A collection of startup and build scripts for configuring a production ready LEMP stack
- Ubuntu 20.04+ (May work on other Debian flavours but no promises)
Entry point when running in interactive mode; Steps the user through the process
Configures system info and access; installs any required packages
- Sets the system hostname
- Updates system, including distro
- Sets up a new user with passwordless sudo (not required on AWS)
- Adds the user's nominated key to authorized_keys (not required on AWS)
- Disables root login and password authentication (not required on AWS)
- Installs Fish and makes it the default shell
- Sets up unattended upgrades for updates (not just security updates)
- Downloads sources for Nginx, ngx_cache_purge module and any depenencies
- Compiles Nginx from source with ngx_cache_purge (used with Nginx FastCGI cache)
- Installs the compiled Nginx .deb package
- Installs MariaDB
- Installs PHP (FPM) and the following additional modules - MySQL, XML, Curl, GD, Mbstring
- Installs Certbot for working with Lets Encrypt
Configures Nginx and sets up SSL
- Sets up the server document root
- Installs configuration stubs for Nginx including some useful Nginx defaults
- Configures server blocks, adding correct project info
- Obtains an SSL certificate from Lets Encrypt using Certbot
- Generates stronger Diffie-Hellman parameters
- Enables SSL and sets up canonical domain redirects
cd ~wget https://github.com/mattpfeffer/system-prep/archive/v1.1.1.tar.gztar -xzf v1.1.1.tar.gzmv system-prep-1.1.1 system-prepchmod u+x system-prep/start.sh
cd ~/system-prep./start.sh- Follow the prompts
build.sh can be run as a startup script on platforms such as AWS, Digital Ocean and Vultr.
- Change the values under 'Defaults' to reflect your use case
- Save to the relevant area of your target platform (e.g. AWS)
- Ensure you select the script when launching your instance