#!/bin/bash
#
LAN_ADAPTER=p1p1
INET_ADAPTER=p4p1
LOCAL_NET=192.168.0
LOCAL_IP=192.168.0.1
DHCP_RANGE='192.168.0.2 192.168.0.254'
SAMSDB_PASS='mypass'
# ----------------------------------------------------
# Проверяем наличие прав супер пользователя
if [ "$(whoami &2>/dev/null)" != "root" ] && [ "$(id -un &2>/dev/null)" != "root" ] ; then
echo "Please, run this as root!"
exit 1
fi
# Обновляемся
apt-get -q -y update
apt-get -q -y upgrade
apt-get -q -y dist-upgrade
# Устанавливаем все необходимые пакеты
apt-get -y install unzip make g++ libtool build-essential autoconf automake
apt-get -y install apache2 apache2-doc apache2-utils mysql-server mysql-client libmysqlclient-dev
apt-get -y install bind9 ssl-cert libpcre3 libpcre3-dev isc-dhcp-server squid
apt-get -y install php5 php5-cli php5-common php5-dev php5-mcrypt php5-imagick php5-mysql php5-gd php5-ldap php-fpdf libapache2-mod-php5
# опционально
apt-get -y install phpmyadmin
# Настроим Apache
sed -i -e '1s/.*/ServerName localhost/' /etc/apache2/apache2.conf
# sed -i -e 's/80/8080/' /etc/apache2/ports.conf
# sed -i -e 's/80/8080/' /etc/apache2/sites-available/default
apache2ctl restart
# ---------------------------------------------------- Замарочки PHP
# Настраиваем сеть
echo "
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
" >> /etc/sysctl.conf
echo "
auto $LAN_ADAPTER
iface $LAN_ADAPTER inet static
address $LOCAL_IP
netmask 255.255.255.0" >> /etc/network/interfaces
iptables -t nat -A PREROUTING -i $LAN_ADAPTER -p tcp --dport 80 -j DNAT --to-destination $LOCAL_IP:3128
iptables -t nat -A POSTROUTING -o $INET_ADAPTER -j MASQUERADE
iptables -A FORWARD -i $LAN_ADAPTER -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $INET_ADAPTER -m state --state RELATED,ESTABLISHED -j ACCEPT
echo '#!/bin/sh
iptables-restore < /etc/firewall.conf ' >> /etc/network/if-up.d/00-iptables
chmod +x /etc/network/if-up.d/00-iptables
iptables-save > /etc/firewall.conf
# Настраиваем DHCP
echo '
subnet '$LOCAL_NET'.0 netmask 255.255.255.0 {
option routers '$LOCAL_IP';
option subnet-mask 255.255.255.0;
option domain-name-servers '$LOCAL_IP';
range '$DHCP_RANGE';
}
' >> /etc/dhcp/dhcpd.conf
sed -i -e 's/INTERFACES=""/INTERFACES="'$LAN_ADAPTER'"/' /etc/default/isc-dhcp-server
# ------------------------------------------------------
mv /etc/squid3/squid.conf /etc/squid3/squid.conf-old
grep -v "^#" /etc/squid3/squid.conf-old | sed -e '/^$/d' >> /etc/squid3/squid.conf
sed -i -e '/acl localhost/ aacl localnet src '$LOCAL_NET'.0/24' /etc/squid3/squid.conf
sed -i -e '/http_access allow localhost/ ahttp_access allow localnet' /etc/squid3/squid.conf
sed -i -e 's/http_port 3128/http_port '$LOCAL_IP':3128 transparent/' /etc/squid3/squid.conf
echo "
visible_hostname serv
always_direct allow all
access_log /var/log/squid3/access.log squid
cache_log /var/log/squid3/cache.log
pid_filename /var/run/squid3.pid
cache_dir ufs /var/spool/squid3 4096 32 512
coredump_dir /var/spool/squid3
maximum_object_size_in_memory 50 MB
maximum_object_size 50 MB
" >> /etc/squid3/squid.conf
/etc/init.d/squid3 stop
squid3 -z
ln -s /usr/sbin/squid3 /usr/sbin/squid
# Скачиваем собираем и устанавливаем SAMS2
cd /usr/src
wget http://sams2.googlecode.com/files/sams-2.0.0-rc2.tar.bz2
tar xvjf sams-2.0.0-rc2.tar.bz2
cd sams-2.0.0-rc2
make -f Makefile.cvs
./configure
sed -i -e '6000s/absdir=.*/absdir="/usr/lib"/' libtool
make
make install
# Настраиваем SAMS2
sed -i -e 's/DB_USER=/DB_USER=sams/' /usr/local/etc/sams2.conf
sed -i -e 's/DB_PASSWORD=/DB_PASSWORD='$SAMSDB_PASS'/' /usr/local/etc/sams2.conf
sed -i -e 's/squid/squid3/' /usr/local/etc/sams2.conf
sed -i -e 's|SQUIDCACHEDIR=/usr/local/apache2|SQUIDCACHEDIR=/var/spool/squid3|' /usr/local/etc/sams2.conf
# ------------------------------------------------------------------------------------------------------
sed -i -e 's/AllowOverride.*/ /' /etc/apache2/conf.d/doc4sams2.conf
sed -i -e 's/AllowOverride.*/ /' /etc/apache2/conf.d/sams2.conf
echo '#!/bin/sh -e
### BEGIN INIT INFO
# Provides: sams
# Required-Start: $local_fs $network $time $remote_fs
# Required-Stop:
# Should-Start: $named $mysql $squid
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starting sams daemon
# Description: Squid Account Management System (SAMS)
# Starting sams management daemon - sams2daemon
### END INIT INFO
#
# Author: Pavel Vinogradov <Pavel.Vinogradov@nixdev.net>
#
# /etc/init.d/sams2: start and stop the sams daemon
SAMSPATH=`cat /usr/local/etc/sams2.conf | grep SAMSPATH | tr "SAMSPATH=" ""`
NAME="sams"
DAEMON=$SAMSPATH/bin/sams2daemon
LOCKFILE=/var/lock/samsd
PIDFILE=/var/run/sams2daemon.pid
RETVAL=0
SAMS_ENABLE=true
test -x $DAEMON || exit 0
if ! [ -x "/lib/lsb/init-functions" ]; then
. /lib/lsb/init-functions
else
echo "E: /lib/lsb/init-functions not found, lsb-base (>= 3.0-6) needed"
exit 1
fi
. /etc/default/rcS
case "$1" in
start)
if "$SAMS_ENABLE"; then
log_daemon_msg "Starting $NAME daemon" "$NAME"
if [ -s $PIDFILE ] && kill -0 $(cat $PIDFILE) >/dev/null 2>&1; then
log_progress_msg "apparently already running"
log_end_msg 0
exit 0
fi
start-stop-daemon --start --quiet --background
--pidfile $PIDFILE
--exec $DAEMON
RETVAL=$?
[ $RETVAL -eq 0 ] && touch "$LOCKFILE"
log_end_msg $RETVAL
else
[ "VERBOSE" != no ] && log_warning_msg "$NAME daemon not enabled, not starting. Please read /usr/share/doc/sams2/README.Debian"
fi
;;
stop)
if "$SAMS_ENABLE"; then
log_daemon_msg "Stopping $NAME daemon" "$NAME"
start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f "$LOCKFILE"
log_end_msg $RETVAL
else
[ "VERBOSE" != no ] && log_warning_msg "$NAME daemon not enabled, not stoping..."
fi
;;
restart|force-reload)
/etc/init.d/sams2 stop
/etc/init.d/sams2 start
;;
*)
echo "Usage: ${0##*/} {start|stop|restart}"
RETVAL=1
;;
esac' >> /etc/init.d/sams2
chmod -R 777 /etc/init.d/sams2
chmod +x /etc/init.d/sams2
update-rc.d sams2 start 99 2 3 4 5 . stop 1 0 1 6 .
chown -R www-data:www-data /usr/local/share/sams2/
chown -R www-data:www-data /usr/local/etc/sams2.conf
chmod -R 777 /usr/local/share/sams2
/etc/init.d/apache2 restart
/etc/init.d/squid3 restart
exit 0
Читайте другие интересные статьи
rkhunter — программа для поиска руткитов в debian
Удостоверяющий центр OpenSSL
Настройка NFS клиента под FreeBSD
Фильтрация по MAC-адресу в различных файерволах
Удаление Всех Комментариев в WordPress
FreeBSD: настройка newsyslog для ротации логов
Zend OpCache
Измеряем скорость сети программой Iperf
Установка PostgreSQL в Ubuntu 18.04
