#!/bin/bash
clear
# MAJ
#---------------------------------------------------#
pkg refresh --full ; sleep 2 ; pkg update ; sleep 5
# APACHE
#---------------------------------------------------#
pkg install pkg:/ooce/server/apache-24 ; sleep 5
# MARIADB 11.4
#---------------------------------------------------#
pkg install pkg:/ooce/database/mariadb-114 ; sleep 5
svcadm enable svc:/ooce/database/mariadb114:default ; sleep 10
mariadb-secure-installation ; sleep 5
svcadm restart svc:/ooce/database/mariadb114:default ; sleep 5
mysqladmin -uroot create wordpressdb ; sleep 1 ; mysql -uroot -e"GRANT ALL ON wordpressdb.* TO adminwp@localhost IDENTIFIED BY 'EtAvpk62G,efoky40968'" ; sleep 1
# PHP 8.3
#---------------------------------------------------#
pkg install pkg:/ooce/application/php-83 ; sleep 5
sed -i 's/;zend_extension=opcache/zend_extension=opcache/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
sed -i 's/session.cookie_httponly =/session.cookie_httponly = 1/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
usermod -G webservd php ; sleep 2
svcadm disable svc:/application/php83:default ; sleep 5 ; svcadm enable svc:/application/php83:default ; sleep 5
# WORDPRESS
#---------------------------------------------------#
# Download Wordpress Latest version and install it
pkg install wget ; sleep 5
mkdir /var/www ; sleep 2 ; wget http://wordpress.org/latest.tar.gz -P /var/www/ ; sleep 2 ; tar -xvzf /var/www/latest.tar.gz -C /var/www/ ; sleep 2 ; rm /var/www/latest.tar.gz ; sleep 2
# Configure wp-config.php with SQL informations
cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php
sed -i 's/database_name_here/wordpressdb/' /var/www/wordpress/wp-config.php
sed -i 's/username_here/adminwp/' /var/www/wordpress/wp-config.php
sed -i 's/password_here/EtAvpk62G,efoky40968/' /var/www/wordpress/wp-config.php
sed -i 's/localhost/127.0.0.1/' /var/www/wordpress/wp-config.php
# Configure permissions
find /var/www/wordpress -type d -exec chmod 755 {} \;
find /var/www/wordpress -type f -exec chmod 644 {} \;
chmod 640 /var/www/wordpress/wp-config.php
chown -R webservd:webservd /var/www/wordpress
# APACHE CONFIGURATION
#---------------------------------------------------#
mkdir -p /opt/ooce/apache-2.4/logs/ ; sleep 2 ; chown webservd:webservd /opt/ooce/apache-2.4/logs/ ; sleep 2 ; chmod 775 /opt/ooce/apache-2.4/logs/ ; sleep 2
cat << EOF > /etc/opt/ooce/apache-2.4/extra/wordpress.conf
DocumentRoot "/var/www/wordpress"
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/wordpress-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/wordpress-access_log" common
EOF
sleep 2
echo 'Include /etc/opt/ooce/apache-2.4/extra/wordpress.conf' >> /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule proxy_module libexec\/mod_proxy.so/LoadModule proxy_module libexec\/mod_proxy.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule proxy_fcgi_module libexec\/mod_proxy_fcgi.so/LoadModule proxy_fcgi_module libexec\/mod_proxy_fcgi.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
svcadm enable svc:/network/http:apache24 ; sleep 5
# IPF
#---------------------------------------------------#
echo "pass in log quick proto tcp from any to any port = 80 keep state" >> /etc/ipf/ipf.conf ; sleep 2
ipf -Fa -f /etc/ipf/ipf.conf ; sleep 5
# PASSAGE EN HTTPS OU PAS
#---------------------------------------------------#
clear
echo "|-----------------------------------------"
echo "| INSTALLATION TERMINEE."
echo
echo "| wordpress est déployé en HTTP."
echo "| Se connecter via un navigateur web : http://IP-SERVEUR"
echo
read -p "| Voulez-vous passer en HTTPS ? (O/N) " sslconfirm
echo
case $sslconfirm in
O|o)
pkg list -q pkg:/library/security/openssl || (pkg install pkg:/library/security/openssl ; sleep 5)
mkdir /etc/opt/ooce/apache-2.4/ssl ; sleep 2
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/opt/ooce/apache-2.4/ssl/wordpress.key -out /etc/opt/ooce/apache-2.4/ssl/wordpress.crt ; sleep 2
chown root:webservd /etc/opt/ooce/apache-2.4/ssl/wordpress.key ; sleep 2
chmod 640 /etc/opt/ooce/apache-2.4/ssl/wordpress.key ; sleep 2
cat << EOF > /etc/opt/ooce/apache-2.4/extra/wordpress.conf
# -------------------------------------------------------------------
# Fichier unique : wordpress.conf
# Gère wordpress sur HTTP (80) et HTTPS (443) sans besoin de httpd-ssl.conf
# -------------------------------------------------------------------
# --- Écouter sur le port 80 (déjà fait par httpd.conf, mais si besoin) ---
# Listen 80
# --- Écouter sur le port 443 ---
Listen 443
# -------------------------------------------------------------------
# Configuration SSL globale
# -------------------------------------------------------------------
SSLSessionCache "shmcb:/var/opt/ooce/apache-2.4/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
# -------------------------------------------------------------------
# VirtualHost pour wordpress en HTTP (port 80)
# -------------------------------------------------------------------
#ServerName mon-serveur.example.com
DocumentRoot "/var/www/wordpress"
# --- Option : redirection directe vers HTTPS ---
RewriteEngine On
# Si vous ne voulez pas rediriger *tout* en HTTPS, vous pouvez commenter ces lignes :
RewriteRule ^(.*)$ https://mon-serveur.example.com\$1 [R=301,L]
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/wordpress-http-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/wordpress-http-access_log" common
# -------------------------------------------------------------------
# VirtualHost pour wordpress en HTTPS (port 443)
# -------------------------------------------------------------------
#ServerName mon-serveur.example.com
DocumentRoot "/var/www/wordpress"
# --- Active le SSL ---
SSLEngine on
# --- Vos certificats ---
SSLCertificateFile "/etc/opt/ooce/apache-2.4/ssl/wordpress.crt"
SSLCertificateKeyFile "/etc/opt/ooce/apache-2.4/ssl/wordpress.key"
AllowOverride All
Require all granted
DirectoryIndex index.php index.html index.htm
SetHandler "proxy:unix:/var/opt/ooce/php/run/www-8.3.sock|fcgi://localhost/"
ErrorLog "/opt/ooce/apache-2.4/logs/wordpress-ssl-error_log"
CustomLog "/opt/ooce/apache-2.4/logs/wordpress-ssl-access_log" common
EOF
sleep 2
sed -i 's/#LoadModule ssl_module libexec\/mod_ssl.so/LoadModule ssl_module libexec\/mod_ssl.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule rewrite_module libexec\/mod_rewrite.so/LoadModule rewrite_module libexec\/mod_rewrite.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
#sed -i 's/#Include \/etc\/opt\/ooce\/apache-2.4\/extra\/httpd-ssl.conf/Include \/etc\/opt\/ooce\/apache-2.4\/extra\/httpd-ssl.conf/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/#LoadModule socache_shmcb_module libexec\/mod_socache_shmcb.so/LoadModule socache_shmcb_module libexec\/mod_socache_shmcb.so/' /etc/opt/ooce/apache-2.4/httpd.conf ; sleep 2
sed -i 's/;session.cookie_secure =/session.cookie_secure = 1/' /etc/opt/ooce/php-8.3/php.ini ; sleep 2
svcadm disable svc:/application/php83:default ; sleep 5 ; svcadm enable svc:/application/php83:default ; sleep 5
svcadm restart apache24 ; sleep 5
#echo "pass in log quick proto tcp from any to any port = 443 keep state" >> /etc/ipf/ipf.conf ; sleep 2
#ipf -Fa -f /etc/ipf/ipf.conf ; sleep 5
echo
echo "Un certificat SSL autosigné a été ajouté au vhost" ; sleep 1
echo
;;
esac
exit 0