1 year ago · c409589eab
--- a/assets/deploy-drupal.sh
+++ b/assets/deploy-drupal.sh
@@ -6,6 +6,7 @@ cd ./public_html
 
				 echo ""
			
 
				 echo "Pulling down latest code."
			
 
				 git pull --ff-only origin prod
			
 
				+git submodule update --remote --recursive
			
 
				 echo ""
			
 
				 echo "Clearing drush caches."
			
 
				 drush cache-clear drush
			
--- a/assets/drupal-ssl.nginxconf
+++ b/assets/drupal-ssl.nginxconf
@@ -116,7 +116,7 @@ server {
 
				     fastcgi_intercept_errors on;
			
 
				     # fastcgi_buffer_size 16k;
			
 
				     # fastcgi_buffers 4 16k;
			
 
				-    fastcgi_pass unix:/run/php/php8.2-fpm.sock;
			
 
				+    fastcgi_pass unix:/run/php/php8.1-fpm.sock;
			
 
				   }
			
 
				   # Fighting with Styles? This little gem is amazing.
			
 
				   # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
			
--- a/bin/nfs.sh
+++ b/bin/nfs.sh
@@ -0,0 +1,44 @@
 
				+#!/bin/sh
			
 
				+
			
 
				+echo -e '\033[35m
			
 
				+        __     
			
 
				+ _ __  / _|___ 
			
 
				+|  _ \| |_/ __|
			
 
				+| | | |  _\__ \
			
 
				+|_| |_|_| |___/
			
 
				+                
			
 
				+\033[0m'
			
 
				+echo -e "\033[35;1mLEMP server (Nginx Mysql Php-fpm) \033[0m"
			
 
				+
			
 
				+
			
 
				+apt install nfs-kernel-server
			
 
				+vim /etc/exports 
			
 
				+mkdir /home/proxmox-backup
			
 
				+mkdir /home/urbackup
			
 
				+
			
 
				+ufw allow from 37.187.134.71 to any port nfs
			
 
				+ufw allow from 37.187.134.71 to any port 111
			
 
				+ufw allow proto udp from 37.187.134.71 to any port 32764:32769
			
 
				+ufw allow proto tcp from 37.187.134.71 to any port 32764:32769
			
 
				+
			
 
				+ufw allow from 37.187.93.155 to any port nfs
			
 
				+ufw allow from 37.187.93.155 to any port 111
			
 
				+ufw allow proto udp from 37.187.93.155 to any port 32764:32769
			
 
				+ufw allow proto tcp from 37.187.93.155 to any port 32764:32769
			
 
				+
			
 
				+ufw allow from 37.187.128.147 to any port nfs
			
 
				+ufw allow from 37.187.128.147 to any port 111
			
 
				+ufw allow proto udp from 37.187.128.147 to any port 32764:32769
			
 
				+ufw allow proto tcp from 37.187.128.147 to any port 32764:32769
			
 
				+
			
 
				+
			
 
				+ufw allow from 94.23.8.104 to any port nfs
			
 
				+ufw allow from 94.23.8.104 to any port 111
			
 
				+ufw allow proto udp from 94.23.8.104 to any port 32764:32769
			
 
				+ufw allow proto tcp from 94.23.8.104 to any port 32764:32769
			
 
				+
			
 
				+systemctl restart nfs-server
			
 
				+systemctl enable nfs-server
			
 
				+
			
 
				+vim /etc/ufw/user.rules
			
 
				+
			
--- a/bin/webhook.sh
+++ b/bin/webhook.sh
@@ -116,4 +116,6 @@ systemctl restart webhook
 
				 
			
 
				 ufw allow 9000
			
 
				 
			
 
				+echo "webhook done"
			
 
				+echo "you can configure your webhook trigger with the following url :"
			
 
				 echo "http://$_domain:9000/hooks/deploy_app_$_id"
			
--- a/readme.md
+++ b/readme.md
@@ -32,6 +32,23 @@ chmod a+x install.sh
 
				 
			
 
				 ```
			
 
				 
			
 
				+5 steps
			
 
				+
			
 
				+* misc.sh
			
 
				+* dotfliles.sh
			
 
				+* user.sh
			
 
				+* ssh.sh
			
 
				+* firewall.sh
			
 
				+* fail2ban.sh
			
 
				+* email.sh
			
 
				+* lemp.sh
			
 
				+* mysqlbackup.sh
			
 
				+* vhost.sh
			
 
				+* gitbarrerepos.sh
			
 
				+* webhook.sh
			
 
				+* urbackup.sh
			
 
				+* zabbix.sh
			
 
				+* 
			
 
				 
			
 
				 ## ref
			
 
				 http://www.debian.org/doc/manuals/securing-debian-howto/