Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #Variables
- ip4=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
- echo ~~Now Installing Virtual Hosts~~
- sleep 1
- yum -y install httpd
- mkdir /etc/httpd/sites-available
- mkdir /etc/httpd/sites-enabled
- mkdir /var/www/html/sales.jelle.lan
- mkdir /var/www/html/support.jelle.lan
- mkdir /var/www/html/www.jelle.lan
- echo "<html>
- <head>
- <title>Welcome to sales.jelle.lan!</title>
- </head>
- <body>
- <h1>Success! The sales.jelle.lan virtual host is working!</h1>
- </body>
- </html>" > /var/www/html/sales.jelle.lan/index.html
- echo "<html>
- <head>
- <title>Welcome to support.jelle.lan!</title>
- </head>
- <body>
- <h1>Success! The support.jelle.lan virtual host is working!</h1>
- </body>
- </html>" > /var/www/html/support.jelle.lan/index.html
- echo "<html>
- <head>
- <title>Welcome to www.jelle.lan!</title>
- </head>
- <body>
- <h1>Success! www.jelle.lan virtual host is working!</h1>
- </body>
- </html>" > /var/www/html/www.jelle.lan/index.html
- echo "<VirtualHost *:80>
- ServerName sales.jelle.lan
- ServerAlias sales.jelle.lan
- DocumentRoot /var/www/html/sales.jelle.lan/
- ErrorLog /var/www/html/sales.jelle.lan/error.log
- CustomLog /var/www/html/sales.jelle.lan/requests.log combined
- </VirtualHost>" > /etc/httpd/sites-available/sales.jelle.lan.conf
- echo "<VirtualHost *:80>
- ServerName support.jelle.lan
- ServerAlias support.jelle.lan
- DocumentRoot /var/www/html/support.jelle.lan/
- ErrorLog /var/www/html/support.jelle.lan/error.log
- CustomLog /var/www/html/support.jelle.lan/requests.log combined
- </VirtualHost>" > /etc/httpd/sites-available/support.jelle.lan.conf
- echo "<VirtualHost *:80>
- ServerName www.jelle.lan
- ServerAlias www.jelle.lan
- DocumentRoot /var/www/html/www.jelle.lan/
- ErrorLog /var/www/html/www.jelle.lan/error.log
- CustomLog /var/www/html/www.jelle.lan/requests.log combined
- </VirtualHost>" > /etc/httpd/sites-available/www.jelle.lan.conf
- ln -s /etc/httpd/sites-available/www.jelle.lan.conf /etc/httpd/sites-enabled/www.jelle.lan.conf
- ln -s /etc/httpd/sites-available/support.jelle.lan.conf /etc/httpd/sites-enabled/support.jelle.lan.conf
- ln -s /etc/httpd/sites-available/sales.jelle.lan.conf /etc/httpd/sites-enabled/sales.jelle.lan.conf
- echo "
- $ip4 www.jelle.lan
- $ip4 sales.jelle.lan
- $ip4 support.jelle.lan" >> /etc/hosts
- touch /var/www/html/www.jelle.lan/error.log
- touch /var/www/html/support.jelle.lan/error.log
- touch /var/www/html/sales.jelle.lan/error.log
- touch /var/www/html/www.jelle.lan/requests.log
- touch /var/www/html/support.jelle.lan/requests.log
- touch /var/www/html/sales.jelle.lan/requests.log
- chcon --reference /var/log/httpd/error_log /var/www/html/www.jelle.lan/error.log
- chcon --reference /var/log/httpd/error_log /var/www/html/support.jelle.lan/error.log
- chcon --reference /var/log/httpd/error_log /var/www/html/sales.jelle.lan/error.log
- chcon --reference /var/log/httpd/access_log /var/www/html/www.jelle.lan/requests.log
- chcon --reference /var/log/httpd/access_log /var/www/html/support.jelle.lan/requests.log
- chcon --reference /var/log/httpd/access_log /var/www/html/sales.jelle.lan/requests.log
- systemctl enable httpd
- systemctl restart httpd
- clear
- #loganalyzer
- cp -r /var/www/html/loganalyzer /var/www/html/www.jelle.lan
- #SSL
- yum install mod_ssl -y
- mkdir /etc/ssl/private
- chmod 700 /etc/ssl/private
- openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/Server3.linux.lan.key -out /etc/ssl/certs/Server3.linux.lan.crt
- openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
- cat /etc/ssl/certs/dhparam.pem | sudo tee -a /etc/ssl/certs/Server3.linux.lan.crt
- sed -i '/# General setup for the virtual host, inherited from global configuration/a DocumentRoot "/var/www/html/www.jelle.lan/"' /etc/httpd/conf.d/ssl.conf
- sed -i '/# General setup for the virtual host, inherited from global configuration/a ServerName Server3.linux.lan:443' /etc/httpd/conf.d/ssl.conf
- sed -i 's/SSLProtocol all -SSLv2/#SSLProtocol all -SSLv2/g' /etc/httpd/conf.d/ssl.conf
- sed -i 's/SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA/#SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA/g' /etc/httpd/conf.d/ssl.conf
- sed -i 's|SSLCertificateFile /etc/pki/tls/certs/localhost.crt|SSLCertificateFile /etc/ssl/certs/Server3.linux.lan.crt|g' /etc/httpd/conf.d/ssl.conf
- sed -i 's|SSLCertificateKeyFile /etc/pki/tls/private/localhost.key|SSLCertificateKeyFile /etc/ssl/private/Server3.linux.lan.key|g' /etc/httpd/conf.d/ssl.conf
- echo '
- # Begin copied text
- # from https://cipherli.st/
- # and https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html
- SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
- SSLProtocol All -SSLv2 -SSLv3
- SSLHonorCipherOrder On
- # Disable preloading HSTS for now. You can use the commented out header line that includes
- # the "preload" directive if you understand the implications.
- #Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
- Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
- Header always set X-Frame-Options DENY
- Header always set X-Content-Type-Options nosniff
- # Requires Apache >= 2.4
- SSLCompression off
- SSLUseStapling on
- SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
- # Requires Apache >= 2.4.11
- # SSLSessionTickets Off' >> /etc/httpd/conf.d/ssl.conf
- echo "<VirtualHost *:80>
- ServerName www.jelle.lan
- Redirect "/" "https://www.jelle.lan"
- </VirtualHost>" > /etc/httpd/conf.d/non-ssl.conf
- systemctl restart httpd.service
- apachectl configtest
- systemctl restart httpd.service
- firewall-cmd --permanent --zone=external --add-service=http
- firewall-cmd --permanent --zone=external --add-service=https
- firewall-cmd --runtime-to-permanent
- firewall-cmd --reload
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement