#!/bin/bash
clear
# MAJ
#---------------------------------------------------#
pkg refresh --full ; sleep 2 ; pkg update ; sleep 5
# APACHE
#---------------------------------------------------#
pkg install pkg:/ooce/server/apache-24 ; sleep 5
# MARIADB 11.4
#---------------------------------------------------#
pkg install pkg:/ooce/database/mariadb-114 ; sleep 5
svcadm enable svc:/ooce/database/mariadb114:default ; sleep 10
mariadb-secure-installation ; sleep 5
svcadm restart svc:/ooce/database/mariadb114:default ; sleep 5
mysqladmin -uroot create joomla_db ; sleep 1 ; mysql -uroot -e"GRANT ALL ON joomla_db.* TO adminjoomla@localhost IDENTIFIED BY 'EtAvpk62G,efoky40968'" ; sleep 1
# PHP 8.3
#---------------------------------------------------#
pkg install pkg:/ooce/application/php-83 ; sleep 5
sed -i 's/;zend_extension=opcache/zend_extension=opcache/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
sed -i 's/session.cookie_httponly =/session.cookie_httponly = 1/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
# spécifique à Joomla :
sed -i 's/output_buffering = 4096/output_buffering = Off/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
usermod -G webservd php ; sleep 2
svcadm disable svc:/application/php83:default ; sleep 5 ; svcadm enable svc:/application/php83:default ; sleep 5
# joomla
#---------------------------------------------------#
# Download joomla Latest version and install it
pkg list -q wget | (pkg install wget ; sleep 5)
mkdir -p /var/www/joomla ; sleep 2 ; wget -O /var/www/joomla/joomla.zip https://downloads.joomla.org/cms/joomla5/5-2-2/Joomla_5-2-2-Stable-Full_Package.zip?format=zip ; sleep 2 ; cd /var/www/joomla ; sleep 2 ; unzip /var/www/joomla/joomla.zip ; sleep 2 ; rm /var/www/joomla/joomla.zip ; sleep 2
chown -R webservd:webservd /var/www/joomla
chmod -R 775 /var/www/joomla
# APACHE CONFIGURATION
#---------------------------------------------------#
mkdir -p /opt/ooce/apache-2.4/logs/ ; sleep 2 ; chown webservd:webservd /opt/ooce/apache-2.4/logs/ ; sleep 2 ; chmod 775 /opt/ooce/apache-2.4/logs/ ; sleep 2
cat << EOF > /etc/opt/ooce/apache-2.4/extra/joomla.conf
DocumentRoot "/var/www/joomla"
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/joomla-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/joomla-access_log" common
EOF
sleep 2
echo 'Include /etc/opt/ooce/apache-2.4/extra/joomla.conf' >> /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule proxy_module libexec\/mod_proxy.so/LoadModule proxy_module libexec\/mod_proxy.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule proxy_fcgi_module libexec\/mod_proxy_fcgi.so/LoadModule proxy_fcgi_module libexec\/mod_proxy_fcgi.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
svcadm enable svc:/network/http:apache24 ; sleep 5
# IPF
#---------------------------------------------------#
echo "pass in log quick proto tcp from any to any port = 80 keep state" >> /etc/ipf/ipf.conf ; sleep 2
ipf -Fa -f /etc/ipf/ipf.conf ; sleep 5
# PASSAGE EN HTTPS OU PAS
#---------------------------------------------------#
clear
echo "|-----------------------------------------"
echo "| INSTALLATION TERMINEE."
echo
echo "| joomla est déployé en HTTP."
echo "| Se connecter via un navigateur web : http://IP-SERVEUR"
echo
read -p "| Voulez-vous passer en HTTPS ? (O/N) " sslconfirm
echo
case $sslconfirm in
O|o)
pkg list -q pkg:/library/security/openssl || (pkg install pkg:/library/security/openssl ; sleep 5)
mkdir /etc/opt/ooce/apache-2.4/ssl ; sleep 2
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/opt/ooce/apache-2.4/ssl/joomla.key -out /etc/opt/ooce/apache-2.4/ssl/joomla.crt ; sleep 2
chown root:webservd /etc/opt/ooce/apache-2.4/ssl/joomla.key ; sleep 2
chmod 640 /etc/opt/ooce/apache-2.4/ssl/joomla.key ; sleep 2
cat << EOF > /etc/opt/ooce/apache-2.4/extra/joomla.conf
# -------------------------------------------------------------------
# Fichier unique : joomla.conf
# Gère joomla sur HTTP (80) et HTTPS (443) sans besoin de httpd-ssl.conf
# -------------------------------------------------------------------
# --- Écouter sur le port 80 (déjà fait par httpd.conf, mais si besoin) ---
# Listen 80
# --- Écouter sur le port 443 ---
Listen 443
# -------------------------------------------------------------------
# Configuration SSL globale
# -------------------------------------------------------------------
SSLSessionCache "shmcb:/var/opt/ooce/apache-2.4/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
# -------------------------------------------------------------------
# VirtualHost pour joomla en HTTP (port 80)
# -------------------------------------------------------------------
#ServerName mon-serveur.example.com
DocumentRoot "/var/www/joomla"
# --- Option : redirection directe vers HTTPS ---
RewriteEngine On
# Si vous ne voulez pas rediriger *tout* en HTTPS, vous pouvez commenter ces lignes :
RewriteRule ^(.*)$ https://mon-serveur.example.com\$1 [R=301,L]
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/joomla-http-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/joomla-http-access_log" common
# -------------------------------------------------------------------
# VirtualHost pour joomla en HTTPS (port 443)
# -------------------------------------------------------------------
#ServerName mon-serveur.example.com
DocumentRoot "/var/www/joomla"
# --- Active le SSL ---
SSLEngine on
# --- Vos certificats ---
SSLCertificateFile "/etc/opt/ooce/apache-2.4/ssl/joomla.crt"
SSLCertificateKeyFile "/etc/opt/ooce/apache-2.4/ssl/joomla.key"
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/joomla-ssl-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/joomla-ssl-access_log" common
EOF
sleep 2
sed -i 's/#LoadModule ssl_module libexec\/mod_ssl.so/LoadModule ssl_module libexec\/mod_ssl.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule rewrite_module libexec\/mod_rewrite.so/LoadModule rewrite_module libexec\/mod_rewrite.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
#sed -i 's/#Include \/etc\/opt\/ooce\/apache-2.4\/extra\/httpd-ssl.conf/Include \/etc\/opt\/ooce\/apache-2.4\/extra\/httpd-ssl.conf/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule socache_shmcb_module libexec\/mod_socache_shmcb.so/LoadModule socache_shmcb_module libexec\/mod_socache_shmcb.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/;session.cookie_secure =/session.cookie_secure = 1/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
svcadm disable svc:/application/php83:default ; sleep 5 ; svcadm enable svc:/application/php83:default ; sleep 5
svcadm restart apache24 ; sleep 5
echo "pass in log quick proto tcp from any to any port = 443 keep state" >> /etc/ipf/ipf.conf ; sleep 2
ipf -Fa -f /etc/ipf/ipf.conf ; sleep 5
echo
echo "Un certificat SSL autosigné a été ajouté au vhost" ; sleep 1
echo "Ne pas oublier de remplacer 'localhost' par '127.0.0.1' pour la connexion à la base SQL" ; sleep 10
echo
;;
esac
exit 0