API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 16th, 2018
309
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 36.04 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. ################################################################################
  3. # Original Author: crombiecrunch
  4. # Fork Author: manfromafar
  5. # Current Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt)
  6. # Web:
  7. #
  8. # Program:
  9. # Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0.x
  10. #
  11. #
  12. ################################################################################
  13. output() {
  14. printf "\E[0;33;40m"
  15. echo $1
  16. printf "\E[0m"
  17. }
  18.  
  19. displayErr() {
  20. echo
  21. echo $1;
  22. echo
  23. exit 1;
  24. }
  25.  
  26. output " "
  27. output "Make sure you double check before hitting enter! Only one shot at these!"
  28. output " "
  29. read -e -p "Enter time zone (e.g. America/New_York) : " TIME
  30. read -e -p "Server name (no http:// or www. just : example.com or pool.example.com) : " server_name
  31. read -e -p "Are you using a subdomain (pool.example.com?) [y/N] : " sub_domain
  32. read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL
  33. read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC
  34. read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel
  35. read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public
  36. read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban
  37. read -e -p "Install UFW and configure ports? [Y/n] : " UFW
  38. read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install
  39.  
  40.  
  41. # Update package and Upgrade Ubuntu
  42. output " "
  43. output "Updating system and installing required packages."
  44. output " "
  45. sleep 3
  46.  
  47. sudo apt-get -y update
  48. sudo apt-get -y upgrade
  49. sudo apt-get -y autoremove
  50.  
  51.  
  52. # Switch Aptitude
  53. output " "
  54. output "Switching to Aptitude"
  55. output " "
  56. sleep 3
  57.  
  58. sudo apt-get -y install aptitude
  59.  
  60.  
  61. # Installing Nginx
  62. output " "
  63. output "Installing Nginx server."
  64. output " "
  65. sleep 3
  66.  
  67. sudo aptitude -y install nginx
  68. sudo rm /etc/nginx/sites-enabled/default
  69. sudo systemctl start nginx.service
  70. sudo systemctl enable nginx.service
  71. sudo systemctl start cron.service
  72. sudo systemctl enable cron.service
  73.  
  74.  
  75. # Making Nginx a bit hard
  76. echo 'map $http_user_agent $blockedagent {
  77. default 0;
  78. ~*malicious 1;
  79. ~*bot 1;
  80. ~*backdoor 1;
  81. ~*crawler 1;
  82. ~*bandit 1;
  83. }
  84. ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1
  85.  
  86.  
  87. # Installing Mariadb
  88. output " "
  89. output "Installing Mariadb Server."
  90. output " "
  91. sleep 3
  92.  
  93. # Create random password
  94. rootpasswd=$(openssl rand -base64 12)
  95. export DEBIAN_FRONTEND="noninteractive"
  96. sudo aptitude -y install mariadb-server
  97. sudo systemctl start mysql
  98. sudo systemctl enable mysql
  99.  
  100.  
  101. # Installing Installing php7.x
  102. output " "
  103. output "Installing php7.x"
  104. output " "
  105. sleep 3
  106.  
  107. sudo aptitude -y install php7.0-fpm
  108. sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring
  109. sudo phpenmod mcrypt
  110. sudo phpenmod mbstring
  111. sudo systemctl start php7.0-fpm.service
  112.  
  113.  
  114. # Installing other needed files
  115. output " "
  116. output "Installing other needed files"
  117. output " "
  118. sleep 3
  119.  
  120. sudo aptitude -y install libgmp3-dev
  121. sudo aptitude -y install libmysqlclient-dev
  122. sudo aptitude -y install libcurl4-gnutls-dev
  123. sudo aptitude -y install libkrb5-dev
  124. sudo aptitude -y install libldap2-dev
  125. sudo aptitude -y install libidn11-dev
  126. sudo aptitude -y install gnutls-dev
  127. sudo aptitude -y install librtmp-dev
  128. sudo aptitude -y install sendmail
  129. sudo aptitude -y install mutt
  130. sudo aptitude -y install git screen
  131. sudo aptitude -y install pwgen -y
  132.  
  133.  
  134. # Installing Package to compile crypto currency
  135. output " "
  136. output "Installing Package to compile crypto currency"
  137. output " "
  138. sleep 3
  139.  
  140. sudo aptitude -y install software-properties-common build-essential
  141. sudo aptitude -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev
  142. sudo aptitude -y install libminiupnpc10 libzmq5
  143. sudo aptitude -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev
  144. sudo aptitude -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler
  145. sudo add-apt-repository -y ppa:bitcoin/bitcoin
  146. sudo apt-get -y update
  147. sudo apt-get install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++
  148.  
  149.  
  150. # Generating Random Passwords
  151. password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
  152. password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
  153. AUTOGENERATED_PASS=`pwgen -c -1 20`
  154.  
  155.  
  156. # Test Email
  157. output " "
  158. output "Testing to see if server emails are sent"
  159. output " "
  160. sleep 3
  161.  
  162. if [[ "$root_email" != "" ]]; then
  163. echo $root_email > sudo tee --append ~/.email
  164. echo $root_email > sudo tee --append ~/.forward
  165.  
  166. if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then
  167. echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message
  168. echo "You should receive this !" >> sudo tee --append /tmp/email.message
  169. echo "" >> sudo tee --append /tmp/email.message
  170. echo "Cheers" >> sudo tee --append /tmp/email.message
  171. sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message
  172.  
  173. sudo rm -f /tmp/email.message
  174. echo "Mail sent"
  175. fi
  176. fi
  177.  
  178.  
  179. # Installing Fail2Ban & UFW
  180. output " "
  181. output "Some optional installs (Fail2Ban & UFW)"
  182. output " "
  183. sleep 3
  184.  
  185.  
  186. if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then
  187. sudo aptitude -y install fail2ban
  188. fi
  189. if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then
  190. sudo apt-get install ufw
  191. sudo ufw default deny incoming
  192. sudo ufw default allow outgoing
  193. sudo ufw allow ssh
  194. sudo ufw allow http
  195. sudo ufw allow https
  196. sudo ufw allow 3333/tcp
  197. sudo ufw allow 3339/tcp
  198. sudo ufw allow 3334/tcp
  199. sudo ufw allow 3433/tcp
  200. sudo ufw allow 3555/tcp
  201. sudo ufw allow 3556/tcp
  202. sudo ufw allow 3573/tcp
  203. sudo ufw allow 3535/tcp
  204. sudo ufw allow 3533/tcp
  205. sudo ufw allow 3553/tcp
  206. sudo ufw allow 3633/tcp
  207. sudo ufw allow 3733/tcp
  208. sudo ufw allow 3636/tcp
  209. sudo ufw allow 3737/tcp
  210. sudo ufw allow 3739/tcp
  211. sudo ufw allow 3747/tcp
  212. sudo ufw allow 3833/tcp
  213. sudo ufw allow 3933/tcp
  214. sudo ufw allow 4033/tcp
  215. sudo ufw allow 4133/tcp
  216. sudo ufw allow 4233/tcp
  217. sudo ufw allow 4234/tcp
  218. sudo ufw allow 4333/tcp
  219. sudo ufw allow 4433/tcp
  220. sudo ufw allow 4533/tcp
  221. sudo ufw allow 4553/tcp
  222. sudo ufw allow 4633/tcp
  223. sudo ufw allow 4733/tcp
  224. sudo ufw allow 4833/tcp
  225. sudo ufw allow 4933/tcp
  226. sudo ufw allow 5033/tcp
  227. sudo ufw allow 5133/tcp
  228. sudo ufw allow 5233/tcp
  229. sudo ufw allow 5333/tcp
  230. sudo ufw allow 5433/tcp
  231. sudo ufw allow 5533/tcp
  232. sudo ufw allow 5733/tcp
  233. sudo ufw allow 5743/tcp
  234. sudo ufw allow 3252/tcp
  235. sudo ufw allow 5755/tcp
  236. sudo ufw allow 5766/tcp
  237. sudo ufw allow 5833/tcp
  238. sudo ufw allow 5933/tcp
  239. sudo ufw allow 6033/tcp
  240. sudo ufw allow 5034/tcp
  241. sudo ufw allow 6133/tcp
  242. sudo ufw allow 6233/tcp
  243. sudo ufw allow 6333/tcp
  244. sudo ufw allow 6433/tcp
  245. sudo ufw allow 7433/tcp
  246. sudo ufw allow 8333/tcp
  247. sudo ufw allow 8463/tcp
  248. sudo ufw allow 8433/tcp
  249. sudo ufw allow 8533/tcp
  250. sudo ufw --force enable
  251. fi
  252.  
  253.  
  254. # Installing PhpMyAdmin
  255. output " "
  256. output "Installing phpmyadmin"
  257. output " "
  258. sleep 3
  259.  
  260. echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections
  261. echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections
  262. echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections
  263. echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections
  264. echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections
  265. echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections
  266. sudo aptitude -y install phpmyadmin
  267.  
  268.  
  269. # Installing Yiimp
  270. output " "
  271. output " Installing Yiimp"
  272. output " "
  273. output "Grabbing yiimp fron Github, building files and setting file structure."
  274. output " "
  275. sleep 3
  276.  
  277.  
  278. # Generating Random Password for stratum
  279. blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1`
  280.  
  281. # Compil Blocknotify
  282. cd ~
  283. git clone https://github.com/Kudaraidee/yiimp.git
  284. cd $HOME/yiimp/blocknotify
  285. sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp
  286. sudo make
  287.  
  288. # Compil iniparser
  289. cd $HOME/yiimp/stratum/iniparser
  290. sudo make
  291.  
  292. # Compil Stratum
  293. cd $HOME/yiimp/stratum
  294. if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then
  295. sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile
  296. sudo make
  297. fi
  298. sudo make
  299.  
  300. # Copy Files (Blocknotify,iniparser,Stratum)
  301. cd $HOME/yiimp
  302. sudo sed -i 's/AdminRights/'$admin_panel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php
  303. sudo cp -r $HOME/yiimp/web /var/
  304. sudo mkdir -p /var/stratum
  305. cd $HOME/yiimp/stratum
  306. sudo cp -a config.sample/. /var/stratum/config
  307. sudo cp -r stratum /var/stratum
  308. sudo cp -r run.sh /var/stratum
  309. cd $HOME/yiimp
  310. sudo cp -r $HOME/yiimp/bin/. /bin/
  311. sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/
  312. sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/
  313. sudo mkdir -p /etc/yiimp
  314. sudo mkdir -p /$HOME/backup/
  315. #fixing yiimp
  316. sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp
  317. #fixing run.sh
  318. sudo rm -r /var/stratum/config/run.sh
  319. echo '
  320. #!/bin/bash
  321. ulimit -n 10240
  322. ulimit -u 10240
  323. cd /var/stratum
  324. while true; do
  325. ./stratum /var/stratum/config/$1
  326. sleep 2
  327. done
  328. exec bash
  329. ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1
  330. sudo chmod +x /var/stratum/config/run.sh
  331.  
  332.  
  333. # Update Timezone
  334. output " "
  335. output "Update default timezone."
  336. output " "
  337.  
  338. # Check if link file
  339. sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime
  340.  
  341. # Update time zone
  342. sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime
  343. sudo aptitude -y install ntpdate
  344.  
  345. # Write time to clock.
  346. sudo hwclock -w
  347.  
  348.  
  349. # Making Web Server Magic Happen
  350. output " "
  351. output "Making Web Server Magic Happen!"
  352. output " "
  353.  
  354. # Adding user to group, creating dir structure, setting permissions
  355. sudo mkdir -p /var/www/$server_name/html
  356.  
  357.  
  358. # Creating webserver initial config file
  359. output " "
  360. output "Creating webserver initial config file"
  361. output " "
  362.  
  363. if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then
  364. echo 'include /etc/nginx/blockuseragents.rules;
  365. server {
  366. if ($blockedagent) {
  367. return 403;
  368. }
  369. if ($request_method !~ ^(GET|HEAD|POST)$) {
  370. return 444;
  371. }
  372. listen 80;
  373. listen [::]:80;
  374. server_name '"${server_name}"';
  375. root "/var/www/'"${server_name}"'/html/web";
  376. index index.html index.htm index.php;
  377. charset utf-8;
  378.  
  379. location / {
  380. try_files $uri $uri/ /index.php?$args;
  381. }
  382. location @rewrite {
  383. rewrite ^/(.*)$ /index.php?r=$1;
  384. }
  385.  
  386. location = /favicon.ico { access_log off; log_not_found off; }
  387. location = /robots.txt { access_log off; log_not_found off; }
  388.  
  389. access_log /var/log/nginx/'"${server_name}"'.app-access.log;
  390. error_log /var/log/nginx/'"${server_name}"'.app-error.log;
  391.  
  392. # allow larger file uploads and longer script runtimes
  393. client_body_buffer_size 50k;
  394. client_header_buffer_size 50k;
  395. client_max_body_size 50k;
  396. large_client_header_buffers 2 50k;
  397. sendfile off;
  398.  
  399. location ~ ^/index\.php$ {
  400. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  401. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  402. fastcgi_index index.php;
  403. include fastcgi_params;
  404. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  405. fastcgi_intercept_errors off;
  406. fastcgi_buffer_size 16k;
  407. fastcgi_buffers 4 16k;
  408. fastcgi_connect_timeout 300;
  409. fastcgi_send_timeout 300;
  410. fastcgi_read_timeout 300;
  411. try_files $uri $uri/ =404;
  412. }
  413. location ~ \.php$ {
  414. return 404;
  415. }
  416. location ~ \.sh {
  417. return 404;
  418. }
  419. location ~ /\.ht {
  420. deny all;
  421. }
  422. location ~ /.well-known {
  423. allow all;
  424. }
  425. location /phpmyadmin {
  426. root /usr/share/;
  427. index index.php;
  428. try_files $uri $uri/ =404;
  429. location ~ ^/phpmyadmin/(doc|sql|setup)/ {
  430. deny all;
  431. }
  432. location ~ /phpmyadmin/(.+\.php)$ {
  433. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
  434. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  435. include fastcgi_params;
  436. include snippets/fastcgi-php.conf;
  437. }
  438. }
  439. }
  440. ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1
  441.  
  442. sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf
  443. sudo ln -s /var/web /var/www/$server_name/html
  444. sudo systemctl reload php7.0-fpm.service
  445. sudo systemctl restart nginx.service
  446.  
  447. if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then
  448.  
  449. # Install SSL (with SubDomain)
  450. output " "
  451. output "Install LetsEncrypt and setting SSL (with SubDomain)"
  452. output " "
  453.  
  454. sudo aptitude -y install letsencrypt
  455. sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name"
  456. sudo rm /etc/nginx/sites-available/$server_name.conf
  457. sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  458. # I am SSL Man!
  459. echo 'include /etc/nginx/blockuseragents.rules;
  460. server {
  461. if ($blockedagent) {
  462. return 403;
  463. }
  464. if ($request_method !~ ^(GET|HEAD|POST)$) {
  465. return 444;
  466. }
  467. listen 80;
  468. listen [::]:80;
  469. server_name '"${server_name}"';
  470. # enforce https
  471. return 301 https://$server_name$request_uri;
  472. }
  473.  
  474. server {
  475. if ($blockedagent) {
  476. return 403;
  477. }
  478. if ($request_method !~ ^(GET|HEAD|POST)$) {
  479. return 444;
  480. }
  481. listen 443 ssl http2;
  482. listen [::]:443 ssl http2;
  483. server_name '"${server_name}"';
  484.  
  485. root /var/www/'"${server_name}"'/html/web;
  486. index index.php;
  487.  
  488. access_log /var/log/nginx/'"${server_name}"'.app-access.log;
  489. error_log /var/log/nginx/'"${server_name}"'.app-error.log;
  490.  
  491. # allow larger file uploads and longer script runtimes
  492. client_body_buffer_size 50k;
  493. client_header_buffer_size 50k;
  494. client_max_body_size 50k;
  495. large_client_header_buffers 2 50k;
  496. sendfile off;
  497.  
  498. # strengthen ssl security
  499. ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem;
  500. ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem;
  501. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  502. ssl_prefer_server_ciphers on;
  503. ssl_session_cache shared:SSL:10m;
  504. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  505. ssl_dhparam /etc/ssl/certs/dhparam.pem;
  506.  
  507. # Add headers to serve security related headers
  508. add_header Strict-Transport-Security "max-age=15768000; preload;";
  509. add_header X-Content-Type-Options nosniff;
  510. add_header X-XSS-Protection "1; mode=block";
  511. add_header X-Robots-Tag none;
  512. add_header Content-Security-Policy "frame-ancestors 'self'";
  513.  
  514. location / {
  515. try_files $uri $uri/ /index.php?$args;
  516. }
  517. location @rewrite {
  518. rewrite ^/(.*)$ /index.php?r=$1;
  519. }
  520.  
  521.  
  522. location ~ ^/index\.php$ {
  523. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  524. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  525. fastcgi_index index.php;
  526. include fastcgi_params;
  527. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  528. fastcgi_intercept_errors off;
  529. fastcgi_buffer_size 16k;
  530. fastcgi_buffers 4 16k;
  531. fastcgi_connect_timeout 300;
  532. fastcgi_send_timeout 300;
  533. fastcgi_read_timeout 300;
  534. include /etc/nginx/fastcgi_params;
  535. try_files $uri $uri/ =404;
  536. }
  537. location ~ \.php$ {
  538. return 404;
  539. }
  540. location ~ \.sh {
  541. return 404;
  542. }
  543.  
  544. location ~ /\.ht {
  545. deny all;
  546. }
  547. location /phpmyadmin {
  548. root /usr/share/;
  549. index index.php;
  550. try_files $uri $uri/ =404;
  551. location ~ ^/phpmyadmin/(doc|sql|setup)/ {
  552. deny all;
  553. }
  554. location ~ /phpmyadmin/(.+\.php)$ {
  555. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
  556. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  557. include fastcgi_params;
  558. include snippets/fastcgi-php.conf;
  559. }
  560. }
  561. }
  562.  
  563. ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1
  564. fi
  565.  
  566. sudo systemctl reload php7.0-fpm.service
  567. sudo systemctl restart nginx.service
  568.  
  569. else
  570. echo 'include /etc/nginx/blockuseragents.rules;
  571. server {
  572. if ($blockedagent) {
  573. return 403;
  574. }
  575. if ($request_method !~ ^(GET|HEAD|POST)$) {
  576. return 444;
  577. }
  578. listen 80;
  579. listen [::]:80;
  580. server_name '"${server_name}"' www.'"${server_name}"';
  581. root "/var/www/'"${server_name}"'/html/web";
  582. index index.html index.htm index.php;
  583. charset utf-8;
  584.  
  585. location / {
  586. try_files $uri $uri/ /index.php?$args;
  587. }
  588. location @rewrite {
  589. rewrite ^/(.*)$ /index.php?r=$1;
  590. }
  591.  
  592. location = /favicon.ico { access_log off; log_not_found off; }
  593. location = /robots.txt { access_log off; log_not_found off; }
  594.  
  595. access_log /var/log/nginx/'"${server_name}"'.app-access.log;
  596. error_log /var/log/nginx/'"${server_name}"'.app-error.log;
  597.  
  598. # allow larger file uploads and longer script runtimes
  599. client_body_buffer_size 50k;
  600. client_header_buffer_size 50k;
  601. client_max_body_size 50k;
  602. large_client_header_buffers 2 50k;
  603. sendfile off;
  604.  
  605. location ~ ^/index\.php$ {
  606. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  607. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  608. fastcgi_index index.php;
  609. include fastcgi_params;
  610. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  611. fastcgi_intercept_errors off;
  612. fastcgi_buffer_size 16k;
  613. fastcgi_buffers 4 16k;
  614. fastcgi_connect_timeout 300;
  615. fastcgi_send_timeout 300;
  616. fastcgi_read_timeout 300;
  617. try_files $uri $uri/ =404;
  618. }
  619. location ~ \.php$ {
  620. return 404;
  621. }
  622. location ~ \.sh {
  623. return 404;
  624. }
  625. location ~ /\.ht {
  626. deny all;
  627. }
  628. location ~ /.well-known {
  629. allow all;
  630. }
  631. location /phpmyadmin {
  632. root /usr/share/;
  633. index index.php;
  634. try_files $uri $uri/ =404;
  635. location ~ ^/phpmyadmin/(doc|sql|setup)/ {
  636. deny all;
  637. }
  638. location ~ /phpmyadmin/(.+\.php)$ {
  639. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
  640. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  641. include fastcgi_params;
  642. include snippets/fastcgi-php.conf;
  643. }
  644. }
  645. }
  646. ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1
  647.  
  648. sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf
  649. sudo ln -s /var/web /var/www/$server_name/html
  650. sudo systemctl reload php7.0-fpm.service
  651. sudo systemctl restart nginx.service
  652.  
  653. if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then
  654.  
  655. # Install SSL (without SubDomain)
  656. output " "
  657. output "Install LetsEncrypt and setting SSL (without SubDomain)"
  658. output " "
  659. sleep 3
  660.  
  661. sudo aptitude -y install letsencrypt
  662. sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name"
  663. sudo rm /etc/nginx/sites-available/$server_name.conf
  664. sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  665. # I am SSL Man!
  666. echo 'include /etc/nginx/blockuseragents.rules;
  667. server {
  668. if ($blockedagent) {
  669. return 403;
  670. }
  671. if ($request_method !~ ^(GET|HEAD|POST)$) {
  672. return 444;
  673. }
  674. listen 80;
  675. listen [::]:80;
  676. server_name '"${server_name}"';
  677. # enforce https
  678. return 301 https://$server_name$request_uri;
  679. }
  680.  
  681. server {
  682. if ($blockedagent) {
  683. return 403;
  684. }
  685. if ($request_method !~ ^(GET|HEAD|POST)$) {
  686. return 444;
  687. }
  688. listen 443 ssl http2;
  689. listen [::]:443 ssl http2;
  690. server_name '"${server_name}"' www.'"${server_name}"';
  691.  
  692. root /var/www/'"${server_name}"'/html/web;
  693. index index.php;
  694.  
  695. access_log /var/log/nginx/'"${server_name}"'.app-access.log;
  696. error_log /var/log/nginx/'"${server_name}"'.app-error.log;
  697.  
  698. # allow larger file uploads and longer script runtimes
  699. client_body_buffer_size 50k;
  700. client_header_buffer_size 50k;
  701. client_max_body_size 50k;
  702. large_client_header_buffers 2 50k;
  703. sendfile off;
  704.  
  705. # strengthen ssl security
  706. ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem;
  707. ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem;
  708. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  709. ssl_prefer_server_ciphers on;
  710. ssl_session_cache shared:SSL:10m;
  711. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  712. ssl_dhparam /etc/ssl/certs/dhparam.pem;
  713.  
  714. # Add headers to serve security related headers
  715. add_header Strict-Transport-Security "max-age=15768000; preload;";
  716. add_header X-Content-Type-Options nosniff;
  717. add_header X-XSS-Protection "1; mode=block";
  718. add_header X-Robots-Tag none;
  719. add_header Content-Security-Policy "frame-ancestors 'self'";
  720.  
  721. location / {
  722. try_files $uri $uri/ /index.php?$args;
  723. }
  724. location @rewrite {
  725. rewrite ^/(.*)$ /index.php?r=$1;
  726. }
  727.  
  728.  
  729. location ~ ^/index\.php$ {
  730. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  731. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  732. fastcgi_index index.php;
  733. include fastcgi_params;
  734. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  735. fastcgi_intercept_errors off;
  736. fastcgi_buffer_size 16k;
  737. fastcgi_buffers 4 16k;
  738. fastcgi_connect_timeout 300;
  739. fastcgi_send_timeout 300;
  740. fastcgi_read_timeout 300;
  741. include /etc/nginx/fastcgi_params;
  742. try_files $uri $uri/ =404;
  743. }
  744. location ~ \.php$ {
  745. return 404;
  746. }
  747. location ~ \.sh {
  748. return 404;
  749. }
  750.  
  751. location ~ /\.ht {
  752. deny all;
  753. }
  754. location /phpmyadmin {
  755. root /usr/share/;
  756. index index.php;
  757. try_files $uri $uri/ =404;
  758. location ~ ^/phpmyadmin/(doc|sql|setup)/ {
  759. deny all;
  760. }
  761. location ~ /phpmyadmin/(.+\.php)$ {
  762. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
  763. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  764. include fastcgi_params;
  765. include snippets/fastcgi-php.conf;
  766. }
  767. }
  768. }
  769.  
  770. ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1
  771.  
  772. fi
  773. sudo systemctl reload php7.0-fpm.service
  774. sudo systemctl restart nginx.service
  775. fi
  776.  
  777.  
  778. # Config Database
  779. output " "
  780. output "Now for the database fun!"
  781. output " "
  782. sleep 3
  783.  
  784. # Create database
  785. Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;"
  786. Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';"
  787. Q3="FLUSH PRIVILEGES;"
  788. SQL="${Q1}${Q2}${Q3}"
  789. sudo mysql -u root -p="" -e "$SQL"
  790.  
  791. # Create stratum user
  792. Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';"
  793. Q2="FLUSH PRIVILEGES;"
  794. SQL="${Q1}${Q2}"
  795. sudo mysql -u root -p="" -e "$SQL"
  796.  
  797. #Create my.cnf
  798.  
  799. echo '
  800. [clienthost1]
  801. user=panel
  802. password='"${password}"'
  803. database=yiimpfrontend
  804. host=localhost
  805. [clienthost2]
  806. user=stratum
  807. password='"${password2}"'
  808. database=yiimpfrontend
  809. host=localhost
  810. [myphpadmin]
  811. user=phpmyadmin
  812. password='"${AUTOGENERATED_PASS}"'
  813. [mysql]
  814. user=root
  815. password='"${rootpasswd}"'
  816. ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1
  817. sudo chmod 0600 ~/.my.cnf
  818.  
  819. # Create keys file
  820. echo '
  821. <?php
  822. /* Sample config file to put in /etc/yiimp/keys.php */
  823. define('"'"'YIIMP_MYSQLDUMP_USER'"'"', '"'"'panel'"'"');
  824. define('"'"'YIIMP_MYSQLDUMP_PASS'"'"', '"'"''"${password}"''"'"');
  825. /* Keys required to create/cancel orders and access your balances/deposit addresses */
  826. define('"'"'EXCH_BITTREX_SECRET'"'"', '"'"'<my_bittrex_api_secret_key>'"'"');
  827. define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"');
  828. define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"');
  829. define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"');
  830. define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"');
  831. define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"');
  832. define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"');
  833. define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"');
  834. define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"');
  835. define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"');
  836. define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"');
  837. define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"');
  838. define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"');
  839. define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"');
  840. ' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1
  841.  
  842.  
  843. # Peforming the SQL import
  844. output " "
  845. output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you"
  846. output " "
  847. output "Peforming the SQL import"
  848. output " "
  849. sleep 3
  850.  
  851. cd ~
  852. cd yiimp/sql
  853.  
  854. # Import sql dump
  855. sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1
  856.  
  857. # Oh the humanity!
  858. sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql
  859. sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql
  860. sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql
  861. sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql
  862. sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql
  863. sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql
  864. sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql
  865. sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql
  866. sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql
  867. sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql
  868. sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql
  869. sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql
  870. sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql
  871. sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql
  872. sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql
  873. sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql
  874. sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql
  875.  
  876.  
  877. # Generating a basic Yiimp serverconfig.php
  878. output " "
  879. output "Generating a basic Yiimp serverconfig.php"
  880. output " "
  881. sleep 3
  882.  
  883. # Make config file
  884. echo '
  885. <?php
  886. ini_set('"'"'date.timezone'"'"', '"'"'UTC'"'"');
  887. define('"'"'YAAMP_LOGS'"'"', '"'"'/var/log'"'"');
  888. define('"'"'YAAMP_HTDOCS'"'"', '"'"'/var/web'"'"');
  889. define('"'"'YAAMP_BIN'"'"', '"'"'/var/bin'"'"');
  890. define('"'"'YAAMP_DBHOST'"'"', '"'"'localhost'"'"');
  891. define('"'"'YAAMP_DBNAME'"'"', '"'"'yiimpfrontend'"'"');
  892. define('"'"'YAAMP_DBUSER'"'"', '"'"'panel'"'"');
  893. define('"'"'YAAMP_DBPASSWORD'"'"', '"'"''"${password}"''"'"');
  894. define('"'"'YAAMP_PRODUCTION'"'"', true);
  895. define('"'"'YAAMP_RENTAL'"'"', false);
  896. define('"'"'YAAMP_LIMIT_ESTIMATE'"'"', false);
  897. define('"'"'YAAMP_FEES_MINING'"'"', 0.5);
  898. define('"'"'YAAMP_FEES_EXCHANGE'"'"', 2);
  899. define('"'"'YAAMP_FEES_RENTING'"'"', 2);
  900. define('"'"'YAAMP_TXFEE_RENTING_WD'"'"', 0.002);
  901. define('"'"'YAAMP_PAYMENTS_FREQ'"'"', 2*60*60);
  902. define('"'"'YAAMP_PAYMENTS_MINI'"'"', 0.001);
  903. define('"'"'YAAMP_ALLOW_EXCHANGE'"'"', false);
  904. define('"'"'YIIMP_PUBLIC_EXPLORER'"'"', true);
  905. define('"'"'YIIMP_PUBLIC_BENCHMARK'"'"', true);
  906. define('"'"'YIIMP_FIAT_ALTERNATIVE'"'"', '"'"'USD'"'"'); // USD is main
  907. define('"'"'YAAMP_USE_NICEHASH_API'"'"', false);
  908. define('"'"'YAAMP_BTCADDRESS'"'"', '"'"'1C1hnjk3WhuAvUN6Ny6LTxPD3rwSZwapW7'"'"');
  909. define('"'"'YAAMP_SITE_URL'"'"', '"'"''"${server_name}"''"'"');
  910. define('"'"'YAAMP_STRATUM_URL'"'"', YAAMP_SITE_URL); // change if your stratum server is on a different host
  911. define('"'"'YAAMP_SITE_NAME'"'"', '"'"'YIIMP'"'"');
  912. define('"'"'YAAMP_ADMIN_EMAIL'"'"', '"'"''"${EMAIL}"''"'"');
  913. define('"'"'YAAMP_ADMIN_IP'"'"', '"'"''"${Public}"''"'"'); // samples: "80.236.118.26,90.234.221.11" or "10.0.0.1/8"
  914. define('"'"'YAAMP_ADMIN_WEBCONSOLE'"'"', true);
  915. define('"'"'YAAMP_NOTIFY_NEW_COINS'"'"', true);
  916. define('"'"'YAAMP_DEFAULT_ALGO'"'"', '"'"'x11'"'"');
  917. define('"'"'YAAMP_USE_NGINX'"'"', true);
  918. // Exchange public keys (private keys are in a separate config file)
  919. define('"'"'EXCH_CRYPTOPIA_KEY'"'"', '"'"''"'"');
  920. define('"'"'EXCH_POLONIEX_KEY'"'"', '"'"''"'"');
  921. define('"'"'EXCH_BITTREX_KEY'"'"', '"'"''"'"');
  922. define('"'"'EXCH_BLEUTRADE_KEY'"'"', '"'"''"'"');
  923. define('"'"'EXCH_BTER_KEY'"'"', '"'"''"'"');
  924. define('"'"'EXCH_YOBIT_KEY'"'"', '"'"''"'"');
  925. define('"'"'EXCH_CCEX_KEY'"'"', '"'"''"'"');
  926. define('"'"'EXCH_COINMARKETS_USER'"'"', '"'"''"'"');
  927. define('"'"'EXCH_COINMARKETS_PIN'"'"', '"'"''"'"');
  928. define('"'"'EXCH_BITSTAMP_ID'"'"','"'"''"'"');
  929. define('"'"'EXCH_BITSTAMP_KEY'"'"','"'"''"'"');
  930. define('"'"'EXCH_HITBTC_KEY'"'"','"'"''"'"');
  931. define('"'"'EXCH_KRAKEN_KEY'"'"', '"'"''"'"');
  932. define('"'"'EXCH_LIVECOIN_KEY'"'"', '"'"''"'"');
  933. define('"'"'EXCH_NOVA_KEY'"'"', '"'"''"'"');
  934. // Automatic withdraw to Yaamp btc wallet if btc balance > 0.3
  935. define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3);
  936. // nicehash keys deposit account & amount to deposit at a time
  937. define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"');
  938. define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"');
  939. define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"');
  940. define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"');
  941. $cold_wallet_table = array(
  942. '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10,
  943. );
  944. // Sample fixed pool fees
  945. $configFixedPoolFees = array(
  946. '"'"'zr5'"'"' => 2.0,
  947. '"'"'scrypt'"'"' => 20.0,
  948. '"'"'sha256'"'"' => 5.0,
  949. );
  950. // Sample custom stratum ports
  951. $configCustomPorts = array(
  952. // '"'"'x11'"'"' => 7000,
  953. );
  954. // mBTC Coefs per algo (default is 1.0)
  955. $configAlgoNormCoef = array(
  956. // '"'"'x11'"'"' => 5.0,
  957. );
  958. ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1
  959.  
  960.  
  961. # Updating stratum config files with database connection info
  962. output " "
  963. output "Updating stratum config files with database connection info."
  964. output " "
  965. sleep 3
  966.  
  967. cd /var/stratum/config
  968. sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf
  969. sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf
  970. sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf
  971. sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf
  972. sudo sed -i 's/username = root/username = stratum/g' *.conf
  973. sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf
  974. cd ~
  975.  
  976.  
  977. # Final Directory permissions
  978. output " "
  979. output "Final Directory permissions"
  980. output " "
  981. sleep 3
  982.  
  983. whoami=`whoami`
  984. sudo mkdir /root/backup/
  985. #sudo usermod -aG www-data $whoami
  986. #sudo chown -R www-data:www-data /var/log
  987. sudo chown -R www-data:www-data /var/stratum
  988. sudo chown -R www-data:www-data /var/web
  989. sudo touch /var/log/debug.log
  990. sudo chown -R www-data:www-data /var/log/debug.log
  991. sudo chmod -R 775 /var/www/$server_name/html
  992. sudo chmod -R 775 /var/web
  993. sudo chmod -R 775 /var/stratum
  994. sudo chmod -R 775 /var/web/yaamp/runtime
  995. sudo chmod -R 664 /root/backup/
  996. sudo chmod -R 644 /var/log/debug.log
  997. sudo chmod -R 775 /var/web/serverconfig.php
  998. sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder
  999. sudo rm -rf /var/log/nginx/*
  1000. sudo systemctl reload php7.0-fpm.service
  1001. sudo systemctl restart nginx.service
  1002.  
  1003.  
  1004. output " "
  1005. output " "
  1006. output " "
  1007. output " "
  1008. output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.cnf. this installer did not directly install anything required to build coins."
  1009. output " "
  1010. output "Please make sure to change your wallet addresses in the /var/web/serverconfig.php file."
  1011. output " "
  1012. output "Please make sure to add your public and private keys."
  1013. output " "
  1014. output "TUTO Youtube : https://www.youtube.com/watch?v=vdBCw6_cyig"
  1015. output " "
  1016. output " "
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!