_path" = "" ]
+do
+read -p "enter the prod folder path folder name ? " _host_name
+if [ "$_bare_name" != "" ]; then
+  read -p "is prod folder path $_prod_folder_path correcte [y|n] " validated
+  if [ "$validated" = "y" ]; then
+    break
+  else
+    _prod_folder_path=""
+  fi
+fi
+done
+
+
+# setup bare repositorie to push to
+
+mkdir ~/git-repositories
+mkdir ~/git-repositories/"$_bare_name".git
+cd ~/git-repositories/"$_bare_name".git
+git init --bare
+
+# setup git repo on site folder
+cd "$_prod_folder_path"
+git init
+# link to the bare repo
+git remote add origin /home/"$USER"/git-repositories/"$_bare_name".git
+
+# create hooks that will update the site repo
+cd ~
+cp "$_cwd"/assets/git-pre-receive /home/"$USER"/git-repositories/"$_bare_name".git/hooks/pre-receive
+cp "$_cwd"/assets/git-post-receive /home/"$USER"/git-repositories/"$_bare_name".git/hooks/post-receive
+
+sed -ir "s/PRODDIR=\"www\"/PRODDIR=\/srv\/www\/$_bare_name\/public_html/g" /home/"$USER"/git-repositories/"$_bare_name".git/hooks/pre-receive
+sed -ir "s/PRODDIR=\"www\"/PRODDIR=\/srv\/www\/$_bare_name\/public_html/g" /home/"$USER"/git-repositories/"$_bare_name".git/hooks/post-receive
+
+cd /home/"$USER"/git-repositories/"$_bare_name".git/hooks/
+chmod +x post-receive pre-receive
+
+# done
+echo "git repos for $_bare_name install succeed"
+echo "your site stay now to /home/$USER/www/$_bare_name"
+echo "you can push updates on prod branch through $USER@IP.IP.IP.IP:git-repositories/$_bare_name.git"
+echo "* * *"

install-debian-server.sh

@@ -7,7 +7,14 @@
 # http://web-74.com/blog/reseaux/gerer-le-deploiement-facilement-avec-git/
 #
 
-
+echo '\033[95m
+    ____       __    _                                                  _            __        ____
+   / __ \___  / /_  (_)___ _____     ________  ______   _____  _____   (_)___  _____/ /_____ _/ / /
+  / / / / _ \/ __ \/ / __ `/ __ \   / ___/ _ \/ ___/ | / / _ \/ ___/  / / __ \/ ___/ __/ __ `/ / /
+ / /_/ /  __/ /_/ / / /_/ / / / /  (__  )  __/ /   | |/ /  __/ /     / / / / (__  ) /_/ /_/ / / /
+/_____/\___/_.___/_/\__,_/_/ /_/  /____/\___/_/    |___/\___/_/     /_/_/ /_/____/\__/\__,_/_/_/
+
+\033[0m'
 echo "\033[35;1mThis script has been tested only on Linux Debian 7 \033[0m"
 echo "Please run this script as root"
 
@@ -19,32 +26,61 @@ if [ "$yn" != "y" ]; then
   exit
 fi
 
-echo "* * *"
-
+echo '\033[95m
+   __  ______  __________  ___    ____  ______
+  / / / / __ \/ ____/ __ \/   |  / __ \/ ____/
+ / / / / /_/ / / __/ /_/ / /| | / / / / __/
+/ /_/ / ____/ /_/ / _, _/ ___ |/ /_/ / /___
+\____/_/    \____/_/ |_/_/  |_/_____/_____/
+\033[0m'
 apt-get update
 apt-get upgrade
 
 # get the current position
 _cwd="$(pwd)"
 
+echo '\033[95m
+    __  _____    ____  ____  _______   __
+   / / / /   |  / __ \/ __ \/ ____/ | / /
+  / /_/ / /| | / /_/ / / / / __/ /  |/ /
+ / __  / ___ |/ _, _/ /_/ / /___/ /|  /
+/_/ /_/_/  |_/_/ |_/_____/_____/_/ |_/
+\033[0m'
+
 echo "\033[35;1mInstalling harden \033[0m"
-sleep 5
+sleep 3
 apt-get install harden
 echo "Harden instaled"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+    ______________  _______       _____    __    __
+   / ____/  _/ __ \/ ____/ |     / /   |  / /   / /
+  / /_   / // /_/ / __/  | | /| / / /| | / /   / /
+ / __/ _/ // _, _/ /___  | |/ |/ / ___ |/ /___/ /___
+/_/   /___/_/ |_/_____/  |__/|__/_/  |_/_____/_____/
+\033[0m'
 
 echo "\033[35;1mInstalling ufw and setup firewall (allowing only ssh and http) \033[0m"
-sleep 5
+sleep 3
 apt-get install ufw
 ufw allow ssh
 ufw allow http
 ufw enable
 ufw status verbose
 echo "ufw installed and firwall configured"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+   __  _______ __________
+  / / / / ___// ____/ __ \
+ / / / /\__ \/ __/ / /_/ /
+/ /_/ /___/ / /___/ _, _/
+\____//____/_____/_/ |_|
+\033[0m'
 
 echo "\033[35;1mCreate new user (you will be asked a user name and a password) \033[0m"
-sleep 5
+sleep 3
 echo -n "Enter user name: "
 read user
 # read -p "Continue? (Y/N): " confirm && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
@@ -54,7 +90,15 @@ groupadd admin
 usermod -a -G admin "$user"
 dpkg-statoverride --update --add root admin 4750 /bin/su
 echo "user $user configured"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+   __________ __  __
+  / ___/ ___// / / /
+  \__ \\__ \/ /_/ /
+ ___/ /__/ / __  /
+/____/____/_/ /_/
+\033[0m'
 
 while [ "$securssh" != "y" ] && [ "$securssh" != "n" ]
 do
@@ -67,30 +111,66 @@ if [ "$securssh" = "y" ]; then
   sed -i 's/PermitRootLogin\ yes/PermitRootLogin no/g' /etc/ssh/sshd_config
   sed -i 's/PermitEmptyPasswords\ yes/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
   sed -i 's/Protocol\ [0-9]/Protocol 2/g' /etc/ssh/sshd_config
+  service ssh reload
   echo "SSH secured"
 else
   echo 'root user can stile coonect through ssh'
 fi
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
 
 echo "\033[35;1mInstalling AMP web server \033[0m"
+
+echo '\033[95m
+    ___                     __        ___
+   /   |  ____  ____ ______/ /_  ___ |__ \
+  / /| | / __ \/ __ `/ ___/ __ \/ _ \__/ /
+ / ___ |/ /_/ / /_/ / /__/ / / /  __/ __/
+/_/  |_/ .___/\__,_/\___/_/ /_/\___/____/
+      /_/
+\033[0m'
+
 echo "\033[35;1mInstalling Apache2 \033[0m"
-sleep 5
+sleep 3
 apt-get install apache2
 a2enmod rewrite
+cat "$_cwd"/assets/apache2.conf > /etc/apache2/apache2.conf
+# Change logrotate for Apache2 log files to keep 10 days worth of logs
+sed -i 's/\tweekly/\tdaily/' /etc/logrotate.d/apache2
+sed -i 's/\trotate .*/\trotate 10/' /etc/logrotate.d/apache2
+# Remove Apache server information from headers.
+sed -i 's/ServerTokens .*/ServerTokens Prod/' /etc/apache2/conf.d/security
+sed -i 's/ServerSignature .*/ServerSignature Off/' /etc/apache2/conf.d/security
 service apache2 restart
 echo "Apache2 installed"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+    __  ___                 __
+   /  |/  /_  ___________ _/ /
+  / /|_/ / / / / ___/ __ `/ /
+ / /  / / /_/ (__  ) /_/ / /
+/_/  /_/\__, /____/\__, /_/
+       /____/        /_/
+\033[0m'
 
 echo "\033[35;1minstalling Mysql \033[0m"
-sleep 5
+sleep 3
 apt-get install mysql-server
 mysql_secure_installation
 echo "mysql installed"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+    ____  __  ______
+   / __ \/ / / / __ \
+  / /_/ / /_/ / /_/ /
+ / ____/ __  / ____/
+/_/   /_/ /_/_/
+\033[0m'
 
 echo "\033[35;1mInstalling PHP \033[0m"
-sleep 5
+sleep 3
 apt-get install php5 php-pear php5-gd
 echo "Configuring PHP"
 cp /etc/php5/apache2/php.ini /etc/php5/apache2/php.ini.back
@@ -109,13 +189,29 @@ chown www-data /var/log/php
 
 apt-get install php5-mysql
 echo "php installed"
-echo "* * *"
-
-echo "\033[35;1mInstalling Awstat \033[0m"
-sleep 5
-apt-get install awstats
-echo "Awstat installed"
-echo "* * *"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+           __          __  ___      ___       __          _
+    ____  / /_  ____  /  |/  /_  __/   | ____/ /___ ___  (_)___
+   / __ \/ __ \/ __ \/ /|_/ / / / / /| |/ __  / __ `__ \/ / __ \
+  / /_/ / / / / /_/ / /  / / /_/ / ___ / /_/ / / / / / / / / / /
+ / .___/_/ /_/ .___/_/  /_/\__, /_/  |_\__,_/_/ /_/ /_/_/_/ /_/
+/_/         /_/           /____/
+\033[0m'
+
+echo "\033[35;1mInstalling phpMyAdmin \033[0m"
+apt-get install phpmyadmin
+echo "phpMyAdmin installed"
+echo "033[92;1m* * *033[Om"
+
+echo '\033[95m
+        __               __
+ _   __/ /_  ____  _____/ /_
+| | / / __ \/ __ \/ ___/ __/
+| |/ / / / / /_/ (__  ) /_
+|___/_/ /_/\____/____/\__/
+\033[0m'
 
 echo "\033[35;1mVHOST install \033[0m"
 while [ "$vh" != "y" ] && [ "$vh" != "n" ]
@@ -124,7 +220,6 @@ echo -n "Should we install a vhost? [y|n] "
 read vh
 # vh=${vh:-y}
 done
-
 if [ "$vh" = "y" ]; then
 
   while [ "$_host_name" = "" ]
@@ -164,58 +259,111 @@ if [ "$vh" = "y" ]; then
 else
   echo "Vhost installation aborted"
 fi
-echo "* * *"
+echo "033[92;1m* * *033[Om"
 
-#installing better prompt and some goodies for root
-echo "\033[35;1mInstalling shell prompt for root \033[0m"
-sleep 5
-git clone git://github.com/bachy/dotfiles-server.git ~/.dotfiles-server && cd ~/.dotfiles-server && ./install.sh && cd ~
-source ~/.bashrc
-echo "done"
-echo "* * *"
-
-#    __  _______ __________
-#   / / / / ___// ____/ __ \
-#  / / / /\__ \/ __/ / /_/ /
-# / /_/ /___/ / /___/ _, _/
-# \____//____/_____/_/ |_|
-
-# setup user environment
-echo "\033[35;1mInstalling shell prompt for $user \033[0m"
-sleep 5
-sudo -u $user -H sh -c "cd ~; git clone git://github.com/bachy/dotfiles-server.git ~/.dotfiles-server && cd ~/.dotfiles-server && ./install.sh && cd ~"
-echo "done"
-echo "* * *"
+echo '\033[95m
+    ___                __        __
+   /   |_      _______/ /_____ _/ /_
+  / /| | | /| / / ___/ __/ __ `/ __/
+ / ___ | |/ |/ (__  ) /_/ /_/ / /_
+/_/  |_|__/|__/____/\__/\__,_/\__/
+\033[0m'
 
-# setup bare repositorie to push to
-echo "\033[35;1msetup git repositorie \033[0m"
-while [ "$gr" != "y" ] && [ "$gr" != "n" ]
-do
-echo -n "Should we install a git repos for $_host_name in $user home? [y|n] "
-read gr
-done
+echo "\033[35;1mInstalling Awstat \033[0m"
+sleep 3
+apt-get install awstats
+# Configure AWStats
+temp=`grep -i sitedomain /etc/awstats/awstats.conf.local | wc -l`
+if [ $temp -lt 1 ]; then
+    echo SiteDomain="$_host_name" >> /etc/awstats/awstats.conf.local
+fi
+# Disable Awstats from executing every 10 minutes. Put a hash in front of any line.
+sed -i 's/^[^#]/#&/' /etc/cron.d/awstats
+echo "Awstat installed"
+echo "033[92;1m* * *033[Om"
+
+
+echo '\033[95m
+  ______________  _______
+ /_  __/ ____/  |/  / __ \
+  / / / __/ / /|_/ / /_/ /
+ / / / /___/ /  / / ____/
+/_/ /_____/_/  /_/_/
+\033[0m'
+
+function check_tmp_secured {
+
+  temp1=`grep -w "/var/tempFS /tmp ext3 loop,nosuid,noexec,rw 0 0" /etc/fstab | wc -l`
+  temp2=`grep -w "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" /etc/fstab | wc -l`
+
+  if [ $temp1  -gt 0 ] || [ $temp2 -gt 0 ]; then
+      return 1
+  else
+      return 0
+  fi
+} # End function check_tmp_secured
+
+function secure_tmp_tmpfs {
+
+  cp /etc/fstab /etc/fstab.bak
+  # Backup /tmp
+  cp -Rpf /tmp /tmpbackup
+
+  rm -rf /tmp
+  mkdir /tmp
 
-sudo -u $user -H sh -c "mkdir ~/git-repositories; mkdir ~/git-repositories/$_host_name.git; cd ~/git-repositories/$_host_name.git; git init --bare"
+  mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp
+  chmod 1777 /tmp
+  echo "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" >> /etc/fstab
 
-# setup git repo on site folder
-cd /srv/www/"$_host_name"/public_html/
-git init
-# link to the bare repo
-git remote add origin /home/"$user"/git-repositories/"$_host_name".git
+  # Restore /tmp
+  cp -Rpf /tmpbackup/* /tmp/ >/dev/null 2>&1
 
-# create hooks that will update the site repo
-cd ~
-cp "$_cwd"/assets/git-pre-receive /home/"$user"/git-repositories/"$_host_name".git/hooks/pre-receive
-cp "$_cwd"/assets/git-post-receive /home/"$user"/git-repositories/"$_host_name".git/hooks/post-receive
+  #Remove old tmp dir
+  rm -rf /tmpbackup
 
-sed -ir "s/PRODDIR=\"www\"/PRODDIR=\/srv\/www\/$_host_name\/public_html/g" /home/"$user"/git-repositories/"$_host_name".git/hooks/pre-receive
-sed -ir "s/PRODDIR=\"www\"/PRODDIR=\/srv\/www\/$_host_name\/public_html/g" /home/"$user"/git-repositories/"$_host_name".git/hooks/post-receive
+  # Backup /var/tmp and link it to /tmp
+  mv /var/tmp /var/tmpbackup
+  ln -s /tmp /var/tmp
+
+  # Copy the old data back
+  cp -Rpf /var/tmpold/* /tmp/ >/dev/null 2>&1
+  # Remove old tmp dir
+  rm -rf /var/tmpbackup
+
+  echo -e "\033[35;1m /tmp and /var/tmp secured using tmpfs. \033[0m"
+} # End function secure_tmp_tmpfs
+
+check_tmp_secured
+if [ $? = 0  ]; then
+    secure_tmp_tmpfs
+else
+    echo -e "\033[35;1mFunction canceled. /tmp already secured. \033[0m"
+fi
+
+echo '\033[95m
+    ____                             __
+   / __ \_________  ____ ___  ____  / /_
+  / /_/ / ___/ __ \/ __ `__ \/ __ \/ __/
+ / ____/ /  / /_/ / / / / / / /_/ / /_
+/_/   /_/   \____/_/ /_/ /_/ .___/\__/
+                          /_/
+\033[0m'
+
+#installing better prompt and some goodies for root
+echo "\033[35;1mInstalling shell prompt for root \033[0m"
+sleep 3
+git clone git://github.com/bachy/dotfiles-server.git ~/.dotfiles-server && cd ~/.dotfiles-server && ./install.sh && cd ~
+source ~/.bashrc
+echo "done"
+echo "033[92;1m* * *033[Om"
 
-cd /home/"$user"/git-repositories/"$_host_name".git/hooks/
-chmod +x post-receive pre-receive
+echo '\033[95m
+                  __
+  ___  ____  ____/ /
+ / _ \/ __ \/ __  /
+/  __/ / / / /_/ /
+\___/_/ /_/\__,_/
+\033[0m'
 
-# done
-echo "git repos for $_host_name install succeed"
-echo "your site stay now to /home/$user/www/$_host_name"
-echo "you can push updates on prod branch through $user@IP.IP.IP.IP:git-repositories/$_host_name.git"
-echo "* * *"
+echo "\033[35;1m* * script done * * \033[0m"

prompt.sh

@@ -0,0 +1,9 @@
+
+# setup user environment
+echo "\033[35;1mInstalling shell prompt \033[0m"
+sleep 3
+git clone git://github.com/bachy/dotfiles-server.git ~/.dotfiles-server && cd ~/.dotfiles-server && ./install.sh
+source ~/.bashrc
+echo "done"
+echo "* * *"
+