diff --git a/packages/manager/.changeset/pr-9950-changed-1701876302104.md b/packages/manager/.changeset/pr-9950-changed-1701876302104.md new file mode 100644 index 00000000000..3b014e18a7e --- /dev/null +++ b/packages/manager/.changeset/pr-9950-changed-1701876302104.md @@ -0,0 +1,5 @@ +--- +"@linode/manager": Changed +--- + +Update Main Concept app names to include demo ([#9950](https://github.com/linode/manager/pull/9950)) diff --git a/packages/manager/src/cachedData/marketplace.json b/packages/manager/src/cachedData/marketplace.json index 4686e772c87..887f107e048 100644 --- a/packages/manager/src/cachedData/marketplace.json +++ b/packages/manager/src/cachedData/marketplace.json @@ -1 +1 @@ -{"data":[{"id":1146319,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MongoDB Cluster Null One-Click","description":"MongoDB Cluster Null One-Click\r\nNull stackscript for 1067004","ordinal":0,"logo_url":"assets/mongodbmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":38,"deployments_active":2,"is_public":true,"mine":false,"created":"2023-03-23T14:00:01","updated":"2023-08-28T19:43:48","rev_note":"","script":"#!/bin/bash\n\n# Null","user_defined_fields":[]},{"id":1146322,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"PostgreSQL Cluster Null One-Click","description":"PostgreSQL Cluster Null One-Click\r\nNull Stackscript for 1068726","ordinal":0,"logo_url":"assets/postgresqlmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":88,"deployments_active":6,"is_public":true,"mine":false,"created":"2023-03-23T14:17:07","updated":"2023-09-26T14:49:28","rev_note":"","script":"#!/bin/bash\n\n# Null","user_defined_fields":[]},{"id":1146324,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Galera Cluster Null One-Click","description":"Galera Cluster Null One-Click\r\nNull Stackscript for 1088136","ordinal":0,"logo_url":"assets/galeramarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":109,"deployments_active":9,"is_public":true,"mine":false,"created":"2023-03-23T14:19:14","updated":"2023-09-23T14:39:04","rev_note":"","script":"#!/bin/bash","user_defined_fields":[]},{"id":1142293,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Redis Sentinel Cluster Null One-Click","description":"Redis Sentinel Cluster Null One-Click\r\nNull stackscript for 1132204","ordinal":0,"logo_url":"assets/redissentinelmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":151,"deployments_active":26,"is_public":true,"mine":false,"created":"2023-03-16T14:20:59","updated":"2023-08-28T19:43:48","rev_note":"","script":"#!/bin/bash","user_defined_fields":[]},{"id":1226547,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Nomad Cluster Clients Null One-Click","description":"Nomad Cluster Clients One-Click","ordinal":0,"logo_url":"assets/nomadclientsocc.svg","images":["linode/ubuntu22.04"],"deployments_total":226,"deployments_active":19,"is_public":true,"mine":false,"created":"2023-08-25T19:08:57","updated":"2023-09-28T14:08:26","rev_note":"","script":"#!/bin/bash","user_defined_fields":[]},{"id":1226546,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Nomad Cluster Null One-Click","description":"Nomad Cluster Null One-Click","ordinal":0,"logo_url":"assets/nomadocc.svg","images":["linode/ubuntu22.04"],"deployments_total":257,"deployments_active":12,"is_public":true,"mine":false,"created":"2023-08-25T19:08:21","updated":"2023-09-28T14:06:12","rev_note":"","script":"#!/bin/bash/","user_defined_fields":[]},{"id":401697,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"WordPress One-Click","description":"Wordpress One Click App","ordinal":1,"logo_url":"assets/WordPress.svg","images":["linode/ubuntu22.04"],"deployments_total":60287,"deployments_active":4876,"is_public":true,"mine":false,"created":"2019-03-08T21:04:07","updated":"2023-09-28T20:07:46","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-wordpress\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"webserver_stack","label":"The stack you are looking to deploy Wordpress on","oneof":"LAMP,LEMP"},{"name":"site_title","label":"Website title","example":"My Blog"},{"name":"wp_admin_user","label":"Admin username","example":"admin"},{"name":"wp_db_user","label":"Wordpress database user","example":"wordpress"},{"name":"wp_db_name","label":"Wordpress database name","example":"wordpress"},{"name":"user_name","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":632758,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Nextcloud One-Click","description":"One Click App - Nextcloud","ordinal":2,"logo_url":"assets/nextcloud.svg","images":["linode/ubuntu22.04"],"deployments_total":18362,"deployments_active":942,"is_public":true,"mine":false,"created":"2020-02-18T16:40:45","updated":"2023-09-28T18:33:41","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n\n# Install docker\ncurl -fsSL https://get.docker.com | sudo sh\n\n# Adjust permissions\nsudo mkdir -p /mnt/ncdata\nsudo chown -R 33:0 /mnt/ncdata\n\n# Install Nextcloud\nsudo docker run -d \\\n--init \\\n--name nextcloud-aio-mastercontainer \\\n--restart always \\\n-p 80:80 \\\n-p 8080:8080 \\\n-p 8443:8443 \\\n-e NEXTCLOUD_MOUNT=/mnt/ \\\n-e NEXTCLOUD_DATADIR=/mnt/ncdata \\\n--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \\\n--volume /var/run/docker.sock:/var/run/docker.sock:ro \\\nnextcloud/all-in-one:latest\n\n# Some Info\ncat << EOF > /etc/motd\n # # ###### # # ##### #### # #### # # #####\n ## # # # # # # # # # # # # # #\n # # # ##### ## # # # # # # # # #\n # # # # ## # # # # # # # # #\n # ## # # # # # # # # # # # # #\n # # ###### # # # #### ###### #### #### #####\nIf you point a domain to this server ($(hostname -I | cut -f1 -d' ')), you can open the admin interface at https://yourdomain.com:8443\nOtherwise you can open the admin interface at https://$(hostname -I | cut -f1 -d' '):8080\n \nFurther documentation is available here: https://github.com/nextcloud/all-in-one\nEOF\n\n# Install unattended upgrades\nsudo apt-get install unattended-upgrades -y\n\n# firewall\nufw allow 80\nufw allow 443\nufw allow 8080\nufw allow 8443\nufw allow 3478\n\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required for creating DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"soa_email_address","label":"SOA email address","default":""}]},{"id":1017300,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Kali Linux One-Click","description":"Kali Linux One-Click","ordinal":3,"logo_url":"assets/kalilinux.svg","images":["linode/kali"],"deployments_total":15565,"deployments_active":534,"is_public":true,"mine":false,"created":"2022-06-21T14:38:37","updated":"2023-09-28T20:01:30","rev_note":"","script":"#!/bin/bash\n## Kali\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction headlessoreverything {\n if [ $HEADLESS == \"Yes\" ] && [ $EVERYTHING == \"Yes\" ]; then \n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-everything -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $EVERYTHING == \"Yes\" ] && [ $HEADLESS == \"No\" ]; then\n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-everything -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $HEADLESS == \"Yes\" ] && [ $EVERYTHING == \"No\" ]; then \n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-headless -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $HEADLESS == \"No\" ] && [ $EVERYTHING == \"No\" ]; then \n echo \"No Package Selected\"\n fi\n}\n\nfunction vncsetup {\n if [ $VNC == \"Yes\" ]; then \n ## XFCE & VNC Config\n apt-get install xfce4 xfce4-goodies dbus-x11 tigervnc-standalone-server expect -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n\n readonly VNCSERVER_SET_PASSWORD=$(expect -c \"\nspawn sudo -u $USERNAME vncserver\nexpect \\\"Password:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Verify:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Would you like to enter a view-only password (y/n)?\\\"\nsend \\\"n\\r\\\"\nexpect eof\n\")\necho \"$VNCSERVER_SET_PASSWORD\"\n sleep 2\n killvncprocess=$(ps aux | grep \"/usr/bin/Xtigervnc :1 -localhost=1 -desktop\" | head -n 1 | awk '{ print $2; }')\n kill $killvncprocess\n touch /etc/systemd/system/vncserver@.service\n cat < /etc/systemd/system/vncserver@.service\n[Unit]\nDescription=a wrapper to launch an X server for VNC\nAfter=syslog.target network.target\n[Service]\nType=forking\nUser=$USERNAME\nGroup=$USERNAME\nWorkingDirectory=/home/$USERNAME\nExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1\nExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i\nExecStop=/usr/bin/vncserver -kill :%i\n[Install]\nWantedBy=multi-user.target\nEOF\n systemctl daemon-reload\n systemctl start vncserver@1.service\n systemctl enable vncserver@1.service\n\n cat < /etc/motd\n###################################\n# VNC SSH Tunnel Instructions #\n###################################\n\n* Ensure you have a VNC Client installed on your local machine\n* Run the command below to start the SSH tunnel for VNC \n\n ssh -L 61000:localhost:5901 -N -l $USERNAME $FQDN\n\n* For more Detailed documentation please visit the offical Documentation below\n\n https://www.linode.com/docs/products/tools/marketplace/guides/kalilinux\n\n### To remove this message, you can edit the /etc/motd file ###\nEOF\n fi\n}\n\nfunction main {\n headlessoreverything\n vncsetup\n stackscript_cleanup\n}\n\nmain","user_defined_fields":[{"name":"everything","label":"Would you like to Install the Kali Everything Package?","oneof":"Yes,No","default":"Yes"},{"name":"headless","label":"Would you like to Install the Kali Headless Package?","oneof":"Yes,No","default":"No"},{"name":"vnc","label":"Would you like to setup VNC to access Kali XFCE Desktop","oneof":"Yes,No","default":"Yes"},{"name":"username","label":"The VNC user to be created for the Linode. The username accepts only lowercase letters, numbers, dashes (-) and underscores (_)"},{"name":"password","label":"The password for the limited VNC user"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required for creating DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for SOA records (Requires API token)","default":""}]},{"id":593835,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Plesk One-Click","description":"Plesk is the leading secure WordPress and website management platform. This Stackscript installs the latest publicly available Plesk, activates a trial license, installs essential extensions, and sets up and configures the firewall. Please allow the script around 15 minutes to finish.","ordinal":4,"logo_url":"assets/plesk.svg","images":["linode/centos7","linode/ubuntu20.04"],"deployments_total":10199,"deployments_active":496,"is_public":true,"mine":false,"created":"2019-09-26T17:34:17","updated":"2023-09-28T17:12:17","rev_note":"updated wording","script":"#!/bin/bash\n# This block defines the variables the user of the script needs to input\n# when deploying using this script.\n#\n## Enable logging\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction pleskautoinstall {\n echo \"Downloading Plesk Auto-Installer\"\n sh <(curl https://autoinstall.plesk.com/one-click-installer || wget -O - https://autoinstall.plesk.com/one-click-installer)\n echo \"turning on http2\"\n /usr/sbin/plesk bin http2_pref --enable\n}\n\nfunction firewall {\n echo \"Setting Firewall to allow proper ports.\"\n if [ \"${detected_distro[distro]}\" = 'centos' ]; then \n iptables -I INPUT -p tcp --dport 21 -j ACCEPT\n iptables -I INPUT -p tcp --dport 22 -j ACCEPT\n iptables -I INPUT -p tcp --dport 25 -j ACCEPT\n iptables -I INPUT -p tcp --dport 80 -j ACCEPT\n iptables -I INPUT -p tcp --dport 110 -j ACCEPT\n iptables -I INPUT -p tcp --dport 143 -j ACCEPT\n iptables -I INPUT -p tcp --dport 443 -j ACCEPT\n iptables -I INPUT -p tcp --dport 465 -j ACCEPT\n iptables -I INPUT -p tcp --dport 993 -j ACCEPT\n iptables -I INPUT -p tcp --dport 995 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8443 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8447 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8880 -j ACCEPT\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n ufw allow 21\n ufw allow 22\n ufw allow 25\n ufw allow 80\n ufw allow 110\n ufw allow 143\n ufw allow 443\n ufw allow 465\n ufw allow 993\n ufw allow 995\n ufw allow 8443\n ufw allow 8447\n ufw allow 8880\nelse \necho \"Distro Not supported\"\nfi\n}\n\nfunction main {\n pleskautoinstall\n firewall\n}\n\n# Execute script\nsystem_update\nmain\nstackscript_cleanup","user_defined_fields":[]},{"id":595742,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"cPanel One-Click","description":"cPanel One-Click","ordinal":5,"logo_url":"assets/cpanel.svg","images":["linode/ubuntu20.04","linode/almalinux8","linode/rocky8"],"deployments_total":27121,"deployments_active":1061,"is_public":true,"mine":false,"created":"2019-09-30T20:17:52","updated":"2023-09-28T19:12:37","rev_note":"","script":"#!/bin/bash\nset -e\n\n# Commit: fde6587e08ea95321ce010e52a9c1b8d02455a97\n# Commit date: 2023-02-13 17:00:46 -0600\n# Generated: 2023-02-17 11:00:28 -0600\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\necho $(date +%Y%m%d%H%M%S) >> /tmp/cpdebug.log\n\n# Linode's Weblish console will truncate lines unless you do this tput smam. This\n# instructs the terminal to wrap your lines, which is especially important so that\n# the WHM login URL that gets printed at the end can be copied.\ntput smam\n\nsource /etc/os-release\n\nis_os_and_version_id_prefix() {\n [[ $ID == $1 ]] && [[ $VERSION_ID =~ ^$2 ]]\n}\n\nis_almalinux8() {\n is_os_and_version_id_prefix almalinux 8\n}\n\nis_centos7() {\n is_os_and_version_id_prefix centos 7\n}\n\nis_cloudlinux7() {\n is_os_and_version_id_prefix cloudlinux 7\n}\n\nis_cloudlinux8() {\n is_os_and_version_id_prefix cloudlinux 8\n}\n\nis_rocky8() {\n is_os_and_version_id_prefix rocky 8\n}\n\nis_ubuntu20() {\n is_os_and_version_id_prefix ubuntu 20.04\n}\n\nis_supported_os() {\n is_almalinux8 || \\\n is_centos7 || \\\n is_cloudlinux7 || \\\n is_cloudlinux8 || \\\n is_rocky8 || \\\n is_ubuntu20\n}\n\nhas_yum() {\n which yum >/dev/null 2>&1\n}\n\nhas_dnf() {\n which dnf >/dev/null 2>&1\n}\n\nhas_apt() {\n which apt >/dev/null 2>&1\n}\n\nis_networkmanager_enabled() {\n systemctl is-enabled NetworkManager.service > /dev/null 2>&1\n}\n\n# cPanel & WHM is incompatible with NetworkManager\nif is_networkmanager_enabled; then\n systemctl stop NetworkManager.service\n systemctl disable NetworkManager.service\n if has_dnf; then\n dnf -y remove NetworkManager\n elif has_yum; then\n yum -y remove NetworkManager\n fi\nfi\n\nhostnamectl set-hostname server.hostname.tld\n\ncd /home && curl -so installer -L https://securedownloads.cpanel.net/latest\n\nif is_supported_os; then\n if is_ubuntu20; then\n apt-get -o Acquire::ForceIPv4=true update -y\n DEBIAN_FRONTEND=noninteractive apt-get -y -o DPkg::options::=\"--force-confdef\" -o DPkg::options::=\"--force-confold\" install grub-pc\n sh installer --skiplicensecheck --skip-cloudlinux\n else\n sh installer --skiplicensecheck\n fi\nelse\n echo \"Your distribution is not supported by this StackScript.\"\n install -d -v -m 711 /var/cpanel\n touch /var/cpanel/cpinit.failed\nfi\n\nrm -f /etc/cpupdate.conf\ncat > /root/.bash_profile <<'END_OF_BASH_PROFILE'\n# .bash_profile\n# Get the aliases and functions\nif [ -f ~/.bashrc ]; then\n . ~/.bashrc\nfi\n# User specific environment and startup programs\nPATH=$PATH:$HOME/bin\nexport PATH\nbash /etc/motd.sh\nif [ -t 0 ]; then\n URL=`whmlogin --nowait 2> /dev/null`\n WHMLOGIN_RETURN=$?\n if [ $WHMLOGIN_RETURN == 1 ]; then\n # whmlogin doesn't support --nowait. Output a URL and hope it's accurate.\n echo \"To log in to WHM as the root user, visit the following address in your web browser:\"\n echo \"\"\n whmlogin\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n else\n if [ $WHMLOGIN_RETURN == 2 ]; then\n # whmlogin indicates that cpinit hasn't updated the IP/hostname yet.\n echo \"To log in to WHM as the root user, run the command 'whmlogin' to get a web address for your browser.\"\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n else\n # whmlogin returned a valid URL to use.\n echo \"To log in to WHM as the root user, visit the following address in your web browser:\"\n echo \"\"\n echo \"$URL\"\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n fi\n fi\nfi\nEND_OF_BASH_PROFILE\n\ncat > /etc/motd.sh <<'END_OF_MOTD'\n#!/bin/bash\nsource /etc/os-release\necho \"\n ____ _ ___ __ ___ _ __ __\n ___| _ \\ __ _ _ __ ___| | ( _ ) \\ \\ / / | | | \\/ |\n / __| |_) / _. | ._ \\ / _ \\ | / _ \\/\\ \\ \\ /\\ / /| |_| | |\\/| |\n| (__| __/ (_| | | | | __/ | | (_> < \\ V V / | _ | | | |\n \\___|_| \\__._|_| |_|\\___|_| \\___/\\/ \\_/\\_/ |_| |_|_| |_|\n\"\necho \"Welcome to cPanel & WHM `/usr/local/cpanel/cpanel -V`\"\necho \"\"\necho \"Running $PRETTY_NAME\"\necho \"\"\necho \"For our full cPanel & WHM documentation: https://go.cpanel.net/docs\"\necho \"\"\necho \"For information on how to quickly set up a website in cPanel & WHM: https://go.cpanel.net/buildasite\"\necho \"\" # This new line makes output from bash_profiles easier to read\nEND_OF_MOTD\ntouch /var/cpanel/cpinit.done","user_defined_fields":[]},{"id":691621,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Cloudron One-Click","description":"Cloudron One-Click","ordinal":6,"logo_url":"assets/cloudron.svg","images":["linode/ubuntu20.04"],"deployments_total":13260,"deployments_active":675,"is_public":true,"mine":false,"created":"2020-11-30T21:21:45","updated":"2023-09-28T18:25:17","rev_note":"","script":"#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# apt-get updates\n echo 'Acquire::ForceIPv4 \"true\";' > /etc/apt/apt.conf.d/99force-ipv4\n export DEBIAN_FRONTEND=noninteractive\n apt-get update -y\n\nwget https://cloudron.io/cloudron-setup\nchmod +x cloudron-setup\n./cloudron-setup --provider linode-mp\n\necho All finished! Rebooting...\n(sleep 5; reboot) &","user_defined_fields":[]},{"id":692092,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Secure Your Server One-Click","description":"Secure Your Server One-Click","ordinal":7,"logo_url":"assets/secureyourserver.svg","images":["linode/debian10","linode/ubuntu20.04","linode/debian11","linode/ubuntu22.04"],"deployments_total":4163,"deployments_active":574,"is_public":true,"mine":false,"created":"2020-12-03T10:01:28","updated":"2023-09-28T19:38:39","rev_note":"","script":"#!/usr/bin/env bash\n\n## User and SSH Security\n#\n#\n#\n#\n\n## Domain\n#\n#\n#\n#\n#\n\n## Block Storage\n#\n#\n\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source Linode Helpers\nsource \nsource \nsource \nsource \n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode. (lower case only)"},{"name":"password","label":"The password for the limited sudo user"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode"},{"name":"disable_root","label":"Would you like to disable root login over SSH?","oneof":"Yes,No"},{"name":"token_password","label":"Your Linode API token - This is required for creating DNS records","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token and domain)","default":""},{"name":"soa_email_address","label":"Your email address. This is used for creating DNS records and website VirtualHost configuration.","default":""},{"name":"send_email","label":"Would you like to be able to send email from this domain? (Requires domain)","oneof":"Yes,No","default":"No"},{"name":"volume","label":"To use a Block Storage volume, enter its name here.","default":""},{"name":"volume_size","label":"If creating a new Block Storage volume, enter its size in GB (NOTE: This creates a billable resource at $0.10/month per GB).","default":""}]},{"id":925722,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Pritunl One-Click","description":"Pritunl One-Click","ordinal":8,"logo_url":"assets/pritunl.svg","images":["linode/debian10","linode/ubuntu20.04"],"deployments_total":1026,"deployments_active":107,"is_public":true,"mine":false,"created":"2021-10-26T15:23:37","updated":"2023-09-28T16:28:08","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 443\nufw allow 80\nfail2ban_install\n\n# Mongo Install\napt-get install -y wget gnupg dirmngr \nwget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get update -y\napt-get install -y mongodb-org\nsystemctl enable mongod.service\nsystemctl start mongod.service\n\n# Pritunl\napt-key adv --keyserver hkp://keyserver.ubuntu.com --recv E162F504A20CDF15827F718D4B7C549A058F8B6B\napt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.pritunl.com/stable/apt buster main\" | tee /etc/apt/sources.list.d/pritunl.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb http://repo.pritunl.com/stable/apt focal main\" | tee /etc/apt/sources.list.d/pritunl.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\n\napt update -y\napt install -y pritunl\n\nsystemctl enable pritunl.service\nsystemctl start pritunl.service\n\n# Performance tune\necho \"* hard nofile 64000\" >> /etc/security/limits.conf\necho \"* soft nofile 64000\" >> /etc/security/limits.conf\necho \"root hard nofile 64000\" >> /etc/security/limits.conf\necho \"root soft nofile 64000\" >> /etc/security/limits.conf\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for the SOA record","default":""}]},{"id":741206,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"CyberPanel One-Click","description":"CyberPanel One-Click","ordinal":9,"logo_url":"assets/cyberpanel.svg","images":["linode/ubuntu20.04","linode/ubuntu22.04"],"deployments_total":10478,"deployments_active":615,"is_public":true,"mine":false,"created":"2021-01-27T02:46:19","updated":"2023-09-28T19:06:57","rev_note":"","script":"#!/bin/bash\n### linode\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n### Install cyberpanel\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/cybersetup.sh )\n\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n\n### Clean up ls tmp folder\nsudo rm -rf /tmp/lshttpd/*","user_defined_fields":[]},{"id":401709,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Minecraft: Java Edition One-Click","description":"Minecraft OCA","ordinal":10,"logo_url":"assets/Minecraft.svg","images":["linode/ubuntu20.04"],"deployments_total":18878,"deployments_active":403,"is_public":true,"mine":false,"created":"2019-03-08T21:13:32","updated":"2023-09-28T20:22:13","rev_note":"remove maxplayers hard coded options [oca-707]","script":"#!/usr/bin/env bash\n# Game config options:\n# https://minecraft.gamepedia.com/Server.properties\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n## Linode/SSH Security Settings - Required\n#\n#\n## Linode/SSH Settings - Optional\n#\n#\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n[ ! $USERNAME ] && USERNAME='lgsmuser'\nsource \n\n# Difficulty\n[[ \"$DIFFICULTY\" = \"Peaceful\" ]] && DIFFICULTY=0\n[[ \"$DIFFICULTY\" = \"Easy\" ]] && DIFFICULTY=1\n[[ \"$DIFFICULTY\" = \"Normal\" ]] && DIFFICULTY=2\n[[ \"$DIFFICULTY\" = \"Hard\" ]] && DIFFICULTY=3\n\n# Gamemode\n[[ \"$GAMEMODE\" = \"Survival\" ]] && GAMEMODE=0\n[[ \"$GAMEMODE\" = \"Creative\" ]] && GAMEMODE=1\n[[ \"$GAMEMODE\" = \"Adventure\" ]] && GAMEMODE=2\n[[ \"$GAMEMODE\" = \"Spectator\" ]] && GAMEMODE=3\n\n# Player Idle Timeout\n[[ \"$PLAYERIDLETIMEOUT\" = \"Disabled\" ]] && PLAYERIDLETIMEOUT=0\n\n# Minecraft-specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\nsystem_install_package mailutils postfix curl netcat wget file bzip2 \\\n gzip unzip bsdmainutils python util-linux ca-certificates \\\n binutils bc jq tmux openjdk-17-jre dirmngr software-properties-common\n\n# Install LinuxGSM and Minecraft and enable the 'mcserver' service\nreadonly GAMESERVER='mcserver'\nv_linuxgsm_oneclick_install \"$GAMESERVER\" \"$USERNAME\"\n\n# Minecraft configurations\nsed -i s/server-ip=/server-ip=\"$IP\"/ /home/\"$USERNAME\"/serverfiles/server.properties\n\n# Customer config\nsed -i s/allow-flight=false/allow-flight=\"$ALLOWFLIGHT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/allow-nether=true/allow-nether=\"$ALLOWNETHER\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/announce-player-achievements=true/announce-player-achievements=\"$ANNOUNCEPLAYERACHIEVEMENTS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/difficulty=1/difficulty=\"$DIFFICULTY\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-command-block=false/enable-command-block=\"$ENABLECOMMANDBLOCK\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-query=true/enable-query=\"$ENABLEQUERY\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/force-gamemode=false/force-gamemode=\"$FORCEGAMEMODE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/gamemode=0/gamemode=\"$GAMEMODE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/generate-structures=true/generate-structures=\"$GENERATESTRUCTURES\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/hardcore=false/hardcore=\"$HARDCORE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-name=world/level-name=\"$LEVELNAME\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-seed=/level-seed=\"$LEVELSEED\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-type=DEFAULT/level-type=\"$LEVELTYPE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-build-height=256/max-build-height=\"$MAXBUILDHEIGHT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-players=20/max-players=\"$MAXPLAYERS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-tick-time=60000/max-tick-time=\"$MAXTICKTIME\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-world-size=29999984/max-world-size=\"$MAXWORLDSIZE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/motd=.*/motd=\"$MOTD\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/network-compression-threshold=256/network-compression-threshold=\"$NETWORKCOMPRESSIONTHRESHOLD\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/op-permission-level=4/op-permission-level=\"$OPPERMISSIONLEVEL\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/player-idle-timeout=0/player-idle-timeout=\"$PLAYERIDLETIMEOUT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/pvp=true/pvp=\"$PVP\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/resource-pack-sha1=/resource-pack-sha1=\"$RESOURCEPACKSHA1\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/server-port=25565/server-port=\"$PORT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/snooper-enabled=true/snooper-enabled=\"$SNOOPERENABLED\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-animals=true/spawn-animals=\"$SPAWNANIMALS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-monsters=true/spawn-monsters=\"$SPAWNMONSTERS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-npcs=true/spawn-npcs=\"$SPAWNNPCS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/use-native-transport=true/use-native-transport=\"$USENATIVETRANSPORT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/view-distance=10/view-distance=\"$VIEWDISTANCE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/rcon.password=*/rcon.password=\"\\\"$RCONPASSWORD\\\"\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-rcon=false/enable-rcon=true/ /home/\"$USERNAME\"/serverfiles/server.properties\n\n# Start the service and setup firewall\nufw allow \"$PORT\"\nufw allow \"25575\"\n\n# Start and enable the Minecraft service\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"levelname","label":"World Name","default":"world"},{"name":"motd","label":"Message of the Day","default":"Powered by Linode!"},{"name":"allowflight","label":"Flight Enabled","oneof":"true,false","default":"false"},{"name":"allownether","label":"Nether World Enabled","oneof":"true,false","default":"true"},{"name":"announceplayerachievements","label":"Player Achievements Enabled","oneof":"true,false","default":"true"},{"name":"maxplayers","label":"Maximum Players","default":"25"},{"name":"playeridletimeout","label":"Player Idle Timeout Limit","oneof":"Disabled,15,30,45,60","default":"Disabled"},{"name":"difficulty","label":"Difficulty Level","oneof":"Peaceful,Easy,Normal,Hard","default":"Easy"},{"name":"hardcore","label":"Hardcore Mode Enabled","oneof":"true,false","default":"false"},{"name":"pvp","label":"PvP Enabled","oneof":"true,false","default":"true"},{"name":"forcegamemode","label":"Force Game Mode Enabled","oneof":"true,false","default":"false"},{"name":"leveltype","label":"World Type","oneof":"DEFAULT,AMPLIFIED,FLAT,LEGACY","default":"DEFAULT"},{"name":"levelseed","label":"World Seed","default":""},{"name":"spawnanimals","label":"Spawn Animals Enabled","oneof":"true,false","default":"true"},{"name":"spawnmonsters","label":"Spawn Monsters Enabled","oneof":"true,false","default":"true"},{"name":"spawnnpcs","label":"Spawn NPCs Enabled","oneof":"true,false","default":"true"},{"name":"gamemode","label":"Game Mode","oneof":"Survival,Creative,Adventure,Spectator","default":"Survival"},{"name":"generatestructures","label":"Structure Generation Enabled","oneof":"true,false","default":"true"},{"name":"maxbuildheight","label":"Maximum Build Height","oneof":"50,100,200,256","default":"256"},{"name":"maxworldsize","label":"Maximum World Size","oneof":"100,1000,10000,100000,1000000,10000000,29999984","default":"29999984"},{"name":"viewdistance","label":"View Distance","oneof":"2,5,10,15,25,32","default":"10"},{"name":"enablecommandblock","label":"Command Block Enabled","oneof":"true,false","default":"false"},{"name":"enablequery","label":"Querying Enabled","oneof":"true,false","default":"true"},{"name":"enablercon","label":"Enable RCON","oneof":"true,false","default":"false"},{"name":"rconpassword","label":"RCON Password","default":""},{"name":"rconport","label":"RCON Port","default":"25575"},{"name":"maxticktime","label":"Maximum Tick Time","default":"60000"},{"name":"networkcompressionthreshold","label":"Network Compression Threshold","default":"256"},{"name":"oppermissionlevel","label":"Op-permission Level","oneof":"1,2,3,4","default":"4"},{"name":"port","label":"Port Number","default":"25565"},{"name":"snooperenabled","label":"Snooper Enabled","oneof":"true,false","default":"true"},{"name":"usenativetransport","label":"Use Native Transport Enabled","oneof":"true,false","default":"true"},{"name":"username","label":"The username for the Linode's non-root admin/SSH user(must be lowercase)","example":"lgsmuser"},{"name":"password","label":"The password for the Linode's non-root admin/SSH user","example":"S3cuReP@s$w0rd"},{"name":"pubkey","label":"The SSH Public Key used to securely access the Linode via SSH","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":869129,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"aaPanel One-Click","description":"aaPanel One-Click","ordinal":11,"logo_url":"assets/aapanel.svg","images":["linode/centos7"],"deployments_total":4873,"deployments_active":344,"is_public":true,"mine":false,"created":"2021-07-20T18:50:46","updated":"2023-09-28T14:41:28","rev_note":"","script":"#!/bin/bash\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Yum Update\nyum update -y\n\n# Install aapanel\nyum install -y wget && wget -O install.sh http://www.aapanel.com/script/install_6.0_en.sh && echo y|bash install.sh aapanel\n\n# Log aaPanel login information\nbt default > /root/.aapanel_info\n\n# Stackscript Cleanup\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"","user_defined_fields":[]},{"id":923033,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Akaunting One-Click","description":"Akaunting One-Click","ordinal":12,"logo_url":"assets/akaunting.svg","images":["linode/ubuntu22.04"],"deployments_total":586,"deployments_active":23,"is_public":true,"mine":false,"created":"2021-10-18T01:01:19","updated":"2023-09-28T15:34:24","rev_note":"","script":"#!/bin/bash\n\n# \n# \n# \n# \n\n# \n# \n# \n# \n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nDEBIAN_FRONTEND=noninteractive apt-get update -qq >/dev/null\n\n###########################################################\n# Install NGINX\n###########################################################\napt-get install -y nginx\n\ncat <<'END' >/var/www/html/index.html\n\n \n \n \n \n \n\n Installing Akaunting\n\n \n \n\n \n \n\n \n
\n
\n \n
\n\n
\n \n
\n
\n

Installing...

Get back after 3 minutes!

\n
\n
\n \n\nEND\n\nchown www-data:www-data /var/www/html/index.html\nchmod 644 /var/www/html/index.html\n\n###########################################################\n# MySQL\n###########################################################\napt install -y mariadb-server expect\n\nfunction mysql_secure_install {\n # $1 - required - Root password for the MySQL database\n [ ! -n \"$1\" ] && {\n printf \"mysql_secure_install() requires the MySQL database root password as its only argument\\n\"\n return 1;\n }\n local -r db_root_password=\"$1\"\n local -r secure_mysql=$(\nexpect -c \"\nset timeout 10\nspawn mysql_secure_installation\nexpect \\\"Enter current password for root (enter for none):\\\"\nsend \\\"$db_root_password\\r\\\"\nexpect \\\"Change the root password?\\\"\nsend \\\"n\\r\\\"\nexpect \\\"Remove anonymous users?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Disallow root login remotely?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Remove test database and access to it?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Reload privilege tables now?\\\"\nsend \\\"y\\r\\\"\nexpect eof\n\")\n printf \"$secure_mysql\\n\"\n}\n\n# Set DB root password\necho \"mysql-server mysql-server/root_password password ${DB_PASSWORD}\" | debconf-set-selections\necho \"mysql-server mysql-server/root_password_again password ${DB_PASSWORD}\" | debconf-set-selections\n\nmysql_secure_install \"$DB_PASSWORD\"\n\n# Create DB\necho \"CREATE DATABASE ${DB_NAME};\" | mysql -u root -p\"$DB_PASSWORD\"\n\n# create DB user with password\necho \"CREATE USER '$DBUSER'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD';\" | mysql -u root -p\"$DB_PASSWORD\"\n\necho \"GRANT ALL PRIVILEGES ON $DB_NAME.* TO '$DBUSER'@'localhost';\" | mysql -u root -p\"$DB_PASSWORD\"\necho \"FLUSH PRIVILEGES;\" | mysql -u root -p\"$DB_PASSWORD\"\n\n\n###########################################################\n# Install PHP \n###########################################################\napt-get install -y zip unzip php-mbstring php-zip php-gd php-cli php-curl php-intl php-imap php-xml php-xsl php-tokenizer php-sqlite3 php-pgsql php-opcache php-simplexml php-fpm php-bcmath php-ctype php-json php-pdo php-mysql\n\n###########################################################\n# Akaunting\n###########################################################\nmkdir -p /var/www/akaunting \\\n && curl -Lo /tmp/akaunting.zip 'https://akaunting.com/download.php?version=latest&utm_source=linode&utm_campaign=developers' \\\n && unzip /tmp/akaunting.zip -d /var/www/html \\\n && rm -f /tmp/akaunting.zip\n\ncat </var/www/html/.env\nAPP_NAME=Akaunting\nAPP_ENV=production\nAPP_LOCALE=en-GB\nAPP_INSTALLED=false\nAPP_KEY=\nAPP_DEBUG=false\nAPP_SCHEDULE_TIME=\"09:00\"\nAPP_URL=\n\nDB_CONNECTION=mysql\nDB_HOST=localhost\nDB_PORT=3306\nDB_DATABASE=${DB_NAME}\nDB_USERNAME=${DBUSER}\nDB_PASSWORD=${DBUSER_PASSWORD}\nDB_PREFIX=\n\nBROADCAST_DRIVER=log\nCACHE_DRIVER=file\nSESSION_DRIVER=file\nQUEUE_CONNECTION=sync\nLOG_CHANNEL=stack\n\nMAIL_MAILER=mail\nMAIL_HOST=localhost\nMAIL_PORT=2525\nMAIL_USERNAME=null\nMAIL_PASSWORD=null\nMAIL_ENCRYPTION=null\nMAIL_FROM_NAME=null\nMAIL_FROM_ADDRESS=null\n\nFIREWALL_ENABLED=false\nEND\n\ncd /var/www/html && php artisan key:generate\n\n# Install Akaunting\nphp /var/www/html/artisan install --db-host=\"localhost\" --db-name=\"$DB_NAME\" --db-username=\"$DBUSER\" --db-password=\"$DBUSER_PASSWORD\" --company-name=\"$COMPANY_NAME\" --company-email=\"$COMPANY_EMAIL\" --admin-email=\"$ADMIN_EMAIL\" --admin-password=\"$ADMIN_PASSWORD\"\n\n# Fix permissions\nchown -Rf www-data:www-data /var/www/html\nfind /var/www/html/ -type d -exec chmod 755 {} \\;\nfind /var/www/html/ -type f -exec chmod 644 {} \\;\n\n###########################################################\n# Configure NGINX\n###########################################################\nPHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\ncat << END > /etc/nginx/nginx.conf\n# Generic startup file.\nuser www-data;\n\n#usually equal to number of CPUs you have. run command \"grep processor /proc/cpuinfo | wc -l\" to find it\nworker_processes auto;\nworker_cpu_affinity auto;\n\nerror_log /var/log/nginx/error.log;\npid /var/run/nginx.pid;\n\n# Keeps the logs free of messages about not being able to bind().\n#daemon off;\n\nevents {\nworker_connections 1024;\n}\n\nhttp {\n# rewrite_log on;\n\ninclude mime.types;\ndefault_type application/octet-stream;\naccess_log /var/log/nginx/access.log;\nsendfile on;\n# tcp_nopush on;\nkeepalive_timeout 64;\n# tcp_nodelay on;\n# gzip on;\n #php max upload limit cannot be larger than this \nclient_max_body_size 13m;\nindex index.php index.html index.htm;\n\n# Upstream to abstract backend connection(s) for PHP.\nupstream php {\n #this should match value of \"listen\" directive in php-fpm pool\n server unix:/run/php/php$PHP_VERSION-fpm.sock;\n server 127.0.0.1:9000;\n}\n\nserver {\n listen 80 default_server;\n\n server_name _;\n\n root /var/www/html;\n\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Content-Type-Options \"nosniff\";\n\n index index.html index.htm index.php;\n\n charset utf-8;\n\n location / {\n try_files \\$uri \\$uri/ /index.php?\\$query_string;\n }\n\n # Prevent Direct Access To Protected Files\n location ~ \\.(env|log) {\n deny all;\n }\n\n # Prevent Direct Access To Protected Folders\n location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) {\n deny all;\n }\n\n # Prevent Direct Access To modules/vendor Folders Except Assets\n location ~ ^/(modules|vendor)\\/(.*)\\.((?!ico|gif|jpg|jpeg|png|js\\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {\n deny all;\n }\n\n error_page 404 /index.php;\n\n # Pass PHP Scripts To FastCGI Server\n location ~ \\.php$ {\n fastcgi_split_path_info ^(.+\\.php)(/.+)\\$;\n fastcgi_pass php;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME \\$document_root\\$fastcgi_script_name;\n include fastcgi_params;\n }\n\n location ~ /\\.(?!well-known).* {\n deny all;\n }\n}\n}\nEND\n\n# Remove installation screen\nrm -f /var/www/html/index.html\n\nservice nginx reload\n\n###########################################################\n# Firewall\n###########################################################\napt-get install ufw -y\nufw limit ssh\nufw allow http\nufw allow https\n\nufw --force enable\n\n###########################################################\n# Stackscript cleanup\n###########################################################\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"","user_defined_fields":[{"name":"company_name","label":"Company Name","example":"My Company"},{"name":"company_email","label":"Company Email","example":"my@company.com"},{"name":"admin_email","label":"Admin Email","example":"my@company.com"},{"name":"admin_password","label":"Admin Password","example":"s3cur39a55w0r0"},{"name":"db_name","label":"MySQL Database Name","example":"akaunting"},{"name":"db_password","label":"MySQL root Password","example":"s3cur39a55w0r0"},{"name":"dbuser","label":"MySQL Username","example":"akaunting"},{"name":"dbuser_password","label":"MySQL User Password","example":"s3cur39a55w0r0"}]},{"id":985374,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Ant Media Server: Enterprise Edition One-Click","description":"Ant Media Enterprise Edition One-Click","ordinal":13,"logo_url":"assets/antmediaserver.svg","images":["linode/ubuntu20.04"],"deployments_total":1264,"deployments_active":71,"is_public":true,"mine":false,"created":"2022-03-08T17:39:39","updated":"2023-09-28T15:29:20","rev_note":"","script":"#!/usr/bin/env bash\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\nZIP_FILE=\"https://antmedia.io/linode/antmedia_2.5.3.zip\"\nINSTALL_SCRIPT=\"https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh\"\n\nwget -q --no-check-certificate $ZIP_FILE -O /tmp/antmedia.zip && wget -q --no-check-certificate $INSTALL_SCRIPT -P /tmp/\n\nif [ $? == \"0\" ]; then\n bash /tmp/install_ant-media-server.sh -i /tmp/antmedia.zip\nelse\n logger \"There is a problem in installing the ant media server. Please send the log of this console to contact@antmedia.io\"\n exit 1\nfi","user_defined_fields":[]},{"id":804144,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Ant Media Server: Community Edition One-Click","description":"Ant Media Server One-Click","ordinal":14,"logo_url":"assets/antmediaserver.svg","images":["linode/ubuntu20.04"],"deployments_total":5200,"deployments_active":450,"is_public":true,"mine":false,"created":"2021-04-01T12:50:57","updated":"2023-09-28T18:12:17","rev_note":"","script":"#!/usr/bin/env bash \n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nZIP_FILE=\"https://github.com/ant-media/Ant-Media-Server/releases/download/ams-v2.5.3/ant-media-server-community-2.5.3.zip\"\n\n\nINSTALL_SCRIPT=\"https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh\"\n\nwget -q --no-check-certificate $ZIP_FILE -O /tmp/antmedia.zip && wget -q --no-check-certificate $INSTALL_SCRIPT -P /tmp/\n\nif [ $? == \"0\" ]; then\n bash /tmp/install_ant-media-server.sh -i /tmp/antmedia.zip\nelse\n logger \"There is a problem in installing the ant media server. Please send the log of this console to contact@antmedia.io\"\n exit 1\nfi","user_defined_fields":[]},{"id":1102900,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Apache Airflow One-Click","description":"Apache Airflow One-Click App","ordinal":15,"logo_url":"assets/apacheairflow.svg","images":["linode/ubuntu20.04"],"deployments_total":108,"deployments_active":4,"is_public":true,"mine":false,"created":"2022-12-20T17:32:08","updated":"2023-09-27T22:45:08","rev_note":"","script":"#!/bin/bash\n#\n# \n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n## Enable logging\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\ncreate_a_record $SUBDOMAIN $IP $DOMAIN\n\n# install depends\nexport DEBIAN_FRONTEND=noninteractive\nsudo apt update\n#sudo apt -y upgrade\nsudo apt install -y python3-pip\nsudo apt install -y build-essential libssl-dev libffi-dev python3-dev\nsudo apt install -y python3-venv # One of the Airflow examples requires virtual environments\n\nexport AIRFLOW_HOME=~/airflow\n\n# Install Airflow using the constraints file\nAIRFLOW_VERSION=2.4.1\nPYTHON_VERSION=\"$(python3 --version | cut -d \" \" -f 2 | cut -d \".\" -f 1-2)\"\n# For example: 3.7\nCONSTRAINT_URL=\"https://raw.githubusercontent.com/apache/airflow/constraints-${AIRFLOW_VERSION}/constraints-${PYTHON_VERSION}.txt\"\n# For example: https://raw.githubusercontent.com/apache/airflow/constraints-2.4.1/constraints-3.7.txt\npip install \"apache-airflow==${AIRFLOW_VERSION}\" --constraint \"${CONSTRAINT_URL}\"\n\n# The Standalone command will initialise the database, make a user,\n# and start all components for you.\nairflow standalone &\n\n###\n# \n# systemd unit file and per component settings go here\n# \n### \n\n\n## install nginx reverse-proxy \napt install nginx -y \n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${DEFAULT_RDNS};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n\n location / {\n proxy_pass http://localhost:8080;\n proxy_set_header Host \\$host;\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header X-Forward-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx \n\n## UFW rules \nufw allow http \nufw allow https \nsystemctl enable ufw\n\nsleep 60 \n\n## install SSL certs. required \npip install pyOpenSSL --upgrade\napt install python3-certbot-nginx -y \ncertbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${SOA_EMAIL_ADDRESS} -w /var/www/html/\n\n## write some login details\nexport ADMIN_PASS=$(cat /root/airflow/standalone_admin_password.txt)\ncat < /etc/motd \nThe installation of Apache Airflow is now complete, and the application is running in standalone mode.\n#\nYou can log into the Airflow GUI at ${ABS_DOMAIN}\nWith the credentials: \nUsername: admin\nPassword: ${ADMIN_PASS}\n#\nStandalone mode is not recommended for production.\nEND\n\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode.","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":1160820,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Appwrite One-Click","description":"Appwrite One-Click ","ordinal":16,"logo_url":"assets/appwrite.svg","images":["linode/ubuntu22.04"],"deployments_total":130,"deployments_active":12,"is_public":true,"mine":false,"created":"2023-04-21T13:09:13","updated":"2023-09-28T00:16:08","rev_note":"","script":"#!/bin/bash\n### linode \n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# install docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nbash ./get-docker.sh\n\n# install haveged\nsudo apt-get install -y haveged\n\n# Install Appwrite\n# Grab latest version\nappversion=$(curl -s https://api.github.com/repos/appwrite/appwrite/releases/latest | grep -oP '\"tag_name\": \"\\K.*?(?=\")')\n\ndocker run --rm \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n --volume \"$(pwd)\"/appwrite:/usr/src/code/appwrite:rw \\\n appwrite/appwrite:$appversion sh -c \"install --httpPort=80 --httpsPort=443 --interactive=N\"\n\necho \"Installation complete!\"","user_defined_fields":[]},{"id":401699,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Ark One-Click","description":"Ark - Latest One-Click","ordinal":17,"logo_url":"assets/Ark@1x.svg","images":["linode/debian11"],"deployments_total":1123,"deployments_active":5,"is_public":true,"mine":false,"created":"2019-03-08T21:05:54","updated":"2023-09-09T18:16:56","rev_note":"Remove SSH Pubkey UDF","script":"#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"arkserver\"\n\nset_hostname\napt_setup_update\n\n\n# ARK specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc-s1 libstdc++6 libstdc++6:i386 \n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install ARK\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\nsed -i s/XPMultiplier=.*/XPMultiplier=\"$XPMULTIPLIER\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerPassword=.*/ServerPassword=\"$SERVERPASSWORD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerHardcore=.*/ServerHardcore=\"$SERVERPASSWORD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerPVE=.*/ServerPVE=\"$SERVERPVE\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/Message=.*/Message=\"$MOTD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/SessionName=.*/SessionName=\"$SESSIONNAME\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerAdminPassword=.*/ServerAdminPassword=\"\\\"$RCONPASSWORD\\\"\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\n\n\n# Start the service and setup firewall\nufw_install\nufw allow 27015/udp\nufw allow 7777:7778/udp\nufw allow 27020/tcp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup","user_defined_fields":[{"name":"rconpassword","label":"RCON password"},{"name":"sessionname","label":"Server Name","default":"Ark Server"},{"name":"motd","label":"Message of the Day","default":"Powered by Linode!"},{"name":"serverpassword","label":"Server Password","default":""},{"name":"hardcore","label":"Hardcore Mode Enabled","oneof":"True,False","default":"False"},{"name":"xpmultiplier","label":"XP Multiplier","oneof":"1,1.5,2,5,10,20","default":"2"},{"name":"serverpve","label":"Server PvE","oneof":"True,False","default":"False"}]},{"id":662118,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Azuracast One-Click","description":"AzuraCast One-Click","ordinal":18,"logo_url":"assets/azuracast.svg","images":["linode/debian10","linode/ubuntu20.04"],"deployments_total":2587,"deployments_active":202,"is_public":true,"mine":false,"created":"2020-08-12T15:50:09","updated":"2023-09-28T02:16:33","rev_note":"","script":"#!/bin/bash\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, apt configuration and update/upgrade\nset_hostname\napt_setup_update\n\n# Install GIT\napt-get update && apt-get install -q -y git\n# Cloning AzuraCast and install\nmkdir -p /var/azuracast\ncd /var/azuracast\ncurl -fsSL https://raw.githubusercontent.com/AzuraCast/AzuraCast/main/docker.sh > docker.sh\nchmod a+x docker.sh\nyes 'Y' | ./docker.sh setup-release\nyes '' | ./docker.sh install\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[]},{"id":913277,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"BeEF One-Click","description":"BeEF One-Click","ordinal":19,"logo_url":"assets/beef.svg","images":["linode/ubuntu22.04"],"deployments_total":29200,"deployments_active":1310,"is_public":true,"mine":false,"created":"2021-09-30T18:28:58","updated":"2023-09-28T20:31:48","rev_note":"","script":"#!/bin/bash\n#\n# Script to install BEEF on Linode\n# \n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nbeef_config=\"/home/beef/config.yaml\"\nkey=\"privkey.pem\"\ncert=\"fullchain.pem\"\n\n# System Update\napt_setup_update\n\n# UFW\nufw allow 80\nufw allow 443\nufw allow 3000\n\nfunction configure_nginx {\n apt install git nginx -y\n # NGINX\n mkdir -p /var/www/certs/.well-known\n chown -R www-data:www-data /var/www/certs/\n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n listen [::]:80;\n server_name $FQDN;\n root /var/www/certs;\n location / {\n try_files \\$uri \\$uri/ =404;\n }\n# allow .well-known\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/certs/.well-known;\n }\n}\nEOF\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/$FQDN\n unlink /etc/nginx/sites-enabled/default\n systemctl restart nginx\n}\n\nfunction configure_ssl {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction create_beef_user {\n function create_beef {\n groupadd --system beef\n useradd -s /sbin/nologin --system -g beef beef\n }\n\n grep beef /etc/passwd\n if [ $? -eq 1 ];then\n create_beef\n else\n echo \"[INFO] beef already on the system. Deleting user\"\n deluser --remove-home beef\n create_beef\n fi\n}\n\nfunction configure_beef {\n git clone https://github.com/beefproject/beef.git /home/beef\n chown -R beef: /home/beef\n cd /home/beef\n cp /etc/letsencrypt/live/$FQDN/$key .\n cp /etc/letsencrypt/live/$FQDN/$cert .\n\n # get line number to replace\n get_https_enable=$(grep -n -C 10 \"key:\" $beef_config | grep -v \"#\" | grep \"https:\" -A 5 | grep \"enable:\" | awk -F \"-\" {'print $1'})\n get_https_public_enabled=$(grep -n -C 10 \"key:\" $beef_config | grep -v \"#\" | grep \"https:\" -A 5 | grep \"public_enabled:\" | awk -F \"-\" {'print $1'})\n\n # replacing line numebr\n sed -i \"\"$get_https_enable\"s/enable: false/enable: true/\" $beef_config\n sed -i \"\"$get_https_public_enabled\"s/public_enabled: false/public_enabled: true/\" $beef_config\n sed -i \"/key:/c\\ key: \\\"$key\\\"\" $beef_config\n sed -i \"/cert:/c\\ cert: \\\"$cert\\\"\" $beef_config\n\n # creds\n #sed -i \"/user:/c\\ user: \\\"beef\\\"\" $beef_config\n sed -i \"/passwd:/c\\ passwd: \\\"$BEEFPASSWORD\\\"\" $beef_config\n\n # install local copy of beef\n yes | ./install\n}\n\nfunction beef_startup {\n cat < /home/beef/start_beef\n#!/bin/bash\nfunction start_beef {\n cd /home/beef\n echo no | ./beef\n}\nstart_beef\nEOF\n chown -R beef:beef /home/beef\n chmod +x /home/beef/start_beef\n}\n \nfunction beef_job {\n cat < /etc/systemd/system/beef.service\n[Unit]\nDescription=Browser Exploitation Framework\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=beef\nGroup=beef\nExecStart=/home/beef/start_beef\n[Install]\nWantedBy=default.target\nEOF\n systemctl daemon-reload\n systemctl start beef\n systemctl enable beef\n}\n\nfunction ssl_renew_cron {\n cat </root/certbot-beef-renewal.sh\n#!/bin/bash\n#\n# Script to handle Certbot renewal & BeEf\n# Debug\n# set -xo pipefail\nexport BEEF_FULL=/home/beef/fullchain.pem\nexport BEEF_PRIVKEY=/home/beef/privkey.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\ncertbot renew\ncat \\$FULLCHAIN > \\$BEEF_FULL\ncat \\$PRIVKEY > \\$BEEF_PRIVKEY\nservice beef reload\nEND\n chmod +x /root/certbot-beef-renewal.sh\n\n# Setup Cron\n crontab -l > cron\n echo \"* 1 * * 1 bash /root/certbot-beef-renewal.sh\" >> cron\n crontab cron\n rm cron\n\n}\n\nfunction install_complete {\n cat < /root/beef.info\n##############################\n# BEEF INSTALLATION COMPLETE #\n##############################\nEndpoint: https://$FQDN:3000/ui/panel\nCredentials can be found here:\n/home/beef/config.yaml\nHappy hunting!\nEOF\n}\n\nfunction main {\n create_beef_user\n configure_nginx\n configure_ssl\n configure_beef\n beef_startup\n beef_job\n ssl_renew_cron\n install_complete\n}\nmain\n\n# Clean up\nstackscript_cleanup\ncat /root/beef.info","user_defined_fields":[{"name":"beefpassword","label":"BEEF Password"},{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode. The username cannot contain any spaces or capitol letters. For this application the username 'beef' is reserved for the application, so please choose an alternative username for this deployment.","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":923034,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"BitNinja One-Click","description":"BitNinja One-Click","ordinal":20,"logo_url":"assets/bitninja.svg","images":["linode/centos7","linode/debian10","linode/ubuntu20.04","linode/debian11"],"deployments_total":34,"deployments_active":1,"is_public":true,"mine":false,"created":"2021-10-18T01:03:02","updated":"2023-09-26T10:24:43","rev_note":"","script":"#!bin/bash\n\n# \n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nwget -qO- https://get.bitninja.io/install.sh | /bin/bash -s - --license_key=\"$license_key\" -y","user_defined_fields":[{"name":"license_key","label":"License Key"}]},{"id":1037036,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Budibase One-Click","description":"Budibase One Click App","ordinal":21,"logo_url":"assets/budibase.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":400,"deployments_active":25,"is_public":true,"mine":false,"created":"2022-08-02T18:42:41","updated":"2023-09-28T19:59:34","rev_note":"","script":"#!/bin/bash\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2 pwgen ufw\ncurl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker.io\n\n# Check to ensure Docker is running and installed correctly\nsystemctl status docker\ndocker -v\n\n# Install Docker Compose\ncurl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose\nchmod +x /usr/local/bin/docker-compose\ndocker-compose --version\n\necho \"Creating passwords for /opt/budibase/.env\"\nVAR_JWT_SECRET=$(pwgen 16)\nVAR_MINIO_ACCESS_KEY=$(pwgen 16)\nVAR_MINIO_SECRET_KEY=$(pwgen 16)\nVAR_COUCH_DB_PASSWORD=$(pwgen 16)\nVAR_REDIS_PASSWORD=$(pwgen 16)\nVAR_INTERNAL_API_KEY=$(pwgen 16)\nIP=`hostname -I | awk '{print$1}'`\n\nmkdir -p /opt/budibase\ncd /opt/budibase\necho \"Fetch budibase docker compose file\"\ncurl -L https://raw.githubusercontent.com/Budibase/budibase/master/hosting/docker-compose.yaml -o /opt/budibase/docker-compose.yml\necho \"Fetch budibase .env template\"\ncurl -L https://raw.githubusercontent.com/Budibase/budibase/master/hosting/.env -o /opt/budibase/.env\necho \"Set passwords in /opt/budibase/.env\"\nsed -i \"s/JWT_SECRET=testsecret/JWT_SECRET=$VAR_JWT_SECRET/\" /opt/budibase/.env\nsed -i \"s/MINIO_ACCESS_KEY=budibase/MINIO_ACCESS_KEY=$VAR_MINIO_ACCESS_KEY/\" /opt/budibase/.env\nsed -i \"s/MINIO_SECRET_KEY=budibase/MINIO_SECRET_KEY=$VAR_MINIO_SECRET_KEY/\" /opt/budibase/.env\nsed -i \"s/COUCH_DB_PASSWORD=budibase/COUCH_DB_PASSWORD=$VAR_COUCH_DB_PASSWORD/\" /opt/budibase/.env\nsed -i \"s/REDIS_PASSWORD=budibase/REDIS_PASSWORD=$VAR_REDIS_PASSWORD/\" /opt/budibase/.env\nsed -i \"s/INTERNAL_API_KEY=budibase/INTERNAL_API_KEY=$VAR_INTERNAL_API_KEY/\" /opt/budibase/.env\nsed -i \"s/MAIN_PORT=10000/MAIN_PORT=$BBPORT/\" /opt/budibase/.env\ndocker-compose up -d\n\ncat </etc/profile.d/budibase_welcome.sh\n#!/bin/sh\n#\nIP=$(hostname -I | awk '{print$1}')\necho \"\n********************************************************************************\nWelcome to Budibase!\nTo help keep this server secure, the UFW firewall is enabled.\nAll ports are BLOCKED except 22 (SSH) and the Web UI port $BBPORT.\n********************************************************************************\n # Budibase UI: http://$IP:$BBPORT/\n # Website: https://budibase.com\n # Documentation: https://docs.budibase.com\n # Github: https://github.com/Budibase/budibase\n # Community Support: https://github.com/Budibase/budibase/discussions\n # Restart Budibase: cd /opt/budibase; docker-compose down; docker-compose up -d\n # Budibase config: /etc/budibase/.env\n\"\nEND\nchmod +x /etc/profile.d/budibase_welcome.sh\n# Enable UFW and add some rules to it\nufw enable\nufw limit ssh/tcp comment 'Rate limit the SSH port'\nufw allow $BBPORT/tcp comment \"TCP Listen port for Budibase\"\nufw --force enable\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"BBPORT","label":"Budibase Port","example":"Default: 80","default":"80"}]},{"id":869155,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Chevereto One-Click","description":"Chevereto One-Click","ordinal":22,"logo_url":"assets/chevereto.svg","images":["linode/ubuntu20.04"],"deployments_total":231,"deployments_active":8,"is_public":true,"mine":false,"created":"2021-07-20T19:07:56","updated":"2023-09-24T13:57:40","rev_note":"","script":"#!/usr/bin/env bash\n# https://github.com/chevereto/linode-marketplace\n\nset -e\n\nCHEVERETO_INSTALLER_TAG=\"3.1.0\"\nWORKING_DIR=\"/var/www/html\"\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n## 03-force-ssh-logout.sh\ncat >>/etc/ssh/sshd_config </dev/null\napt install -y apache2 libapache2-mod-php\napt install -y mysql-server\napt install -y php\napt install -y php-{common,cli,curl,fileinfo,gd,imagick,intl,json,mbstring,mysql,opcache,pdo,pdo-mysql,xml,xmlrpc,zip}\napt install -y python3-certbot-apache software-properties-common unzip\n\n# 01-fs.sh\ncat >/etc/apache2/sites-available/000-default.conf <\n \n Options Indexes FollowSymLinks\n AllowOverride All\n Require all granted\n \n ServerAdmin webmaster@localhost\n DocumentRoot /var/www/html\n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEOM\n\ncat >/etc/update-motd.d/99-one-click < certbot --apache -d example.com -d www.example.com\nIMPORTANT:\n * After connecting to the server for the first time, immediately install\n Chevereto at http://\\$myip/installer.php\n * Secure your database by running:\n > mysql_secure_installation\n * Setup email delivery at http://\\$myip/dashboard/settings/email\nFor help and more information visit https://chevereto.com\n********************************************************************************\nTo delete this message of the day: rm -rf \\$(readlink -f \\${0})\nEOF\nEOM\nchmod +x /etc/update-motd.d/99-one-click\n\ncat >/etc/cron.d/chevereto </etc/php/7.4/apache2/conf.d/chevereto.ini <>/var/log/per-instance.log\n\nMYSQL_ROOT_PASS=$(openssl rand -hex 16)\nDEBIAN_SYS_MAINT_MYSQL_PASS=$(openssl rand -hex 16)\n\nCHEVERETO_DB_HOST=localhost\nCHEVERETO_DB_PORT=3306\nCHEVERETO_DB_NAME=chevereto\nCHEVERETO_DB_USER=chevereto\nCHEVERETO_DB_PASS=$(openssl rand -hex 16)\n\ncat >/root/.mysql_password <>/etc/apache2/envvars </etc/mysql/debian.cnf <>/var/log/per-instance.log\n\necho \"[OK] Chevereto Installer $CHEVERETO_INSTALLER_TAG provisioned!\"","user_defined_fields":[]},{"id":869158,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"ClusterControl One-Click","description":"ClusterControl One-Click","ordinal":23,"logo_url":"assets/clustercontrol.svg","images":["linode/ubuntu20.04"],"deployments_total":160,"deployments_active":3,"is_public":true,"mine":false,"created":"2021-07-20T19:13:44","updated":"2023-09-20T21:12:51","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables\n\n## Severalnines settings\n#\n#\n\n## Domain settings\n#\n#\n#\n#\n\n## Let's Encrypt SSL\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# System Update\nsystem_update\n\nworkdir=/tmp\nIP=`hostname -I | awk '{print$1}'`\n# if command -v dig &>/dev/null; then\n# echo -e \"\\nDetermining network interfaces.\" \n# ext_ip=$(dig +short myip.opendns.com @resolver1.opendns.com 2>/dev/null)\n# [[ ! -z $ext_ip ]] && IP=${ext_ip}\n# fi\nlog_progress() {\n\n echo \"$1\" >> /root/cc_install.log\n}\n\ninstall_cc() {\n export HOME=/root\n export USER=root\n wget --no-check-certificate https://severalnines.com/downloads/cmon/install-cc\n chmod +x install-cc\n echo \"mysql cmon password = $CMONUSER_PASSWORD\" >> /root/.cc_passwords\n echo \"mysql root password = $DBROOT_PASSWORD\" >> /root/.cc_passwords\n SEND_DIAGNOSTICS=0 S9S_CMON_PASSWORD=$CMONUSER_PASSWORD S9S_ROOT_PASSWORD=$DBROOT_PASSWORD INNODB_BUFFER_POOL_SIZE=256 ./install-cc\n}\n\nfirstboot() {\n hostnamectl set-hostname clustercontrol\n\n ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N \"\"\n ssh-keygen -y -f /root/.ssh/id_rsa > /root/.ssh/id_rsa.pub\n SSH_KEY=$(cat /root/.ssh/id_rsa.pub)\n\n cat < /etc/update-motd.d/99-cc-motd \n#!/bin/sh\necho \"###\"\necho \"\"\necho \"Welcome to Severalnines Database Monitoring and Management Application - ClusterControl\"\necho \"Open your web browser to http://${IP}/clustercontrol to access ClusterControl's web application\"\necho \"\"\necho \"The public SSH key (root) is:\"\necho \"$SSH_KEY\"\necho \"\"\necho \"###\"\nEND\n\n chmod +x /etc/update-motd.d/99-cc-motd\n}\n\nenable_fw() {\n ufw default deny incoming\n ufw default allow outgoing\n ufw allow ssh\n ufw allow http\n ufw allow https\n ufw allow 9999\n ufw allow 9501\n}\n\ncleanup() {\n rm -rf /tmp/* /var/tmp/* /root/scripts\n history -c\n cat /dev/null > /root/.bash_history\n unset HISTFILE\n\n apt-get -y autoremove\n apt-get -y autoclean\n\n cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/wtmp; cat /dev/null > /var/log/auth.log\n\n ufw enable\n ufw status\n\n touch /.cc-provisioned\n}\n\nlog_progress \"** Installing ClusterControl, this could take several minutes. Please wait ...\"\ninstall_cc\nlog_progress \"** Setting motd ...\"\nfirstboot\nlog_progress \"** Enabling firewall ...\"\nenable_fw\nif [[ \"$SSL\" == \"Yes\" ]]; then\n log_progress \"** Enabling Let's Encrypt SSL ...\"\n python --version | grep -q 3.\n [[ $? -eq 0 ]] && PYTHON3=1\n if [[ -n $PYTHON3 ]]; then\n apt install -y certbot python3-certbot-apache\n else\n apt install -y certbot python-certbot-apache\n fi\n\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\nfi\ncleanup\n\n# Clean up\nlog_progress \"** Stackscript cleanup please wait ...\"\nstackscript_cleanup\n\nlog_progress \"** Installation successful...\"\n/etc/update-motd.d/99-cc-motd | tee -a /root/cc_install.log\n\nsystemctl restart sshd","user_defined_fields":[{"name":"dbroot_password","label":"MySQL Root Password"},{"name":"cmonuser_password","label":"CMON user password"},{"name":"token_password","label":"Your Linode API token. This is required in order to create DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"soa_email_address","label":"E-Mail Address","example":"Your email address"},{"name":"ssl","label":"Would you like to use a free Let's Encrypt SSL certificate? (Uses the Linode's default rDNS if no domain is specified above)","oneof":"Yes,No","default":"Yes"}]},{"id":401700,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"CS:GO One-Click","description":"CS:GO - Latest One-Click","ordinal":24,"logo_url":"assets/CSGO2.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":2133,"deployments_active":13,"is_public":true,"mine":false,"created":"2019-03-08T21:06:26","updated":"2023-09-27T14:31:44","rev_note":"Remove SSH Pubkey UDF","script":"#!/bin/bash\n#\n\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"csgoserver\"\n\n### UDF to config\n\n#Autoteambalance\nif [[ \"$AUTOTEAMBALANCE\" = \"Enabled\" ]]; then\n AUTOTEAMBALANCE=1\nelif [[ \"$AUTOTEAMBALANCE\" = \"Disabled\" ]]; then\n AUTOTEAMBALANCE=0\nfi\n\n#Buyanywhere\nif [[ \"$BUYANYWHERE\" = \"Enabled\" ]]; then\n BUYANYWHERE=1\nelif [[ \"$BUYANYWHERE\" = \"Disabled\" ]]; then\n BUYANYWHERE=0\nelif [[ \"$BUYANYWHERE\" = \"Terrorists Only\" ]]; then\n BUYANYWHERE=2\nelif [[ \"$BUYANYWHERE\" = \"Counter-Terrorists Only\" ]]; then\n BUYANYWHERE=3\nfi\n\n#friendlyfire\n\nif [[ \"$FRIENDLYFIRE\" = \"Enabled\" ]]; then\n FRIENDLYFIRE=1\nelif [[ \"$FRIENDLYFIRE\" = \"Disabled\" ]]; then\n FRIENDLYFIRE=0\nfi\n\nset_hostname\napt_setup_update\n\n\n# CSGO specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc1 libstdc++6 libstdc++6:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install CSGO\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\n> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\n\ncat <> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nsv_contact \"\"\nsv_lan 0\nlog on\nsv_logbans 1\nsv_logecho 1\nsv_logfile 1\nsv_log_onefile 0\nsv_hibernate_when_empty 1\nsv_hibernate_ms 5\nhost_name_store 1\nhost_info_show 1\nhost_players_show 2\nexec banned_user.cfg\nexec banned_ip.cfg\nwriteid\nwriteip\nEND\n\necho \"mp_autoteambalance $AUTOTEAMBALANCE\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"hostname $SERVERNAME\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"mp_roundtime $ROUNDTIME\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"rcon_password \\\"$RCONPASSWORD\\\"\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"sv_password \\\"$SVPASSWORD\\\"\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nsed -i s/mp_buy_anywhere.*/mp_buy_anywhere\\ \"$BUYANYWHERE\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/mp_maxrounds.*/mp_maxrounds\\ \"$MAXROUNDS\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/mp_friendlyfire.*/mp_friendlyfire\\ \"$FRIENDLYFIRE\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\necho \"$MOTD\" > /home/csgoserver/serverfiles/csgo/motd.txt\n\n\nif [[ \"$FRIENDLYFIRE\" = \"1\" ]]; then\nsed -i s/ff_damage_reduction_bullets.*/ff_damage_reduction_bullets\\ 0\\.85/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_gernade.*/ff_damage_reduction_gernade\\ 0\\.33/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_gernade_self.*/ff_damage_reduction_gernade_self\\ 0\\.4/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_other.*/ff_damage_reduction_other\\ 1/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\necho \"sv_kick_ban_duration 0\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"mp_disable_autokick 0\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nfi\n\n# Start the service and setup firewall\nufw_install\nufw allow 27015\nufw allow 27020/udp\nufw allow 27005/udp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup","user_defined_fields":[{"name":"gslt","label":"Game Server Login Token","example":"Steam gameserver token. Needed to list as public server."},{"name":"motd","label":"Message of the Day","default":"Powered by Linode!"},{"name":"servername","label":"Server Name","default":"Linode CS:GO Server"},{"name":"rconpassword","label":"RCON password"},{"name":"svpassword","label":"CSGO server password","default":""},{"name":"autoteambalance","label":"Team Balance Enabled","oneof":"Enabled,Disabled","default":"Enabled"},{"name":"roundtime","label":"Round Time Limit","oneof":"5,10,15,20,60","default":"5"},{"name":"maxrounds","label":"Maximum Rounds","oneof":"1,5,10,15,20","default":"10"},{"name":"buyanywhere","label":"Buy Anywhere ","oneof":"Disabled,Enabled,Counter-Terrorists Only, Terrorists Only","default":"Disabled"},{"name":"friendlyfire","label":"Friendly Fire Enabled","oneof":"Enabled,Disabled","default":"Disabled"}]},{"id":688891,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Discourse One-Click","description":"Discourse One-Click","ordinal":25,"logo_url":"assets/discourse.svg","images":["linode/ubuntu20.04"],"deployments_total":1175,"deployments_active":62,"is_public":true,"mine":false,"created":"2020-11-17T20:55:26","updated":"2023-09-25T19:26:31","rev_note":"","script":"#!/bin/bash\n\n## Discourse Settings\n\n#\n#\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n# This also sets some useful variables, like $IP and $FQDN\nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\n#Install dependencies needed for Discourse\napt install git apt-transport-https ca-certificates curl software-properties-common net-tools -y\n\n#Clone Discourse Docker repo for install and management\ngit clone https://github.com/discourse/discourse_docker.git /var/discourse\n#UFW Firewall Rules\nufw allow http\nufw allow https\nufw allow 25\nufw allow 465\nufw allow 587\nufw enable <\n#\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Python & Django\napt-get install -y python3 python3-pip\npip3 install Django\n\n# Create & Setup Django APP\nmkdir /var/www/\ncd /var/www/\ndjango-admin startproject DjangoApp\ncd DjangoApp\npython3 manage.py migrate\necho \"from django.contrib.auth.models import User; User.objects.create_superuser('$DJANGOUSER', '$DJANGOUSEREMAIL', '$DJANGOUSERPASSWORD')\" | python3 manage.py shell\nsed -i \"s/ALLOWED_HOSTS = \\[\\]/ALLOWED_HOSTS = \\['$IP'\\]/g\" DjangoApp/settings.py\npython3 manage.py runserver 0.0.0.0:8000 &\n\n# Start Django app on reboot\ncrontab -l | { cat; echo \"@reboot cd /var/www/DjangoApp && python3 manage.py runserver 0.0.0.0:8000 &\"; } | crontab -\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"djangouser","label":"Django USER","example":"user1"},{"name":"djangouserpassword","label":"Django Password","example":"s3cure_p4ssw0rd"},{"name":"djangouseremail","label":"Django USER email","example":"user@email.tld"}]},{"id":607433,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Docker One-Click","description":"Docker One Click App","ordinal":27,"logo_url":"assets/docker.svg","images":["linode/debian10","linode/ubuntu20.04","linode/debian11","linode/ubuntu22.04"],"deployments_total":32209,"deployments_active":1858,"is_public":true,"mine":false,"created":"2019-10-31T20:14:04","updated":"2023-09-28T20:20:50","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables\n\n## Docker Settings\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n\n### Logging and other debugging helpers\n\n## Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## install docker\napt install docker docker-compose -y\n\n# Download the Dockerfile, if specified\nif [[ -n ${DOCKERFILE} ]]; then\ncurl -LO \"$DOCKERFILE\"\nelse echo \"No Dockerfile\";\nfi\n\n# Wait 2 seconds, then run the container\nsleep 2\nif [[ -n ${RUNCMD} ]]; then\n$RUNCMD &\nelse echo \"No Docker command\";\nfi\n\nstackscript_cleanup","user_defined_fields":[{"name":"dockerfile","label":"Resource to download?","example":"URL to Dockerfile or docker-compose.yml","default":""},{"name":"runcmd","label":"Command to run?","example":"docker run --name spigot --restart unless-stopped -e JVM_OPTS=-Xmx4096M -p 25565:25565 -itd example/docker-spigot","default":""},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required if filling out any of the domain-related fields.","default":""},{"name":"subdomain","label":"The subdomain for your server","default":""},{"name":"domain","label":"Your domain","default":""},{"name":"soa_email_address","label":"Admin Email for the server","default":""},{"name":"mx","label":"Do you need an MX record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"},{"name":"spf","label":"Do you need an SPF record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"}]},{"id":401698,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Drupal One-Click","description":"Drupal One-Click","ordinal":28,"logo_url":"assets/Drupal.svg","images":["linode/ubuntu22.04"],"deployments_total":1792,"deployments_active":83,"is_public":true,"mine":false,"created":"2019-03-08T21:04:47","updated":"2023-09-28T04:16:26","rev_note":"","script":"#!/usr/bin/env bash\n## Drupal Settings\n# \n# \n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Set hostname, apt configuration and update/upgrade\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Install/configure UFW\nufw allow http\nufw allow https\n\n# Install/configure MySQL\napt-get install mariadb-server -y\nsystemctl start mariadb\nsystemctl enable mariadb\nmysql_root_preinstall\nrun_mysql_secure_installation\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE drupaldb\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"GRANT ALL ON drupaldb.* TO 'drupal'@'localhost' IDENTIFIED BY '$DB_PASSWORD'\";\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES\";\n\n# Install & Configure Apache\napt-get install -y apache2\ntouch /var/log/apache2/drupal-error_log /var/log/apache2/drupal-access_log\ncp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/drupal.conf\ncat < /etc/apache2/sites-available/drupal.conf\n\n DocumentRoot /var/www/drupal\n ServerName $FQDN\n ServerAlias www.$FQDN\n \n Options FollowSymLinks\n AllowOverride All\n Order allow,deny\n allow from all\n RewriteEngine on\n RewriteBase /\n RewriteCond %{REQUEST_FILENAME} !-f\n RewriteCond %{REQUEST_FILENAME} !-d\n RewriteCond %{REQUEST_URI} !=/favicon.ico\n RewriteRule ^ index.php [L]\n\n ErrorLog /var/log/apache2/drupal-error_log\n CustomLog /var/log/apache2/drupal-access_log common\n\nEND\na2enmod rewrite\na2dissite 000-default.conf\na2ensite drupal.conf\nsed -ie \"s/KeepAlive Off/KeepAlive On/g\" /etc/apache2/apache2.conf\nsystemctl restart apache2\nsystemctl enable apache2\n\n# Install PHP 8.1\napt-get install php libapache2-mod-php php-mysql php-curl php-cgi php-gd php-mbstring php-xml php-xmlrpc -y\nPHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\ncat < /etc/php/$PHP_VERSION/apache2/php.ini\nerror_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR\nerror_log = /var/log/php/error.log\nmax_input_time = 30\nEND\nmkdir /var/log/php\nchown www-data /var/log/php\n\n# Install Drupal\nrm -r /var/www/html\ncd ~; wget -4 https://www.drupal.org/download-latest/tar.gz\ntar -xf tar.gz -C /var/www/ && mv /var/www/drupal* /var/www/drupal\nrm tar.gz\nmkdir /var/www/drupal/sites/default/files\nchmod a+w /var/www/drupal/sites/default/files\ncp /var/www/drupal/sites/default/default.settings.php /var/www/drupal/sites/default/settings.php\nchmod a+w /var/www/drupal/sites/default/settings.php\ncat <> /var/www/drupal/sites/default/settings.php\n\\$settings['trusted_host_patterns'] = [\n '^$FQDN\\$',\n];\nEND\n\n# Cleanup\nsystemctl restart apache2\nsystemctl restart mysql\n\n# SSL\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"E-Mail Address","example":"Your email address"},{"name":"dbroot_password","label":"MySQL root Password","example":"an0th3r_s3cure_p4ssw0rd"},{"name":"db_password","label":"Database Password","example":"an0th3r_s3cure_p4ssw0rd"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your Drupal server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":1008125,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Easypanel One-Click","description":"Easypanel One-Click","ordinal":29,"logo_url":"assets/easypanel.svg","images":["linode/ubuntu22.04"],"deployments_total":1267,"deployments_active":83,"is_public":true,"mine":false,"created":"2022-05-18T16:43:00","updated":"2023-09-28T14:40:21","rev_note":"","script":"#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# install docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nsh get-docker.sh\n\n# setup easypanel\ndocker run --rm \\\n -v /etc/easypanel:/etc/easypanel \\\n -v /var/run/docker.sock:/var/run/docker.sock:ro \\\n easypanel/easypanel setup","user_defined_fields":[]},{"id":691620,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"FileCloud One-Click","description":"FileCloud One-Click","ordinal":30,"logo_url":"assets/filecloud.svg","images":["linode/ubuntu20.04"],"deployments_total":713,"deployments_active":17,"is_public":true,"mine":false,"created":"2020-11-30T21:16:19","updated":"2023-09-26T11:32:26","rev_note":"","script":"#!/bin/bash \n\n## Domain Settings\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source and run the New Linode Setup script for DNS configuration\n# This also sets some useful variables, like $IP and $FQDN\n\nsource \n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nset pipefail -o\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Allow traffic on ports 80 and 443\nufw allow 80\nufw allow 443\n\n# Installing Filecloud and Prequisites\nwget -qO - https://repo.filecloudlabs.com/static/pgp/filecloud.asc | sudo apt-key add -\nwget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list\necho \"deb [ arch=amd64 ] https://repo.filecloudlabs.com/apt/ubuntu focal/filecloud/22.1 main\" | sudo tee /etc/apt/sources.list.d/filecloud.list\napt-get update -y\napt-get install apache2 mongodb-org -y\napt install -y --no-install-recommends php8.1*\nACCEPT_EULA=Y apt-get install filecloud -y\n\nif [[ \"$SSL\" == \"Yes\" ]]; then\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\nfi\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"token_password","label":"Your Linode API token. This is required in order to create DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"ssl","label":"Would you like to use a free CertBot SSL certificate?","oneof":"Yes,No","default":"No"},{"name":"soa_email_address","label":"Email Address for Lets' Encrypt Certificate","default":""},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":609392,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Flask One-Click","description":"Flask One-Click","ordinal":31,"logo_url":"assets/flask.svg","images":["linode/debian10"],"deployments_total":2051,"deployments_active":144,"is_public":true,"mine":false,"created":"2019-11-07T06:24:17","updated":"2023-09-27T18:47:07","rev_note":"Initial import","script":"#!/bin/bash\n\n## Enable logging\nexec > /var/log/stackscript.log 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\nufw_install\nufw allow http\n\n# Install Prereq's & Flask APP\napt install -y git\ncd /home\ngit clone https://github.com/abalarin/Flask-on-Linode.git flask_app_project\n\n# Install & configure Nginx\napt install -y nginx\ncat < /etc/nginx/sites-enabled/flask_app\nserver {\n listen 80;\n server_name $IP;\n location / {\n proxy_pass http://127.0.0.1:8000;\n proxy_set_header Host \\$host;\n proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\n\nunlink /etc/nginx/sites-enabled/default\nnginx -s reload\n\n# Install python & Packages\napt install -y python3 python3-pip\ncd /home/flask_app_project\npip3 install -r flask_app/requirements.txt\n\n# Configure Flask\ncat < /etc/config.json\n{\n \"SECRET_KEY\": \"$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)\",\n \"SQLALCHEMY_DATABASE_URI\": \"sqlite:///site.db\"\n}\nEND\n\ncat < /home/flask_app_project/flask_app/__init__.py\nfrom flask import Flask\nfrom flask_sqlalchemy import SQLAlchemy\nfrom flask_login import LoginManager\nimport json\nimport urllib3\napp = Flask(__name__)\nwith open('/etc/config.json') as config_file:\n config = json.load(config_file)\napp.config['SECRET_KEY'] = config.get('SECRET_KEY')\napp.config['SQLALCHEMY_DATABASE_URI'] = config.get('SQLALCHEMY_DATABASE_URI')\ndb = SQLAlchemy(app)\nlogin_manager = LoginManager()\nlogin_manager.init_app(app)\nfrom flask_app import routes\nEND\n\n# Install and Configure Gunicorn\napt install -y gunicorn3\ngunicorn3 --workers=3 flask_app:app &\n\n# Install and Configure Supervisor\napt install -y supervisor\ncat < /etc/supervisor/conf.d/flask_app.conf\n[program:flask_app]\ndirectory=/home/flask_app_project\ncommand=gunicorn3 --workers=3 flask_app:app\nautostart=true\nautorestart=true\nstopasgroup=true\nkillasgroup=true\nstderr_logfile=/var/log/flask_app/flask_app.err.log\nstdout_logfile=/var/log/flask_app/flask_app.out.log\nEND\n\nmkdir /var/log/flask_app\ntouch /var/log/flask_app/flask_app.out.log\ntouch /var/log/flask_app/flask_app.err.log\nsupervisorctl reload\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[]},{"id":971045,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Focalboard One-Click","description":"Focalboard One-Click","ordinal":32,"logo_url":"assets/focalboard.svg","images":["linode/ubuntu20.04","linode/debian11"],"deployments_total":440,"deployments_active":15,"is_public":true,"mine":false,"created":"2022-02-08T16:23:08","updated":"2023-09-28T15:02:38","rev_note":"","script":"#!/bin/bash\n## Focalboard Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## Linode Docker OCA\nsource \n\nfunction focalboardinstall {\n docker pull mattermost/focalboard\n docker volume create focalboard\n docker run -d --restart=always -p 8000:8000 -v focalboard:/app/data --name focalboard mattermost/focalboard\n}\n\nfunction nginxreverse {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n server_name $FQDN;\n error_log /var/log/nginx/$FQDN.error;\n access_log /var/log/nginx/$FQDN.access;\n location / {\n proxy_pass http://localhost:8000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host \\$host;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n \n}\n\nfunction ssl_lemp {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n focalboardinstall\n firewall\n nginxreverse\n ssl_lemp\n}\n\n# Execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":1088136,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Galera Cluster One-Click","description":"Galera Cluster One-Click","ordinal":33,"logo_url":"assets/galeramarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":105,"deployments_active":6,"is_public":true,"mine":false,"created":"2022-11-15T20:41:27","updated":"2023-09-27T06:51:30","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_PAT=\"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\"\nexport GIT_REPO=\"https://linode-solutions:${GIT_PAT}@github.com/linode-solutions/galera-mariadb-occ\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/mariadb-galera\" ]; then\n rm -rf /tmp/mariadb-galera\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[+] Linode private IP present\"\n else\n echo \"[!] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependancies\n export DEBIAN_FRONTEND=noninteractive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # add private IP address\n rename_provisioner\n configure_privateip \n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/mariadb-galera\n cd /tmp/mariadb-galera/\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip3 install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"cluster_name","label":"Cluster Name"},{"name":"token_password","label":"Your Linode API token"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no"},{"name":"sslheader","label":"SSL Information","header":"Yes","default":"Yes","required":"Yes"},{"name":"country_name","label":"Details for self-signed SSL certificates: Country or Region","oneof":"AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW"},{"name":"state_or_province_name","label":"State or Province","example":"Example: Pennsylvania"},{"name":"locality_name","label":"Locality","example":"Example: Philadelphia"},{"name":"organization_name","label":"Organization","example":"Example: Akamai Technologies"},{"name":"email_address","label":"Email Address","example":"Example: user@domain.tld"},{"name":"ca_common_name","label":"CA Common Name","default":"Galera CA"},{"name":"common_name","label":"Common Name","default":"Galera Server"},{"name":"cluster_size","label":"Galera cluster size","default":"3","oneof":"3"}]},{"id":688911,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Gitea One-Click","description":"Gitea One-Click","ordinal":34,"logo_url":"assets/gitea.svg","images":["linode/debian10"],"deployments_total":976,"deployments_active":70,"is_public":true,"mine":false,"created":"2020-11-17T21:16:09","updated":"2023-09-28T12:03:53","rev_note":"","script":"#! /bin/bash\n\n## Database Settings\n#\n#\n\n## User and SSH Security\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n#assigns var for IP address\nreadonly ip=$(hostname -I | awk '{print$1}')\n\n#intall git\napt install -y git\n\n#install nginx\napt install -y nginx\n\n#install mysql and secure\nmysql_root_preinstall\napt-get install -y mariadb-server\nsystemctl start mariadb\nsystemctl enable mariadb\nrun_mysql_secure_installation\n\n#create mysql db and user\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE gitea;\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"CREATE USER 'gitea'@'localhost' IDENTIFIED BY '$(printf '%q' \"$DB_PASSWORD\")';\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'localhost' WITH GRANT OPTION;\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES;\"\n\n#create user for gitea\nadduser --system --disabled-password --group --shell /bin/bash --gecos 'Git Version Control' --home /home/git git\n\n#create directories for gitea\nmkdir -p /var/lib/gitea/{custom,data,log}\nchown -R git:git /var/lib/gitea/\nchmod -R 750 /var/lib/gitea/\nmkdir /etc/gitea\nchown root:git /etc/gitea\nchmod 770 /etc/gitea\n\n#pull down gitea binary\nwget -O gitea https://dl.gitea.io/gitea/1.13.0/gitea-1.13.0-linux-amd64\nchmod +x gitea\n\n#validate gpg\napt install gnupg -y\ngpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2\ngpg --verify gitea-1.13.0-linux-amd64.asc gitea-1.13.0-linux-amd64\n\n#copy gitea to global location\ncp gitea /usr/local/bin/gitea\n\n#download systemd file from gitea\nwget https://raw.githubusercontent.com/go-gitea/gitea/master/contrib/systemd/gitea.service -P /etc/systemd/system/\n\n#add requires mysql to the systemd file\nsed -i 's/#Requires=mariadb.service/Requires=mariadb.service/' /etc/systemd/system/gitea.service\n\n#start gitea as systemd service\nsystemctl daemon-reload\nsystemctl start gitea\nsystemctl enable gitea\n\n#configures ufw rules before nginx\nsystemctl start ufw\nufw allow http\nufw allow https\nufw enable\n\n#set absolute domain if any, otherwise use localhost\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=localhost\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${ABS_DOMAIN};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n\n location / {\n proxy_pass http://localhost:3000;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx\n\nsleep 60\n\n#sets certbot ssl\nif [[ $SSL = \"Yes\" ]]; then\n check_dns_propagation ${ABS_DOMAIN} ${ip}\n apt install python3-certbot-nginx -y\n certbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${EMAIL_ADDRESS} -w /var/www/html/\nfi\n\nstackscript_cleanup","user_defined_fields":[{"name":"dbroot_password","label":"MySQL root Password"},{"name":"db_password","label":"gitea Database Password"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"pwless_sudo","label":"Enable passwordless sudo access for the limited user?","oneof":"Yes,No","default":"No"},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"auto_updates","label":"Configure automatic security updates?","oneof":"Yes,No","default":"No"},{"name":"fail2ban","label":"Use fail2ban to prevent automated instrusion attempts?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your DNS records.","default":""},{"name":"subdomain","label":"The subdomain for your server (Domain required)","default":""},{"name":"domain","label":"Your domain (API Token required)","default":""},{"name":"soa_email_address","label":"SOA Email for your domain (Required for new domains)","default":""},{"name":"mx","label":"Do you need an MX record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"},{"name":"spf","label":"Do you need an SPF record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"},{"name":"ssl","label":"Would you like to use a free Let's Encrypt SSL certificate for your domain?","oneof":"Yes,No","default":"No"},{"name":"email_address","label":"Admin Email for Let's Encrypt certificate","default":""}]},{"id":401707,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"GitLab One-Click","description":"GitLab One-Click","ordinal":35,"logo_url":"assets/GitLab.svg","images":["linode/ubuntu20.04","linode/debian11"],"deployments_total":3169,"deployments_active":140,"is_public":true,"mine":false,"created":"2019-03-08T21:12:21","updated":"2023-09-27T07:05:18","rev_note":"Remove SSH Pubkey UDF","script":"#!/usr/bin/env bash\n\n## Gitlab Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction gitlab {\n # Install dependencies\n apt-get install curl ca-certificates apt-transport-https gnupg2 -y\n\n curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | bash\n apt-get update -y\n EXTERNAL_URL=\"https://$FQDN\" apt-get install gitlab-ce -y\n\n}\n\nfunction sslgitlab {\n # Taking advantage of Gitlab's Let's Encrypt cert capabilities\n sed -i \"s/# letsencrypt\\['enable'\\] = nil/letsencrypt\\['enable'\\] = true/g\" /etc/gitlab/gitlab.rb\n sed -i -E \"s/(# )(letsencrypt\\['auto_renew*)/\\2/g\" /etc/gitlab/gitlab.rb\n sed -i \"s/letsencrypt['auto_renew_minute'] = nil/letsencrypt['auto_renew_minute'] = 0/g\" /etc/gitlab/gitlab.rb\n sed -i \"s/# letsencrypt\\['contact_emails'\\] = \\[\\]/letsencrypt\\['contact_emails'\\] = \\['$SOA_EMAIL_ADDRESS']/g\" /etc/gitlab/gitlab.rb\n\n gitlab-ctl reconfigure\n}\n\nfunction firewallgitlab {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n gitlab\n firewallgitlab\n sslgitlab\n}\n\n# Execute Script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"This is the Email address for the LetsEncrypt SSL Certificate","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your Gitlab server's DNS records","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""}]},{"id":1102905,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Gopaddle One-Click","description":"Gopaddle One-Click app","ordinal":36,"logo_url":"assets/gopaddle.svg","images":["linode/ubuntu22.04"],"deployments_total":40,"deployments_active":2,"is_public":true,"mine":false,"created":"2022-12-20T17:44:47","updated":"2023-09-23T10:19:09","rev_note":"","script":"#!/bin/bash\nexec >/var/log/stackscript.log 2>&1\n# Install Docker\napt-get update -y\napt-get install -y ca-certificates curl gnupg lsb-release\nmkdir -p /etc/apt/keyrings\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg\necho \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null\napt-get update -y\nchmod a+r /etc/apt/keyrings/docker.gpg\napt-get update -y\napt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin\n\n# Install microk8s\napt-get install snapd -y \nsudo snap install core\nexport PATH=$PATH:/snap/bin\nsnap install microk8s --classic --channel=1.25\nsnap refresh microk8s --channel=1.25\nmicrok8s status --wait-ready\n\n\n# Install gopaddle\nmicrok8s addons repo add gp-lite https://github.com/gopaddle-io/microk8s-community-addons-gplite.git\nmicrok8s enable gopaddle-lite\n\necho Waiting for gopaddle services to move to running state ...\nmicrok8s.kubectl wait --for=condition=ready pod -l released-by=gopaddle -n gp-lite --timeout=15m\n\nRDNS=$(dnsdomainname -A | awk '{print $1}')\n\necho gopaddle-lite installation is complete ! You can now access the gopaddle dashboard @ http://$RDNS:30003/","user_defined_fields":[]},{"id":607256,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Grafana One-Click","description":"Grafana One Click App","ordinal":37,"logo_url":"assets/grafana.svg","images":["linode/debian11"],"deployments_total":807,"deployments_active":60,"is_public":true,"mine":false,"created":"2019-10-30T20:43:07","updated":"2023-09-28T18:31:45","rev_note":"","script":"#!/usr/bin/env bash\n\n### Grafana OCA\n\n## Grafana Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n# Source the Bash StackScript Library\nsource \n\n# Source and run the New Linode Setup script for SSH configuration\nsource \n\n# Install PreReqs\napt-get install -y apt-transport-https \\\nsoftware-properties-common \\\nwget \\\ngnupg2 \\\nsqlite3\n\nwget -q -O /usr/share/keyrings/grafana.key https://apt.grafana.com/gpg.key\necho \"deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main\" | sudo tee -a /etc/apt/sources.list.d/grafana.list\napt-get -y update\napt-get -y install grafana\nsystemctl start grafana-server\nsystemctl enable grafana-server\n\n## reset Grafana admin password\n#grafana-cli --homepath \"/usr/share/grafana\" admin reset-admin-password $grafana_password. --not working -hmorris\necho \"Initializing DB.....\" && sleep 25\nsqlite3 /var/lib/grafana/grafana.db <\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction grav {\n apt-get install -y apache2 php libapache2-mod-php php-mysql mysql-server composer php-curl php-common php-gd php-json php-mbstring php-xml php-zip\n run_mysql_secure_installation_ubuntu20\n cd /var/www/html\n git clone https://github.com/getgrav/grav.git\n cd grav\n chown www-data:www-data -R .\n su -l www-data -s /bin/bash -c \"cd /var/www/html/grav && composer install --no-dev -o && bin/grav install && bin/gpm install admin\"\n chown www-data:www-data -R .\n}\n\nfunction apache_conf {\n cat < /etc/apache2/sites-available/grav.conf\n\nServerAdmin $SOA_EMAIL_ADDRESS\nDocumentRoot /var/www/html/grav/\nServerName $FQDN\nServerAlias www.$FQDN\n\nOptions FollowSymLinks\nAllowOverride All\nOrder allow,deny\nallow from all\n\nErrorLog /var/log/apache2/$FQDN-error_log\nCustomLog /var/log/apache2/$FQDN-access_log common\n\n\nEND\n a2enmod rewrite\n a2ensite grav.conf\n a2dissite 000-default.conf\n service apache2 restart\n}\n\nfunction ssl {\n apt install certbot python3-certbot-apache -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n}\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n firewall\n grav\n apache_conf\n ssl\n\n}\n\n\n# execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"This is the Email address for the LetsEncrypt SSL Certificate","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":688914,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Guacamole One-Click","description":"Guacamole One-Click","ordinal":39,"logo_url":"assets/guacamole.svg","images":["linode/ubuntu22.04"],"deployments_total":4278,"deployments_active":77,"is_public":true,"mine":false,"created":"2020-11-17T21:28:05","updated":"2023-09-27T23:35:48","rev_note":"","script":"#!/usr/bin/env bash\n### Apache Guacamole OCA\n### Required UDFs\n## Guacamole Settings\n#\n#\n#\n#\n#\n### Optional UDFs\n## Linode/SSH Security Settings\n#\n#\n## Domain Settings\n#\n#\n#\n## Logging and other debugging helpers\n# Put bash into verbose mode\nset -o pipefail\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Imports\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n### Main Script\n## Open the needed firewall ports\nufw allow http\nufw allow https\n# Install dependencies\nsystem_install_package build-essential libcairo2-dev libpng-dev libtool-bin libossp-uuid-dev libvncserver-dev freerdp2-dev libssh2-1-dev \\\nlibtelnet-dev libwebsockets-dev libpulse-dev libvorbis-dev libwebp-dev \\\nlibssl-dev libpango1.0-dev libswscale-dev libavcodec-dev libavutil-dev \\\nlibavformat-dev\n# Download the Guacamole Server source code\n# Fetch the latest release page\nlatest_release_page=$(curl -sL https://guacamole.apache.org/releases/ | grep -m 1 -o 'href=\"/releases/[0-9.]\\+/\"')\n# Extract the version number from the release page URL\nlatest_version=$(echo $latest_release_page | grep -Eo '[0-9]\\.[0-9]+.[0-9]+')\n# Download the server component\nwget https://downloads.apache.org/guacamole/$latest_version/source/guacamole-server-$latest_version.tar.gz\ntar -xvf guacamole-server-$latest_version.tar.gz\ncd guacamole-server-$latest_version\n# Build Guacamole Server using the downloaded source code\n./configure --with-init-dir=/etc/init.d --enable-allow-freerdp-snapshots\nmake\nmake install\n# Update installed library cache and reload systemd\nldconfig\nsystemctl daemon-reload\n# Start guacd\nsystemctl enable guacd\n## Install Guacamole Web App\n# Install Apache Tomcat\nsystem_install_package tomcat9 tomcat9-admin tomcat9-common tomcat9-user\n# Download and install the Guacamole Client\nwget https://downloads.apache.org/guacamole/$latest_version/binary/guacamole-$latest_version.war\nmv guacamole-$latest_version.war /var/lib/tomcat9/webapps/guacamole.war\nsystemctl restart tomcat9 guacd\n## Guacamole configs\nmkdir /etc/guacamole\nreadonly ENCRYPTED_GUACAMOLE_PASSWORD=\"$(echo -n \"$GUACAMOLE_PASSWORD\" | openssl md5 | awk '{print $2}')\"\ncat <> /etc/guacamole/user-mapping.xml\n\n \n \n \n \n vnc\n localhost\n 5901\n ${PASSWORD}\n \n \n\nEOF\ncat <> /etc/guacamole/guacd.conf\n[daemon]\npid_file = /var/run/guacd.pid\n#log_level = debug\n[server]\nbind_host = 127.0.0.1\nbind_port = 4822\nEOF\ncat <> /etc/guacamole/guacamole.properties\n# Hostname and port of guacamole proxy\nguacd-hostname: localhost\nguacd-port: 4822\nEOF\nsystemctl restart tomcat9 guacd\n## Install a desktop environment (XFCE) and VNC Server\n# Install XFCE & NVC\nsystem_install_package xfce4 xfce4-goodies tigervnc-standalone-server expect\n# Set the VNC Server password\nreadonly VNCSERVER_SET_PASSWORD=$(expect -c \"\nspawn sudo -u $USERNAME vncserver\nexpect \\\"Password:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Verify:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Would you like to enter a view-only password (y/n)?\\\"\nsend \\\"n\\r\\\"\nexpect eof\n\")\necho \"$VNCSERVER_SET_PASSWORD\"\nsystemctl restart tomcat9 guacd\nkillvncprocess=$(ps aux | grep \"/usr/bin/Xtigervnc :1 -localhost=1 -desktop\" | head -n 1 | awk '{ print $2; }')\nkill $killvncprocess\n# Create a systemd service for Tiger VNC\ntouch /etc/systemd/system/vncserver@.service\ncat < /etc/systemd/system/vncserver@.service\n[Unit]\nDescription=a wrapper to launch an X server for VNC\nAfter=syslog.target network.target\n[Service]\nType=forking\nUser=$USERNAME\nGroup=$USERNAME\nWorkingDirectory=/home/$USERNAME\nExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1\nExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i\nExecStop=/usr/bin/vncserver -kill :%i\n[Install]\nWantedBy=multi-user.target\nEOF\n# Start and enable the systemd service\nsystemctl start vncserver@1.service\nsystemctl enable vncserver@1.service\n## Reverse proxy for the Guacamole client\n# Install Apache\napache_install\na2enmod proxy proxy_http headers proxy_wstunnel\n# Create the VirtualHost for Guacamole\ncat < /etc/apache2/sites-available/guacamole.conf\n\n ServerName $FQDN\n ErrorLog ${APACHE_LOG_DIR}/guacamole_error.log\n CustomLog ${APACHE_LOG_DIR}/guacamole_access.log combined\n \n Require all granted\n ProxyPass http://localhost:8080/guacamole/ flushpackets=on\n ProxyPassReverse http://localhost:8080/guacamole/\n \n \n Require all granted\n ProxyPass ws://localhost:8080/guacamole/websocket-tunnel\n ProxyPassReverse ws://localhost:8080/guacamole/websocket-tunnel\n \n Header always unset X-Frame-Options\n\nEOF\n# Enable the VirtualHost\na2ensite guacamole.conf\nsystemctl restart apache2\n## HTTPS\nsystem_install_package python3-certbot-apache\ncertbot -n --apache --agree-tos --redirect --hsts --staple-ocsp --email \"$SOA_EMAIL_ADDRESS\" -d \"$FQDN\" \n## Cleanup after ourselves\nstackscript_cleanup\nreboot","user_defined_fields":[{"name":"username","label":"The limited sudo/VNC user to be created for the Linode"},{"name":"password","label":"The password for the limited sudo/VNC user"},{"name":"guacamole_user","label":"The username to be used with Guacamole"},{"name":"guacamole_password","label":"The password to be used with Guacamole"},{"name":"soa_email_address","label":"Email for SSL certificate"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required if filling out any of the domain-related fields.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record","default":""},{"name":"domain","label":"The domain for the Linode's DNS record","default":""}]},{"id":1102902,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HaltDOS Community WAF One-Click","description":"HaltDOS Community WAF One-Click app","ordinal":40,"logo_url":"assets/haltdos.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":153,"deployments_active":9,"is_public":true,"mine":false,"created":"2022-12-20T17:34:20","updated":"2023-09-25T03:04:51","rev_note":"","script":"#!/bin/bash\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\necho -e \"\\n---------------HALTDOS COMMUNITY WAF SETUP---------------\"\n\nexport NEEDRESTART_SUSPEND=1\nip=`ip route get 8.8.8.8 | awk -F\"src \" 'NR==1{split($2,a,\" \");print a[1]}'`\necho -e \"Checking OS ...\"\nsource /etc/os-release > /dev/null 2>&1\narch=`uname -m`\nif [[ \"$ID\" == \"ubuntu\" || \"$ID\" == \"debian\" ]]; then\n if [[ \"$VERSION_ID\" == \"18.04\" || \"$VERSION_ID\" == \"20.04\" || \"$VERSION_ID\" == \"22.04\" || \"$VERSION_ID\" == \"11\" ]]; then\n if [ \"$arch\" != \"x86_64\" ]; then\n echo -e \"\\e[1;31m$arch is not yet supported. Supported System Architecture - x86_64 \\e[0m\"\n fi\n else\n echo -e \"\\e[1;31mThis OS is not yet supported. Supported OS - Ubuntu 18.04, 20.04, 22.04 and Debian 11 \\e[0m\"\n exit 1\n fi\nelse\n echo -e \"\\e[1;31mThis OS is not yet supported. Supported Versions - Ubuntu 18.04, 20.04, 22.04 and Debian 11 \\e[0m\"\n exit 1\nfi\n\necho -e \"Downloading dependencies ...\"\n\napt-get update &> /dev/null\n\napt-get install -y default-jdk default-jre &> /dev/null\necho \"JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64/\" >> /etc/environment\nsource /etc/environment\n\necho -e \"Downloading latest binaries ...\"\n\nsource /etc/os-release > /dev/null 2>&1\nif [ \"$VERSION_ID\" == \"18.04\" ]; then\n apt-get install -y libmaxminddb-dev python-dev python &> /dev/null \n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-18/hd-community-waf-x86_64.deb &> /dev/null\nelif [ \"$VERSION_ID\" == \"20.04\" ]; then\n apt-get install -y libmaxminddb-dev python-dev python &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-20/hd-community-waf-x86_64.deb &> /dev/null\nelif [ \"$VERSION_ID\" == \"22.04\" ]; then\n apt-get install -y libmaxminddb-dev libmaxminddb0 mmdb-bin python2-dev python2 &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-22/hd-community-waf-x86_64.deb &> /dev/null\nelif [[ \"$ID\" == \"debian\" && \"$VERSION_ID\" == \"11\" ]]; then\n apt-get install -y sudo libmaxminddb-dev python-dev python &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/debian-11/hd-community-waf-x86_64.deb &> /dev/null\nfi\n\napt-get install -y ./hd-community-waf.deb &> /dev/null\nrm hd-community-waf.deb\necho -e \"Haltdos Community WAF Installed\"\n\n\ncurl -s -k -o hd-community-controller.deb https://binary.haltdos.com/community/waf/gui/hd-community-controller-x86_64.deb &> /dev/null\napt-get install -y ./hd-community-controller.deb &> /dev/null\nrm hd-community-controller.deb\necho -e \"Haltdos Community Controller Installed\"\n\n\necho -e \"Haltdos Community WAF Setup Done\\n\"\necho -e \"Configure your WAF on https://$ip:9000\\n\"\nexport NEEDRESTART_SUSPEND=0","user_defined_fields":[]},{"id":912262,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Harbor One-Click","description":"Harbor One-Click","ordinal":41,"logo_url":"assets/harbor.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":254,"deployments_active":13,"is_public":true,"mine":false,"created":"2021-09-29T17:06:13","updated":"2023-09-26T09:50:59","rev_note":"","script":"#!/bin/bash\n\n## Harbor Settings\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n# This also sets some useful variables, like $IP and $FQDN\nsource \n\n## Linode Docker OCA\nsource \n\n# Logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Installation\nufw_install\nufw allow http\nufw allow https\nmkdir -p /data/harbor\ncurl -s https://api.github.com/repos/goharbor/harbor/releases/latest | grep browser_download_url | cut -d '\"' -f 4 | grep '\\.tgz$' | wget -i -\ntar xvzf harbor-offline-installer*.tgz\ncd harbor\ncp harbor.yml.tmpl harbor.yml\n\n# SSL\napt install certbot -y\ncheck_dns_propagation \"${FQDN}\" \"${IP}\"\ncertbot certonly --standalone -d $FQDN --preferred-challenges http --agree-tos -n -m $SOA_EMAIL_ADDRESS --keep-until-expiring\n# Configure auto-renewal for the certificate\ncrontab -l > cron\necho \"* 1 * * 1 /etc/certbot/certbot renew\" >> cron\ncrontab cron\nrm cron\n\ncat < harbor.yml\nhostname: $FQDN\nhttp:\n port: 80\nhttps:\n port: 443\n certificate: /etc/letsencrypt/live/$FQDN/fullchain.pem\n private_key: /etc/letsencrypt/live/$FQDN/privkey.pem\nharbor_admin_password: $HARBOR_PASSWORD\ndatabase:\n password: $HARBOR_DB_PASSWORD\n max_idle_conns: 50\n max_open_conns: 100\ndata_volume: /data/harbor/\nclair:\n updaters_interval: 12\njobservice:\n max_job_workers: 10\nnotification:\n webhook_job_max_retry: 10\nchart:\n absolute_url: disabled\nlog:\n level: info\n local:\n rotate_count: 50\n rotate_size: 200M\n location: /var/log/harbor\nEND\n\n# Harbor install\n./install.sh\n\n# Configure service file\ncat < /etc/systemd/system/harbor.service\n[Unit]\nDescription=Docker Compose Harbor Application Service\nRequires=harbor.service\nAfter=harbor.service\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\nExecStart=/usr/local/bin/docker-compose up -d\nExecStop=/usr/local/bin/docker-compose down\nExecReload=/usr/local/bin/docker-compose up -d\nWorkingDirectory=/root/harbor/\n\n[Install]\nWantedBy=multi-user.target\nEND\n\n# Enable harbor daemon\nsystemctl daemon-reload\nsystemctl enable harbor.service\nsystemctl start harbor.service\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"harbor_password","label":"The Harbor admin password"},{"name":"harbor_db_password","label":"The Harbor database password"},{"name":"soa_email_address","label":"Admin Email for the Harbor server"},{"name":"token_password","label":"Your Linode API token. This is required in order to create DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":1037037,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Nomad One-Click","description":"HashiCorp Nomad One Click App","ordinal":42,"logo_url":"assets/nomad.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":97,"deployments_active":2,"is_public":true,"mine":false,"created":"2022-08-02T18:46:19","updated":"2023-09-08T16:54:03","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## set some variables\nexport NOMAD_DIR=/usr/bin\nexport NOMAD_PATH=${NOMAD_DIR}/nomad\nexport NOMAD_CONFIG_DIR=/etc/nomad.d\nexport NOMAD_DATA_DIR=/opt/nomad/data\nexport NOMAD_TLS_DIR=/opt/nomad/tls\nexport NOMAD_ENV_VARS=${NOMAD_CONFIG_DIR}/nomad.conf\nexport IP=$(hostname -I | awk '{print$1}')\n\n\n## install gpg\napt-get install -y gpg\n\n## Install Nomad\nwget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\necho \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.list\nsudo apt update -y && sudo apt install -y nomad\n\n#echo \"Start Nomad in -server mode\"\nsudo tee ${NOMAD_ENV_VARS} > /dev/null < ${NOMAD_ENV_VARS}\n[Unit]\nDescription=Nomad Agent\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nRestart=on-failure\nEnvironmentFile=/etc/nomad.d/nomad.conf\nExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d $FLAGS\nExecReload=/bin/kill -HUP $MAINPID\nKillSignal=SIGTERM\nUser=root\nGroup=root\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\n## enable and start nomad\nsystemctl enable nomad\nsystemctl start nomad\n\n## Install Docker\ncurl -fsSL get.docker.com | sudo sh\n\n## Configure nginx container\ncat << EOF > /root/nginx.conf\nevents {}\n\nhttp {\n server {\n location / {\n proxy_pass http://nomad-ws;\n proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\n\n # Nomad blocking queries will remain open for a default of 5 minutes.\n # Increase the proxy timeout to accommodate this timeout with an\n # additional grace period.\n proxy_read_timeout 310s;\n\n # Nomad log streaming uses streaming HTTP requests. In order to\n # synchronously stream logs from Nomad to NGINX to the browser\n # proxy buffering needs to be turned off.\n proxy_buffering off;\n\n # The Upgrade and Connection headers are used to establish\n # a WebSockets connection.\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n\n # The default Origin header will be the proxy address, which\n # will be rejected by Nomad. It must be rewritten to be the\n # host address instead.\n proxy_set_header Origin \"\\${scheme}://\\${proxy_host}\";\n }\n }\n\n # Since WebSockets are stateful connections but Nomad has multiple\n # server nodes, an upstream with ip_hash declared is required to ensure\n # that connections are always proxied to the same server node when possible.\n upstream nomad-ws {\n ip_hash;\n server host.docker.internal:4646;\n }\n}\nEOF\n\n## start docker container\ndocker run -d --publish=8080:80 --add-host=host.docker.internal:host-gateway \\\n --mount type=bind,source=$PWD/nginx.conf,target=/etc/nginx/nginx.conf \\\n nginx:latest\n\n## firewall\nufw allow 22\nufw allow 80\nufw allow 443\nufw allow 4646\nufw allow 8080\n\ncat << EOF > /etc/motd\n#################################\n The Nomad GUI is now available at HTTP://${IP}:8080\n\n This is a minimal installation with limited configurations.\n Please review configurations before using this application in production.\n\n Information on Nomad configurations at https://www.nomadproject.io/docs/configuration\n#################################\nEOF\n\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":1226544,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Nomad Cluster One-Click","description":"Nomad Cluster One-Click","ordinal":43,"logo_url":"assets/nomadocc.svg","images":["linode/ubuntu22.04"],"deployments_total":47,"deployments_active":4,"is_public":true,"mine":false,"created":"2023-08-25T19:05:25","updated":"2023-09-28T14:02:30","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\ngit_username=\"akamai-compute-marketplace\"\nexport GIT_REPO_1=\"https://github.com/$git_username/nomad-occ.git\"\nexport GIT_REPO_2=\"https://github.com/$git_username/nomad-client-occ.git\"\nexport DEBIAN_FRONTEND=non-interactive\nexport UUID=$(uuidgen | awk -F - '{print $1}')\nexport CLUSTER_MODE='cluster'\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \n\nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}-server-1-${UUID}\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction tag_provisioner {\n export INSTANCE_TAG='consul-server'\n echo \"[info] tagging the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" -X PUT \\\n -d \"{\\\"tags\\\": [\\\"${INSTANCE_TAG}\\\"]}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID} \n}\n\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n tag_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO_1} /tmp/linode\n git clone ${GIT_REPO_2} /tmp/linode/nomad-client-occ\n # clone one branch to test \n # git clone -b develop ${GIT_REPO_1} /tmp/linode\n # git clone -b develop ${GIT_REPO_2} /tmp/linode/nomad-client-occ\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"token_password","label":"Your Linode API token"},{"name":"sudo_username","label":"The limited sudo user to be created in the cluster"},{"name":"email_address","label":"Email Address","example":"Example: user@domain.tld"},{"name":"clusterheader","label":"Cluster Settings","default":"Yes","header":"Yes"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no","default":"yes"},{"name":"cluster_size","label":"Total instance count","default":"6","oneof":"6"},{"name":"servers","label":"Nomad Server count","default":"3","oneof":"3"},{"name":"clients","label":"Nomad client size","default":"3","oneof":"3"}]},{"id":1226545,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Nomad Clients Cluster One-Click","description":"Nomad Cluster Clients One-Click","ordinal":44,"logo_url":"assets/nomadclientsocc.svg","images":["linode/ubuntu22.04"],"deployments_total":1,"deployments_active":0,"is_public":true,"mine":false,"created":"2023-08-25T19:07:27","updated":"2023-09-11T19:38:11","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n\n# git repo\ngit_username=\"akamai-compute-marketplace\"\nexport GIT_REPO=\"https://github.com/$git_username/nomad-client-occ.git\"\nexport UUID=$(uuidgen | awk -F - '{print $1}')\nexport CLUSTER_MODE='client'\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}-client-1-${UUID}\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction tag_provisioner {\n export INSTANCE_TAG='consul-server'\n echo \"[info] tagging the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" -X PUT \\\n -d \"{\\\"tags\\\": [\\\"${INSTANCE_TAG}\\\"]}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID} \n}\n\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=noninteractive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n tag_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/linode\n # clone one branch to test \n # git clone -b develop ${GIT_REPO} /tmp/linode\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"token_password","label":"Your Linode API token"},{"name":"sudo_username","label":"The limited sudo user to be created in the cluster"},{"name":"clusterheader","label":"Cluster Settings","default":"Yes","header":"Yes"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no","default":"yes"},{"name":"cluster_size","label":"Nomad Client Count","default":"3","oneof":"3,5,7"},{"name":"consul_nomad_autojoin_token_password","label":"consul_nomad_autojoin_token generated by Nomad Server OCC"}]},{"id":1037038,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"HashiCorp Vault One-Click","description":"HashiCorp Vault One Click App","ordinal":45,"logo_url":"assets/vault.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":195,"deployments_active":19,"is_public":true,"mine":false,"created":"2022-08-02T18:47:32","updated":"2023-09-25T05:12:33","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nexport IP=$(hostname -I | awk '{print$1}')\nexport VAULT_ADDR=\"http://${IP}:8200\"\n\n## install gpg\napt install -y gpg\n\n## add hashicorp gpg key and repo\nwget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null\necho \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.list\n\n## install vault\napt update && apt install -y vault\n\n## basic vault configs\nmkdir -p /vault/data\nchown -R vault:vault /vault\ncat << EOF > /etc/vault.d/vault.hcl\nstorage \"raft\" {\n path = \"/vault/data\"\n node_id = \"node1\"\n}\n\nlistener \"tcp\" {\n address = \"${IP}:8200\"\n tls_disable = \"true\"\n}\n\ndisable_mlock = true\n\napi_addr = \"http://127.0.0.1:8200\"\ncluster_addr = \"https://127.0.0.1:8201\"\nui = true\nEOF\n\n## systemd for vault\nsystemctl enable vault.service\n\n## Start vault server and stash the tokens\nsystemctl start vault.service\ntouch /root/.vault_tokens.txt\nsleep 20\nvault operator init | grep 'Token\\|Unseal' >> /root/.vault_tokens.txt\n\n## firewall\nufw allow 22\nufw allow 8200\n\n## config info and recommendations\ncat << EOF > /etc/motd\n#####################################\n The Vault server GUI is now available at ${VAULT_ADDR}\n The randomly generate Unseal Tokens and Initial Root Token are listed in /root/.vault_tokens.txt\n ** STORE THESE VALUES SOMEWHERE SAFE AND SECURE **\n\n This is a minimal installation with limited configurations.\n Please review configurations before using this application in production.\n\n Information on Vault configurations at https://www.vaultproject.io/docs/configuration\n######################################\nEOF\n\nsleep 20\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":1177605,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Illa Builder One-Click","description":"Illa Builder One-Click App","ordinal":46,"logo_url":"assets/illabuilder.svg","images":["linode/ubuntu22.04"],"deployments_total":81,"deployments_active":4,"is_public":true,"mine":false,"created":"2023-05-17T14:22:00","updated":"2023-09-25T10:16:58","rev_note":"","script":"#!/bin/bash\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Sources OCA helpers\nsource \nsource \nsource \nsource \n# Apt update/upgrade\nexport DEBIAN_FRONTEND=non-interactive\napt update && apt upgrade -y\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2 pwgen ufw\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker-ce\n\n# Check to ensure Docker is running and installed correctly\nsystemctl status docker\ndocker -v\n\n# Env config\nILLA_HOME_DIR=~/illa\nPG_VOLUMN=${ILLA_HOME_DIR}/database\nDRIVE_VOLUMN=${ILLA_HOME_DIR}/drive\n\n\n# Init\nmkdir -p ${ILLA_HOME_DIR}\nmkdir -p ${PG_VOLUMN}\nmkdir -p ${DRIVE_VOLUMN}\n\n# Run\ndocker run -d \\\n --name illa_builder \\\n -v $PG_VOLUMN:/opt/illa/database \\\n -v $DRIVE_VOLUMN:/opt/illa/drive \\\n -p 80:2022 \\\n illasoft/illa-builder:latest\n\necho \"\n********************************************************************************\nWelcome to ILLA Builder!\n********************************************************************************\n # ILLA Builder: http://\"$FQDN\"\n # Website: https://www.illacloud.com\n # Documentation: https://www.illacloud.com/docs/about-illa\n # Github: https://github.com/illacloud\n # Community Support: https://github.com/orgs/illacloud/discussions\n\"","user_defined_fields":[]},{"id":607401,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Jenkins One-Click","description":"Jenkins One-Click App","ordinal":47,"logo_url":"assets/jenkins.svg","images":["linode/debian11"],"deployments_total":1878,"deployments_active":133,"is_public":true,"mine":false,"created":"2019-10-31T15:29:54","updated":"2023-09-28T20:19:48","rev_note":"Initial import","script":"#!/bin/bash\n\nsource \nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Prereq's & Jenkins\napt install -y default-jre wget gnupg2\nwget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -\nsh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'\napt_setup_update\napt install -y jenkins\nsystemctl enable --now jenkins\n\n# Cleanup \nstackscript_cleanup","user_defined_fields":[]},{"id":869623,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"JetBackup One-Click","description":"JetBackup One-Click","ordinal":48,"logo_url":"assets/jetbackup.svg","images":["linode/centos7","linode/almalinux8"],"deployments_total":99,"deployments_active":0,"is_public":true,"mine":false,"created":"2021-07-21T12:45:59","updated":"2023-09-21T21:01:57","rev_note":"","script":"#!/bin/bash\n\n# JetBackup StackScript UDF Variables\n# \n# \n#\n# The next line makes the Official cPanel StackScript available if cPanel/WHM is selected as the control panel. Do not remove this line.\n# source \n#\n# Log File Paths:\n# StackScript Log: /var/log/stackscript.log\n# cPanel/WHM installation: /var/log/stackscript-595742.log\n# Debugging: /var/log/stackscript-debug.log\n#\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>/var/log/stackscript-debug.log\necho \"PID: $$\"\nCONTROLPANEL=${CONTROLPANEL}\nRELEASE=${RELEASETIER}\nJBDIR=\"/usr/local/jetapps/etc/jetbackup5\"\n\nif [[ -z ${CONTROLPANEL} ]]; then\necho \"Error: No panel selected. Please select a panel to deploy JetBackup.\"\nexit 1\nelif [[ -d ${JBDIR} ]]; then\necho \"Error: JetBackup already installed. Aborting StackScript.\"\nexit 0\nfi\n\necho \"Installing JetApps Repository\"\nrpm --import http://repo.jetlicense.com/centOS/RPM-GPG-KEY-JETAPPS\nyum -y -q install http://repo.jetlicense.com/centOS/jetapps-repo-latest.rpm\nyum -y -q install jetapps --disablerepo=* --enablerepo=jetapps\necho \"JetApps Repository Successfully Installed.\"\n\ncpanelinstall() {\n\necho \"Running cPanel/WHM Marketplace StackScript. You can track the progress of cPanel/WHM with: tail -f /var/log/stackscript-595742.log \"\n(source /root/ssinclude-595742 >>/var/log/stackscript-595742.log 2>&1)\n\n}\n\n# JETBACKUP 5 FOR LINUX - STANDALONE INSTALLATION\n\nif [ \"${CONTROLPANEL}\" = \"Linux\" ]; then\necho \"Installing JetBackup 5.\"\npackage='jetbackup5-linux'\njetapps --install $package $RELEASE\njbhostname=$(hostname)\njbhostname=\"https://${jbhostname}:3035\"\necho \"Adding a Firewall rule to open port 3035. Port 3035 must be open for access to the JetBackup 5 Linux UI.\"\nfirewall-cmd --permanent --add-port=3035/tcp\nfirewall-cmd --reload\necho \"To go to JetBackup and Accept the User Agreement, go to ${jbhostname} and enter your root login credentials.\"\necho \"To generate a one-time JetBackup 5 login URL after installation and acceptance of the EULA type the following command in the terminal:\"\necho \"jb5login\"\nfi\n\n# JETBACKUP 5 FOR CPANEL/WHM INSTALLATION\n\nif [ \"${CONTROLPANEL}\" = \"cPanel/WHM\" ]; then\n\npackage='jetbackup5-cpanel'\ncpanelinstall\nsleep 2\necho \"Installing JetBackup 5.\"\njetapps --install $package $RELEASE\necho \"To log in to cPanel/WHM as root user, please enter the following command to generate a one-time login token:\"\necho \"\"\necho \"whmlogin\"\nfi\n\necho \"Review the JetBackup 5 Getting Started Guide at https://docs.jetbackup.com/v5.1/adminpanel/gettingStarted.html\"\ninstallVersion=\"$(jetbackup5 --version | cut -d ' ' -f 1,3,4 | sed \"2 d\")\"\necho \"${installVersion} Successfully Installed!\"\nrm /root/ssinclude-595742\nrm /root/StackScript\nexit 0","user_defined_fields":[{"name":"CONTROLPANEL","label":"Choose a Control Panel to use with JetBackup 5. cPanel/WHM or Linux (No Control Panel)","default":"cPanel/WHM","oneof":"cPanel/WHM,Linux"},{"name":"RELEASETIER","label":"Choose a JetBackup Release Tier.","default":"stable","oneof":"stable,beta,edge"}]},{"id":662121,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Jitsi One-Click","description":"Jitsi One-Click","ordinal":49,"logo_url":"assets/jitsi.svg","images":["linode/ubuntu20.04","linode/ubuntu22.04"],"deployments_total":4416,"deployments_active":134,"is_public":true,"mine":false,"created":"2020-08-12T16:08:51","updated":"2023-09-28T17:23:54","rev_note":"","script":"#!/bin/bash\n\n## Jitsi Settings\n#\n\n## Domain Settings\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n\n# This also sets some useful variables, like $IP and $FQDN\nsource \nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# dependencies\nexport DEBIAN_FRONTEND=noninteractive\napt install apt-transport-https gnupg2 curl wget -y\napt-add-repository universe\napt update -y\n\n#Install Jitisi dep Prosody\necho deb http://packages.prosody.im/debian $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list\nwget https://prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -\napt install lua5.2\n\n#Install Nginx\napt install -y nginx\nsystemctl start nginx\nsystemctl enable nginx\n\n#Install Jitsi Meet\ncurl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'\necho 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null\n\n# update all package sources\napt update -y\necho \"jitsi-videobridge jitsi-videobridge/jvb-hostname string $FQDN\" | debconf-set-selections\necho \"jitsi-meet-web-config jitsi-meet/cert-choice select 'Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)'\" | debconf-set-selections\napt --option=Dpkg::Options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes install jitsi-meet\n\n# Firewall\nsudo ufw allow 80/tcp\nsudo ufw allow 443/tcp\nsudo ufw allow 10000/udp\nsudo ufw allow 22\nsudo ufw allow 3478/udp\nsudo ufw allow 5349/tcp\nsudo ufw enable\n\n# SSL \ncheck_dns_propagation \"${FQDN}\" \"${IP}\"\n/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh <\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction lampjoomla {\n apt-get install apache2 mariadb-server php php-common libapache2-mod-php php-cli php-fpm php-mysql php-json php-opcache php-gmp php-curl php-intl php-mbstring php-xmlrpc php-gd php-xml php-zip -y\n PHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\n cat < /etc/php/$PHP_VERSION/apache2/php.ini\nmemory_limit = 512M\nupload_max_filesize = 256M\npost_max_size = 256M \nmax_execution_time = 300\noutput_buffering = off\ndisplay_errors = off\nupload_tmp_dir = \"/var/www/html/joomla/tmp\"\nEND\n}\n\nfunction databaseconf {\n run_mysql_secure_installation\n mysql -uroot -p$DBROOT_PASSWORD -e \"CREATE DATABASE joomla_db;\"\n mysql -uroot -p$DBROOT_PASSWORD -e \"CREATE USER 'joomla'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD';\"\n mysql -uroot -p$DBROOT_PASSWORD -e \"GRANT ALL PRIVILEGES ON joomla_db.* TO 'joomla'@'localhost';\"\n}\n\nfunction apachejoomla {\n apt-get install wget unzip -y\n mkdir -p /var/www/html/joomla\n cd /tmp && wget https://downloads.joomla.org/cms/joomla4/4-1-0/Joomla_4-1-0-Stable-Full_Package.zip?format=zip\n unzip Joomla_4* -d /var/www/html/joomla\n chown -R www-data:www-data /var/www/html/joomla \n chmod -R 755 /var/www/html/joomla\n cat < /etc/apache2/sites-available/joomla.conf\n\n ServerAdmin $SOA_EMAIL_ADDRESS\n DocumentRoot /var/www/html/joomla\n ServerName $FQDN\n\n \n Options FollowSymlinks\n AllowOverride All\n Require all granted\n \n\n ErrorLog ${APACHE_LOG_DIR}/$FQDN_error.log\n CustomLog ${APACHE_LOG_DIR}/$FQDN_access.log combined\n\n\nEND\n a2ensite joomla.conf\n a2enmod rewrite\n a2enmod php$PHP_VERSION\n a2dissite 000-default.conf\n systemctl restart apache2\n\n ufw allow http\n ufw allow https\n}\nfunction ssljoomla {\n apt install certbot python3-certbot-apache -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n}\n\nfunction main {\n lampjoomla\n databaseconf\n apachejoomla\n ssljoomla\n stackscript_cleanup\n}\n# Execute script\nmain","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"dbroot_password","label":"MySQL Root Password","example":"s3cur3_9a55w04d"},{"name":"dbuser_password","label":"MySQL User Password","example":"s3cur3_9a55w04d"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":985380,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Joplin One-Click","description":"Joplin One-Click","ordinal":51,"logo_url":"assets/joplin.svg","images":["linode/ubuntu20.04"],"deployments_total":377,"deployments_active":30,"is_public":true,"mine":false,"created":"2022-03-08T18:14:30","updated":"2023-09-27T17:46:38","rev_note":"","script":"#!/bin/bash\n## Joplin Settings\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## Linode Docker OCA\nsource \n\nfunction joplininstall {\n mkdir -p /etc/docker/compose/joplin/ && cd /etc/docker/compose/joplin/\n cat < /etc/docker/compose/joplin/docker-compose.yml\nversion: '3'\n\nservices:\n db:\n image: postgres:13\n volumes:\n - ./data/postgres:/var/lib/postgresql/data\n ports:\n - \"5432:5432\"\n restart: unless-stopped\n environment:\n - POSTGRES_PASSWORD=$POSTGRES_PASSWORD\n - POSTGRES_USER=joplin\n - POSTGRES_DB=joplin\n app:\n image: joplin/server:latest\n depends_on:\n - db\n ports:\n - \"22300:22300\"\n restart: unless-stopped\n environment:\n - APP_PORT=22300\n - APP_BASE_URL=https://$FQDN\n - DB_CLIENT=pg\n - POSTGRES_PASSWORD=$POSTGRES_PASSWORD\n - POSTGRES_DATABASE=joplin\n - POSTGRES_USER=joplin\n - POSTGRES_PORT=5432\n - POSTGRES_HOST=db\nEND\n cat < /etc/systemd/system/joplin.service\n[Unit]\nDescription=Docker Compose Joplin Application Service\nRequires=joplin.service\nAfter=joplin.service\n[Service]\nType=oneshot\nRemainAfterExit=yes\nExecStart=/usr/bin/docker-compose up -d\nExecStop=/usr/bin/docker-compose down\nExecReload=/usr/bin/docker-compose up -d\nWorkingDirectory=/etc/docker/compose/joplin/\n[Install]\nWantedBy=multi-user.target\nEND\n systemctl daemon-reload\n systemctl enable joplin.service \n systemctl start joplin.service \n}\n\nfunction nginxreverse {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n server_name $FQDN;\n error_log /var/log/nginx/$FQDN.error;\n access_log /var/log/nginx/$FQDN.access;\n location / {\n proxy_pass http://localhost:22300;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host \\$host;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n \n}\n\nfunction ssl_lemp {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n joplininstall\n firewall\n nginxreverse\n ssl_lemp\n stackscript_cleanup\n}\n\n# Execute script\nmain","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"postgres_password","label":"Password for the postgres database","example":"s3cure_p4ssw0rd"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":688912,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Kepler Builder One-Click","description":"Kepler Builder One-Click","ordinal":52,"logo_url":"assets/keplerbuilder.svg","images":["linode/ubuntu22.04"],"deployments_total":259,"deployments_active":4,"is_public":true,"mine":false,"created":"2020-11-17T21:17:33","updated":"2023-09-15T20:37:19","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-keplerbuilder\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"webserver_stack","label":"The stack you are looking to deploy Wordpress on","oneof":"LAMP,LEMP"},{"name":"site_title","label":"Website title","example":"My Blog"},{"name":"wp_admin_user","label":"Admin username","example":"admin"},{"name":"wp_db_user","label":"Wordpress database user","example":"wordpress"},{"name":"wp_db_name","label":"Wordpress database name","example":"wordpress"},{"name":"user_name","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":401701,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"LAMP One-Click","description":"LAMP One-Click","ordinal":53,"logo_url":"assets/LAMP.svg","images":["linode/ubuntu22.04"],"deployments_total":13461,"deployments_active":1133,"is_public":true,"mine":false,"created":"2019-03-09T02:07:09","updated":"2023-09-28T19:20:56","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## LAMP Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-lamp\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n webserver_stack: lamp\n soa_email_address: ${SOA_EMAIL_ADDRESS}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n \n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"user_name","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":606691,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"LEMP One-Click","description":"LEMP Stack","ordinal":54,"logo_url":"assets/LEMP.svg","images":["linode/ubuntu22.04"],"deployments_total":4038,"deployments_active":303,"is_public":true,"mine":false,"created":"2019-10-27T15:29:04","updated":"2023-09-27T06:56:56","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## LEMP Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-lemp\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n webserver_stack: lemp\n soa_email_address: ${SOA_EMAIL_ADDRESS}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"user_name","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":923032,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"LiteSpeed cPanel One-Click","description":"LiteSpeed cPanel One-Click","ordinal":55,"logo_url":"assets/litespeedcpanel.svg","images":["linode/almalinux8"],"deployments_total":972,"deployments_active":21,"is_public":true,"mine":false,"created":"2021-10-18T00:57:12","updated":"2023-09-27T20:51:19","rev_note":"","script":"#!/bin/bash\n## Logging\nexec > /var/log/stackscript.log 2>&1\n## Install cPanel\nyum install -y kernel grub2\nsed -i -e \"s/GRUB_TIMEOUT=5/GRUB_TIMEOUT=10/\" /etc/default/grub\nsed -i -e \"s/crashkernel=auto rhgb console=ttyS0,19200n8/console=ttyS0,19200n8/\" /etc/default/grub\nmkdir /boot/grub\ngrub2-mkconfig -o /boot/grub/grub.cfg\nsystemctl stop firewalld.service\nsystemctl disable firewalld.service\nsystemctl stop NetworkManager\nsystemctl disable NetworkManager\nsystemctl enable network\nsystemctl start network\nyum remove NetworkManager -y\ncd /home \ncurl -o latest -L https://securedownloads.cpanel.net/latest && sh latest\nyum remove ea-apache24-mod_ruid2 -y\n## Install LSWS on cPanel\nADMIN_PASS=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16 ; echo '')\ncat <>/home/lsws.options\n## 1 = enable, 0 = disable, 2 = user home directory\nphp_suexec=\"2\"\nport_offset=\"0\"\nadmin_user=\"admin\"\nadmin_pass=\"${ADMIN_PASS}\"\nadmin_email=\"root@localhost\"\neasyapache_integration=\"1\"\nauto_switch_to_lsws=\"1\"\ndeploy_lscwp=\"1\"\nEOT\nbash <( curl https://get.litespeed.sh ) TRIAL","user_defined_fields":[]},{"id":1008123,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"LiveSwitch One-Click","description":"LiveSwitch One-Click","ordinal":56,"logo_url":"assets/liveswitch.svg","images":["linode/ubuntu20.04"],"deployments_total":172,"deployments_active":1,"is_public":true,"mine":false,"created":"2022-05-18T16:41:37","updated":"2023-09-26T19:05:18","rev_note":"","script":"#!/bin/bash\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n\nsudo dpkg --configure -a\n\n# kill any background updater jobs\nsudo killall apt apt-get\n\n# helpers\nsudo apt-get install dialog apt-utils -y -q\n\nsudo DEBIAN_FRONTEND=noninteractive apt-get update -y\nsudo DEBIAN_FRONTEND=noninteractive apt-get upgrade -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef -y\n\n# firewall\n# normal defaults\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\n# ssh on\nsudo ufw allow ssh\n# dynamic inbound traffic\nsudo ufw allow 49152:65535/udp\n# TURN\nsudo ufw allow 3478/udp\n# TURN TCP\nsudo ufw allow 80/tcp\n# TURNS\nsudo ufw allow 443/tcp\n# admin (only really should do this for a demo system where it's all on one box)\nsudo ufw allow 9090/tcp\nsudo ufw allow 9443/tcp\n# gateway (only really should do this for a demo system where it's all on one box)\nsudo ufw allow 8080/tcp\nsudo ufw allow 8443/tcp\n\n# sip\n# sudo ufw allow 5061/udp\n# sudo ufw allow 5061/tcp\n\n# we will turn on the firewall at the end because it disconnects us\n\n# install docker\nsudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\nsudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable\"\napt-cache policy docker-ce\nsudo apt-get install -y docker-ce\n\n# entropy fix for docker\nsudo apt-get install -y haveged\n\n# install docker compose\nsudo curl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\nsudo chmod +x /usr/local/bin/docker-compose\n\n# retrieve docker compose files\nmkdir -p /opt/liveswitch\nsudo curl -L \"https://raw.githubusercontent.com/jvenema/liveswitch-docker-compose/main/docker-compose-liveswitch.service\" -o /opt/liveswitch/docker-compose-liveswitch.service\nsudo curl -L \"https://raw.githubusercontent.com/jvenema/liveswitch-docker-compose/main/docker-compose.yml\" -o /opt/liveswitch/docker-compose.yml\n\n# install liveswitch docker compose\nsudo cp /opt/liveswitch/docker-compose-liveswitch.service /etc/systemd/system/\nsudo systemctl enable docker\nsudo systemctl enable docker-compose-liveswitch\nsudo systemctl start docker-compose-liveswitch\n\n# clean up some logs\nsudo rm -f /var/log/cloud-init-output.log\nsudo rm -f /var/log/dpkg.log\nsudo rm -f /var/log/kern.log\nsudo rm -f /var/log/ufw.log\n\n# turn on the firewall\nsudo ufw --force enable\nsudo reboot","user_defined_fields":[]},{"id":869159,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MagicSpam One-Click","description":"MagicSpam One-Click","ordinal":57,"logo_url":"assets/magicspam.svg","images":["linode/centos7"],"deployments_total":4,"deployments_active":0,"is_public":true,"mine":false,"created":"2021-07-20T19:13:52","updated":"2023-08-28T19:43:48","rev_note":"","script":"#!/bin/bash\n\n# \n# \n# \n\n# source the stackscript for the selected control panel\nif [ \"$CONTROL_PANEL\" == \"cPanel\" ]; then\n # redirect ALL output to the stackscript log for future troubleshooting\n exec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n # cPanel Marketplace App install\n source \n\n # set the hostname to replicate Plesk stackscript for consistent behavior\n IPADDR=$(/sbin/ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://')\n echo $HOSTNAME > /etc/hostname\n hostname -F /etc/hostname\n echo $IPADDR $HOSTNAME >> /etc/hosts\nelif [ \"$CONTROL_PANEL\" == \"Plesk\" ]; then\n # Plesk Marketplace App install\n # NOTE: do not redirect output to the stackscript log to avoid duplicate log\n # lines as the Plesk stackscript already redirects to it\n source \nelse\n echo \"Invalid control panel option detected. Aborting...\"\n exit 1\nfi\n\n# install MagicSpam via the installer script\nwget https://www.magicspam.com/download/magicspam-installer.sh -O /root/magicspam-installer\nchmod +x /root/magicspam-installer\n/root/magicspam-installer -l \"$MS_LICENSE_KEY\"","user_defined_fields":[{"name":"control_panel","label":"The Control Panel to deploy alongside with MagicSpam. Make sure to select an Image supported by the selected Control Panel. For more information, please refer to the MagicSpam App Information Sidebar.","oneof":"cPanel,Plesk"},{"name":"ms_license_key","label":"The MagicSpam license key. Please make sure to use the appropriate license key for the selected Control Panel. For more information, please refer to the MagicSpam App information sidebar."},{"name":"hostname","label":"The server's hostname."}]},{"id":1096122,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Mastodon One-Click","description":"Mastodon is an open-source and decentralized micro-blogging platform, supporting federation and public access to the server.","ordinal":58,"logo_url":"assets/mastodon.svg","images":["linode/debian11"],"deployments_total":1581,"deployments_active":65,"is_public":true,"mine":false,"created":"2022-12-05T15:57:04","updated":"2023-09-28T09:43:00","rev_note":"","script":"#!/bin/bash\nset -x\n## Mastodon Settings\n#\n#\n#\n#\n#\n#\n\n\n# git repo + workdirs\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/mastodon-oca.git\"\nexport WORK_DIR=\"/tmp/oca-deployment\"\nexport LINODE_API_TOKEN=\"${TOKEN_PASSWORD}\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nsource \n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n}\n\nfunction setup {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip python3-dev build-essential\n\n #clone repo and set up ansible environment\n mkdir -p ${WORK_DIR}\n cd ${WORK_DIR}\n git clone $GIT_REPO\n cd mastodon-oca\n\n # write udf vars\n cat < group_vars/mastodon/vars\n domain: ${DOMAIN}\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n owner_username: ${OWNER_USERNAME}\n owner_email: ${OWNER_EMAIL}\n single_user_mode: ${SINGLE_USER_MODE}\nEND\n\n #venv\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n}\n\nfunction run {\n# run playbooks\n ansible-playbook -v site.yml\n}\n\n# main\nsetup\nrun\ncleanup\necho \"Installation Complete!\"","user_defined_fields":[{"name":"domain","label":"Domain name for your Mastodon instance.","example":"domain.tld"},{"name":"token_password","label":"Your Linode API token"},{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"owner_username","label":"Username for Mastodon Owner","example":""},{"name":"owner_email","label":"Email address for Mastodon Owner","example":"owner@example.com"},{"name":"single_user_mode","label":"Do you want to start Mastodon in single-user mode?","oneof":"Yes,No"}]},{"id":611895,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MEAN One-Click","description":"MEAN One-Click","ordinal":59,"logo_url":"assets/mean.svg","images":["linode/ubuntu20.04"],"deployments_total":702,"deployments_active":41,"is_public":true,"mine":false,"created":"2019-11-14T04:49:44","updated":"2023-09-20T19:44:10","rev_note":"Initial import","script":"#!/usr/bin/env bash\n\n## MEAN Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction dependmean {\n apt-get install -y build-essential git fontconfig libpng-dev ruby ruby-dev wget gnupg\n gem install sass\n}\n\nfunction mongoinstall {\n cd && wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\n if [ \"${detected_distro[distro]}\" = 'debian' ]; then \n echo \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n else \n echo \"Setting this up for the future incase we add more distros\"\n fi\n apt-get update -y\n apt-get install -y mongodb-org\n systemctl enable mongod.service\n systemctl start mongod.service\n}\n\n\nfunction meaninstall {\n apt-get install -y curl software-properties-common\n curl -fsSL https://deb.nodesource.com/setup_16.x | bash -\n apt-get install -y nodejs\n\n # MEAN APP CONFIGURATION\n cd && mkdir -p /opt/mean\n cd /opt/mean\n cat <> package.json\n{\n\"name\" : \"mean\",\n\"version\": \"0.0.1\"\n}\nEND\n npm install express --save\n npm install angular\n cat <> server.js\nvar express = require('express');\nvar app = express();\nvar port = 3000;\napp.get('/', function(req, res) {\nres.send('Hello World Powered By: Linode Marketplace');\n});\napp.listen(port, function(){\nconsole.log(\"Listening at port: \" + port);\n})\nEND\n # Start App on reboot\n cd && npm install pm2 -g\n pm2 start --name=\"MEAN_APP\" /opt/mean/server.js\n pm2 startup \n pm2 save\n}\n\nfunction nginxmean {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n server_name $FQDN www.$FQDN;\n location / {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host \\$host;\n proxy_cache_bypass \\$http_upgrade;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n}\n\nfunction sslmean {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewallmean {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n dependmean\n firewallmean\n mongoinstall\n meaninstall\n nginxmean\n sslmean\n\n}\n\n# execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address for SSL certificate"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":401702,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MERN One-Click","description":"MERN One-Click","ordinal":60,"logo_url":"assets/MERN.svg","images":["linode/debian10","linode/ubuntu20.04","linode/debian11"],"deployments_total":1397,"deployments_active":52,"is_public":true,"mine":false,"created":"2019-03-08T21:07:40","updated":"2023-09-28T07:39:26","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 3000\nfail2ban_install\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install dependencies\napt-get install -y build-essential git \n\n# Install Mongodb\napt-get install -y wget gnupg\nwget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get update -y\napt-get install -y mongodb-org\nsystemctl enable mongod.service\nsystemctl start mongod.service\n\n# Install NodeJS and NPM\napt-get install -y curl software-properties-common\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \ncurl -fsSL https://deb.nodesource.com/setup_16.x | bash -\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\ncurl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get install -y nodejs\n\n# Install ExpressJS\nnpm update -g\nnpm install --global express\nnpm link express\nnpm -g install create-react-app\ncd /opt\ncreate-react-app hello-world\nnpm i --package-lock-only\nnpm audit fix\n\n# Start App on reboot\ncat < /lib/systemd/system/hello-world.service\n[Unit]\nDescription=Hello World React Application Service\nRequires=hello-world.service\nAfter=hello-world.service\n\n[Service]\nType=simple\nUser=root\nRemainAfterExit=yes\nRestart=on-failure\nWorkingDirectory=/opt/hello-world\nExecStart=npm start --host 0.0.0.0 --port=3000\n\n[Install]\nWantedBy=multi-user.target\nEND\n\nsystemctl daemon-reload\nsystemctl start hello-world\nsystemctl enable hello-world\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":1051714,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Microweber One-Click","description":"Microweber One-Click","ordinal":61,"logo_url":"assets/microweber.svg","images":["linode/ubuntu20.04"],"deployments_total":444,"deployments_active":20,"is_public":true,"mine":false,"created":"2022-09-01T15:43:41","updated":"2023-09-28T19:46:06","rev_note":"","script":"#!/usr/bin/env bash\n# https://github.com/microweber/microweber\nset -o pipefail\nMICROWEBER_INSTALLER_TAG=\"1.3.1\"\nWORKING_DIR=\"/var/www/html\"\nDOWNLOAD_URL='http://updater.microweberapi.com/builds/master/microweber.zip'\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## 03-force-ssh-logout.sh\ncat >>/etc/ssh/sshd_config </dev/null\napt install -y apache2 libapache2-mod-php8.1\napt install -y mysql-server\napt install -y php8.1-{bcmath,xml,fpm,mysql,iconv,xsl,zip,intl,ldap,gd,cli,dev,bz2,curl,exif,mbstring,pgsql,sqlite3,tokenizer,opcache,soap,cgi,common,imap,opcache}\napt install -y python3-certbot-apache software-properties-common unzip curl\napt install -y php-pear\npecl install -f libsodium\nsed -i 's/;opcache.enable\\s*=.*/opcache.enable=1/g' /etc/php/8.1/cli/php.ini\necho 'extension=sodium.so' > /etc/php/8.1/cli/10-sodium.ini\necho 'extension=sodium.so' > /etc/php/8.1/fpm/10-sodium.ini\necho 'extension=sodium.so' > /etc/php/8.1/cgi/10-sodium.ini\n# 01-fs.sh\ncat >/etc/apache2/sites-available/000-default.conf <\n \n Options Indexes FollowSymLinks\n AllowOverride All\n Require all granted\n \n ServerAdmin webmaster@localhost\n DocumentRoot /var/www/html\n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEOM\ncat >/etc/update-motd.d/99-one-click < certbot --apache -d example.com -d www.example.com\nIMPORTANT:\n * After connecting to the server for the first time, immediately install\n Microweber at http://\\$myip/\n * Secure your database by running:\n > mysql_secure_installation\nFor help and more information visit https://microweber.org\n********************************************************************************\nTo delete this message of the day: rm -rf \\$(readlink -f \\${0})\nEOF\nEOM\nchmod +x /etc/update-motd.d/99-one-click\ncat >/etc/cron.d/microweber </etc/php/8.1/apache2/conf.d/30-microweber.ini <>/var/log/per-instance.log\nMYSQL_ROOT_PASS=$(openssl rand -hex 16)\nDEBIAN_SYS_MAINT_MYSQL_PASS=$(openssl rand -hex 16)\nMICROWEBER_DB_HOST=localhost\nMICROWEBER_DB_PORT=3306\nMICROWEBER_DB_NAME=microweber\nMICROWEBER_DB_USER=microweber\nMICROWEBER_DB_PASS=$(openssl rand -hex 16)\ncat >/root/.mysql_password <>/etc/apache2/envvars </etc/mysql/debian.cnf <>/var/log/per-instance.log\necho \"[OK] Microweber Installer $MICROWEBER_INSTALLER_TAG provisioned!\"","user_defined_fields":[]},{"id":691614,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Mist.io One-Click","description":"Mist.io One-Click","ordinal":62,"logo_url":"assets/mistio.svg","images":["linode/debian10"],"deployments_total":313,"deployments_active":3,"is_public":true,"mine":false,"created":"2020-11-30T20:25:44","updated":"2023-09-17T02:05:32","rev_note":"","script":"#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# apt-get updates\n echo 'Acquire::ForceIPv4 \"true\";' > /etc/apt/apt.conf.d/99force-ipv4\n export DEBIAN_FRONTEND=noninteractive\n apt-get update -y\n\n# \n\n# \n\n## install docker\nsudo apt-get install -y \\\n apt-transport-https \\\n ca-certificates \\\n curl \\\n gnupg-agent \\\n software-properties-common\n\ncurl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -\n\nsudo add-apt-repository \\\n \"deb [arch=amd64] https://download.docker.com/linux/debian \\\n $(lsb_release -cs) \\\n stable\"\n\nsudo apt-get update\n\nsudo apt-get install -y docker-ce docker-ce-cli containerd.io\n\n## install docker-compose\nsudo curl -L \"https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\n\nsudo chmod +x /usr/local/bin/docker-compose\n\n## get latest mist\nmkdir ~/mist && cd ~/mist\n\nexport MIST_CE_REPO=https://github.com/mistio/mist-ce/releases/latest\nexport LATEST_TAG=\"$(curl -sI \"${MIST_CE_REPO}\" | grep -Po 'tag\\/\\K(v\\S+)')\"\n\nwget https://github.com/mistio/mist-ce/releases/download/$LATEST_TAG/docker-compose.yml\n\n# set CORE_URI\nmkdir settings\nexport IP=$(ip r | grep /24 | grep -Eo \"([0-9]{1,3}[\\.]){3}[1-9]{1,3}\")\necho 'CORE_URI=\"http://'$IP'\"' > settings/settings.py\n\ndocker-compose up -d\n\nwhile !(curl -sSLf http://localhost >/dev/null); do\n sleep 5\ndone\n\ndocker-compose exec -T api ./bin/adduser --admin \"${MIST_EMAIL}\" --password \"${MIST_PASSWORD}\"","user_defined_fields":[{"name":"mist_email","label":"Mist admin user's email.","example":"Set your admin user's email."},{"name":"mist_password","label":"Mist admin user's password.","example":"Set your admin user's password."}]},{"id":609195,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MongoDB One-Click","description":"MongoDB One-Click","ordinal":63,"logo_url":"assets/mongodb.svg","images":["linode/ubuntu20.04","linode/debian11"],"deployments_total":1757,"deployments_active":84,"is_public":true,"mine":false,"created":"2019-11-06T07:14:07","updated":"2023-08-28T19:43:49","rev_note":"","script":"#!/bin/bash\n## Mongo Settings\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction mongoinstall {\n apt-get install -y wget gnupg\n if [ $MONGOVERSION == \"5.0\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n elif [ $MONGOVERSION == \"4.4\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list\n elif [ $MONGOVERSION == \"4.2\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list\n elif [ $MONGOVERSION == \"4.0\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.0.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list\n fi\n\n apt-get update -y\n apt-get install -y mongodb-org\n systemctl enable mongod.service\n systemctl start mongod.service\n}\n\nfunction createmongouser {\n echo \"Creating Mongo User\" & sleep 3\n mongo < /etc/mongod.conf\n# mongod.conf\n# for documentation of all options, see:\n# http://docs.mongodb.org/manual/reference/configuration-options/\n# Where and how to store data.\nstorage:\n dbPath: /var/lib/mongodb\n journal:\n enabled: true\n# engine:\n# wiredTiger:\n# where to write logging data.\nsystemLog:\n destination: file\n logAppend: true\n path: /var/log/mongodb/mongod.log\n# network interfaces\nnet:\n port: 27017\n bindIp: 127.0.0.1\n# how the process runs\nprocessManagement:\n timeZoneInfo: /usr/share/zoneinfo\nsecurity:\n authorization: enabled\n#operationProfiling:\n#replication:\n#sharding:\n## Enterprise-Only Options:\n#auditLog:\n#snmp:\nEOF\n service mongod restart\n}\n\nfunction main {\n mongoinstall\n createmongouser \n setauth\n}\n\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"db_password","label":"Mongo Password"},{"name":"mongoversion","label":"Mongo Version","oneof":"5.0,4.4,4.2,4.0","default":"5.0"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for soa record","default":""}]},{"id":1067004,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MongoDB Cluster One-Click","description":"MongoDB replica set","ordinal":64,"logo_url":"assets/mongodbmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":49,"deployments_active":2,"is_public":true,"mine":false,"created":"2022-09-29T18:32:36","updated":"2023-08-28T19:43:49","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_PAT=\"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\"\nexport GIT_REPO=\"https://linode-solutions:${GIT_PAT}@github.com/linode-solutions/mongodb-occ.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/mongodb-cluster\" ]; then\n rm -rf /tmp/mongodb-cluster\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction destroy_linode {\n curl -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X DELETE \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction add_privateip {\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[+] Linode private IP present\"\n else\n echo \"[!] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependancies\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # Rename Provisioner & add Private IP \n rename_provisioner\n configure_privateip \n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/mongodb-cluster\n cd /tmp/mongodb-cluster\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"token_password","label":"Your Linode API token"},{"name":"sudo_username","label":"The limited sudo user to be created in the cluster"},{"name":"cluster_name","label":"Domain Name"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no","default":"yes"},{"name":"sslheader","label":"SSL Information","header":"Yes","default":"Yes","required":"Yes"},{"name":"country_name","label":"Details for self-signed SSL certificates: Country or Region","oneof":"AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW"},{"name":"state_or_province_name","label":"State or Province","example":"Example: Pennsylvania"},{"name":"locality_name","label":"Locality","example":"Example: Philadelphia"},{"name":"organization_name","label":"Organization","example":"Example: Akamai Technologies"},{"name":"email_address","label":"Email Address","example":"Example: user@domain.tld"},{"name":"ca_common_name","label":"CA Common Name","default":"Mongo CA"},{"name":"common_name","label":"Common Name","default":"Mongo Server"},{"name":"cluster_size","label":"MongoDB cluster size","default":"3","oneof":"3"}]},{"id":869127,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Moodle One-Click","description":"Moodle One-Click","ordinal":65,"logo_url":"assets/moodle.svg","images":["linode/ubuntu20.04"],"deployments_total":1211,"deployments_active":91,"is_public":true,"mine":false,"created":"2021-07-20T18:48:49","updated":"2023-09-18T19:16:02","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables\n## Moodle settings\n#\n#\n#\n#\n\n## Domain settings\n#\n#\n#\n\n## Linode/SSH Security Settings \n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# System Update\nsystem_update\n\n# Install dependencies \napt install -y apache2 mysql-client mysql-server php libapache2-mod-php git graphviz aspell ghostscript clamav php7.4-pspell php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-ldap php7.4-zip php7.4-soap php7.4-mbstring\n\n# Firewall\nufw allow http \nufw allow https\n\n# Secure MySQL\nrun_mysql_secure_installation_ubuntu20\n\n# Install Moodle\ncd /var/www/html\ngit clone git://git.moodle.org/moodle.git\ncd moodle\ngit branch --track MOODLE_39_STABLE origin/MOODLE_39_STABLE\ngit checkout MOODLE_39_STABLE\n\n# Configure Moodle\nmkdir /var/moodledata\nchmod -R 777 /var/moodledata \nchmod -R 755 /var/www/html/moodle \n\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE USER 'moodle'@'localhost' IDENTIFIED BY '$DB_PASSWORD';\";\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodle'@'localhost';\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES\";\n\ncat < /etc/apache2/sites-available/moodle.conf\n\n ServerAdmin admin@$FQDN\n DocumentRoot /var/www/html/moodle/\n ServerName $FQDN\n ServerAlias www.$FQDN \n \n Options +FollowSymlinks\n AllowOverride All\n Require all granted\n \n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEND\n\na2enmod rewrite\na2ensite moodle.conf\na2dissite 000-default.conf\nservice apache2 restart\n\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n/usr/bin/php admin/cli/install.php --chmod=777 --lang=en_us --wwwroot=https://$FQDN --dataroot=/var/moodledata/ --dbtype=mysqli --dbhost=localhost --dbname=moodle --dbuser=moodle --dbpass=$DB_PASSWORD --dbport=3306 --dbsocket=1 --prefix=mdl_ --fullname=moodle --shortname=moodle --summary=\"Moodle: Powered By Linode Marketplace\" --adminuser=moodle --adminpass=\"$ADMIN_PASSWORD\" --adminemail=$SOA_EMAIL_ADDRESS --upgradekey= --non-interactive --agree-license\n\nchown -R www-data: /var/www/html/moodle\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"admin_password","label":"Moodle Admin Password"},{"name":"soa_email_address","label":"Moodle Admin Email"},{"name":"dbroot_password","label":"MySQL Root Password"},{"name":"db_password","label":"Moodle database User password"},{"name":"token_password","label":"Your Linode API token. This is required in order to create DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"username","label":"The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)","example":"user1"},{"name":"password","label":"The password for the Linode's admin/SSH user","example":"S3cuReP@s$w0rd"},{"name":"pubkey","label":"The SSH Public Key used to securely access the Linode via SSH","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":607026,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"MySQL/MariaDB One-Click","description":"MySql One Click","ordinal":66,"logo_url":"assets/mysql.svg","images":["linode/ubuntu20.04"],"deployments_total":4358,"deployments_active":305,"is_public":true,"mine":false,"created":"2019-10-29T19:03:33","updated":"2023-09-27T18:51:45","rev_note":"Initial import","script":"#!/usr/bin/env bash\n\n## MySQL Settings\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 3306\nfail2ban_install\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\nif [[ \"$DATABASE\" == \"MySQL\" ]]; then\n # Install/configure MySQL\n apt install -y mysql-server\n # Secure MySQL install\n run_mysql_secure_installation_ubuntu20 \nelse \n # Install/configure MySQL\n apt install -y mariadb-server\n # Secure MySQL install\n run_mysql_secure_installation\nfi\n\nmysql -uroot -p$DBROOT_PASSWORD -e \"create database $DATABASE_NAME;\"\nmysql -uroot -p$DBROOT_PASSWORD -e \"CREATE USER '$DBUSER' IDENTIFIED BY '$DBUSER_PASSWORD';\"\nmysql -uroot -p$DBROOT_PASSWORD -e \"GRANT ALL PRIVILEGES ON $DATABASE_NAME.* TO '$DBUSER'@'%' WITH GRANT OPTION;\"\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"database","label":"Would you like to install MySQL or MariaDB?","oneof":"MySQL,MariaDB"},{"name":"dbroot_password","label":"MySQL Root Password","example":"s3cur3_9a55w04d"},{"name":"dbuser","label":"MySQL User","example":"user1"},{"name":"dbuser_password","label":"MySQL User Password","example":"s3cur3_9a55w04d"},{"name":"database_name","label":"Create Database","example":"testdb"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":970561,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"NodeJS One-Click","description":"NodeJS One-Click","ordinal":67,"logo_url":"assets/nodejs.svg","images":["linode/ubuntu20.04"],"deployments_total":1981,"deployments_active":256,"is_public":true,"mine":false,"created":"2022-02-07T17:21:41","updated":"2023-09-28T10:05:01","rev_note":"","script":"#!/usr/bin/env bash\n\n## NodeJS Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction nodejs {\n if [ \"${detected_distro[distro]}\" = 'debian' ]; then \n curl -fsSL https://deb.nodesource.com/setup_16.x | bash -\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -\n else \n echo \"Setting this up for the future incase we add more distros\"\n fi\n apt-get install -y nodejs\n \n mkdir -p /opt/nodejs\n cat < /opt/nodejs/hello.js\nconst http = require('http');\n\nconst hostname = 'localhost';\nconst port = 3000;\n\nconst server = http.createServer((req, res) => {\n res.statusCode = 200;\n res.setHeader('Content-Type', 'text/plain');\n res.end('Hello World Powered By Linode Marketplace');\n});\n\nserver.listen(port, hostname, () => {\n console.log(`Server running at http://localhost:3000/`);\n});\nEND\n}\n\nfunction pm2nodejs {\n npm install pm2@latest -g --no-audit\n cd /opt/nodejs/\n pm2 start hello.js\n sleep 5\n pm2 startup systemd\n sleep 5\n pm2 save\n}\n\nfunction nginxnodejs {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n server_name $FQDN www.$FQDN;\n\n location / {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host \\$host;\n proxy_cache_bypass \\$http_upgrade;\n }\n\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n}\n\nfunction sslnodejs {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewallnodejs {\n ufw allow http\n ufw allow https\n\n}\nfunction main {\n nodejs\n pm2nodejs\n firewallnodejs \n nginxnodejs \n sslnodejs \n}\n\n# Execute Script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"This is the Email address for the LetsEncrypt SSL Certificate","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":869156,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"NirvaShare One-Click","description":"NirvaShare One-Click","ordinal":68,"logo_url":"assets/nirvashare.svg","images":["linode/ubuntu20.04"],"deployments_total":209,"deployments_active":4,"is_public":true,"mine":false,"created":"2021-07-20T19:08:35","updated":"2023-09-28T03:25:34","rev_note":"","script":"#!/bin/bash\n#\n# Script to install NirvaShare applications on Linode\n# Installs docker, docker-compose, postgres db, nirvashare admin and user share app\n#\n#\n# \n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## Linode Docker OCA\nsource \n\n# Configure service file\ncat < /etc/systemd/system/nirvashare.service\n[Unit]\nDescription=Docker Compose NirvaShare Application Service\nRequires=nirvashare.service\nAfter=nirvashare.service\n[Service]\nType=oneshot\nRemainAfterExit=yes\nExecStart=/usr/bin/docker-compose up -d\nExecStop=/usr/bin/docker-compose down\nExecReload=/usr/bin/docker-compose up -d \nWorkingDirectory=/var/nirvashare/\n[Install]\nWantedBy=multi-user.target\nEND\n\n# Get Docker Composer file\nmkdir -p /var/nirvashare\ncd /var/nirvashare\necho \"version: '3'\nservices:\n admin:\n image: nirvato/nirvashare-admin:latest\n container_name: nirvashare_admin\n networks:\n - nirvashare\n restart: always\n ports:\n# # Public HTTP Port:\n - 8080:8080\n environment:\n ns_db_jdbc_url: 'jdbc:postgresql://nirvashare_database:5432/postgres'\n ns_db_username: 'nirvashare'\n ns_db_password: '$DBPASSWORD'\n volumes:\n - /var/nirvashare:/var/nirvashare \n depends_on:\n - db\n userapp:\n image: nirvato/nirvashare-userapp:latest\n container_name: nirvashare_userapp\n networks:\n - nirvashare\n restart: always\n ports:\n# # Public HTTP Port:\n - 8081:8080\n environment:\n ns_db_jdbc_url: 'jdbc:postgresql://nirvashare_database:5432/postgres'\n ns_db_username: 'nirvashare'\n ns_db_password: '$DBPASSWORD'\n volumes:\n - /var/nirvashare:/var/nirvashare \n depends_on:\n - admin\n db:\n image: postgres:13.2\n networks:\n - nirvashare\n container_name: nirvashare_database\n restart: always\n# ports:\n# - 5432:5432\n environment: \n POSTGRES_PASSWORD: '$DBPASSWORD'\n POSTGRES_USER: 'nirvashare'\n volumes:\n - db_data:/var/lib/postgresql/data\nvolumes:\n db_data:\nnetworks:\n nirvashare: {}\n\" > /var/nirvashare/docker-compose.yml\n\n# Enable Nirvashare daemon\nsystemctl daemon-reload\nsystemctl enable nirvashare.service\nsystemctl start nirvashare.service\n\n# Open port 8080\nufw allow 8080\nufw reload\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"dbpassword","label":"Database Password"}]},{"id":971043,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Odoo One-Click","description":"Odoo One-Click","ordinal":69,"logo_url":"assets/odoo.svg","images":["linode/ubuntu20.04"],"deployments_total":1661,"deployments_active":100,"is_public":true,"mine":false,"created":"2022-02-08T16:21:37","updated":"2023-09-28T07:27:47","rev_note":"","script":"#!/bin/bash\n## ODOO Settings\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## Linode Docker OCA\nsource \n\nfunction odooinstall {\n docker volume create odoo-db\n docker volume create odoo-data\n docker run -d --restart=always -v odoo-db:/var/lib/postgresql/data -e POSTGRES_USER=odoo -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD -e POSTGRES_DB=postgres --name db postgres:13\n docker run -d --restart=always -v odoo-data:/var/lib/odoo -d -p 8069:8069 --name odoo --link db:db -t odoo\n}\n\nfunction nginxreverse {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n server_name $FQDN;\n error_log /var/log/nginx/$FQDN.error;\n access_log /var/log/nginx/$FQDN.access;\n location / {\n proxy_pass http://localhost:8069;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host \\$host;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n \n}\n\nfunction ssl_lemp {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n odooinstall\n firewall\n nginxreverse\n ssl_lemp\n}\n\n# Execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"postgres_password","label":"Postgres Password for the ODOO user","example":"s3cur3_9a55w04d"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":1102907,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"ONLYOFFICE Docs One-Click","description":"ONLYOFFICE Docs One-Click app","ordinal":70,"logo_url":"assets/onlyoffice.svg","images":["linode/ubuntu22.04"],"deployments_total":263,"deployments_active":11,"is_public":true,"mine":false,"created":"2022-12-20T17:50:23","updated":"2023-09-22T18:39:41","rev_note":"","script":"#!/usr/bin/env bash\n# \n# \n# \n\n# SSL Settings\n# \n# \n# \n# \n\n# Enable Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n\n# Get and install docker\n# curl -fsSL get.docker.com | sudo sh\napt install -y apt-transport-https ca-certificates curl software-properties-common\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg\necho \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \napt update\napt install -y docker-ce\nsystemctl enable --now docker.service\n\nCONTAINER_NAME=\"onlyoffice-docs\"\n\n# Run ONLYOFFICE-Docs with SSL\nif [[ \"${SSL_ENABLED}\" == \"true\" ]]; then\n\tif [[ -z ${ABS_DOMAIN} ]]; then\n\t\techo \"Missing required LETS_ENCRYPT_DOMAIN parameter for correct SSL work\"\n\t\texit 1\n\tfi\n\tif [[ -z ${LETS_ENCRYPT_MAIL} ]]; then\n\t\techo \"Missing required LETS_ENCRYPT_MAIL parameter for correct SSL work\"\n\t\texit 1\n fi\n\tsudo docker run -i -t -d -p 80:80 -p 443:443 \\\n\t\t-e JWT_ENABLED=${JWT_ENABLED} \\\n \t\t-e JWT_SECRET=${JWT_SECRET} \\\n\t\t-e LETS_ENCRYPT_DOMAIN=${ABS_DOMAIN} \\\n -e LETS_ENCRYPT_MAIL=${LETS_ENCRYPT_MAIL} \\\n\t\t-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \\\n\t\t-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \\\n \t-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \\\n \t-v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \\\n \t-v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \\\n \t-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \\\n\t\t--name ${CONTAINER_NAME} \\\n\t\tonlyoffice/documentserver:${DOCS_VERSION}\n\telse \n# Run ONLYOFFICE-Docs without SSL\n\tsudo docker run -i -t -d -p 80:80 \\\n -e JWT_ENABLED=${JWT_ENABLED} \\\n -e JWT_SECRET=${JWT_SECRET} \\\n -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \\\n -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \\\n -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \\\n -v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \\\n -v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \\\n -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \\\n --name ${CONTAINER_NAME} \\\n onlyoffice/documentserver:${DOCS_VERSION}\nfi\n\n# Wait for run\nready_check() {\n echo -e \"\\e[0;32m Waiting for the launch of DocumentServer... \\e[0m\" \n for i in {1..30}; do\n echo \"Getting the DocumentServer status: ${i}\"\n OUTPUT=\"$(curl -Is http://localhost/healthcheck/ | head -1 | awk '{ print $2 }')\"\n if [ \"${OUTPUT}\" == \"200\" ]; then\n echo -e \"\\e[0;32m DocumentServer is ready \\e[0m\"\n local DS_READY\n DS_READY='yes'\n break\n else\n sleep 10\n fi\n done\n if [[ \"${DS_READY}\" != 'yes' ]]; then\n err \"\\e[0;31m Something goes wrong documentserver does not started, check logs with command --> docker logs -f ${CONTAINER_NAME} \\e[0m\"\n exit 1\n fi\n}\n\nready_check\n\n# Enable Docs-example\nsudo docker exec ${CONTAINER_NAME} supervisorctl start ds:example\n\n# Add Docs-example to autostart\nsudo docker exec ${CONTAINER_NAME} sudo sed 's,autostart=false,autostart=true,' -i /etc/supervisor/conf.d/ds-example.conf\n\n# Add MOTD \ncat >/etc/motd < >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and Django\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/djangosetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n### Reboot server\nreboot","user_defined_fields":[]},{"id":923031,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"OpenLiteSpeed NodeJS One-Click","description":"OpenLiteSpeed NodeJS One-Click","ordinal":72,"logo_url":"assets/openlitespeednodejs.svg","images":["linode/centos7","linode/debian10","linode/ubuntu20.04","linode/debian11","linode/ubuntu22.04"],"deployments_total":458,"deployments_active":20,"is_public":true,"mine":false,"created":"2021-10-18T00:52:51","updated":"2023-09-25T01:55:46","rev_note":"","script":"#!/bin/bash\n### linode\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and NodeJS\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/nodejssetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )","user_defined_fields":[]},{"id":923030,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"OpenLiteSpeed Rails One-Click","description":"OpenLiteSpeed Rails One-Click","ordinal":73,"logo_url":"assets/openlitespeedrails.svg","images":["linode/centos7","linode/debian10","linode/ubuntu20.04","linode/debian11","linode/ubuntu22.04"],"deployments_total":47,"deployments_active":1,"is_public":true,"mine":false,"created":"2021-10-18T00:51:05","updated":"2023-08-28T19:43:49","rev_note":"","script":"#!/bin/bash\n### linode\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and Rails\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/railssetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )","user_defined_fields":[]},{"id":691622,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"OpenLiteSpeed WordPress One-Click","description":"OpenLiteSpeed WordPress One-Click","ordinal":74,"logo_url":"assets/openlitespeedwordpress.svg","images":["linode/centos7","linode/debian10","linode/ubuntu20.04","linode/debian11","linode/ubuntu22.04"],"deployments_total":7592,"deployments_active":618,"is_public":true,"mine":false,"created":"2020-11-30T21:25:01","updated":"2023-09-28T20:14:15","rev_note":"","script":"#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n### linode\n### Install OpenLiteSpeed and WordPress\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/wpimgsetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n### Clean up ls tmp folder\nsudo rm -rf /tmp/lshttpd/*","user_defined_fields":[]},{"id":401719,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"OpenVPN One-Click","description":"OpenVPN OCA Debian 11 & ubuntu 20","ordinal":75,"logo_url":"assets/OpenVPN.svg","images":["linode/ubuntu20.04","linode/debian11"],"deployments_total":38821,"deployments_active":1728,"is_public":true,"mine":false,"created":"2019-03-09T03:02:02","updated":"2023-09-28T20:24:29","rev_note":"Install extra dependencies ","script":"#!/bin/bash\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Install OpenVPN dependencies\napt update && apt -y install ca-certificates wget net-tools gnupg\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \nwget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -\necho \"deb http://as-repository.openvpn.net/as/debian bullseye main\">/etc/apt/sources.list.d/openvpn-as-repo.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\nwget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -\necho \"deb http://as-repository.openvpn.net/as/debian focal main\">/etc/apt/sources.list.d/openvpn-as-repo.list\nelse \necho \"Distro Not Supported\"\nfi\n\n## Apt Update & Install OpenVPN\napt update -y && apt -y install openvpn-as\n\n# UFW install\nufw_install\nufw allow 1194/udp\nsed -ie \"s/DEFAULT_FORWARD_POLICY=\\\"DROP\\\"/DEFAULT_FORWARD_POLICY=\\\"ACCEPT\\\"/g\" /etc/default/ufw\n\n# Cleanup\nstackscript_cleanup\n\n# Adding to display default password as last line in LISH console\nsleep 3\ncat /usr/local/openvpn_as/init.log | grep 'To login'; echo \"(password can be changed on Admin UI)\"","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required for creating DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"soa_email_address","label":"Admin Email for the server","default":""}]},{"id":804172,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Owncast One-Click","description":"Owncast One-Click","ordinal":76,"logo_url":"assets/owncast.svg","images":["linode/debian10"],"deployments_total":1695,"deployments_active":95,"is_public":true,"mine":false,"created":"2021-04-01T15:24:50","updated":"2023-09-26T17:22:39","rev_note":"","script":"#!/usr/bin/bash\n#\n#\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Add owncast user\nadduser owncast --disabled-password --gecos \"\"\n\n# Install dependencies\napt-get install -y libssl-dev unzip curl\n\n# Install Owncast\nmkdir -p /opt/owncast\ncd /opt/owncast || exit\n\ncurl -s https://owncast.online/install.sh | bash\nchown -R owncast:owncast /opt/owncast\n\n# Setup Owncast as a systemd service\ncat >/etc/systemd/system/owncast.service </etc/caddy/Caddyfile </etc/motd <\n#\n#\n## LAMP Stack Settings\n#\n#\n#\n#\n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n\n# This also sets some useful variables, like $IP and $FQDN\nsource \n\n## Update\napt_setup_update\n\n## Local Functions used by this StackScript\nfunction owncloud_install {\n system_install_package unzip php-gd php-json php-curl php-mbstring \\\n php-intl php-imagick php-xml php-zip\n PHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\n cd /var/www\n wget https://download.owncloud.com/server/stable/owncloud-complete-latest.zip\n unzip owncloud-complete-latest.zip\n chown -R www-data:www-data owncloud\n rm owncloud-complete-latest.zip\n local -a input_text=(\n \"Alias / \\\"/var/www/owncloud/\\\"\"\n \"\"\n \" Options +FollowSymlinks\"\n \" AllowOverride All\"\n \"\"\n \" Dav off\"\n \"\"\n \"SetEnv HOME /var/www/owncloud\"\n \"SetEnv HTTP_HOME /var/www/owncloud\"\n \"\"\n )\n for i in \"${input_text[@]}\"; do\n echo \"$i\" >> /etc/apache2/sites-available/owncloud.conf\n done\n a2ensite owncloud\n a2enmod rewrite headers env dir mime\n sed -i '/^memory_limit =/s/=.*/= 512M/' /etc/php/$PHP_VERSION/apache2/php.ini\n systemctl restart apache2\n echo \"ownCloud is installed\"\n}\n\nfunction owncloud_vhost_configure {\n local -r fqdn=\"$1\"\n local -r soa_email_address=\"$2\"\n local -a input_text=(\n \"\"\n \" ServerName ${fqdn}\"\n \" ServerAdmin ${soa_email_address}\"\n \" DocumentRoot /var/www/owncloud\"\n \" \"\n \" Require all granted\"\n \" AllowOverride All\"\n \" Options FollowSymLinks MultiViews\"\n \" SetEnv HOME /var/www/owncloud\"\n \" SetEnv HTTP_HOME /var/www/owncloud\"\n \" \"\n \"\"\n )\n echo \"\" >> /etc/apache2/sites-available/owncloud.conf\n for i in \"${input_text[@]}\"; do\n echo \"$i\" >> /etc/apache2/sites-available/owncloud.conf\n done\n}\n\n## Main Script\n# Install and configure the LAMP Stack\nlamp_stack \"$DB_NAME\" \"$DB_ROOT_PASSWORD\" \"${DB_USERNAME:-owncloud}\" \"$DB_USER_PASSWORD\"\n\n# Install ownCloud to be accessed via domain and configure the VirtualHost\nowncloud_install \"$FQDN\"\nowncloud_vhost_configure \"$FQDN\" \"$SOA_EMAIL_ADDRESS\"\n\n# Configure ownCloud - This replaces the installer GUI that was in the previous version of this OCA\nsudo -u www-data php /var/www/owncloud/occ maintenance:install \\\n --database \"mysql\" \\\n --database-name \"$DB_NAME\" \\\n --database-user \"${DB_USERNAME:-owncloud}\" \\\n --database-pass \"$DB_USER_PASSWORD\" \\\n --admin-user \"$OC_ADMIN\" \\\n --admin-pass \"$OC_ADMIN_PASSWORD\"\nsudo -u www-data php /var/www/owncloud/occ conf:sys:set trusted_domains 1 --value=$FQDN\nsudo -u www-data php /var/www/owncloud/occ conf:sys:set trusted_domains 2 --value=$IP\necho \"Trusted Domain setting added\"\n\n# Open the needed firewall ports\nufw allow http\nufw allow https\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"oc_admin","label":"The name of the admin user for ownCloud"},{"name":"oc_admin_password","label":"The password for ownCloud's admin user"},{"name":"soa_email_address","label":"Admin Email for the ownCloud server"},{"name":"db_name","label":"The name of the database","default":"owncloud"},{"name":"db_root_password","label":"The root password for the database"},{"name":"db_username","label":"The name of the database user to create","default":"owncloud"},{"name":"db_user_password","label":"The password for the created database user"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is required for creating DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""}]},{"id":1102906,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Passky One-Click","description":"Passky One-Click app","ordinal":78,"logo_url":"assets/passky.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":158,"deployments_active":11,"is_public":true,"mine":false,"created":"2022-12-20T17:48:51","updated":"2023-09-23T23:06:15","rev_note":"","script":"#!/bin/bash\n\n# \n# \n# \n# \n\n# Motd\ncat << EOF > /etc/motd\n _____ _ \n | __ \\ | | \n | |__) |_ _ ___ ___| | ___ _ \n | ___/ _\\` / __/ __| |/ / | | |\n | | | (_| \\__ \\__ \\ <| |_| |\n |_| \\__,_|___/___/_|\\_\\\\__, |\n __/ |\n |___/ \nInstalling...\nPlease logout and come back in few minutes.\nEOF\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\nDEBIAN_FRONTEND=noninteractive apt-get -y -o DPkg::options::=\"--force-confdef\" -o DPkg::options::=\"--force-confold\" install grub-pc\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n## Import the Bash StackScript Library\nsource \n\n# Install docker compose\nsystem_install_package docker-compose\n\n#\n# Passky Server\n#\nwget https://github.com/Rabbit-Company/Passky-Server/releases/latest/download/passky-server.tar.xz\ntar -xf passky-server.tar.xz\ncd passky-server\ncp .env.example .env\n\nSERVER_CORES=$(grep -c ^processor /proc/cpuinfo)\nIP_ADDRESS=$(system_primary_ip)\n\nsed -i \"s/SERVER_CORES=1/SERVER_CORES=$SERVER_CORES/g\" .env\nsed -i \"s/ADMIN_USERNAME=admin/ADMIN_USERNAME=$ADMINUSER/g\" .env\nsed -i \"s/ADMIN_PASSWORD=/ADMIN_PASSWORD=$ADMIN_PASSWORD/g\" .env\n\ndocker-compose up -d\n\napache_install\na2enmod proxy && a2enmod proxy_http && systemctl restart apache2\necho \"\" > /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPreserveHost On\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyRequests Off\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ServerName $WEBSITE\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPass / http://localhost:8080/\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPassReverse / http://localhost:8080/\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \"\" >> /etc/apache2/sites-available/$WEBSITE.conf\na2ensite \"$WEBSITE\"\nsystemctl restart apache2\n\n# Install SSL\nsystem_install_package python3-certbot-apache\ncat << EOF > /usr/local/bin/installCert\n#!/bin/bash\nif ! certbot -n --apache --agree-tos --redirect -d $WEBSITE -m $EMAIL; then\n echo \"There was a problem while installing SSL certificate. Make sure your A record for domain: $WEBSITE does redirect to IP: $IP_ADDRESS\"\nelse\n echo \"Certificate installed successfully.\"\nfi\nEOF\nchmod +x /usr/local/bin/installCert\n\n# Configure auto-renewal for the certificate\ncrontab -l > cron\necho \"0 4 * * * /usr/bin/certbot renew\" >> cron\ncrontab cron\nrm cron\n\nstackscript_cleanup\n\n# Motd\ncat << EOF > /etc/motd\n _____ _ \n | __ \\ | | \n | |__) |_ _ ___ ___| | ___ _ \n | ___/ _\\` / __/ __| |/ / | | |\n | | | (_| \\__ \\__ \\ <| |_| |\n |_| \\__,_|___/___/_|\\_\\\\__, |\n __/ |\n |___/ \nAdmin Panel:\n Link: http://$IP_ADDRESS (https://$WEBSITE)\n Username: $ADMINUSER\n Password: $ADMIN_PASSWORD\nTo install SSL certificate please run command: installCert\nEOF","user_defined_fields":[{"name":"website","label":"Website","example":"passky.domain.com"},{"name":"email","label":"Email Address","example":"info@rabbit-company.com"},{"name":"adminuser","label":"Admin Username"},{"name":"admin_password","label":"Admin Password"}]},{"id":804143,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Peppermint One-Click","description":"Peppermint One-Click","ordinal":79,"logo_url":"assets/peppermint.svg","images":["linode/debian10","linode/ubuntu20.04"],"deployments_total":1664,"deployments_active":153,"is_public":true,"mine":false,"created":"2021-04-01T12:45:15","updated":"2023-09-28T13:43:33","rev_note":"","script":"#!/bin/bash\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# Docker install\napt install docker docker-compose -y\n\n# Configure service file\ncat < /etc/systemd/system/peppermint.service\n[Unit]\nDescription=Docker Compose Peppermint Application Service\nRequires=peppermint.service\nAfter=peppermint.service\n[Service]\nType=oneshot\nRemainAfterExit=yes\nExecStart=/usr/bin/docker-compose up -d\nExecStop=/usr/bin/docker-compose down\nExecReload=/usr/bin/docker-compose up -d\nWorkingDirectory=/etc/docker/compose/peppermint/\n[Install]\nWantedBy=multi-user.target\nEND\n\n# Get Docker Composer file\nmkdir -p /etc/docker/compose/peppermint/\ncd /etc/docker/compose/peppermint/\n#wget https://raw.githubusercontent.com/Peppermint-Lab/Peppermint/master/docker-compose.yml\ncat < /etc/docker/compose/peppermint/docker-compose.yml\nversion: \"3.1\"\n\nservices:\n postgres:\n container_name: postgres\n image: postgres:latest\n restart: always\n volumes:\n - ./docker-data/db:/data/db\n environment: \n POSTGRES_USER: peppermint\n POSTGRES_PASSWORD: 1234\n POSTGRES_DB: peppermint\n\n client:\n container_name: peppermint\n image: pepperlabs/peppermint:latest\n ports:\n - 5001:5001\n restart: on-failure\n depends_on:\n - postgres\n environment:\n PORT: 5001\n DB_USERNAME: peppermint\n DB_PASSWORD: 1234\n DB_HOST: 'postgres'\n BASE_URL: \"http://$IP:5001\"\nEND\n\n# Enable Peppermint daemon\nsystemctl daemon-reload\nsystemctl enable peppermint.service\nsystemctl start peppermint.service\n\n# UFW\nufw allow 5001\n\n# Stackscript Cleanup\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"","user_defined_fields":[]},{"id":644908,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Percona (PMM) One-Click","description":"Percona One-Click","ordinal":80,"logo_url":"assets/percona.svg","images":["linode/debian10"],"deployments_total":189,"deployments_active":8,"is_public":true,"mine":false,"created":"2020-04-30T14:49:38","updated":"2023-09-23T13:29:51","rev_note":"","script":"#!/bin/bash\n# \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Docker\napt -y install docker.io\nsystemctl enable docker.service\n\n#PMM \ndocker pull percona/pmm-server:2\ndocker create -v /srv --name pmm2-data percona/pmm-server:2 /bin/true\ndocker run -d -p 80:80 -p 443:443 \\\n --volumes-from pmm2-data \\\n --name pmm2-server \\\n --restart always percona/pmm-server:2\n\necho \"Waiting for PMM to initialize to set password...\"\n\nuntil [ \"`docker inspect -f {{.State.Health.Status}} pmm2-server`\" = \"healthy\" ]; do sleep 1; done\n\ndocker exec -t pmm2-server bash -c \"ln -s /srv/grafana /usr/share/grafana/data; grafana-cli --homepath /usr/share/grafana admin reset-admin-password $PMMPASSWORD\"\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"pmmpassword","label":"Admin Password","example":"Admin User Password for PMM Server"}]},{"id":609018,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"phpMyAdmin One-Click","description":"phpMyAdmin One-Click","ordinal":81,"logo_url":"assets/phpmyadmin.svg","images":["linode/debian11"],"deployments_total":2055,"deployments_active":112,"is_public":true,"mine":false,"created":"2019-11-05T00:28:33","updated":"2023-09-28T17:56:38","rev_note":"Initial import","script":"#!/bin/bash\n#\n#\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname\nset_hostname\n\n# Update system\napt_setup_update\n\n# Install/configure MySQL, Add Admin User\napt-get install -y mariadb-server\nsystemctl enable mariadb --now\nrun_mysql_secure_installation\nmysql -u root -e \"CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD'\"\nmysql -u root -e \"GRANT ALL PRIVILEGES ON *.* TO '$DB_USER'@'localhost' WITH GRANT OPTION\"\nmysql -u root -e \"FLUSH PRIVILEGES\"\n\n# Install PHP\necho 'phpmyadmin phpmyadmin/dbconfig-install boolean true' | debconf-set-selections\necho 'phpmyadmin phpmyadmin/mysql/admin-pass password $DBROOT_PASSWORD' | debconf-set-selections\necho 'phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2' | debconf-set-selections\napt-get install -y phpmyadmin libapache2-mod-php7.4\n\n# Configure ufw\nufw_install\nufw allow http\nufw reload\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"db_user","label":"phpMyAdmin/MySQL Admin User","example":"admin"},{"name":"dbuser_password","label":"phpMyAdmin/MySQL Admin Password"},{"name":"dbroot_password","label":"MySQL root Password"}]},{"id":970522,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Pi-hole One-Click","description":"Pi-hole One-Click","ordinal":82,"logo_url":"assets/pihole.svg","images":["linode/ubuntu20.04"],"deployments_total":3612,"deployments_active":228,"is_public":true,"mine":false,"created":"2022-02-07T16:04:53","updated":"2023-09-28T06:54:19","rev_note":"","script":"#!/usr/bin/env bash\n\n## PIHOLE Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nIPV4=$(ip a | awk '/inet / {print $2}'| sed -n '2 p')\nIPV6=$(ip -6 a | grep inet6 | awk '/global/{print $2}' | cut -d/ -f1)\nGENPIHOLEPASSWD=$(echo -n $PIHOLE_PASSWORD | sha256sum | awk '{printf \"%s\",$1 }' | sha256sum)\nPIHOLE_PASSWD=${GENPIHOLEPASSWD:0:-1}\n\nfunction firewall {\n ufw allow 80\n ufw allow 53\n ufw allow 67\n ufw allow 547\n ufw allow 4711\n}\n\nfunction config_pihole {\n mkdir -p /etc/pihole\n cat < /etc/pihole/setupVars.conf\nPIHOLE_INTERFACE=eth0\nIPV4_ADDRESS=$IPV4\nIPV6_ADDRESS=$IPV6\nPIHOLE_DNS_1=8.8.8.8\nPIHOLE_DNS_2=8.8.4.4\nQUERY_LOGGING=true\nINSTALL_WEB_SERVER=true\nINSTALL_WEB_INTERFACE=true\nLIGHTTPD_ENABLED=true\nCACHE_SIZE=10000\nDNS_FQDN_REQUIRED=true\nDNS_BOGUS_PRIV=true\nDNSMASQ_LISTENING=local\nWEBPASSWORD=$PIHOLE_PASSWD\nBLOCKING_ENABLED=true\nEND\n\ncurl -L https://install.pi-hole.net | bash /dev/stdin --unattended\n}\n\nfunction main {\n config_pihole\n firewall\n}\n\n# Execute script\napt_setup_update\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"pihole_password","label":"PIHOLE USER Password"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"This is the Email address for the SOA record","default":""}]},{"id":662119,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Plex One-Click","description":"Plex One-Click","ordinal":83,"logo_url":"assets/plex.svg","images":["linode/debian10"],"deployments_total":2821,"deployments_active":54,"is_public":true,"mine":false,"created":"2020-08-12T15:54:44","updated":"2023-09-28T18:53:14","rev_note":"","script":"#!/bin/bash\n# INPUT VARIABLES:\n# \n# \n# \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Limited user setup if username is not \"root\"\nif [ \"$USERNAME\" != \"root\" ]; then\n \n# ensure sudo is installed and configure secure user\n apt -y install sudo\n adduser -uid 1000 $USERNAME --disabled-password --gecos \"\"\n echo \"$USERNAME:$PASSWORD\" | chpasswd\n usermod -aG sudo $USERNAME\n \n# Harden SSH Access\n sed -i -e 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config\n \n# set home directory\n HOME=/home/$USERNAME\n \n# configure ssh key for secure user if provided\n if [ \"$SSHKEY\" != \"\" ]; then\n SSHDIR=$HOME/.ssh\n mkdir $SSHDIR && echo \"$SSHKEY\" >> $SSHDIR/authorized_keys\n chmod -R 700 $SSHDIR && chmod 600 $SSHDIR/authorized_keys\n chown -R $USERNAME:$USERNAME $SSHDIR\n fi\n \n# Enable SSH hardening\n systemctl restart sshd\n \n# Create docker group, add limited user, and enable\n groupadd docker\n usermod -aG docker $USERNAME\nfi\n\n# Install and configure UFW for Plex\nufw_install\nufw allow 32400,3005,8324,32469/tcp\nufw allow 1900,32410,32412,32413,32414/udp\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2\ncurl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker-ce\n\n# Install plex as limited user\ndocker pull plexinc/pms-docker\ndocker run \\\n -d \\\n --name plex \\\n --restart always \\\n -p 32400:32400/tcp \\\n -p 3005:3005/tcp \\\n -p 8324:8324/tcp \\\n -p 32469:32469/tcp \\\n -p 1900:1900/udp \\\n -p 32410:32410/udp \\\n -p 32412:32412/udp \\\n -p 32413:32413/udp \\\n -p 32414:32414/udp \\\n -e ADVERTISE_IP=\"http://$IP:32400/\" \\\n -h \"Linode Plex Server\" \\\n -v $HOME/plex/config:/config \\\n -v $HOME/plex/media:/media \\\n -v $HOME/plex/transcode:/transcode \\\n plexinc/pms-docker\n\n# Recursively update ownership of Plex directories after delay\nsleep 1\nchown -R $USERNAME:$USERNAME $HOME/plex\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"USERNAME","label":"Limited User Name (not 'root')"},{"name":"PASSWORD","label":"Limited User Password"},{"name":"SSHKEY","label":"Limited User SSH Key","default":"","example":"Usually found in: ./ssh/id_rsa.pub"}]},{"id":611376,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"PostgreSQL One-Click","description":"PostgreSQL One-Click","ordinal":84,"logo_url":"assets/postgresql.svg","images":["linode/debian11"],"deployments_total":2625,"deployments_active":182,"is_public":true,"mine":false,"created":"2019-11-13T06:05:28","updated":"2023-09-28T16:19:14","rev_note":"Initial import","script":"#!/bin/bash\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 22\nufw allow 5432\n\n# Install PostgreSQL\napt install -y postgresql postgresql-contrib\nsystemctl enable postgresql\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":1068726,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"PostgreSQL Cluster One-Click","description":"PostgreSQL Cluster","ordinal":85,"logo_url":"assets/postgresqlmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":102,"deployments_active":3,"is_public":true,"mine":false,"created":"2022-10-03T20:11:59","updated":"2023-09-18T16:40:38","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n\n# apt config\nexport DEBIAN_FRONTEND=noninteractive\n\n# git repo\nexport GIT_PAT=\"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\"\nexport GIT_REPO=\"https://linode-solutions:${GIT_PAT}@github.com/linode-solutions/postgresql-occ.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/postgresql-cluster\" ]; then\n rm -rf /tmp/postgresql-cluster\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[info] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependancies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n configure_privateip\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/postgresql-cluster\n cd /tmp/postgresql-cluster\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"token_password","label":"Your Linode API token"},{"name":"cluster_name","label":"Host Name"},{"name":"sudo_username","label":"The limited sudo user to be created in the cluster"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no","default":"yes"},{"name":"cluster_size","label":"PostgeSQL cluster size","default":"3","oneof":"3"}]},{"id":985364,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Prometheus & Grafana One-Click","description":"Prometheus and Grafana","ordinal":86,"logo_url":"assets/prometheusgrafana.svg","images":["linode/ubuntu20.04","linode/ubuntu22.04"],"deployments_total":516,"deployments_active":57,"is_public":true,"mine":false,"created":"2022-03-08T17:03:20","updated":"2023-09-28T07:59:21","rev_note":"","script":"#!/usr/bin/env bash\n## Updated: 01-17-2023\n## Author: n0vabyte, Elvis Segura, esegura@linode.com\n\n#\n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\ncreds=\"/root/credentials.txt\"\nprometheus_htpasswd_file=\"/etc/nginx/.prometheus_htpasswd\"\n\nfunction add_firewalls {\n ufw allow http\n ufw allow https\n}\n\nfunction configure_nginx {\n apt-get install nginx apache2-utils -y\n cat << EOF > /etc/nginx/sites-available/$FQDN.conf\nserver {\n listen 80;\n server_name $FQDN;\n location / {\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:3000;\n }\n location /prometheus/ {\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:9090;\n auth_basic \"Restricted Area\";\n auth_basic_user_file $prometheus_htpasswd_file;\n }\n# allow let's encrypt\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/html/.well-known;\n }\n}\nEOF\n\n ln -s /etc/nginx/sites-{available,enabled}/$FQDN.conf\n unlink /etc/nginx/sites-enabled/default\n systemctl reload nginx\n systemctl enable nginx\n}\n\nfunction install_node_exporter {\n groupadd --system prometheus\n useradd -s /sbin/nologin --system -g prometheus prometheus\n curl -s https://api.github.com/repos/prometheus/node_exporter/releases/latest | grep browser_download_url | grep linux-amd64 | cut -d '\"' -f 4 | wget -qi - \n tar -xvf node_exporter*.tar.gz\n chmod +x node_exporter-*/node_exporter\n chown prometheus:prometheus node_exporter\n mv node_exporter-*/node_exporter /usr/local/bin\n rm -fr node_exporter-*\n cat < /etc/systemd/system/node_exporter.service\n[Unit]\nDescription=Node Exporter\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=prometheus\nExecStart=/usr/local/bin/node_exporter\n[Install]\nWantedBy=default.target\nEOF\n systemctl daemon-reload\n systemctl start node_exporter\n systemctl enable node_exporter\n}\n\nfunction configure_prometheus {\n latest_version=$(curl -s https://raw.githubusercontent.com/prometheus/prometheus/main/VERSION)\n prom_conf=\"/etc/prometheus/prometheus.yml\"\n file_sd_targets=\"/etc/prometheus/file_sd_targets\"\n prometheus_conf_dir=\"/etc/prometheus\"\n prometheus_data_dir=\"/var/lib/prometheus\"\n mkdir $prometheus_conf_dir $prometheus_conf_dir/file_sd_targets \\\n $prometheus_conf_dir/rules $prometheus_data_dir\n\n wget https://github.com/prometheus/prometheus/releases/download/v$latest_version/prometheus-$latest_version.linux-amd64.tar.gz\n tar xvf prometheus-$latest_version.linux-amd64.tar.gz\n mv prometheus-$latest_version.linux-amd64/* $prometheus_conf_dir\n chown -R prometheus:prometheus $prometheus_conf_dir $prometheus_data_dir\n mv $prometheus_conf_dir/{prometheus,promtool} /usr/local/bin\n ## cleanup\n rm prometheus-$latest_version.linux-amd64.tar.gz\n rmdir prometheus-$latest_version.linux-amd64\n\n ## backup config before updating\n cp $prom_conf{,.bak}\n sed -i -e '/- job_name: \"prometheus\"/ s/^/#/' $prom_conf\n sed -i -e '/- targets:/ s/^/#/' $prom_conf\n sed -i -e '/static_configs/ s/^/#/g' $prom_conf\n ## add our config\n cat << EOF >> $prom_conf\n#########################################\n## Local Prometheus Instance - This Box #\n#########################################\n - job_name: local_prometheus\n scrape_interval: 3s\n file_sd_configs:\n - files:\n - file_sd_targets/local_prometheus.yml\n honor_labels: true\n relabel_configs:\n - regex: (.*)\n replacement: \\${1}:9100\n source_labels:\n - __address__\n target_label: __address__\n - regex: (.+)\n replacement: \\${1}\n source_labels:\n - __instance\n target_label: instance\nEOF\n ## add to file_sd_targets\n cat << EOF >> $file_sd_targets/local_prometheus.yml\n- labels:\n __instance: prometheus\n cluster: local\n targets:\n - 127.0.0.1\nEOF\n cat << EOF > /etc/systemd/system/prometheus.service\n[Unit]\nDescription=Prometheus\nDocumentation=https://prometheus.io/docs/introduction/overview/\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=prometheus\nGroup=prometheus\nType=simple\nExecStart=/usr/local/bin/prometheus \\\n--config.file /etc/prometheus/prometheus.yml \\\n--storage.tsdb.path $prometheus_data_dir/ \\\n--web.console.templates=$prometheus_conf_dir/consoles \\\n--web.console.libraries=$prometheus_conf_dir/console_libraries \\\n--web.listen-address=127.0.0.1:9090 \\\n--web.external-url=https://$FQDN/prometheus \\\n--storage.tsdb.retention=60d\nRestart=always\nExecReload=/usr/bin/kill -HUP \\$MAINPID\nTimeoutStopSec=20s\nOOMScoreAdjust=-900\nSendSIGKILL=no\n[Install]\nWantedBy=multi-user.target\nEOF\n systemctl daemon-reload\n systemctl start prometheus\n systemctl enable prometheus\n\n ## protect with htpasswd\n prometheus_htpasswd=$(openssl rand -base64 32)\n htpasswd -cb $prometheus_htpasswd_file prometheus $prometheus_htpasswd\n ## log credentials locally\n cat << EOF >> $creds\n#################\n# Prometheus #\n#################\nLocation: https://$FQDN/prometheus\nUsername: prometheus\nPassword: $prometheus_htpasswd\nEOF\n ## sanity check\n function fallback {\n echo \"[FATAL] Creating custom configuration failed. Restoring old configuration\"\n cp $prom_conf{.bak,}\n systemctl restart prometheus\n sleep 2\n systemctl is-active prometheus\n if [ $? -ne 0 ]; then\n echo \"[CRITICAL] Encoutered unexpected error while configuring Prometheus. Please reach out to Support.\"\n exit 2\n fi\n }\n systemctl is-active prometheus\n if [ $? -ne 0 ]; then\n echo \"[ERROR] Prometheus is not running. Falling back to default config..\"\n fallback\n fi\n\n}\n\nfunction configure_grafana {\n echo \"[info] configuring Grafana - Installing Packages\"\n apt-get install -y apt-transport-https \\\n software-properties-common \\\n wget \\\n gnupg2 \\\n sqlite3\n\n wget -q -O /usr/share/keyrings/grafana.key https://apt.grafana.com/gpg.key\n echo \"deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main\" | sudo tee -a /etc/apt/sources.list.d/grafana.list\n apt-get -y update\n apt-get -y install grafana\n\n ## reset Grafana admin password\n grafana_password=$(openssl rand -base64 32)\n\n echo \"[info] updating grafana config\"\n sed -i -e 's/;admin_user = admin/admin_user = admin/g' /etc/grafana/grafana.ini\n sed -i \"s|;admin_password = admin|admin_password = $grafana_password|g\" /etc/grafana/grafana.ini\n\n echo \"[info] starting grafana-server\"\n systemctl start grafana-server\n systemctl enable grafana-server\n\n ## log credentials locally\n cat << EOF >> $creds\n##############\n# Grafana #\n##############\nLocation: https://$FQDN/\nUsername: admin\nPassword: $grafana_password\nEOF\n}\n\nfunction ssl_grafana {\n apt install -y certbot python3-certbot-nginx\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction main {\n add_firewalls\n configure_nginx\n install_node_exporter\n configure_prometheus\n configure_grafana\n ssl_grafana\n}\n\n## execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"This email is for the LetsEncrypt SSL certificate"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":607034,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Prometheus One-Click","description":"Prometheus One Click App","ordinal":87,"logo_url":"assets/prometheus.svg","images":["linode/debian10"],"deployments_total":348,"deployments_active":12,"is_public":true,"mine":false,"created":"2019-10-29T20:59:30","updated":"2023-09-25T20:29:04","rev_note":"Initial import","script":"#!/bin/bash\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Prometheus\ngroupadd --system prometheus\nuseradd -s /sbin/nologin --system -g prometheus prometheus\nmkdir /var/lib/prometheus\nfor i in rules rules.d files_sd; do mkdir -p /etc/prometheus/${i}; done\napt-get -y install wget\nmkdir -p /tmp/prometheus && cd /tmp/prometheus\ncurl -s https://api.github.com/repos/prometheus/prometheus/releases/latest \\\n | grep browser_download_url \\\n | grep linux-amd64 \\\n | cut -d '\"' -f 4 \\\n | wget -qi -\ntar xvf prometheus*.tar.gz\ncd prometheus*/\nmv prometheus promtool /usr/local/bin/\nmv prometheus.yml /etc/prometheus/prometheus.yml\nmv consoles/ console_libraries/ /etc/prometheus/\ncd ~/\nrm -rf /tmp/prometheus\n\n# Edit Prometheus config\nsudo tee /etc/prometheus/prometheus.yml</etc/systemd/system/prometheus.service\n[Unit]\nDescription=Prometheus\nDocumentation=https://prometheus.io/docs/introduction/overview/\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=simple\nUser=prometheus\nGroup=prometheus\nExecReload=/bin/kill -HUP $MAINPID\nExecStart=/usr/local/bin/prometheus \\\n --config.file=/etc/prometheus/prometheus.yml \\\n --storage.tsdb.path=/var/lib/prometheus \\\n --web.console.templates=/etc/prometheus/consoles \\\n --web.console.libraries=/etc/prometheus/console_libraries \\\n --web.listen-address=0.0.0.0:9090 \\\n --web.external-url=\n\nSyslogIdentifier=prometheus\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=multi-user.target\nEND\n\nfor i in rules rules.d files_sd; do chown -R prometheus:prometheus /etc/prometheus/${i}; done\nfor i in rules rules.d files_sd; do chmod -R 775 /etc/prometheus/${i}; done\nchown -R prometheus:prometheus /var/lib/prometheus/\n\n# Add node_exporter & Enable services\ncurl -s https://api.github.com/repos/prometheus/node_exporter/releases/latest \\\n| grep browser_download_url \\\n| grep linux-amd64 \\\n| cut -d '\"' -f 4 \\\n| wget -qi -\n\ntar -xvf node_exporter*.tar.gz\ncd node_exporter*/\ncp node_exporter /usr/local/bin\nnode_exporter --version\n\ncat </etc/systemd/system/node_exporter.service\n[Unit]\nDescription=Node Exporter\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nUser=prometheus\nExecStart=/usr/local/bin/node_exporter\n\n[Install]\nWantedBy=default.target\nEND\n\nsystemctl daemon-reload\nsystemctl start prometheus\nsystemctl enable prometheus\nsystemctl start node_exporter\nsystemctl enable node_exporter\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[]},{"id":688890,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"RabbitMQ One-Click","description":"RabbitMQ One-Click","ordinal":88,"logo_url":"assets/rabbitmq.svg","images":["linode/debian10"],"deployments_total":364,"deployments_active":52,"is_public":true,"mine":false,"created":"2020-11-17T20:53:00","updated":"2023-09-22T17:10:00","rev_note":"","script":"#!/bin/bash\n#\n#\n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Set hostname, configure apt and perform update/upgrade\napt_setup_update\n\n## Install prerequisites\napt-get install curl gnupg -y\n\n## Get RabbitMQ \n$ curl -fsSL https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc | sudo apt-key add -\nsudo apt-key adv --keyserver \"hkps://keys.openpgp.org\" --recv-keys \"0x0A9AF2115F4687BD29803A206B73A36E6026DFCA\"\n## Install apt HTTPS transport\napt-get install apt-transport-https\n\n## Add Bintray repositories that provision latest RabbitMQ and Erlang 23.x releases\ntee /etc/apt/sources.list.d/bintray.rabbitmq.list <\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# System Update\nset_hostname\napt_setup_update\n\nfunction install_redis {\n apt install -y redis-server\n systemctl enable redis-server\n}\n\nfunction redis_config {\n sed -ie \"s/supervised no/supervised systemd/g\" /etc/redis/redis.conf\n sed -ie \"s/appendonly no/appendonly yes/g\" /etc/redis/redis.conf\n systemctl restart redis-server\n}\n\nfunction main {\n install_redis\n redis_config\n}\nmain\n\n# cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for SOA Recorf","default":""}]},{"id":1132204,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Marketplace App for Redis® Sentinel Cluster One-Click","description":"Redis Sentinel One-Click Cluster","ordinal":90,"logo_url":"assets/redissentinelmarketplaceocc.svg","images":["linode/ubuntu22.04"],"deployments_total":122,"deployments_active":15,"is_public":true,"mine":false,"created":"2023-02-27T20:05:44","updated":"2023-09-27T15:05:52","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_PAT=\"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\"\nexport GIT_REPO=\"https://linode-solutions:${GIT_PAT}@github.com/linode-solutions/redis-occ-beta.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/linode\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"","user_defined_fields":[{"name":"token_password","label":"Your Linode API token"},{"name":"sudo_username","label":"The limited sudo user to be created in the cluster"},{"name":"sslheader","label":"SSL Information","header":"Yes","default":"Yes","required":"Yes"},{"name":"country_name","label":"Details for self-signed SSL certificates: Country or Region","oneof":"AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW"},{"name":"state_or_province_name","label":"State or Province","example":"Example: Pennsylvania"},{"name":"locality_name","label":"Locality","example":"Example: Philadelphia"},{"name":"organization_name","label":"Organization","example":"Example: Akamai Technologies"},{"name":"email_address","label":"Email Address","example":"Example: user@domain.tld"},{"name":"ca_common_name","label":"CA Common Name","default":"Redis CA"},{"name":"common_name","label":"Common Name","default":"Redis Server"},{"name":"clusterheader","label":"Cluster Settings","default":"Yes","header":"Yes"},{"name":"add_ssh_keys","label":"Add Account SSH Keys to All Nodes?","oneof":"yes,no","default":"yes"},{"name":"cluster_size","label":"Redis cluster size","default":"3","oneof":"3,5"}]},{"id":923036,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Restyaboard One-Click","description":"Restyaboard One-Click","ordinal":91,"logo_url":"assets/restyaboard.svg","images":["linode/centos7","linode/debian10","linode/ubuntu20.04"],"deployments_total":197,"deployments_active":2,"is_public":true,"mine":false,"created":"2021-10-18T01:07:09","updated":"2023-09-28T15:11:35","rev_note":"","script":"#!/bin/bash\n#\n# Install script for Restyaboard\n#\n# Usage: ./restyaboard.sh\n#\n# Copyright (c) 2014-2021 Restya.\n# Dual License (OSL 3.0 & Commercial License)\n{\n\tmain() {\n\t\tif [[ $EUID -ne 0 ]];\n\t\tthen\n\t\t\techo \"This script must be run as root\"\n\t\t\texit 1\n\t\tfi\n\t\tset -x\n\t\twhoami\n\t\t#\n\t\t# Checking the OS name and OS version\n\t\t#\n\t\tfind_release ()\n\t\t{\n\t\t\t# Checking the Ubuntu OS\n\t\t\tif [ -f /etc/lsb-release ]; then\n\t\t\t\tOS_REQUIREMENT=\"`grep DISTRIB_ID /etc/lsb-release`\"\n\t\t\t\tDISTRIB_ID='DISTRIB_ID='\n\t\t\t\tOS_NAME=$OS_REQUIREMENT$DISTRIB_ID\n\t\t\t\tarray=();\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" != \"$DISTRIB_ID\" ])\n\t\t\t\tthen\n\t\t\t\t\twhile [[ $OS_NAME ]]; do\n\t\t\t\t\tarray+=( \"${OS_NAME%%\"$DISTRIB_ID\"*}\" );\n\t\t\t\t\tOS_NAME=${OS_NAME#*\"$DISTRIB_ID\"};\n\t\t\t\t\tdone;\n\t\t\t\t\tOS_REQUIREMENT=${array[1]}\n\t\t\t\tfi\n\t\t\t\tOS_VERSION=\"`grep DISTRIB_RELEASE /etc/lsb-release`\"\n\t\t\t\tDISTRIB_RELEASE='DISTRIB_RELEASE='\n\t\t\t\tOS_Ver=$OS_VERSION$DISTRIB_RELEASE\n\t\t\t\tversion=();\n\t\t\t\tif ([ \"$OS_VERSION\" != \"$DISTRIB_RELEASE\" ])\n\t\t\t\tthen\n\t\t\t\t\twhile [[ $OS_Ver ]]; do\n\t\t\t\t\tversion+=( \"${OS_Ver%%\"$DISTRIB_RELEASE\"*}\" );\n\t\t\t\t\tOS_Ver=${OS_Ver#*\"$DISTRIB_RELEASE\"};\n\t\t\t\t\tdone;\n\t\t\t\t\tOS_VERSION=${version[1]}\n\t\t\t\tfi\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the Redhat, Fedora, and Centos\n\t\t\tif [ -f /etc/redhat-release ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/redhat-release | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/redhat-release | cut -d ' ' -f 4 | cut -d '.' -f 1`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the Debian OS\n\t\t\tif [ -f /etc/issue ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/issue | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/issue | cut -d ' ' -f 3`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the OpenBSD \n\t\t\tif [ -f /etc/motd ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/motd | head -1 | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/motd | head -1 | cut -d ' ' -f 2`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t}\n\t\tfindbin ()\n {\n ret=0\n newpath=`echo $PATH | tr : ' '`\n for i in ${newpath}; do\n\t\t\t\tif [ -x $i/$1 ]; then\n\t\t\t\t\tret=1\n\t\t\t\t\tbreak\n\t\t\t\tfi\n done\n echo $ret\n return \n }\n checkdeps()\n {\n pkginfo=\"dpkg rpm ipkg pkg_info\"\n for i in $pkginfo; do\n ret=`findbin $i`\n if [ $ret -eq 1 ]; then\n\t\t\t\t\tpkginfo=$i\n\t\t\t\t\techo \"Yes, found $i, so we'll use that for listing packages\"\n\t\t\t\t\tbreak\n fi\n done\n\n if [ ${pkginfo} = \"pkg_info\" ]; then\n # BSD needs PKG_PATH set to load anything over the net.\n if [ x${PKG_PATH} = x ]; then\n\t\t\t\t\techo \"Please set the environment variable PKG_PATH and try again.\"\n\t\t\t\t\texit 1\n fi\n fi\n \n \n pkg_name=\"yum apt-get ipkg pkg_add\"\n for i in ${pkg_name}; do\n ret=`findbin $i`\n if [ $ret -eq 1 ]; then\n pkg_name=$i\n\t\t\t\t\techo \"Yes, found $i, so we'll use that to install packages\"\n\t\t\t\t\tbreak\n fi\n done\n \n\n for i in ${genericdeps} ${gtkdeps} ${kdedeps}; do\n case $pkginfo in\n dpkg)\n deps=\"`dpkg -l \"*$i*\" | grep -- \"^ii\" | cut -d ' ' -f 3`\"\n ;;\n rpm)\n deps=\"`rpm -q $i`\"\n ;;\n pkg_info)\n deps=\"`pkg_info | grep \"$i\" | sed -e 's: .*$::'`\"\n ;;\n ipkg)\n deps=\"todo\"\n ;;\n *)\n echo \"ERROR: No package manager found!\"\n exit 1\n ;;\n esac\n found=`echo ${deps} | grep -v 'not installed' | grep -c \"${i}\" 2>&1`\n if [ $found -gt 0 ]; then\n \techo \"Yes, found $i\"\n else\n\t\t\t\t\techo \"Nope, $i appears to not be installed\"\n\t\t\t\t\tmissing=\"${missing} $i\"\n fi\n done\n\n if [ -n \"${missing}\" ]; then\n echo \"package(s)\\\"${missing}\\\" are missing!\"\n echo \"You will need sudo priviledges to install the packages\"\n if [ x$yes = xno ]; then\n \t$debug sudo ${pkgnet} install ${missing}\n else\n \t$debug sudo ${pkgnet} -y install ${missing}\n fi\n fi\n }\n\t\tinstall_nginx() \n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n echo \"Checking nginx...\"\n if ! which nginx > /dev/null 2>&1; then\n echo \"nginx not installed!\"\n echo \"Installing nginx...\"\n apt install -y cron nginx\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"nginx installation failed with error code ${error_code} (nginx installation failed with error code 2)\"\n return 2\n fi\n if [ -f \"/etc/nginx/conf.d/default\" ]; then\n rm -rf /etc/nginx/conf.d/default\n fi\n if [ -f \"/etc/nginx/sites-enabled/default\" ]; then\n rm -rf /etc/nginx/sites-enabled/default\n fi\n if [ -f \"/etc/nginx/sites-available/default\" ]; then\n rm -rf /etc/nginx/sites-available/default\n fi\n service nginx start\n fi\n\t\t\telse\t\t\t\t\n echo \"Checking nginx...\"\n if ! which nginx > /dev/null 2>&1; then\n echo \"nginx not installed!\"\n echo \"Installing nginx...\"\n rpm -Uvh \"http://nginx.org/packages/centos/${OS_VERSION}/noarch/RPMS/nginx-release-centos-${OS_VERSION}-0.el${OS_VERSION}.ngx.noarch.rpm\"\n yum install -y zip cronie nginx\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"cron nginx installation failed with error code ${error_code} cron nginx installation failed with error code 18\"\n return 18\n fi\n if [ -f \"/etc/nginx/conf.d/default.conf\" ]; then\n rm -rf /etc/nginx/conf.d/default.conf\n fi\n if [ -f \"/etc/nginx/sites-enabled/default.conf\" ]; then\n rm -rf /etc/nginx/sites-enabled/default.conf\n fi\n if [ -f \"/etc/nginx/sites-available/default.conf\" ]; then\n rm -rf /etc/nginx/sites-available/default.conf\n fi\n service nginx start\n chkconfig --levels 35 nginx on\n fi\n\t\t\tfi\n\t\t}\n\t\tinstall_php()\n\t\t{\n\t\t\tif ! hash php 2>&-; then\n\t\t\t\techo \"PHP is not installed!\"\n if ([ \"$pkg_name\" = \"apt-get\" ])\n then\t\t\t\t\t\t\t\n echo \"Installing PHP...\"\n apt install -y php7.4 php7.4-common --allow-unauthenticated\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"PHP installation failed with error code ${error_code} (PHP installation failed with error code 3)\"\n return 3\n fi\n else \n if ([ \"$pkg_name\" = \"yum\" ])\n then\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n echo \"Note: For the latest version of PHP, we're going to download https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm and https://rpms.remirepo.net/enterprise/remi-release-8.rpm.\"\n echo \"Installing PHP...\"\n dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm\n dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm\n dnf module enable php:remi-7.4\n dnf -y install php php-cli php-common\n else\n yum install -y epel-release\n echo \"Note: For the latest version of PHP, we're going to download http://rpms.famillecollet.com/enterprise/remi-release-${OS_VERSION}.rpm.\"\n echo \"Installing PHP...\"\n rpm -Uvh \"http://rpms.famillecollet.com/enterprise/remi-release-${OS_VERSION}.rpm\"\n yum --enablerepo=remi-php74 install -y php\n fi\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"php installation failed with error code ${error_code} (php installation failed with error code 20)\"\n return 20\n fi\n fi\n fi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Installing PHP fpm and cli extension...\"\n\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\tthen\n\t\t\t\tapt install -y php7.4-fpm php7.4-cli --allow-unauthenticated\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"php7.4-cli installation failed with error code ${error_code} (php7.4-cli installation failed with error code 4)\"\n\t\t\t\tfi\n\t\t\t\tservice php7.4-fpm start\n\t\t\telse \n\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\tthen\n\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n \t\t\tthen\n\t\t\t\t\t\tdnf -y install php-fpm php-devel php-opcache\n\t\t\t\t\t\tdnf -y install php-json\n\t\t\t\t\telse\n\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-fpm php-devel php-cli php-opcache\n\t\t\t\t\tfi\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php-devel installation failed with error code ${error_code} (php-devel installation failed with error code 21)\"\n\t\t\t\t\t\treturn 21\n\t\t\t\t\tfi\t\t\t\t\t\n\t\t\t\t\tservice php-fpm start\n\t\t\t\tfi\n\t\t\tfi\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"....\"\n\t\t\telse\n\t\t\t\tchkconfig --levels 35 php-fpm on\t\t\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP curl extension...\"\n\t\t\tphp -m | grep curl\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-curl...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-curl --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-curl installation failed with error code ${error_code} (php7.4-curl installation failed with error code 5)\"\n\t\t\t\t\t\treturn 5\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-curl\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-curl\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-curl installation failed with error code ${error_code} (php-curl installation failed with error code 22)\"\n\t\t\t\t\t\t\treturn 22\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP pgsql extension...\"\n\t\t\tphp -m | grep pgsql\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-pgsql...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install libpq5\n\t\t\t\t\tapt install -y php7.4-pgsql --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-pgsql installation failed with error code ${error_code} (php7.4-pgsql installation failed with error code 6)\"\n\t\t\t\t\t\treturn 6\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-pgsql\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-pgsql\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-pgsql installation failed with error code ${error_code} (php-pgsql installation failed with error code 23)\"\n\t\t\t\t\t\t\treturn 23\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP mbstring extension...\"\n\t\t\tphp -m | grep mbstring\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-mbstring...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-mbstring --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-mbstring installation failed with error code ${error_code} (php7.4-mbstring installation failed with error code 7)\"\n\t\t\t\t\t\treturn 7\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-mbstring\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-mbstring\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-mbstring installation failed with error code ${error_code} (php-mbstring installation failed with error code 24)\"\n\t\t\t\t\t\t\treturn 24\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP ldap extension...\"\n\t\t\tphp -m | grep ldap\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-ldap...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-ldap --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-ldap installation failed with error code ${error_code} (php7.4-ldap installation failed with error code 8)\"\n\t\t\t\t\t\treturn 8\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-ldap\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-ldap\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-ldap installation failed with error code ${error_code} (php-ldap installation failed with error code 25)\"\n\t\t\t\t\t\t\treturn 25\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP imagick extension...\"\n\t\t\tphp -m | grep imagick\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-imagick...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y gcc\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"gcc installation failed with error code ${error_code} (gcc installation failed with error code 9)\"\n\t\t\t\t\t\treturn 9\n\t\t\t\t\tfi\n\t\t\t\t\tapt install -y imagemagick\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"imagemagick installation failed with error code ${error_code} (imagemagick installation failed with error code 9)\"\n\t\t\t\t\t\treturn 9\n\t\t\t\t\tfi\n\t\t\t\t\tapt install -y php7.4-imagick --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-imagick installation failed with error code ${error_code} (php7.4-imagick installation failed with error code 10)\"\n\t\t\t\t\t\treturn 10\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tyum install -y ImageM* netpbm gd gd-* libjpeg libexif gcc coreutils make\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-pear\n\t\t\t\t\t\t\tdnf -y install php-gd\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-pear\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-gd\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"Installing php-imagick failed with error code ${error_code} (Installing php-imagick failed with error code 26)\"\n\t\t\t\t\t\t\treturn 26\n\t\t\t\t\t\tfi\n\n\t\t\t\t\t\tcd /usr/local/src\n\t\t\t\t\t\twget http://pecl.php.net/get/imagick-2.2.2.tgz\n\t\t\t\t\t\ttar zxvf ./imagick-2.2.2.tgz\n\t\t\t\t\t\tcd imagick-2.2.2\n\t\t\t\t\t\tphpize\n\t\t\t\t\t\t./configure\n\t\t\t\t\t\tmake\n\t\t\t\t\t\tmake test\n\t\t\t\t\t\tmake install\n\t\t\t\t\t\techo \"extension=imagick.so\" >> /etc/php.ini\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP imap extension...\"\n\t\t\tphp -m | grep imap\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php7.4-imap...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-imap --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-imap installation failed with error code ${error_code} (php7.4-imap installation failed with error code 11)\"\n\t\t\t\t\t\treturn 11\n\t\t\t\t\tfi\n\t\t\t\telse\n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-imap\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-imap\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-imap installation failed with error code ${error_code} (php-imap installation failed with error code 26)\"\n\t\t\t\t\t\t\treturn 26\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking xml...\"\n\t\t\tphp -m | grep xml\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing xml...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install php7.4-xml --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"xml installation failed with error code ${error_code} (xml installation failed with error code 56)\"\n\t\t\t\t\t\treturn 56\n\t\t\t\t\tfi\n\t\t\t\telse\n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-xml\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-xml\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"xml installation failed with error code ${error_code} (xml installation failed with error code 57)\"\n\t\t\t\t\t\t\treturn 57\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tset_timezone()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\ttimezone=$(cat /etc/timezone)\n\t\t\t\tsed -i -e 's/date.timezone/;date.timezone/g' /etc/php/7.4/fpm/php.ini\n\t\t\t\techo \"date.timezone = $timezone\" >> /etc/php/7.4/fpm/php.ini\n\t\t\telse \n\t\t\t\tPHP_VERSION=$(php -v | grep \"PHP 5\" | sed 's/.*PHP \\([^-]*\\).*/\\1/' | cut -c 1-3)\n\t\t\t\techo \"Installed PHP version: '$PHP_VERSION'\"\n\t\t\t\ttimezone=$(cat /etc/sysconfig/clock | grep ZONE | cut -d\"\\\"\" -f2)\n\t\t\t\tsed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini\n\t\t\t\techo \"date.timezone = $timezone\" >> /etc/php.ini\n\t\t\tfi\n\t\t}\n\t\tinstall_postgresql()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tid -a postgres\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]; then\n\t\t\t\t\techo \"PostgreSQL not installed!\"\n echo \"Installing PostgreSQL...\"\n sh -c 'echo \"deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main\" > /etc/apt/sources.list.d/pgdg.list'\n apt install wget ca-certificates\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"ca-certificates installation failed with error code ${error_code} (ca-certificates installation failed with error code 12)\"\n fi\n wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc\n apt-key add ACCC4CF8.asc\n apt update\n apt install -y postgresql --allow-unauthenticated\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 13)\"\n return 13\n fi\n\t\t\t\telse\n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}' | head -1)\n\t\t\t\t\tif [[ ${PSQL_VERSION} == \"\" ]]; then\n\t\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^10\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=10\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^11\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=11\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^12\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=12\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ 1 -eq \"$(echo \"${PSQL_VERSION} < 9.3\" | bc)\" ]]; then\n\t\t\t\t\t\tset +x\n\t\t\t\t\t\techo \"Restyaboard will not work in your PostgreSQL version (i.e. less than 9.3). So script going to update PostgreSQL version 9.6\"\n\t\t\t\t\t\tsh -c 'echo \"deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main\" > /etc/apt/sources.list.d/pgdg.list'\n\t\t\t\t\t\tapt install wget ca-certificates\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"ca-certificates installation failed with error code ${error_code} (ca-certificates installation failed with error code 12)\"\n\t\t\t\t\t\tfi\n\t\t\t\t\t\twget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc\n\t\t\t\t\t\tapt-key add ACCC4CF8.asc\n\t\t\t\t\t\tapt update\n\t\t\t\t\t\tapt upgrade\n\t\t\t\t\t\tapt install -y postgresql --allow-unauthenticated\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 13)\"\n\t\t\t\t\t\t\treturn 13\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}' | head -1)\n\t\t\t\tif [[ ${PSQL_VERSION} == \"\" ]]; then\n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^10\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=10\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^11\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=11\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^12\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=12\n\t\t\t\tfi\n\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < /etc/postgresql/${PSQL_VERSION}/main/pg_hba.conf > /etc/postgresql/${PSQL_VERSION}/main/pg_hba.conf.1\n\t\t\t\tcd /etc/postgresql/${PSQL_VERSION}/main || exit\n\t\t\t\tmv pg_hba.conf pg_hba.conf_old\n\t\t\t\tmv pg_hba.conf.1 pg_hba.conf\n\t\t\t\tservice postgresql restart\n\t\t\telse\n\t\t\t\tif ! which psql > /dev/null 2>&1;\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL not installed!\"\n echo \"Installing PostgreSQL...\"\n if [ $(getconf LONG_BIT) = \"64\" ]; then\n if [[ $OS_REQUIREMENT = \"Fedora\" ]]; then\n dnf install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/F-${OS_VERSION}-x86_64/pgdg-fedora-repo-latest.noarch.rpm\"\n else\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" != \"8\" ])\n then\n yum install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/EL-${OS_VERSION}-x86_64/pgdg-redhat-repo-latest.noarch.rpm\"\n fi\n fi\n fi\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n dnf module enable postgresql:13\n dnf -y install postgresql-server postgresql-contrib postgresql-libs\n else\n yum install -y postgresql13 postgresql13-server postgresql13-contrib postgresql13-libs\t\n fi\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"postgresql13 installation failed with error code ${error_code} (postgresql13 installation failed with error code 29)\"\n return 29\n fi\n\t\t\t\telse \n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\t\tif [[ $PSQL_VERSION < 9.3 ]]; then\n\t\t\t\t\t\tset +x\n\t\t\t\t\t\techo \"Restyaboard will not work in your PostgreSQL version (i.e. less than 9.3). So script going to update PostgreSQL version 9.6\"\n\t\t\t\t\t\tif [ $(getconf LONG_BIT) = \"64\" ]; then\n\t\t\t\t\t\t\tif [[ $OS_REQUIREMENT = \"Fedora\" ]]; then\n\t\t\t\t\t\t\t\tdnf install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/F-${OS_VERSION}-x86_64/pgdg-fedora-repo-latest.noarch.rpm\"\n\t\t\t\t\t\t\telse\n\t\t\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" != \"8\" ])\n\t\t\t\t\t\t\t\tthen\n\t\t\t\t\t\t\t\t\tyum install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/EL-${OS_VERSION}-x86_64/pgdg-redhat-repo-latest.noarch.rpm\"\n\t\t\t\t\t\t\t\tfi\n\t\t\t\t\t\t\tfi\n\t\t\t\t\t\tfi\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf module enable postgresql:13\n\t\t\t\t\t\t\tdnf -y install postgresql-server postgresql-contrib postgresql-libs\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum install -y postgresql13 postgresql13-server postgresql13-contrib postgresql13-libs\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 29)\"\n\t\t\t\t\t\t\treturn 29\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^13\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=13\n\t\t\t\tfi\n\t\t\t\tPSQL_FOLDER=$(echo ${PSQL_VERSION} | sed 's/\\.//')\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tpostgresql-setup --initdb\n\t\t\t\telse\n\t\t\t\t\t\"/usr/pgsql-${PSQL_VERSION}/bin/postgresql-${PSQL_VERSION}-setup\" initdb\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsystemctl enable postgresql\n\t\t\t\t\tsystemctl start postgresql\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\tsystemctl start \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\t\tsystemctl enable \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\telse\n\t\t\t\t\t\t\"/etc/init.d/postgresql-${PSQL_VERSION}\" start\n\t\t\t\t\t\tchkconfig --levels 35 \"postgresql-${PSQL_VERSION}\" on\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < \"/var/lib/pgsql/data/pg_hba.conf\" > \"/var/lib/pgsql/data/pg_hba.conf.1\"\n\t\t\t\t\tcd \"/var/lib/pgsql/data\" || exit\n\t\t\t\telse\n\t\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < \"/var/lib/pgsql/${PSQL_VERSION}/data/pg_hba.conf\" > \"/var/lib/pgsql/${PSQL_VERSION}/data/pg_hba.conf.1\"\n\t\t\t\t\tcd \"/var/lib/pgsql/${PSQL_VERSION}/data\" || exit\n\t\t\t\tfi\n\t\t\t\tmv pg_hba.conf pg_hba.conf_old\n\t\t\t\tmv pg_hba.conf.1 pg_hba.conf\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsystemctl restart postgresql\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\tsystemctl restart \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\telse\n\t\t\t\t\t\t\"/etc/init.d/postgresql-${PSQL_VERSION}\" restart\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tinstall_geoip()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tif ! hash GeoIP-devel 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-geoip php7.4-dev libgeoip-dev\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-geoip php7.4-dev libgeoip-dev installation failed with error code ${error_code} (php7.4-geoip php7.4-dev libgeoip-dev installation failed with error code 50)\"\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\t\tif ! hash pecl/geoip 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tpecl install geoip\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"pecl geoip installation failed with error code ${error_code} (pecl geoip installation failed with error code 47)\"\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\t\techo \"extension=geoip.so\" >> /etc/php.ini\n\n\t\t\t\tmkdir -v /usr/share/GeoIP\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"GeoIP folder creation failed with error code ${error_code} (GeoIP folder creation failed with error code 52)\"\n\t\t\t\tfi\n\t\t\t\tget_geoip_data\n\t\t\telse\n\t\t\t\tif ! hash pecl/geoip 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tpecl install geoip\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"pecl geoip installation failed with error code ${error_code} (pecl geoip installation failed with error code 47)\"\n\t\t\t\t\t\treturn 47\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tconfigure_restyaboard()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n cp ${DOWNLOAD_DIR}/restyaboard.conf /etc/nginx/conf.d\n echo \"Changing server_name in nginx configuration...\"\n sed -i \"s/server_name.*$/server_name \\\"$IPADDR\\\";/\" /etc/nginx/conf.d/restyaboard.conf\n sed -i \"s|listen 80.*$|listen 80;|\" /etc/nginx/conf.d/restyaboard.conf\n mkdir -p \"$RESTYABOARD_DIR\"\n echo \"Changing root directory in nginx configuration...\"\n sed -i \"s|root.*html|root $RESTYABOARD_DIR|\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\telse\n cp ${DOWNLOAD_DIR}/restyaboard.conf /etc/nginx/conf.d\n sed -i \"s/server_name.*$/server_name \\\"$IPADDR\\\";/\" /etc/nginx/conf.d/restyaboard.conf\n sed -i \"s|listen 80.*$|listen 80;|\" /etc/nginx/conf.d/restyaboard.conf\n mkdir -p \"$RESTYABOARD_DIR\"\n echo \"Changing root directory in nginx configuration...\"\n sed -i \"s|root.*html|root $RESTYABOARD_DIR|\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\tfi\n\t\t}\n\t\tinstall_postfix()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"Installing postfix...\"\n\t\t\t\techo \"postfix postfix/mailname string $IPADDR\"\\\n\t\t\t\t| debconf-set-selections &&\\\n\t\t\t\techo \"postfix postfix/main_mailer_type string 'Internet Site'\"\\\n\t\t\t\t| debconf-set-selections &&\\\n\t\t\t\tapt install -y postfix\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"postfix installation failed with error code ${error_code} (postfix installation failed with error code 16)\"\n\t\t\t\tfi\n\t\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\t\tif [ -f \"/etc/php/${PHP_VERSION}/fpm/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php/${PHP_VERSION}/fpm/php.ini\n\t\t\t\tfi\n\t\t\t\tif [ -f \"/etc/php/${PHP_VERSION}/cli/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php/${PHP_VERSION}/cli/php.ini\n\t\t\t\tfi\n\t\t\t\tif [ -f \"/etc/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php.ini\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tchange_permission()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\tthen\n\t\t\t\tchcon -R -t httpd_sys_rw_content_t $RESTYABOARD_DIR/media/ $RESTYABOARD_DIR/tmp/cache/ $RESTYABOARD_DIR/client/img/\n\t\t\t\tchcon -Rv --type=httpd_t $RESTYABOARD_DIR/\n\t\t\tfi\n\t\t}\n\t\tpsql_connect()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL Changing the permission failed with error code ${error_code} (PostgreSQL Changing the permission failed with error code 34)\"\n\t\t\t\t\treturn 34\n\t\t\t\tfi\n\t\t\t\tsleep 1\n\t\t\t\techo \"Creating PostgreSQL user and database...\"\n\t\t\t\tpsql -U postgres -c \"DROP USER IF EXISTS ${POSTGRES_DBUSER};CREATE USER ${POSTGRES_DBUSER} WITH ENCRYPTED PASSWORD '${POSTGRES_DBPASS}'\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL user creation failed with error code ${error_code} (PostgreSQL user creation failed with error code 35)\"\n\t\t\t\t\treturn 35\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"CREATE DATABASE ${POSTGRES_DBNAME} OWNER ${POSTGRES_DBUSER} ENCODING 'UTF8' TEMPLATE template0\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database creation failed with error code ${error_code} (PostgreSQL database creation failed with error code 36)\"\n\t\t\t\t\treturn 36\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL extension creation failed with error code ${error_code} (PostgreSQL extension creation failed with error code 37)\"\n\t\t\t\t\treturn 37\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} = 0 ];\n\t\t\t\tthen\n\t\t\t\t\techo \"Importing empty SQL...\"\n\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/restyaboard_with_empty_data.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"PostgreSQL Empty SQL importing failed with error code ${error_code} (PostgreSQL Empty SQL importing failed with error code 39)\"\n\t\t\t\t\t\treturn 39\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\telse\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL Changing the permission failed with error code ${error_code} (PostgreSQL Changing the permission failed with error code 40)\"\n\t\t\t\t\treturn 40\n\t\t\t\tfi\t\t\t\n\t\t\t\tsleep 1\n\t\t\t\techo \"Creating PostgreSQL user and database...\"\n\t\t\t\tpsql -U postgres -c \"DROP USER IF EXISTS ${POSTGRES_DBUSER};CREATE USER ${POSTGRES_DBUSER} WITH ENCRYPTED PASSWORD '${POSTGRES_DBPASS}'\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL user creation failed with error code ${error_code} (PostgreSQL user creation failed with error code 41)\"\n\t\t\t\t\treturn 41\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"CREATE DATABASE ${POSTGRES_DBNAME} OWNER ${POSTGRES_DBUSER} ENCODING 'UTF8' TEMPLATE template0\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database creation failed with error code ${error_code} (PostgreSQL database creation failed with error code 42)\"\n\t\t\t\t\treturn 42\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL extension creation failed with error code ${error_code} (PostgreSQL extension creation failed with error code 43)\"\n\t\t\t\t\treturn 43\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';\"\n\t\t\t\tif [ \"$?\" = 0 ];\n\t\t\t\tthen\n\t\t\t\t\techo \"Importing empty SQL...\"\n\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/restyaboard_with_empty_data.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"PostgreSQL Empty SQL importing failed with error code ${error_code} (PostgreSQL Empty SQL importing failed with error code 45)\"\n\t\t\t\t\t\treturn 45\n\t\t\t\t\tfi\t\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\t\tthen\n\t\t\t\t\tsetsebool -P allow_postfix_local_write_mail_spool 1\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tphp_fpm_reset()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \".........\"\n\t\t\telse\n\t\t\t\techo \"Reset php-fpm (use unix socket mode)...\"\n\t\t\t\tif [ -f \"/run/php/php7.4-fpm.sock\" ]; then\n\t\t\t\t\tsed -i \"s/listen = 127.0.0.1:9000/listen = \\/run\\/php\\/php7.4-fpm.sock/g\" /etc/php-fpm.d/www.conf\n\t\t\t\telif [ -f \"/run/php-fpm/www.sock\" ]; then\n\t\t\t\t\tsed -i \"s/listen = 127.0.0.1:9000/listen = \\/run\\/php-fpm\\/www.sock/g\" /etc/php-fpm.d/www.conf\n\t\t\t\t\tsed -i \"s/unix:\\/run\\/php\\/php7.4-fpm.sock/unix:\\/run\\/php-fpm\\/www.sock/g\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\t\telse\n\t\t\t\t\tsed -i \"s/unix:\\/run\\/php\\/php7.4-fpm.sock/127.0.0.1:9000/g\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tinstall_jq()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tapt install -y jq\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"jq installation failed with error code ${error_code} (jq installation failed with error code 53)\"\n\t\t\t\tfi\n\t\t\telse\n\t\t\t\tyum install -y jq\n\t\t\t\terror_code\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"jq installation failed with error code ${error_code} (jq installation failed with error code 49)\"\n\t\t\t\t\treturn 49\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tset_db_connection()\n\t\t{\t\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"Starting services...\"\n\t\t\t\tservice cron restart\n\t\t\t\tservice php7.4-fpm restart\n\t\t\t\tservice nginx restart\n\t\t\t\tservice postfix restart\n\t\t\t\tapt install -y python-pip\n\t\t\t\tpip install virtualenv\n\t\t\telse\n\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\telse\n\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\tfi\n\t\t\t\tyum install -y python-pip\n\t\t\t\tpip install virtualenv\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\t\tthen\n\t\t\t\t\tsetsebool -P httpd_can_network_connect_db=1\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tssl_connectivity()\n\t\t{\n\t\t\tif [[ $IPADDR =~ ^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$ ]]; then\n\t\t\t\techo \"SSL connectivity cannot be set for IP address\"\n\t\t\telse\n\t\t\t\tset +x\n\t\t\t\techo \"Do you want to set up SSL connectivity for your domain and your domain should be publicly accessible Restyaboard instance and your domain should be mappped to this Restyaboard Server, Note: If you're trying to set SSL for Non-publicly accessible instance, then your Restyaboard will not work (y/n)?\"\n\t\t\t\tread -r answer\n\t\t\t\tset -x\n\t\t\t\tcase \"${answer}\" in\n\t\t\t\t\t[Yy])\n\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tapt install certbot python3-certbot-nginx -y\n\t\t\t\t\t\tservice nginx restart\n\t\t\t\t\t\tservice php7.4-fpm restart\n\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\telse\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install epel-release\n\t\t\t\t\t\t\tdnf -y install certbot python3-certbot-nginx\n\t\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum install -y epel-release\n\t\t\t\t\t\t\tyum install certbot-nginx\n\t\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"SSL installation failed with error code ${error_code} (php installation failed with error code 20)\"\n\t\t\t\t\t\t\treturn 20\n\t\t\t\t\t\tfi\n\t\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tesac\n\t\t\tfi\n\t\t}\n\t\tfind_release\n\t\tcheckdeps\n\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n then\n\t\t\tapt update\n apt install -y net-tools\n\t\t\tapt install -y curl unzip\n\t\telse\n\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n \tthen\n yum install -y net-tools\n\t\t\t\tyum install -y curl unzip\n\t\t\tfi\n\t\tfi\n IFCONFIG_PATH=$(which ifconfig)\n IPADDR=$(${IFCONFIG_PATH} eth0 | awk '/inet / { print $2 }' | sed 's/addr://')\n\t\tRESTYABOARD_VERSION=$(curl --silent https://api.github.com/repos/RestyaPlatform/board/releases | grep tag_name -m 1 | awk '{print $2}' | sed -e 's/[^v0-9.]//g')\n\t\tPOSTGRES_DBHOST=localhost\n\t\tPOSTGRES_DBNAME=restyaboard\n\t\tPOSTGRES_DBUSER=restya\n\t\tPOSTGRES_DBPASS=hjVl2!rGd\n\t\tPOSTGRES_DBPORT=5432\n\t\tDOWNLOAD_DIR=/opt/restyaboard\n RESTYABOARD_DIR=/usr/share/nginx/html/restyaboard\n\t\t\n\t\tget_geoip_data () \n\t\t{\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIP.dat.gz\n\t\t\tgunzip GeoIP.dat.gz\n\t\t\tmv GeoIP.dat /usr/share/GeoIP/GeoIP.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz\n\t\t\tgunzip GeoIPv6.dat.gz\n\t\t\tmv GeoIPv6.dat /usr/share/GeoIP/GeoIPv6.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.xz\n\t\t\tunxz GeoLiteCity.dat.xz\n\t\t\tmv GeoLiteCity.dat /usr/share/GeoIP/GeoIPCity.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoLiteCityv6.dat.gz\n\t\t\tgunzip GeoLiteCityv6.dat.gz\n\t\t\tmv GeoLiteCityv6.dat /usr/share/GeoIP/GeoLiteCityv6.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPASNum.dat.gz\n\t\t\tgunzip GeoIPASNum.dat.gz\n\t\t\tmv GeoIPASNum.dat /usr/share/GeoIP/GeoIPASNum.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPASNumv6.dat.gz\n\t\t\tgunzip GeoIPASNumv6.dat.gz\n\t\t\tmv GeoIPASNumv6.dat /usr/share/GeoIP/GeoIPASNumv6.dat\n\t\t}\n\n\t\tupgrade-0.3-0.4()\n\t\t{\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/chat_activities.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/0 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/periodic_chat_email_notification.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/indexing_to_elasticsearch.sh//\" /var/spool/cron/crontabs/root\n\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/upgrade_v0.2.1_v0.3.php\n\n\t\t\trm -rf $RESTYABOARD_DIR/client/apps/\n\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/jaxl3/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp-prebind-php/\n\t\t}\n\n\t\tupgrade-0.4-0.4.1()\n\t\t{\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/chat_activities.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/0 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/periodic_chat_email_notification.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/indexing_to_elasticsearch.sh//\" /var/spool/cron/crontabs/root\n\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/upgrade_v0.2.1_v0.3.php\n\n\t\t\trm -rf $RESTYABOARD_DIR/client/apps/\n\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/jaxl3/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp-prebind-php/\n\t\t}\n\n\t\tupgrade-0.5.2-0.6()\n\t\t{\n\t\t\tsed -i \"s/rewrite ^\\/ical\\/.*/rewrite ^\\/ical\\/([0-9]*)\\/([0-9]*)\\/([a-z0-9]*).ics\\$ \\/server\\/php\\/ical.php?board_id=\\$1\\&user_id=\\$2\\&hash=\\$3 last;/\" /etc/nginx/conf.d/restyaboard.conf\n\t\t}\n\n\t\tupgrade-0.6.3-0.6.4()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_hide_card_created_date\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_hide_card_created_date/\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.4-0.6.5()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_hide_card_id\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_hide_card_id/\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.2.zip\n\t\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.5-0.6.6()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_codenames-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_codenames-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\t\t\n\t\tupgrade-0.6.6-0.6.7(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_card_counter-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_card_counter-v0.1.1.zip\n\t\t\tunzip /tmp/r_card_counter-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.2.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_eu_gdpr-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_eu_gdpr-v0.1.2.zip\n\t\t\tunzip /tmp/r_eu_gdpr-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_gmail_addon-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_gmail_addon-v0.1.1.zip\n\t\t\tunzip /tmp/r_gmail_addon-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\t\t\t\n\t\t\t\n\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.3.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.3.zip\n\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.3.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\t: > /var/spool/cron/crontabs/root\n\t\t\t\techo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/crontabs/root\n\t\t\telse\n\t\t\t\t: > /var/spool/cron/root\n\t\t\t\techo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/root\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.7-0.6.8(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.3.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.3.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.3.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t}\n\n\t\tupgrade-0.6.8-0.6.9(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.4.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.4.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.4.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t}\n\t\tupgrade-0.6.9-1.7(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_togetherjs\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_togetherjs/\n\t\t\tfi\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.5.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.5.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.5.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tcurl -v -L -G -o /tmp/r_gmail_addon-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_gmail_addon-v0.1.2.zip\n\t\t\tunzip /tmp/r_gmail_addon-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\n\t\t\techo \"Applying permission...\"\n\t\t\tuseradd restyaboard\n\t\t\tusermod --password 'hjVl2!rGd' restyaboard\n\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tuser www-data;\n\t\t\t\tusermod -a -G restyaboard www-data\n\t\t\t\tsed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\t\tsed -i \"s/user\\s*=\\s*www-data/user = restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\t\tsed -i \"0,/group\\s*=\\s*www-data/s//group = restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\telse\n\t\t\t\tuser nginx;\n\t\t\t\tusermod -a -G restyaboard nginx\n\t\t\t\tsed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\t\tsed -i \"s/user\\s*=\\s*apache/user = restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\t\tsed -i \"0,/group\\s*=\\s*apache/s//group = restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\tfi\n\t\t\tchown -R restyaboard:restyaboard $RESTYABOARD_DIR\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/media\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/media;\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/img\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/img;\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/tmp/cache\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/tmp/cache;\n\t\t\tchmod +x $RESTYABOARD_DIR/server/php/shell/main.sh\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tchmod -R u=rwX,g=rX,o= \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\tthen\n\t\t\t\tchcon -R -t httpd_sys_rw_content_t $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t\tfi\n\t\t}\n\n\t\tupdate_version()\n\t\t{\n\t\t\tset +x\n\t\t\techo -e \"A newer version ${RESTYABOARD_VERSION} of Restyaboard is available.\\n\\nImportant: Please note that upgrading will remove any commercial apps that were free in previous version.\\nFor more details about commercial apps, please visit https://restya.com/board/pricing\\n\\nDo you want to get it now y/n?\"\n\t\t\tread -r answer\n\t\t\tset -x\n\t\t\tcase \"${answer}\" in\n\t\t\t\t[Yy])\n\t\t\t\tset +x\n\t\t\t\tset -x\n\t\t\t\t\n\t\t\t\techo \"Downloading files...\"\n\t\t\t\tcurl -v -L -G -d \"app=board&ver=${RESTYABOARD_VERSION}\" -o /tmp/restyaboard.zip -k https://restya.com/download.php\n\t\t\t\tunzip /tmp/restyaboard.zip -d ${DOWNLOAD_DIR}\n\t\t\t\t\n\t\t\t\techo \"Updating files...\"\n\t\t\t\tcp -r ${DOWNLOAD_DIR}/. \"$RESTYABOARD_DIR\"\n\t\t\t\t\n\t\t\t\techo \"Connecting database to run SQL changes...\"\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$? \n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database connection failed with error code ${error_code} (PostgreSQL database connection failed with error code 32)\"\n\t\t\t\t\treturn 32\n\t\t\t\tfi\n\t\t\t\tsleep 1\n\t\t\t\t\n\t\t\t\techo \"Changing PostgreSQL database name, user and password...\"\n\t\t\t\tsed -i \"s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${POSTGRES_DBNAME}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_USER'.*$/define('R_DB_USER', '${POSTGRES_DBUSER}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', '${POSTGRES_DBPASS}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${POSTGRES_DBHOST}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${POSTGRES_DBPORT}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\t\tversion=$(cat ${DOWNLOAD_DIR}/release)\n\t\t\t\tdeclare -a upgrade;\n\t\t\t\tif [[ $version < \"v0.4\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.3-0.4\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.4.1\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.4-0.4.1\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.5\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.4.2-0.5\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.5.2\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.5.1-0.5.2\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.5.2-0.6\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.1\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6-0.6.1\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.2\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.1-0.6.2\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.3\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.2-0.6.3\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.4\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.3-0.6.4\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.5\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.4-0.6.5\")\n\t\t\t\tfi\t\n\t\t\t\tif [[ $version < \"v0.6.6\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.5-0.6.6\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.7\" ]];\n\t\t\t\tthen\n\t\t\t\t\tset +x\n\t\t\t\t\techo \"Before updating make sure to remove duplicate username's and emails used by more than one user, otherwise unique indexing for users will be thrown an error But all other queries will be executed without any issue.\"\n\t\t\t\t\tread -r -s -p $'Press [Enter] key to continue...'\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.6-0.6.7\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.8\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.7-0.6.8\")\n\t\t\t\tfi\t\t \n\t\t\t\tif [[ $version < \"v0.6.9\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.8-0.6.9\")\n\t\t\t\tfi\t\n\t\t\t\tif [[ $version < \"v1.7\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.9-1.7\")\n\t\t\t\tfi\n\t\t\t\t# use for loop to read all values and indexes\n\t\t\t\tfor i in \"${upgrade[@]}\"\n\t\t\t\tdo\n\t\t\t\t\tif [ \"$(type -t ${i})\" = function ];\n\t\t\t\t\tthen\n\t\t\t\t\t\teval ${i}\n\t\t\t\t\tfi\n\t\t\t\t\tif [ -f \"$RESTYABOARD_DIR/sql/${i}.sql\" ];\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"Updating SQL...\"\n\t\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/${i}.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"PostgreSQL updation of SQL failed with error code ${error_code} (PostgreSQL updation of SQL failed with error code 33)\"\n\t\t\t\t\t\t\treturn 33\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tdone\n\t\t\t\t/bin/echo \"$RESTYABOARD_VERSION\" > ${DOWNLOAD_DIR}/release\n\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\t\tthen\t\t\t\t \n service nginx restart\n\t\t\t\t\tservice php${PHP_VERSION}-fpm restart\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\t\telse\n\t\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\tesac\n\t\t}\n\n\t\tif [ -f \"$DOWNLOAD_DIR/release\" ];\n\t\tthen\n\t\t\tversion=$(cat ${DOWNLOAD_DIR}/release)\n\t\t\tif [[ $version < $RESTYABOARD_VERSION ]];\n\t\t\tthen\n\t\t\t\tupdate_version\n\t\t\t\texit;\n\t\t\telse\n\t\t\t\techo \"No new version available\"\n\t\t\t\texit;\n\t\t\tfi\n\t\telse\n\t\t\tset +x\n\t\t\techo \"Is Restyaboard already installed and configured/working y/n?\"\n\t\t\tread -r answer\n\t\t\tset -x\n\t\t\tcase \"${answer}\" in\n\t\t\t\t[Yy])\n\t\t\t\tupdate_version\n\t\t\t\texit;\n\t\t\tesac\n\t\tfi\n\n if ([ \"$OS_REQUIREMENT\" = \"Debian\" ])\n then\n sed -i -e 's/deb cdrom/#deb cdrom/g' /etc/apt/sources.list\n sh -c 'echo \"deb http://ftp.de.debian.org/debian jessie main\" > /etc/apt/sources.list.d/debjessie.list'\n apt install apt-transport-https lsb-release ca-certificates -y\n wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg\n echo \"deb https://packages.sury.org/php/ $(lsb_release -sc) main\" | tee /etc/apt/sources.list.d/php.list\n fi\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n apt install debian-keyring debian-archive-keyring -y\n apt update -y\n apt upgrade -y\n apt install python-software-properties -y\n apt install software-properties-common -y\n if ! hash php 2>&-; then\n add-apt-repository -y ppa:ondrej/php\n apt update -y\n apt install libjpeg8 -y --allow-unauthenticated\n fi\n fi\n install_nginx\n \n echo \"Checking PHP...\"\n install_php\n\n echo \"Setting up timezone...\"\n set_timezone\n \n echo \"Checking PostgreSQL...\"\n install_postgresql\n\n install_geoip\n \n echo \"Downloading Restyaboard script...\"\n if ([ \"$pkg_name\" = \"apt-get\" ])\n then\n apt install -y curl\n fi\n mkdir ${DOWNLOAD_DIR}\n curl -v -L -G -d \"app=board&ver=${RESTYABOARD_VERSION}\" -o /tmp/restyaboard.zip -k https://restya.com/download.php\n unzip /tmp/restyaboard.zip -d ${DOWNLOAD_DIR}\n rm /tmp/restyaboard.zip\n\n configure_restyaboard\n \n \n echo \"Copying Restyaboard script to root directory...\"\n cp -r ${DOWNLOAD_DIR}/* \"$RESTYABOARD_DIR\"\n \n install_postfix\n \n echo \"Changing permission...\"\n useradd restyaboard\n usermod --password 'hjVl2!rGd' restyaboard\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n user www-data;\n usermod -a -G restyaboard www-data\n sed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n sed -i \"s/user\\s*=\\s*www-data/user = restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n sed -i \"0,/group\\s*=\\s*www-data/s//group = restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n else\n user nginx;\n usermod -a -G restyaboard nginx\n sed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php-fpm.d/www.conf\n sed -i \"s/user\\s*=\\s*apache/user = restyaboard/g\" /etc/php-fpm.d/www.conf\n sed -i \"0,/group\\s*=\\s*apache/s//group = restyaboard/g\" /etc/php-fpm.d/www.conf\n fi\n chown -R restyaboard:restyaboard $RESTYABOARD_DIR\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/media\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/media;\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/img\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/img;\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/tmp/cache\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/tmp/cache;\n chmod +x $RESTYABOARD_DIR/server/php/shell/main.sh\n change_permission\n\n psql_connect\n \n echo \"Changing PostgreSQL database name, user and password...\"\n sed -i \"s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${POSTGRES_DBNAME}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_USER'.*$/define('R_DB_USER', '${POSTGRES_DBUSER}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', '${POSTGRES_DBPASS}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${POSTGRES_DBHOST}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${POSTGRES_DBPORT}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n \n echo \"Setting up cron for every 5 minutes..\"\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n echo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/crontabs/root\n else\n echo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/root\n fi\n php_fpm_reset\n \n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n service nginx restart\n service php7.4-fpm restart\n else\n if [ -f \"/bin/systemctl\" ]; then\n echo \"Starting services with systemd...\"\n systemctl restart nginx\n systemctl restart php-fpm\n else\n echo \"Starting services...\"\n /etc/init.d/php-fpm restart\n /etc/init.d/nginx restart\n fi\n fi\n set_db_connection\n\t\t/bin/echo \"$RESTYABOARD_VERSION\" > ${DOWNLOAD_DIR}/release\n\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\tthen\n\t\t\tssl_connectivity\n\t\telse\n\t\t\tssl_connectivity\n\t\tfi\n\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n\t\t\tsemanage permissive -a httpd_t\n\t\tfi\n\t\tset +x\n\t\techo \"Checking Hosting...\"\n\t\tresponse=$(curl -H Metadata:true http://169.254.169.254/metadata/instance?api-version=2017-04-02 --write-out %{http_code} --connect-timeout 10 --max-time 10 --silent --output /dev/null)\n\t\t\n\t\tif [ -f /etc/ImageMagick-6/policy.xml ]; then\n \t\tsed -i -e 's///g' /etc/ImageMagick-6/policy.xml\n\t\tfi\n\n\t\tif [ -f /etc/ImageMagick/policy.xml ]; then\n\t\t\tsed -i -e 's///g' /etc/ImageMagick/policy.xml\n\t\tfi\n\n\t\tif [ ${response} -eq 200 ];then\n\t\t\techo \"Note: PHP Mailer will not work in Azure. Kindly use external SMTP mail server.\"\n\t\tfi\n\t\tset +x\n\t\tcurl -v -L -G -d \"app=board&os=${os}&version=${version}\" -k \"https://restya.com/success_installation.php\"\n\t\techo \"Restyaboard URL : $IPADDR\"\n\n\t\techo \"Login with username admin and password restya\"\n\t\texit 1\n\t}\n\tmain\n\terror=$?\n\tos=$(lsb_release -i -s)\n\tcurl -v -L -G -d \"app=board&os=${os}&error=${error}\" -k \"https://restya.com/error_installation.php\"\n\techo \"If you're finding it difficult to install Restyaboard from your end, we do also offer installation support that you may consider https://restya.com/contact\"\n\texit 1\n} 2>&1 | tee -a /tmp/restyaboard_install.log","user_defined_fields":[]},{"id":912264,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Rocket.Chat One-Click","description":"Rocket.Chat One-Click","ordinal":92,"logo_url":"assets/rocketchat.svg","images":["linode/ubuntu20.04"],"deployments_total":1682,"deployments_active":85,"is_public":true,"mine":false,"created":"2021-09-29T17:16:16","updated":"2023-09-28T05:58:15","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 443\nufw allow 80\nufw allow 3000\nfail2ban_install\n\n# Snapd & rocketchat install\napt install snapd -y\nsnap install rocketchat-server\nsnap info rocketchat-server\n\n# Check DNS\ncheck_dns_propagation \"${FQDN}\" \"${IP}\"\n# SSL\nsnap set rocketchat-server siteurl=https://$FQDN\nsystemctl enable --now snap.rocketchat-server.rocketchat-caddy \nsnap restart rocketchat-server\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for the SOA","default":""}]},{"id":609048,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Ruby on Rails One-Click","description":"Ruby on Rails One-Click","ordinal":93,"logo_url":"assets/rubyonrails.svg","images":["linode/ubuntu20.04"],"deployments_total":447,"deployments_active":23,"is_public":true,"mine":false,"created":"2019-11-05T07:22:54","updated":"2023-09-23T13:55:54","rev_note":"Initial import","script":"#!/bin/bash\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Ruby on Rails\napt install -y ruby rails\n\n# Configure rails Directory\nmkdir /home/railsapp\ncd /home/railsapp\nrails new $RAILSAPP\ncd $RAILSAPP\nrails s -b 0.0.0.0 &\n\n# Start rails app on reboot\ncrontab -l | { cat; echo \"@reboot cd /home/railsapp/app1/ && rails s -b 0.0.0.0 &\"; } | crontab -\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"railsapp","label":"Rails Application name","example":"railsapp"}]},{"id":401703,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Rust One-Click","description":"Rust - Latest One-Click","ordinal":94,"logo_url":"assets/Rust.svg","images":["linode/ubuntu20.04"],"deployments_total":2395,"deployments_active":11,"is_public":true,"mine":false,"created":"2019-03-08T21:09:34","updated":"2023-09-27T02:44:40","rev_note":"Remove SSH Pubkey UDF","script":"#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \nsource \n\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"rustserver\"\n\nset_hostname\napt_setup_update\n\n\nif [[ \"$RUSTHOSTNAME\" = \"\" ]]; then\n RUSTHOSTNAME=\"Linode Rust Server\"\nfi\n\nif [[ \"$LEVEL\" = \"Procedural Map\" ]]; then\n LEVEL=\"\"\nfi\n\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix curl \\\nwget file bzip2 gzip unzip bsdmainutils python \\\nutil-linux ca-certificates binutils bc jq tmux \\\nlib32gcc1 libstdc++6 libstdc++6:i386 lib32z1\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install Rust\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\ncp /home/rustserver/lgsm/config-lgsm/rustserver/_default.cfg /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nchown -R rustserver:rustserver /home/rustserver/\n\necho \"server.globalchat $GLOBALCHAT/\" > /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.pve $PVE\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.description \\\"$DESCRIPTION\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.maxplayers $MAXPLAYERS\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.seed \\\"$SEED\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.level $LEVEL\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.hostname \\\"$RUSTHOSTNAME\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.ip $IP\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\nsed -i \"s/rconpassword=\\\"CHANGE_ME\\\"/rconpassword=\\\"$RCONPASSWORD\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nsed -i \"s/worldsize=\\\"3000\\\"/worldsize=\\\"$WORLDSIZE\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nsed -i \"s/maxplayers=\\\"50\\\"/maxplayers=\\\"$MAXPLAYERS\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\n\n\n# Start the service and setup firewall\nufw allow 28015\nufw allow 28016\n\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup","user_defined_fields":[{"name":"rusthostname","label":"Server Hostname","default":"Linode Rust Server"},{"name":"description","label":"Server Description","default":"Powered by Linode!"},{"name":"rconpassword","label":"RCON Password"},{"name":"maxplayers","label":"Maximum Players","oneof":"10,25,50,75,100","default":"50"},{"name":"level","label":"World","oneof":"Procedural Map,Barren,HapisIsland,SavasIsland_koth","default":"Procedural Map"},{"name":"worldsize","label":"World Size","oneof":"1000,3000,6000","default":"3000"},{"name":"seed","label":"Seed","default":"50000"},{"name":"globalchat","label":"Global Chat Enabled","oneof":"true,false","default":"true"},{"name":"pve","label":"PvE Enabled","oneof":"true,false","default":"false"}]},{"id":971042,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Saltcorn One-Click","description":"Saltcorn One-Click","ordinal":95,"logo_url":"assets/saltcorn.svg","images":["linode/ubuntu20.04","linode/debian11"],"deployments_total":263,"deployments_active":15,"is_public":true,"mine":false,"created":"2022-02-08T16:21:05","updated":"2023-09-22T16:47:48","rev_note":"","script":"#!/bin/bash\n## Saltcorn Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction saltcorninstall {\n wget -qO - https://deb.nodesource.com/setup_14.x | sudo bash -\n apt-get install -qqy nodejs\n npx saltcorn-install -y\n systemctl enable saltcorn\n systemctl stop saltcorn\n cat < /lib/systemd/system/saltcorn.service\n[Unit]\nDescription=saltcorn\nDocumentation=https://saltcorn.com\nAfter=network.target\n\n[Service]\nType=notify\nWatchdogSec=5\nUser=saltcorn\nWorkingDirectory=/home/saltcorn\nExecStart=/home/saltcorn/.local/bin/saltcorn serve -p 8080\nRestart=always\nEnvironment=\"NODE_ENV=production\"\n\n[Install]\nWantedBy=multi-user.target\nEND\n systemctl daemon-reload\n systemctl start saltcorn\n}\n\nfunction firewallsaltcorn {\n ufw allow 22\n ufw allow 80\n ufw allow 443\n}\n\nfunction nginxreversesaltcorn {\n apt-get install nginx -y\n cat < /etc/nginx/conf.d/saltcorn.conf\nserver {\n listen 80;\n server_name $FQDN $IP;\n\n location / {\n proxy_set_header X-Forwarded-For \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:8080;\n }\n}\nEND\n nginx -t\n unlink /etc/nginx/sites-enabled/default\n systemctl restart nginx\n}\n\nfunction ssl_saltcorn {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction main {\n saltcorninstall\n nginxreversesaltcorn\n firewallsaltcorn\n ssl_saltcorn\n\n}\n# Execute\nmain \nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address for Letsencrypt SSL","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":774829,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"ServerWand One-Click","description":"ServerWand One-Click","ordinal":96,"logo_url":"assets/serverwand.svg","images":["linode/ubuntu20.04","linode/ubuntu22.04"],"deployments_total":1034,"deployments_active":12,"is_public":true,"mine":false,"created":"2021-02-19T17:28:16","updated":"2023-09-28T19:11:10","rev_note":"","script":"#!/bin/bash\n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# serverwand ssh key\nmkdir -p /root/.ssh/\nchmod 700 /root/.ssh/\ncurl https://serverwand.com/api/servers/connect > ~/.ssh/authorized_keys\nchmod 600 /root/.ssh/authorized_keys","user_defined_fields":[]},{"id":1177225,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Seatable One-Click","description":"Seatable One-Click App","ordinal":97,"logo_url":"assets/seatable.svg","images":["linode/debian11"],"deployments_total":42,"deployments_active":2,"is_public":true,"mine":false,"created":"2023-05-16T19:56:00","updated":"2023-09-27T23:58:51","rev_note":"","script":"#!/bin/bash\n\n# \n# \n# \n\nsource \n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION \n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Update and basic installs\nsystem_update\ndebian_upgrade\nenable_fail2ban\nsystem_install_package ufw ca-certificates curl gnupg lsb-release curl pwgen\n\n# Install docker\nmkdir -p /etc/apt/keyrings\ncurl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg\necho \\\n \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \\\n $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null\nchmod a+r /etc/apt/keyrings/docker.gpg\napt-get -y update\napt-get -y install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose\n\n# Pull current seatable container\ndocker pull seatable/seatable-enterprise:latest\nmkdir /opt/seatable\nwget -O \"/opt/seatable/docker-compose.yml\" \"https://manual.seatable.io/docker/Enterprise-Edition/docker-compose.yml\"\n\n# Prepare SeaTable\nMYSQL_PASSWORD=`pwgen -s 30 1`\nsed -i \"s|DB_ROOT_PASSWD=.*|DB_ROOT_PASSWD=${MYSQL_PASSWORD}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|MYSQL_ROOT_PASSWORD=.*|MYSQL_ROOT_PASSWORD=${MYSQL_PASSWORD}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|SEATABLE_SERVER_LETSENCRYPT=.*|SEATABLE_SERVER_LETSENCRYPT=${LE}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|SEATABLE_SERVER_HOSTNAME=.*|SEATABLE_SERVER_HOSTNAME=${URL}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|TIME_ZONE=.*|TIME_ZONE=${TIMEZONE}|\" /opt/seatable/docker-compose.yml\n\n# Add a license\nmkdir -p /opt/seatable/seatable-data/seatable\ntouch /opt/seatable/seatable-data/seatable/seatable-license.txt\ncat << EOF > /opt/seatable/seatable-data/seatable/seatable-license.txt\n#SeaTable server licence\nName = \"Cloud Trial\"\nLicencetype = \"User\"\nLicenceKEY = \"1672935702\"\nProductID = \"SeaTable server\"\nExpiration = \"2024-01-31\"\nMaxUsers = \"3\"\nMode = \"subscription\"\nHash = \"045af708265d7d549cad51fc2b678272a1d15ab8cbfbf05734e371504bb72b388f4441493c7bfeccce7c19ac9c6877cb8f3aecc3beebe685db007832e1c0231728a92772d45dc1c08facbc225d90776f86d34cb4154bafe7c983b6767ffb31a74b133de61edf15c170564fcefb6e457012f63b95ed4aaf6fd2e1e1cfc2ad93a682cfab2fe86f427f7d93ae9b69cbaf02a7565074a95a8c1176402f250d2e815ab206a6b65009c65d94259772ab31a00c11e5c6b57fda0fbb1b22a69734c10214594a5d7b4c88a995eaeb3a65f9aa5d163d9e5c09f73105a4ef760a8421fb66d1982da739c42808fded9a95e456090747e494b0a1aee2a40f388d9f1146051754\"\nEOF\n\n# firewall\nufw limit ssh\nufw allow 80\nufw allow 443\nufw --force enable\n\n# Message of the day\ncat << EOF > /etc/motd\n#############################\n#############################\nSeaTable Enterprise Server\n\nTo finish the installation, change to the directory /opt/seatable and follow our deployment instructions at https://manual.seatable.io/docker/Enterprise-Edition/Deploy%20SeaTable-EE%20with%20Docker/.\nYou can skip the beginning and start directly with the adjustment of the docker-compose.yml file.\n\nPlease visit https://forum.seatable.io for SeaTable community support.\n#############################\n#############################\n\nEOF\n\necho \"Installation complete\"\nall_set\nstackscript_cleanup","user_defined_fields":[{"name":"url","label":"The domain/subdomain for SeaTable Server","example":"https://seatable.example.org"},{"name":"le","label":"Get a Let's Encrypt certificate","default":"True","oneof":"True,False"},{"name":"timezone","label":"Choose your timezone (e.g Europe/Berlin)","example":"Choices can be found here: http://en.wikipedia.org/wiki/List_of_tz_zones_by_name","default":"Etc/UTC"}]},{"id":604068,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Shadowsocks One-Click","description":"Shadowsocks One-Click","ordinal":98,"logo_url":"assets/shadowsocks.svg","images":["linode/ubuntu20.04"],"deployments_total":8354,"deployments_active":154,"is_public":true,"mine":false,"created":"2019-10-22T16:11:39","updated":"2023-09-28T17:28:00","rev_note":"final edit","script":"#!/usr/bin/env bash\n\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Install & configure shadowsocks\nfunction install_shadowsocks {\n apt-get install shadowsocks-libev -y\n cat </etc/shadowsocks-libev/config.json\n{\n\"server\":\"$IP\",\n\"server_port\":8000,\n\"local_port\":1080,\n\"password\":\"$SHADOWPASSWORD\",\n\"timeout\":60,\n\"method\":\"aes-256-gcm\"\n}\nEND\n systemctl start shadowsocks-libev\n systemctl enable shadowsocks-libev\n systemctl restart shadowsocks-libev\n}\n\nfunction shadowsocks_firewall {\n ufw allow 8000\n}\n\nfunction main {\n install_shadowsocks\n shadowsocks_firewall\n stackscript_cleanup\n}\n\n# Execute function\nmain","user_defined_fields":[{"name":"shadowpassword","label":"Shadowsocks Password","example":"Password"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""},{"name":"soa_email_address","label":"Email address for SOA Recorf","default":""}]},{"id":869153,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Splunk One-Click","description":"Splunk One-Click","ordinal":99,"logo_url":"assets/splunk.svg","images":["linode/debian10","linode/ubuntu20.04"],"deployments_total":864,"deployments_active":89,"is_public":true,"mine":false,"created":"2021-07-20T19:04:43","updated":"2023-09-28T18:59:51","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables\n\n## Splunk settings\n#\n#\n\n## Domain settings\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# Configure Splunk\nwget https://download.splunk.com/products/splunk/releases/8.2.0/linux/splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz\nwget \ntar zxvf splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz -C /opt/\nuseradd splunk --system --shell=/usr/sbin/nologin\nchown -R splunk:splunk /opt/splunk\n\napt install -y expect\n SPLUNK_INSTALL=$(expect -c \"\n set timeout 10\n spawn /opt/splunk/bin/splunk enable boot-start -user splunk -systemd-managed 1 --accept-license\n expect \\\"Please enter an administrator username:\\\"\n send \\\"$SPLUNK_USER\\r\\\"\n expect \\\"Please enter a new password:\\\"\n send \\\"$SPLUNK_PASSWORD\\r\\\"\n expect \\\"Please confirm new password:\\\"\n send \\\"$SPLUNK_PASSWORD\\r\\\"\n expect eof\n \")\n\n# Start daemon\nsystemctl start Splunkd\nsystemctl status Splunkd\n\n# Firewall\nufw allow 22 \nufw allow 8000\nufw allow 8089\nufw allow 9997\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"splunk_user","label":"Splunk Admin User"},{"name":"splunk_password","label":"Splunk Admin password"},{"name":"token_password","label":"Your Linode API token. This is required in order to create DNS records.","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token)","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"soa_email_address","label":"Admin Email for the server","default":""},{"name":"username","label":"The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)","example":"user1","default":""},{"name":"password","label":"The password for the Linode's admin/SSH user","example":"S3cuReP@s$w0rd","default":""},{"name":"pubkey","label":"The SSH Public Key used to securely access the Linode via SSH","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":1102904,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Superinsight One-Click","description":"Superinsight One-Click app","ordinal":100,"logo_url":"assets/superinsight.svg","images":["linode/ubuntu22.04"],"deployments_total":22,"deployments_active":0,"is_public":true,"mine":false,"created":"2022-12-20T17:43:01","updated":"2023-08-28T19:43:49","rev_note":"","script":"#!/usr/bin/bash\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Install docker\ncurl -fsSL get.docker.com | sudo sh\n\n# Creating Password\necho \"Superinsight setting up password....\"\nADMIN_PASSWORD=$(openssl rand -hex 12)\nNODE_IP=$(hostname -I | cut -f1 -d' ')\necho \"Downloading and Installing Superinsight instance......\"\n\n# Install Superinsight\ndocker run \\\n--detach \\\n--name superinsight-db-standalone \\\n--restart always \\\n-p 5432:5432 \\\n-v vol-superinsight:/db \\\n-e SUPERINSIGHT_USER=admin \\\n-e SUPERINSIGHT_PASSWORD=\"${ADMIN_PASSWORD}\" \\\nsuperinsight/superinsight-db-standalone:latest\n\n\n# Print instructions\ncat << EOF > /etc/motd\n\n################################################################################################################################################\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tSUPERINSIGHT\n################################################################################################################################################\n\nSuperinsight created the user admin with password: ${ADMIN_PASSWORD}\nYou can can connect using a database client with the following connection string postgres://admin:${ADMIN_PASSWORD}@${NODE_IP}:5432/superinsight\nFor complete source code and information, visit: https://github.com/superinsight/superinsight-db\n\n################################################################################################################################################\nEOF","user_defined_fields":[]},{"id":401705,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Terraria One-Click","description":"Terraria One-Click","ordinal":101,"logo_url":"assets/Terraria.svg","images":["linode/ubuntu20.04"],"deployments_total":690,"deployments_active":9,"is_public":true,"mine":false,"created":"2019-03-08T21:10:49","updated":"2023-09-17T05:06:59","rev_note":"Remove SSH Pubkey UDF","script":"#!/bin/bash\n#\n#\n#\n\n#Game config options\n\n#\n#\n#\n#\n#\n#\n#\n\n\n#Non-MVP config options\n#name=\"autocreate\" label=\"autocreate\" default=\"1\"/>\n#name=\"worldpath\" label=\"worldpath\" default=\"~/.local/share/Terraria/Worlds/\"/>\n#name=\"banlist\" label=\"banlist\" default=\"banlist.txt\"/>\n#name=\"priority\" label=\"priority\" default=\"1\"/>\n#name=\"upnp\" label=\"upnp\" default=\"1\"/>\n#name=\"npcstream\" label=\"npcstream\" default=\"60\"/>\n#name=\"secure\" label=\"secure\" default=\"1\"/>\n#name=\"language\" label=\"language\" default=\"en-US\"/>\n\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\nGAMESERVER=\"terrariaserver\"\n\n### UDF to config\n\nif [[ \"$DIFFICULTY\" = \"Normal\" ]]; then\n DIFFICULTY=\"0\"\nelif [[ \"$DIFFICULTY\" = \"Expert\" ]]; then\n DIFFICULTY=\"1\"\nfi\n\nset_hostname\napt_setup_update\n\n\n# Terraria specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc1 libstdc++6 libstdc++6:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\necho Requires Steam username and password to install\nsu - $GAMESERVER -c \"mkdir -p /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER\"\nsu - $GAMESERVER -c \"touch /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\nsu - $GAMESERVER -c \"echo steamuser=\\\"$STEAMUSER\\\" >> /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\nsu - $GAMESERVER -c \"echo steampass=\\''$STEAMPASSWORD'\\' >> /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\n\n# Install Terraria\ngame_install\n\nsed -i s/#seed=AwesomeSeed/seed=\"$SEED\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/worldname=world1/worldname=\"$WORLDNAME\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/difficulty=0/difficulty=\"$DIFFICULTY\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/maxplayers=20/maxplayers=\"$MAXPLAYERS\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/port=7777/port=\"$PORT\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/password=/password=\"$PASSWORD\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/motd=.*/motd=\"$MOTD\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n\n#Non-MVP config options\n# sed -i s/autocreate=1/autocreate=\"$AUTOCREATE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/worldpath=\\~\\/\\.local\\/share\\/Terraria\\/Worlds\\//worldpath=\"$WORLDPATH\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/banlist=banlist.txt/banlist=\"$BANLIST\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/\\#priority=1/priority=\"$PRIORITY\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/#npcstream=60/npcstream=\"$NPCSTREAM\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/#upnp=1/upnp=\"$UPNP\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/secure=1/secure=\"$SECURE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/language=en\\-US/language=\"$LANGUAGE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n\n# Setup crons and create systemd service file\nservice_config\n\n# Start the service and setup firewall\nufw_install\nufw allow \"$PORT\"/tcp\nufw allow \"$PORT\"/udp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup","user_defined_fields":[{"name":"steamuser","label":"Steam Username","example":"username"},{"name":"steampassword","label":"Steam Password, must have Steam Guard turned off for deployment","example":"YourSteamPassword"},{"name":"worldname","label":"World Name","default":"world1"},{"name":"password","label":"Server Password","default":""},{"name":"motd","label":"Message of the Day","default":"Powered by Linode!"},{"name":"difficulty","label":"Difficulty Level","oneof":"Normal,Expert","default":"Normal"},{"name":"maxplayers","label":"Maximum Players","oneof":"1,10,20,50,100,200,255,","default":"20"},{"name":"port","label":"Port","default":"7777"},{"name":"seed","label":"Seed","default":"AwesomeSeed"}]},{"id":401704,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"TF2 One-Click","description":"TF2 One-Click","ordinal":102,"logo_url":"assets/TF2.svg","images":["linode/debian11"],"deployments_total":342,"deployments_active":7,"is_public":true,"mine":false,"created":"2019-03-08T21:10:23","updated":"2023-09-28T15:35:11","rev_note":"Remove SSH Pubkey UDF","script":"#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nGAMESERVER=\"tf2server\"\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n### UDF to config\n\n#Autoteambalance\nif [[ \"$AUTOTEAMBALANCE\" = \"Enabled\" ]]; then\n AUTOTEAMBALANCE=1\nelif [[ \"$AUTOTEAMBALANCE\" = \"Disabled\" ]]; then\n AUTOTEAMBALANCE=0\nfi\n\nif [[ \"$SERVERNAME\" = \"\" ]]; then\n SERVERNAME=\"Linode TF2 Server\"\nfi\n\n\n# Server config\nset_hostname\napt_setup_update\n\n\n# Teamfortress2 specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\napt -q -y install mailutils postfix curl wget file \\\nbzip2 gzip unzip bsdmainutils python util-linux \\\nca-certificates binutils bc jq tmux lib32gcc-s1 libstdc++6 \\\nlibstdc++6:i386 libcurl4-gnutls-dev:i386 libtcmalloc-minimal4:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install Teamfortress2\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\ncp /home/tf2server/lgsm/config-lgsm/tf2server/_default.cfg /home/tf2server/lgsm/config-lgsm/tf2server/common.cfg\n\n# Custom game configs\n> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\ncat <> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\nlog on\nsv_logbans 1\nsv_logecho 1\nsv_logfile 1\nsv_log_onefile\nEND\n\necho \"hostname $SERVERNAME\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_autoteambalance $AUTOTEAMBALANCE\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_maxrounds $MAXROUNDS\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_timelimit $TIMELIMIT\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"rcon_password \\\"$RCONPASSWORD\\\"\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"sv_password \\\"$SVPASSWORD\\\"\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"\\\"$MOTD\\\"\" > /home/tf2server/serverfiles/tf/cfg/motd_default.txt\n\n\n# Start the service and setup firewall\nufw_install\nufw allow 27014:27050/tcp\nufw allow 3478:4380/udp\nufw allow 27000:27030/udp\nufw allow 26901\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup","user_defined_fields":[{"name":"motd","label":"Message of the Day","default":"Powered by Linode!"},{"name":"servername","label":"Server Name","default":"Linode TF2 Server"},{"name":"svpassword","label":"Server Password","default":""},{"name":"gslt","label":"Game Server Login Token","example":"Steam gameserver token. Needed to list as public server","default":""},{"name":"autoteambalance","label":"Team Balance Enabled","oneof":"Enabled,Disabled","default":"Enabled"},{"name":"maxrounds","label":"Maximum Rounds","oneof":"1,3,5,10,15,20","default":"5"},{"name":"timelimit","label":"Round Time Limit","oneof":"10,15,35,45,60","default":"35"},{"name":"rconpassword","label":"RCON password"}]},{"id":1051711,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"UniFi Network Application One-Click","description":"UniFi Network Application One-Click","ordinal":103,"logo_url":"assets/unifi.svg","images":["linode/debian10"],"deployments_total":493,"deployments_active":27,"is_public":true,"mine":false,"created":"2022-09-01T15:41:39","updated":"2023-08-28T19:43:49","rev_note":"","script":"#!/bin/bash\n#\n# Script to install UniFi Controller on Linode\n# \n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n## Enable logging\n\nset -x\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\ncreate_a_record $SUBDOMAIN $IP $DOMAIN\n\n## install depends \nexport DEBIAN_FRONTEND=noninteractive\napt-get install apt-transport-https ca-certificates wget dirmngr gpg software-properties-common multiarch-support libcommons-daemon-java jsvc openjdk-11-jre-headless -y \n\n# install mongodb req libssl1\nwget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb\ndpkg -i libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb\n\n# install mongodb-3.4\nwget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | apt-key add -\necho \"deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/3.4 main\" | tee /etc/apt/sources.list.d/mongodb-org-3.4.list\napt update && apt upgrade -y\napt install mongodb-org -y \n \n# install latest UniFi Controller \necho 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list\nsudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg \napt update && apt install unifi -yq \n\n## install nginx reverse-proxy \napt install nginx -y \n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${ABS_DOMAIN};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n location /wss/ {\n proxy_pass https://localhost:8443;\n proxy_http_version 1.1;\n proxy_buffering off;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"Upgrade\";\n proxy_read_timeout 86400;\n }\n location / {\n proxy_pass https://localhost:8443;\n proxy_set_header Host \\$host;\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header X-Forward-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx \n\n## UFW rules \nufw allow http\nufw allow https\nufw allow 53\nufw allow 3479/udp\nufw allow 5514/udp\nufw allow 8080/tcp\nufw allow 8443/tcp\nufw allow 8880/tcp\nufw allow 8843/tcp\nufw allow 27117/tcp\nufw allow 5656:5699/udp\nufw allow 10001/udp \nufw allow 1900/udp\nufw allow 123/udp\nufw enable \n\nsleep 60 \n\n## install SSL certs. required \napt install python3-certbot-nginx -y \ncertbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${SOA_EMAIL_ADDRESS} -w /var/www/html/\n \n## add some details \ncat << EOF > /etc/motd\n###################\n\n The installation is now complete, and you can access the UniFi Network Controller GUI from https://${ABS_DOMAIN}\n We recommend using the GUI to complete your configurations of the service\n\n################### \nEOF\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode.","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":970523,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Uptime Kuma One-Click","description":"Uptime Kuma One-Click","ordinal":104,"logo_url":"assets/uptimekuma.svg","images":["linode/ubuntu20.04"],"deployments_total":2097,"deployments_active":410,"is_public":true,"mine":false,"created":"2022-02-07T16:06:08","updated":"2023-09-28T18:25:58","rev_note":"","script":"#!/bin/bash\n## KUMA Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n## Linode Docker OCA\nsource \n\nfunction kumainstall {\ndocker volume create uptime-kuma\ndocker run -d --restart=always -p 3001:3001 -v uptime-kuma:/app/data --name uptime-kuma louislam/uptime-kuma:1\n}\n\nfunction nginxreverse {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n server_name $FQDN;\n error_log /var/log/nginx/$FQDN.error;\n access_log /var/log/nginx/$FQDN.access;\n location / {\n proxy_pass http://localhost:3001;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host \\$host;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n \n}\n\nfunction ssl_lemp {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n kumainstall\n firewall\n nginxreverse\n ssl_lemp\n}\n\n# Execute script\nmain\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":925530,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"UTunnel VPN One-Click","description":"UTunnel VPN One-Click","ordinal":105,"logo_url":"assets/utunnel.svg","images":["linode/ubuntu20.04"],"deployments_total":1102,"deployments_active":15,"is_public":true,"mine":false,"created":"2021-10-25T18:55:37","updated":"2023-09-27T14:49:08","rev_note":"","script":"#!/bin/bash\n# Update the packages on the system from the distribution repositories.\t\napt-get update\nDEBIAN_FRONTEND=noninteractive apt-get upgrade -y\n\n# Install pre-requisites for docker-ce\n\nDEBIAN_FRONTEND=noninteractive apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common\n\n#Add Docker official GPG key\n\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\n\n#Add repository\n\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\n\n# Download and install utnservice\n\nmkdir /utunnel\n\ncd /utunnel \n\nwget https://files.utunnel.io/production/deploy/install_bundle_20.tar\n\ntar -xf install_bundle_20.tar\n\nrm -f install_bundle_20.tar","user_defined_fields":[]},{"id":781317,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Valheim One-Click","description":"Valheim One-Click","ordinal":106,"logo_url":"assets/valheim.svg","images":["linode/debian10"],"deployments_total":2375,"deployments_active":60,"is_public":true,"mine":false,"created":"2021-03-01T13:26:36","updated":"2023-09-27T22:38:06","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables\n\n## Valheim Server Settings - Required\n#\n#\n\n## Linode/SSH Security Settings - Required\n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n[ ! $USERNAME ] && USERNAME='lgsmuser'\nsource \n\n\n# Download and install dependencies\ndpkg --add-architecture i386\nsystem_update\nsystem_install_package curl wget file tar expect bzip2 gzip unzip \\\n bsdmainutils python util-linux ca-certificates \\\n binutils bc jq tmux netcat lib32gcc1 lib32stdc++6 \\\n libc6-dev libsdl2-2.0-0:i386\n\n\n# Open the needed firewall ports\nufw allow 2456:2458/udp\nufw allow 4380/udp\nufw allow 27000:27030/udp\n\n# Install linuxGSM\nGAMESERVER='vhserver'\nv_linuxgsm_oneclick_install \"$GAMESERVER\" \"$USERNAME\"\n\n# Set the Valheim dedicated server's name and password\ncat /home/$USERNAME/lgsm/config-lgsm/vhserver/_default.cfg >> /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\nsed -i \"s/servername=\\\"Valheim Server\\\"/servername=\\\"$SERVER_NAME\\\"/\" /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\nsed -i \"s/serverpassword=\\\"\\\"/serverpassword=\\\"$SERVER_PASSWORD\\\"/\" /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\n\n# Start and enable the Valheim services\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"server_name","label":"The name of the Valheim dedicated server"},{"name":"server_password","label":"The password for the Valheim dedicated server","example":"S3cuReP@s$w0rd"},{"name":"username","label":"The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)","example":"lgsmuser"},{"name":"password","label":"The password for the Linode's admin/SSH user","example":"S3cuReP@s$w0rd"},{"name":"pubkey","label":"The SSH Public Key used to securely access the Linode via SSH","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":954759,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"VictoriaMetrics Single One-Click","description":"VictoriaMetrics Single","ordinal":107,"logo_url":"assets/victoriametricssingle.svg","images":["linode/ubuntu20.04"],"deployments_total":39,"deployments_active":4,"is_public":true,"mine":false,"created":"2022-01-06T18:53:56","updated":"2023-09-06T10:14:27","rev_note":"","script":"#!/bin/bash\n# \nsource \nsystem_set_hostname \"$HOSTNAME\"\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nexport DEBIAN_FRONTEND=noninteractive\napt update && apt upgrade -y && apt install -y curl wget net-tools traceroute jq\n# Generate files\nmkdir -p /etc/victoriametrics/single\nmkdir -p /var/lib/victoria-metrics-data\nmkdir -p /var/lib/cloud/scripts/per-instance\n# Create victoriametrics user\ngroupadd -r victoriametrics\nuseradd -g victoriametrics -d /var/lib/victoria-metrics-data -s /sbin/nologin --system victoriametrics\nchown -R victoriametrics:victoriametrics /var/lib/victoria-metrics-data\n# Install VictoriaMetrics Single\nVM_VERSION=`curl -sg \"https://api.github.com/repos/VictoriaMetrics/VictoriaMetrics/tags\" | jq -r '.[0].name'`\nwget https://github.com/VictoriaMetrics/VictoriaMetrics/releases/download/${VM_VERSION}/victoria-metrics-linux-amd64-${VM_VERSION}.tar.gz -O /tmp/victoria-metrics.tar.gz\ntar xvf /tmp/victoria-metrics.tar.gz -C /usr/bin\nchmod +x /usr/bin/victoria-metrics-prod\nchown root:root /usr/bin/victoria-metrics-prod\ntouch /etc/victoriametrics/single/scrape.yml\nchown root:root /etc/victoriametrics/single/scrape.yml\ncat </etc/systemd/system/vmsingle.service\n[Unit]\nDescription=VictoriaMetrics is a fast, cost-effective and scalable monitoring solution and time series database.\n# https://docs.victoriametrics.com\nAfter=network.target\n[Service]\nType=simple\nUser=victoriametrics\nGroup=victoriametrics\nWorkingDirectory=/var/lib/victoria-metrics-data\nStartLimitBurst=5\nStartLimitInterval=0\nRestart=on-failure\nRestartSec=5\nEnvironmentFile=-/etc/victoriametrics/single/victoriametrics.conf\nExecStart=/usr/bin/victoria-metrics-prod \\$ARGS\nExecStop=/bin/kill -s SIGTERM \\$MAINPID\nExecReload=/bin/kill -HUP \\$MAINPID\n# See docs https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html#tuning\nProtectSystem=full\nLimitNOFILE=1048576\nLimitNPROC=1048576\nLimitCORE=infinity\nStandardOutput=syslog\nStandardError=syslog\nSyslogIdentifier=vmsingle\n[Install]\nWantedBy=multi-user.target\nEND\ncat </etc/victoriametrics/single/victoriametrics.conf\n# See https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html#list-of-command-line-flags to get more information about supported command-line flags\n# \n# If you use IPv6 pleas add \"-enableTCP6\" to args line\nARGS=\"-promscrape.config=/etc/victoriametrics/single/scrape.yml -storageDataPath=/var/lib/victoria-metrics-data -retentionPeriod=12 -httpListenAddr=:8428 -graphiteListenAddr=:2003 -opentsdbListenAddr=:4242 -influxListenAddr=:8089 -enableTCP6\"\nEND\ncat < /etc/profile.d/victoriametrics_welcome.sh\n#!/bin/sh\n#\nmyip=$(hostname -I | awk '{print$1}')\n******************************************************************************** \nWelcome to VictoriaMetrics Single.\nTo keep this server secure, the UFW firewall is enabled.\nAll ports are BLOCKED except 22 (SSH), 80 (HTTP), and 443 (HTTPS), 8428 (VictoriaMetrics HTTP), 8089 (VictoriaMetrics Influx),\n4242 (VictoriaMetrics OpenTSDB), 2003 (VictoriaMetrics Graphite)\nIn a web browser, you can view:\n * The VictoriaMetrics Quickstart guide: https://kutt.it/1click-quickstart\nOn the server:\n * The default VictoriaMetrics root is located at /var/lib/victoria-metrics-data\n * VictoriaMetrics is running on ports: 8428, 8089, 4242, 2003 and they are bound to the local interface.\n********************************************************************************\n # This image includes version v1.74.0 of VictoriaMetrics. \n # See Release notes https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.70.0\n # Welcome to VictoriaMetrics droplet!\n # Website: https://victoriametrics.com\n # Documentation: https://docs.victoriametrics.com\n # VictoriaMetrics Github : https://github.com/VictoriaMetrics/VictoriaMetrics\n # VictoriaMetrics Slack Community: https://slack.victoriametrics.com\n # VictoriaMetrics Telegram Community: https://t.me/VictoriaMetrics_en\n # VictoriaMetrics config: /etc/victoriametrics/single/victoriametrics.conf\n # VictoriaMetrics scrape config: /etc/victoriametrics/single/scrape.yml\n # VictoriaMetrics UI accessable on: http://your_droplet_public_ipv4:8428/vmui/\nEND\n# Enable UFW and add some rules to it\nsed -e 's|DEFAULT_FORWARD_POLICY=.*|DEFAULT_FORWARD_POLICY=\"ACCEPT\"|g' \\\n -i /etc/default/ufw\nufw allow ssh comment \"SSH port\"\nufw allow http comment \"HTTP port\"\nufw allow https comment \"HTTPS port\"\nufw allow 8428 comment \"VictoriaMetrics Single HTTP port\"\nufw allow 8089/tcp comment \"TCP Influx Listen port for VictoriaMetrics\"\nufw allow 8089/udp comment \"UDP Influx Listen port for VictoriaMetrics\"\nufw allow 2003/tcp comment \"TCP Graphite Listen port for VictoriaMetrics\"\nufw allow 2003/udp comment \"UDP Graphite Listen port for VictoriaMetrics\"\nufw allow 4242 comment \"OpenTSDB Listen port for VictoriaMetrics\"\nufw --force enable\n# Cleaning up\nrm -rf /tmp/* /var/tmp/*\nhistory -c\ncat /dev/null > /root/.bash_history\nunset HISTFILE\nfind /var/log -mtime -1 -type f ! -name 'stackscript.log' -exec truncate -s 0 {} \\;\n# Start VictoriaMetrics\nsystemctl enable vmsingle.service\nsystemctl start vmsingle.service\necho \"Installation complete!\"","user_defined_fields":[{"name":"hostname","label":"Hostname"}]},{"id":662117,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Virtualmin One-Click","description":"Virtualmin One-Click","ordinal":108,"logo_url":"assets/virtualmin.svg","images":["linode/debian10","linode/ubuntu22.04"],"deployments_total":2131,"deployments_active":140,"is_public":true,"mine":false,"created":"2020-08-12T15:46:13","updated":"2023-09-27T21:48:03","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables for the StackScript\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nIFS=$'\\n\\t'\n\n## Import the Bash StackScript and API/DNS Libraries\nsource \nsource \n\n# Import the OCA Helper Functions\nsource \n\nfunction install_virtualmin {\n if [ $(cat /etc/os-release | grep -i 'ubuntu' )]; then\n if [ ! $(cat /etc/os-release | grep -i 'lts') ]; then\n printf \"Virtualmin only works with LTS versions of Ubuntu\\n\"\n exit 1;\n fi\n else\n wget http://software.virtualmin.com/gpl/scripts/virtualmin-install.sh -O /root/virtualmin-install.sh && {\n chmod +x /root/virtualmin-install.sh\n /bin/sh /root/virtualmin-install.sh -f -v\n }\n fi\n}\n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Configure firewall and install Fail2Ban\nufw_install\nufw allow http\nufw allow https\nufw allow 10000\nfail2ban_install\n\n# Install Webmin and Virtualmin\nsource \ninstall_virtualmin\n\n# Disable SSL so that everything works\nsed -i 's/^ssl=1/ssl=0/g' /etc/webmin/miniserv.conf\n\n# Restart Webmin\nsystemctl restart webmin\n\n# Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"pwless_sudo","label":"Enable passwordless sudo access for the limited user?","oneof":"Yes,No","default":"No"},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"auto_updates","label":"Configure automatic security updates?","oneof":"Yes,No","default":"No"},{"name":"fail2ban","label":"Use fail2ban to prevent automated intrusion attempts?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your DNS records","default":""},{"name":"subdomain","label":"The subdomain for your server","default":""},{"name":"domain","label":"Your domain","default":""},{"name":"soa_email_address","label":"Admin Email for the server","default":""},{"name":"mx","label":"Do you need an MX record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"},{"name":"spf","label":"Do you need an SPF record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"}]},{"id":688903,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"VS Code Server One-Click","description":"Visual Studio Code One-Click","ordinal":109,"logo_url":"assets/vscodeserver.svg","images":["linode/debian10"],"deployments_total":5033,"deployments_active":143,"is_public":true,"mine":false,"created":"2020-11-17T21:10:25","updated":"2023-09-28T18:32:36","rev_note":"","script":"#!/usr/bin/env bash\n\n## VS Code Server OCA Script\n\n### UDF Variables\n\n## VS Code Web Password\n#\n#\n\n## User and SSH Security\n#\n#\n#\n#\n\n## Domain\n#\n#\n#\n#\n\n## Let's Encrypt SSL\n#\n\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n\nfunction get_code_server {\n local -r username=\"$1\" vs_code_ver=\"$2\"\n\n cd \"/home/$username\"\n\n wget \"https://github.com/cdr/code-server/releases/download/v${vs_code_ver}/code-server-${vs_code_ver}-linux-amd64.tar.gz\"\n tar -xf \"code-server-${vs_code_ver}-linux-amd64.tar.gz\"\n mv code-server-*/ bin/\n\n chown -R \"${username}:${username}\" bin/\n chmod +x bin/code-server\n mkdir data/\n chown -R \"${username}:${username}\" data/\n\n cd /root/\n}\n\nfunction enable_code_service {\n local -r vs_code_password=\"$1\" username=\"$2\"\n\n # Set the password in /etc/systemd/system/code-server.service\n cat << EOF > /etc/systemd/system/code-server.service\n[Unit]\nDescription=code-server\nAfter=nginx.service\n[Service]\nUser=$username\nWorkingDirectory=/home/$username\nEnvironment=PASSWORD=$vs_code_password\nExecStart=/home/${username}/bin/code-server --host 127.0.0.1 --user-data-dir /home/${username}/data --auth password\nRestart=always\n[Install]\nWantedBy=multi-user.target\nEOF\n\n # Enable code-server as a service\n systemctl daemon-reload\n systemctl start code-server\n systemctl enable code-server\n}\n\nfunction certbot_standalone {\n local -r email_address=\"$1\" ssl_domain=\"$2\"\n\n # Get an SSL certificate from CertBot\n system_install_package \"certbot\"\n certbot -n certonly --standalone --agree-tos -m \"$email_address\" -d \"$ssl_domain\"\n}\n\nfunction nginx_reverse_proxy {\n local -r ssl_domain=\"$1\"\n\n ## Setup a reverse proxy with Nginx\n system_install_package \"nginx\"\n\n cat << EOF > /etc/nginx/sites-available/code-server\nserver {\n listen 80;\n server_name $ssl_domain;\n # enforce https\n return 301 https://\\$server_name:443\\$request_uri;\n}\nserver {\n listen 443 ssl http2;\n server_name $ssl_domain;\n ssl_certificate /etc/letsencrypt/live/${ssl_domain}/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/${ssl_domain}/privkey.pem;\n location / {\n proxy_pass http://127.0.0.1:8080/;\n proxy_set_header Host \\$host;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection upgrade;\n proxy_set_header Accept-Encoding gzip;\n }\n}\nEOF\n\n ln -s /etc/nginx/sites-available/code-server /etc/nginx/sites-enabled\n nginx -t\n systemctl restart nginx\n}\n\n### Install UFW and open the needed firewall ports\nufw allow 80,443/tcp\n\n### Install and configure VS Code Server\nget_code_server \"$USERNAME\" \"$VS_CODE_VER\"\nenable_code_service \"$VS_CODE_PASSWORD\" \"$USERNAME\"\ncheck_dns_propagation \"$FQDN\" \"$IP\"\ncertbot_standalone \"$SOA_EMAIL_ADDRESS\" \"$FQDN\"\nnginx_reverse_proxy \"$FQDN\"\n\n### Clean up\nstackscript_cleanup","user_defined_fields":[{"name":"vs_code_password","label":"The password to login to the VS Code Web UI"},{"name":"vs_code_ver","label":"The version of VS Code Server you'd like installed","default":"3.10.2"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"disable_root","label":"Would you like to disable root login over SSH? (Recommended)","oneof":"Yes,No","default":"Yes"},{"name":"token_password","label":"Your Linode API token - This is required for creating DNS records","default":""},{"name":"domain","label":"The domain for the Linode's DNS record (Requires API token)","default":""},{"name":"subdomain","label":"The subdomain for the Linode's DNS record (Requires API token and domain)","default":""},{"name":"soa_email_address","label":"Your email address for your VirtualHost configuration, DNS records (If Required), and SSL certificates (If Required)."},{"name":"ssl","label":"Would you like to use a free Let's Encrypt SSL certificate? (Uses the Linode's default rDNS if no domain is specified above","oneof":"Yes,No","default":"No"}]},{"id":923037,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"WarpSpeed One-Click","description":"WarpSpeed One-Click","ordinal":110,"logo_url":"assets/warpspeed.svg","images":["linode/ubuntu20.04"],"deployments_total":831,"deployments_active":18,"is_public":true,"mine":false,"created":"2021-10-18T01:12:49","updated":"2023-09-28T06:11:39","rev_note":"","script":"#!/bin/bash\nset -o errexit\nset -o nounset\nset -o pipefail\nset -o xtrace\n\n# \n# \n# \n# \n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nexport DEBIAN_FRONTEND=\"noninteractive\"\napt-get \\\n -o 'Acquire::ForceIPv4=true' \\\n --yes \\\n update\n\napt-get \\\n -o 'DPkg::options::=--force-confdef' \\\n -o 'DPkg::options::=--force-confold' \\\n --yes \\\n install grub-pc\n\napt-get \\\n -o Acquire::ForceIPv4=true \\\n --yes \\\n update\n# # END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Handle the arguments.\nWIRESPEED_ADMIN_EMAIL=\"$(echo -e \"${WIRESPEED_ADMIN_EMAIL}\" | tr --delete '[:space:]')\"\nWIRESPEED_HTTP_HOST=\"$(echo -e \"${WIRESPEED_HTTP_HOST}\" | tr --delete '[:space:]')\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//\\//}\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//https:/}\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//http:/}\"\n\nif [[ -z \"${WIRESPEED_ADMIN_EMAIL}\" ]]; then\n echo \"Missing required parameter: admin email\"\n exit 101\nfi\n\nif [[ -z \"${WIRESPEED_HTTP_HOST}\" ]]; then\n echo \"Missing required parameter: http host\"\n exit 102\nfi\n\nif [[ -z \"${WIRESPEED_DATA_DIR}\" ]]; then\n WIRESPEED_DATA_DIR=\"/wirespeed\"\nfi\n\n# Set hostname\nIP=\"$(hostname --all-ip-addresses | awk '{ print $1 }')\"\nhostnamectl set-hostname \"${WIRESPEED_HTTP_HOST}\"\necho \"${IP} ${WIRESPEED_HTTP_HOST}\" >>/etc/hosts\n\nwget https://bunker.services/wirespeed-installer.sh\nchmod +x wirespeed-installer.sh\n./wirespeed-installer.sh \\\n \"${WIRESPEED_HTTP_HOST}\" \\\n \"${WIRESPEED_DATA_DIR}\" \\\n \"${WIRESPEED_ADMIN_EMAIL}\" \\\n \"${WIRESPEED_ADMIN_PASSWORD}\" \\\n --non-interactive\n\n# Force IPv4 and noninteractive upgrade after script runs to prevent breaking nf_conntrack for UFW\necho 'Acquire::ForceIPv4 \"true\";' >/etc/apt/apt.conf.d/99force-ipv4\napt-get upgrade --yes\n\nfor file in /root/StackScript /root/ssinclude* /root/wirespeed-installer.sh; do\n rm \"${file}\"\ndone\n\necho 'WireSpeed Installation complete!'","user_defined_fields":[{"name":"wirespeed_admin_email","label":"Admin Email","default":"","example":"it@example.com"},{"name":"wirespeed_admin_password","label":"Admin Password","default":"","example":"Password"},{"name":"wirespeed_http_host","label":"DNS Name","default":"","example":"vpn.example.com"},{"name":"wirespeed_data_dir","label":"Data Directory","default":"/wirespeed","example":"/wirespeed"}]},{"id":913276,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Wazuh One-Click","description":"Wazuh One-Click","ordinal":111,"logo_url":"assets/wazuh.svg","images":["linode/ubuntu22.04"],"deployments_total":4001,"deployments_active":834,"is_public":true,"mine":false,"created":"2021-09-30T18:27:36","updated":"2023-09-28T18:03:46","rev_note":"","script":"#!/bin/bash\n\n# #\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings \n#\n#\n#\n\n## Enable logging\n# set -o pipefail\nset -x\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# UFW https://documentation.wazuh.com/current/getting-started/architecture.html\nufw allow 1514\nufw allow 1515\nufw allow 1516\nufw allow 514\nufw allow 55000\nufw allow 443\nufw allow 80\nufw allow 9200\nufw allow 9300\n\n# NGINX\napt install git nginx certbot python3-certbot-nginx -y\n\nmkdir -p /var/www/certs/.well-known\nchown -R www-data:www-data /var/www/certs/\ncat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n listen [::]:80;\n server_name $FQDN;\n root /var/www/certs;\n location / {\n try_files \\$uri \\$uri/ =404;\n }\n# allow .well-known\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/certs/.well-known;\n }\n}\nEOF\nln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/$FQDN\nunlink /etc/nginx/sites-enabled/default\nsystemctl restart nginx\n\n# SSL Certbot\n#certbot certonly --agree-tos --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n\nfunction get_cert {\n if [ \"$1\" == \"dry_run\" ]; then\n certbot certonly --dry-run --agree-tos --non-interactive --no-eff-email --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n return $?\n elif [ \"$1\" == \"run\" ]; then\n certbot certonly --agree-tos --non-interactive --no-eff-email --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n return $?\n fi\n}\n\nfunction propagate {\n while [[ $count -le $retries ]]; do\n echo \"[Info] Let's Encrypt validation failed. Retrying...\"\n sleep 5\n count=$(( $count + 1 ))\n get_cert dry_run\n\n if [ $? -eq 0 ]; then\n echo \"[Info] Dry run successful..\"\n get_cert run\n return 0\n \n fi\n\n # no more retries left. Exit\n if [[ $count -eq $retries ]]; then\n echo \"[Error] Unable to get Let's Encrypt certificate for $FQDN\"\n return 1\n fi\n done\n}\n\ncount=1\nretries=24\nget_cert dry_run\nif [ $? -eq 0 ]; then\n echo \"[Info] Dry run successful. Getting certificate\"\n get_cert run\nelse\n propagate\nfi\n\n# reorder Wazuh script\ncurl -sO https://packages.wazuh.com/4.4/wazuh-install.sh && sudo bash ./wazuh-install.sh -a \ntar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt >> .deployment-secrets.txt\n\n# Set Variables\nexport WAZUH_FULL=/etc/wazuh-dashboard/certs/wazuh-dashboard.pem\nexport WAZUH_PRIVKEY=/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\n\n# Place certificates in /etc/wazuh-dashboard/certs/\ncat $FULLCHAIN > $WAZUH_FULL\ncat $PRIVKEY > $WAZUH_PRIVKEY\n\n# Restart Kibana\nservice wazuh-dashboard restart\n\n# Create Cert renewal cron script\ncat </root/certbot-renewal.sh\n#!/bin/bash\n#\n# Script to handle Certbot renewal & Kibana\n# Debug\n# set -xo pipefail\nexport WAZUH_FULL=/etc/wazuh-dashboard/certs/wazuh-dashboard.pem\nexport WAZUH_PRIVKEY=/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\ncertbot renew\ncat $FULLCHAIN > $WAZUH_FULL\ncat $PRIVKEY > $WAZUH_PRIVKEY\nservice wazuh-dashboard restart\nEND\n\nchmod +x /root/certbot-renewal.sh\n\n# Setup Cron\ncrontab -l > cron\necho \"* 1 * * 1 bash /root/certbot-renewal.sh\" >> cron\ncrontab cron\nrm cron\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your WordPress server's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record: www (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":662116,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Webmin One-Click","description":"Webmin One-Click","ordinal":112,"logo_url":"assets/webmin.svg","images":["linode/debian10"],"deployments_total":1153,"deployments_active":40,"is_public":true,"mine":false,"created":"2020-08-12T15:41:21","updated":"2023-09-28T14:43:08","rev_note":"","script":"#!/usr/bin/env bash\n\n### UDF Variables for the StackScript\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n\n#Check if the script is being sourced by another script\n[[ $_ != $0 ]] && readonly SOURCED=1\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript and API/DNS Libraries\nsource \nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction webmin_install {\n # Install webmin\n echo \"deb http://download.webmin.com/download/repository sarge contrib\" >> /etc/apt/sources.list\n wget -q -O- http://www.webmin.com/jcameron-key.asc | sudo apt-key add\n system_update\n system_install_package \"webmin\"\n}\n\nfunction webmin_configure {\n local -r email_address=\"$1\"\n local -r fqdn=\"$2\"\n\n # Configure the Virtual Host\n cat < /etc/apache2/sites-available/\"${fqdn}.conf\"\n\n ServerAdmin ${email_address}\n ServerName ${fqdn}\n ProxyPass / http://localhost:10000/\n ProxyPassReverse / http://localhost:10000/\n\nEOF\n # Disable SSL in Webmin so Apache can handle it instead\n sed -i 's/^ssl=1/ssl=0/g' /etc/webmin/miniserv.conf\n\n # Add FQDN to the list of allowed domains\n echo \"referers=${fqdn}\" >> /etc/webmin/config\n\n # Restart Webmin\n systemctl restart webmin\n\n # Enable proxy_http module\n a2enmod proxy_http\n systemctl restart apache2\n\n # Enable the Virtual Host\n a2ensite \"${fqdn}\"\n systemctl reload apache2\n}\n\n\n# Open the needed firewall ports\nufw_install\nufw allow http\nufw allow https\nufw allow 10000\n\n# Make sure unzip is installed, or else the webmin install will fail\n[ ! -x /usr/bin/unzip ] && system_install_package \"unzip\"\n\n# \"${package_list[@]}\" contains a list of packages to be installed on the system\npackage_list=(\n \"gnupg1\" \\\n \"python\" \\\n \"apt-show-versions\" \\\n \"libapt-pkg-perl\" \\\n \"libauthen-pam-perl\" \\\n \"libio-pty-perl\" \\\n \"libnet-ssleay-perl\"\n)\n\n# Install all of the packages specified in ${package_list[@]}\nsystem_install_package \"${package_list[@]}\"\n\n# Intall Webmin\nwebmin_install\napache_install\nwebmin_configure \"$SOA_EMAIL_ADDRESS\" \"$FQDN\"\n\n# Install SSL Certificate - NOT READY YET\n#certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n## Cleanup before exiting\nif [ \"$SOURCED\" -ne 1 ]; then\n stackscript_cleanup\nfi","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"pwless_sudo","label":"Enable passwordless sudo access for the limited user?","oneof":"Yes,No","default":"No"},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"auto_updates","label":"Configure automatic security updates?","oneof":"Yes,No","default":"No"},{"name":"fail2ban","label":"Use fail2ban to prevent automated instrusion attempts?","oneof":"Yes,No","default":"No"},{"name":"token_password","label":"Your Linode API token. This is needed to create your DNS records","default":""},{"name":"subdomain","label":"The subdomain for your server","default":""},{"name":"domain","label":"Your domain","default":""},{"name":"soa_email_address","label":"Admin Email for the server","default":""},{"name":"mx","label":"Do you need an MX record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"},{"name":"spf","label":"Do you need an SPF record for this domain? (Yes if sending mail from this Linode)","oneof":"Yes,No","default":"No"}]},{"id":688902,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Webuzo One-Click","description":"Webuzo One-Click","ordinal":113,"logo_url":"assets/webuzo.svg","images":["linode/ubuntu20.04"],"deployments_total":862,"deployments_active":21,"is_public":true,"mine":false,"created":"2020-11-17T21:04:21","updated":"2023-09-28T12:25:43","rev_note":"","script":"#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library & Helpers\nsource \nsource \nsource \nsource \n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Set hostname, configure apt and perform update/upgrade\napt_setup_update\n\n# Install Prereq's & Services\napt install -y wget\nwget -N http://files.webuzo.com/install.sh\nchmod +x install.sh\n./install.sh\nsleep 2\nsystemctl start webuzo.service\n\n# firewall\nufw allow 25\nufw allow 53\nufw allow 587\nufw allow 2002\nufw allow 2003\nufw allow 2004\nufw allow 2005\n\n# Cleanup \nstackscript_cleanup\nreboot","user_defined_fields":[{"name":"username","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","default":""},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"}]},{"id":401706,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"WireGuard® One-Click","description":"WireGuard One-Click","ordinal":114,"logo_url":"assets/Wireguard.svg","images":["linode/ubuntu22.04"],"deployments_total":8941,"deployments_active":282,"is_public":true,"mine":false,"created":"2019-03-08T21:11:36","updated":"2023-09-28T11:24:58","rev_note":"","script":"#!/bin/bash\n\n# \n# \n# \n# \n# \n\nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n### Set hostname, Apt configuration and update/upgrade\n\nset_hostname\napt_setup_update\n\napt install wireguard wireguard-tools linux-headers-$(uname -r) -y\n\nif [[ \"$PORT\" != \"51820\" ]]; then\n PORT=\"$PORT\"\nfi\n\n# Wireguard\n\nwg genkey | tee ~/wg-private.key | wg pubkey > ~/wg-public.key\n\nPRIVATEKEY=`cat ~/wg-private.key`\n\ncat </etc/wireguard/wg0.conf\n[Interface]\nPrivateKey = $PRIVATEKEY\nAddress = $PRIVATEIP\nListenPort = $PORT\nPostUp = iptables -A FORWARD -i wg0 -j ACCEPT; \\\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; \\\nip6tables -A FORWARD -i wg0 -j ACCEPT; \\\nip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\nPostDown = iptables -D FORWARD -i wg0 -j ACCEPT; \\\niptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; \\\nip6tables -D FORWARD -i wg0 -j ACCEPT; \\\nip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE\nSaveConfig = true\n[Peer]\nPublicKey = $PEERPUBKEY\nAllowedIPs = $PRIVATEIP_CLIENT\nEndpoint = $ENDPOINT:$PORT\nEND\n\n### Enable Port Forwarding\nsed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf\nsysctl -p /etc/sysctl.conf\nsysctl --system\n\n### Services\n\n# wg-quick up wg0. #### Removed to let systemctl manage the service\nsystemctl enable wg-quick@wg0\nsystemctl start wg-quick@wg0\nwg show\nufw_install\nufw allow \"$PORT\"/udp\nufw enable\n\nsystemctl restart wg-quick@wg0\n\nstackscript_cleanup","user_defined_fields":[{"name":"port","label":"Port","example":"51820","default":"51820"},{"name":"privateip","label":"Tunnel IP","example":"10.0.0.1/24, 172.16.0.1/24, 192.168.1.1/24, etc","default":"10.0.1.1/24"},{"name":"peerpubkey","label":"WireGuard Public Key (Client)","default":""},{"name":"privateip_client","label":"Tunnel IP (Client)","example":"10.0.0.2/24, 172.16.0.2/24, 192.168.1.2/24 etc","default":"10.0.1.2/24"},{"name":"endpoint","label":"Endpoint IP (Client)","default":""}]},{"id":401708,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"WooCommerce One-Click","description":"WooCommerce One-Click","ordinal":115,"logo_url":"assets/WooCommerce.svg","images":["linode/ubuntu22.04"],"deployments_total":4186,"deployments_active":227,"is_public":true,"mine":false,"created":"2019-03-08T21:12:57","updated":"2023-09-25T21:09:16","rev_note":"","script":"#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-woocommerce\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup","user_defined_fields":[{"name":"soa_email_address","label":"Email address (for the Let's Encrypt SSL certificate)","example":"user@domain.tld"},{"name":"webserver_stack","label":"The stack you are looking to deploy Wordpress on","oneof":"LAMP,LEMP"},{"name":"site_title","label":"Website title","example":"My Blog"},{"name":"wp_admin_user","label":"Admin username","example":"admin"},{"name":"wp_db_user","label":"Wordpress database user","example":"wordpress"},{"name":"wp_db_name","label":"Wordpress database name","example":"wordpress"},{"name":"user_name","label":"The limited sudo user to be created for the Linode","default":""},{"name":"password","label":"The password for the limited sudo user","example":"an0th3r_s3cure_p4ssw0rd","default":""},{"name":"disable_root","label":"Disable root access over SSH?","oneof":"Yes,No","default":"No"},{"name":"pubkey","label":"The SSH Public Key that will be used to access the Linode (Recommended)","default":""},{"name":"token_password","label":"Your Linode API token. This is needed to create your Linode's DNS records","default":""},{"name":"subdomain","label":"Subdomain","example":"The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)","default":""},{"name":"domain","label":"Domain","example":"The domain for the DNS record: example.com (Requires API token)","default":""}]},{"id":741207,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Yacht One-Click","description":"Yacht One-Click","ordinal":116,"logo_url":"assets/yacht.svg","images":["linode/debian11","linode/ubuntu22.04"],"deployments_total":930,"deployments_active":16,"is_public":true,"mine":false,"created":"2021-01-26T21:52:26","updated":"2023-09-27T18:53:10","rev_note":"","script":"#!/bin/bash\n#\n#\n#\n#\n\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n## Linode Docker OCA\nsource \n\nif [ \"$COMPOSE_SUPPORT\" == \"Yes\" ]; then\n mkdir -p /opt/Yacht/compose/example\n docker volume create yacht_data\n docker run -d \\\n --name=yacht \\\n -p 8000:8000 \\\n -v /var/run/docker.sock:/var/run/docker.sock \\\n -v yacht_data:/config \\\n -v /opt/Yacht/compose:/compose \\\n -e COMPOSE_DIR=/compose/ \\\n -e THEME=$YACHT_THEME \\\n -e ADMIN_EMAIL=$YEMAIL \\\n -e ADMIN_PASSWORD=$YPASSWORD \\\n selfhostedpro/yacht:latest\n printf \"\\nThe default compose directory is /opt/Yacht/compose.\\nAn example project has been added there.\" > /etc/update-motd.d/99-yacht\n curl -L https://raw.githubusercontent.com/SelfhostedPro/selfhosted_templates/yacht/Template/Compose/example/docker-compose.yml -o /opt/Yacht/compose/example/docker-compose.yml\nelif [ \"$COMPOSE_SUPPORT\" == \"No\" ]; then\n docker volume create yacht\n docker run -d \\\n --name=yacht \\\n -p 8000:8000 \\\n -v /var/run/docker.sock:/var/run/docker.sock \\\n -v yacht_data:/config \\\n -e THEME=$YACHT_THEME \\\n -e ADMIN_EMAIL=$YEMAIL \\\n -e ADMIN_PASSWORD=$YPASSWORD \\\n selfhostedpro/yacht:latest\n \nfi\n\n# Cleanup\nstackscript_cleanup","user_defined_fields":[{"name":"YEMAIL","label":"Yacht Email","example":"admin@yacht.local","default":"admin@yacht.local"},{"name":"YPASSWORD","label":"Yacht Password","example":"Password"},{"name":"COMPOSE_SUPPORT","label":"Yacht Compose Support","example":"Yes","default":"Yes","oneof":"Yes,No"},{"name":"YACHT_THEME","label":"Yacht Theme","example":"Default","default":"Default","oneof":"Default,RED,OMV"}]},{"id":741208,"username":"linode","user_gravatar_id":"9d4d301385af69ceb7ad658aad09c142","label":"Zabbix One-Click","description":"Zabbix One-Click","ordinal":117,"logo_url":"assets/zabbix.svg","images":["linode/centos-stream8"],"deployments_total":1675,"deployments_active":79,"is_public":true,"mine":false,"created":"2021-01-26T21:56:54","updated":"2023-09-28T08:32:43","rev_note":"","script":"#!/bin/bash\n\n# \n\nsource \n\nsystem_set_hostname \"$HOSTNAME\"\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Generate files\nmkdir -p /etc/my.cnf.d/\nmkdir -p /etc/nginx/conf.d/\nmkdir -p /etc/php-fpm.d/\nmkdir -p /etc/php.d/\n# mkdir -p /etc/profile.d/\nmkdir -p /etc/motd.d/\nmkdir -p /etc/zabbix/web/\nmkdir -p /var/lib/cloud/scripts/per-instance\n\ncat </etc/my.cnf.d/zabbix.cnf\n[mysqld]\nuser = mysql\nlocal_infile = 0\n\ndatadir = /var/lib/mysql/\n\ndefault-storage-engine = InnoDB\nskip-name-resolve\nkey_buffer_size = 32M\nmax_allowed_packet = 128M\ntable_open_cache = 1024\ntable_definition_cache = 1024\nmax_connections = 2000\njoin_buffer_size = 1M\nsort_buffer_size = 2M\nread_buffer_size = 256K\nread_rnd_buffer_size = 256K\nmyisam_sort_buffer_size = 1M\nthread_cache_size = 512\nopen_files_limit = 10000\nwait_timeout = 86400\n\noptimizer_switch=index_condition_pushdown=off\n\ntmp_table_size = 32M\nmax_heap_table_size = 32M\n\nbinlog_format=mixed\nbinlog_cache_size = 32M\nmax_binlog_size = 256M\nbinlog_expire_logs_seconds = 259200\n\n# innodb_page_size = 32K\ninnodb_buffer_pool_size = 512M\ninnodb_log_file_size = 256M\ninnodb_log_buffer_size = 64M\ninnodb_file_per_table = 1\ninnodb_flush_method = O_DIRECT\ninnodb_buffer_pool_instances = 4\ninnodb_write_io_threads = 4\ninnodb_read_io_threads = 4\ninnodb_adaptive_flushing = 1\ninnodb_lock_wait_timeout = 50\n\ninnodb_flush_log_at_trx_commit = 1\n\ninnodb_io_capacity = 300\ninnodb_io_capacity_max = 400\ninnodb_flush_neighbors = 0\n\ninnodb_doublewrite = 1\ninnodb_thread_concurrency = 0\n\ninnodb_purge_threads = 1\n\nserver_id = 1\nbinlog_checksum = crc32\n\ninnodb_lru_scan_depth = 512\n\ninnodb_stats_on_metadata = 0\n\nEND\n\ncat </etc/nginx/conf.d/zabbix_ssl.conf\nserver {\n listen 0.0.0.0:443 ssl http2;\n # server_name ;\n index index.php;\n\n root \\$webroot;\n charset utf8;\n set \\$webroot '/usr/share/zabbix';\n\n access_log /var/log/nginx/zabbix_access_ssl.log main;\n error_log /var/log/nginx/zabbix_error_ssl.log error;\n\n ssl_stapling on;\n ssl_stapling_verify on;\n\n #resolver 192.168.13.160 192.168.10.24;\n\n ssl_certificate /etc/ssl/certs/zabbix_example.crt;\n ssl_certificate_key /etc/ssl/private/zabbix_example.key;\n\n ssl_dhparam /etc/ssl/private/zabbix_dhparam.pem;\n\n ssl_protocols TLSv1.2 TLSv1.3;\n ssl_verify_depth 3;\n #ssl_ciphers HIGH:!aNULL:!MD5;\n ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;\n #ssl_session_cache shared:SSL:10m;\n ssl_session_cache shared:MozSSL:10m;\n ssl_session_timeout 1d;\n ssl_prefer_server_ciphers off;\n ssl_session_tickets off;\n\n add_header Strict-Transport-Security \"max-age=63072000\" always;\n add_header Content-Security-Policy-Report-Only \"default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report\";\n\n location = /favicon.ico {\n log_not_found off;\n }\n\n location / {\n index index.php;\n try_files \\$uri \\$uri/ =404;\n }\n\n location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {\n access_log off;\n expires 10d;\n }\n\n location ~ /\\.ht {\n deny all;\n }\n\n location ~ /(api\\/|conf[^\\.]|include|locale) {\n deny all;\n return 404;\n }\n\n location ~ [^/]\\.php(/|$) {\n fastcgi_pass unix:/run/php-fpm/zabbix.sock;\n fastcgi_split_path_info ^(.+\\.php)(/.+)$;\n fastcgi_index index.php;\n\n fastcgi_param DOCUMENT_ROOT /usr/share/zabbix;\n fastcgi_param SCRIPT_FILENAME /usr/share/zabbix\\$fastcgi_script_name;\n fastcgi_param PATH_TRANSLATED /usr/share/zabbix\\$fastcgi_script_name;\n\n include fastcgi_params;\n fastcgi_param QUERY_STRING \\$query_string;\n fastcgi_param REQUEST_METHOD \\$request_method;\n fastcgi_param CONTENT_TYPE \\$content_type;\n fastcgi_param CONTENT_LENGTH \\$content_length;\n\n fastcgi_intercept_errors on;\n fastcgi_ignore_client_abort off;\n fastcgi_connect_timeout 60;\n fastcgi_send_timeout 180;\n fastcgi_read_timeout 180;\n fastcgi_buffer_size 128k;\n fastcgi_buffers 4 256k;\n fastcgi_busy_buffers_size 256k;\n fastcgi_temp_file_write_size 256k;\n }\n}\n\nEND\n\ncat </etc/nginx/conf.d/zabbix.conf\nserver {\n listen 0.0.0.0:80;\n # server_name zabbix;\n\n return 301 https://\\$host\\$request_uri;\n}\n\nEND\n\ncat </etc/nginx/nginx.conf\n# For more information on configuration, see:\n# * Official English Documentation: http://nginx.org/en/docs/\n# * Official Russian Documentation: http://nginx.org/ru/docs/\n\nuser nginx;\nworker_processes auto;\nworker_priority -5;\nworker_rlimit_nofile 256000;\n\nerror_log /var/log/nginx/error.log;\n\npid /run/nginx.pid;\n\n# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.\ninclude /usr/share/nginx/modules/*.conf;\n\nevents {\n worker_connections 5120;\n use epoll;\n multi_accept on;\n}\n\n\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n\n log_format main\n '\\$http_x_forwarded_for - \\$remote_user [\\$time_local] '\n '\"\\$request\" \\$status \\$bytes_sent '\n '\"\\$http_referer\" \"\\$http_user_agent\" '\n '\"\\$gzip_ratio\"';\n\n access_log /var/log/nginx/access.log main;\n\n open_file_cache max=200000 inactive=20s;\n open_file_cache_valid 30s;\n open_file_cache_min_uses 2;\n open_file_cache_errors on;\n\n limit_conn_zone \\$binary_remote_addr zone=perip:10m;\n limit_conn_zone \\$server_name zone=perserver:10m;\n\n client_header_timeout 5m;\n client_body_timeout 5m;\n send_timeout 5m;\n\n connection_pool_size 4096;\n client_header_buffer_size 4k;\n large_client_header_buffers 4 4k;\n request_pool_size 4k;\n\n reset_timedout_connection on;\n\n\n gzip on;\n gzip_min_length 100;\n gzip_buffers 4 8k;\n gzip_comp_level 5;\n gzip_types text/plain text/css text/xml application/x-javascript application/xml application/xhtml+xml;\n\n types_hash_max_size 2048;\n\n output_buffers 128 512k;\n postpone_output 1460;\n aio on;\n directio 512;\n\n sendfile on;\n client_max_body_size 8m;\n fastcgi_intercept_errors on;\n\n tcp_nopush on;\n tcp_nodelay on;\n\n keepalive_timeout 75 20;\n\n ignore_invalid_headers on;\n\n index index.php;\n server_tokens off;\n\n # Load modular configuration files from the /etc/nginx/conf.d directory.\n # See http://nginx.org/en/docs/ngx_core_module.html#include\n # for more information.\n include /etc/nginx/conf.d/*.conf;\n}\n\nEND\n\ncat </etc/php-fpm.d/zabbix.conf\n[zabbix]\nuser = apache\ngroup = apache\n\nlisten = /run/php-fpm/zabbix.sock\nlisten.acl_users = apache,nginx\nlisten.allowed_clients = 127.0.0.1\n\npm = dynamic\npm.max_children = 50\npm.start_servers = 5\npm.min_spare_servers = 5\npm.max_spare_servers = 35\n\nphp_value[session.save_handler] = files\nphp_value[session.save_path] = /var/lib/php/session\n\nphp_value[max_execution_time] = 300\nphp_value[memory_limit] = 128M\nphp_value[post_max_size] = 16M\nphp_value[upload_max_filesize] = 2M\nphp_value[max_input_time] = 300\nphp_value[max_input_vars] = 10000\n; php_value[date.timezone] = Europe/Riga\nEND\n\n# cat </etc/php.d/99-zabbix.ini\n# max_execution_time=300\n# memory_limit=128M\n# post_max_size=16M\n# upload_max_filesize=2M\n# max_input_time=300\n# always_populate_raw_post_data=-1\n# max_input_vars=10000\n# date.timezone=UTC\n# session.save_path=/var/lib/php/\n# END\n\n# cat </etc/profile.d/zabbix_welcome.sh\n# #!/bin/sh\n# #\n# myip=\\$(hostname -I | awk '{print\\$1}')\n# cat </etc/motd.d/zabbix\n********************************************************************************\n\nZabbix frontend credentials:\n\nUsername: Admin\n\nPassword: replace_password\n\n\nTo learn about available professional services, including technical suppport and training, please visit https://www.zabbix.com/services\n\nOfficial Zabbix documentation available at https://www.zabbix.com/documentation/current/\n\n\n********************************************************************************\nEND\n\n# cat </etc/systemd/system/zabbix-instance-init.service\n# [Unit]\n# After=mariadb.service\n\n# [Service]\n# ExecStart=/var/lib/cloud/scripts/per-instance/001-zabbix\n\n# [Install]\n# WantedBy=multi-user.target\n# END\n\n# cat </etc/yum.repos.d/MariaDB.repo\n# # MariaDB 10.3 CentOS repository list - created 2019-03-28 10:57 UTC\n# # http://downloads.mariadb.org/mariadb/repositories/\n# [mariadb]\n# name = MariaDB\n# baseurl = http://yum.mariadb.org/10.2/centos7-amd64\n# gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB\n# gpgcheck=1\n# END\n\ncat </etc/yum.repos.d/Nginx.repo\n[nginx-stable]\nname=nginx stable repo\nbaseurl=http://nginx.org/packages/centos/\\$releasever/\\$basearch/\ngpgcheck=1\nenabled=1\ngpgkey=https://nginx.org/keys/nginx_signing.key\nmodule_hotfixes=true\n\n[nginx-mainline]\nname=nginx mainline repo\nbaseurl=http://nginx.org/packages/mainline/centos/\\$releasever/\\$basearch/\ngpgcheck=1\nenabled=0\ngpgkey=https://nginx.org/keys/nginx_signing.key\nmodule_hotfixes=true\nEND\n\ncat </etc/zabbix/web/zabbix.conf.php\n 'http://localhost:9200',\n//\t'text' => 'http://localhost:9200'\n//];\n// Value types stored in Elasticsearch.\n//\\$HISTORY['types'] = ['uint', 'text'];\n\n// Used for SAML authentication.\n// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings.\n//\\$SSO['SP_KEY']\t\t\t= 'conf/certs/sp.key';\n//\\$SSO['SP_CERT']\t\t\t= 'conf/certs/sp.crt';\n//\\$SSO['IDP_CERT']\t\t= 'conf/certs/idp.crt';\n//\\$SSO['SETTINGS']\t\t= [];\nEND\n\ncat </tmp/zabbix_server_custom.te\nmodule zabbix_server_custom 1.2;\nrequire {\n type zabbix_var_run_t;\n type tmp_t;\n type zabbix_t;\n class sock_file { create unlink write };\n class unix_stream_socket connectto;\n class process setrlimit;\n class capability dac_override;\n}\n#============= zabbix_t ==============\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:process setrlimit;\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:unix_stream_socket connectto;\n#!!!! This avc is allowed in the current policy\nallow zabbix_t tmp_t:sock_file { create unlink write };\n#!!!! This avc is allowed in the current policy\nallow zabbix_t zabbix_var_run_t:sock_file { create unlink write };\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:capability dac_override;\nEND\n\n# Installing RPM packages\nyum makecache\nyum -y upgrade\nyum -y install wget\nwget https://dev.mysql.com/get/mysql80-community-release-el8-3.noarch.rpm\ndnf -y install mysql80-community-release-el8-3.noarch.rpm\ndnf -y module disable mysql\ndnf -y install https://repo.zabbix.com/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm\ndnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm\ndnf -y install epel-release\ndnf -y module enable php:remi-8.1\nyum -y install cloud-init cloud-utils-growpart firewalld nginx php-fpm mysql-community-client mysql-community-server java-1.8.0-openjdk-headless zabbix-server-mysql zabbix-web-mysql zabbix-nginx-conf zabbix-sql-scripts zabbix-agent zabbix-get zabbix-sender zabbix-java-gateway zabbix-js\n\n\n# Configure firewalld\nsystemctl enable firewalld\nsystemctl start firewalld\nfirewall-cmd --permanent --add-service=ssh --zone=public\nfirewall-cmd --permanent --add-service=http --zone=public\nfirewall-cmd --permanent --add-service=https --zone=public\nfirewall-cmd --permanent --add-port=10051/tcp --zone=public\nfirewall-cmd --reload\n\n# Configure SELinux\nrm -rf /tmp/zabbix_server_custom.mod /tmp/zabbix_server_custom.pp\ncheckmodule -M -m -o /tmp/zabbix_server_custom.mod /tmp/zabbix_server_custom.te\nsemodule_package -o /tmp/zabbix_server_custom.pp -m /tmp/zabbix_server_custom.mod\nsemodule -i /tmp/zabbix_server_custom.pp\n\nsetsebool -P httpd_can_connect_zabbix=1\nsetsebool -P zabbix_can_network=1\n\n# Generate SSL certificate\nmkdir -p /etc/ssl/private\nopenssl dhparam -out /etc/ssl/private/zabbix_dhparam.pem 2048\n\nopenssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/zabbix_example.key \\\n -out /etc/ssl/certs/zabbix_example.crt -subj \"/C=LV/ST=Riga/L=Riga/O=Global Security/OU=IT Department/CN=example.zabbix.com\"\n\n# Configure Zabbix instance\nsystemctl enable mysqld\nsystemctl disable nginx\nsystemctl disable php-fpm\nsystemctl disable zabbix-server\nsystemctl enable zabbix-agent\nsystemctl enable zabbix-java-gateway\n\nsystemctl stop nginx php-fpm\n\necho \"Requires=multi-user.target\" >> /usr/lib/systemd/system/cloud-init.target\n\nsystemctl set-default cloud-init.target\n\nchown -R apache:apache /var/lib/php/\n\nchmod g+r /etc/zabbix/zabbix_server.conf\nchmod o+w /run/zabbix/\n\nchmod 755 /etc/my.cnf\nchmod -R 755 /etc/my.cnf.d/\n\nsed -i 's/^#PrintMotd yes/&\\nPrintMotd no/g' /etc/ssh/sshd_config\n\nsed -i '/^; php_value\\[date.timezone\\] /s/^; //' /etc/php-fpm.d/zabbix.conf\n\nsed -i 's/^# JavaGateway=.*/&\\nJavaGateway=127.0.0.1/g' /etc/zabbix/zabbix_server.conf\nsed -i 's/^# StartJavaPollers=.*/&\\nStartJavaPollers=5/g' /etc/zabbix/zabbix_server.conf\nsed -i 's/^# LISTEN_IP=.*/&\\nLISTEN_IP=\"127.0.0.1\"/g' /etc/zabbix/zabbix_java_gateway.conf\n\nescape_spec_char() {\n local var_value=$1\n\n var_value=\"${var_value//\\\\/\\\\\\\\}\"\n var_value=\"${var_value//[$'\\n']/}\"\n var_value=\"${var_value//\\//\\\\/}\"\n var_value=\"${var_value//./\\\\.}\"\n var_value=\"${var_value//\\*/\\\\*}\"\n var_value=\"${var_value//^/\\\\^}\"\n var_value=\"${var_value//\\$/\\\\$}\"\n var_value=\"${var_value//\\&/\\\\&}\"\n var_value=\"${var_value//\\[/\\\\[}\"\n var_value=\"${var_value//\\]/\\\\]}\"\n\n echo \"$var_value\"\n}\n\nsystemctl start mysqld\nsystemctl enable mysqld\nsystemctl enable nginx\nsystemctl enable php-fpm\nsystemctl enable zabbix-server\n\nDB_ROOT_TMP_PASS=$(grep 'temporary password' /var/log/mysqld.log | awk '{print $13}' | tail -1)\nWEB_PASS=$(openssl rand -base64 14)\nWEB_PASS=${WEB_PASS%?}\nINST_NAME=$(hostname)\n\nrm -f /root/.my.cnf\n\nDB_ROOT_PASS=$(MYSQL_PWD=\"$DB_ROOT_TMP_PASS\" mysql --connect-expired-password -s -N -e \"SET PASSWORD FOR root@localhost TO RANDOM;\" | awk '{print $3}')\nDB_ZBX_PASS=$(MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -s -N -e \"CREATE USER 'zabbix_srv'@'localhost' IDENTIFIED WITH mysql_native_password BY RANDOM PASSWORD\" | awk '{print $3}')\nDB_ZBXWEB_PASS=$(MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -s -N -e \"CREATE USER 'zabbix_web'@'localhost' IDENTIFIED WITH mysql_native_password BY RANDOM PASSWORD\" | awk '{print $3}')\n\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"CREATE DATABASE zabbix CHARACTER SET 'utf8' COLLATE 'utf8_bin'\"\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"GRANT SELECT, UPDATE, DELETE, INSERT, CREATE, DROP, ALTER, INDEX, REFERENCES ON zabbix.* TO 'zabbix_srv'@'localhost'\"\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"GRANT SELECT, UPDATE, DELETE, INSERT, CREATE, DROP ON zabbix.* TO 'zabbix_web'@'localhost'\"\n\ncat > /root/.my.cnf << EOF\n[client]\npassword=\"$DB_ROOT_PASS\"\nEOF\n\nzcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -uroot zabbix\n\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"UPDATE users SET passwd = MD5('$WEB_PASS') WHERE username = 'Admin'\" zabbix\n\nWEB_PASS=$(escape_spec_char \"$WEB_PASS\")\nsed -i \"s/replace_password/$WEB_PASS/g\" /etc/motd.d/zabbix\n\nsed -i \"s/replace_name/$INST_NAME/g\" /etc/zabbix/web/zabbix.conf.php\n\nDB_ZBX_PASS=$(escape_spec_char \"$DB_ZBX_PASS\")\nDB_ZBXWEB_PASS=$(escape_spec_char \"$DB_ZBXWEB_PASS\")\n\nsed -i \"s/^DBUser=.*/DBUser=zabbix_srv/g\" /etc/zabbix/zabbix_server.conf\nsed -i -e \"/^[#;] DBPassword=/s/.*/&\\nDBPassword=$DB_ZBX_PASS/\" /etc/zabbix/zabbix_server.conf\nsed -i \"s/replace_password/$DB_ZBXWEB_PASS/g\" /etc/zabbix/web/zabbix.conf.php\nsed -i \"s/replace_user/zabbix_web/g\" /etc/zabbix/web/zabbix.conf.php\n\n# Cleaning up remote machine\nrm -rf /etc/nginx/conf.d/default.conf\nrm -rf /tmp/* /var/tmp/*\nhistory -c\ncat /dev/null > /root/.bash_history\nunset HISTFILE\nfind /var/log -mtime -1 -type f ! -name 'stackscript.log' -exec truncate -s 0 {} \\;\n\n\n\nsystemctl start zabbix-server zabbix-agent zabbix-java-gateway\nsystemctl start nginx php-fpm\n\necho \"Installation complete!\"","user_defined_fields":[{"name":"hostname","label":"Hostname"}]}],"page":1,"pages":1,"results":123} \ No newline at end of file +{ "data": [ { "id": 1146319, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MongoDB Cluster Null One-Click", "description": "MongoDB Cluster Null One-Click\r\nNull stackscript for 1067004", "ordinal": 0, "logo_url": "assets/mongodbmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 38, "deployments_active": 0, "is_public": true, "mine": false, "created": "2023-03-23T14:00:01", "updated": "2023-10-18T12:38:31", "rev_note": "", "script": "#!/bin/bash\n\n# Null", "user_defined_fields": [] }, { "id": 1146324, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Galera Cluster Null One-Click", "description": "Galera Cluster Null One-Click\r\nNull Stackscript for 1088136", "ordinal": 0, "logo_url": "assets/galeramarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 144, "deployments_active": 13, "is_public": true, "mine": false, "created": "2023-03-23T14:19:14", "updated": "2023-12-01T14:51:07", "rev_note": "", "script": "#!/bin/bash", "user_defined_fields": [] }, { "id": 1142293, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Redis Sentinel Cluster Null One-Click", "description": "Redis Sentinel Cluster Null One-Click\r\nNull stackscript for 1132204", "ordinal": 0, "logo_url": "assets/redissentinelmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 171, "deployments_active": 8, "is_public": true, "mine": false, "created": "2023-03-16T14:20:59", "updated": "2023-11-29T17:28:24", "rev_note": "", "script": "#!/bin/bash", "user_defined_fields": [] }, { "id": 1146322, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "PostgreSQL Cluster Null One-Click", "description": "PostgreSQL Cluster Null One-Click\r\nNull Stackscript for 1068726", "ordinal": 0, "logo_url": "assets/postgresqlmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 195, "deployments_active": 8, "is_public": true, "mine": false, "created": "2023-03-23T14:17:07", "updated": "2023-12-07T01:47:05", "rev_note": "", "script": "#!/bin/bash\n\n# Null", "user_defined_fields": [] }, { "id": 1226546, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Nomad Cluster Null One-Click", "description": "Nomad Cluster Null One-Click", "ordinal": 0, "logo_url": "assets/nomadocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 378, "deployments_active": 12, "is_public": true, "mine": false, "created": "2023-08-25T19:08:21", "updated": "2023-11-29T10:42:40", "rev_note": "", "script": "#!/bin/bash/", "user_defined_fields": [] }, { "id": 1226547, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Nomad Cluster Clients Null One-Click", "description": "Nomad Cluster Clients One-Click", "ordinal": 0, "logo_url": "assets/nomadclientsocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 407, "deployments_active": 18, "is_public": true, "mine": false, "created": "2023-08-25T19:08:57", "updated": "2023-11-29T10:45:14", "rev_note": "", "script": "#!/bin/bash", "user_defined_fields": [] }, { "id": 401697, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "WordPress One-Click", "description": "Wordpress One Click App", "ordinal": 1, "logo_url": "assets/WordPress.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 64828, "deployments_active": 4804, "is_public": true, "mine": false, "created": "2019-03-08T21:04:07", "updated": "2023-12-07T16:47:38", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-wordpress\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "webserver_stack", "label": "The stack you are looking to deploy Wordpress on", "oneof": "LAMP,LEMP" }, { "name": "site_title", "label": "Website title", "example": "My Blog" }, { "name": "wp_admin_user", "label": "Admin username", "example": "admin" }, { "name": "wp_db_user", "label": "Wordpress database user", "example": "wordpress" }, { "name": "wp_db_name", "label": "Wordpress database name", "example": "wordpress" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 632758, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Nextcloud One-Click", "description": "One Click App - Nextcloud", "ordinal": 2, "logo_url": "assets/nextcloud.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 19078, "deployments_active": 851, "is_public": true, "mine": false, "created": "2020-02-18T16:40:45", "updated": "2023-12-07T16:46:45", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n\n# Install docker\ncurl -fsSL https://get.docker.com | sudo sh\n\n# Adjust permissions\nsudo mkdir -p /mnt/ncdata\nsudo chown -R 33:0 /mnt/ncdata\n\n# Install Nextcloud\nsudo docker run -d \\\n--init \\\n--name nextcloud-aio-mastercontainer \\\n--restart always \\\n-p 80:80 \\\n-p 8080:8080 \\\n-p 8443:8443 \\\n-e NEXTCLOUD_MOUNT=/mnt/ \\\n-e NEXTCLOUD_DATADIR=/mnt/ncdata \\\n--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \\\n--volume /var/run/docker.sock:/var/run/docker.sock:ro \\\nnextcloud/all-in-one:latest\n\n# Some Info\ncat << EOF > /etc/motd\n # # ###### # # ##### #### # #### # # #####\n ## # # # # # # # # # # # # # #\n # # # ##### ## # # # # # # # # #\n # # # # ## # # # # # # # # #\n # ## # # # # # # # # # # # # #\n # # ###### # # # #### ###### #### #### #####\nIf you point a domain to this server ($(hostname -I | cut -f1 -d' ')), you can open the admin interface at https://yourdomain.com:8443\nOtherwise you can open the admin interface at https://$(hostname -I | cut -f1 -d' '):8080\n \nFurther documentation is available here: https://github.com/nextcloud/all-in-one\nEOF\n\n# Install unattended upgrades\nsudo apt-get install unattended-upgrades -y\n\n# firewall\nufw allow 80\nufw allow 443\nufw allow 8080\nufw allow 8443\nufw allow 3478\n\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is required for creating DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "SOA email address", "default": "" } ] }, { "id": 1017300, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Kali Linux One-Click", "description": "Kali Linux One-Click", "ordinal": 3, "logo_url": "assets/kalilinux.svg", "images": [ "linode/kali" ], "deployments_total": 16888, "deployments_active": 480, "is_public": true, "mine": false, "created": "2022-06-21T14:38:37", "updated": "2023-12-07T14:24:23", "rev_note": "", "script": "#!/bin/bash\n## Kali\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction headlessoreverything {\n if [ $HEADLESS == \"Yes\" ] && [ $EVERYTHING == \"Yes\" ]; then \n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-everything -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $EVERYTHING == \"Yes\" ] && [ $HEADLESS == \"No\" ]; then\n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-everything -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $HEADLESS == \"Yes\" ] && [ $EVERYTHING == \"No\" ]; then \n DEBIAN_FRONTEND=noninteractive apt-get install kali-linux-headless -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n elif [ $HEADLESS == \"No\" ] && [ $EVERYTHING == \"No\" ]; then \n echo \"No Package Selected\"\n fi\n}\n\nfunction vncsetup {\n if [ $VNC == \"Yes\" ]; then \n ## XFCE & VNC Config\n apt-get install xfce4 xfce4-goodies dbus-x11 tigervnc-standalone-server expect -y -yq -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"\n\n readonly VNCSERVER_SET_PASSWORD=$(expect -c \"\nspawn sudo -u $USERNAME vncserver\nexpect \\\"Password:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Verify:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Would you like to enter a view-only password (y/n)?\\\"\nsend \\\"n\\r\\\"\nexpect eof\n\")\necho \"$VNCSERVER_SET_PASSWORD\"\n sleep 2\n killvncprocess=$(ps aux | grep \"/usr/bin/Xtigervnc :1 -localhost=1 -desktop\" | head -n 1 | awk '{ print $2; }')\n kill $killvncprocess\n touch /etc/systemd/system/vncserver@.service\n cat < /etc/systemd/system/vncserver@.service\n[Unit]\nDescription=a wrapper to launch an X server for VNC\nAfter=syslog.target network.target\n[Service]\nType=forking\nUser=$USERNAME\nGroup=$USERNAME\nWorkingDirectory=/home/$USERNAME\nExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1\nExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i\nExecStop=/usr/bin/vncserver -kill :%i\n[Install]\nWantedBy=multi-user.target\nEOF\n systemctl daemon-reload\n systemctl start vncserver@1.service\n systemctl enable vncserver@1.service\n\n cat < /etc/motd\n###################################\n# VNC SSH Tunnel Instructions #\n###################################\n\n* Ensure you have a VNC Client installed on your local machine\n* Run the command below to start the SSH tunnel for VNC \n\n ssh -L 61000:localhost:5901 -N -l $USERNAME $FQDN\n\n* For more Detailed documentation please visit the offical Documentation below\n\n https://www.linode.com/docs/products/tools/marketplace/guides/kalilinux\n\n### To remove this message, you can edit the /etc/motd file ###\nEOF\n fi\n}\n\nfunction main {\n headlessoreverything\n vncsetup\n stackscript_cleanup\n}\n\nmain", "user_defined_fields": [ { "name": "everything", "label": "Would you like to Install the Kali Everything Package?", "oneof": "Yes,No", "default": "Yes" }, { "name": "headless", "label": "Would you like to Install the Kali Headless Package?", "oneof": "Yes,No", "default": "No" }, { "name": "vnc", "label": "Would you like to setup VNC to access Kali XFCE Desktop", "oneof": "Yes,No", "default": "Yes" }, { "name": "username", "label": "The VNC user to be created for the Linode. The username accepts only lowercase letters, numbers, dashes (-) and underscores (_)" }, { "name": "password", "label": "The password for the limited VNC user" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is required for creating DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for SOA records (Requires API token)", "default": "" } ] }, { "id": 593835, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Plesk One-Click", "description": "Plesk is the leading secure WordPress and website management platform. This Stackscript installs the latest publicly available Plesk, activates a trial license, installs essential extensions, and sets up and configures the firewall. Please allow the script around 15 minutes to finish.", "ordinal": 4, "logo_url": "assets/plesk.svg", "images": [ "linode/centos7", "linode/ubuntu20.04" ], "deployments_total": 10510, "deployments_active": 484, "is_public": true, "mine": false, "created": "2019-09-26T17:34:17", "updated": "2023-12-07T09:13:45", "rev_note": "updated wording", "script": "#!/bin/bash\n# This block defines the variables the user of the script needs to input\n# when deploying using this script.\n#\n## Enable logging\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction pleskautoinstall {\n echo \"Downloading Plesk Auto-Installer\"\n sh <(curl https://autoinstall.plesk.com/one-click-installer || wget -O - https://autoinstall.plesk.com/one-click-installer)\n echo \"turning on http2\"\n /usr/sbin/plesk bin http2_pref --enable\n}\n\nfunction firewall {\n echo \"Setting Firewall to allow proper ports.\"\n if [ \"${detected_distro[distro]}\" = 'centos' ]; then \n iptables -I INPUT -p tcp --dport 21 -j ACCEPT\n iptables -I INPUT -p tcp --dport 22 -j ACCEPT\n iptables -I INPUT -p tcp --dport 25 -j ACCEPT\n iptables -I INPUT -p tcp --dport 80 -j ACCEPT\n iptables -I INPUT -p tcp --dport 110 -j ACCEPT\n iptables -I INPUT -p tcp --dport 143 -j ACCEPT\n iptables -I INPUT -p tcp --dport 443 -j ACCEPT\n iptables -I INPUT -p tcp --dport 465 -j ACCEPT\n iptables -I INPUT -p tcp --dport 993 -j ACCEPT\n iptables -I INPUT -p tcp --dport 995 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8443 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8447 -j ACCEPT\n iptables -I INPUT -p tcp --dport 8880 -j ACCEPT\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n ufw allow 21\n ufw allow 22\n ufw allow 25\n ufw allow 80\n ufw allow 110\n ufw allow 143\n ufw allow 443\n ufw allow 465\n ufw allow 993\n ufw allow 995\n ufw allow 8443\n ufw allow 8447\n ufw allow 8880\nelse \necho \"Distro Not supported\"\nfi\n}\n\nfunction main {\n pleskautoinstall\n firewall\n}\n\n# Execute script\nsystem_update\nmain\nstackscript_cleanup", "user_defined_fields": [] }, { "id": 595742, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "cPanel One-Click", "description": "cPanel One-Click", "ordinal": 5, "logo_url": "assets/cpanel.svg", "images": [ "linode/ubuntu20.04", "linode/almalinux8", "linode/rocky8" ], "deployments_total": 28128, "deployments_active": 1005, "is_public": true, "mine": false, "created": "2019-09-30T20:17:52", "updated": "2023-12-07T16:45:38", "rev_note": "", "script": "#!/bin/bash\nset -e\n\n# Commit: fde6587e08ea95321ce010e52a9c1b8d02455a97\n# Commit date: 2023-02-13 17:00:46 -0600\n# Generated: 2023-02-17 11:00:28 -0600\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\necho $(date +%Y%m%d%H%M%S) >> /tmp/cpdebug.log\n\n# Linode's Weblish console will truncate lines unless you do this tput smam. This\n# instructs the terminal to wrap your lines, which is especially important so that\n# the WHM login URL that gets printed at the end can be copied.\ntput smam\n\nsource /etc/os-release\n\nis_os_and_version_id_prefix() {\n [[ $ID == $1 ]] && [[ $VERSION_ID =~ ^$2 ]]\n}\n\nis_almalinux8() {\n is_os_and_version_id_prefix almalinux 8\n}\n\nis_centos7() {\n is_os_and_version_id_prefix centos 7\n}\n\nis_cloudlinux7() {\n is_os_and_version_id_prefix cloudlinux 7\n}\n\nis_cloudlinux8() {\n is_os_and_version_id_prefix cloudlinux 8\n}\n\nis_rocky8() {\n is_os_and_version_id_prefix rocky 8\n}\n\nis_ubuntu20() {\n is_os_and_version_id_prefix ubuntu 20.04\n}\n\nis_supported_os() {\n is_almalinux8 || \\\n is_centos7 || \\\n is_cloudlinux7 || \\\n is_cloudlinux8 || \\\n is_rocky8 || \\\n is_ubuntu20\n}\n\nhas_yum() {\n which yum >/dev/null 2>&1\n}\n\nhas_dnf() {\n which dnf >/dev/null 2>&1\n}\n\nhas_apt() {\n which apt >/dev/null 2>&1\n}\n\nis_networkmanager_enabled() {\n systemctl is-enabled NetworkManager.service > /dev/null 2>&1\n}\n\n# cPanel & WHM is incompatible with NetworkManager\nif is_networkmanager_enabled; then\n systemctl stop NetworkManager.service\n systemctl disable NetworkManager.service\n if has_dnf; then\n dnf -y remove NetworkManager\n elif has_yum; then\n yum -y remove NetworkManager\n fi\nfi\n\nhostnamectl set-hostname server.hostname.tld\n\ncd /home && curl -so installer -L https://securedownloads.cpanel.net/latest\n\nif is_supported_os; then\n if is_ubuntu20; then\n apt-get -o Acquire::ForceIPv4=true update -y\n DEBIAN_FRONTEND=noninteractive apt-get -y -o DPkg::options::=\"--force-confdef\" -o DPkg::options::=\"--force-confold\" install grub-pc\n sh installer --skiplicensecheck --skip-cloudlinux\n else\n sh installer --skiplicensecheck\n fi\nelse\n echo \"Your distribution is not supported by this StackScript.\"\n install -d -v -m 711 /var/cpanel\n touch /var/cpanel/cpinit.failed\nfi\n\nrm -f /etc/cpupdate.conf\ncat > /root/.bash_profile <<'END_OF_BASH_PROFILE'\n# .bash_profile\n# Get the aliases and functions\nif [ -f ~/.bashrc ]; then\n . ~/.bashrc\nfi\n# User specific environment and startup programs\nPATH=$PATH:$HOME/bin\nexport PATH\nbash /etc/motd.sh\nif [ -t 0 ]; then\n URL=`whmlogin --nowait 2> /dev/null`\n WHMLOGIN_RETURN=$?\n if [ $WHMLOGIN_RETURN == 1 ]; then\n # whmlogin doesn't support --nowait. Output a URL and hope it's accurate.\n echo \"To log in to WHM as the root user, visit the following address in your web browser:\"\n echo \"\"\n whmlogin\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n else\n if [ $WHMLOGIN_RETURN == 2 ]; then\n # whmlogin indicates that cpinit hasn't updated the IP/hostname yet.\n echo \"To log in to WHM as the root user, run the command 'whmlogin' to get a web address for your browser.\"\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n else\n # whmlogin returned a valid URL to use.\n echo \"To log in to WHM as the root user, visit the following address in your web browser:\"\n echo \"\"\n echo \"$URL\"\n echo \"\"\n echo \"Thank you for using cPanel & WHM!\"\n fi\n fi\nfi\nEND_OF_BASH_PROFILE\n\ncat > /etc/motd.sh <<'END_OF_MOTD'\n#!/bin/bash\nsource /etc/os-release\necho \"\n ____ _ ___ __ ___ _ __ __\n ___| _ \\ __ _ _ __ ___| | ( _ ) \\ \\ / / | | | \\/ |\n / __| |_) / _. | ._ \\ / _ \\ | / _ \\/\\ \\ \\ /\\ / /| |_| | |\\/| |\n| (__| __/ (_| | | | | __/ | | (_> < \\ V V / | _ | | | |\n \\___|_| \\__._|_| |_|\\___|_| \\___/\\/ \\_/\\_/ |_| |_|_| |_|\n\"\necho \"Welcome to cPanel & WHM `/usr/local/cpanel/cpanel -V`\"\necho \"\"\necho \"Running $PRETTY_NAME\"\necho \"\"\necho \"For our full cPanel & WHM documentation: https://go.cpanel.net/docs\"\necho \"\"\necho \"For information on how to quickly set up a website in cPanel & WHM: https://go.cpanel.net/buildasite\"\necho \"\" # This new line makes output from bash_profiles easier to read\nEND_OF_MOTD\ntouch /var/cpanel/cpinit.done", "user_defined_fields": [] }, { "id": 691621, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Cloudron One-Click", "description": "Cloudron One-Click", "ordinal": 6, "logo_url": "assets/cloudron.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 13758, "deployments_active": 628, "is_public": true, "mine": false, "created": "2020-11-30T21:21:45", "updated": "2023-12-07T13:31:57", "rev_note": "", "script": "#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# apt-get updates\n echo 'Acquire::ForceIPv4 \"true\";' > /etc/apt/apt.conf.d/99force-ipv4\n export DEBIAN_FRONTEND=noninteractive\n apt-get update -y\n\nwget https://cloudron.io/cloudron-setup\nchmod +x cloudron-setup\n./cloudron-setup --provider linode-mp\n\necho All finished! Rebooting...\n(sleep 5; reboot) &", "user_defined_fields": [] }, { "id": 692092, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Secure Your Server One-Click", "description": "Secure Your Server One-Click", "ordinal": 7, "logo_url": "assets/secureyourserver.svg", "images": [ "linode/debian10", "linode/ubuntu20.04", "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 4628, "deployments_active": 706, "is_public": true, "mine": false, "created": "2020-12-03T10:01:28", "updated": "2023-12-07T16:01:02", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## User and SSH Security\n#\n#\n#\n#\n\n## Domain\n#\n#\n#\n#\n#\n\n## Block Storage\n#\n#\n\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source Linode Helpers\nsource \nsource \nsource \nsource \n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode. (lower case only)" }, { "name": "password", "label": "The password for the limited sudo user" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode" }, { "name": "disable_root", "label": "Would you like to disable root login over SSH?", "oneof": "Yes,No" }, { "name": "token_password", "label": "Your Linode API token - This is required for creating DNS records", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token and domain)", "default": "" }, { "name": "soa_email_address", "label": "Your email address. This is used for creating DNS records and website VirtualHost configuration.", "default": "" }, { "name": "send_email", "label": "Would you like to be able to send email from this domain? (Requires domain)", "oneof": "Yes,No", "default": "No" }, { "name": "volume", "label": "To use a Block Storage volume, enter its name here.", "default": "" }, { "name": "volume_size", "label": "If creating a new Block Storage volume, enter its size in GB (NOTE: This creates a billable resource at $0.10/month per GB).", "default": "" } ] }, { "id": 925722, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Pritunl One-Click", "description": "Pritunl One-Click", "ordinal": 8, "logo_url": "assets/pritunl.svg", "images": [ "linode/debian10", "linode/ubuntu20.04" ], "deployments_total": 1151, "deployments_active": 82, "is_public": true, "mine": false, "created": "2021-10-26T15:23:37", "updated": "2023-12-06T11:09:03", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 443\nufw allow 80\nfail2ban_install\n\n# Mongo Install\napt-get install -y wget gnupg dirmngr \nwget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get update -y\napt-get install -y mongodb-org\nsystemctl enable mongod.service\nsystemctl start mongod.service\n\n# Pritunl\napt-key adv --keyserver hkp://keyserver.ubuntu.com --recv E162F504A20CDF15827F718D4B7C549A058F8B6B\napt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.pritunl.com/stable/apt buster main\" | tee /etc/apt/sources.list.d/pritunl.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb http://repo.pritunl.com/stable/apt focal main\" | tee /etc/apt/sources.list.d/pritunl.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\n\napt update -y\napt install -y pritunl\n\nsystemctl enable pritunl.service\nsystemctl start pritunl.service\n\n# Performance tune\necho \"* hard nofile 64000\" >> /etc/security/limits.conf\necho \"* soft nofile 64000\" >> /etc/security/limits.conf\necho \"root hard nofile 64000\" >> /etc/security/limits.conf\necho \"root soft nofile 64000\" >> /etc/security/limits.conf\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for the SOA record", "default": "" } ] }, { "id": 741206, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "CyberPanel One-Click", "description": "CyberPanel One-Click", "ordinal": 9, "logo_url": "assets/cyberpanel.svg", "images": [ "linode/ubuntu20.04", "linode/ubuntu22.04" ], "deployments_total": 11109, "deployments_active": 596, "is_public": true, "mine": false, "created": "2021-01-27T02:46:19", "updated": "2023-12-07T16:13:29", "rev_note": "", "script": "#!/bin/bash\n### linode\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n### Install cyberpanel\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/cybersetup.sh )\n\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n\n### Clean up ls tmp folder\nsudo rm -rf /tmp/lshttpd/*", "user_defined_fields": [] }, { "id": 401709, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Minecraft: Java Edition One-Click", "description": "Minecraft OCA", "ordinal": 10, "logo_url": "assets/Minecraft.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 20310, "deployments_active": 346, "is_public": true, "mine": false, "created": "2019-03-08T21:13:32", "updated": "2023-12-07T16:42:13", "rev_note": "remove maxplayers hard coded options [oca-707]", "script": "#!/usr/bin/env bash\n# Game config options:\n# https://minecraft.gamepedia.com/Server.properties\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n## Linode/SSH Security Settings - Required\n#\n#\n## Linode/SSH Settings - Optional\n#\n#\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n[ ! $USERNAME ] && USERNAME='lgsmuser'\nsource \n\n# Difficulty\n[[ \"$DIFFICULTY\" = \"Peaceful\" ]] && DIFFICULTY=0\n[[ \"$DIFFICULTY\" = \"Easy\" ]] && DIFFICULTY=1\n[[ \"$DIFFICULTY\" = \"Normal\" ]] && DIFFICULTY=2\n[[ \"$DIFFICULTY\" = \"Hard\" ]] && DIFFICULTY=3\n\n# Gamemode\n[[ \"$GAMEMODE\" = \"Survival\" ]] && GAMEMODE=0\n[[ \"$GAMEMODE\" = \"Creative\" ]] && GAMEMODE=1\n[[ \"$GAMEMODE\" = \"Adventure\" ]] && GAMEMODE=2\n[[ \"$GAMEMODE\" = \"Spectator\" ]] && GAMEMODE=3\n\n# Player Idle Timeout\n[[ \"$PLAYERIDLETIMEOUT\" = \"Disabled\" ]] && PLAYERIDLETIMEOUT=0\n\n# Minecraft-specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\nsystem_install_package mailutils postfix curl netcat wget file bzip2 \\\n gzip unzip bsdmainutils python util-linux ca-certificates \\\n binutils bc jq tmux openjdk-17-jre dirmngr software-properties-common\n\n# Install LinuxGSM and Minecraft and enable the 'mcserver' service\nreadonly GAMESERVER='mcserver'\nv_linuxgsm_oneclick_install \"$GAMESERVER\" \"$USERNAME\"\n\n# Minecraft configurations\nsed -i s/server-ip=/server-ip=\"$IP\"/ /home/\"$USERNAME\"/serverfiles/server.properties\n\n# Customer config\nsed -i s/allow-flight=false/allow-flight=\"$ALLOWFLIGHT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/allow-nether=true/allow-nether=\"$ALLOWNETHER\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/announce-player-achievements=true/announce-player-achievements=\"$ANNOUNCEPLAYERACHIEVEMENTS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/difficulty=1/difficulty=\"$DIFFICULTY\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-command-block=false/enable-command-block=\"$ENABLECOMMANDBLOCK\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-query=true/enable-query=\"$ENABLEQUERY\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/force-gamemode=false/force-gamemode=\"$FORCEGAMEMODE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/gamemode=0/gamemode=\"$GAMEMODE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/generate-structures=true/generate-structures=\"$GENERATESTRUCTURES\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/hardcore=false/hardcore=\"$HARDCORE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-name=world/level-name=\"$LEVELNAME\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-seed=/level-seed=\"$LEVELSEED\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/level-type=DEFAULT/level-type=\"$LEVELTYPE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-build-height=256/max-build-height=\"$MAXBUILDHEIGHT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-players=20/max-players=\"$MAXPLAYERS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-tick-time=60000/max-tick-time=\"$MAXTICKTIME\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/max-world-size=29999984/max-world-size=\"$MAXWORLDSIZE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/motd=.*/motd=\"$MOTD\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/network-compression-threshold=256/network-compression-threshold=\"$NETWORKCOMPRESSIONTHRESHOLD\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/op-permission-level=4/op-permission-level=\"$OPPERMISSIONLEVEL\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/player-idle-timeout=0/player-idle-timeout=\"$PLAYERIDLETIMEOUT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/pvp=true/pvp=\"$PVP\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/resource-pack-sha1=/resource-pack-sha1=\"$RESOURCEPACKSHA1\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/server-port=25565/server-port=\"$PORT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/snooper-enabled=true/snooper-enabled=\"$SNOOPERENABLED\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-animals=true/spawn-animals=\"$SPAWNANIMALS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-monsters=true/spawn-monsters=\"$SPAWNMONSTERS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/spawn-npcs=true/spawn-npcs=\"$SPAWNNPCS\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/use-native-transport=true/use-native-transport=\"$USENATIVETRANSPORT\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/view-distance=10/view-distance=\"$VIEWDISTANCE\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/rcon.password=*/rcon.password=\"\\\"$RCONPASSWORD\\\"\"/ /home/\"$USERNAME\"/serverfiles/server.properties\nsed -i s/enable-rcon=false/enable-rcon=true/ /home/\"$USERNAME\"/serverfiles/server.properties\n\n# Start the service and setup firewall\nufw allow \"$PORT\"\nufw allow \"25575\"\n\n# Start and enable the Minecraft service\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "levelname", "label": "World Name", "default": "world" }, { "name": "motd", "label": "Message of the Day", "default": "Powered by Linode!" }, { "name": "allowflight", "label": "Flight Enabled", "oneof": "true,false", "default": "false" }, { "name": "allownether", "label": "Nether World Enabled", "oneof": "true,false", "default": "true" }, { "name": "announceplayerachievements", "label": "Player Achievements Enabled", "oneof": "true,false", "default": "true" }, { "name": "maxplayers", "label": "Maximum Players", "default": "25" }, { "name": "playeridletimeout", "label": "Player Idle Timeout Limit", "oneof": "Disabled,15,30,45,60", "default": "Disabled" }, { "name": "difficulty", "label": "Difficulty Level", "oneof": "Peaceful,Easy,Normal,Hard", "default": "Easy" }, { "name": "hardcore", "label": "Hardcore Mode Enabled", "oneof": "true,false", "default": "false" }, { "name": "pvp", "label": "PvP Enabled", "oneof": "true,false", "default": "true" }, { "name": "forcegamemode", "label": "Force Game Mode Enabled", "oneof": "true,false", "default": "false" }, { "name": "leveltype", "label": "World Type", "oneof": "DEFAULT,AMPLIFIED,FLAT,LEGACY", "default": "DEFAULT" }, { "name": "levelseed", "label": "World Seed", "default": "" }, { "name": "spawnanimals", "label": "Spawn Animals Enabled", "oneof": "true,false", "default": "true" }, { "name": "spawnmonsters", "label": "Spawn Monsters Enabled", "oneof": "true,false", "default": "true" }, { "name": "spawnnpcs", "label": "Spawn NPCs Enabled", "oneof": "true,false", "default": "true" }, { "name": "gamemode", "label": "Game Mode", "oneof": "Survival,Creative,Adventure,Spectator", "default": "Survival" }, { "name": "generatestructures", "label": "Structure Generation Enabled", "oneof": "true,false", "default": "true" }, { "name": "maxbuildheight", "label": "Maximum Build Height", "oneof": "50,100,200,256", "default": "256" }, { "name": "maxworldsize", "label": "Maximum World Size", "oneof": "100,1000,10000,100000,1000000,10000000,29999984", "default": "29999984" }, { "name": "viewdistance", "label": "View Distance", "oneof": "2,5,10,15,25,32", "default": "10" }, { "name": "enablecommandblock", "label": "Command Block Enabled", "oneof": "true,false", "default": "false" }, { "name": "enablequery", "label": "Querying Enabled", "oneof": "true,false", "default": "true" }, { "name": "enablercon", "label": "Enable RCON", "oneof": "true,false", "default": "false" }, { "name": "rconpassword", "label": "RCON Password", "default": "" }, { "name": "rconport", "label": "RCON Port", "default": "25575" }, { "name": "maxticktime", "label": "Maximum Tick Time", "default": "60000" }, { "name": "networkcompressionthreshold", "label": "Network Compression Threshold", "default": "256" }, { "name": "oppermissionlevel", "label": "Op-permission Level", "oneof": "1,2,3,4", "default": "4" }, { "name": "port", "label": "Port Number", "default": "25565" }, { "name": "snooperenabled", "label": "Snooper Enabled", "oneof": "true,false", "default": "true" }, { "name": "usenativetransport", "label": "Use Native Transport Enabled", "oneof": "true,false", "default": "true" }, { "name": "username", "label": "The username for the Linode's non-root admin/SSH user(must be lowercase)", "example": "lgsmuser" }, { "name": "password", "label": "The password for the Linode's non-root admin/SSH user", "example": "S3cuReP@s$w0rd" }, { "name": "pubkey", "label": "The SSH Public Key used to securely access the Linode via SSH", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 869129, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "aaPanel One-Click", "description": "aaPanel One-Click", "ordinal": 11, "logo_url": "assets/aapanel.svg", "images": [ "linode/centos7" ], "deployments_total": 5356, "deployments_active": 321, "is_public": true, "mine": false, "created": "2021-07-20T18:50:46", "updated": "2023-12-07T13:37:08", "rev_note": "", "script": "#!/bin/bash\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Yum Update\nyum update -y\n\n# Install aapanel\nyum install -y wget && wget -O install.sh http://www.aapanel.com/script/install_6.0_en.sh && echo y|bash install.sh aapanel\n\n# Log aaPanel login information\nbt default > /root/.aapanel_info\n\n# Stackscript Cleanup\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"", "user_defined_fields": [] }, { "id": 923033, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Akaunting One-Click", "description": "Akaunting One-Click", "ordinal": 12, "logo_url": "assets/akaunting.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 633, "deployments_active": 22, "is_public": true, "mine": false, "created": "2021-10-18T01:01:19", "updated": "2023-12-06T13:48:52", "rev_note": "", "script": "#!/bin/bash\n\n# \n# \n# \n# \n\n# \n# \n# \n# \n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nDEBIAN_FRONTEND=noninteractive apt-get update -qq >/dev/null\n\n###########################################################\n# Install NGINX\n###########################################################\napt-get install -y nginx\n\ncat <<'END' >/var/www/html/index.html\n\n \n \n \n \n \n\n Installing Akaunting\n\n \n \n\n \n \n\n \n
\n
\n \n
\n\n
\n \n
\n
\n

Installing...

Get back after 3 minutes!

\n
\n
\n \n\nEND\n\nchown www-data:www-data /var/www/html/index.html\nchmod 644 /var/www/html/index.html\n\n###########################################################\n# MySQL\n###########################################################\napt install -y mariadb-server expect\n\nfunction mysql_secure_install {\n # $1 - required - Root password for the MySQL database\n [ ! -n \"$1\" ] && {\n printf \"mysql_secure_install() requires the MySQL database root password as its only argument\\n\"\n return 1;\n }\n local -r db_root_password=\"$1\"\n local -r secure_mysql=$(\nexpect -c \"\nset timeout 10\nspawn mysql_secure_installation\nexpect \\\"Enter current password for root (enter for none):\\\"\nsend \\\"$db_root_password\\r\\\"\nexpect \\\"Change the root password?\\\"\nsend \\\"n\\r\\\"\nexpect \\\"Remove anonymous users?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Disallow root login remotely?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Remove test database and access to it?\\\"\nsend \\\"y\\r\\\"\nexpect \\\"Reload privilege tables now?\\\"\nsend \\\"y\\r\\\"\nexpect eof\n\")\n printf \"$secure_mysql\\n\"\n}\n\n# Set DB root password\necho \"mysql-server mysql-server/root_password password ${DB_PASSWORD}\" | debconf-set-selections\necho \"mysql-server mysql-server/root_password_again password ${DB_PASSWORD}\" | debconf-set-selections\n\nmysql_secure_install \"$DB_PASSWORD\"\n\n# Create DB\necho \"CREATE DATABASE ${DB_NAME};\" | mysql -u root -p\"$DB_PASSWORD\"\n\n# create DB user with password\necho \"CREATE USER '$DBUSER'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD';\" | mysql -u root -p\"$DB_PASSWORD\"\n\necho \"GRANT ALL PRIVILEGES ON $DB_NAME.* TO '$DBUSER'@'localhost';\" | mysql -u root -p\"$DB_PASSWORD\"\necho \"FLUSH PRIVILEGES;\" | mysql -u root -p\"$DB_PASSWORD\"\n\n\n###########################################################\n# Install PHP \n###########################################################\napt-get install -y zip unzip php-mbstring php-zip php-gd php-cli php-curl php-intl php-imap php-xml php-xsl php-tokenizer php-sqlite3 php-pgsql php-opcache php-simplexml php-fpm php-bcmath php-ctype php-json php-pdo php-mysql\n\n###########################################################\n# Akaunting\n###########################################################\nmkdir -p /var/www/akaunting \\\n && curl -Lo /tmp/akaunting.zip 'https://akaunting.com/download.php?version=latest&utm_source=linode&utm_campaign=developers' \\\n && unzip /tmp/akaunting.zip -d /var/www/html \\\n && rm -f /tmp/akaunting.zip\n\ncat </var/www/html/.env\nAPP_NAME=Akaunting\nAPP_ENV=production\nAPP_LOCALE=en-GB\nAPP_INSTALLED=false\nAPP_KEY=\nAPP_DEBUG=false\nAPP_SCHEDULE_TIME=\"09:00\"\nAPP_URL=\n\nDB_CONNECTION=mysql\nDB_HOST=localhost\nDB_PORT=3306\nDB_DATABASE=${DB_NAME}\nDB_USERNAME=${DBUSER}\nDB_PASSWORD=${DBUSER_PASSWORD}\nDB_PREFIX=\n\nBROADCAST_DRIVER=log\nCACHE_DRIVER=file\nSESSION_DRIVER=file\nQUEUE_CONNECTION=sync\nLOG_CHANNEL=stack\n\nMAIL_MAILER=mail\nMAIL_HOST=localhost\nMAIL_PORT=2525\nMAIL_USERNAME=null\nMAIL_PASSWORD=null\nMAIL_ENCRYPTION=null\nMAIL_FROM_NAME=null\nMAIL_FROM_ADDRESS=null\n\nFIREWALL_ENABLED=false\nEND\n\ncd /var/www/html && php artisan key:generate\n\n# Install Akaunting\nphp /var/www/html/artisan install --db-host=\"localhost\" --db-name=\"$DB_NAME\" --db-username=\"$DBUSER\" --db-password=\"$DBUSER_PASSWORD\" --company-name=\"$COMPANY_NAME\" --company-email=\"$COMPANY_EMAIL\" --admin-email=\"$ADMIN_EMAIL\" --admin-password=\"$ADMIN_PASSWORD\"\n\n# Fix permissions\nchown -Rf www-data:www-data /var/www/html\nfind /var/www/html/ -type d -exec chmod 755 {} \\;\nfind /var/www/html/ -type f -exec chmod 644 {} \\;\n\n###########################################################\n# Configure NGINX\n###########################################################\nPHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\ncat << END > /etc/nginx/nginx.conf\n# Generic startup file.\nuser www-data;\n\n#usually equal to number of CPUs you have. run command \"grep processor /proc/cpuinfo | wc -l\" to find it\nworker_processes auto;\nworker_cpu_affinity auto;\n\nerror_log /var/log/nginx/error.log;\npid /var/run/nginx.pid;\n\n# Keeps the logs free of messages about not being able to bind().\n#daemon off;\n\nevents {\nworker_connections 1024;\n}\n\nhttp {\n# rewrite_log on;\n\ninclude mime.types;\ndefault_type application/octet-stream;\naccess_log /var/log/nginx/access.log;\nsendfile on;\n# tcp_nopush on;\nkeepalive_timeout 64;\n# tcp_nodelay on;\n# gzip on;\n #php max upload limit cannot be larger than this \nclient_max_body_size 13m;\nindex index.php index.html index.htm;\n\n# Upstream to abstract backend connection(s) for PHP.\nupstream php {\n #this should match value of \"listen\" directive in php-fpm pool\n server unix:/run/php/php$PHP_VERSION-fpm.sock;\n server 127.0.0.1:9000;\n}\n\nserver {\n listen 80 default_server;\n\n server_name _;\n\n root /var/www/html;\n\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Content-Type-Options \"nosniff\";\n\n index index.html index.htm index.php;\n\n charset utf-8;\n\n location / {\n try_files \\$uri \\$uri/ /index.php?\\$query_string;\n }\n\n # Prevent Direct Access To Protected Files\n location ~ \\.(env|log) {\n deny all;\n }\n\n # Prevent Direct Access To Protected Folders\n location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) {\n deny all;\n }\n\n # Prevent Direct Access To modules/vendor Folders Except Assets\n location ~ ^/(modules|vendor)\\/(.*)\\.((?!ico|gif|jpg|jpeg|png|js\\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {\n deny all;\n }\n\n error_page 404 /index.php;\n\n # Pass PHP Scripts To FastCGI Server\n location ~ \\.php$ {\n fastcgi_split_path_info ^(.+\\.php)(/.+)\\$;\n fastcgi_pass php;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME \\$document_root\\$fastcgi_script_name;\n include fastcgi_params;\n }\n\n location ~ /\\.(?!well-known).* {\n deny all;\n }\n}\n}\nEND\n\n# Remove installation screen\nrm -f /var/www/html/index.html\n\nservice nginx reload\n\n###########################################################\n# Firewall\n###########################################################\napt-get install ufw -y\nufw limit ssh\nufw allow http\nufw allow https\n\nufw --force enable\n\n###########################################################\n# Stackscript cleanup\n###########################################################\nrm /root/StackScript\nrm /root/ssinclude*\necho \"Installation complete!\"", "user_defined_fields": [ { "name": "company_name", "label": "Company Name", "example": "My Company" }, { "name": "company_email", "label": "Company Email", "example": "my@company.com" }, { "name": "admin_email", "label": "Admin Email", "example": "my@company.com" }, { "name": "admin_password", "label": "Admin Password", "example": "s3cur39a55w0r0" }, { "name": "db_name", "label": "MySQL Database Name", "example": "akaunting" }, { "name": "db_password", "label": "MySQL root Password", "example": "s3cur39a55w0r0" }, { "name": "dbuser", "label": "MySQL Username", "example": "akaunting" }, { "name": "dbuser_password", "label": "MySQL User Password", "example": "s3cur39a55w0r0" } ] }, { "id": 985374, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Ant Media Server: Enterprise Edition One-Click", "description": "Ant Media Enterprise Edition One-Click", "ordinal": 13, "logo_url": "assets/antmediaserver.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 1370, "deployments_active": 63, "is_public": true, "mine": false, "created": "2022-03-08T17:39:39", "updated": "2023-12-07T15:14:09", "rev_note": "", "script": "#!/usr/bin/env bash\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\nZIP_FILE=\"https://antmedia.io/linode/antmedia_2.5.3.zip\"\nINSTALL_SCRIPT=\"https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh\"\n\nwget -q --no-check-certificate $ZIP_FILE -O /tmp/antmedia.zip && wget -q --no-check-certificate $INSTALL_SCRIPT -P /tmp/\n\nif [ $? == \"0\" ]; then\n bash /tmp/install_ant-media-server.sh -i /tmp/antmedia.zip\nelse\n logger \"There is a problem in installing the ant media server. Please send the log of this console to contact@antmedia.io\"\n exit 1\nfi", "user_defined_fields": [] }, { "id": 804144, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Ant Media Server: Community Edition One-Click", "description": "Ant Media Server One-Click", "ordinal": 14, "logo_url": "assets/antmediaserver.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 5618, "deployments_active": 461, "is_public": true, "mine": false, "created": "2021-04-01T12:50:57", "updated": "2023-12-07T10:23:21", "rev_note": "", "script": "#!/usr/bin/env bash \n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nZIP_FILE=\"https://github.com/ant-media/Ant-Media-Server/releases/download/ams-v2.5.3/ant-media-server-community-2.5.3.zip\"\n\n\nINSTALL_SCRIPT=\"https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh\"\n\nwget -q --no-check-certificate $ZIP_FILE -O /tmp/antmedia.zip && wget -q --no-check-certificate $INSTALL_SCRIPT -P /tmp/\n\nif [ $? == \"0\" ]; then\n bash /tmp/install_ant-media-server.sh -i /tmp/antmedia.zip\nelse\n logger \"There is a problem in installing the ant media server. Please send the log of this console to contact@antmedia.io\"\n exit 1\nfi", "user_defined_fields": [] }, { "id": 1102900, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Apache Airflow One-Click", "description": "Apache Airflow One-Click App", "ordinal": 15, "logo_url": "assets/apacheairflow.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 127, "deployments_active": 4, "is_public": true, "mine": false, "created": "2022-12-20T17:32:08", "updated": "2023-11-28T13:38:46", "rev_note": "", "script": "#!/bin/bash\n#\n# \n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n## Enable logging\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\ncreate_a_record $SUBDOMAIN $IP $DOMAIN\n\n# install depends\nexport DEBIAN_FRONTEND=noninteractive\nsudo apt update\n#sudo apt -y upgrade\nsudo apt install -y python3-pip\nsudo apt install -y build-essential libssl-dev libffi-dev python3-dev\nsudo apt install -y python3-venv # One of the Airflow examples requires virtual environments\n\nexport AIRFLOW_HOME=~/airflow\n\n# Install Airflow using the constraints file\nAIRFLOW_VERSION=2.4.1\nPYTHON_VERSION=\"$(python3 --version | cut -d \" \" -f 2 | cut -d \".\" -f 1-2)\"\n# For example: 3.7\nCONSTRAINT_URL=\"https://raw.githubusercontent.com/apache/airflow/constraints-${AIRFLOW_VERSION}/constraints-${PYTHON_VERSION}.txt\"\n# For example: https://raw.githubusercontent.com/apache/airflow/constraints-2.4.1/constraints-3.7.txt\npip install \"apache-airflow==${AIRFLOW_VERSION}\" --constraint \"${CONSTRAINT_URL}\"\n\n# The Standalone command will initialise the database, make a user,\n# and start all components for you.\nairflow standalone &\n\n###\n# \n# systemd unit file and per component settings go here\n# \n### \n\n\n## install nginx reverse-proxy \napt install nginx -y \n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${DEFAULT_RDNS};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n\n location / {\n proxy_pass http://localhost:8080;\n proxy_set_header Host \\$host;\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header X-Forward-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx \n\n## UFW rules \nufw allow http \nufw allow https \nsystemctl enable ufw\n\nsleep 60 \n\n## install SSL certs. required \npip install pyOpenSSL --upgrade\napt install python3-certbot-nginx -y \ncertbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${SOA_EMAIL_ADDRESS} -w /var/www/html/\n\n## write some login details\nexport ADMIN_PASS=$(cat /root/airflow/standalone_admin_password.txt)\ncat < /etc/motd \nThe installation of Apache Airflow is now complete, and the application is running in standalone mode.\n#\nYou can log into the Airflow GUI at ${ABS_DOMAIN}\nWith the credentials: \nUsername: admin\nPassword: ${ADMIN_PASS}\n#\nStandalone mode is not recommended for production.\nEND\n\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode.", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1160820, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Appwrite One-Click", "description": "Appwrite One-Click ", "ordinal": 16, "logo_url": "assets/appwrite.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 175, "deployments_active": 11, "is_public": true, "mine": false, "created": "2023-04-21T13:09:13", "updated": "2023-12-07T09:40:21", "rev_note": "", "script": "#!/bin/bash\n### linode \n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# install docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nbash ./get-docker.sh\n\n# install haveged\nsudo apt-get install -y haveged\n\n# Install Appwrite\n# Grab latest version\nappversion=$(curl -s https://api.github.com/repos/appwrite/appwrite/releases/latest | grep -oP '\"tag_name\": \"\\K.*?(?=\")')\n\ndocker run --rm \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n --volume \"$(pwd)\"/appwrite:/usr/src/code/appwrite:rw \\\n appwrite/appwrite:$appversion sh -c \"install --httpPort=80 --httpsPort=443 --interactive=N\"\n\necho \"Installation complete!\"", "user_defined_fields": [] }, { "id": 401699, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Ark One-Click", "description": "Ark - Latest One-Click", "ordinal": 17, "logo_url": "assets/Ark@1x.svg", "images": [ "linode/debian11" ], "deployments_total": 1145, "deployments_active": 4, "is_public": true, "mine": false, "created": "2019-03-08T21:05:54", "updated": "2023-12-05T18:43:30", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"arkserver\"\n\nset_hostname\napt_setup_update\n\n\n# ARK specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc-s1 libstdc++6 libstdc++6:i386 \n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install ARK\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\nsed -i s/XPMultiplier=.*/XPMultiplier=\"$XPMULTIPLIER\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerPassword=.*/ServerPassword=\"$SERVERPASSWORD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerHardcore=.*/ServerHardcore=\"$SERVERPASSWORD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerPVE=.*/ServerPVE=\"$SERVERPVE\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/Message=.*/Message=\"$MOTD\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/SessionName=.*/SessionName=\"$SESSIONNAME\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\nsed -i s/ServerAdminPassword=.*/ServerAdminPassword=\"\\\"$RCONPASSWORD\\\"\"/ /home/arkserver/serverfiles/ShooterGame/Saved/Config/LinuxServer/GameUserSettings.ini\n\n\n# Start the service and setup firewall\nufw_install\nufw allow 27015/udp\nufw allow 7777:7778/udp\nufw allow 27020/tcp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup", "user_defined_fields": [ { "name": "rconpassword", "label": "RCON password" }, { "name": "sessionname", "label": "Server Name", "default": "Ark Server" }, { "name": "motd", "label": "Message of the Day", "default": "Powered by Linode!" }, { "name": "serverpassword", "label": "Server Password", "default": "" }, { "name": "hardcore", "label": "Hardcore Mode Enabled", "oneof": "True,False", "default": "False" }, { "name": "xpmultiplier", "label": "XP Multiplier", "oneof": "1,1.5,2,5,10,20", "default": "2" }, { "name": "serverpve", "label": "Server PvE", "oneof": "True,False", "default": "False" } ] }, { "id": 662118, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Azuracast One-Click", "description": "AzuraCast One-Click", "ordinal": 18, "logo_url": "assets/azuracast.svg", "images": [ "linode/debian10", "linode/ubuntu20.04" ], "deployments_total": 2692, "deployments_active": 186, "is_public": true, "mine": false, "created": "2020-08-12T15:50:09", "updated": "2023-12-05T11:47:34", "rev_note": "", "script": "#!/bin/bash\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, apt configuration and update/upgrade\nset_hostname\napt_setup_update\n\n# Install GIT\napt-get update && apt-get install -q -y git\n# Cloning AzuraCast and install\nmkdir -p /var/azuracast\ncd /var/azuracast\ncurl -fsSL https://raw.githubusercontent.com/AzuraCast/AzuraCast/main/docker.sh > docker.sh\nchmod a+x docker.sh\nyes 'Y' | ./docker.sh setup-release\nyes '' | ./docker.sh install\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [] }, { "id": 913277, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "BeEF One-Click", "description": "BeEF One-Click", "ordinal": 19, "logo_url": "assets/beef.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 30459, "deployments_active": 1149, "is_public": true, "mine": false, "created": "2021-09-30T18:28:58", "updated": "2023-12-07T13:08:54", "rev_note": "", "script": "#!/bin/bash\n#\n# Script to install BEEF on Linode\n# \n# \n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \nbeef_config=\"/home/beef/config.yaml\"\nkey=\"privkey.pem\"\ncert=\"fullchain.pem\"\n# System Update\napt_setup_update\n# UFW\nufw allow 80\nufw allow 443\nufw allow 3000\nfunction configure_nginx {\n apt install git nginx ruby-dev -y\n # NGINX\n mkdir -p /var/www/certs/.well-known\n chown -R www-data:www-data /var/www/certs/\n cat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n listen [::]:80;\n server_name $FQDN;\n root /var/www/certs;\n location / {\n try_files \\$uri \\$uri/ =404;\n }\n# allow .well-known\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/certs/.well-known;\n }\n}\nEOF\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/$FQDN\n unlink /etc/nginx/sites-enabled/default\n systemctl restart nginx\n}\nfunction configure_ssl {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\nfunction create_beef_user {\n function create_beef {\n groupadd --system beef\n useradd -s /sbin/nologin --system -g beef beef\n }\n grep beef /etc/passwd\n if [ $? -eq 1 ];then\n create_beef\n else\n echo \"[INFO] beef already on the system. Deleting user\"\n deluser --remove-home beef\n create_beef\n fi\n}\nfunction configure_beef {\n git clone https://github.com/beefproject/beef.git /home/beef\n chown -R beef: /home/beef\n cd /home/beef\n cp /etc/letsencrypt/live/$FQDN/$key .\n cp /etc/letsencrypt/live/$FQDN/$cert .\n # get line number to replace\n get_https_enable=$(grep -n -C 10 \"key:\" $beef_config | grep -v \"#\" | grep \"https:\" -A 5 | grep \"enable:\" | awk -F \"-\" {'print $1'})\n get_https_public_enabled=$(grep -n -C 10 \"key:\" $beef_config | grep -v \"#\" | grep \"https:\" -A 5 | grep \"public_enabled:\" | awk -F \"-\" {'print $1'})\n # replacing line numebr\n sed -i \"\"$get_https_enable\"s/enable: false/enable: true/\" $beef_config\n sed -i \"\"$get_https_public_enabled\"s/public_enabled: false/public_enabled: true/\" $beef_config\n sed -i \"/key:/c\\ key: \\\"$key\\\"\" $beef_config\n sed -i \"/cert:/c\\ cert: \\\"$cert\\\"\" $beef_config\n # creds\n #sed -i \"/user:/c\\ user: \\\"beef\\\"\" $beef_config\n sed -i \"/passwd:/c\\ passwd: \\\"$BEEFPASSWORD\\\"\" $beef_config\n # install local copy of beef\n # install deps\n apt install curl git build-essential openssl libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison nodejs libcurl4-openssl-dev ruby-dev -y\n su - -s /bin/bash beef\n bundle3.0 config set --local path /home/beef/.gem\n bundle3.0 install\n gem install --user-install xmlrpc\n \n}\nfunction beef_startup {\n cat < /home/beef/start_beef\n#!/bin/bash\nfunction start_beef {\n cd /home/beef\n echo no | ./beef\n}\nstart_beef\nEOF\n chown -R beef:beef /home/beef\n chmod +x /home/beef/start_beef\n}\n \nfunction beef_job {\n cat < /etc/systemd/system/beef.service\n[Unit]\nDescription=Browser Exploitation Framework\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=beef\nGroup=beef\nExecStart=/home/beef/start_beef\n[Install]\nWantedBy=default.target\nEOF\n systemctl daemon-reload\n systemctl start beef\n systemctl enable beef\n}\nfunction ssl_renew_cron {\n cat </root/certbot-beef-renewal.sh\n#!/bin/bash\n#\n# Script to handle Certbot renewal & BeEf\n# Debug\n# set -xo pipefail\nexport BEEF_FULL=/home/beef/fullchain.pem\nexport BEEF_PRIVKEY=/home/beef/privkey.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\ncertbot renew\ncat \\$FULLCHAIN > \\$BEEF_FULL\ncat \\$PRIVKEY > \\$BEEF_PRIVKEY\nservice beef reload\nEND\n chmod +x /root/certbot-beef-renewal.sh\n# Setup Cron\n crontab -l > cron\n echo \"* 1 * * 1 bash /root/certbot-beef-renewal.sh\" >> cron\n crontab cron\n rm cron\n}\nfunction install_complete {\n cat < /root/beef.info\n##############################\n# BEEF INSTALLATION COMPLETE #\n##############################\nEndpoint: https://$FQDN:3000/ui/panel\nCredentials can be found here:\n/home/beef/config.yaml\nHappy hunting!\nEOF\n}\nfunction main {\n create_beef_user\n configure_nginx\n configure_ssl\n configure_beef\n beef_startup\n beef_job\n ssl_renew_cron\n install_complete\n}\nmain\n# Clean up\nstackscript_cleanup\ncat /root/beef.info", "user_defined_fields": [ { "name": "beefpassword", "label": "BEEF Password" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode. The username cannot contain any spaces or capitol letters. For this application the username 'beef' is reserved for the application, so please choose an alternative username for this deployment.", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 923034, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "BitNinja One-Click", "description": "BitNinja One-Click", "ordinal": 20, "logo_url": "assets/bitninja.svg", "images": [ "linode/centos7", "linode/debian10", "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 35, "deployments_active": 0, "is_public": true, "mine": false, "created": "2021-10-18T01:03:02", "updated": "2023-11-28T09:18:11", "rev_note": "", "script": "#!bin/bash\n\n# \n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nwget -qO- https://get.bitninja.io/install.sh | /bin/bash -s - --license_key=\"$license_key\" -y", "user_defined_fields": [ { "name": "license_key", "label": "License Key" } ] }, { "id": 1037036, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Budibase One-Click", "description": "Budibase One Click App", "ordinal": 21, "logo_url": "assets/budibase.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 432, "deployments_active": 24, "is_public": true, "mine": false, "created": "2022-08-02T18:42:41", "updated": "2023-12-04T00:58:23", "rev_note": "", "script": "#!/bin/bash\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2 pwgen ufw\ncurl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker.io\n\n# Check to ensure Docker is running and installed correctly\nsystemctl status docker\ndocker -v\n\n# Install Docker Compose\ncurl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose\nchmod +x /usr/local/bin/docker-compose\ndocker-compose --version\n\necho \"Creating passwords for /opt/budibase/.env\"\nVAR_JWT_SECRET=$(pwgen 16)\nVAR_MINIO_ACCESS_KEY=$(pwgen 16)\nVAR_MINIO_SECRET_KEY=$(pwgen 16)\nVAR_COUCH_DB_PASSWORD=$(pwgen 16)\nVAR_REDIS_PASSWORD=$(pwgen 16)\nVAR_INTERNAL_API_KEY=$(pwgen 16)\nIP=`hostname -I | awk '{print$1}'`\n\nmkdir -p /opt/budibase\ncd /opt/budibase\necho \"Fetch budibase docker compose file\"\ncurl -L https://raw.githubusercontent.com/Budibase/budibase/master/hosting/docker-compose.yaml -o /opt/budibase/docker-compose.yml\necho \"Fetch budibase .env template\"\ncurl -L https://raw.githubusercontent.com/Budibase/budibase/master/hosting/.env -o /opt/budibase/.env\necho \"Set passwords in /opt/budibase/.env\"\nsed -i \"s/JWT_SECRET=testsecret/JWT_SECRET=$VAR_JWT_SECRET/\" /opt/budibase/.env\nsed -i \"s/MINIO_ACCESS_KEY=budibase/MINIO_ACCESS_KEY=$VAR_MINIO_ACCESS_KEY/\" /opt/budibase/.env\nsed -i \"s/MINIO_SECRET_KEY=budibase/MINIO_SECRET_KEY=$VAR_MINIO_SECRET_KEY/\" /opt/budibase/.env\nsed -i \"s/COUCH_DB_PASSWORD=budibase/COUCH_DB_PASSWORD=$VAR_COUCH_DB_PASSWORD/\" /opt/budibase/.env\nsed -i \"s/REDIS_PASSWORD=budibase/REDIS_PASSWORD=$VAR_REDIS_PASSWORD/\" /opt/budibase/.env\nsed -i \"s/INTERNAL_API_KEY=budibase/INTERNAL_API_KEY=$VAR_INTERNAL_API_KEY/\" /opt/budibase/.env\nsed -i \"s/MAIN_PORT=10000/MAIN_PORT=$BBPORT/\" /opt/budibase/.env\ndocker-compose up -d\n\ncat </etc/profile.d/budibase_welcome.sh\n#!/bin/sh\n#\nIP=$(hostname -I | awk '{print$1}')\necho \"\n********************************************************************************\nWelcome to Budibase!\nTo help keep this server secure, the UFW firewall is enabled.\nAll ports are BLOCKED except 22 (SSH) and the Web UI port $BBPORT.\n********************************************************************************\n # Budibase UI: http://$IP:$BBPORT/\n # Website: https://budibase.com\n # Documentation: https://docs.budibase.com\n # Github: https://github.com/Budibase/budibase\n # Community Support: https://github.com/Budibase/budibase/discussions\n # Restart Budibase: cd /opt/budibase; docker-compose down; docker-compose up -d\n # Budibase config: /etc/budibase/.env\n\"\nEND\nchmod +x /etc/profile.d/budibase_welcome.sh\n# Enable UFW and add some rules to it\nufw enable\nufw limit ssh/tcp comment 'Rate limit the SSH port'\nufw allow $BBPORT/tcp comment \"TCP Listen port for Budibase\"\nufw --force enable\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "BBPORT", "label": "Budibase Port", "example": "Default: 80", "default": "80" } ] }, { "id": 869155, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Chevereto One-Click", "description": "Chevereto One-Click", "ordinal": 22, "logo_url": "assets/chevereto.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 236, "deployments_active": 6, "is_public": true, "mine": false, "created": "2021-07-20T19:07:56", "updated": "2023-10-30T19:52:12", "rev_note": "", "script": "#!/usr/bin/env bash\n# https://github.com/chevereto/linode-marketplace\n\nset -e\n\nCHEVERETO_INSTALLER_TAG=\"3.1.0\"\nWORKING_DIR=\"/var/www/html\"\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n## 03-force-ssh-logout.sh\ncat >>/etc/ssh/sshd_config </dev/null\napt install -y apache2 libapache2-mod-php\napt install -y mysql-server\napt install -y php\napt install -y php-{common,cli,curl,fileinfo,gd,imagick,intl,json,mbstring,mysql,opcache,pdo,pdo-mysql,xml,xmlrpc,zip}\napt install -y python3-certbot-apache software-properties-common unzip\n\n# 01-fs.sh\ncat >/etc/apache2/sites-available/000-default.conf <\n \n Options Indexes FollowSymLinks\n AllowOverride All\n Require all granted\n \n ServerAdmin webmaster@localhost\n DocumentRoot /var/www/html\n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEOM\n\ncat >/etc/update-motd.d/99-one-click < certbot --apache -d example.com -d www.example.com\nIMPORTANT:\n * After connecting to the server for the first time, immediately install\n Chevereto at http://\\$myip/installer.php\n * Secure your database by running:\n > mysql_secure_installation\n * Setup email delivery at http://\\$myip/dashboard/settings/email\nFor help and more information visit https://chevereto.com\n********************************************************************************\nTo delete this message of the day: rm -rf \\$(readlink -f \\${0})\nEOF\nEOM\nchmod +x /etc/update-motd.d/99-one-click\n\ncat >/etc/cron.d/chevereto </etc/php/7.4/apache2/conf.d/chevereto.ini <>/var/log/per-instance.log\n\nMYSQL_ROOT_PASS=$(openssl rand -hex 16)\nDEBIAN_SYS_MAINT_MYSQL_PASS=$(openssl rand -hex 16)\n\nCHEVERETO_DB_HOST=localhost\nCHEVERETO_DB_PORT=3306\nCHEVERETO_DB_NAME=chevereto\nCHEVERETO_DB_USER=chevereto\nCHEVERETO_DB_PASS=$(openssl rand -hex 16)\n\ncat >/root/.mysql_password <>/etc/apache2/envvars </etc/mysql/debian.cnf <>/var/log/per-instance.log\n\necho \"[OK] Chevereto Installer $CHEVERETO_INSTALLER_TAG provisioned!\"", "user_defined_fields": [] }, { "id": 869158, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "ClusterControl One-Click", "description": "ClusterControl One-Click", "ordinal": 23, "logo_url": "assets/clustercontrol.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 173, "deployments_active": 5, "is_public": true, "mine": false, "created": "2021-07-20T19:13:44", "updated": "2023-12-07T09:24:12", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables\n\n## Severalnines settings\n#\n#\n\n## Domain settings\n#\n#\n#\n#\n\n## Let's Encrypt SSL\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# System Update\nsystem_update\n\nworkdir=/tmp\nIP=`hostname -I | awk '{print$1}'`\n# if command -v dig &>/dev/null; then\n# echo -e \"\\nDetermining network interfaces.\" \n# ext_ip=$(dig +short myip.opendns.com @resolver1.opendns.com 2>/dev/null)\n# [[ ! -z $ext_ip ]] && IP=${ext_ip}\n# fi\nlog_progress() {\n\n echo \"$1\" >> /root/cc_install.log\n}\n\ninstall_cc() {\n export HOME=/root\n export USER=root\n wget --no-check-certificate https://severalnines.com/downloads/cmon/install-cc\n chmod +x install-cc\n echo \"mysql cmon password = $CMONUSER_PASSWORD\" >> /root/.cc_passwords\n echo \"mysql root password = $DBROOT_PASSWORD\" >> /root/.cc_passwords\n SEND_DIAGNOSTICS=0 S9S_CMON_PASSWORD=$CMONUSER_PASSWORD S9S_ROOT_PASSWORD=$DBROOT_PASSWORD INNODB_BUFFER_POOL_SIZE=256 ./install-cc\n}\n\nfirstboot() {\n hostnamectl set-hostname clustercontrol\n\n ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N \"\"\n ssh-keygen -y -f /root/.ssh/id_rsa > /root/.ssh/id_rsa.pub\n SSH_KEY=$(cat /root/.ssh/id_rsa.pub)\n\n cat < /etc/update-motd.d/99-cc-motd \n#!/bin/sh\necho \"###\"\necho \"\"\necho \"Welcome to Severalnines Database Monitoring and Management Application - ClusterControl\"\necho \"Open your web browser to http://${IP}/clustercontrol to access ClusterControl's web application\"\necho \"\"\necho \"The public SSH key (root) is:\"\necho \"$SSH_KEY\"\necho \"\"\necho \"###\"\nEND\n\n chmod +x /etc/update-motd.d/99-cc-motd\n}\n\nenable_fw() {\n ufw default deny incoming\n ufw default allow outgoing\n ufw allow ssh\n ufw allow http\n ufw allow https\n ufw allow 9999\n ufw allow 9501\n}\n\ncleanup() {\n rm -rf /tmp/* /var/tmp/* /root/scripts\n history -c\n cat /dev/null > /root/.bash_history\n unset HISTFILE\n\n apt-get -y autoremove\n apt-get -y autoclean\n\n cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/wtmp; cat /dev/null > /var/log/auth.log\n\n ufw enable\n ufw status\n\n touch /.cc-provisioned\n}\n\nlog_progress \"** Installing ClusterControl, this could take several minutes. Please wait ...\"\ninstall_cc\nlog_progress \"** Setting motd ...\"\nfirstboot\nlog_progress \"** Enabling firewall ...\"\nenable_fw\nif [[ \"$SSL\" == \"Yes\" ]]; then\n log_progress \"** Enabling Let's Encrypt SSL ...\"\n python --version | grep -q 3.\n [[ $? -eq 0 ]] && PYTHON3=1\n if [[ -n $PYTHON3 ]]; then\n apt install -y certbot python3-certbot-apache\n else\n apt install -y certbot python-certbot-apache\n fi\n\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\nfi\ncleanup\n\n# Clean up\nlog_progress \"** Stackscript cleanup please wait ...\"\nstackscript_cleanup\n\nlog_progress \"** Installation successful...\"\n/etc/update-motd.d/99-cc-motd | tee -a /root/cc_install.log\n\nsystemctl restart sshd", "user_defined_fields": [ { "name": "dbroot_password", "label": "MySQL Root Password" }, { "name": "cmonuser_password", "label": "CMON user password" }, { "name": "token_password", "label": "Your Linode API token. This is required in order to create DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "E-Mail Address", "example": "Your email address" }, { "name": "ssl", "label": "Would you like to use a free Let's Encrypt SSL certificate? (Uses the Linode's default rDNS if no domain is specified above)", "oneof": "Yes,No", "default": "Yes" } ] }, { "id": 401700, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "CS:GO One-Click", "description": "CS:GO - Latest One-Click", "ordinal": 24, "logo_url": "assets/CSGO2.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 2142, "deployments_active": 7, "is_public": true, "mine": false, "created": "2019-03-08T21:06:26", "updated": "2023-11-02T20:39:58", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/bin/bash\n#\n\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"csgoserver\"\n\n### UDF to config\n\n#Autoteambalance\nif [[ \"$AUTOTEAMBALANCE\" = \"Enabled\" ]]; then\n AUTOTEAMBALANCE=1\nelif [[ \"$AUTOTEAMBALANCE\" = \"Disabled\" ]]; then\n AUTOTEAMBALANCE=0\nfi\n\n#Buyanywhere\nif [[ \"$BUYANYWHERE\" = \"Enabled\" ]]; then\n BUYANYWHERE=1\nelif [[ \"$BUYANYWHERE\" = \"Disabled\" ]]; then\n BUYANYWHERE=0\nelif [[ \"$BUYANYWHERE\" = \"Terrorists Only\" ]]; then\n BUYANYWHERE=2\nelif [[ \"$BUYANYWHERE\" = \"Counter-Terrorists Only\" ]]; then\n BUYANYWHERE=3\nfi\n\n#friendlyfire\n\nif [[ \"$FRIENDLYFIRE\" = \"Enabled\" ]]; then\n FRIENDLYFIRE=1\nelif [[ \"$FRIENDLYFIRE\" = \"Disabled\" ]]; then\n FRIENDLYFIRE=0\nfi\n\nset_hostname\napt_setup_update\n\n\n# CSGO specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc1 libstdc++6 libstdc++6:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install CSGO\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\n> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\n\ncat <> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nsv_contact \"\"\nsv_lan 0\nlog on\nsv_logbans 1\nsv_logecho 1\nsv_logfile 1\nsv_log_onefile 0\nsv_hibernate_when_empty 1\nsv_hibernate_ms 5\nhost_name_store 1\nhost_info_show 1\nhost_players_show 2\nexec banned_user.cfg\nexec banned_ip.cfg\nwriteid\nwriteip\nEND\n\necho \"mp_autoteambalance $AUTOTEAMBALANCE\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"hostname $SERVERNAME\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"mp_roundtime $ROUNDTIME\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"rcon_password \\\"$RCONPASSWORD\\\"\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"sv_password \\\"$SVPASSWORD\\\"\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nsed -i s/mp_buy_anywhere.*/mp_buy_anywhere\\ \"$BUYANYWHERE\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/mp_maxrounds.*/mp_maxrounds\\ \"$MAXROUNDS\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/mp_friendlyfire.*/mp_friendlyfire\\ \"$FRIENDLYFIRE\"/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\necho \"$MOTD\" > /home/csgoserver/serverfiles/csgo/motd.txt\n\n\nif [[ \"$FRIENDLYFIRE\" = \"1\" ]]; then\nsed -i s/ff_damage_reduction_bullets.*/ff_damage_reduction_bullets\\ 0\\.85/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_gernade.*/ff_damage_reduction_gernade\\ 0\\.33/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_gernade_self.*/ff_damage_reduction_gernade_self\\ 0\\.4/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\nsed -i s/ff_damage_reduction_other.*/ff_damage_reduction_other\\ 1/ /home/csgoserver/serverfiles/csgo/cfg/gamemode_casual.cfg\necho \"sv_kick_ban_duration 0\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\necho \"mp_disable_autokick 0\" >> /home/csgoserver/serverfiles/csgo/cfg/csgoserver.cfg\nfi\n\n# Start the service and setup firewall\nufw_install\nufw allow 27015\nufw allow 27020/udp\nufw allow 27005/udp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup", "user_defined_fields": [ { "name": "gslt", "label": "Game Server Login Token", "example": "Steam gameserver token. Needed to list as public server." }, { "name": "motd", "label": "Message of the Day", "default": "Powered by Linode!" }, { "name": "servername", "label": "Server Name", "default": "Linode CS:GO Server" }, { "name": "rconpassword", "label": "RCON password" }, { "name": "svpassword", "label": "CSGO server password", "default": "" }, { "name": "autoteambalance", "label": "Team Balance Enabled", "oneof": "Enabled,Disabled", "default": "Enabled" }, { "name": "roundtime", "label": "Round Time Limit", "oneof": "5,10,15,20,60", "default": "5" }, { "name": "maxrounds", "label": "Maximum Rounds", "oneof": "1,5,10,15,20", "default": "10" }, { "name": "buyanywhere", "label": "Buy Anywhere ", "oneof": "Disabled,Enabled,Counter-Terrorists Only, Terrorists Only", "default": "Disabled" }, { "name": "friendlyfire", "label": "Friendly Fire Enabled", "oneof": "Enabled,Disabled", "default": "Disabled" } ] }, { "id": 688891, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Discourse One-Click", "description": "Discourse One-Click", "ordinal": 25, "logo_url": "assets/discourse.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 1210, "deployments_active": 59, "is_public": true, "mine": false, "created": "2020-11-17T20:55:26", "updated": "2023-12-06T22:46:13", "rev_note": "", "script": "#!/bin/bash\n\n## Discourse Settings\n\n#\n#\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n# This also sets some useful variables, like $IP and $FQDN\nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\n#Install dependencies needed for Discourse\napt install git apt-transport-https ca-certificates curl software-properties-common net-tools -y\n\n#Clone Discourse Docker repo for install and management\ngit clone https://github.com/discourse/discourse_docker.git /var/discourse\n#UFW Firewall Rules\nufw allow http\nufw allow https\nufw allow 25\nufw allow 465\nufw allow 587\nufw enable <\n#\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Python & Django\napt-get install -y python3 python3-pip\npip3 install Django\n\n# Create & Setup Django APP\nmkdir /var/www/\ncd /var/www/\ndjango-admin startproject DjangoApp\ncd DjangoApp\npython3 manage.py migrate\necho \"from django.contrib.auth.models import User; User.objects.create_superuser('$DJANGOUSER', '$DJANGOUSEREMAIL', '$DJANGOUSERPASSWORD')\" | python3 manage.py shell\nsed -i \"s/ALLOWED_HOSTS = \\[\\]/ALLOWED_HOSTS = \\['$IP'\\]/g\" DjangoApp/settings.py\npython3 manage.py runserver 0.0.0.0:8000 &\n\n# Start Django app on reboot\ncrontab -l | { cat; echo \"@reboot cd /var/www/DjangoApp && python3 manage.py runserver 0.0.0.0:8000 &\"; } | crontab -\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "djangouser", "label": "Django USER", "example": "user1" }, { "name": "djangouserpassword", "label": "Django Password", "example": "s3cure_p4ssw0rd" }, { "name": "djangouseremail", "label": "Django USER email", "example": "user@email.tld" } ] }, { "id": 607433, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Docker One-Click", "description": "Docker One Click App", "ordinal": 27, "logo_url": "assets/docker.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 35968, "deployments_active": 1827, "is_public": true, "mine": false, "created": "2019-10-31T20:14:04", "updated": "2023-12-07T16:45:49", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Docker Settings\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-docker\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n else echo \"No email entered\";\n fi\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "SOA Email", "example": "user@domain.tld", "default": "" } ] }, { "id": 401698, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Drupal One-Click", "description": "Drupal One-Click", "ordinal": 28, "logo_url": "assets/Drupal.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1845, "deployments_active": 80, "is_public": true, "mine": false, "created": "2019-03-08T21:04:47", "updated": "2023-12-03T23:12:19", "rev_note": "", "script": "#!/usr/bin/env bash\n## Drupal Settings\n# \n# \n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Set hostname, apt configuration and update/upgrade\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Install/configure UFW\nufw allow http\nufw allow https\n\n# Install/configure MySQL\napt-get install mariadb-server -y\nsystemctl start mariadb\nsystemctl enable mariadb\nmysql_root_preinstall\nrun_mysql_secure_installation\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE drupaldb\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"GRANT ALL ON drupaldb.* TO 'drupal'@'localhost' IDENTIFIED BY '$DB_PASSWORD'\";\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES\";\n\n# Install & Configure Apache\napt-get install -y apache2\ntouch /var/log/apache2/drupal-error_log /var/log/apache2/drupal-access_log\ncp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/drupal.conf\ncat < /etc/apache2/sites-available/drupal.conf\n\n DocumentRoot /var/www/drupal\n ServerName $FQDN\n ServerAlias www.$FQDN\n \n Options FollowSymLinks\n AllowOverride All\n Order allow,deny\n allow from all\n RewriteEngine on\n RewriteBase /\n RewriteCond %{REQUEST_FILENAME} !-f\n RewriteCond %{REQUEST_FILENAME} !-d\n RewriteCond %{REQUEST_URI} !=/favicon.ico\n RewriteRule ^ index.php [L]\n\n ErrorLog /var/log/apache2/drupal-error_log\n CustomLog /var/log/apache2/drupal-access_log common\n\nEND\na2enmod rewrite\na2dissite 000-default.conf\na2ensite drupal.conf\nsed -ie \"s/KeepAlive Off/KeepAlive On/g\" /etc/apache2/apache2.conf\nsystemctl restart apache2\nsystemctl enable apache2\n\n# Install PHP 8.1\napt-get install php libapache2-mod-php php-mysql php-curl php-cgi php-gd php-mbstring php-xml php-xmlrpc -y\nPHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\ncat < /etc/php/$PHP_VERSION/apache2/php.ini\nerror_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR\nerror_log = /var/log/php/error.log\nmax_input_time = 30\nEND\nmkdir /var/log/php\nchown www-data /var/log/php\n\n# Install Drupal\nrm -r /var/www/html\ncd ~; wget -4 https://www.drupal.org/download-latest/tar.gz\ntar -xf tar.gz -C /var/www/ && mv /var/www/drupal* /var/www/drupal\nrm tar.gz\nmkdir /var/www/drupal/sites/default/files\nchmod a+w /var/www/drupal/sites/default/files\ncp /var/www/drupal/sites/default/default.settings.php /var/www/drupal/sites/default/settings.php\nchmod a+w /var/www/drupal/sites/default/settings.php\ncat <> /var/www/drupal/sites/default/settings.php\n\\$settings['trusted_host_patterns'] = [\n '^$FQDN\\$',\n];\nEND\n\n# Cleanup\nsystemctl restart apache2\nsystemctl restart mysql\n\n# SSL\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "E-Mail Address", "example": "Your email address" }, { "name": "dbroot_password", "label": "MySQL root Password", "example": "an0th3r_s3cure_p4ssw0rd" }, { "name": "db_password", "label": "Database Password", "example": "an0th3r_s3cure_p4ssw0rd" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Drupal server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1008125, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Easypanel One-Click", "description": "Easypanel One-Click", "ordinal": 29, "logo_url": "assets/easypanel.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1417, "deployments_active": 79, "is_public": true, "mine": false, "created": "2022-05-18T16:43:00", "updated": "2023-12-07T05:58:49", "rev_note": "", "script": "#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# install docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nsh get-docker.sh\n\n# setup easypanel\ndocker run --rm \\\n -v /etc/easypanel:/etc/easypanel \\\n -v /var/run/docker.sock:/var/run/docker.sock:ro \\\n easypanel/easypanel setup", "user_defined_fields": [] }, { "id": 691620, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "FileCloud One-Click", "description": "FileCloud One-Click", "ordinal": 30, "logo_url": "assets/filecloud.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 782, "deployments_active": 14, "is_public": true, "mine": false, "created": "2020-11-30T21:16:19", "updated": "2023-12-07T16:35:31", "rev_note": "", "script": "#!/bin/bash \n\n## Domain Settings\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source and run the New Linode Setup script for DNS configuration\n# This also sets some useful variables, like $IP and $FQDN\n\nsource \n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nset pipefail -o\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Allow traffic on ports 80 and 443\nufw allow 80\nufw allow 443\n\n# Installing Filecloud and Prequisites\nwget -qO - https://repo.filecloudlabs.com/static/pgp/filecloud.asc | sudo apt-key add -\nwget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list\necho \"deb [ arch=amd64 ] https://repo.filecloudlabs.com/apt/ubuntu focal/filecloud/22.1 main\" | sudo tee /etc/apt/sources.list.d/filecloud.list\napt-get update -y\napt-get install apache2 mongodb-org -y\napt install -y --no-install-recommends php8.1*\nACCEPT_EULA=Y apt-get install filecloud -y\n\nif [[ \"$SSL\" == \"Yes\" ]]; then\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\nfi\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token. This is required in order to create DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "ssl", "label": "Would you like to use a free CertBot SSL certificate?", "oneof": "Yes,No", "default": "No" }, { "name": "soa_email_address", "label": "Email Address for Lets' Encrypt Certificate", "default": "" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 609392, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Flask One-Click", "description": "Flask One-Click", "ordinal": 31, "logo_url": "assets/flask.svg", "images": [ "linode/debian10" ], "deployments_total": 2160, "deployments_active": 134, "is_public": true, "mine": false, "created": "2019-11-07T06:24:17", "updated": "2023-12-07T15:54:26", "rev_note": "Initial import", "script": "#!/bin/bash\n\n## Enable logging\nexec > /var/log/stackscript.log 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\nufw_install\nufw allow http\n\n# Install Prereq's & Flask APP\napt install -y git\ncd /home\ngit clone https://github.com/abalarin/Flask-on-Linode.git flask_app_project\n\n# Install & configure Nginx\napt install -y nginx\ncat < /etc/nginx/sites-enabled/flask_app\nserver {\n listen 80;\n server_name $IP;\n location / {\n proxy_pass http://127.0.0.1:8000;\n proxy_set_header Host \\$host;\n proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\n\nunlink /etc/nginx/sites-enabled/default\nnginx -s reload\n\n# Install python & Packages\napt install -y python3 python3-pip\ncd /home/flask_app_project\npip3 install -r flask_app/requirements.txt\n\n# Configure Flask\ncat < /etc/config.json\n{\n \"SECRET_KEY\": \"$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)\",\n \"SQLALCHEMY_DATABASE_URI\": \"sqlite:///site.db\"\n}\nEND\n\ncat < /home/flask_app_project/flask_app/__init__.py\nfrom flask import Flask\nfrom flask_sqlalchemy import SQLAlchemy\nfrom flask_login import LoginManager\nimport json\nimport urllib3\napp = Flask(__name__)\nwith open('/etc/config.json') as config_file:\n config = json.load(config_file)\napp.config['SECRET_KEY'] = config.get('SECRET_KEY')\napp.config['SQLALCHEMY_DATABASE_URI'] = config.get('SQLALCHEMY_DATABASE_URI')\ndb = SQLAlchemy(app)\nlogin_manager = LoginManager()\nlogin_manager.init_app(app)\nfrom flask_app import routes\nEND\n\n# Install and Configure Gunicorn\napt install -y gunicorn3\ngunicorn3 --workers=3 flask_app:app &\n\n# Install and Configure Supervisor\napt install -y supervisor\ncat < /etc/supervisor/conf.d/flask_app.conf\n[program:flask_app]\ndirectory=/home/flask_app_project\ncommand=gunicorn3 --workers=3 flask_app:app\nautostart=true\nautorestart=true\nstopasgroup=true\nkillasgroup=true\nstderr_logfile=/var/log/flask_app/flask_app.err.log\nstdout_logfile=/var/log/flask_app/flask_app.out.log\nEND\n\nmkdir /var/log/flask_app\ntouch /var/log/flask_app/flask_app.out.log\ntouch /var/log/flask_app/flask_app.err.log\nsupervisorctl reload\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [] }, { "id": 971045, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Focalboard One-Click", "description": "Focalboard One-Click", "ordinal": 32, "logo_url": "assets/focalboard.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 476, "deployments_active": 19, "is_public": true, "mine": false, "created": "2022-02-08T16:23:08", "updated": "2023-12-06T21:12:26", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Focalboard Settings \n#\n\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-focalboard\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n\n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n #Focalboard vars\n \n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n \n\n # populate group_vars\n udf\n # run playbooks\n for playbook in site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 1088136, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Galera Cluster One-Click", "description": "Galera Cluster One-Click", "ordinal": 33, "logo_url": "assets/galeramarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 128, "deployments_active": 8, "is_public": true, "mine": false, "created": "2022-11-15T20:41:27", "updated": "2023-12-01T14:46:14", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/galera-occ\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/galera-occ\" ]; then\n rm -rf /tmp/galera-occ\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[+] Linode private IP present\"\n else\n echo \"[!] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n export DEBIAN_FRONTEND=non-interactive\n # install dependancies\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # add private IP address\n rename_provisioner\n configure_privateip \n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/galera-occ\n cd /tmp/galera-occ/\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip3 install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "cluster_name", "label": "Cluster Name" }, { "name": "token_password", "label": "Your Linode API token" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no" }, { "name": "sslheader", "label": "SSL Information", "header": "Yes", "default": "Yes", "required": "Yes" }, { "name": "country_name", "label": "Details for self-signed SSL certificates: Country or Region", "oneof": "AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW" }, { "name": "state_or_province_name", "label": "State or Province", "example": "Example: Pennsylvania" }, { "name": "locality_name", "label": "Locality", "example": "Example: Philadelphia" }, { "name": "organization_name", "label": "Organization", "example": "Example: Akamai Technologies" }, { "name": "email_address", "label": "Email Address", "example": "Example: user@domain.tld" }, { "name": "ca_common_name", "label": "CA Common Name", "default": "Galera CA" }, { "name": "common_name", "label": "Common Name", "default": "Galera Server" }, { "name": "cluster_size", "label": "Galera cluster size", "default": "3", "oneof": "3" } ] }, { "id": 688911, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Gitea One-Click", "description": "Gitea One-Click", "ordinal": 34, "logo_url": "assets/gitea.svg", "images": [ "linode/debian10" ], "deployments_total": 1007, "deployments_active": 66, "is_public": true, "mine": false, "created": "2020-11-17T21:16:09", "updated": "2023-12-03T12:37:42", "rev_note": "", "script": "#! /bin/bash\n\n## Database Settings\n#\n#\n\n## User and SSH Security\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n#assigns var for IP address\nreadonly ip=$(hostname -I | awk '{print$1}')\n\n#intall git\napt install -y git\n\n#install nginx\napt install -y nginx\n\n#install mysql and secure\nmysql_root_preinstall\napt-get install -y mariadb-server\nsystemctl start mariadb\nsystemctl enable mariadb\nrun_mysql_secure_installation\n\n#create mysql db and user\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE gitea;\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"CREATE USER 'gitea'@'localhost' IDENTIFIED BY '$(printf '%q' \"$DB_PASSWORD\")';\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'localhost' WITH GRANT OPTION;\"\nmysql -u root --password=\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES;\"\n\n#create user for gitea\nadduser --system --disabled-password --group --shell /bin/bash --gecos 'Git Version Control' --home /home/git git\n\n#create directories for gitea\nmkdir -p /var/lib/gitea/{custom,data,log}\nchown -R git:git /var/lib/gitea/\nchmod -R 750 /var/lib/gitea/\nmkdir /etc/gitea\nchown root:git /etc/gitea\nchmod 770 /etc/gitea\n\n#pull down gitea binary\nwget -O gitea https://dl.gitea.io/gitea/1.13.0/gitea-1.13.0-linux-amd64\nchmod +x gitea\n\n#validate gpg\napt install gnupg -y\ngpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2\ngpg --verify gitea-1.13.0-linux-amd64.asc gitea-1.13.0-linux-amd64\n\n#copy gitea to global location\ncp gitea /usr/local/bin/gitea\n\n#download systemd file from gitea\nwget https://raw.githubusercontent.com/go-gitea/gitea/master/contrib/systemd/gitea.service -P /etc/systemd/system/\n\n#add requires mysql to the systemd file\nsed -i 's/#Requires=mariadb.service/Requires=mariadb.service/' /etc/systemd/system/gitea.service\n\n#start gitea as systemd service\nsystemctl daemon-reload\nsystemctl start gitea\nsystemctl enable gitea\n\n#configures ufw rules before nginx\nsystemctl start ufw\nufw allow http\nufw allow https\nufw enable\n\n#set absolute domain if any, otherwise use localhost\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=localhost\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${ABS_DOMAIN};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n\n location / {\n proxy_pass http://localhost:3000;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx\n\nsleep 60\n\n#sets certbot ssl\nif [[ $SSL = \"Yes\" ]]; then\n check_dns_propagation ${ABS_DOMAIN} ${ip}\n apt install python3-certbot-nginx -y\n certbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${EMAIL_ADDRESS} -w /var/www/html/\nfi\n\nstackscript_cleanup", "user_defined_fields": [ { "name": "dbroot_password", "label": "MySQL root Password" }, { "name": "db_password", "label": "gitea Database Password" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "pwless_sudo", "label": "Enable passwordless sudo access for the limited user?", "oneof": "Yes,No", "default": "No" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "auto_updates", "label": "Configure automatic security updates?", "oneof": "Yes,No", "default": "No" }, { "name": "fail2ban", "label": "Use fail2ban to prevent automated instrusion attempts?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for your server (Domain required)", "default": "" }, { "name": "domain", "label": "Your domain (API Token required)", "default": "" }, { "name": "soa_email_address", "label": "SOA Email for your domain (Required for new domains)", "default": "" }, { "name": "mx", "label": "Do you need an MX record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" }, { "name": "spf", "label": "Do you need an SPF record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" }, { "name": "ssl", "label": "Would you like to use a free Let's Encrypt SSL certificate for your domain?", "oneof": "Yes,No", "default": "No" }, { "name": "email_address", "label": "Admin Email for Let's Encrypt certificate", "default": "" } ] }, { "id": 401707, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "GitLab One-Click", "description": "GitLab One-Click", "ordinal": 35, "logo_url": "assets/GitLab.svg", "images": [ "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 3265, "deployments_active": 136, "is_public": true, "mine": false, "created": "2019-03-08T21:12:21", "updated": "2023-12-07T15:03:39", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/usr/bin/env bash\n\n## Gitlab Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction gitlab {\n # Install dependencies\n apt-get install curl ca-certificates apt-transport-https gnupg2 -y\n\n curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | bash\n apt-get update -y\n EXTERNAL_URL=\"https://$FQDN\" apt-get install gitlab-ce -y\n\n}\n\nfunction sslgitlab {\n # Taking advantage of Gitlab's Let's Encrypt cert capabilities\n sed -i \"s/# letsencrypt\\['enable'\\] = nil/letsencrypt\\['enable'\\] = true/g\" /etc/gitlab/gitlab.rb\n sed -i -E \"s/(# )(letsencrypt\\['auto_renew*)/\\2/g\" /etc/gitlab/gitlab.rb\n sed -i \"s/letsencrypt['auto_renew_minute'] = nil/letsencrypt['auto_renew_minute'] = 0/g\" /etc/gitlab/gitlab.rb\n sed -i \"s/# letsencrypt\\['contact_emails'\\] = \\[\\]/letsencrypt\\['contact_emails'\\] = \\['$SOA_EMAIL_ADDRESS']/g\" /etc/gitlab/gitlab.rb\n\n gitlab-ctl reconfigure\n}\n\nfunction firewallgitlab {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n gitlab\n firewallgitlab\n sslgitlab\n}\n\n# Execute Script\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "This is the Email address for the LetsEncrypt SSL Certificate", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Gitlab server's DNS records", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" } ] }, { "id": 1102905, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Gopaddle One-Click", "description": "Gopaddle One-Click app", "ordinal": 36, "logo_url": "assets/gopaddle.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 45, "deployments_active": 2, "is_public": true, "mine": false, "created": "2022-12-20T17:44:47", "updated": "2023-11-09T11:24:37", "rev_note": "", "script": "#!/bin/bash\nexec >/var/log/stackscript.log 2>&1\n# Install Docker\napt-get update -y\napt-get install -y ca-certificates curl gnupg lsb-release\nmkdir -p /etc/apt/keyrings\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg\necho \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null\napt-get update -y\nchmod a+r /etc/apt/keyrings/docker.gpg\napt-get update -y\napt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin\n\n# Install microk8s\napt-get install snapd -y \nsudo snap install core\nexport PATH=$PATH:/snap/bin\nsnap install microk8s --classic --channel=1.25\nsnap refresh microk8s --channel=1.25\nmicrok8s status --wait-ready\n\n\n# Install gopaddle\nmicrok8s addons repo add gp-lite https://github.com/gopaddle-io/microk8s-community-addons-gplite.git\nmicrok8s enable gopaddle-lite\n\necho Waiting for gopaddle services to move to running state ...\nmicrok8s.kubectl wait --for=condition=ready pod -l released-by=gopaddle -n gp-lite --timeout=15m\n\nRDNS=$(dnsdomainname -A | awk '{print $1}')\n\necho gopaddle-lite installation is complete ! You can now access the gopaddle dashboard @ http://$RDNS:30003/", "user_defined_fields": [] }, { "id": 607256, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Grafana One-Click", "description": "Grafana One Click App", "ordinal": 37, "logo_url": "assets/grafana.svg", "images": [ "linode/debian11" ], "deployments_total": 832, "deployments_active": 57, "is_public": true, "mine": false, "created": "2019-10-30T20:43:07", "updated": "2023-12-06T22:21:38", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### Grafana OCA\n\n## Grafana Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n# Source the Bash StackScript Library\nsource \n\n# Source and run the New Linode Setup script for SSH configuration\nsource \n\n# Install PreReqs\napt-get install -y apt-transport-https \\\nsoftware-properties-common \\\nwget \\\ngnupg2 \\\nsqlite3\n\nwget -q -O /usr/share/keyrings/grafana.key https://apt.grafana.com/gpg.key\necho \"deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main\" | sudo tee -a /etc/apt/sources.list.d/grafana.list\napt-get -y update\napt-get -y install grafana\nsystemctl start grafana-server\nsystemctl enable grafana-server\n\n## reset Grafana admin password\n#grafana-cli --homepath \"/usr/share/grafana\" admin reset-admin-password $grafana_password. --not working -hmorris\necho \"Initializing DB.....\" && sleep 25\nsqlite3 /var/lib/grafana/grafana.db <\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction grav {\n apt-get install -y apache2 php libapache2-mod-php php-mysql mysql-server composer php-curl php-common php-gd php-json php-mbstring php-xml php-zip\n run_mysql_secure_installation_ubuntu20\n cd /var/www/html\n git clone https://github.com/getgrav/grav.git\n cd grav\n chown www-data:www-data -R .\n su -l www-data -s /bin/bash -c \"cd /var/www/html/grav && composer install --no-dev -o && bin/grav install && bin/gpm install admin\"\n chown www-data:www-data -R .\n}\n\nfunction apache_conf {\n cat < /etc/apache2/sites-available/grav.conf\n\nServerAdmin $SOA_EMAIL_ADDRESS\nDocumentRoot /var/www/html/grav/\nServerName $FQDN\nServerAlias www.$FQDN\n\nOptions FollowSymLinks\nAllowOverride All\nOrder allow,deny\nallow from all\n\nErrorLog /var/log/apache2/$FQDN-error_log\nCustomLog /var/log/apache2/$FQDN-access_log common\n\n\nEND\n a2enmod rewrite\n a2ensite grav.conf\n a2dissite 000-default.conf\n service apache2 restart\n}\n\nfunction ssl {\n apt install certbot python3-certbot-apache -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n}\nfunction firewall {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n firewall\n grav\n apache_conf\n ssl\n\n}\n\n\n# execute script\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "This is the Email address for the LetsEncrypt SSL Certificate", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 688914, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Guacamole One-Click", "description": "Guacamole One-Click", "ordinal": 39, "logo_url": "assets/guacamole.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 4452, "deployments_active": 63, "is_public": true, "mine": false, "created": "2020-11-17T21:28:05", "updated": "2023-12-05T22:38:27", "rev_note": "", "script": "#!/usr/bin/env bash\n### Apache Guacamole OCA\n### Required UDFs\n## Guacamole Settings\n#\n#\n#\n#\n#\n### Optional UDFs\n## Linode/SSH Security Settings\n#\n#\n## Domain Settings\n#\n#\n#\n## Logging and other debugging helpers\n# Put bash into verbose mode\nset -o pipefail\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Imports\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n### Main Script\n## Open the needed firewall ports\nufw allow http\nufw allow https\n# Install dependencies\nsystem_install_package build-essential libcairo2-dev libpng-dev libtool-bin libossp-uuid-dev libvncserver-dev freerdp2-dev libssh2-1-dev \\\nlibtelnet-dev libwebsockets-dev libpulse-dev libvorbis-dev libwebp-dev \\\nlibssl-dev libpango1.0-dev libswscale-dev libavcodec-dev libavutil-dev \\\nlibavformat-dev\n# Download the Guacamole Server source code\n# Fetch the latest release page\nlatest_release_page=$(curl -sL https://guacamole.apache.org/releases/ | grep -m 1 -o 'href=\"/releases/[0-9.]\\+/\"')\n# Extract the version number from the release page URL\nlatest_version=$(echo $latest_release_page | grep -Eo '[0-9]\\.[0-9]+.[0-9]+')\n# Download the server component\nwget https://downloads.apache.org/guacamole/$latest_version/source/guacamole-server-$latest_version.tar.gz\ntar -xvf guacamole-server-$latest_version.tar.gz\ncd guacamole-server-$latest_version\n# Build Guacamole Server using the downloaded source code\n./configure --with-init-dir=/etc/init.d --enable-allow-freerdp-snapshots\nmake\nmake install\n# Update installed library cache and reload systemd\nldconfig\nsystemctl daemon-reload\n# Start guacd\nsystemctl enable guacd\n## Install Guacamole Web App\n# Install Apache Tomcat\nsystem_install_package tomcat9 tomcat9-admin tomcat9-common tomcat9-user\n# Download and install the Guacamole Client\nwget https://downloads.apache.org/guacamole/$latest_version/binary/guacamole-$latest_version.war\nmv guacamole-$latest_version.war /var/lib/tomcat9/webapps/guacamole.war\nsystemctl restart tomcat9 guacd\n## Guacamole configs\nmkdir /etc/guacamole\nreadonly ENCRYPTED_GUACAMOLE_PASSWORD=\"$(echo -n \"$GUACAMOLE_PASSWORD\" | openssl md5 | awk '{print $2}')\"\ncat <> /etc/guacamole/user-mapping.xml\n\n \n \n \n \n vnc\n localhost\n 5901\n ${PASSWORD}\n \n \n\nEOF\ncat <> /etc/guacamole/guacd.conf\n[daemon]\npid_file = /var/run/guacd.pid\n#log_level = debug\n[server]\nbind_host = 127.0.0.1\nbind_port = 4822\nEOF\ncat <> /etc/guacamole/guacamole.properties\n# Hostname and port of guacamole proxy\nguacd-hostname: localhost\nguacd-port: 4822\nEOF\nsystemctl restart tomcat9 guacd\n## Install a desktop environment (XFCE) and VNC Server\n# Install XFCE & NVC\nsystem_install_package xfce4 xfce4-goodies tigervnc-standalone-server expect\n# Set the VNC Server password\nreadonly VNCSERVER_SET_PASSWORD=$(expect -c \"\nspawn sudo -u $USERNAME vncserver\nexpect \\\"Password:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Verify:\\\"\nsend \\\"$PASSWORD\\r\\\"\nexpect \\\"Would you like to enter a view-only password (y/n)?\\\"\nsend \\\"n\\r\\\"\nexpect eof\n\")\necho \"$VNCSERVER_SET_PASSWORD\"\nsystemctl restart tomcat9 guacd\nkillvncprocess=$(ps aux | grep \"/usr/bin/Xtigervnc :1 -localhost=1 -desktop\" | head -n 1 | awk '{ print $2; }')\nkill $killvncprocess\n# Create a systemd service for Tiger VNC\ntouch /etc/systemd/system/vncserver@.service\ncat < /etc/systemd/system/vncserver@.service\n[Unit]\nDescription=a wrapper to launch an X server for VNC\nAfter=syslog.target network.target\n[Service]\nType=forking\nUser=$USERNAME\nGroup=$USERNAME\nWorkingDirectory=/home/$USERNAME\nExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1\nExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 -localhost :%i\nExecStop=/usr/bin/vncserver -kill :%i\n[Install]\nWantedBy=multi-user.target\nEOF\n# Start and enable the systemd service\nsystemctl start vncserver@1.service\nsystemctl enable vncserver@1.service\n## Reverse proxy for the Guacamole client\n# Install Apache\napache_install\na2enmod proxy proxy_http headers proxy_wstunnel\n# Create the VirtualHost for Guacamole\ncat < /etc/apache2/sites-available/guacamole.conf\n\n ServerName $FQDN\n ErrorLog ${APACHE_LOG_DIR}/guacamole_error.log\n CustomLog ${APACHE_LOG_DIR}/guacamole_access.log combined\n \n Require all granted\n ProxyPass http://localhost:8080/guacamole/ flushpackets=on\n ProxyPassReverse http://localhost:8080/guacamole/\n \n \n Require all granted\n ProxyPass ws://localhost:8080/guacamole/websocket-tunnel\n ProxyPassReverse ws://localhost:8080/guacamole/websocket-tunnel\n \n Header always unset X-Frame-Options\n\nEOF\n# Enable the VirtualHost\na2ensite guacamole.conf\nsystemctl restart apache2\n## HTTPS\nsystem_install_package python3-certbot-apache\ncertbot -n --apache --agree-tos --redirect --hsts --staple-ocsp --email \"$SOA_EMAIL_ADDRESS\" -d \"$FQDN\" \n## Cleanup after ourselves\nstackscript_cleanup\nreboot", "user_defined_fields": [ { "name": "username", "label": "The limited sudo/VNC user to be created for the Linode" }, { "name": "password", "label": "The password for the limited sudo/VNC user" }, { "name": "guacamole_user", "label": "The username to be used with Guacamole" }, { "name": "guacamole_password", "label": "The password to be used with Guacamole" }, { "name": "soa_email_address", "label": "Email for SSL certificate" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is required if filling out any of the domain-related fields.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record", "default": "" } ] }, { "id": 1102902, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HaltDOS Community WAF One-Click", "description": "HaltDOS Community WAF One-Click app", "ordinal": 40, "logo_url": "assets/haltdos.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 174, "deployments_active": 8, "is_public": true, "mine": false, "created": "2022-12-20T17:34:20", "updated": "2023-12-07T12:34:52", "rev_note": "", "script": "#!/bin/bash\n\nset -x\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\necho -e \"\\n---------------HALTDOS COMMUNITY WAF SETUP---------------\"\n\nexport NEEDRESTART_SUSPEND=1\nip=`ip route get 8.8.8.8 | awk -F\"src \" 'NR==1{split($2,a,\" \");print a[1]}'`\necho -e \"Checking OS ...\"\nsource /etc/os-release > /dev/null 2>&1\narch=`uname -m`\nif [[ \"$ID\" == \"ubuntu\" || \"$ID\" == \"debian\" ]]; then\n if [[ \"$VERSION_ID\" == \"18.04\" || \"$VERSION_ID\" == \"20.04\" || \"$VERSION_ID\" == \"22.04\" || \"$VERSION_ID\" == \"11\" ]]; then\n if [ \"$arch\" != \"x86_64\" ]; then\n echo -e \"\\e[1;31m$arch is not yet supported. Supported System Architecture - x86_64 \\e[0m\"\n fi\n else\n echo -e \"\\e[1;31mThis OS is not yet supported. Supported OS - Ubuntu 18.04, 20.04, 22.04 and Debian 11 \\e[0m\"\n exit 1\n fi\nelse\n echo -e \"\\e[1;31mThis OS is not yet supported. Supported Versions - Ubuntu 18.04, 20.04, 22.04 and Debian 11 \\e[0m\"\n exit 1\nfi\n\necho -e \"Downloading dependencies ...\"\n\napt-get update &> /dev/null\n\napt-get install -y default-jdk default-jre &> /dev/null\necho \"JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64/\" >> /etc/environment\nsource /etc/environment\n\necho -e \"Downloading latest binaries ...\"\n\nsource /etc/os-release > /dev/null 2>&1\nif [ \"$VERSION_ID\" == \"18.04\" ]; then\n apt-get install -y libmaxminddb-dev python-dev python &> /dev/null \n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-18/hd-community-waf-x86_64.deb &> /dev/null\nelif [ \"$VERSION_ID\" == \"20.04\" ]; then\n apt-get install -y libmaxminddb-dev python-dev python &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-20/hd-community-waf-x86_64.deb &> /dev/null\nelif [ \"$VERSION_ID\" == \"22.04\" ]; then\n apt-get install -y libmaxminddb-dev libmaxminddb0 mmdb-bin python2-dev python2 &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/ubuntu-22/hd-community-waf-x86_64.deb &> /dev/null\nelif [[ \"$ID\" == \"debian\" && \"$VERSION_ID\" == \"11\" ]]; then\n apt-get install -y sudo libmaxminddb-dev python-dev python &> /dev/null\n curl -s -k -o hd-community-waf.deb https://binary.haltdos.com/community/waf/deb/debian-11/hd-community-waf-x86_64.deb &> /dev/null\nfi\n\napt-get install -y ./hd-community-waf.deb &> /dev/null\nrm hd-community-waf.deb\necho -e \"Haltdos Community WAF Installed\"\n\n\ncurl -s -k -o hd-community-controller.deb https://binary.haltdos.com/community/waf/gui/hd-community-controller-x86_64.deb &> /dev/null\napt-get install -y ./hd-community-controller.deb &> /dev/null\nrm hd-community-controller.deb\necho -e \"Haltdos Community Controller Installed\"\n\n\necho -e \"Haltdos Community WAF Setup Done\\n\"\necho -e \"Configure your WAF on https://$ip:9000\\n\"\nexport NEEDRESTART_SUSPEND=0", "user_defined_fields": [] }, { "id": 912262, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Harbor One-Click", "description": "Harbor One-Click", "ordinal": 41, "logo_url": "assets/harbor.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 288, "deployments_active": 15, "is_public": true, "mine": false, "created": "2021-09-29T17:06:13", "updated": "2023-12-07T16:41:14", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## harbor Settings \n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-harbor\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n # harbor vars\n \n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n \n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Admin Email for the Harbor server and Let's Encrypt SSL certificate" } ] }, { "id": 1037037, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Nomad One-Click", "description": "HashiCorp Nomad One Click App", "ordinal": 42, "logo_url": "assets/nomad.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 104, "deployments_active": 3, "is_public": true, "mine": false, "created": "2022-08-02T18:46:19", "updated": "2023-11-29T11:13:20", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## set some variables\nexport NOMAD_DIR=/usr/bin\nexport NOMAD_PATH=${NOMAD_DIR}/nomad\nexport NOMAD_CONFIG_DIR=/etc/nomad.d\nexport NOMAD_DATA_DIR=/opt/nomad/data\nexport NOMAD_TLS_DIR=/opt/nomad/tls\nexport NOMAD_ENV_VARS=${NOMAD_CONFIG_DIR}/nomad.conf\nexport IP=$(hostname -I | awk '{print$1}')\n\n\n## install gpg\napt-get install -y gpg\n\n## Install Nomad\nwget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\necho \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.list\nsudo apt update -y && sudo apt install -y nomad\n\n#echo \"Start Nomad in -server mode\"\nsudo tee ${NOMAD_ENV_VARS} > /dev/null < ${NOMAD_ENV_VARS}\n[Unit]\nDescription=Nomad Agent\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nRestart=on-failure\nEnvironmentFile=/etc/nomad.d/nomad.conf\nExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d $FLAGS\nExecReload=/bin/kill -HUP $MAINPID\nKillSignal=SIGTERM\nUser=root\nGroup=root\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\n## enable and start nomad\nsystemctl enable nomad\nsystemctl start nomad\n\n## Install Docker\ncurl -fsSL get.docker.com | sudo sh\n\n## Configure nginx container\ncat << EOF > /root/nginx.conf\nevents {}\n\nhttp {\n server {\n location / {\n proxy_pass http://nomad-ws;\n proxy_set_header X-Forwarded-For \\$proxy_add_x_forwarded_for;\n\n # Nomad blocking queries will remain open for a default of 5 minutes.\n # Increase the proxy timeout to accommodate this timeout with an\n # additional grace period.\n proxy_read_timeout 310s;\n\n # Nomad log streaming uses streaming HTTP requests. In order to\n # synchronously stream logs from Nomad to NGINX to the browser\n # proxy buffering needs to be turned off.\n proxy_buffering off;\n\n # The Upgrade and Connection headers are used to establish\n # a WebSockets connection.\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"upgrade\";\n\n # The default Origin header will be the proxy address, which\n # will be rejected by Nomad. It must be rewritten to be the\n # host address instead.\n proxy_set_header Origin \"\\${scheme}://\\${proxy_host}\";\n }\n }\n\n # Since WebSockets are stateful connections but Nomad has multiple\n # server nodes, an upstream with ip_hash declared is required to ensure\n # that connections are always proxied to the same server node when possible.\n upstream nomad-ws {\n ip_hash;\n server host.docker.internal:4646;\n }\n}\nEOF\n\n## start docker container\ndocker run -d --publish=8080:80 --add-host=host.docker.internal:host-gateway \\\n --mount type=bind,source=$PWD/nginx.conf,target=/etc/nginx/nginx.conf \\\n nginx:latest\n\n## firewall\nufw allow 22\nufw allow 80\nufw allow 443\nufw allow 4646\nufw allow 8080\n\ncat << EOF > /etc/motd\n#################################\n The Nomad GUI is now available at HTTP://${IP}:8080\n\n This is a minimal installation with limited configurations.\n Please review configurations before using this application in production.\n\n Information on Nomad configurations at https://www.nomadproject.io/docs/configuration\n#################################\nEOF\n\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 1226544, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Nomad Cluster One-Click", "description": "Nomad Cluster One-Click", "ordinal": 43, "logo_url": "assets/nomadocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 97, "deployments_active": 5, "is_public": true, "mine": false, "created": "2023-08-25T19:05:25", "updated": "2023-12-03T16:18:47", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\ngit_username=\"akamai-compute-marketplace\"\nexport GIT_REPO_1=\"https://github.com/$git_username/nomad-occ.git\"\nexport GIT_REPO_2=\"https://github.com/$git_username/nomad-client-occ.git\"\nexport DEBIAN_FRONTEND=non-interactive\nexport UUID=$(uuidgen | awk -F - '{print $1}')\nexport CLUSTER_MODE='cluster'\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \n\nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}-server-1-${UUID}\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\n\nfunction tag_provisioner {\n echo \"[info] tagging the provisioner\"\n REGION=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .region)\n export REGION=\"${REGION}\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" -X PUT \\\n -d \"{\\\"tags\\\": [\\\"${UUID}-${REGION}\\\"]}\" \\ \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID} \n}\n\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n tag_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO_1} /tmp/linode\n git clone ${GIT_REPO_2} /tmp/linode/nomad-client-occ\n # clone one branch to test \n # git clone -b develop ${GIT_REPO_1} /tmp/linode\n # git clone -b develop ${GIT_REPO_2} /tmp/linode/nomad-client-occ\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token" }, { "name": "sudo_username", "label": "The limited sudo user to be created in the cluster" }, { "name": "email_address", "label": "Email Address", "example": "Example: user@domain.tld" }, { "name": "clusterheader", "label": "Cluster Settings", "default": "Yes", "header": "Yes" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no", "default": "yes" }, { "name": "cluster_size", "label": "Total instance count", "default": "6", "oneof": "6" }, { "name": "servers", "label": "Nomad Server count", "default": "3", "oneof": "3" }, { "name": "clients", "label": "Nomad client size", "default": "3", "oneof": "3" } ] }, { "id": 1226545, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Nomad Clients Cluster One-Click", "description": "Nomad Cluster Clients One-Click", "ordinal": 44, "logo_url": "assets/nomadclientsocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 3, "deployments_active": 0, "is_public": true, "mine": false, "created": "2023-08-25T19:07:27", "updated": "2023-11-14T15:53:47", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}-client-1-${UUID}\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction tag_provisioner {\n echo \"[info] tagging the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" -X PUT \\\n -d \"{\\\"tags\\\": [\\\"${CLUSTER_UUID}\\\"]}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID} \n}\n\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=noninteractive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n tag_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/linode\n # clone one branch to test \n # git clone -b develop ${GIT_REPO} /tmp/linode\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token" }, { "name": "sudo_username", "label": "The limited sudo user to be created in the cluster" }, { "name": "clusterheader", "label": "Cluster Settings", "default": "Yes", "header": "Yes" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no", "default": "yes" }, { "name": "cluster_size", "label": "Nomad Client Count", "default": "3", "oneof": "3,5,7" }, { "name": "consul_nomad_autojoin_token_password", "label": "consul_nomad_autojoin_token generated by Nomad Server OCC" }, { "name": "cluster_uuid", "label": "cluster_uuid tag for the Nomad Server OCC being joined to.", "# git repogit_username": "akamai-compute-marketplace", "export git_repo": "https://github.com/$git_username/nomad-client-occ.git" } ] }, { "id": 1037038, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "HashiCorp Vault One-Click", "description": "HashiCorp Vault One Click App", "ordinal": 45, "logo_url": "assets/vault.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 216, "deployments_active": 18, "is_public": true, "mine": false, "created": "2022-08-02T18:47:32", "updated": "2023-12-06T01:29:13", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nexport IP=$(hostname -I | awk '{print$1}')\nexport VAULT_ADDR=\"http://${IP}:8200\"\n\n## install gpg\napt install -y gpg\n\n## add hashicorp gpg key and repo\nwget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null\necho \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main\" | sudo tee /etc/apt/sources.list.d/hashicorp.list\n\n## install vault\napt update && apt install -y vault\n\n## basic vault configs\nmkdir -p /vault/data\nchown -R vault:vault /vault\ncat << EOF > /etc/vault.d/vault.hcl\nstorage \"raft\" {\n path = \"/vault/data\"\n node_id = \"node1\"\n}\n\nlistener \"tcp\" {\n address = \"${IP}:8200\"\n tls_disable = \"true\"\n}\n\ndisable_mlock = true\n\napi_addr = \"http://127.0.0.1:8200\"\ncluster_addr = \"https://127.0.0.1:8201\"\nui = true\nEOF\n\n## systemd for vault\nsystemctl enable vault.service\n\n## Start vault server and stash the tokens\nsystemctl start vault.service\ntouch /root/.vault_tokens.txt\nsleep 20\nvault operator init | grep 'Token\\|Unseal' >> /root/.vault_tokens.txt\n\n## firewall\nufw allow 22\nufw allow 8200\n\n## config info and recommendations\ncat << EOF > /etc/motd\n#####################################\n The Vault server GUI is now available at ${VAULT_ADDR}\n The randomly generate Unseal Tokens and Initial Root Token are listed in /root/.vault_tokens.txt\n ** STORE THESE VALUES SOMEWHERE SAFE AND SECURE **\n\n This is a minimal installation with limited configurations.\n Please review configurations before using this application in production.\n\n Information on Vault configurations at https://www.vaultproject.io/docs/configuration\n######################################\nEOF\n\nsleep 20\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 1177605, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Illa Builder One-Click", "description": "Illa Builder One-Click App", "ordinal": 46, "logo_url": "assets/illabuilder.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 94, "deployments_active": 3, "is_public": true, "mine": false, "created": "2023-05-17T14:22:00", "updated": "2023-11-30T00:37:08", "rev_note": "", "script": "#!/bin/bash\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Sources OCA helpers\nsource \nsource \nsource \nsource \n# Apt update/upgrade\nexport DEBIAN_FRONTEND=non-interactive\napt update && apt upgrade -y\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2 pwgen ufw\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker-ce\n\n# Check to ensure Docker is running and installed correctly\nsystemctl status docker\ndocker -v\n\n# Env config\nILLA_HOME_DIR=~/illa\nPG_VOLUMN=${ILLA_HOME_DIR}/database\nDRIVE_VOLUMN=${ILLA_HOME_DIR}/drive\n\n\n# Init\nmkdir -p ${ILLA_HOME_DIR}\nmkdir -p ${PG_VOLUMN}\nmkdir -p ${DRIVE_VOLUMN}\n\n# Run\ndocker run -d \\\n --name illa_builder \\\n -v $PG_VOLUMN:/opt/illa/database \\\n -v $DRIVE_VOLUMN:/opt/illa/drive \\\n -p 80:2022 \\\n illasoft/illa-builder:latest\n\necho \"\n********************************************************************************\nWelcome to ILLA Builder!\n********************************************************************************\n # ILLA Builder: http://\"$FQDN\"\n # Website: https://www.illacloud.com\n # Documentation: https://www.illacloud.com/docs/about-illa\n # Github: https://github.com/illacloud\n # Community Support: https://github.com/orgs/illacloud/discussions\n\"", "user_defined_fields": [] }, { "id": 607401, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Jenkins One-Click", "description": "Jenkins One-Click App", "ordinal": 47, "logo_url": "assets/jenkins.svg", "images": [ "linode/debian11" ], "deployments_total": 1994, "deployments_active": 130, "is_public": true, "mine": false, "created": "2019-10-31T15:29:54", "updated": "2023-12-06T15:30:30", "rev_note": "Initial import", "script": "#!/bin/bash\n\nsource \nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Prereq's & Jenkins\napt install -y default-jre wget gnupg2\nwget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -\nsh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'\napt_setup_update\napt install -y jenkins\nsystemctl enable --now jenkins\n\n# Cleanup \nstackscript_cleanup", "user_defined_fields": [] }, { "id": 869623, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "JetBackup One-Click", "description": "JetBackup One-Click", "ordinal": 48, "logo_url": "assets/jetbackup.svg", "images": [ "linode/centos7", "linode/almalinux8" ], "deployments_total": 102, "deployments_active": 1, "is_public": true, "mine": false, "created": "2021-07-21T12:45:59", "updated": "2023-11-21T02:29:13", "rev_note": "", "script": "#!/bin/bash\n\n# JetBackup StackScript UDF Variables\n# \n# \n#\n# The next line makes the Official cPanel StackScript available if cPanel/WHM is selected as the control panel. Do not remove this line.\n# source \n#\n# Log File Paths:\n# StackScript Log: /var/log/stackscript.log\n# cPanel/WHM installation: /var/log/stackscript-595742.log\n# Debugging: /var/log/stackscript-debug.log\n#\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>/var/log/stackscript-debug.log\necho \"PID: $$\"\nCONTROLPANEL=${CONTROLPANEL}\nRELEASE=${RELEASETIER}\nJBDIR=\"/usr/local/jetapps/etc/jetbackup5\"\n\nif [[ -z ${CONTROLPANEL} ]]; then\necho \"Error: No panel selected. Please select a panel to deploy JetBackup.\"\nexit 1\nelif [[ -d ${JBDIR} ]]; then\necho \"Error: JetBackup already installed. Aborting StackScript.\"\nexit 0\nfi\n\necho \"Installing JetApps Repository\"\nrpm --import http://repo.jetlicense.com/centOS/RPM-GPG-KEY-JETAPPS\nyum -y -q install http://repo.jetlicense.com/centOS/jetapps-repo-latest.rpm\nyum -y -q install jetapps --disablerepo=* --enablerepo=jetapps\necho \"JetApps Repository Successfully Installed.\"\n\ncpanelinstall() {\n\necho \"Running cPanel/WHM Marketplace StackScript. You can track the progress of cPanel/WHM with: tail -f /var/log/stackscript-595742.log \"\n(source /root/ssinclude-595742 >>/var/log/stackscript-595742.log 2>&1)\n\n}\n\n# JETBACKUP 5 FOR LINUX - STANDALONE INSTALLATION\n\nif [ \"${CONTROLPANEL}\" = \"Linux\" ]; then\necho \"Installing JetBackup 5.\"\npackage='jetbackup5-linux'\njetapps --install $package $RELEASE\njbhostname=$(hostname)\njbhostname=\"https://${jbhostname}:3035\"\necho \"Adding a Firewall rule to open port 3035. Port 3035 must be open for access to the JetBackup 5 Linux UI.\"\nfirewall-cmd --permanent --add-port=3035/tcp\nfirewall-cmd --reload\necho \"To go to JetBackup and Accept the User Agreement, go to ${jbhostname} and enter your root login credentials.\"\necho \"To generate a one-time JetBackup 5 login URL after installation and acceptance of the EULA type the following command in the terminal:\"\necho \"jb5login\"\nfi\n\n# JETBACKUP 5 FOR CPANEL/WHM INSTALLATION\n\nif [ \"${CONTROLPANEL}\" = \"cPanel/WHM\" ]; then\n\npackage='jetbackup5-cpanel'\ncpanelinstall\nsleep 2\necho \"Installing JetBackup 5.\"\njetapps --install $package $RELEASE\necho \"To log in to cPanel/WHM as root user, please enter the following command to generate a one-time login token:\"\necho \"\"\necho \"whmlogin\"\nfi\n\necho \"Review the JetBackup 5 Getting Started Guide at https://docs.jetbackup.com/v5.1/adminpanel/gettingStarted.html\"\ninstallVersion=\"$(jetbackup5 --version | cut -d ' ' -f 1,3,4 | sed \"2 d\")\"\necho \"${installVersion} Successfully Installed!\"\nrm /root/ssinclude-595742\nrm /root/StackScript\nexit 0", "user_defined_fields": [ { "name": "CONTROLPANEL", "label": "Choose a Control Panel to use with JetBackup 5. cPanel/WHM or Linux (No Control Panel)", "default": "cPanel/WHM", "oneof": "cPanel/WHM,Linux" }, { "name": "RELEASETIER", "label": "Choose a JetBackup Release Tier.", "default": "stable", "oneof": "stable,beta,edge" } ] }, { "id": 662121, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Jitsi One-Click", "description": "Jitsi One-Click", "ordinal": 49, "logo_url": "assets/jitsi.svg", "images": [ "linode/ubuntu20.04", "linode/ubuntu22.04" ], "deployments_total": 4515, "deployments_active": 129, "is_public": true, "mine": false, "created": "2020-08-12T16:08:51", "updated": "2023-12-06T18:45:50", "rev_note": "", "script": "#!/bin/bash\n\n## Jitsi Settings\n#\n\n## Domain Settings\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n\n# This also sets some useful variables, like $IP and $FQDN\nsource \nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# dependencies\nexport DEBIAN_FRONTEND=noninteractive\napt install apt-transport-https gnupg2 curl wget -y\napt-add-repository universe\napt update -y\n\n#Install Jitisi dep Prosody\necho deb http://packages.prosody.im/debian $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list\nwget https://prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -\napt install lua5.2\n\n#Install Nginx\napt install -y nginx\nsystemctl start nginx\nsystemctl enable nginx\n\n#Install Jitsi Meet\ncurl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'\necho 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null\n\n# update all package sources\napt update -y\necho \"jitsi-videobridge jitsi-videobridge/jvb-hostname string $FQDN\" | debconf-set-selections\necho \"jitsi-meet-web-config jitsi-meet/cert-choice select 'Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)'\" | debconf-set-selections\napt --option=Dpkg::Options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes install jitsi-meet\n\n# Firewall\nsudo ufw allow 80/tcp\nsudo ufw allow 443/tcp\nsudo ufw allow 10000/udp\nsudo ufw allow 22\nsudo ufw allow 3478/udp\nsudo ufw allow 5349/tcp\nsudo ufw enable\n\n# SSL \ncheck_dns_propagation \"${FQDN}\" \"${IP}\"\n/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh <\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction lampjoomla {\n apt-get install apache2 mariadb-server php php-common libapache2-mod-php php-cli php-fpm php-mysql php-json php-opcache php-gmp php-curl php-intl php-mbstring php-xmlrpc php-gd php-xml php-zip -y\n PHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\n cat < /etc/php/$PHP_VERSION/apache2/php.ini\nmemory_limit = 512M\nupload_max_filesize = 256M\npost_max_size = 256M \nmax_execution_time = 300\noutput_buffering = off\ndisplay_errors = off\nupload_tmp_dir = \"/var/www/html/joomla/tmp\"\nEND\n}\n\nfunction databaseconf {\n run_mysql_secure_installation\n mysql -uroot -p$DBROOT_PASSWORD -e \"CREATE DATABASE joomla_db;\"\n mysql -uroot -p$DBROOT_PASSWORD -e \"CREATE USER 'joomla'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD';\"\n mysql -uroot -p$DBROOT_PASSWORD -e \"GRANT ALL PRIVILEGES ON joomla_db.* TO 'joomla'@'localhost';\"\n}\n\nfunction apachejoomla {\n apt-get install wget unzip -y\n mkdir -p /var/www/html/joomla\n cd /tmp && wget https://downloads.joomla.org/cms/joomla4/4-1-0/Joomla_4-1-0-Stable-Full_Package.zip?format=zip\n unzip Joomla_4* -d /var/www/html/joomla\n chown -R www-data:www-data /var/www/html/joomla \n chmod -R 755 /var/www/html/joomla\n cat < /etc/apache2/sites-available/joomla.conf\n\n ServerAdmin $SOA_EMAIL_ADDRESS\n DocumentRoot /var/www/html/joomla\n ServerName $FQDN\n\n \n Options FollowSymlinks\n AllowOverride All\n Require all granted\n \n\n ErrorLog ${APACHE_LOG_DIR}/$FQDN_error.log\n CustomLog ${APACHE_LOG_DIR}/$FQDN_access.log combined\n\n\nEND\n a2ensite joomla.conf\n a2enmod rewrite\n a2enmod php$PHP_VERSION\n a2dissite 000-default.conf\n systemctl restart apache2\n\n ufw allow http\n ufw allow https\n}\nfunction ssljoomla {\n apt install certbot python3-certbot-apache -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n}\n\nfunction main {\n lampjoomla\n databaseconf\n apachejoomla\n ssljoomla\n stackscript_cleanup\n}\n# Execute script\nmain", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "dbroot_password", "label": "MySQL Root Password", "example": "s3cur3_9a55w04d" }, { "name": "dbuser_password", "label": "MySQL User Password", "example": "s3cur3_9a55w04d" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 985380, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Joplin One-Click", "description": "Joplin One-Click", "ordinal": 51, "logo_url": "assets/joplin.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 420, "deployments_active": 31, "is_public": true, "mine": false, "created": "2022-03-08T18:14:30", "updated": "2023-12-06T21:12:55", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Joplin setup\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-joplin\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n}\n\nfunction udf {\n \n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n \n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n # Joplin vars\n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n \n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 688912, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Kepler Builder One-Click", "description": "Kepler Builder One-Click", "ordinal": 52, "logo_url": "assets/keplerbuilder.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 264, "deployments_active": 4, "is_public": true, "mine": false, "created": "2020-11-17T21:17:33", "updated": "2023-12-06T21:13:24", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-keplerbuilder\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "webserver_stack", "label": "The stack you are looking to deploy Wordpress on", "oneof": "LAMP,LEMP" }, { "name": "site_title", "label": "Website title", "example": "My Blog" }, { "name": "wp_admin_user", "label": "Admin username", "example": "admin" }, { "name": "wp_db_user", "label": "Wordpress database user", "example": "wordpress" }, { "name": "wp_db_name", "label": "Wordpress database name", "example": "wordpress" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 401701, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "LAMP One-Click", "description": "LAMP One-Click", "ordinal": 53, "logo_url": "assets/LAMP.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 13726, "deployments_active": 1105, "is_public": true, "mine": false, "created": "2019-03-09T02:07:09", "updated": "2023-12-07T12:39:27", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## LAMP Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-lamp\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n webserver_stack: lamp\n soa_email_address: ${SOA_EMAIL_ADDRESS}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n \n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 606691, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "LEMP One-Click", "description": "LEMP Stack", "ordinal": 54, "logo_url": "assets/LEMP.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 4144, "deployments_active": 309, "is_public": true, "mine": false, "created": "2019-10-27T15:29:04", "updated": "2023-12-07T15:10:35", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## LEMP Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-lemp\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n webserver_stack: lemp\n soa_email_address: ${SOA_EMAIL_ADDRESS}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 923032, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "LiteSpeed cPanel One-Click", "description": "LiteSpeed cPanel One-Click", "ordinal": 55, "logo_url": "assets/litespeedcpanel.svg", "images": [ "linode/almalinux8" ], "deployments_total": 1015, "deployments_active": 21, "is_public": true, "mine": false, "created": "2021-10-18T00:57:12", "updated": "2023-12-01T13:53:07", "rev_note": "", "script": "#!/bin/bash\n## Logging\nexec > /var/log/stackscript.log 2>&1\n## Install cPanel\nyum install -y kernel grub2\nsed -i -e \"s/GRUB_TIMEOUT=5/GRUB_TIMEOUT=10/\" /etc/default/grub\nsed -i -e \"s/crashkernel=auto rhgb console=ttyS0,19200n8/console=ttyS0,19200n8/\" /etc/default/grub\nmkdir /boot/grub\ngrub2-mkconfig -o /boot/grub/grub.cfg\nsystemctl stop firewalld.service\nsystemctl disable firewalld.service\nsystemctl stop NetworkManager\nsystemctl disable NetworkManager\nsystemctl enable network\nsystemctl start network\nyum remove NetworkManager -y\ncd /home \ncurl -o latest -L https://securedownloads.cpanel.net/latest && sh latest\nyum remove ea-apache24-mod_ruid2 -y\n## Install LSWS on cPanel\nADMIN_PASS=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16 ; echo '')\ncat <>/home/lsws.options\n## 1 = enable, 0 = disable, 2 = user home directory\nphp_suexec=\"2\"\nport_offset=\"0\"\nadmin_user=\"admin\"\nadmin_pass=\"${ADMIN_PASS}\"\nadmin_email=\"root@localhost\"\neasyapache_integration=\"1\"\nauto_switch_to_lsws=\"1\"\ndeploy_lscwp=\"1\"\nEOT\nbash <( curl https://get.litespeed.sh ) TRIAL", "user_defined_fields": [] }, { "id": 1008123, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "LiveSwitch One-Click", "description": "LiveSwitch One-Click", "ordinal": 56, "logo_url": "assets/liveswitch.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 193, "deployments_active": 1, "is_public": true, "mine": false, "created": "2022-05-18T16:41:37", "updated": "2023-12-03T04:57:47", "rev_note": "", "script": "#!/bin/bash\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n## Import the Bash StackScript Library\nsource \n\nsudo dpkg --configure -a\n\n# kill any background updater jobs\nsudo killall apt apt-get\n\n# helpers\nsudo apt-get install dialog apt-utils -y -q\n\nsudo DEBIAN_FRONTEND=noninteractive apt-get update -y\nsudo DEBIAN_FRONTEND=noninteractive apt-get upgrade -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef -y\n\n# firewall\n# normal defaults\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\n# ssh on\nsudo ufw allow ssh\n# dynamic inbound traffic\nsudo ufw allow 49152:65535/udp\n# TURN\nsudo ufw allow 3478/udp\n# TURN TCP\nsudo ufw allow 80/tcp\n# TURNS\nsudo ufw allow 443/tcp\n# admin (only really should do this for a demo system where it's all on one box)\nsudo ufw allow 9090/tcp\nsudo ufw allow 9443/tcp\n# gateway (only really should do this for a demo system where it's all on one box)\nsudo ufw allow 8080/tcp\nsudo ufw allow 8443/tcp\n\n# sip\n# sudo ufw allow 5061/udp\n# sudo ufw allow 5061/tcp\n\n# we will turn on the firewall at the end because it disconnects us\n\n# install docker\nsudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\nsudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable\"\napt-cache policy docker-ce\nsudo apt-get install -y docker-ce\n\n# entropy fix for docker\nsudo apt-get install -y haveged\n\n# install docker compose\nsudo curl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\nsudo chmod +x /usr/local/bin/docker-compose\n\n# retrieve docker compose files\nmkdir -p /opt/liveswitch\nsudo curl -L \"https://raw.githubusercontent.com/jvenema/liveswitch-docker-compose/main/docker-compose-liveswitch.service\" -o /opt/liveswitch/docker-compose-liveswitch.service\nsudo curl -L \"https://raw.githubusercontent.com/jvenema/liveswitch-docker-compose/main/docker-compose.yml\" -o /opt/liveswitch/docker-compose.yml\n\n# install liveswitch docker compose\nsudo cp /opt/liveswitch/docker-compose-liveswitch.service /etc/systemd/system/\nsudo systemctl enable docker\nsudo systemctl enable docker-compose-liveswitch\nsudo systemctl start docker-compose-liveswitch\n\n# clean up some logs\nsudo rm -f /var/log/cloud-init-output.log\nsudo rm -f /var/log/dpkg.log\nsudo rm -f /var/log/kern.log\nsudo rm -f /var/log/ufw.log\n\n# turn on the firewall\nsudo ufw --force enable\nsudo reboot", "user_defined_fields": [] }, { "id": 869159, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MagicSpam One-Click", "description": "MagicSpam One-Click", "ordinal": 57, "logo_url": "assets/magicspam.svg", "images": [ "linode/centos7" ], "deployments_total": 5, "deployments_active": 0, "is_public": true, "mine": false, "created": "2021-07-20T19:13:52", "updated": "2023-10-18T12:38:33", "rev_note": "", "script": "#!/bin/bash\n\n# \n# \n# \n\n# source the stackscript for the selected control panel\nif [ \"$CONTROL_PANEL\" == \"cPanel\" ]; then\n # redirect ALL output to the stackscript log for future troubleshooting\n exec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n # cPanel Marketplace App install\n source \n\n # set the hostname to replicate Plesk stackscript for consistent behavior\n IPADDR=$(/sbin/ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://')\n echo $HOSTNAME > /etc/hostname\n hostname -F /etc/hostname\n echo $IPADDR $HOSTNAME >> /etc/hosts\nelif [ \"$CONTROL_PANEL\" == \"Plesk\" ]; then\n # Plesk Marketplace App install\n # NOTE: do not redirect output to the stackscript log to avoid duplicate log\n # lines as the Plesk stackscript already redirects to it\n source \nelse\n echo \"Invalid control panel option detected. Aborting...\"\n exit 1\nfi\n\n# install MagicSpam via the installer script\nwget https://www.magicspam.com/download/magicspam-installer.sh -O /root/magicspam-installer\nchmod +x /root/magicspam-installer\n/root/magicspam-installer -l \"$MS_LICENSE_KEY\"", "user_defined_fields": [ { "name": "control_panel", "label": "The Control Panel to deploy alongside with MagicSpam. Make sure to select an Image supported by the selected Control Panel. For more information, please refer to the MagicSpam App Information Sidebar.", "oneof": "cPanel,Plesk" }, { "name": "ms_license_key", "label": "The MagicSpam license key. Please make sure to use the appropriate license key for the selected Control Panel. For more information, please refer to the MagicSpam App information sidebar." }, { "name": "hostname", "label": "The server's hostname." } ] }, { "id": 1243759, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MainConcept FFmpeg Plugins Demo One-Click", "description": "MainConcept FFmpeg Plugins", "ordinal": 58, "logo_url": "assets/mainconcept.svg", "images": [ "linode/debian11" ], "deployments_total": 6, "deployments_active": 1, "is_public": true, "mine": false, "created": "2023-09-28T15:02:48", "updated": "2023-12-06T21:14:38", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\n\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-mc-ffmpeg-demo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" } ] }, { "id": 1243760, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MainConcept Live Encoder Demo One-Click", "description": "MainConcept Live Encoder\r\n\r\n", "ordinal": 59, "logo_url": "assets/mainconcept.svg", "images": [ "linode/centos-stream9" ], "deployments_total": 20, "deployments_active": 1, "is_public": true, "mine": false, "created": "2023-09-28T15:04:08", "updated": "2023-12-06T15:19:44", "rev_note": "", "script": "#!/bin/bash\n\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-mc-live-encoder-demo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(dnsdomainname -A | awk '{print $1}')\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n yum install dnf -y\n dnf update -y\n dnf upgrade -y\n dnf install -y git python3 python3-pip\n\n dnf makecache\n dnf install epel-release -y\n dnf makecache\n dnf install ansible -y\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone --single-branch --branch ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -vvvv $playbook; done\n}\n\nfunction installation_complete {\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for SSL Generation", "default": "" } ] }, { "id": 1243762, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MainConcept P2 AVC ULTRA Transcoder Demo One-Click", "description": "MainConcept P2 AVC ULTRA Transcoder", "ordinal": 60, "logo_url": "assets/mainconcept.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1, "deployments_active": 0, "is_public": true, "mine": false, "created": "2023-09-28T15:05:01", "updated": "2023-12-07T16:54:44", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## MainConcept P2 AVC Ultra Transcoder Demo Settings\n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-mc-p2-avc-demo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n mc_port: ${MC_PORT}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else echo \"No domain entered\";\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "mc_port", "label": "MainConcept P2 AVC Ultra Transcoder API Port", "example": "Default: 8080", "default": "8080" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "soa_email_address", "label": "Email address for domain SOA. REQUIRED for DNS", "example": "user@domain.tld", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1243763, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MainConcept XAVC Transcoder Demo One-Click", "description": "MainConcept XAVC Transcoder", "ordinal": 61, "logo_url": "assets/mainconcept.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 2, "deployments_active": 0, "is_public": true, "mine": false, "created": "2023-09-28T15:05:47", "updated": "2023-12-06T21:20:30", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## MainConcept XAVC Transcoder Demo Settings\n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-mc-xavc-demo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n mc_port: ${MC_PORT}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else echo \"No domain entered\";\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "mc_port", "label": "MainConcept XAVC Transcoder API Port", "example": "Default: 8080", "default": "8080" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "soa_email_address", "label": "Email address for domain SOA. REQUIRED for DNS", "example": "user@domain.tld", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1243764, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MainConcept XDCAM Transcoder Demo One-Click", "description": "MainConcept XDCAM Transcoder", "ordinal": 62, "logo_url": "assets/mainconcept.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1, "deployments_active": 0, "is_public": true, "mine": false, "created": "2023-09-28T15:06:28", "updated": "2023-12-06T21:21:16", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## MainConcept XDCAM Transcoder Demo Settings\n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-mc-xdcam-demo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n mc_port: ${MC_PORT}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n \n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else echo \"No domain entered\";\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "mc_port", "label": "MainConcept XDCAM Transcoder API Port", "example": "Default: 8080", "default": "8080" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "soa_email_address", "label": "Email address for domain SOA. REQUIRED for DNS", "example": "user@domain.tld", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1096122, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Mastodon One-Click", "description": "Mastodon is an open-source and decentralized micro-blogging platform, supporting federation and public access to the server.", "ordinal": 63, "logo_url": "assets/mastodon.svg", "images": [ "linode/debian11" ], "deployments_total": 1689, "deployments_active": 63, "is_public": true, "mine": false, "created": "2022-12-05T15:57:04", "updated": "2023-12-03T22:02:29", "rev_note": "", "script": "#!/bin/bash\nset -x\n## Mastodon Settings\n#\n#\n#\n#\n#\n#\n\n\n# git repo + workdirs\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/mastodon-oca.git\"\nexport WORK_DIR=\"/tmp/oca-deployment\"\nexport LINODE_API_TOKEN=\"${TOKEN_PASSWORD}\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nsource \n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n}\n\nfunction setup {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip python3-dev build-essential\n\n #clone repo and set up ansible environment\n mkdir -p ${WORK_DIR}\n cd ${WORK_DIR}\n git clone $GIT_REPO\n cd mastodon-oca\n\n # write udf vars\n cat < group_vars/mastodon/vars\n domain: ${DOMAIN}\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n owner_username: ${OWNER_USERNAME}\n owner_email: ${OWNER_EMAIL}\n single_user_mode: ${SINGLE_USER_MODE}\nEND\n\n #venv\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n}\n\nfunction run {\n# run playbooks\n ansible-playbook -v site.yml\n}\n\n# main\nsetup\nrun\ncleanup\necho \"Installation Complete!\"", "user_defined_fields": [ { "name": "domain", "label": "Domain name for your Mastodon instance.", "example": "domain.tld" }, { "name": "token_password", "label": "Your Linode API token" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "owner_username", "label": "Username for Mastodon Owner", "example": "" }, { "name": "owner_email", "label": "Email address for Mastodon Owner", "example": "owner@example.com" }, { "name": "single_user_mode", "label": "Do you want to start Mastodon in single-user mode?", "oneof": "Yes,No" } ] }, { "id": 611895, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MEAN One-Click", "description": "MEAN One-Click", "ordinal": 64, "logo_url": "assets/mean.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 726, "deployments_active": 36, "is_public": true, "mine": false, "created": "2019-11-14T04:49:44", "updated": "2023-12-06T14:01:30", "rev_note": "Initial import", "script": "#!/usr/bin/env bash\n\n## MEAN Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction dependmean {\n apt-get install -y build-essential git fontconfig libpng-dev ruby ruby-dev wget gnupg\n gem install sass\n}\n\nfunction mongoinstall {\n cd && wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\n if [ \"${detected_distro[distro]}\" = 'debian' ]; then \n echo \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n else \n echo \"Setting this up for the future incase we add more distros\"\n fi\n apt-get update -y\n apt-get install -y mongodb-org\n systemctl enable mongod.service\n systemctl start mongod.service\n}\n\n\nfunction meaninstall {\n apt-get install -y curl software-properties-common\n curl -fsSL https://deb.nodesource.com/setup_16.x | bash -\n apt-get install -y nodejs\n\n # MEAN APP CONFIGURATION\n cd && mkdir -p /opt/mean\n cd /opt/mean\n cat <> package.json\n{\n\"name\" : \"mean\",\n\"version\": \"0.0.1\"\n}\nEND\n npm install express --save\n npm install angular\n cat <> server.js\nvar express = require('express');\nvar app = express();\nvar port = 3000;\napp.get('/', function(req, res) {\nres.send('Hello World Powered By: Linode Marketplace');\n});\napp.listen(port, function(){\nconsole.log(\"Listening at port: \" + port);\n})\nEND\n # Start App on reboot\n cd && npm install pm2 -g\n pm2 start --name=\"MEAN_APP\" /opt/mean/server.js\n pm2 startup \n pm2 save\n}\n\nfunction nginxmean {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n server_name $FQDN www.$FQDN;\n location / {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host \\$host;\n proxy_cache_bypass \\$http_upgrade;\n }\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n}\n\nfunction sslmean {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewallmean {\n ufw allow http\n ufw allow https\n}\n\nfunction main {\n dependmean\n firewallmean\n mongoinstall\n meaninstall\n nginxmean\n sslmean\n\n}\n\n# execute script\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address for SSL certificate" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 401702, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MERN One-Click", "description": "MERN One-Click", "ordinal": 65, "logo_url": "assets/MERN.svg", "images": [ "linode/debian10", "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 1430, "deployments_active": 57, "is_public": true, "mine": false, "created": "2019-03-08T21:07:40", "updated": "2023-12-02T17:05:28", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 3000\nfail2ban_install\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install dependencies\napt-get install -y build-essential git \n\n# Install Mongodb\napt-get install -y wget gnupg\nwget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \necho \"deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\necho \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get update -y\napt-get install -y mongodb-org\nsystemctl enable mongod.service\nsystemctl start mongod.service\n\n# Install NodeJS and NPM\napt-get install -y curl software-properties-common\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \ncurl -fsSL https://deb.nodesource.com/setup_16.x | bash -\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\ncurl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -\nelse \necho \"Setting this up for the future incase we add more distros\"\nfi\napt-get install -y nodejs\n\n# Install ExpressJS\nnpm update -g\nnpm install --global express\nnpm link express\nnpm -g install create-react-app\ncd /opt\ncreate-react-app hello-world\nnpm i --package-lock-only\nnpm audit fix\n\n# Start App on reboot\ncat < /lib/systemd/system/hello-world.service\n[Unit]\nDescription=Hello World React Application Service\nRequires=hello-world.service\nAfter=hello-world.service\n\n[Service]\nType=simple\nUser=root\nRemainAfterExit=yes\nRestart=on-failure\nWorkingDirectory=/opt/hello-world\nExecStart=npm start --host 0.0.0.0 --port=3000\n\n[Install]\nWantedBy=multi-user.target\nEND\n\nsystemctl daemon-reload\nsystemctl start hello-world\nsystemctl enable hello-world\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 1051714, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Microweber One-Click", "description": "Microweber One-Click", "ordinal": 66, "logo_url": "assets/microweber.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 476, "deployments_active": 22, "is_public": true, "mine": false, "created": "2022-09-01T15:43:41", "updated": "2023-12-02T20:24:43", "rev_note": "", "script": "#!/usr/bin/env bash\n# https://github.com/microweber/microweber\nset -o pipefail\nMICROWEBER_INSTALLER_TAG=\"1.3.1\"\nWORKING_DIR=\"/var/www/html\"\nDOWNLOAD_URL='http://updater.microweberapi.com/builds/master/microweber.zip'\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## 03-force-ssh-logout.sh\ncat >>/etc/ssh/sshd_config </dev/null\napt install -y apache2 libapache2-mod-php8.1\napt install -y mysql-server\napt install -y php8.1-{bcmath,xml,fpm,mysql,iconv,xsl,zip,intl,ldap,gd,cli,dev,bz2,curl,exif,mbstring,pgsql,sqlite3,tokenizer,opcache,soap,cgi,common,imap,opcache}\napt install -y python3-certbot-apache software-properties-common unzip curl\napt install -y php-pear\npecl install -f libsodium\nsed -i 's/;opcache.enable\\s*=.*/opcache.enable=1/g' /etc/php/8.1/cli/php.ini\necho 'extension=sodium.so' > /etc/php/8.1/cli/10-sodium.ini\necho 'extension=sodium.so' > /etc/php/8.1/fpm/10-sodium.ini\necho 'extension=sodium.so' > /etc/php/8.1/cgi/10-sodium.ini\n# 01-fs.sh\ncat >/etc/apache2/sites-available/000-default.conf <\n \n Options Indexes FollowSymLinks\n AllowOverride All\n Require all granted\n \n ServerAdmin webmaster@localhost\n DocumentRoot /var/www/html\n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEOM\ncat >/etc/update-motd.d/99-one-click < certbot --apache -d example.com -d www.example.com\nIMPORTANT:\n * After connecting to the server for the first time, immediately install\n Microweber at http://\\$myip/\n * Secure your database by running:\n > mysql_secure_installation\nFor help and more information visit https://microweber.org\n********************************************************************************\nTo delete this message of the day: rm -rf \\$(readlink -f \\${0})\nEOF\nEOM\nchmod +x /etc/update-motd.d/99-one-click\ncat >/etc/cron.d/microweber </etc/php/8.1/apache2/conf.d/30-microweber.ini <>/var/log/per-instance.log\nMYSQL_ROOT_PASS=$(openssl rand -hex 16)\nDEBIAN_SYS_MAINT_MYSQL_PASS=$(openssl rand -hex 16)\nMICROWEBER_DB_HOST=localhost\nMICROWEBER_DB_PORT=3306\nMICROWEBER_DB_NAME=microweber\nMICROWEBER_DB_USER=microweber\nMICROWEBER_DB_PASS=$(openssl rand -hex 16)\ncat >/root/.mysql_password <>/etc/apache2/envvars </etc/mysql/debian.cnf <>/var/log/per-instance.log\necho \"[OK] Microweber Installer $MICROWEBER_INSTALLER_TAG provisioned!\"", "user_defined_fields": [] }, { "id": 691614, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Mist.io One-Click", "description": "Mist.io One-Click", "ordinal": 67, "logo_url": "assets/mistio.svg", "images": [ "linode/debian10" ], "deployments_total": 321, "deployments_active": 0, "is_public": true, "mine": false, "created": "2020-11-30T20:25:44", "updated": "2023-12-02T16:02:43", "rev_note": "", "script": "#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# apt-get updates\n echo 'Acquire::ForceIPv4 \"true\";' > /etc/apt/apt.conf.d/99force-ipv4\n export DEBIAN_FRONTEND=noninteractive\n apt-get update -y\n\n# \n\n# \n\n## install docker\nsudo apt-get install -y \\\n apt-transport-https \\\n ca-certificates \\\n curl \\\n gnupg-agent \\\n software-properties-common\n\ncurl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -\n\nsudo add-apt-repository \\\n \"deb [arch=amd64] https://download.docker.com/linux/debian \\\n $(lsb_release -cs) \\\n stable\"\n\nsudo apt-get update\n\nsudo apt-get install -y docker-ce docker-ce-cli containerd.io\n\n## install docker-compose\nsudo curl -L \"https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\n\nsudo chmod +x /usr/local/bin/docker-compose\n\n## get latest mist\nmkdir ~/mist && cd ~/mist\n\nexport MIST_CE_REPO=https://github.com/mistio/mist-ce/releases/latest\nexport LATEST_TAG=\"$(curl -sI \"${MIST_CE_REPO}\" | grep -Po 'tag\\/\\K(v\\S+)')\"\n\nwget https://github.com/mistio/mist-ce/releases/download/$LATEST_TAG/docker-compose.yml\n\n# set CORE_URI\nmkdir settings\nexport IP=$(ip r | grep /24 | grep -Eo \"([0-9]{1,3}[\\.]){3}[1-9]{1,3}\")\necho 'CORE_URI=\"http://'$IP'\"' > settings/settings.py\n\ndocker-compose up -d\n\nwhile !(curl -sSLf http://localhost >/dev/null); do\n sleep 5\ndone\n\ndocker-compose exec -T api ./bin/adduser --admin \"${MIST_EMAIL}\" --password \"${MIST_PASSWORD}\"", "user_defined_fields": [ { "name": "mist_email", "label": "Mist admin user's email.", "example": "Set your admin user's email." }, { "name": "mist_password", "label": "Mist admin user's password.", "example": "Set your admin user's password." } ] }, { "id": 609195, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MongoDB One-Click", "description": "MongoDB One-Click", "ordinal": 68, "logo_url": "assets/mongodb.svg", "images": [ "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 1757, "deployments_active": 79, "is_public": true, "mine": false, "created": "2019-11-06T07:14:07", "updated": "2023-10-18T12:38:33", "rev_note": "", "script": "#!/bin/bash\n## Mongo Settings\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction mongoinstall {\n apt-get install -y wget gnupg\n if [ $MONGOVERSION == \"5.0\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list\n elif [ $MONGOVERSION == \"4.4\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list\n elif [ $MONGOVERSION == \"4.2\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list\n elif [ $MONGOVERSION == \"4.0\" ]; then\n wget -qO - https://www.mongodb.org/static/pgp/server-4.0.asc | sudo apt-key add -\n echo \"deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse\" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list\n fi\n\n apt-get update -y\n apt-get install -y mongodb-org\n systemctl enable mongod.service\n systemctl start mongod.service\n}\n\nfunction createmongouser {\n echo \"Creating Mongo User\" & sleep 3\n mongo < /etc/mongod.conf\n# mongod.conf\n# for documentation of all options, see:\n# http://docs.mongodb.org/manual/reference/configuration-options/\n# Where and how to store data.\nstorage:\n dbPath: /var/lib/mongodb\n journal:\n enabled: true\n# engine:\n# wiredTiger:\n# where to write logging data.\nsystemLog:\n destination: file\n logAppend: true\n path: /var/log/mongodb/mongod.log\n# network interfaces\nnet:\n port: 27017\n bindIp: 127.0.0.1\n# how the process runs\nprocessManagement:\n timeZoneInfo: /usr/share/zoneinfo\nsecurity:\n authorization: enabled\n#operationProfiling:\n#replication:\n#sharding:\n## Enterprise-Only Options:\n#auditLog:\n#snmp:\nEOF\n service mongod restart\n}\n\nfunction main {\n mongoinstall\n createmongouser \n setauth\n}\n\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "db_password", "label": "Mongo Password" }, { "name": "mongoversion", "label": "Mongo Version", "oneof": "5.0,4.4,4.2,4.0", "default": "5.0" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for soa record", "default": "" } ] }, { "id": 1067004, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MongoDB Cluster One-Click", "description": "MongoDB replica set", "ordinal": 69, "logo_url": "assets/mongodbmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 49, "deployments_active": 0, "is_public": true, "mine": false, "created": "2022-09-29T18:32:36", "updated": "2023-10-18T12:38:33", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_PAT=\"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\"\nexport GIT_REPO=\"https://linode-solutions:${GIT_PAT}@github.com/linode-solutions/mongodb-occ.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/mongodb-cluster\" ]; then\n rm -rf /tmp/mongodb-cluster\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction destroy_linode {\n curl -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X DELETE \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction add_privateip {\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[+] Linode private IP present\"\n else\n echo \"[!] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependancies\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # Rename Provisioner & add Private IP \n rename_provisioner\n configure_privateip \n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/mongodb-cluster\n cd /tmp/mongodb-cluster\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token" }, { "name": "sudo_username", "label": "The limited sudo user to be created in the cluster" }, { "name": "cluster_name", "label": "Domain Name" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no", "default": "yes" }, { "name": "sslheader", "label": "SSL Information", "header": "Yes", "default": "Yes", "required": "Yes" }, { "name": "country_name", "label": "Details for self-signed SSL certificates: Country or Region", "oneof": "AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW" }, { "name": "state_or_province_name", "label": "State or Province", "example": "Example: Pennsylvania" }, { "name": "locality_name", "label": "Locality", "example": "Example: Philadelphia" }, { "name": "organization_name", "label": "Organization", "example": "Example: Akamai Technologies" }, { "name": "email_address", "label": "Email Address", "example": "Example: user@domain.tld" }, { "name": "ca_common_name", "label": "CA Common Name", "default": "Mongo CA" }, { "name": "common_name", "label": "Common Name", "default": "Mongo Server" }, { "name": "cluster_size", "label": "MongoDB cluster size", "default": "3", "oneof": "3" } ] }, { "id": 869127, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Moodle One-Click", "description": "Moodle One-Click", "ordinal": 70, "logo_url": "assets/moodle.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 1298, "deployments_active": 103, "is_public": true, "mine": false, "created": "2021-07-20T18:48:49", "updated": "2023-12-07T16:01:39", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables\n## Moodle settings\n#\n#\n#\n#\n\n## Domain settings\n#\n#\n#\n\n## Linode/SSH Security Settings \n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# System Update\nsystem_update\n\n# Install dependencies \napt install -y apache2 mysql-client mysql-server php libapache2-mod-php git graphviz aspell ghostscript clamav php7.4-pspell php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-ldap php7.4-zip php7.4-soap php7.4-mbstring\n\n# Firewall\nufw allow http \nufw allow https\n\n# Secure MySQL\nrun_mysql_secure_installation_ubuntu20\n\n# Install Moodle\ncd /var/www/html\ngit clone git://git.moodle.org/moodle.git\ncd moodle\ngit branch --track MOODLE_39_STABLE origin/MOODLE_39_STABLE\ngit checkout MOODLE_39_STABLE\n\n# Configure Moodle\nmkdir /var/moodledata\nchmod -R 777 /var/moodledata \nchmod -R 755 /var/www/html/moodle \n\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"CREATE USER 'moodle'@'localhost' IDENTIFIED BY '$DB_PASSWORD';\";\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodle'@'localhost';\"\nmysql -uroot -p\"$DBROOT_PASSWORD\" -e \"FLUSH PRIVILEGES\";\n\ncat < /etc/apache2/sites-available/moodle.conf\n\n ServerAdmin admin@$FQDN\n DocumentRoot /var/www/html/moodle/\n ServerName $FQDN\n ServerAlias www.$FQDN \n \n Options +FollowSymlinks\n AllowOverride All\n Require all granted\n \n ErrorLog \\${APACHE_LOG_DIR}/error.log\n CustomLog \\${APACHE_LOG_DIR}/access.log combined\n\nEND\n\na2enmod rewrite\na2ensite moodle.conf\na2dissite 000-default.conf\nservice apache2 restart\n\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n/usr/bin/php admin/cli/install.php --chmod=777 --lang=en_us --wwwroot=https://$FQDN --dataroot=/var/moodledata/ --dbtype=mysqli --dbhost=localhost --dbname=moodle --dbuser=moodle --dbpass=$DB_PASSWORD --dbport=3306 --dbsocket=1 --prefix=mdl_ --fullname=moodle --shortname=moodle --summary=\"Moodle: Powered By Linode Marketplace\" --adminuser=moodle --adminpass=\"$ADMIN_PASSWORD\" --adminemail=$SOA_EMAIL_ADDRESS --upgradekey= --non-interactive --agree-license\n\nchown -R www-data: /var/www/html/moodle\n\n# Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "admin_password", "label": "Moodle Admin Password" }, { "name": "soa_email_address", "label": "Moodle Admin Email" }, { "name": "dbroot_password", "label": "MySQL Root Password" }, { "name": "db_password", "label": "Moodle database User password" }, { "name": "token_password", "label": "Your Linode API token. This is required in order to create DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "username", "label": "The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)", "example": "user1" }, { "name": "password", "label": "The password for the Linode's admin/SSH user", "example": "S3cuReP@s$w0rd" }, { "name": "pubkey", "label": "The SSH Public Key used to securely access the Linode via SSH", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 607026, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "MySQL/MariaDB One-Click", "description": "MySql One Click", "ordinal": 71, "logo_url": "assets/mysql.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 4585, "deployments_active": 334, "is_public": true, "mine": false, "created": "2019-10-29T19:03:33", "updated": "2023-12-06T23:34:10", "rev_note": "Initial import", "script": "#!/usr/bin/env bash\n\n## MySQL Settings\n#\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 3306\nfail2ban_install\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\nif [[ \"$DATABASE\" == \"MySQL\" ]]; then\n # Install/configure MySQL\n apt install -y mysql-server\n # Secure MySQL install\n run_mysql_secure_installation_ubuntu20 \nelse \n # Install/configure MySQL\n apt install -y mariadb-server\n # Secure MySQL install\n run_mysql_secure_installation\nfi\n\nmysql -uroot -p$DBROOT_PASSWORD -e \"create database $DATABASE_NAME;\"\nmysql -uroot -p$DBROOT_PASSWORD -e \"CREATE USER '$DBUSER' IDENTIFIED BY '$DBUSER_PASSWORD';\"\nmysql -uroot -p$DBROOT_PASSWORD -e \"GRANT ALL PRIVILEGES ON $DATABASE_NAME.* TO '$DBUSER'@'%' WITH GRANT OPTION;\"\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "database", "label": "Would you like to install MySQL or MariaDB?", "oneof": "MySQL,MariaDB" }, { "name": "dbroot_password", "label": "MySQL Root Password", "example": "s3cur3_9a55w04d" }, { "name": "dbuser", "label": "MySQL User", "example": "user1" }, { "name": "dbuser_password", "label": "MySQL User Password", "example": "s3cur3_9a55w04d" }, { "name": "database_name", "label": "Create Database", "example": "testdb" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 970561, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "NodeJS One-Click", "description": "NodeJS One-Click", "ordinal": 72, "logo_url": "assets/nodejs.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 2145, "deployments_active": 267, "is_public": true, "mine": false, "created": "2022-02-07T17:21:41", "updated": "2023-12-07T16:17:55", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## NodeJS Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction nodejs {\n if [ \"${detected_distro[distro]}\" = 'debian' ]; then \n curl -fsSL https://deb.nodesource.com/setup_16.x | bash -\n elif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\n curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -\n else \n echo \"Setting this up for the future incase we add more distros\"\n fi\n apt-get install -y nodejs\n \n mkdir -p /opt/nodejs\n cat < /opt/nodejs/hello.js\nconst http = require('http');\n\nconst hostname = 'localhost';\nconst port = 3000;\n\nconst server = http.createServer((req, res) => {\n res.statusCode = 200;\n res.setHeader('Content-Type', 'text/plain');\n res.end('Hello World Powered By Linode Marketplace');\n});\n\nserver.listen(port, hostname, () => {\n console.log(`Server running at http://localhost:3000/`);\n});\nEND\n}\n\nfunction pm2nodejs {\n npm install pm2@latest -g --no-audit\n cd /opt/nodejs/\n pm2 start hello.js\n sleep 5\n pm2 startup systemd\n sleep 5\n pm2 save\n}\n\nfunction nginxnodejs {\n apt-get install nginx -y \n cat < /etc/nginx/sites-available/$FQDN\nserver {\n server_name $FQDN www.$FQDN;\n\n location / {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host \\$host;\n proxy_cache_bypass \\$http_upgrade;\n }\n\n}\nEND\n ln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/\n unlink /etc/nginx/sites-enabled/default\n nginx -t\n systemctl reload nginx\n}\n\nfunction sslnodejs {\n apt install certbot python3-certbot-nginx -y\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction firewallnodejs {\n ufw allow http\n ufw allow https\n\n}\nfunction main {\n nodejs\n pm2nodejs\n firewallnodejs \n nginxnodejs \n sslnodejs \n}\n\n# Execute Script\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "This is the Email address for the LetsEncrypt SSL Certificate", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 869156, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "NirvaShare One-Click", "description": "NirvaShare One-Click", "ordinal": 73, "logo_url": "assets/nirvashare.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 216, "deployments_active": 3, "is_public": true, "mine": false, "created": "2021-07-20T19:08:35", "updated": "2023-12-06T21:21:49", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Nirvashare Settings \n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-nirvashare\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n}\n\nfunction udf {\n \n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n echo \"webserver_stack: lemp\" >> ${group_vars};\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n # Nirvashare \n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 971043, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Odoo One-Click", "description": "Odoo One-Click", "ordinal": 74, "logo_url": "assets/odoo.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1816, "deployments_active": 81, "is_public": true, "mine": false, "created": "2022-02-08T16:21:37", "updated": "2023-12-07T15:35:58", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## ODOO Settings \n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-odoo\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n # ODOO vars\n \n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n \n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 1102907, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "ONLYOFFICE Docs One-Click", "description": "ONLYOFFICE Docs One-Click app", "ordinal": 75, "logo_url": "assets/onlyoffice.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 291, "deployments_active": 13, "is_public": true, "mine": false, "created": "2022-12-20T17:50:23", "updated": "2023-12-02T15:29:24", "rev_note": "", "script": "#!/usr/bin/env bash\n# \n# \n# \n\n# SSL Settings\n# \n# \n# \n# \n\n# Enable Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n\n# Get and install docker\n# curl -fsSL get.docker.com | sudo sh\napt install -y apt-transport-https ca-certificates curl software-properties-common\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg\necho \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \napt update\napt install -y docker-ce\nsystemctl enable --now docker.service\n\nCONTAINER_NAME=\"onlyoffice-docs\"\n\n# Run ONLYOFFICE-Docs with SSL\nif [[ \"${SSL_ENABLED}\" == \"true\" ]]; then\n\tif [[ -z ${ABS_DOMAIN} ]]; then\n\t\techo \"Missing required LETS_ENCRYPT_DOMAIN parameter for correct SSL work\"\n\t\texit 1\n\tfi\n\tif [[ -z ${LETS_ENCRYPT_MAIL} ]]; then\n\t\techo \"Missing required LETS_ENCRYPT_MAIL parameter for correct SSL work\"\n\t\texit 1\n fi\n\tsudo docker run -i -t -d -p 80:80 -p 443:443 \\\n\t\t-e JWT_ENABLED=${JWT_ENABLED} \\\n \t\t-e JWT_SECRET=${JWT_SECRET} \\\n\t\t-e LETS_ENCRYPT_DOMAIN=${ABS_DOMAIN} \\\n -e LETS_ENCRYPT_MAIL=${LETS_ENCRYPT_MAIL} \\\n\t\t-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \\\n\t\t-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \\\n \t-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \\\n \t-v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \\\n \t-v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \\\n \t-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \\\n\t\t--name ${CONTAINER_NAME} \\\n\t\tonlyoffice/documentserver:${DOCS_VERSION}\n\telse \n# Run ONLYOFFICE-Docs without SSL\n\tsudo docker run -i -t -d -p 80:80 \\\n -e JWT_ENABLED=${JWT_ENABLED} \\\n -e JWT_SECRET=${JWT_SECRET} \\\n -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \\\n -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \\\n -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \\\n -v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \\\n -v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \\\n -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \\\n --name ${CONTAINER_NAME} \\\n onlyoffice/documentserver:${DOCS_VERSION}\nfi\n\n# Wait for run\nready_check() {\n echo -e \"\\e[0;32m Waiting for the launch of DocumentServer... \\e[0m\" \n for i in {1..30}; do\n echo \"Getting the DocumentServer status: ${i}\"\n OUTPUT=\"$(curl -Is http://localhost/healthcheck/ | head -1 | awk '{ print $2 }')\"\n if [ \"${OUTPUT}\" == \"200\" ]; then\n echo -e \"\\e[0;32m DocumentServer is ready \\e[0m\"\n local DS_READY\n DS_READY='yes'\n break\n else\n sleep 10\n fi\n done\n if [[ \"${DS_READY}\" != 'yes' ]]; then\n err \"\\e[0;31m Something goes wrong documentserver does not started, check logs with command --> docker logs -f ${CONTAINER_NAME} \\e[0m\"\n exit 1\n fi\n}\n\nready_check\n\n# Enable Docs-example\nsudo docker exec ${CONTAINER_NAME} supervisorctl start ds:example\n\n# Add Docs-example to autostart\nsudo docker exec ${CONTAINER_NAME} sudo sed 's,autostart=false,autostart=true,' -i /etc/supervisor/conf.d/ds-example.conf\n\n# Add MOTD \ncat >/etc/motd < >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and Django\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/djangosetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n### Reboot server\nreboot", "user_defined_fields": [] }, { "id": 923031, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "OpenLiteSpeed NodeJS One-Click", "description": "OpenLiteSpeed NodeJS One-Click", "ordinal": 77, "logo_url": "assets/openlitespeednodejs.svg", "images": [ "linode/centos7", "linode/debian10", "linode/ubuntu20.04", "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 497, "deployments_active": 20, "is_public": true, "mine": false, "created": "2021-10-18T00:52:51", "updated": "2023-12-04T04:38:59", "rev_note": "", "script": "#!/bin/bash\n### linode\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and NodeJS\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/nodejssetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )", "user_defined_fields": [] }, { "id": 923030, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "OpenLiteSpeed Rails One-Click", "description": "OpenLiteSpeed Rails One-Click", "ordinal": 78, "logo_url": "assets/openlitespeedrails.svg", "images": [ "linode/centos7", "linode/debian10", "linode/ubuntu20.04", "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 50, "deployments_active": 0, "is_public": true, "mine": false, "created": "2021-10-18T00:51:05", "updated": "2023-11-15T06:56:36", "rev_note": "", "script": "#!/bin/bash\n### linode\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n### Install OpenLiteSpeed and Rails\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/railssetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )", "user_defined_fields": [] }, { "id": 691622, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "OpenLiteSpeed WordPress One-Click", "description": "OpenLiteSpeed WordPress One-Click", "ordinal": 79, "logo_url": "assets/openlitespeedwordpress.svg", "images": [ "linode/centos7", "linode/debian10", "linode/ubuntu20.04", "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 7927, "deployments_active": 626, "is_public": true, "mine": false, "created": "2020-11-30T21:25:01", "updated": "2023-12-07T09:35:53", "rev_note": "", "script": "#!/bin/bash\n\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n### linode\n### Install OpenLiteSpeed and WordPress\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/wpimgsetup.sh )\n### Regenerate password for Web Admin, Database, setup Welcome Message\nbash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Cloud-init/per-instance.sh )\n### Clean up ls tmp folder\nsudo rm -rf /tmp/lshttpd/*", "user_defined_fields": [] }, { "id": 401719, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "OpenVPN One-Click", "description": "OpenVPN OCA Debian 11 & ubuntu 20", "ordinal": 80, "logo_url": "assets/OpenVPN.svg", "images": [ "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 40267, "deployments_active": 1649, "is_public": true, "mine": false, "created": "2019-03-09T03:02:02", "updated": "2023-12-07T16:05:16", "rev_note": "Install extra dependencies ", "script": "#!/bin/bash\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Install OpenVPN dependencies\napt update && apt -y install ca-certificates wget net-tools gnupg\nif [ \"${detected_distro[distro]}\" = 'debian' ]; then \nwget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -\necho \"deb http://as-repository.openvpn.net/as/debian bullseye main\">/etc/apt/sources.list.d/openvpn-as-repo.list\nelif [ \"${detected_distro[distro]}\" = 'ubuntu' ]; then\nwget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -\necho \"deb http://as-repository.openvpn.net/as/debian focal main\">/etc/apt/sources.list.d/openvpn-as-repo.list\nelse \necho \"Distro Not Supported\"\nfi\n\n## Apt Update & Install OpenVPN\napt update -y && apt -y install openvpn-as\n\n# UFW install\nufw_install\nufw allow 1194/udp\nsed -ie \"s/DEFAULT_FORWARD_POLICY=\\\"DROP\\\"/DEFAULT_FORWARD_POLICY=\\\"ACCEPT\\\"/g\" /etc/default/ufw\n\n# Cleanup\nstackscript_cleanup\n\n# Adding to display default password as last line in LISH console\nsleep 3\ncat /usr/local/openvpn_as/init.log | grep 'To login'; echo \"(password can be changed on Admin UI)\"", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is required for creating DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Admin Email for the server", "default": "" } ] }, { "id": 804172, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Owncast One-Click", "description": "Owncast One-Click", "ordinal": 81, "logo_url": "assets/owncast.svg", "images": [ "linode/debian10" ], "deployments_total": 1789, "deployments_active": 82, "is_public": true, "mine": false, "created": "2021-04-01T15:24:50", "updated": "2023-12-06T19:20:31", "rev_note": "", "script": "#!/usr/bin/bash\n#\n#\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Add owncast user\nadduser owncast --disabled-password --gecos \"\"\n\n# Install dependencies\napt-get install -y libssl-dev unzip curl\n\n# Install Owncast\nmkdir -p /opt/owncast\ncd /opt/owncast || exit\n\ncurl -s https://owncast.online/install.sh | bash\nchown -R owncast:owncast /opt/owncast\n\n# Setup Owncast as a systemd service\ncat >/etc/systemd/system/owncast.service </etc/caddy/Caddyfile </etc/motd <\n#\n#\n## LAMP Stack Settings\n#\n#\n#\n#\n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n\n# This also sets some useful variables, like $IP and $FQDN\nsource \n\n## Update\napt_setup_update\n\n## Local Functions used by this StackScript\nfunction owncloud_install {\n system_install_package unzip php-gd php-json php-curl php-mbstring \\\n php-intl php-imagick php-xml php-zip\n PHP_VERSION=$(php -r \"echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;\")\n cd /var/www\n wget https://download.owncloud.com/server/stable/owncloud-complete-latest.zip\n unzip owncloud-complete-latest.zip\n chown -R www-data:www-data owncloud\n rm owncloud-complete-latest.zip\n local -a input_text=(\n \"Alias / \\\"/var/www/owncloud/\\\"\"\n \"\"\n \" Options +FollowSymlinks\"\n \" AllowOverride All\"\n \"\"\n \" Dav off\"\n \"\"\n \"SetEnv HOME /var/www/owncloud\"\n \"SetEnv HTTP_HOME /var/www/owncloud\"\n \"\"\n )\n for i in \"${input_text[@]}\"; do\n echo \"$i\" >> /etc/apache2/sites-available/owncloud.conf\n done\n a2ensite owncloud\n a2enmod rewrite headers env dir mime\n sed -i '/^memory_limit =/s/=.*/= 512M/' /etc/php/$PHP_VERSION/apache2/php.ini\n systemctl restart apache2\n echo \"ownCloud is installed\"\n}\n\nfunction owncloud_vhost_configure {\n local -r fqdn=\"$1\"\n local -r soa_email_address=\"$2\"\n local -a input_text=(\n \"\"\n \" ServerName ${fqdn}\"\n \" ServerAdmin ${soa_email_address}\"\n \" DocumentRoot /var/www/owncloud\"\n \" \"\n \" Require all granted\"\n \" AllowOverride All\"\n \" Options FollowSymLinks MultiViews\"\n \" SetEnv HOME /var/www/owncloud\"\n \" SetEnv HTTP_HOME /var/www/owncloud\"\n \" \"\n \"\"\n )\n echo \"\" >> /etc/apache2/sites-available/owncloud.conf\n for i in \"${input_text[@]}\"; do\n echo \"$i\" >> /etc/apache2/sites-available/owncloud.conf\n done\n}\n\n## Main Script\n# Install and configure the LAMP Stack\nlamp_stack \"$DB_NAME\" \"$DB_ROOT_PASSWORD\" \"${DB_USERNAME:-owncloud}\" \"$DB_USER_PASSWORD\"\n\n# Install ownCloud to be accessed via domain and configure the VirtualHost\nowncloud_install \"$FQDN\"\nowncloud_vhost_configure \"$FQDN\" \"$SOA_EMAIL_ADDRESS\"\n\n# Configure ownCloud - This replaces the installer GUI that was in the previous version of this OCA\nsudo -u www-data php /var/www/owncloud/occ maintenance:install \\\n --database \"mysql\" \\\n --database-name \"$DB_NAME\" \\\n --database-user \"${DB_USERNAME:-owncloud}\" \\\n --database-pass \"$DB_USER_PASSWORD\" \\\n --admin-user \"$OC_ADMIN\" \\\n --admin-pass \"$OC_ADMIN_PASSWORD\"\nsudo -u www-data php /var/www/owncloud/occ conf:sys:set trusted_domains 1 --value=$FQDN\nsudo -u www-data php /var/www/owncloud/occ conf:sys:set trusted_domains 2 --value=$IP\necho \"Trusted Domain setting added\"\n\n# Open the needed firewall ports\nufw allow http\nufw allow https\napt install certbot python3-certbot-apache -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n# Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "oc_admin", "label": "The name of the admin user for ownCloud" }, { "name": "oc_admin_password", "label": "The password for ownCloud's admin user" }, { "name": "soa_email_address", "label": "Admin Email for the ownCloud server" }, { "name": "db_name", "label": "The name of the database", "default": "owncloud" }, { "name": "db_root_password", "label": "The root password for the database" }, { "name": "db_username", "label": "The name of the database user to create", "default": "owncloud" }, { "name": "db_user_password", "label": "The password for the created database user" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is required for creating DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" } ] }, { "id": 1102906, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Passky One-Click", "description": "Passky One-Click app", "ordinal": 83, "logo_url": "assets/passky.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 184, "deployments_active": 11, "is_public": true, "mine": false, "created": "2022-12-20T17:48:51", "updated": "2023-12-07T09:51:25", "rev_note": "", "script": "#!/bin/bash\n\n# \n# \n# \n# \n\n# Motd\ncat << EOF > /etc/motd\n _____ _ \n | __ \\ | | \n | |__) |_ _ ___ ___| | ___ _ \n | ___/ _\\` / __/ __| |/ / | | |\n | | | (_| \\__ \\__ \\ <| |_| |\n |_| \\__,_|___/___/_|\\_\\\\__, |\n __/ |\n |___/ \nInstalling...\nPlease logout and come back in few minutes.\nEOF\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\nDEBIAN_FRONTEND=noninteractive apt-get -y -o DPkg::options::=\"--force-confdef\" -o DPkg::options::=\"--force-confold\" install grub-pc\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n## Import the Bash StackScript Library\nsource \n\n# Install docker compose\nsystem_install_package docker-compose\n\n#\n# Passky Server\n#\nwget https://github.com/Rabbit-Company/Passky-Server/releases/latest/download/passky-server.tar.xz\ntar -xf passky-server.tar.xz\ncd passky-server\ncp .env.example .env\n\nSERVER_CORES=$(grep -c ^processor /proc/cpuinfo)\nIP_ADDRESS=$(system_primary_ip)\n\nsed -i \"s/SERVER_CORES=1/SERVER_CORES=$SERVER_CORES/g\" .env\nsed -i \"s/ADMIN_USERNAME=admin/ADMIN_USERNAME=$ADMINUSER/g\" .env\nsed -i \"s/ADMIN_PASSWORD=/ADMIN_PASSWORD=$ADMIN_PASSWORD/g\" .env\n\ndocker-compose up -d\n\napache_install\na2enmod proxy && a2enmod proxy_http && systemctl restart apache2\necho \"\" > /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPreserveHost On\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyRequests Off\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ServerName $WEBSITE\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPass / http://localhost:8080/\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \" ProxyPassReverse / http://localhost:8080/\" >> /etc/apache2/sites-available/$WEBSITE.conf\necho \"\" >> /etc/apache2/sites-available/$WEBSITE.conf\na2ensite \"$WEBSITE\"\nsystemctl restart apache2\n\n# Install SSL\nsystem_install_package python3-certbot-apache\ncat << EOF > /usr/local/bin/installCert\n#!/bin/bash\nif ! certbot -n --apache --agree-tos --redirect -d $WEBSITE -m $EMAIL; then\n echo \"There was a problem while installing SSL certificate. Make sure your A record for domain: $WEBSITE does redirect to IP: $IP_ADDRESS\"\nelse\n echo \"Certificate installed successfully.\"\nfi\nEOF\nchmod +x /usr/local/bin/installCert\n\n# Configure auto-renewal for the certificate\ncrontab -l > cron\necho \"0 4 * * * /usr/bin/certbot renew\" >> cron\ncrontab cron\nrm cron\n\nstackscript_cleanup\n\n# Motd\ncat << EOF > /etc/motd\n _____ _ \n | __ \\ | | \n | |__) |_ _ ___ ___| | ___ _ \n | ___/ _\\` / __/ __| |/ / | | |\n | | | (_| \\__ \\__ \\ <| |_| |\n |_| \\__,_|___/___/_|\\_\\\\__, |\n __/ |\n |___/ \nAdmin Panel:\n Link: http://$IP_ADDRESS (https://$WEBSITE)\n Username: $ADMINUSER\n Password: $ADMIN_PASSWORD\nTo install SSL certificate please run command: installCert\nEOF", "user_defined_fields": [ { "name": "website", "label": "Website", "example": "passky.domain.com" }, { "name": "email", "label": "Email Address", "example": "info@rabbit-company.com" }, { "name": "adminuser", "label": "Admin Username" }, { "name": "admin_password", "label": "Admin Password" } ] }, { "id": 804143, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Peppermint One-Click", "description": "Peppermint One-Click", "ordinal": 84, "logo_url": "assets/peppermint.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1862, "deployments_active": 121, "is_public": true, "mine": false, "created": "2021-04-01T12:45:15", "updated": "2023-12-06T21:22:36", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Peppermint setup\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-peppermint\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n \n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n echo \"webserver_stack: lemp\" >> ${group_vars};\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 644908, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Percona (PMM) One-Click", "description": "Percona One-Click", "ordinal": 85, "logo_url": "assets/percona.svg", "images": [ "linode/debian10" ], "deployments_total": 193, "deployments_active": 8, "is_public": true, "mine": false, "created": "2020-04-30T14:49:38", "updated": "2023-12-07T01:51:22", "rev_note": "", "script": "#!/bin/bash\n# \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Docker\napt -y install docker.io\nsystemctl enable docker.service\n\n#PMM \ndocker pull percona/pmm-server:2\ndocker create -v /srv --name pmm2-data percona/pmm-server:2 /bin/true\ndocker run -d -p 80:80 -p 443:443 \\\n --volumes-from pmm2-data \\\n --name pmm2-server \\\n --restart always percona/pmm-server:2\n\necho \"Waiting for PMM to initialize to set password...\"\n\nuntil [ \"`docker inspect -f {{.State.Health.Status}} pmm2-server`\" = \"healthy\" ]; do sleep 1; done\n\ndocker exec -t pmm2-server bash -c \"ln -s /srv/grafana /usr/share/grafana/data; grafana-cli --homepath /usr/share/grafana admin reset-admin-password $PMMPASSWORD\"\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "pmmpassword", "label": "Admin Password", "example": "Admin User Password for PMM Server" } ] }, { "id": 609018, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "phpMyAdmin One-Click", "description": "phpMyAdmin One-Click", "ordinal": 86, "logo_url": "assets/phpmyadmin.svg", "images": [ "linode/debian11" ], "deployments_total": 2160, "deployments_active": 117, "is_public": true, "mine": false, "created": "2019-11-05T00:28:33", "updated": "2023-12-07T11:50:25", "rev_note": "Initial import", "script": "#!/bin/bash\n#\n#\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname\nset_hostname\n\n# Update system\napt_setup_update\n\n# Install/configure MySQL, Add Admin User\napt-get install -y mariadb-server\nsystemctl enable mariadb --now\nrun_mysql_secure_installation\nmysql -u root -e \"CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DBUSER_PASSWORD'\"\nmysql -u root -e \"GRANT ALL PRIVILEGES ON *.* TO '$DB_USER'@'localhost' WITH GRANT OPTION\"\nmysql -u root -e \"FLUSH PRIVILEGES\"\n\n# Install PHP\necho 'phpmyadmin phpmyadmin/dbconfig-install boolean true' | debconf-set-selections\necho 'phpmyadmin phpmyadmin/mysql/admin-pass password $DBROOT_PASSWORD' | debconf-set-selections\necho 'phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2' | debconf-set-selections\napt-get install -y phpmyadmin libapache2-mod-php7.4\n\n# Configure ufw\nufw_install\nufw allow http\nufw reload\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "db_user", "label": "phpMyAdmin/MySQL Admin User", "example": "admin" }, { "name": "dbuser_password", "label": "phpMyAdmin/MySQL Admin Password" }, { "name": "dbroot_password", "label": "MySQL root Password" } ] }, { "id": 970522, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Pi-hole One-Click", "description": "Pi-hole One-Click", "ordinal": 87, "logo_url": "assets/pihole.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 3898, "deployments_active": 259, "is_public": true, "mine": false, "created": "2022-02-07T16:04:53", "updated": "2023-12-07T06:09:53", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## PIHOLE Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nIPV4=$(ip a | awk '/inet / {print $2}'| sed -n '2 p')\nIPV6=$(ip -6 a | grep inet6 | awk '/global/{print $2}' | cut -d/ -f1)\nGENPIHOLEPASSWD=$(echo -n $PIHOLE_PASSWORD | sha256sum | awk '{printf \"%s\",$1 }' | sha256sum)\nPIHOLE_PASSWD=${GENPIHOLEPASSWD:0:-1}\n\nfunction firewall {\n ufw allow 80\n ufw allow 53\n ufw allow 67\n ufw allow 547\n ufw allow 4711\n}\n\nfunction config_pihole {\n mkdir -p /etc/pihole\n cat < /etc/pihole/setupVars.conf\nPIHOLE_INTERFACE=eth0\nIPV4_ADDRESS=$IPV4\nIPV6_ADDRESS=$IPV6\nPIHOLE_DNS_1=8.8.8.8\nPIHOLE_DNS_2=8.8.4.4\nQUERY_LOGGING=true\nINSTALL_WEB_SERVER=true\nINSTALL_WEB_INTERFACE=true\nLIGHTTPD_ENABLED=true\nCACHE_SIZE=10000\nDNS_FQDN_REQUIRED=true\nDNS_BOGUS_PRIV=true\nDNSMASQ_LISTENING=local\nWEBPASSWORD=$PIHOLE_PASSWD\nBLOCKING_ENABLED=true\nEND\n\ncurl -L https://install.pi-hole.net | bash /dev/stdin --unattended\n}\n\nfunction main {\n config_pihole\n firewall\n}\n\n# Execute script\napt_setup_update\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "pihole_password", "label": "PIHOLE USER Password" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "This is the Email address for the SOA record", "default": "" } ] }, { "id": 662119, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Plex One-Click", "description": "Plex One-Click", "ordinal": 88, "logo_url": "assets/plex.svg", "images": [ "linode/debian10" ], "deployments_total": 2929, "deployments_active": 56, "is_public": true, "mine": false, "created": "2020-08-12T15:54:44", "updated": "2023-12-06T20:13:25", "rev_note": "", "script": "#!/bin/bash\n# INPUT VARIABLES:\n# \n# \n# \n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Limited user setup if username is not \"root\"\nif [ \"$USERNAME\" != \"root\" ]; then\n \n# ensure sudo is installed and configure secure user\n apt -y install sudo\n adduser -uid 1000 $USERNAME --disabled-password --gecos \"\"\n echo \"$USERNAME:$PASSWORD\" | chpasswd\n usermod -aG sudo $USERNAME\n \n# Harden SSH Access\n sed -i -e 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config\n \n# set home directory\n HOME=/home/$USERNAME\n \n# configure ssh key for secure user if provided\n if [ \"$SSHKEY\" != \"\" ]; then\n SSHDIR=$HOME/.ssh\n mkdir $SSHDIR && echo \"$SSHKEY\" >> $SSHDIR/authorized_keys\n chmod -R 700 $SSHDIR && chmod 600 $SSHDIR/authorized_keys\n chown -R $USERNAME:$USERNAME $SSHDIR\n fi\n \n# Enable SSH hardening\n systemctl restart sshd\n \n# Create docker group, add limited user, and enable\n groupadd docker\n usermod -aG docker $USERNAME\nfi\n\n# Install and configure UFW for Plex\nufw_install\nufw allow 32400,3005,8324,32469/tcp\nufw allow 1900,32410,32412,32413,32414/udp\n\n# Install the dependencies & add Docker to the APT repository\napt install -y apt-transport-https ca-certificates curl software-properties-common gnupg2\ncurl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable\"\n\n# Update & install Docker-CE\napt_setup_update\napt install -y docker-ce\n\n# Install plex as limited user\ndocker pull plexinc/pms-docker\ndocker run \\\n -d \\\n --name plex \\\n --restart always \\\n -p 32400:32400/tcp \\\n -p 3005:3005/tcp \\\n -p 8324:8324/tcp \\\n -p 32469:32469/tcp \\\n -p 1900:1900/udp \\\n -p 32410:32410/udp \\\n -p 32412:32412/udp \\\n -p 32413:32413/udp \\\n -p 32414:32414/udp \\\n -e ADVERTISE_IP=\"http://$IP:32400/\" \\\n -h \"Linode Plex Server\" \\\n -v $HOME/plex/config:/config \\\n -v $HOME/plex/media:/media \\\n -v $HOME/plex/transcode:/transcode \\\n plexinc/pms-docker\n\n# Recursively update ownership of Plex directories after delay\nsleep 1\nchown -R $USERNAME:$USERNAME $HOME/plex\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "USERNAME", "label": "Limited User Name (not 'root')" }, { "name": "PASSWORD", "label": "Limited User Password" }, { "name": "SSHKEY", "label": "Limited User SSH Key", "default": "", "example": "Usually found in: ./ssh/id_rsa.pub" } ] }, { "id": 611376, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "PostgreSQL One-Click", "description": "PostgreSQL One-Click", "ordinal": 89, "logo_url": "assets/postgresql.svg", "images": [ "linode/debian11" ], "deployments_total": 2847, "deployments_active": 217, "is_public": true, "mine": false, "created": "2019-11-13T06:05:28", "updated": "2023-12-07T14:14:50", "rev_note": "Initial import", "script": "#!/bin/bash\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 22\nufw allow 5432\n\n# Install PostgreSQL\napt install -y postgresql postgresql-contrib\nsystemctl enable postgresql\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 1068726, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "PostgreSQL Cluster One-Click", "description": "PostgreSQL Cluster", "ordinal": 90, "logo_url": "assets/postgresqlmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 162, "deployments_active": 9, "is_public": true, "mine": false, "created": "2022-10-03T20:11:59", "updated": "2023-12-07T01:41:12", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n\n# set force apt non-interactive\nexport DEBIAN_FRONTEND=noninteractive\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/postgresql-occ.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n# source script libraries\nsource \nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/postgresql-cluster\" ]; then\n rm -rf /tmp/postgresql-cluster\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[info] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[+] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\nfunction setup {\n # install dependancies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n configure_privateip\n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/postgresql-cluster\n cd /tmp/postgresql-cluster\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token" }, { "name": "cluster_name", "label": "Domain Name" }, { "name": "sudo_username", "label": "The limited sudo user to be created in the cluster" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no", "default": "yes" }, { "name": "cluster_size", "label": "PostgeSQL cluster size", "default": "3", "oneof": "3" } ] }, { "id": 985364, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Prometheus & Grafana One-Click", "description": "Prometheus and Grafana", "ordinal": 91, "logo_url": "assets/prometheusgrafana.svg", "images": [ "linode/ubuntu20.04", "linode/ubuntu22.04" ], "deployments_total": 574, "deployments_active": 60, "is_public": true, "mine": false, "created": "2022-03-08T17:03:20", "updated": "2023-12-05T22:31:38", "rev_note": "", "script": "#!/usr/bin/env bash\n## Updated: 01-17-2023\n## Author: n0vabyte, Elvis Segura, esegura@linode.com\n\n#\n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\ncreds=\"/root/credentials.txt\"\nprometheus_htpasswd_file=\"/etc/nginx/.prometheus_htpasswd\"\n\nfunction add_firewalls {\n ufw allow http\n ufw allow https\n}\n\nfunction configure_nginx {\n apt-get install nginx apache2-utils -y\n cat << EOF > /etc/nginx/sites-available/$FQDN.conf\nserver {\n listen 80;\n server_name $FQDN;\n location / {\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:3000;\n }\n location /prometheus/ {\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:9090;\n auth_basic \"Restricted Area\";\n auth_basic_user_file $prometheus_htpasswd_file;\n }\n# allow let's encrypt\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/html/.well-known;\n }\n}\nEOF\n\n ln -s /etc/nginx/sites-{available,enabled}/$FQDN.conf\n unlink /etc/nginx/sites-enabled/default\n systemctl reload nginx\n systemctl enable nginx\n}\n\nfunction install_node_exporter {\n groupadd --system prometheus\n useradd -s /sbin/nologin --system -g prometheus prometheus\n curl -s https://api.github.com/repos/prometheus/node_exporter/releases/latest | grep browser_download_url | grep linux-amd64 | cut -d '\"' -f 4 | wget -qi - \n tar -xvf node_exporter*.tar.gz\n chmod +x node_exporter-*/node_exporter\n chown prometheus:prometheus node_exporter\n mv node_exporter-*/node_exporter /usr/local/bin\n rm -fr node_exporter-*\n cat < /etc/systemd/system/node_exporter.service\n[Unit]\nDescription=Node Exporter\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=prometheus\nExecStart=/usr/local/bin/node_exporter\n[Install]\nWantedBy=default.target\nEOF\n systemctl daemon-reload\n systemctl start node_exporter\n systemctl enable node_exporter\n}\n\nfunction configure_prometheus {\n latest_version=$(curl -s https://raw.githubusercontent.com/prometheus/prometheus/main/VERSION)\n prom_conf=\"/etc/prometheus/prometheus.yml\"\n file_sd_targets=\"/etc/prometheus/file_sd_targets\"\n prometheus_conf_dir=\"/etc/prometheus\"\n prometheus_data_dir=\"/var/lib/prometheus\"\n mkdir $prometheus_conf_dir $prometheus_conf_dir/file_sd_targets \\\n $prometheus_conf_dir/rules $prometheus_data_dir\n\n wget https://github.com/prometheus/prometheus/releases/download/v$latest_version/prometheus-$latest_version.linux-amd64.tar.gz\n tar xvf prometheus-$latest_version.linux-amd64.tar.gz\n mv prometheus-$latest_version.linux-amd64/* $prometheus_conf_dir\n chown -R prometheus:prometheus $prometheus_conf_dir $prometheus_data_dir\n mv $prometheus_conf_dir/{prometheus,promtool} /usr/local/bin\n ## cleanup\n rm prometheus-$latest_version.linux-amd64.tar.gz\n rmdir prometheus-$latest_version.linux-amd64\n\n ## backup config before updating\n cp $prom_conf{,.bak}\n sed -i -e '/- job_name: \"prometheus\"/ s/^/#/' $prom_conf\n sed -i -e '/- targets:/ s/^/#/' $prom_conf\n sed -i -e '/static_configs/ s/^/#/g' $prom_conf\n ## add our config\n cat << EOF >> $prom_conf\n#########################################\n## Local Prometheus Instance - This Box #\n#########################################\n - job_name: local_prometheus\n scrape_interval: 3s\n file_sd_configs:\n - files:\n - file_sd_targets/local_prometheus.yml\n honor_labels: true\n relabel_configs:\n - regex: (.*)\n replacement: \\${1}:9100\n source_labels:\n - __address__\n target_label: __address__\n - regex: (.+)\n replacement: \\${1}\n source_labels:\n - __instance\n target_label: instance\nEOF\n ## add to file_sd_targets\n cat << EOF >> $file_sd_targets/local_prometheus.yml\n- labels:\n __instance: prometheus\n cluster: local\n targets:\n - 127.0.0.1\nEOF\n cat << EOF > /etc/systemd/system/prometheus.service\n[Unit]\nDescription=Prometheus\nDocumentation=https://prometheus.io/docs/introduction/overview/\nWants=network-online.target\nAfter=network-online.target\n[Service]\nUser=prometheus\nGroup=prometheus\nType=simple\nExecStart=/usr/local/bin/prometheus \\\n--config.file /etc/prometheus/prometheus.yml \\\n--storage.tsdb.path $prometheus_data_dir/ \\\n--web.console.templates=$prometheus_conf_dir/consoles \\\n--web.console.libraries=$prometheus_conf_dir/console_libraries \\\n--web.listen-address=127.0.0.1:9090 \\\n--web.external-url=https://$FQDN/prometheus \\\n--storage.tsdb.retention=60d\nRestart=always\nExecReload=/usr/bin/kill -HUP \\$MAINPID\nTimeoutStopSec=20s\nOOMScoreAdjust=-900\nSendSIGKILL=no\n[Install]\nWantedBy=multi-user.target\nEOF\n systemctl daemon-reload\n systemctl start prometheus\n systemctl enable prometheus\n\n ## protect with htpasswd\n prometheus_htpasswd=$(openssl rand -base64 32)\n htpasswd -cb $prometheus_htpasswd_file prometheus $prometheus_htpasswd\n ## log credentials locally\n cat << EOF >> $creds\n#################\n# Prometheus #\n#################\nLocation: https://$FQDN/prometheus\nUsername: prometheus\nPassword: $prometheus_htpasswd\nEOF\n ## sanity check\n function fallback {\n echo \"[FATAL] Creating custom configuration failed. Restoring old configuration\"\n cp $prom_conf{.bak,}\n systemctl restart prometheus\n sleep 2\n systemctl is-active prometheus\n if [ $? -ne 0 ]; then\n echo \"[CRITICAL] Encoutered unexpected error while configuring Prometheus. Please reach out to Support.\"\n exit 2\n fi\n }\n systemctl is-active prometheus\n if [ $? -ne 0 ]; then\n echo \"[ERROR] Prometheus is not running. Falling back to default config..\"\n fallback\n fi\n\n}\n\nfunction configure_grafana {\n echo \"[info] configuring Grafana - Installing Packages\"\n apt-get install -y apt-transport-https \\\n software-properties-common \\\n wget \\\n gnupg2 \\\n sqlite3\n\n wget -q -O /usr/share/keyrings/grafana.key https://apt.grafana.com/gpg.key\n echo \"deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main\" | sudo tee -a /etc/apt/sources.list.d/grafana.list\n apt-get -y update\n apt-get -y install grafana\n\n ## reset Grafana admin password\n grafana_password=$(openssl rand -base64 32)\n\n echo \"[info] updating grafana config\"\n sed -i -e 's/;admin_user = admin/admin_user = admin/g' /etc/grafana/grafana.ini\n sed -i \"s|;admin_password = admin|admin_password = $grafana_password|g\" /etc/grafana/grafana.ini\n\n echo \"[info] starting grafana-server\"\n systemctl start grafana-server\n systemctl enable grafana-server\n\n ## log credentials locally\n cat << EOF >> $creds\n##############\n# Grafana #\n##############\nLocation: https://$FQDN/\nUsername: admin\nPassword: $grafana_password\nEOF\n}\n\nfunction ssl_grafana {\n apt install -y certbot python3-certbot-nginx\n certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction main {\n add_firewalls\n configure_nginx\n install_node_exporter\n configure_prometheus\n configure_grafana\n ssl_grafana\n}\n\n## execute script\nmain\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "This email is for the LetsEncrypt SSL certificate" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 607034, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Prometheus One-Click", "description": "Prometheus One Click App", "ordinal": 92, "logo_url": "assets/prometheus.svg", "images": [ "linode/debian10" ], "deployments_total": 355, "deployments_active": 12, "is_public": true, "mine": false, "created": "2019-10-29T20:59:30", "updated": "2023-12-01T08:40:40", "rev_note": "Initial import", "script": "#!/bin/bash\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Prometheus\ngroupadd --system prometheus\nuseradd -s /sbin/nologin --system -g prometheus prometheus\nmkdir /var/lib/prometheus\nfor i in rules rules.d files_sd; do mkdir -p /etc/prometheus/${i}; done\napt-get -y install wget\nmkdir -p /tmp/prometheus && cd /tmp/prometheus\ncurl -s https://api.github.com/repos/prometheus/prometheus/releases/latest \\\n | grep browser_download_url \\\n | grep linux-amd64 \\\n | cut -d '\"' -f 4 \\\n | wget -qi -\ntar xvf prometheus*.tar.gz\ncd prometheus*/\nmv prometheus promtool /usr/local/bin/\nmv prometheus.yml /etc/prometheus/prometheus.yml\nmv consoles/ console_libraries/ /etc/prometheus/\ncd ~/\nrm -rf /tmp/prometheus\n\n# Edit Prometheus config\nsudo tee /etc/prometheus/prometheus.yml</etc/systemd/system/prometheus.service\n[Unit]\nDescription=Prometheus\nDocumentation=https://prometheus.io/docs/introduction/overview/\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=simple\nUser=prometheus\nGroup=prometheus\nExecReload=/bin/kill -HUP $MAINPID\nExecStart=/usr/local/bin/prometheus \\\n --config.file=/etc/prometheus/prometheus.yml \\\n --storage.tsdb.path=/var/lib/prometheus \\\n --web.console.templates=/etc/prometheus/consoles \\\n --web.console.libraries=/etc/prometheus/console_libraries \\\n --web.listen-address=0.0.0.0:9090 \\\n --web.external-url=\n\nSyslogIdentifier=prometheus\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=multi-user.target\nEND\n\nfor i in rules rules.d files_sd; do chown -R prometheus:prometheus /etc/prometheus/${i}; done\nfor i in rules rules.d files_sd; do chmod -R 775 /etc/prometheus/${i}; done\nchown -R prometheus:prometheus /var/lib/prometheus/\n\n# Add node_exporter & Enable services\ncurl -s https://api.github.com/repos/prometheus/node_exporter/releases/latest \\\n| grep browser_download_url \\\n| grep linux-amd64 \\\n| cut -d '\"' -f 4 \\\n| wget -qi -\n\ntar -xvf node_exporter*.tar.gz\ncd node_exporter*/\ncp node_exporter /usr/local/bin\nnode_exporter --version\n\ncat </etc/systemd/system/node_exporter.service\n[Unit]\nDescription=Node Exporter\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nUser=prometheus\nExecStart=/usr/local/bin/node_exporter\n\n[Install]\nWantedBy=default.target\nEND\n\nsystemctl daemon-reload\nsystemctl start prometheus\nsystemctl enable prometheus\nsystemctl start node_exporter\nsystemctl enable node_exporter\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [] }, { "id": 688890, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "RabbitMQ One-Click", "description": "RabbitMQ One-Click", "ordinal": 93, "logo_url": "assets/rabbitmq.svg", "images": [ "linode/debian10" ], "deployments_total": 392, "deployments_active": 49, "is_public": true, "mine": false, "created": "2020-11-17T20:53:00", "updated": "2023-12-06T00:35:01", "rev_note": "", "script": "#!/bin/bash\n#\n#\n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Set hostname, configure apt and perform update/upgrade\napt_setup_update\n\n## Install prerequisites\napt-get install curl gnupg -y\n\n## Get RabbitMQ \n$ curl -fsSL https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc | sudo apt-key add -\nsudo apt-key adv --keyserver \"hkps://keys.openpgp.org\" --recv-keys \"0x0A9AF2115F4687BD29803A206B73A36E6026DFCA\"\n## Install apt HTTPS transport\napt-get install apt-transport-https\n\n## Add Bintray repositories that provision latest RabbitMQ and Erlang 23.x releases\ntee /etc/apt/sources.list.d/bintray.rabbitmq.list <\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# System Update\nset_hostname\napt_setup_update\n\nfunction install_redis {\n apt install -y redis-server\n systemctl enable redis-server\n}\n\nfunction redis_config {\n sed -ie \"s/supervised no/supervised systemd/g\" /etc/redis/redis.conf\n sed -ie \"s/appendonly no/appendonly yes/g\" /etc/redis/redis.conf\n systemctl restart redis-server\n}\n\nfunction main {\n install_redis\n redis_config\n}\nmain\n\n# cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for SOA Recorf", "default": "" } ] }, { "id": 1132204, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Marketplace App for Redis® Sentinel Cluster One-Click", "description": "Redis Sentinel One-Click Cluster", "ordinal": 95, "logo_url": "assets/redissentinelmarketplaceocc.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 136, "deployments_active": 8, "is_public": true, "mine": false, "created": "2023-02-27T20:05:44", "updated": "2023-12-06T05:47:35", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Deployment Variables\n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n# \n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/redis-occ.git\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# source script libraries\nsource \n\nfunction cleanup {\n if [ \"$?\" != \"0\" ] || [ \"$SUCCESS\" == \"true\" ]; then\n #deactivate\n cd ${HOME}\n if [ -d \"/tmp/linode\" ]; then\n rm -rf /tmp/linode\n fi\n if [ -d \"/usr/local/bin/run\" ]; then\n rm /usr/local/bin/run\n fi\n stackscript_cleanup\n fi\n}\n\nfunction add_privateip {\n echo \"[info] Adding instance private IP\"\n curl -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X POST -d '{\n \"type\": \"ipv4\",\n \"public\": false\n }' \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips\n}\n\nfunction get_privateip {\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}/ips | \\\n jq -r '.ipv4.private[].address'\n}\n\nfunction configure_privateip {\n LINODE_IP=$(get_privateip)\n if [ ! -z \"${LINODE_IP}\" ]; then\n echo \"[info] Linode private IP present\"\n else\n echo \"[warn] No private IP found. Adding..\"\n add_privateip\n LINODE_IP=$(get_privateip)\n ip addr add ${LINODE_IP}/17 dev eth0 label eth0:1\n fi\n}\n\nfunction rename_provisioner {\n INSTANCE_PREFIX=$(curl -sH \"Authorization: Bearer ${TOKEN_PASSWORD}\" \"https://api.linode.com/v4/linode/instances/${LINODE_ID}\" | jq -r .label)\n export INSTANCE_PREFIX=\"${INSTANCE_PREFIX}\"\n echo \"[info] renaming the provisioner\"\n curl -s -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" \\\n -X PUT -d \"{\n \\\"label\\\": \\\"${INSTANCE_PREFIX}1\\\"\n }\" \\\n https://api.linode.com/v4/linode/instances/${LINODE_ID}\n}\n\nfunction setup {\n # install dependencies\n export DEBIAN_FRONTEND=non-interactive\n apt-get update && apt-get upgrade -y\n apt-get install -y jq git python3 python3-pip python3-dev build-essential firewalld\n # add private IP address\n rename_provisioner\n configure_privateip \n # write authorized_keys file\n if [ \"${ADD_SSH_KEYS}\" == \"yes\" ]; then\n if [ ! -d ~/.ssh ]; then \n mkdir ~/.ssh\n else \n echo \".ssh directory is already created\"\n fi\n curl -sH \"Content-Type: application/json\" -H \"Authorization: Bearer ${TOKEN_PASSWORD}\" https://api.linode.com/v4/profile/sshkeys | jq -r .data[].ssh_key > /root/.ssh/authorized_keys\n fi\n # clone repo and set up ansible environment\n git clone ${GIT_REPO} /tmp/linode\n cd /tmp/linode\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n # copy run script to path\n cp scripts/run.sh /usr/local/bin/run\n chmod +x /usr/local/bin/run\n}\n# main\nsetup\nrun ansible:build\nrun ansible:deploy && export SUCCESS=\"true\"", "user_defined_fields": [ { "name": "token_password", "label": "Your Linode API token" }, { "name": "sudo_username", "label": "The limited sudo user to be created in the cluster" }, { "name": "sslheader", "label": "SSL Information", "header": "Yes", "default": "Yes", "required": "Yes" }, { "name": "country_name", "label": "Details for self-signed SSL certificates: Country or Region", "oneof": "AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW" }, { "name": "state_or_province_name", "label": "State or Province", "example": "Example: Pennsylvania" }, { "name": "locality_name", "label": "Locality", "example": "Example: Philadelphia" }, { "name": "organization_name", "label": "Organization", "example": "Example: Akamai Technologies" }, { "name": "email_address", "label": "Email Address", "example": "Example: user@domain.tld" }, { "name": "ca_common_name", "label": "CA Common Name", "default": "Redis CA" }, { "name": "common_name", "label": "Common Name", "default": "Redis Server" }, { "name": "clusterheader", "label": "Cluster Settings", "default": "Yes", "header": "Yes" }, { "name": "add_ssh_keys", "label": "Add Account SSH Keys to All Nodes?", "oneof": "yes,no", "default": "yes" }, { "name": "cluster_size", "label": "Redis cluster size", "default": "3", "oneof": "3,5" } ] }, { "id": 923036, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Restyaboard One-Click", "description": "Restyaboard One-Click", "ordinal": 96, "logo_url": "assets/restyaboard.svg", "images": [ "linode/centos7", "linode/debian10", "linode/ubuntu20.04" ], "deployments_total": 209, "deployments_active": 2, "is_public": true, "mine": false, "created": "2021-10-18T01:07:09", "updated": "2023-12-03T04:43:28", "rev_note": "", "script": "#!/bin/bash\n#\n# Install script for Restyaboard\n#\n# Usage: ./restyaboard.sh\n#\n# Copyright (c) 2014-2021 Restya.\n# Dual License (OSL 3.0 & Commercial License)\n{\n\tmain() {\n\t\tif [[ $EUID -ne 0 ]];\n\t\tthen\n\t\t\techo \"This script must be run as root\"\n\t\t\texit 1\n\t\tfi\n\t\tset -x\n\t\twhoami\n\t\t#\n\t\t# Checking the OS name and OS version\n\t\t#\n\t\tfind_release ()\n\t\t{\n\t\t\t# Checking the Ubuntu OS\n\t\t\tif [ -f /etc/lsb-release ]; then\n\t\t\t\tOS_REQUIREMENT=\"`grep DISTRIB_ID /etc/lsb-release`\"\n\t\t\t\tDISTRIB_ID='DISTRIB_ID='\n\t\t\t\tOS_NAME=$OS_REQUIREMENT$DISTRIB_ID\n\t\t\t\tarray=();\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" != \"$DISTRIB_ID\" ])\n\t\t\t\tthen\n\t\t\t\t\twhile [[ $OS_NAME ]]; do\n\t\t\t\t\tarray+=( \"${OS_NAME%%\"$DISTRIB_ID\"*}\" );\n\t\t\t\t\tOS_NAME=${OS_NAME#*\"$DISTRIB_ID\"};\n\t\t\t\t\tdone;\n\t\t\t\t\tOS_REQUIREMENT=${array[1]}\n\t\t\t\tfi\n\t\t\t\tOS_VERSION=\"`grep DISTRIB_RELEASE /etc/lsb-release`\"\n\t\t\t\tDISTRIB_RELEASE='DISTRIB_RELEASE='\n\t\t\t\tOS_Ver=$OS_VERSION$DISTRIB_RELEASE\n\t\t\t\tversion=();\n\t\t\t\tif ([ \"$OS_VERSION\" != \"$DISTRIB_RELEASE\" ])\n\t\t\t\tthen\n\t\t\t\t\twhile [[ $OS_Ver ]]; do\n\t\t\t\t\tversion+=( \"${OS_Ver%%\"$DISTRIB_RELEASE\"*}\" );\n\t\t\t\t\tOS_Ver=${OS_Ver#*\"$DISTRIB_RELEASE\"};\n\t\t\t\t\tdone;\n\t\t\t\t\tOS_VERSION=${version[1]}\n\t\t\t\tfi\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the Redhat, Fedora, and Centos\n\t\t\tif [ -f /etc/redhat-release ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/redhat-release | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/redhat-release | cut -d ' ' -f 4 | cut -d '.' -f 1`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the Debian OS\n\t\t\tif [ -f /etc/issue ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/issue | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/issue | cut -d ' ' -f 3`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t\t# Checking the OpenBSD \n\t\t\tif [ -f /etc/motd ]; then\n\t\t\t\tOS_REQUIREMENT=\"`cat /etc/motd | head -1 | cut -d ' ' -f 1`\"\n\t\t\t\tOS_VERSION=\"`cat /etc/motd | head -1 | cut -d ' ' -f 2`\"\n\t\t\t\treturn\n\t\t\tfi\n\n\t\t}\n\t\tfindbin ()\n {\n ret=0\n newpath=`echo $PATH | tr : ' '`\n for i in ${newpath}; do\n\t\t\t\tif [ -x $i/$1 ]; then\n\t\t\t\t\tret=1\n\t\t\t\t\tbreak\n\t\t\t\tfi\n done\n echo $ret\n return \n }\n checkdeps()\n {\n pkginfo=\"dpkg rpm ipkg pkg_info\"\n for i in $pkginfo; do\n ret=`findbin $i`\n if [ $ret -eq 1 ]; then\n\t\t\t\t\tpkginfo=$i\n\t\t\t\t\techo \"Yes, found $i, so we'll use that for listing packages\"\n\t\t\t\t\tbreak\n fi\n done\n\n if [ ${pkginfo} = \"pkg_info\" ]; then\n # BSD needs PKG_PATH set to load anything over the net.\n if [ x${PKG_PATH} = x ]; then\n\t\t\t\t\techo \"Please set the environment variable PKG_PATH and try again.\"\n\t\t\t\t\texit 1\n fi\n fi\n \n \n pkg_name=\"yum apt-get ipkg pkg_add\"\n for i in ${pkg_name}; do\n ret=`findbin $i`\n if [ $ret -eq 1 ]; then\n pkg_name=$i\n\t\t\t\t\techo \"Yes, found $i, so we'll use that to install packages\"\n\t\t\t\t\tbreak\n fi\n done\n \n\n for i in ${genericdeps} ${gtkdeps} ${kdedeps}; do\n case $pkginfo in\n dpkg)\n deps=\"`dpkg -l \"*$i*\" | grep -- \"^ii\" | cut -d ' ' -f 3`\"\n ;;\n rpm)\n deps=\"`rpm -q $i`\"\n ;;\n pkg_info)\n deps=\"`pkg_info | grep \"$i\" | sed -e 's: .*$::'`\"\n ;;\n ipkg)\n deps=\"todo\"\n ;;\n *)\n echo \"ERROR: No package manager found!\"\n exit 1\n ;;\n esac\n found=`echo ${deps} | grep -v 'not installed' | grep -c \"${i}\" 2>&1`\n if [ $found -gt 0 ]; then\n \techo \"Yes, found $i\"\n else\n\t\t\t\t\techo \"Nope, $i appears to not be installed\"\n\t\t\t\t\tmissing=\"${missing} $i\"\n fi\n done\n\n if [ -n \"${missing}\" ]; then\n echo \"package(s)\\\"${missing}\\\" are missing!\"\n echo \"You will need sudo priviledges to install the packages\"\n if [ x$yes = xno ]; then\n \t$debug sudo ${pkgnet} install ${missing}\n else\n \t$debug sudo ${pkgnet} -y install ${missing}\n fi\n fi\n }\n\t\tinstall_nginx() \n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n echo \"Checking nginx...\"\n if ! which nginx > /dev/null 2>&1; then\n echo \"nginx not installed!\"\n echo \"Installing nginx...\"\n apt install -y cron nginx\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"nginx installation failed with error code ${error_code} (nginx installation failed with error code 2)\"\n return 2\n fi\n if [ -f \"/etc/nginx/conf.d/default\" ]; then\n rm -rf /etc/nginx/conf.d/default\n fi\n if [ -f \"/etc/nginx/sites-enabled/default\" ]; then\n rm -rf /etc/nginx/sites-enabled/default\n fi\n if [ -f \"/etc/nginx/sites-available/default\" ]; then\n rm -rf /etc/nginx/sites-available/default\n fi\n service nginx start\n fi\n\t\t\telse\t\t\t\t\n echo \"Checking nginx...\"\n if ! which nginx > /dev/null 2>&1; then\n echo \"nginx not installed!\"\n echo \"Installing nginx...\"\n rpm -Uvh \"http://nginx.org/packages/centos/${OS_VERSION}/noarch/RPMS/nginx-release-centos-${OS_VERSION}-0.el${OS_VERSION}.ngx.noarch.rpm\"\n yum install -y zip cronie nginx\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"cron nginx installation failed with error code ${error_code} cron nginx installation failed with error code 18\"\n return 18\n fi\n if [ -f \"/etc/nginx/conf.d/default.conf\" ]; then\n rm -rf /etc/nginx/conf.d/default.conf\n fi\n if [ -f \"/etc/nginx/sites-enabled/default.conf\" ]; then\n rm -rf /etc/nginx/sites-enabled/default.conf\n fi\n if [ -f \"/etc/nginx/sites-available/default.conf\" ]; then\n rm -rf /etc/nginx/sites-available/default.conf\n fi\n service nginx start\n chkconfig --levels 35 nginx on\n fi\n\t\t\tfi\n\t\t}\n\t\tinstall_php()\n\t\t{\n\t\t\tif ! hash php 2>&-; then\n\t\t\t\techo \"PHP is not installed!\"\n if ([ \"$pkg_name\" = \"apt-get\" ])\n then\t\t\t\t\t\t\t\n echo \"Installing PHP...\"\n apt install -y php7.4 php7.4-common --allow-unauthenticated\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"PHP installation failed with error code ${error_code} (PHP installation failed with error code 3)\"\n return 3\n fi\n else \n if ([ \"$pkg_name\" = \"yum\" ])\n then\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n echo \"Note: For the latest version of PHP, we're going to download https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm and https://rpms.remirepo.net/enterprise/remi-release-8.rpm.\"\n echo \"Installing PHP...\"\n dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm\n dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm\n dnf module enable php:remi-7.4\n dnf -y install php php-cli php-common\n else\n yum install -y epel-release\n echo \"Note: For the latest version of PHP, we're going to download http://rpms.famillecollet.com/enterprise/remi-release-${OS_VERSION}.rpm.\"\n echo \"Installing PHP...\"\n rpm -Uvh \"http://rpms.famillecollet.com/enterprise/remi-release-${OS_VERSION}.rpm\"\n yum --enablerepo=remi-php74 install -y php\n fi\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"php installation failed with error code ${error_code} (php installation failed with error code 20)\"\n return 20\n fi\n fi\n fi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Installing PHP fpm and cli extension...\"\n\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\tthen\n\t\t\t\tapt install -y php7.4-fpm php7.4-cli --allow-unauthenticated\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"php7.4-cli installation failed with error code ${error_code} (php7.4-cli installation failed with error code 4)\"\n\t\t\t\tfi\n\t\t\t\tservice php7.4-fpm start\n\t\t\telse \n\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\tthen\n\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n \t\t\tthen\n\t\t\t\t\t\tdnf -y install php-fpm php-devel php-opcache\n\t\t\t\t\t\tdnf -y install php-json\n\t\t\t\t\telse\n\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-fpm php-devel php-cli php-opcache\n\t\t\t\t\tfi\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php-devel installation failed with error code ${error_code} (php-devel installation failed with error code 21)\"\n\t\t\t\t\t\treturn 21\n\t\t\t\t\tfi\t\t\t\t\t\n\t\t\t\t\tservice php-fpm start\n\t\t\t\tfi\n\t\t\tfi\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"....\"\n\t\t\telse\n\t\t\t\tchkconfig --levels 35 php-fpm on\t\t\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP curl extension...\"\n\t\t\tphp -m | grep curl\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-curl...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-curl --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-curl installation failed with error code ${error_code} (php7.4-curl installation failed with error code 5)\"\n\t\t\t\t\t\treturn 5\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-curl\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-curl\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-curl installation failed with error code ${error_code} (php-curl installation failed with error code 22)\"\n\t\t\t\t\t\t\treturn 22\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP pgsql extension...\"\n\t\t\tphp -m | grep pgsql\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-pgsql...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install libpq5\n\t\t\t\t\tapt install -y php7.4-pgsql --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-pgsql installation failed with error code ${error_code} (php7.4-pgsql installation failed with error code 6)\"\n\t\t\t\t\t\treturn 6\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-pgsql\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-pgsql\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-pgsql installation failed with error code ${error_code} (php-pgsql installation failed with error code 23)\"\n\t\t\t\t\t\t\treturn 23\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP mbstring extension...\"\n\t\t\tphp -m | grep mbstring\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-mbstring...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-mbstring --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-mbstring installation failed with error code ${error_code} (php7.4-mbstring installation failed with error code 7)\"\n\t\t\t\t\t\treturn 7\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-mbstring\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-mbstring\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-mbstring installation failed with error code ${error_code} (php-mbstring installation failed with error code 24)\"\n\t\t\t\t\t\t\treturn 24\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP ldap extension...\"\n\t\t\tphp -m | grep ldap\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-ldap...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-ldap --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-ldap installation failed with error code ${error_code} (php7.4-ldap installation failed with error code 8)\"\n\t\t\t\t\t\treturn 8\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-ldap\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-ldap\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-ldap installation failed with error code ${error_code} (php-ldap installation failed with error code 25)\"\n\t\t\t\t\t\t\treturn 25\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP imagick extension...\"\n\t\t\tphp -m | grep imagick\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php-imagick...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y gcc\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"gcc installation failed with error code ${error_code} (gcc installation failed with error code 9)\"\n\t\t\t\t\t\treturn 9\n\t\t\t\t\tfi\n\t\t\t\t\tapt install -y imagemagick\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"imagemagick installation failed with error code ${error_code} (imagemagick installation failed with error code 9)\"\n\t\t\t\t\t\treturn 9\n\t\t\t\t\tfi\n\t\t\t\t\tapt install -y php7.4-imagick --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-imagick installation failed with error code ${error_code} (php7.4-imagick installation failed with error code 10)\"\n\t\t\t\t\t\treturn 10\n\t\t\t\t\tfi\n\t\t\t\telse \n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tyum install -y ImageM* netpbm gd gd-* libjpeg libexif gcc coreutils make\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-pear\n\t\t\t\t\t\t\tdnf -y install php-gd\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-pear\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-gd\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"Installing php-imagick failed with error code ${error_code} (Installing php-imagick failed with error code 26)\"\n\t\t\t\t\t\t\treturn 26\n\t\t\t\t\t\tfi\n\n\t\t\t\t\t\tcd /usr/local/src\n\t\t\t\t\t\twget http://pecl.php.net/get/imagick-2.2.2.tgz\n\t\t\t\t\t\ttar zxvf ./imagick-2.2.2.tgz\n\t\t\t\t\t\tcd imagick-2.2.2\n\t\t\t\t\t\tphpize\n\t\t\t\t\t\t./configure\n\t\t\t\t\t\tmake\n\t\t\t\t\t\tmake test\n\t\t\t\t\t\tmake install\n\t\t\t\t\t\techo \"extension=imagick.so\" >> /etc/php.ini\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking PHP imap extension...\"\n\t\t\tphp -m | grep imap\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing php7.4-imap...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-imap --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-imap installation failed with error code ${error_code} (php7.4-imap installation failed with error code 11)\"\n\t\t\t\t\t\treturn 11\n\t\t\t\t\tfi\n\t\t\t\telse\n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-imap\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-imap\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"php-imap installation failed with error code ${error_code} (php-imap installation failed with error code 26)\"\n\t\t\t\t\t\t\treturn 26\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t\t\n\t\t\techo \"Checking xml...\"\n\t\t\tphp -m | grep xml\n\t\t\tif [ \"$?\" -gt 0 ]; then\n\t\t\t\techo \"Installing xml...\"\n\t\t\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n\t\t\t\tthen\n\t\t\t\t\tapt install php7.4-xml --allow-unauthenticated\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"xml installation failed with error code ${error_code} (xml installation failed with error code 56)\"\n\t\t\t\t\t\treturn 56\n\t\t\t\t\tfi\n\t\t\t\telse\n\t\t\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install php-xml\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum --enablerepo=remi-php74 install -y php-xml\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"xml installation failed with error code ${error_code} (xml installation failed with error code 57)\"\n\t\t\t\t\t\t\treturn 57\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tset_timezone()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\ttimezone=$(cat /etc/timezone)\n\t\t\t\tsed -i -e 's/date.timezone/;date.timezone/g' /etc/php/7.4/fpm/php.ini\n\t\t\t\techo \"date.timezone = $timezone\" >> /etc/php/7.4/fpm/php.ini\n\t\t\telse \n\t\t\t\tPHP_VERSION=$(php -v | grep \"PHP 5\" | sed 's/.*PHP \\([^-]*\\).*/\\1/' | cut -c 1-3)\n\t\t\t\techo \"Installed PHP version: '$PHP_VERSION'\"\n\t\t\t\ttimezone=$(cat /etc/sysconfig/clock | grep ZONE | cut -d\"\\\"\" -f2)\n\t\t\t\tsed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini\n\t\t\t\techo \"date.timezone = $timezone\" >> /etc/php.ini\n\t\t\tfi\n\t\t}\n\t\tinstall_postgresql()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tid -a postgres\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]; then\n\t\t\t\t\techo \"PostgreSQL not installed!\"\n echo \"Installing PostgreSQL...\"\n sh -c 'echo \"deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main\" > /etc/apt/sources.list.d/pgdg.list'\n apt install wget ca-certificates\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"ca-certificates installation failed with error code ${error_code} (ca-certificates installation failed with error code 12)\"\n fi\n wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc\n apt-key add ACCC4CF8.asc\n apt update\n apt install -y postgresql --allow-unauthenticated\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 13)\"\n return 13\n fi\n\t\t\t\telse\n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}' | head -1)\n\t\t\t\t\tif [[ ${PSQL_VERSION} == \"\" ]]; then\n\t\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^10\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=10\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^11\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=11\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ ${PSQL_VERSION} =~ ^12\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\t\tPSQL_VERSION=12\n\t\t\t\t\tfi\n\t\t\t\t\tif [[ 1 -eq \"$(echo \"${PSQL_VERSION} < 9.3\" | bc)\" ]]; then\n\t\t\t\t\t\tset +x\n\t\t\t\t\t\techo \"Restyaboard will not work in your PostgreSQL version (i.e. less than 9.3). So script going to update PostgreSQL version 9.6\"\n\t\t\t\t\t\tsh -c 'echo \"deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main\" > /etc/apt/sources.list.d/pgdg.list'\n\t\t\t\t\t\tapt install wget ca-certificates\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"ca-certificates installation failed with error code ${error_code} (ca-certificates installation failed with error code 12)\"\n\t\t\t\t\t\tfi\n\t\t\t\t\t\twget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc\n\t\t\t\t\t\tapt-key add ACCC4CF8.asc\n\t\t\t\t\t\tapt update\n\t\t\t\t\t\tapt upgrade\n\t\t\t\t\t\tapt install -y postgresql --allow-unauthenticated\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 13)\"\n\t\t\t\t\t\t\treturn 13\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}' | head -1)\n\t\t\t\tif [[ ${PSQL_VERSION} == \"\" ]]; then\n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^10\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=10\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^11\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=11\n\t\t\t\tfi\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^12\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=12\n\t\t\t\tfi\n\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < /etc/postgresql/${PSQL_VERSION}/main/pg_hba.conf > /etc/postgresql/${PSQL_VERSION}/main/pg_hba.conf.1\n\t\t\t\tcd /etc/postgresql/${PSQL_VERSION}/main || exit\n\t\t\t\tmv pg_hba.conf pg_hba.conf_old\n\t\t\t\tmv pg_hba.conf.1 pg_hba.conf\n\t\t\t\tservice postgresql restart\n\t\t\telse\n\t\t\t\tif ! which psql > /dev/null 2>&1;\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL not installed!\"\n echo \"Installing PostgreSQL...\"\n if [ $(getconf LONG_BIT) = \"64\" ]; then\n if [[ $OS_REQUIREMENT = \"Fedora\" ]]; then\n dnf install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/F-${OS_VERSION}-x86_64/pgdg-fedora-repo-latest.noarch.rpm\"\n else\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" != \"8\" ])\n then\n yum install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/EL-${OS_VERSION}-x86_64/pgdg-redhat-repo-latest.noarch.rpm\"\n fi\n fi\n fi\n if ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n dnf module enable postgresql:13\n dnf -y install postgresql-server postgresql-contrib postgresql-libs\n else\n yum install -y postgresql13 postgresql13-server postgresql13-contrib postgresql13-libs\t\n fi\n error_code=$?\n if [ ${error_code} != 0 ]\n then\n echo \"postgresql13 installation failed with error code ${error_code} (postgresql13 installation failed with error code 29)\"\n return 29\n fi\n\t\t\t\telse \n\t\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\t\tif [[ $PSQL_VERSION < 9.3 ]]; then\n\t\t\t\t\t\tset +x\n\t\t\t\t\t\techo \"Restyaboard will not work in your PostgreSQL version (i.e. less than 9.3). So script going to update PostgreSQL version 9.6\"\n\t\t\t\t\t\tif [ $(getconf LONG_BIT) = \"64\" ]; then\n\t\t\t\t\t\t\tif [[ $OS_REQUIREMENT = \"Fedora\" ]]; then\n\t\t\t\t\t\t\t\tdnf install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/F-${OS_VERSION}-x86_64/pgdg-fedora-repo-latest.noarch.rpm\"\n\t\t\t\t\t\t\telse\n\t\t\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" != \"8\" ])\n\t\t\t\t\t\t\t\tthen\n\t\t\t\t\t\t\t\t\tyum install -y \"https://download.postgresql.org/pub/repos/yum/reporpms/EL-${OS_VERSION}-x86_64/pgdg-redhat-repo-latest.noarch.rpm\"\n\t\t\t\t\t\t\t\tfi\n\t\t\t\t\t\t\tfi\n\t\t\t\t\t\tfi\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf module enable postgresql:13\n\t\t\t\t\t\t\tdnf -y install postgresql-server postgresql-contrib postgresql-libs\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum install -y postgresql13 postgresql13-server postgresql13-contrib postgresql13-libs\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"postgresql installation failed with error code ${error_code} (postgresql installation failed with error code 29)\"\n\t\t\t\t\t\t\treturn 29\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tPSQL_VERSION=$(psql --version | egrep -o '[0-9]{1,}\\.[0-9]{1,}')\n\t\t\t\tif [[ ${PSQL_VERSION} =~ ^13\\.[0-9]{1,}$ ]]; then\n\t\t\t\t\tPSQL_VERSION=13\n\t\t\t\tfi\n\t\t\t\tPSQL_FOLDER=$(echo ${PSQL_VERSION} | sed 's/\\.//')\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tpostgresql-setup --initdb\n\t\t\t\telse\n\t\t\t\t\t\"/usr/pgsql-${PSQL_VERSION}/bin/postgresql-${PSQL_VERSION}-setup\" initdb\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsystemctl enable postgresql\n\t\t\t\t\tsystemctl start postgresql\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\tsystemctl start \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\t\tsystemctl enable \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\telse\n\t\t\t\t\t\t\"/etc/init.d/postgresql-${PSQL_VERSION}\" start\n\t\t\t\t\t\tchkconfig --levels 35 \"postgresql-${PSQL_VERSION}\" on\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < \"/var/lib/pgsql/data/pg_hba.conf\" > \"/var/lib/pgsql/data/pg_hba.conf.1\"\n\t\t\t\t\tcd \"/var/lib/pgsql/data\" || exit\n\t\t\t\telse\n\t\t\t\t\tsed -e 's/peer/trust/g' -e 's/ident/trust/g' < \"/var/lib/pgsql/${PSQL_VERSION}/data/pg_hba.conf\" > \"/var/lib/pgsql/${PSQL_VERSION}/data/pg_hba.conf.1\"\n\t\t\t\t\tcd \"/var/lib/pgsql/${PSQL_VERSION}/data\" || exit\n\t\t\t\tfi\n\t\t\t\tmv pg_hba.conf pg_hba.conf_old\n\t\t\t\tmv pg_hba.conf.1 pg_hba.conf\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\tthen\n\t\t\t\t\tsystemctl restart postgresql\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\tsystemctl restart \"postgresql-${PSQL_VERSION}.service\"\n\t\t\t\t\telse\n\t\t\t\t\t\t\"/etc/init.d/postgresql-${PSQL_VERSION}\" restart\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tinstall_geoip()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tif ! hash GeoIP-devel 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tapt install -y php7.4-geoip php7.4-dev libgeoip-dev\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"php7.4-geoip php7.4-dev libgeoip-dev installation failed with error code ${error_code} (php7.4-geoip php7.4-dev libgeoip-dev installation failed with error code 50)\"\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\t\tif ! hash pecl/geoip 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tpecl install geoip\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"pecl geoip installation failed with error code ${error_code} (pecl geoip installation failed with error code 47)\"\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\t\techo \"extension=geoip.so\" >> /etc/php.ini\n\n\t\t\t\tmkdir -v /usr/share/GeoIP\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"GeoIP folder creation failed with error code ${error_code} (GeoIP folder creation failed with error code 52)\"\n\t\t\t\tfi\n\t\t\t\tget_geoip_data\n\t\t\telse\n\t\t\t\tif ! hash pecl/geoip 2>&-;\n\t\t\t\tthen\n\t\t\t\t\tpecl install geoip\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"pecl geoip installation failed with error code ${error_code} (pecl geoip installation failed with error code 47)\"\n\t\t\t\t\t\treturn 47\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tconfigure_restyaboard()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n cp ${DOWNLOAD_DIR}/restyaboard.conf /etc/nginx/conf.d\n echo \"Changing server_name in nginx configuration...\"\n sed -i \"s/server_name.*$/server_name \\\"$IPADDR\\\";/\" /etc/nginx/conf.d/restyaboard.conf\n sed -i \"s|listen 80.*$|listen 80;|\" /etc/nginx/conf.d/restyaboard.conf\n mkdir -p \"$RESTYABOARD_DIR\"\n echo \"Changing root directory in nginx configuration...\"\n sed -i \"s|root.*html|root $RESTYABOARD_DIR|\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\telse\n cp ${DOWNLOAD_DIR}/restyaboard.conf /etc/nginx/conf.d\n sed -i \"s/server_name.*$/server_name \\\"$IPADDR\\\";/\" /etc/nginx/conf.d/restyaboard.conf\n sed -i \"s|listen 80.*$|listen 80;|\" /etc/nginx/conf.d/restyaboard.conf\n mkdir -p \"$RESTYABOARD_DIR\"\n echo \"Changing root directory in nginx configuration...\"\n sed -i \"s|root.*html|root $RESTYABOARD_DIR|\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\tfi\n\t\t}\n\t\tinstall_postfix()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"Installing postfix...\"\n\t\t\t\techo \"postfix postfix/mailname string $IPADDR\"\\\n\t\t\t\t| debconf-set-selections &&\\\n\t\t\t\techo \"postfix postfix/main_mailer_type string 'Internet Site'\"\\\n\t\t\t\t| debconf-set-selections &&\\\n\t\t\t\tapt install -y postfix\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"postfix installation failed with error code ${error_code} (postfix installation failed with error code 16)\"\n\t\t\t\tfi\n\t\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\t\tif [ -f \"/etc/php/${PHP_VERSION}/fpm/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php/${PHP_VERSION}/fpm/php.ini\n\t\t\t\tfi\n\t\t\t\tif [ -f \"/etc/php/${PHP_VERSION}/cli/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php/${PHP_VERSION}/cli/php.ini\n\t\t\t\tfi\n\t\t\t\tif [ -f \"/etc/php.ini\" ] \n\t\t\t\tthen\n\t\t\t\t\tsed -i \"s/;sendmail_path =/sendmail_path = \\\"\\/usr\\/sbin\\/sendmail -t -i\\\"/g\" /etc/php.ini\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tchange_permission()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\tthen\n\t\t\t\tchcon -R -t httpd_sys_rw_content_t $RESTYABOARD_DIR/media/ $RESTYABOARD_DIR/tmp/cache/ $RESTYABOARD_DIR/client/img/\n\t\t\t\tchcon -Rv --type=httpd_t $RESTYABOARD_DIR/\n\t\t\tfi\n\t\t}\n\t\tpsql_connect()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL Changing the permission failed with error code ${error_code} (PostgreSQL Changing the permission failed with error code 34)\"\n\t\t\t\t\treturn 34\n\t\t\t\tfi\n\t\t\t\tsleep 1\n\t\t\t\techo \"Creating PostgreSQL user and database...\"\n\t\t\t\tpsql -U postgres -c \"DROP USER IF EXISTS ${POSTGRES_DBUSER};CREATE USER ${POSTGRES_DBUSER} WITH ENCRYPTED PASSWORD '${POSTGRES_DBPASS}'\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL user creation failed with error code ${error_code} (PostgreSQL user creation failed with error code 35)\"\n\t\t\t\t\treturn 35\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"CREATE DATABASE ${POSTGRES_DBNAME} OWNER ${POSTGRES_DBUSER} ENCODING 'UTF8' TEMPLATE template0\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database creation failed with error code ${error_code} (PostgreSQL database creation failed with error code 36)\"\n\t\t\t\t\treturn 36\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL extension creation failed with error code ${error_code} (PostgreSQL extension creation failed with error code 37)\"\n\t\t\t\t\treturn 37\n\t\t\t\tfi\n\t\t\t\tpsql -U postgres -c \"COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} = 0 ];\n\t\t\t\tthen\n\t\t\t\t\techo \"Importing empty SQL...\"\n\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/restyaboard_with_empty_data.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"PostgreSQL Empty SQL importing failed with error code ${error_code} (PostgreSQL Empty SQL importing failed with error code 39)\"\n\t\t\t\t\t\treturn 39\n\t\t\t\t\tfi\n\t\t\t\tfi\n\t\t\telse\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL Changing the permission failed with error code ${error_code} (PostgreSQL Changing the permission failed with error code 40)\"\n\t\t\t\t\treturn 40\n\t\t\t\tfi\t\t\t\n\t\t\t\tsleep 1\n\t\t\t\techo \"Creating PostgreSQL user and database...\"\n\t\t\t\tpsql -U postgres -c \"DROP USER IF EXISTS ${POSTGRES_DBUSER};CREATE USER ${POSTGRES_DBUSER} WITH ENCRYPTED PASSWORD '${POSTGRES_DBPASS}'\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL user creation failed with error code ${error_code} (PostgreSQL user creation failed with error code 41)\"\n\t\t\t\t\treturn 41\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"CREATE DATABASE ${POSTGRES_DBNAME} OWNER ${POSTGRES_DBUSER} ENCODING 'UTF8' TEMPLATE template0\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database creation failed with error code ${error_code} (PostgreSQL database creation failed with error code 42)\"\n\t\t\t\t\treturn 42\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;\"\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL extension creation failed with error code ${error_code} (PostgreSQL extension creation failed with error code 43)\"\n\t\t\t\t\treturn 43\n\t\t\t\tfi\t\t\t\n\t\t\t\tpsql -U postgres -c \"COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language';\"\n\t\t\t\tif [ \"$?\" = 0 ];\n\t\t\t\tthen\n\t\t\t\t\techo \"Importing empty SQL...\"\n\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/restyaboard_with_empty_data.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\terror_code=$?\n\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"PostgreSQL Empty SQL importing failed with error code ${error_code} (PostgreSQL Empty SQL importing failed with error code 45)\"\n\t\t\t\t\t\treturn 45\n\t\t\t\t\tfi\t\n\t\t\t\tfi\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\t\tthen\n\t\t\t\t\tsetsebool -P allow_postfix_local_write_mail_spool 1\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tphp_fpm_reset()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \".........\"\n\t\t\telse\n\t\t\t\techo \"Reset php-fpm (use unix socket mode)...\"\n\t\t\t\tif [ -f \"/run/php/php7.4-fpm.sock\" ]; then\n\t\t\t\t\tsed -i \"s/listen = 127.0.0.1:9000/listen = \\/run\\/php\\/php7.4-fpm.sock/g\" /etc/php-fpm.d/www.conf\n\t\t\t\telif [ -f \"/run/php-fpm/www.sock\" ]; then\n\t\t\t\t\tsed -i \"s/listen = 127.0.0.1:9000/listen = \\/run\\/php-fpm\\/www.sock/g\" /etc/php-fpm.d/www.conf\n\t\t\t\t\tsed -i \"s/unix:\\/run\\/php\\/php7.4-fpm.sock/unix:\\/run\\/php-fpm\\/www.sock/g\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\t\telse\n\t\t\t\t\tsed -i \"s/unix:\\/run\\/php\\/php7.4-fpm.sock/127.0.0.1:9000/g\" /etc/nginx/conf.d/restyaboard.conf\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tinstall_jq()\n\t\t{\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tapt install -y jq\n\t\t\t\terror_code=$?\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"jq installation failed with error code ${error_code} (jq installation failed with error code 53)\"\n\t\t\t\tfi\n\t\t\telse\n\t\t\t\tyum install -y jq\n\t\t\t\terror_code\n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"jq installation failed with error code ${error_code} (jq installation failed with error code 49)\"\n\t\t\t\t\treturn 49\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tset_db_connection()\n\t\t{\t\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\techo \"Starting services...\"\n\t\t\t\tservice cron restart\n\t\t\t\tservice php7.4-fpm restart\n\t\t\t\tservice nginx restart\n\t\t\t\tservice postfix restart\n\t\t\t\tapt install -y python-pip\n\t\t\t\tpip install virtualenv\n\t\t\telse\n\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\telse\n\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\tfi\n\t\t\t\tyum install -y python-pip\n\t\t\t\tpip install virtualenv\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\t\tthen\n\t\t\t\t\tsetsebool -P httpd_can_network_connect_db=1\n\t\t\t\tfi\n\t\t\tfi\n\t\t}\n\t\tssl_connectivity()\n\t\t{\n\t\t\tif [[ $IPADDR =~ ^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$ ]]; then\n\t\t\t\techo \"SSL connectivity cannot be set for IP address\"\n\t\t\telse\n\t\t\t\tset +x\n\t\t\t\techo \"Do you want to set up SSL connectivity for your domain and your domain should be publicly accessible Restyaboard instance and your domain should be mappped to this Restyaboard Server, Note: If you're trying to set SSL for Non-publicly accessible instance, then your Restyaboard will not work (y/n)?\"\n\t\t\t\tread -r answer\n\t\t\t\tset -x\n\t\t\t\tcase \"${answer}\" in\n\t\t\t\t\t[Yy])\n\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\t\t\tthen\n\t\t\t\t\t\tapt install certbot python3-certbot-nginx -y\n\t\t\t\t\t\tservice nginx restart\n\t\t\t\t\t\tservice php7.4-fpm restart\n\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\telse\n\t\t\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\tdnf -y install epel-release\n\t\t\t\t\t\t\tdnf -y install certbot python3-certbot-nginx\n\t\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\tyum install -y epel-release\n\t\t\t\t\t\t\tyum install certbot-nginx\n\t\t\t\t\t\t\tcertbot --nginx\n\t\t\t\t\t\tfi\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"SSL installation failed with error code ${error_code} (php installation failed with error code 20)\"\n\t\t\t\t\t\t\treturn 20\n\t\t\t\t\t\tfi\n\t\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\t\t\telse\n\t\t\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tesac\n\t\t\tfi\n\t\t}\n\t\tfind_release\n\t\tcheckdeps\n\t\tif ([ \"$pkg_name\" = \"apt-get\" ])\n then\n\t\t\tapt update\n apt install -y net-tools\n\t\t\tapt install -y curl unzip\n\t\telse\n\t\t\tif ([ \"$pkg_name\" = \"yum\" ])\n \tthen\n yum install -y net-tools\n\t\t\t\tyum install -y curl unzip\n\t\t\tfi\n\t\tfi\n IFCONFIG_PATH=$(which ifconfig)\n IPADDR=$(${IFCONFIG_PATH} eth0 | awk '/inet / { print $2 }' | sed 's/addr://')\n\t\tRESTYABOARD_VERSION=$(curl --silent https://api.github.com/repos/RestyaPlatform/board/releases | grep tag_name -m 1 | awk '{print $2}' | sed -e 's/[^v0-9.]//g')\n\t\tPOSTGRES_DBHOST=localhost\n\t\tPOSTGRES_DBNAME=restyaboard\n\t\tPOSTGRES_DBUSER=restya\n\t\tPOSTGRES_DBPASS=hjVl2!rGd\n\t\tPOSTGRES_DBPORT=5432\n\t\tDOWNLOAD_DIR=/opt/restyaboard\n RESTYABOARD_DIR=/usr/share/nginx/html/restyaboard\n\t\t\n\t\tget_geoip_data () \n\t\t{\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIP.dat.gz\n\t\t\tgunzip GeoIP.dat.gz\n\t\t\tmv GeoIP.dat /usr/share/GeoIP/GeoIP.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz\n\t\t\tgunzip GeoIPv6.dat.gz\n\t\t\tmv GeoIPv6.dat /usr/share/GeoIP/GeoIPv6.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.xz\n\t\t\tunxz GeoLiteCity.dat.xz\n\t\t\tmv GeoLiteCity.dat /usr/share/GeoIP/GeoIPCity.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoLiteCityv6.dat.gz\n\t\t\tgunzip GeoLiteCityv6.dat.gz\n\t\t\tmv GeoLiteCityv6.dat /usr/share/GeoIP/GeoLiteCityv6.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPASNum.dat.gz\n\t\t\tgunzip GeoIPASNum.dat.gz\n\t\t\tmv GeoIPASNum.dat /usr/share/GeoIP/GeoIPASNum.dat\n\t\t\twget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIPASNumv6.dat.gz\n\t\t\tgunzip GeoIPASNumv6.dat.gz\n\t\t\tmv GeoIPASNumv6.dat /usr/share/GeoIP/GeoIPASNumv6.dat\n\t\t}\n\n\t\tupgrade-0.3-0.4()\n\t\t{\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/chat_activities.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/0 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/periodic_chat_email_notification.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/indexing_to_elasticsearch.sh//\" /var/spool/cron/crontabs/root\n\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/upgrade_v0.2.1_v0.3.php\n\n\t\t\trm -rf $RESTYABOARD_DIR/client/apps/\n\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/jaxl3/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp-prebind-php/\n\t\t}\n\n\t\tupgrade-0.4-0.4.1()\n\t\t{\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/chat_activities.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/0 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/periodic_chat_email_notification.sh//\" /var/spool/cron/crontabs/root\n\t\t\tsed -i \"s/*\\/5 * * * * $RESTYABOARD_DIR\\/server\\/php\\/shell\\/indexing_to_elasticsearch.sh//\" /var/spool/cron/crontabs/root\n\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/chat_activities.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/indexing_to_elasticsearch.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.sh\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/periodic_chat_email_notification.php\n\t\t\trm $RESTYABOARD_DIR/server/php/shell/upgrade_v0.2.1_v0.3.php\n\n\t\t\trm -rf $RESTYABOARD_DIR/client/apps/\n\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/jaxl3/\n\t\t\trm -rf $RESTYABOARD_DIR/server/php/libs/vendors/xmpp-prebind-php/\n\t\t}\n\n\t\tupgrade-0.5.2-0.6()\n\t\t{\n\t\t\tsed -i \"s/rewrite ^\\/ical\\/.*/rewrite ^\\/ical\\/([0-9]*)\\/([0-9]*)\\/([a-z0-9]*).ics\\$ \\/server\\/php\\/ical.php?board_id=\\$1\\&user_id=\\$2\\&hash=\\$3 last;/\" /etc/nginx/conf.d/restyaboard.conf\n\t\t}\n\n\t\tupgrade-0.6.3-0.6.4()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_hide_card_created_date\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_hide_card_created_date/\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.4-0.6.5()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_hide_card_id\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_hide_card_id/\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.2.zip\n\t\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.5-0.6.6()\n\t\t{\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_codenames-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.1.zip\n\t\t\t\tunzip /tmp/r_codenames-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t}\n\t\t\n\t\tupgrade-0.6.6-0.6.7(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_card_counter-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_card_counter-v0.1.1.zip\n\t\t\tunzip /tmp/r_card_counter-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.2.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_eu_gdpr-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_eu_gdpr-v0.1.2.zip\n\t\t\tunzip /tmp/r_eu_gdpr-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n\t\t\tcurl -v -L -G -o /tmp/r_gmail_addon-v0.1.1.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_gmail_addon-v0.1.1.zip\n\t\t\tunzip /tmp/r_gmail_addon-v0.1.1.zip -d \"$RESTYABOARD_DIR/client/apps\"\t\t\t\n\t\t\t\n\t\t\tcurl -v -L -G -o /tmp/r_hide_card_additional_informations-v0.1.3.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_hide_card_additional_informations-v0.1.3.zip\n\t\t\tunzip /tmp/r_hide_card_additional_informations-v0.1.3.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\t: > /var/spool/cron/crontabs/root\n\t\t\t\techo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/crontabs/root\n\t\t\telse\n\t\t\t\t: > /var/spool/cron/root\n\t\t\t\techo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/root\n\t\t\tfi\n\t\t}\n\n\t\tupgrade-0.6.7-0.6.8(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.3.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.3.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.3.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t}\n\n\t\tupgrade-0.6.8-0.6.9(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.4.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.4.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.4.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\n find \"$RESTYABOARD_DIR/client/apps\" -type d -exec chmod 755 {} \\;\n find \"$RESTYABOARD_DIR/client/apps\" -type f -exec chmod 644 {} \\;\n chmod 0777 $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t}\n\t\tupgrade-0.6.9-1.7(){\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps/r_togetherjs\" ]; then\n\t\t\t\trm -rf $RESTYABOARD_DIR/client/apps/r_togetherjs/\n\t\t\tfi\n\t\t\tif [ -d \"$RESTYABOARD_DIR/client/apps\" ]; then\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\telse \n\t\t\t\tmkdir \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\tchmod -R go+w \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tfi\n\t\t\tcurl -v -L -G -o /tmp/r_codenames-v0.1.5.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_codenames-v0.1.5.zip\n\t\t\tunzip /tmp/r_codenames-v0.1.5.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tcurl -v -L -G -o /tmp/r_gmail_addon-v0.1.2.zip https://github.com/RestyaPlatform/board-apps/releases/download/v1/r_gmail_addon-v0.1.2.zip\n\t\t\tunzip /tmp/r_gmail_addon-v0.1.2.zip -d \"$RESTYABOARD_DIR/client/apps\"\n\t\t\t\n\t\t\techo \"Applying permission...\"\n\t\t\tuseradd restyaboard\n\t\t\tusermod --password 'hjVl2!rGd' restyaboard\n\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\tthen\n\t\t\t\tuser www-data;\n\t\t\t\tusermod -a -G restyaboard www-data\n\t\t\t\tsed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\t\tsed -i \"s/user\\s*=\\s*www-data/user = restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\t\tsed -i \"0,/group\\s*=\\s*www-data/s//group = restyaboard/g\" /etc/php/${PHP_VERSION}/fpm/pool.d/www.conf\n\t\t\telse\n\t\t\t\tuser nginx;\n\t\t\t\tusermod -a -G restyaboard nginx\n\t\t\t\tsed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\t\tsed -i \"s/user\\s*=\\s*apache/user = restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\t\tsed -i \"0,/group\\s*=\\s*apache/s//group = restyaboard/g\" /etc/php-fpm.d/www.conf\n\t\t\tfi\n\t\t\tchown -R restyaboard:restyaboard $RESTYABOARD_DIR\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/media\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/media;\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/img\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/img;\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/tmp/cache\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/tmp/cache;\n\t\t\tchmod +x $RESTYABOARD_DIR/server/php/shell/main.sh\n\t\t\tchown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tchmod -R u=rwX,g=rX,o= \"$RESTYABOARD_DIR/client/apps\"\n\t\t\tchmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ])\n\t\t\tthen\n\t\t\t\tchcon -R -t httpd_sys_rw_content_t $RESTYABOARD_DIR/client/apps/**/*.json\n\t\t\tfi\n\t\t}\n\n\t\tupdate_version()\n\t\t{\n\t\t\tset +x\n\t\t\techo -e \"A newer version ${RESTYABOARD_VERSION} of Restyaboard is available.\\n\\nImportant: Please note that upgrading will remove any commercial apps that were free in previous version.\\nFor more details about commercial apps, please visit https://restya.com/board/pricing\\n\\nDo you want to get it now y/n?\"\n\t\t\tread -r answer\n\t\t\tset -x\n\t\t\tcase \"${answer}\" in\n\t\t\t\t[Yy])\n\t\t\t\tset +x\n\t\t\t\tset -x\n\t\t\t\t\n\t\t\t\techo \"Downloading files...\"\n\t\t\t\tcurl -v -L -G -d \"app=board&ver=${RESTYABOARD_VERSION}\" -o /tmp/restyaboard.zip -k https://restya.com/download.php\n\t\t\t\tunzip /tmp/restyaboard.zip -d ${DOWNLOAD_DIR}\n\t\t\t\t\n\t\t\t\techo \"Updating files...\"\n\t\t\t\tcp -r ${DOWNLOAD_DIR}/. \"$RESTYABOARD_DIR\"\n\t\t\t\t\n\t\t\t\techo \"Connecting database to run SQL changes...\"\n\t\t\t\tpsql -U postgres -c \"\\q\"\n\t\t\t\terror_code=$? \n\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\tthen\n\t\t\t\t\techo \"PostgreSQL database connection failed with error code ${error_code} (PostgreSQL database connection failed with error code 32)\"\n\t\t\t\t\treturn 32\n\t\t\t\tfi\n\t\t\t\tsleep 1\n\t\t\t\t\n\t\t\t\techo \"Changing PostgreSQL database name, user and password...\"\n\t\t\t\tsed -i \"s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${POSTGRES_DBNAME}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_USER'.*$/define('R_DB_USER', '${POSTGRES_DBUSER}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', '${POSTGRES_DBPASS}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${POSTGRES_DBHOST}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tsed -i \"s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${POSTGRES_DBPORT}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n\t\t\t\tPHP_VERSION=$(php --version | head -n 1 | cut -d \" \" -f 2 | grep --only-matching --perl-regexp \"^\\\\d\\.\\\\d+\")\n\t\t\t\tversion=$(cat ${DOWNLOAD_DIR}/release)\n\t\t\t\tdeclare -a upgrade;\n\t\t\t\tif [[ $version < \"v0.4\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.3-0.4\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.4.1\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.4-0.4.1\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.5\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.4.2-0.5\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.5.2\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.5.1-0.5.2\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.5.2-0.6\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.1\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6-0.6.1\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.2\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.1-0.6.2\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.3\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.2-0.6.3\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.4\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.3-0.6.4\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.5\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.4-0.6.5\")\n\t\t\t\tfi\t\n\t\t\t\tif [[ $version < \"v0.6.6\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.5-0.6.6\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.7\" ]];\n\t\t\t\tthen\n\t\t\t\t\tset +x\n\t\t\t\t\techo \"Before updating make sure to remove duplicate username's and emails used by more than one user, otherwise unique indexing for users will be thrown an error But all other queries will be executed without any issue.\"\n\t\t\t\t\tread -r -s -p $'Press [Enter] key to continue...'\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.6-0.6.7\")\n\t\t\t\tfi\n\t\t\t\tif [[ $version < \"v0.6.8\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.7-0.6.8\")\n\t\t\t\tfi\t\t \n\t\t\t\tif [[ $version < \"v0.6.9\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.8-0.6.9\")\n\t\t\t\tfi\t\n\t\t\t\tif [[ $version < \"v1.7\" ]];\n\t\t\t\tthen\n\t\t\t\t\tupgrade+=(\"upgrade-0.6.9-1.7\")\n\t\t\t\tfi\n\t\t\t\t# use for loop to read all values and indexes\n\t\t\t\tfor i in \"${upgrade[@]}\"\n\t\t\t\tdo\n\t\t\t\t\tif [ \"$(type -t ${i})\" = function ];\n\t\t\t\t\tthen\n\t\t\t\t\t\teval ${i}\n\t\t\t\t\tfi\n\t\t\t\t\tif [ -f \"$RESTYABOARD_DIR/sql/${i}.sql\" ];\n\t\t\t\t\tthen\n\t\t\t\t\t\techo \"Updating SQL...\"\n\t\t\t\t\t\tpsql -d ${POSTGRES_DBNAME} -f \"$RESTYABOARD_DIR/sql/${i}.sql\" -U ${POSTGRES_DBUSER}\n\t\t\t\t\t\terror_code=$?\n\t\t\t\t\t\tif [ ${error_code} != 0 ]\n\t\t\t\t\t\tthen\n\t\t\t\t\t\t\techo \"PostgreSQL updation of SQL failed with error code ${error_code} (PostgreSQL updation of SQL failed with error code 33)\"\n\t\t\t\t\t\t\treturn 33\n\t\t\t\t\t\tfi\n\t\t\t\t\tfi\n\t\t\t\tdone\n\t\t\t\t/bin/echo \"$RESTYABOARD_VERSION\" > ${DOWNLOAD_DIR}/release\n\n\t\t\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\t\t\tthen\t\t\t\t \n service nginx restart\n\t\t\t\t\tservice php${PHP_VERSION}-fpm restart\n\t\t\t\telse\n\t\t\t\t\tif [ -f \"/bin/systemctl\" ]; then\n\t\t\t\t\t\techo \"Starting services with systemd...\"\n\t\t\t\t\t\tsystemctl restart nginx\n\t\t\t\t\t\tsystemctl restart php-fpm\n\t\t\t\t\telse\n\t\t\t\t\t\techo \"Starting services...\"\n\t\t\t\t\t\t/etc/init.d/php-fpm restart\n\t\t\t\t\t\t/etc/init.d/nginx restart\n\t\t\t\t\tfi\n\t\t\t\tfi\n\n\t\t\tesac\n\t\t}\n\n\t\tif [ -f \"$DOWNLOAD_DIR/release\" ];\n\t\tthen\n\t\t\tversion=$(cat ${DOWNLOAD_DIR}/release)\n\t\t\tif [[ $version < $RESTYABOARD_VERSION ]];\n\t\t\tthen\n\t\t\t\tupdate_version\n\t\t\t\texit;\n\t\t\telse\n\t\t\t\techo \"No new version available\"\n\t\t\t\texit;\n\t\t\tfi\n\t\telse\n\t\t\tset +x\n\t\t\techo \"Is Restyaboard already installed and configured/working y/n?\"\n\t\t\tread -r answer\n\t\t\tset -x\n\t\t\tcase \"${answer}\" in\n\t\t\t\t[Yy])\n\t\t\t\tupdate_version\n\t\t\t\texit;\n\t\t\tesac\n\t\tfi\n\n if ([ \"$OS_REQUIREMENT\" = \"Debian\" ])\n then\n sed -i -e 's/deb cdrom/#deb cdrom/g' /etc/apt/sources.list\n sh -c 'echo \"deb http://ftp.de.debian.org/debian jessie main\" > /etc/apt/sources.list.d/debjessie.list'\n apt install apt-transport-https lsb-release ca-certificates -y\n wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg\n echo \"deb https://packages.sury.org/php/ $(lsb_release -sc) main\" | tee /etc/apt/sources.list.d/php.list\n fi\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n apt install debian-keyring debian-archive-keyring -y\n apt update -y\n apt upgrade -y\n apt install python-software-properties -y\n apt install software-properties-common -y\n if ! hash php 2>&-; then\n add-apt-repository -y ppa:ondrej/php\n apt update -y\n apt install libjpeg8 -y --allow-unauthenticated\n fi\n fi\n install_nginx\n \n echo \"Checking PHP...\"\n install_php\n\n echo \"Setting up timezone...\"\n set_timezone\n \n echo \"Checking PostgreSQL...\"\n install_postgresql\n\n install_geoip\n \n echo \"Downloading Restyaboard script...\"\n if ([ \"$pkg_name\" = \"apt-get\" ])\n then\n apt install -y curl\n fi\n mkdir ${DOWNLOAD_DIR}\n curl -v -L -G -d \"app=board&ver=${RESTYABOARD_VERSION}\" -o /tmp/restyaboard.zip -k https://restya.com/download.php\n unzip /tmp/restyaboard.zip -d ${DOWNLOAD_DIR}\n rm /tmp/restyaboard.zip\n\n configure_restyaboard\n \n \n echo \"Copying Restyaboard script to root directory...\"\n cp -r ${DOWNLOAD_DIR}/* \"$RESTYABOARD_DIR\"\n \n install_postfix\n \n echo \"Changing permission...\"\n useradd restyaboard\n usermod --password 'hjVl2!rGd' restyaboard\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n user www-data;\n usermod -a -G restyaboard www-data\n sed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n sed -i \"s/user\\s*=\\s*www-data/user = restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n sed -i \"0,/group\\s*=\\s*www-data/s//group = restyaboard/g\" /etc/php/7.4/fpm/pool.d/www.conf\n else\n user nginx;\n usermod -a -G restyaboard nginx\n sed -i \"s/\\[www\\]/[restyaboard] group=restyaboard/g\" /etc/php-fpm.d/www.conf\n sed -i \"s/user\\s*=\\s*apache/user = restyaboard/g\" /etc/php-fpm.d/www.conf\n sed -i \"0,/group\\s*=\\s*apache/s//group = restyaboard/g\" /etc/php-fpm.d/www.conf\n fi\n chown -R restyaboard:restyaboard $RESTYABOARD_DIR\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/media\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/media;\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/client/img\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/client/img;\n chown -R restyaboard:restyaboard \"$RESTYABOARD_DIR/tmp/cache\"\n chmod -R u=rwX,g=rX,o= $RESTYABOARD_DIR/tmp/cache;\n chmod +x $RESTYABOARD_DIR/server/php/shell/main.sh\n change_permission\n\n psql_connect\n \n echo \"Changing PostgreSQL database name, user and password...\"\n sed -i \"s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${POSTGRES_DBNAME}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_USER'.*$/define('R_DB_USER', '${POSTGRES_DBUSER}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', '${POSTGRES_DBPASS}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${POSTGRES_DBHOST}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n sed -i \"s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${POSTGRES_DBPORT}');/g\" \"$RESTYABOARD_DIR/server/php/config.inc.php\"\n \n echo \"Setting up cron for every 5 minutes..\"\n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n echo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/crontabs/root\n else\n echo \"*/5 * * * * $RESTYABOARD_DIR/server/php/shell/main.sh > /dev/null 2> /dev/null\" >> /var/spool/cron/root\n fi\n php_fpm_reset\n \n if ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n then\n service nginx restart\n service php7.4-fpm restart\n else\n if [ -f \"/bin/systemctl\" ]; then\n echo \"Starting services with systemd...\"\n systemctl restart nginx\n systemctl restart php-fpm\n else\n echo \"Starting services...\"\n /etc/init.d/php-fpm restart\n /etc/init.d/nginx restart\n fi\n fi\n set_db_connection\n\t\t/bin/echo \"$RESTYABOARD_VERSION\" > ${DOWNLOAD_DIR}/release\n\t\tif ([ \"$OS_REQUIREMENT\" = \"Ubuntu\" ] || [ \"$OS_REQUIREMENT\" = \"Debian\" ] || [ \"$OS_REQUIREMENT\" = \"LinuxMint\" ] || [ \"$OS_REQUIREMENT\" = \"Raspbian\" ])\n\t\tthen\n\t\t\tssl_connectivity\n\t\telse\n\t\t\tssl_connectivity\n\t\tfi\n\t\tif ([ \"$OS_REQUIREMENT\" = \"CentOS\" ] && [ \"$OS_VERSION\" = \"8\" ])\n then\n\t\t\tsemanage permissive -a httpd_t\n\t\tfi\n\t\tset +x\n\t\techo \"Checking Hosting...\"\n\t\tresponse=$(curl -H Metadata:true http://169.254.169.254/metadata/instance?api-version=2017-04-02 --write-out %{http_code} --connect-timeout 10 --max-time 10 --silent --output /dev/null)\n\t\t\n\t\tif [ -f /etc/ImageMagick-6/policy.xml ]; then\n \t\tsed -i -e 's///g' /etc/ImageMagick-6/policy.xml\n\t\tfi\n\n\t\tif [ -f /etc/ImageMagick/policy.xml ]; then\n\t\t\tsed -i -e 's///g' /etc/ImageMagick/policy.xml\n\t\tfi\n\n\t\tif [ ${response} -eq 200 ];then\n\t\t\techo \"Note: PHP Mailer will not work in Azure. Kindly use external SMTP mail server.\"\n\t\tfi\n\t\tset +x\n\t\tcurl -v -L -G -d \"app=board&os=${os}&version=${version}\" -k \"https://restya.com/success_installation.php\"\n\t\techo \"Restyaboard URL : $IPADDR\"\n\n\t\techo \"Login with username admin and password restya\"\n\t\texit 1\n\t}\n\tmain\n\terror=$?\n\tos=$(lsb_release -i -s)\n\tcurl -v -L -G -d \"app=board&os=${os}&error=${error}\" -k \"https://restya.com/error_installation.php\"\n\techo \"If you're finding it difficult to install Restyaboard from your end, we do also offer installation support that you may consider https://restya.com/contact\"\n\texit 1\n} 2>&1 | tee -a /tmp/restyaboard_install.log", "user_defined_fields": [] }, { "id": 912264, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Rocket.Chat One-Click", "description": "Rocket.Chat One-Click", "ordinal": 97, "logo_url": "assets/rocketchat.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 1805, "deployments_active": 93, "is_public": true, "mine": false, "created": "2021-09-29T17:16:16", "updated": "2023-12-07T12:44:21", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Update system & set hostname & basic security\nset_hostname\napt_setup_update\nufw_install\nufw allow 443\nufw allow 80\nufw allow 3000\nfail2ban_install\n\n# Snapd & rocketchat install\napt install snapd -y\nsnap install rocketchat-server\nsnap info rocketchat-server\n\n# Check DNS\ncheck_dns_propagation \"${FQDN}\" \"${IP}\"\n# SSL\nsnap set rocketchat-server siteurl=https://$FQDN\nsystemctl enable --now snap.rocketchat-server.rocketchat-caddy \nsnap restart rocketchat-server\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for the SOA", "default": "" } ] }, { "id": 609048, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Ruby on Rails One-Click", "description": "Ruby on Rails One-Click", "ordinal": 98, "logo_url": "assets/rubyonrails.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 458, "deployments_active": 20, "is_public": true, "mine": false, "created": "2019-11-05T07:22:54", "updated": "2023-11-23T04:19:22", "rev_note": "Initial import", "script": "#!/bin/bash\n#\n\nsource \nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Set hostname, configure apt and perform update/upgrade\nset_hostname\napt_setup_update\n\n# Install Ruby on Rails\napt install -y ruby rails\n\n# Configure rails Directory\nmkdir /home/railsapp\ncd /home/railsapp\nrails new $RAILSAPP\ncd $RAILSAPP\nrails s -b 0.0.0.0 &\n\n# Start rails app on reboot\ncrontab -l | { cat; echo \"@reboot cd /home/railsapp/app1/ && rails s -b 0.0.0.0 &\"; } | crontab -\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "railsapp", "label": "Rails Application name", "example": "railsapp" } ] }, { "id": 401703, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Rust One-Click", "description": "Rust - Latest One-Click", "ordinal": 99, "logo_url": "assets/Rust.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 2452, "deployments_active": 8, "is_public": true, "mine": false, "created": "2019-03-08T21:09:34", "updated": "2023-12-05T18:23:42", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \nsource \n\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\nGAMESERVER=\"rustserver\"\n\nset_hostname\napt_setup_update\n\n\nif [[ \"$RUSTHOSTNAME\" = \"\" ]]; then\n RUSTHOSTNAME=\"Linode Rust Server\"\nfi\n\nif [[ \"$LEVEL\" = \"Procedural Map\" ]]; then\n LEVEL=\"\"\nfi\n\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix curl \\\nwget file bzip2 gzip unzip bsdmainutils python \\\nutil-linux ca-certificates binutils bc jq tmux \\\nlib32gcc1 libstdc++6 libstdc++6:i386 lib32z1\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install Rust\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\n#Game Config Options\n\ncp /home/rustserver/lgsm/config-lgsm/rustserver/_default.cfg /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nchown -R rustserver:rustserver /home/rustserver/\n\necho \"server.globalchat $GLOBALCHAT/\" > /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.pve $PVE\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.description \\\"$DESCRIPTION\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.maxplayers $MAXPLAYERS\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.seed \\\"$SEED\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.level $LEVEL\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.hostname \\\"$RUSTHOSTNAME\\\"\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\necho \"server.ip $IP\" >> /home/rustserver/serverfiles/server/rustserver/cfg/server.cfg\nsed -i \"s/rconpassword=\\\"CHANGE_ME\\\"/rconpassword=\\\"$RCONPASSWORD\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nsed -i \"s/worldsize=\\\"3000\\\"/worldsize=\\\"$WORLDSIZE\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\nsed -i \"s/maxplayers=\\\"50\\\"/maxplayers=\\\"$MAXPLAYERS\\\"/\" /home/rustserver/lgsm/config-lgsm/rustserver/common.cfg\n\n\n# Start the service and setup firewall\nufw allow 28015\nufw allow 28016\n\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup", "user_defined_fields": [ { "name": "rusthostname", "label": "Server Hostname", "default": "Linode Rust Server" }, { "name": "description", "label": "Server Description", "default": "Powered by Linode!" }, { "name": "rconpassword", "label": "RCON Password" }, { "name": "maxplayers", "label": "Maximum Players", "oneof": "10,25,50,75,100", "default": "50" }, { "name": "level", "label": "World", "oneof": "Procedural Map,Barren,HapisIsland,SavasIsland_koth", "default": "Procedural Map" }, { "name": "worldsize", "label": "World Size", "oneof": "1000,3000,6000", "default": "3000" }, { "name": "seed", "label": "Seed", "default": "50000" }, { "name": "globalchat", "label": "Global Chat Enabled", "oneof": "true,false", "default": "true" }, { "name": "pve", "label": "PvE Enabled", "oneof": "true,false", "default": "false" } ] }, { "id": 971042, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Saltcorn One-Click", "description": "Saltcorn One-Click", "ordinal": 100, "logo_url": "assets/saltcorn.svg", "images": [ "linode/ubuntu20.04", "linode/debian11" ], "deployments_total": 304, "deployments_active": 6, "is_public": true, "mine": false, "created": "2022-02-08T16:21:05", "updated": "2023-12-02T23:13:46", "rev_note": "", "script": "#!/bin/bash\n## Saltcorn Settings\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\nfunction saltcorninstall {\n wget -qO - https://deb.nodesource.com/setup_14.x | sudo bash -\n apt-get install -qqy nodejs\n npx saltcorn-install -y\n systemctl enable saltcorn\n systemctl stop saltcorn\n cat < /lib/systemd/system/saltcorn.service\n[Unit]\nDescription=saltcorn\nDocumentation=https://saltcorn.com\nAfter=network.target\n\n[Service]\nType=notify\nWatchdogSec=5\nUser=saltcorn\nWorkingDirectory=/home/saltcorn\nExecStart=/home/saltcorn/.local/bin/saltcorn serve -p 8080\nRestart=always\nEnvironment=\"NODE_ENV=production\"\n\n[Install]\nWantedBy=multi-user.target\nEND\n systemctl daemon-reload\n systemctl start saltcorn\n}\n\nfunction firewallsaltcorn {\n ufw allow 22\n ufw allow 80\n ufw allow 443\n}\n\nfunction nginxreversesaltcorn {\n apt-get install nginx -y\n cat < /etc/nginx/conf.d/saltcorn.conf\nserver {\n listen 80;\n server_name $FQDN $IP;\n\n location / {\n proxy_set_header X-Forwarded-For \\$remote_addr;\n proxy_set_header Host \\$http_host;\n proxy_pass http://localhost:8080;\n }\n}\nEND\n nginx -t\n unlink /etc/nginx/sites-enabled/default\n systemctl restart nginx\n}\n\nfunction ssl_saltcorn {\napt install certbot python3-certbot-nginx -y\ncertbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'nginx'\n}\n\nfunction main {\n saltcorninstall\n nginxreversesaltcorn\n firewallsaltcorn\n ssl_saltcorn\n\n}\n# Execute\nmain \nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address for Letsencrypt SSL", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 774829, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "ServerWand One-Click", "description": "ServerWand One-Click", "ordinal": 101, "logo_url": "assets/serverwand.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 1079, "deployments_active": 11, "is_public": true, "mine": false, "created": "2021-02-19T17:28:16", "updated": "2023-12-04T17:45:07", "rev_note": "", "script": "#!/bin/bash\n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# serverwand ssh key\nmkdir -p /root/.ssh/\nchmod 700 /root/.ssh/\ncurl https://serverwand.com/api/servers/connect > ~/.ssh/authorized_keys\nchmod 600 /root/.ssh/authorized_keys", "user_defined_fields": [] }, { "id": 1177225, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Seatable One-Click", "description": "Seatable One-Click App", "ordinal": 102, "logo_url": "assets/seatable.svg", "images": [ "linode/debian11" ], "deployments_total": 44, "deployments_active": 1, "is_public": true, "mine": false, "created": "2023-05-16T19:56:00", "updated": "2023-12-04T16:58:01", "rev_note": "", "script": "#!/bin/bash\n\n# \n# \n# \n\nsource \n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION \n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Update and basic installs\nsystem_update\ndebian_upgrade\nenable_fail2ban\nsystem_install_package ufw ca-certificates curl gnupg lsb-release curl pwgen\n\n# Install docker\nmkdir -p /etc/apt/keyrings\ncurl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg\necho \\\n \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \\\n $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null\nchmod a+r /etc/apt/keyrings/docker.gpg\napt-get -y update\napt-get -y install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose\n\n# Pull current seatable container\ndocker pull seatable/seatable-enterprise:latest\nmkdir /opt/seatable\nwget -O \"/opt/seatable/docker-compose.yml\" \"https://manual.seatable.io/docker/Enterprise-Edition/docker-compose.yml\"\n\n# Prepare SeaTable\nMYSQL_PASSWORD=`pwgen -s 30 1`\nsed -i \"s|DB_ROOT_PASSWD=.*|DB_ROOT_PASSWD=${MYSQL_PASSWORD}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|MYSQL_ROOT_PASSWORD=.*|MYSQL_ROOT_PASSWORD=${MYSQL_PASSWORD}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|SEATABLE_SERVER_LETSENCRYPT=.*|SEATABLE_SERVER_LETSENCRYPT=${LE}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|SEATABLE_SERVER_HOSTNAME=.*|SEATABLE_SERVER_HOSTNAME=${URL}|\" /opt/seatable/docker-compose.yml\nsed -i \"s|TIME_ZONE=.*|TIME_ZONE=${TIMEZONE}|\" /opt/seatable/docker-compose.yml\n\n# Add a license\nmkdir -p /opt/seatable/seatable-data/seatable\ntouch /opt/seatable/seatable-data/seatable/seatable-license.txt\ncat << EOF > /opt/seatable/seatable-data/seatable/seatable-license.txt\n#SeaTable server licence\nName = \"Cloud Trial\"\nLicencetype = \"User\"\nLicenceKEY = \"1672935702\"\nProductID = \"SeaTable server\"\nExpiration = \"2024-01-31\"\nMaxUsers = \"3\"\nMode = \"subscription\"\nHash = \"045af708265d7d549cad51fc2b678272a1d15ab8cbfbf05734e371504bb72b388f4441493c7bfeccce7c19ac9c6877cb8f3aecc3beebe685db007832e1c0231728a92772d45dc1c08facbc225d90776f86d34cb4154bafe7c983b6767ffb31a74b133de61edf15c170564fcefb6e457012f63b95ed4aaf6fd2e1e1cfc2ad93a682cfab2fe86f427f7d93ae9b69cbaf02a7565074a95a8c1176402f250d2e815ab206a6b65009c65d94259772ab31a00c11e5c6b57fda0fbb1b22a69734c10214594a5d7b4c88a995eaeb3a65f9aa5d163d9e5c09f73105a4ef760a8421fb66d1982da739c42808fded9a95e456090747e494b0a1aee2a40f388d9f1146051754\"\nEOF\n\n# firewall\nufw limit ssh\nufw allow 80\nufw allow 443\nufw --force enable\n\n# Message of the day\ncat << EOF > /etc/motd\n#############################\n#############################\nSeaTable Enterprise Server\n\nTo finish the installation, change to the directory /opt/seatable and follow our deployment instructions at https://manual.seatable.io/docker/Enterprise-Edition/Deploy%20SeaTable-EE%20with%20Docker/.\nYou can skip the beginning and start directly with the adjustment of the docker-compose.yml file.\n\nPlease visit https://forum.seatable.io for SeaTable community support.\n#############################\n#############################\n\nEOF\n\necho \"Installation complete\"\nall_set\nstackscript_cleanup", "user_defined_fields": [ { "name": "url", "label": "The domain/subdomain for SeaTable Server", "example": "https://seatable.example.org" }, { "name": "le", "label": "Get a Let's Encrypt certificate", "default": "True", "oneof": "True,False" }, { "name": "timezone", "label": "Choose your timezone (e.g Europe/Berlin)", "example": "Choices can be found here: http://en.wikipedia.org/wiki/List_of_tz_zones_by_name", "default": "Etc/UTC" } ] }, { "id": 604068, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Shadowsocks One-Click", "description": "Shadowsocks One-Click", "ordinal": 103, "logo_url": "assets/shadowsocks.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 9210, "deployments_active": 342, "is_public": true, "mine": false, "created": "2019-10-22T16:11:39", "updated": "2023-12-07T13:04:29", "rev_note": "final edit", "script": "#!/usr/bin/env bash\n\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n## Import the Bash StackScript Library\nsource \n\n## Import the DNS/API Functions Library\nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# Install & configure shadowsocks\nfunction install_shadowsocks {\n apt-get install shadowsocks-libev -y\n cat </etc/shadowsocks-libev/config.json\n{\n\"server\":\"$IP\",\n\"server_port\":8000,\n\"local_port\":1080,\n\"password\":\"$SHADOWPASSWORD\",\n\"timeout\":60,\n\"method\":\"aes-256-gcm\"\n}\nEND\n systemctl start shadowsocks-libev\n systemctl enable shadowsocks-libev\n systemctl restart shadowsocks-libev\n}\n\nfunction shadowsocks_firewall {\n ufw allow 8000\n}\n\nfunction main {\n install_shadowsocks\n shadowsocks_firewall\n stackscript_cleanup\n}\n\n# Execute function\nmain", "user_defined_fields": [ { "name": "shadowpassword", "label": "Shadowsocks Password", "example": "Password" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address for SOA Recorf", "default": "" } ] }, { "id": 1243780, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "SimpleX Chat One-Click", "description": "SimpleX Chat", "ordinal": 104, "logo_url": "assets/simplexchat.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 57, "deployments_active": 7, "is_public": true, "mine": false, "created": "2023-09-28T15:20:59", "updated": "2023-12-07T10:15:46", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Simplex Settings\n# \n# \n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-simplex-chat\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n\n # Simplex variables\n \n if [[ -n ${TOKEN_PASSWORD} ]]; then\n if [[ -n ${DOMAIN} && -n ${SUBDOMAIN} ]]; then\n echo \"addr: ${SUBDOMAIN}.${DOMAIN}\" >> ${group_vars}\n elif [[ -n ${DOMAIN} ]]; then\n echo \"addr: ${DOMAIN}\" >> ${group_vars}\n else\n echo \"addr: $(hostname -I | awk '{print $1}')\" >> ${group_vars}\n fi\n else\n echo \"addr: $(hostname -I | awk '{print $1}')\" >> ${group_vars}\n fi\n\n if [[ -n ${SMP_PASSWORD} ]]; then\n echo \"smp_password: ${SMP_PASSWORD}\" >> ${group_vars};\n fi\n\n if [[ -n ${XFTP_QUOTA} ]]; then\n case ${XFTP_QUOTA} in\n *gb) echo \"xftp_quota: ${XFTP_QUOTA}\" >> ${group_vars} ;;\n *) echo \"xftp_quota: ${XFTP_QUOTA}gb\" >> ${group_vars} ;;\n esac\n fi\n\n # Linode variables\n\n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n else echo \"No email entered\";\n fi\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "smp_password", "label": "Set password for smp-server.", "example": "123qwe", "default": "" }, { "name": "xftp_quota", "label": "Set xftp-server file storage quota in GB.", "example": "1/5/10/100gb", "default": "10gb" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "SOA Email", "example": "user@domain.tld", "default": "" } ] }, { "id": 869153, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Splunk One-Click", "description": "Splunk One-Click", "ordinal": 105, "logo_url": "assets/splunk.svg", "images": [ "linode/debian10", "linode/ubuntu20.04" ], "deployments_total": 958, "deployments_active": 96, "is_public": true, "mine": false, "created": "2021-07-20T19:04:43", "updated": "2023-12-07T02:04:33", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables\n\n## Splunk settings\n#\n#\n\n## Domain settings\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -xo pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and OCA Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n# Configure Splunk\nwget https://download.splunk.com/products/splunk/releases/8.2.0/linux/splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz\nwget \ntar zxvf splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz -C /opt/\nuseradd splunk --system --shell=/usr/sbin/nologin\nchown -R splunk:splunk /opt/splunk\n\napt install -y expect\n SPLUNK_INSTALL=$(expect -c \"\n set timeout 10\n spawn /opt/splunk/bin/splunk enable boot-start -user splunk -systemd-managed 1 --accept-license\n expect \\\"Please enter an administrator username:\\\"\n send \\\"$SPLUNK_USER\\r\\\"\n expect \\\"Please enter a new password:\\\"\n send \\\"$SPLUNK_PASSWORD\\r\\\"\n expect \\\"Please confirm new password:\\\"\n send \\\"$SPLUNK_PASSWORD\\r\\\"\n expect eof\n \")\n\n# Start daemon\nsystemctl start Splunkd\nsystemctl status Splunkd\n\n# Firewall\nufw allow 22 \nufw allow 8000\nufw allow 8089\nufw allow 9997\n\n# Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "splunk_user", "label": "Splunk Admin User" }, { "name": "splunk_password", "label": "Splunk Admin password" }, { "name": "token_password", "label": "Your Linode API token. This is required in order to create DNS records.", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Admin Email for the server", "default": "" }, { "name": "username", "label": "The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)", "example": "user1", "default": "" }, { "name": "password", "label": "The password for the Linode's admin/SSH user", "example": "S3cuReP@s$w0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key used to securely access the Linode via SSH", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 1102904, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Superinsight One-Click", "description": "Superinsight One-Click app", "ordinal": 106, "logo_url": "assets/superinsight.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 29, "deployments_active": 1, "is_public": true, "mine": false, "created": "2022-12-20T17:43:01", "updated": "2023-12-03T07:53:56", "rev_note": "", "script": "#!/usr/bin/bash\n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\n# Add Logging to /var/log/stackscript.log for future troubleshooting\nexec 1> >(tee -a \"/var/log/stackscript.log\") 2>&1\n# System Updates updates\napt-get -o Acquire::ForceIPv4=true update -y\n## END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Install docker\ncurl -fsSL get.docker.com | sudo sh\n\n# Creating Password\necho \"Superinsight setting up password....\"\nADMIN_PASSWORD=$(openssl rand -hex 12)\nNODE_IP=$(hostname -I | cut -f1 -d' ')\necho \"Downloading and Installing Superinsight instance......\"\n\n# Install Superinsight\ndocker run \\\n--detach \\\n--name superinsight-db-standalone \\\n--restart always \\\n-p 5432:5432 \\\n-v vol-superinsight:/db \\\n-e SUPERINSIGHT_USER=admin \\\n-e SUPERINSIGHT_PASSWORD=\"${ADMIN_PASSWORD}\" \\\nsuperinsight/superinsight-db-standalone:latest\n\n\n# Print instructions\ncat << EOF > /etc/motd\n\n################################################################################################################################################\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tSUPERINSIGHT\n################################################################################################################################################\n\nSuperinsight created the user admin with password: ${ADMIN_PASSWORD}\nYou can can connect using a database client with the following connection string postgres://admin:${ADMIN_PASSWORD}@${NODE_IP}:5432/superinsight\nFor complete source code and information, visit: https://github.com/superinsight/superinsight-db\n\n################################################################################################################################################\nEOF", "user_defined_fields": [] }, { "id": 401705, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Terraria One-Click", "description": "Terraria One-Click", "ordinal": 107, "logo_url": "assets/Terraria.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 705, "deployments_active": 6, "is_public": true, "mine": false, "created": "2019-03-08T21:10:49", "updated": "2023-12-06T13:35:55", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/bin/bash\n#\n#\n#\n\n#Game config options\n\n#\n#\n#\n#\n#\n#\n#\n\n\n#Non-MVP config options\n#name=\"autocreate\" label=\"autocreate\" default=\"1\"/>\n#name=\"worldpath\" label=\"worldpath\" default=\"~/.local/share/Terraria/Worlds/\"/>\n#name=\"banlist\" label=\"banlist\" default=\"banlist.txt\"/>\n#name=\"priority\" label=\"priority\" default=\"1\"/>\n#name=\"upnp\" label=\"upnp\" default=\"1\"/>\n#name=\"npcstream\" label=\"npcstream\" default=\"60\"/>\n#name=\"secure\" label=\"secure\" default=\"1\"/>\n#name=\"language\" label=\"language\" default=\"en-US\"/>\n\n\nsource \nsource \nsource \nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -xo pipefail\n\nGAMESERVER=\"terrariaserver\"\n\n### UDF to config\n\nif [[ \"$DIFFICULTY\" = \"Normal\" ]]; then\n DIFFICULTY=\"0\"\nelif [[ \"$DIFFICULTY\" = \"Expert\" ]]; then\n DIFFICULTY=\"1\"\nfi\n\nset_hostname\napt_setup_update\n\n\n# Terraria specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\nsudo apt -q -y install mailutils postfix \\\ncurl wget file bzip2 gzip unzip bsdmainutils \\\npython util-linux ca-certificates binutils bc \\\njq tmux lib32gcc1 libstdc++6 libstdc++6:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\necho Requires Steam username and password to install\nsu - $GAMESERVER -c \"mkdir -p /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER\"\nsu - $GAMESERVER -c \"touch /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\nsu - $GAMESERVER -c \"echo steamuser=\\\"$STEAMUSER\\\" >> /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\nsu - $GAMESERVER -c \"echo steampass=\\''$STEAMPASSWORD'\\' >> /home/$GAMESERVER/lgsm/config-lgsm/$GAMESERVER/common.cfg\"\n\n# Install Terraria\ngame_install\n\nsed -i s/#seed=AwesomeSeed/seed=\"$SEED\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/worldname=world1/worldname=\"$WORLDNAME\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/difficulty=0/difficulty=\"$DIFFICULTY\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/maxplayers=20/maxplayers=\"$MAXPLAYERS\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/port=7777/port=\"$PORT\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/password=/password=\"$PASSWORD\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\nsed -i s/motd=.*/motd=\"$MOTD\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n\n#Non-MVP config options\n# sed -i s/autocreate=1/autocreate=\"$AUTOCREATE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/worldpath=\\~\\/\\.local\\/share\\/Terraria\\/Worlds\\//worldpath=\"$WORLDPATH\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/banlist=banlist.txt/banlist=\"$BANLIST\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/\\#priority=1/priority=\"$PRIORITY\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/#npcstream=60/npcstream=\"$NPCSTREAM\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/#upnp=1/upnp=\"$UPNP\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/secure=1/secure=\"$SECURE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n#sed -i s/language=en\\-US/language=\"$LANGUAGE\"/ home/\"$GAMESERVER\"/serverfiles/\"$GAMESERVER\".txt\n\n# Setup crons and create systemd service file\nservice_config\n\n# Start the service and setup firewall\nufw_install\nufw allow \"$PORT\"/tcp\nufw allow \"$PORT\"/udp\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup", "user_defined_fields": [ { "name": "steamuser", "label": "Steam Username", "example": "username" }, { "name": "steampassword", "label": "Steam Password, must have Steam Guard turned off for deployment", "example": "YourSteamPassword" }, { "name": "worldname", "label": "World Name", "default": "world1" }, { "name": "password", "label": "Server Password", "default": "" }, { "name": "motd", "label": "Message of the Day", "default": "Powered by Linode!" }, { "name": "difficulty", "label": "Difficulty Level", "oneof": "Normal,Expert", "default": "Normal" }, { "name": "maxplayers", "label": "Maximum Players", "oneof": "1,10,20,50,100,200,255,", "default": "20" }, { "name": "port", "label": "Port", "default": "7777" }, { "name": "seed", "label": "Seed", "default": "AwesomeSeed" } ] }, { "id": 401704, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "TF2 One-Click", "description": "TF2 One-Click", "ordinal": 108, "logo_url": "assets/TF2.svg", "images": [ "linode/debian11" ], "deployments_total": 353, "deployments_active": 2, "is_public": true, "mine": false, "created": "2019-03-08T21:10:23", "updated": "2023-11-30T21:57:13", "rev_note": "Remove SSH Pubkey UDF", "script": "#!/bin/bash\n#\n#\n#\n#\n#\n#\n#\n#\n#\n\nsource \nsource \nsource \nsource \n\nGAMESERVER=\"tf2server\"\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n### UDF to config\n\n#Autoteambalance\nif [[ \"$AUTOTEAMBALANCE\" = \"Enabled\" ]]; then\n AUTOTEAMBALANCE=1\nelif [[ \"$AUTOTEAMBALANCE\" = \"Disabled\" ]]; then\n AUTOTEAMBALANCE=0\nfi\n\nif [[ \"$SERVERNAME\" = \"\" ]]; then\n SERVERNAME=\"Linode TF2 Server\"\nfi\n\n\n# Server config\nset_hostname\napt_setup_update\n\n\n# Teamfortress2 specific dependencies\ndebconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"\ndebconf-set-selections <<< \"postfix postfix/mailname string `hostname`\"\ndpkg --add-architecture i386\napt update\napt -q -y install mailutils postfix curl wget file \\\nbzip2 gzip unzip bsdmainutils python util-linux \\\nca-certificates binutils bc jq tmux lib32gcc-s1 libstdc++6 \\\nlibstdc++6:i386 libcurl4-gnutls-dev:i386 libtcmalloc-minimal4:i386\n\n# Install linuxGSM\nlinuxgsm_install\n\n# Install Teamfortress2\ngame_install\n\n# Setup crons and create systemd service file\nservice_config\n\ncp /home/tf2server/lgsm/config-lgsm/tf2server/_default.cfg /home/tf2server/lgsm/config-lgsm/tf2server/common.cfg\n\n# Custom game configs\n> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\ncat <> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\nlog on\nsv_logbans 1\nsv_logecho 1\nsv_logfile 1\nsv_log_onefile\nEND\n\necho \"hostname $SERVERNAME\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_autoteambalance $AUTOTEAMBALANCE\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_maxrounds $MAXROUNDS\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"mp_timelimit $TIMELIMIT\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"rcon_password \\\"$RCONPASSWORD\\\"\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"sv_password \\\"$SVPASSWORD\\\"\" >> /home/tf2server/serverfiles/tf/cfg/tf2server.cfg\necho \"\\\"$MOTD\\\"\" > /home/tf2server/serverfiles/tf/cfg/motd_default.txt\n\n\n# Start the service and setup firewall\nufw_install\nufw allow 27014:27050/tcp\nufw allow 3478:4380/udp\nufw allow 27000:27030/udp\nufw allow 26901\nufw enable\nfail2ban_install\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\nstackscript_cleanup", "user_defined_fields": [ { "name": "motd", "label": "Message of the Day", "default": "Powered by Linode!" }, { "name": "servername", "label": "Server Name", "default": "Linode TF2 Server" }, { "name": "svpassword", "label": "Server Password", "default": "" }, { "name": "gslt", "label": "Game Server Login Token", "example": "Steam gameserver token. Needed to list as public server", "default": "" }, { "name": "autoteambalance", "label": "Team Balance Enabled", "oneof": "Enabled,Disabled", "default": "Enabled" }, { "name": "maxrounds", "label": "Maximum Rounds", "oneof": "1,3,5,10,15,20", "default": "5" }, { "name": "timelimit", "label": "Round Time Limit", "oneof": "10,15,35,45,60", "default": "35" }, { "name": "rconpassword", "label": "RCON password" } ] }, { "id": 1051711, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "UniFi Network Application One-Click", "description": "UniFi Network Application One-Click", "ordinal": 109, "logo_url": "assets/unifi.svg", "images": [ "linode/debian10" ], "deployments_total": 493, "deployments_active": 23, "is_public": true, "mine": false, "created": "2022-09-01T15:41:39", "updated": "2023-10-18T12:38:34", "rev_note": "", "script": "#!/bin/bash\n#\n# Script to install UniFi Controller on Linode\n# \n## Linode/SSH Security Settings\n#\n#\n#\n#\n## Domain Settings\n#\n#\n#\n## Enable logging\n\nset -x\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Register default rDNS \nexport DEFAULT_RDNS=$(dnsdomainname -A | awk '{print $1}')\n\n#set absolute domain if any, otherwise use DEFAULT_RDNS\nif [[ $DOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DEFAULT_RDNS\"\nelif [[ $SUBDOMAIN = \"\" ]]; then\n readonly ABS_DOMAIN=\"$DOMAIN\"\nelse\n readonly ABS_DOMAIN=\"$SUBDOMAIN.$DOMAIN\"\nfi\n\ncreate_a_record $SUBDOMAIN $IP $DOMAIN\n\n## install depends \nexport DEBIAN_FRONTEND=noninteractive\napt-get install apt-transport-https ca-certificates wget dirmngr gpg software-properties-common multiarch-support libcommons-daemon-java jsvc openjdk-11-jre-headless -y \n\n# install mongodb req libssl1\nwget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb\ndpkg -i libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb\n\n# install mongodb-3.4\nwget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | apt-key add -\necho \"deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/3.4 main\" | tee /etc/apt/sources.list.d/mongodb-org-3.4.list\napt update && apt upgrade -y\napt install mongodb-org -y \n \n# install latest UniFi Controller \necho 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list\nsudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg \napt update && apt install unifi -yq \n\n## install nginx reverse-proxy \napt install nginx -y \n\n#configure nginx reverse proxy\nrm /etc/nginx/sites-enabled/default\ntouch /etc/nginx/sites-available/reverse-proxy.conf\ncat < /etc/nginx/sites-available/reverse-proxy.conf\nserver {\n listen 80;\n listen [::]:80;\n server_name ${ABS_DOMAIN};\n\n access_log /var/log/nginx/reverse-access.log;\n error_log /var/log/nginx/reverse-error.log;\n location /wss/ {\n proxy_pass https://localhost:8443;\n proxy_http_version 1.1;\n proxy_buffering off;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection \"Upgrade\";\n proxy_read_timeout 86400;\n }\n location / {\n proxy_pass https://localhost:8443;\n proxy_set_header Host \\$host;\n proxy_set_header X-Real-IP \\$remote_addr;\n proxy_set_header X-Forward-For \\$proxy_add_x_forwarded_for;\n }\n}\nEND\nln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf\n\n#enable and start nginx\nsystemctl enable nginx\nsystemctl restart nginx \n\n## UFW rules \nufw allow http\nufw allow https\nufw allow 53\nufw allow 3479/udp\nufw allow 5514/udp\nufw allow 8080/tcp\nufw allow 8443/tcp\nufw allow 8880/tcp\nufw allow 8843/tcp\nufw allow 27117/tcp\nufw allow 5656:5699/udp\nufw allow 10001/udp \nufw allow 1900/udp\nufw allow 123/udp\nufw enable \n\nsleep 60 \n\n## install SSL certs. required \napt install python3-certbot-nginx -y \ncertbot run --non-interactive --nginx --agree-tos --redirect -d ${ABS_DOMAIN} -m ${SOA_EMAIL_ADDRESS} -w /var/www/html/\n \n## add some details \ncat << EOF > /etc/motd\n###################\n\n The installation is now complete, and you can access the UniFi Network Controller GUI from https://${ABS_DOMAIN}\n We recommend using the GUI to complete your configurations of the service\n\n################### \nEOF\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode.", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 970523, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Uptime Kuma One-Click", "description": "Uptime Kuma One-Click", "ordinal": 110, "logo_url": "assets/uptimekuma.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 2271, "deployments_active": 396, "is_public": true, "mine": false, "created": "2022-02-07T16:06:08", "updated": "2023-12-07T12:53:44", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n## KUMA Settings \n#\n\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-uptimekuma\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n\n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n # Uptimekuma vars\n \n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n \n\n # populate group_vars\n udf\n # run playbooks\n for playbook in site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" } ] }, { "id": 925530, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "UTunnel VPN One-Click", "description": "UTunnel VPN One-Click", "ordinal": 111, "logo_url": "assets/utunnel.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 1191, "deployments_active": 16, "is_public": true, "mine": false, "created": "2021-10-25T18:55:37", "updated": "2023-12-07T12:38:27", "rev_note": "", "script": "#!/bin/bash\n# Update the packages on the system from the distribution repositories.\t\napt-get update\nDEBIAN_FRONTEND=noninteractive apt-get upgrade -y\n\n# Install pre-requisites for docker-ce\n\nDEBIAN_FRONTEND=noninteractive apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common\n\n#Add Docker official GPG key\n\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -\n\n#Add repository\n\nadd-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\"\n\n# Download and install utnservice\n\nmkdir /utunnel\n\ncd /utunnel \n\nwget https://files.utunnel.io/production/deploy/install_bundle_20.tar\n\ntar -xf install_bundle_20.tar\n\nrm -f install_bundle_20.tar", "user_defined_fields": [] }, { "id": 781317, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Valheim One-Click", "description": "Valheim One-Click", "ordinal": 112, "logo_url": "assets/valheim.svg", "images": [ "linode/debian10" ], "deployments_total": 2425, "deployments_active": 51, "is_public": true, "mine": false, "created": "2021-03-01T13:26:36", "updated": "2023-12-07T02:11:35", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables\n\n## Valheim Server Settings - Required\n#\n#\n\n## Linode/SSH Security Settings - Required\n#\n#\n\n## Linode/SSH Settings - Optional\n#\n#\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nset -o pipefail\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Linode Bash StackScript, API, and LinuxGSM Helper libraries\nsource \nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\n[ ! $USERNAME ] && USERNAME='lgsmuser'\nsource \n\n\n# Download and install dependencies\ndpkg --add-architecture i386\nsystem_update\nsystem_install_package curl wget file tar expect bzip2 gzip unzip \\\n bsdmainutils python util-linux ca-certificates \\\n binutils bc jq tmux netcat lib32gcc1 lib32stdc++6 \\\n libc6-dev libsdl2-2.0-0:i386\n\n\n# Open the needed firewall ports\nufw allow 2456:2458/udp\nufw allow 4380/udp\nufw allow 27000:27030/udp\n\n# Install linuxGSM\nGAMESERVER='vhserver'\nv_linuxgsm_oneclick_install \"$GAMESERVER\" \"$USERNAME\"\n\n# Set the Valheim dedicated server's name and password\ncat /home/$USERNAME/lgsm/config-lgsm/vhserver/_default.cfg >> /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\nsed -i \"s/servername=\\\"Valheim Server\\\"/servername=\\\"$SERVER_NAME\\\"/\" /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\nsed -i \"s/serverpassword=\\\"\\\"/serverpassword=\\\"$SERVER_PASSWORD\\\"/\" /home/$USERNAME/lgsm/config-lgsm/vhserver/vhserver.cfg\n\n# Start and enable the Valheim services\nsystemctl start \"$GAMESERVER\".service\nsystemctl enable \"$GAMESERVER\".service\n\n# Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "server_name", "label": "The name of the Valheim dedicated server" }, { "name": "server_password", "label": "The password for the Valheim dedicated server", "example": "S3cuReP@s$w0rd" }, { "name": "username", "label": "The username for the Linode's admin/SSH user (Please ensure that the username entered does not contain any uppercase characters)", "example": "lgsmuser" }, { "name": "password", "label": "The password for the Linode's admin/SSH user", "example": "S3cuReP@s$w0rd" }, { "name": "pubkey", "label": "The SSH Public Key used to securely access the Linode via SSH", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 954759, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "VictoriaMetrics Single One-Click", "description": "VictoriaMetrics Single", "ordinal": 113, "logo_url": "assets/victoriametricssingle.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 39, "deployments_active": 4, "is_public": true, "mine": false, "created": "2022-01-06T18:53:56", "updated": "2023-10-18T12:38:34", "rev_note": "", "script": "#!/bin/bash\n# \nsource \nsystem_set_hostname \"$HOSTNAME\"\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nexport DEBIAN_FRONTEND=noninteractive\napt update && apt upgrade -y && apt install -y curl wget net-tools traceroute jq\n# Generate files\nmkdir -p /etc/victoriametrics/single\nmkdir -p /var/lib/victoria-metrics-data\nmkdir -p /var/lib/cloud/scripts/per-instance\n# Create victoriametrics user\ngroupadd -r victoriametrics\nuseradd -g victoriametrics -d /var/lib/victoria-metrics-data -s /sbin/nologin --system victoriametrics\nchown -R victoriametrics:victoriametrics /var/lib/victoria-metrics-data\n# Install VictoriaMetrics Single\nVM_VERSION=`curl -sg \"https://api.github.com/repos/VictoriaMetrics/VictoriaMetrics/tags\" | jq -r '.[0].name'`\nwget https://github.com/VictoriaMetrics/VictoriaMetrics/releases/download/${VM_VERSION}/victoria-metrics-linux-amd64-${VM_VERSION}.tar.gz -O /tmp/victoria-metrics.tar.gz\ntar xvf /tmp/victoria-metrics.tar.gz -C /usr/bin\nchmod +x /usr/bin/victoria-metrics-prod\nchown root:root /usr/bin/victoria-metrics-prod\ntouch /etc/victoriametrics/single/scrape.yml\nchown root:root /etc/victoriametrics/single/scrape.yml\ncat </etc/systemd/system/vmsingle.service\n[Unit]\nDescription=VictoriaMetrics is a fast, cost-effective and scalable monitoring solution and time series database.\n# https://docs.victoriametrics.com\nAfter=network.target\n[Service]\nType=simple\nUser=victoriametrics\nGroup=victoriametrics\nWorkingDirectory=/var/lib/victoria-metrics-data\nStartLimitBurst=5\nStartLimitInterval=0\nRestart=on-failure\nRestartSec=5\nEnvironmentFile=-/etc/victoriametrics/single/victoriametrics.conf\nExecStart=/usr/bin/victoria-metrics-prod \\$ARGS\nExecStop=/bin/kill -s SIGTERM \\$MAINPID\nExecReload=/bin/kill -HUP \\$MAINPID\n# See docs https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html#tuning\nProtectSystem=full\nLimitNOFILE=1048576\nLimitNPROC=1048576\nLimitCORE=infinity\nStandardOutput=syslog\nStandardError=syslog\nSyslogIdentifier=vmsingle\n[Install]\nWantedBy=multi-user.target\nEND\ncat </etc/victoriametrics/single/victoriametrics.conf\n# See https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html#list-of-command-line-flags to get more information about supported command-line flags\n# \n# If you use IPv6 pleas add \"-enableTCP6\" to args line\nARGS=\"-promscrape.config=/etc/victoriametrics/single/scrape.yml -storageDataPath=/var/lib/victoria-metrics-data -retentionPeriod=12 -httpListenAddr=:8428 -graphiteListenAddr=:2003 -opentsdbListenAddr=:4242 -influxListenAddr=:8089 -enableTCP6\"\nEND\ncat < /etc/profile.d/victoriametrics_welcome.sh\n#!/bin/sh\n#\nmyip=$(hostname -I | awk '{print$1}')\n******************************************************************************** \nWelcome to VictoriaMetrics Single.\nTo keep this server secure, the UFW firewall is enabled.\nAll ports are BLOCKED except 22 (SSH), 80 (HTTP), and 443 (HTTPS), 8428 (VictoriaMetrics HTTP), 8089 (VictoriaMetrics Influx),\n4242 (VictoriaMetrics OpenTSDB), 2003 (VictoriaMetrics Graphite)\nIn a web browser, you can view:\n * The VictoriaMetrics Quickstart guide: https://kutt.it/1click-quickstart\nOn the server:\n * The default VictoriaMetrics root is located at /var/lib/victoria-metrics-data\n * VictoriaMetrics is running on ports: 8428, 8089, 4242, 2003 and they are bound to the local interface.\n********************************************************************************\n # This image includes version v1.74.0 of VictoriaMetrics. \n # See Release notes https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.70.0\n # Welcome to VictoriaMetrics droplet!\n # Website: https://victoriametrics.com\n # Documentation: https://docs.victoriametrics.com\n # VictoriaMetrics Github : https://github.com/VictoriaMetrics/VictoriaMetrics\n # VictoriaMetrics Slack Community: https://slack.victoriametrics.com\n # VictoriaMetrics Telegram Community: https://t.me/VictoriaMetrics_en\n # VictoriaMetrics config: /etc/victoriametrics/single/victoriametrics.conf\n # VictoriaMetrics scrape config: /etc/victoriametrics/single/scrape.yml\n # VictoriaMetrics UI accessable on: http://your_droplet_public_ipv4:8428/vmui/\nEND\n# Enable UFW and add some rules to it\nsed -e 's|DEFAULT_FORWARD_POLICY=.*|DEFAULT_FORWARD_POLICY=\"ACCEPT\"|g' \\\n -i /etc/default/ufw\nufw allow ssh comment \"SSH port\"\nufw allow http comment \"HTTP port\"\nufw allow https comment \"HTTPS port\"\nufw allow 8428 comment \"VictoriaMetrics Single HTTP port\"\nufw allow 8089/tcp comment \"TCP Influx Listen port for VictoriaMetrics\"\nufw allow 8089/udp comment \"UDP Influx Listen port for VictoriaMetrics\"\nufw allow 2003/tcp comment \"TCP Graphite Listen port for VictoriaMetrics\"\nufw allow 2003/udp comment \"UDP Graphite Listen port for VictoriaMetrics\"\nufw allow 4242 comment \"OpenTSDB Listen port for VictoriaMetrics\"\nufw --force enable\n# Cleaning up\nrm -rf /tmp/* /var/tmp/*\nhistory -c\ncat /dev/null > /root/.bash_history\nunset HISTFILE\nfind /var/log -mtime -1 -type f ! -name 'stackscript.log' -exec truncate -s 0 {} \\;\n# Start VictoriaMetrics\nsystemctl enable vmsingle.service\nsystemctl start vmsingle.service\necho \"Installation complete!\"", "user_defined_fields": [ { "name": "hostname", "label": "Hostname" } ] }, { "id": 662117, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Virtualmin One-Click", "description": "Virtualmin One-Click", "ordinal": 114, "logo_url": "assets/virtualmin.svg", "images": [ "linode/debian10", "linode/ubuntu22.04" ], "deployments_total": 2203, "deployments_active": 139, "is_public": true, "mine": false, "created": "2020-08-12T15:46:13", "updated": "2023-12-06T13:31:08", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables for the StackScript\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nIFS=$'\\n\\t'\n\n## Import the Bash StackScript and API/DNS Libraries\nsource \nsource \n\n# Import the OCA Helper Functions\nsource \n\nfunction install_virtualmin {\n if [ $(cat /etc/os-release | grep -i 'ubuntu' )]; then\n if [ ! $(cat /etc/os-release | grep -i 'lts') ]; then\n printf \"Virtualmin only works with LTS versions of Ubuntu\\n\"\n exit 1;\n fi\n else\n wget http://software.virtualmin.com/gpl/scripts/virtualmin-install.sh -O /root/virtualmin-install.sh && {\n chmod +x /root/virtualmin-install.sh\n /bin/sh /root/virtualmin-install.sh -f -v\n }\n fi\n}\n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n## Configure firewall and install Fail2Ban\nufw_install\nufw allow http\nufw allow https\nufw allow 10000\nfail2ban_install\n\n# Install Webmin and Virtualmin\nsource \ninstall_virtualmin\n\n# Disable SSL so that everything works\nsed -i 's/^ssl=1/ssl=0/g' /etc/webmin/miniserv.conf\n\n# Restart Webmin\nsystemctl restart webmin\n\n# Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "pwless_sudo", "label": "Enable passwordless sudo access for the limited user?", "oneof": "Yes,No", "default": "No" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "auto_updates", "label": "Configure automatic security updates?", "oneof": "Yes,No", "default": "No" }, { "name": "fail2ban", "label": "Use fail2ban to prevent automated intrusion attempts?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your DNS records", "default": "" }, { "name": "subdomain", "label": "The subdomain for your server", "default": "" }, { "name": "domain", "label": "Your domain", "default": "" }, { "name": "soa_email_address", "label": "Admin Email for the server", "default": "" }, { "name": "mx", "label": "Do you need an MX record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" }, { "name": "spf", "label": "Do you need an SPF record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" } ] }, { "id": 688903, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "VS Code Server One-Click", "description": "Visual Studio Code One-Click", "ordinal": 115, "logo_url": "assets/vscodeserver.svg", "images": [ "linode/debian10" ], "deployments_total": 5256, "deployments_active": 123, "is_public": true, "mine": false, "created": "2020-11-17T21:10:25", "updated": "2023-12-07T15:40:23", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## VS Code Server OCA Script\n\n### UDF Variables\n\n## VS Code Web Password\n#\n#\n\n## User and SSH Security\n#\n#\n#\n#\n\n## Domain\n#\n#\n#\n#\n\n## Let's Encrypt SSL\n#\n\n\n### Logging and other debugging helpers\n\n# Enable logging for the StackScript\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Source the Bash StackScript Library and the API functions for DNS\nsource \nsource \n\n# Source and run the New Linode Setup script for DNS/SSH configuration\nsource \n\n\nfunction get_code_server {\n local -r username=\"$1\" vs_code_ver=\"$2\"\n\n cd \"/home/$username\"\n\n wget \"https://github.com/cdr/code-server/releases/download/v${vs_code_ver}/code-server-${vs_code_ver}-linux-amd64.tar.gz\"\n tar -xf \"code-server-${vs_code_ver}-linux-amd64.tar.gz\"\n mv code-server-*/ bin/\n\n chown -R \"${username}:${username}\" bin/\n chmod +x bin/code-server\n mkdir data/\n chown -R \"${username}:${username}\" data/\n\n cd /root/\n}\n\nfunction enable_code_service {\n local -r vs_code_password=\"$1\" username=\"$2\"\n\n # Set the password in /etc/systemd/system/code-server.service\n cat << EOF > /etc/systemd/system/code-server.service\n[Unit]\nDescription=code-server\nAfter=nginx.service\n[Service]\nUser=$username\nWorkingDirectory=/home/$username\nEnvironment=PASSWORD=$vs_code_password\nExecStart=/home/${username}/bin/code-server --host 127.0.0.1 --user-data-dir /home/${username}/data --auth password\nRestart=always\n[Install]\nWantedBy=multi-user.target\nEOF\n\n # Enable code-server as a service\n systemctl daemon-reload\n systemctl start code-server\n systemctl enable code-server\n}\n\nfunction certbot_standalone {\n local -r email_address=\"$1\" ssl_domain=\"$2\"\n\n # Get an SSL certificate from CertBot\n system_install_package \"certbot\"\n certbot -n certonly --standalone --agree-tos -m \"$email_address\" -d \"$ssl_domain\"\n}\n\nfunction nginx_reverse_proxy {\n local -r ssl_domain=\"$1\"\n\n ## Setup a reverse proxy with Nginx\n system_install_package \"nginx\"\n\n cat << EOF > /etc/nginx/sites-available/code-server\nserver {\n listen 80;\n server_name $ssl_domain;\n # enforce https\n return 301 https://\\$server_name:443\\$request_uri;\n}\nserver {\n listen 443 ssl http2;\n server_name $ssl_domain;\n ssl_certificate /etc/letsencrypt/live/${ssl_domain}/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/${ssl_domain}/privkey.pem;\n location / {\n proxy_pass http://127.0.0.1:8080/;\n proxy_set_header Host \\$host;\n proxy_set_header Upgrade \\$http_upgrade;\n proxy_set_header Connection upgrade;\n proxy_set_header Accept-Encoding gzip;\n }\n}\nEOF\n\n ln -s /etc/nginx/sites-available/code-server /etc/nginx/sites-enabled\n nginx -t\n systemctl restart nginx\n}\n\n### Install UFW and open the needed firewall ports\nufw allow 80,443/tcp\n\n### Install and configure VS Code Server\nget_code_server \"$USERNAME\" \"$VS_CODE_VER\"\nenable_code_service \"$VS_CODE_PASSWORD\" \"$USERNAME\"\ncheck_dns_propagation \"$FQDN\" \"$IP\"\ncertbot_standalone \"$SOA_EMAIL_ADDRESS\" \"$FQDN\"\nnginx_reverse_proxy \"$FQDN\"\n\n### Clean up\nstackscript_cleanup", "user_defined_fields": [ { "name": "vs_code_password", "label": "The password to login to the VS Code Web UI" }, { "name": "vs_code_ver", "label": "The version of VS Code Server you'd like installed", "default": "3.10.2" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "disable_root", "label": "Would you like to disable root login over SSH? (Recommended)", "oneof": "Yes,No", "default": "Yes" }, { "name": "token_password", "label": "Your Linode API token - This is required for creating DNS records", "default": "" }, { "name": "domain", "label": "The domain for the Linode's DNS record (Requires API token)", "default": "" }, { "name": "subdomain", "label": "The subdomain for the Linode's DNS record (Requires API token and domain)", "default": "" }, { "name": "soa_email_address", "label": "Your email address for your VirtualHost configuration, DNS records (If Required), and SSL certificates (If Required)." }, { "name": "ssl", "label": "Would you like to use a free Let's Encrypt SSL certificate? (Uses the Linode's default rDNS if no domain is specified above", "oneof": "Yes,No", "default": "No" } ] }, { "id": 923037, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "WarpSpeed One-Click", "description": "WarpSpeed One-Click", "ordinal": 116, "logo_url": "assets/warpspeed.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 880, "deployments_active": 19, "is_public": true, "mine": false, "created": "2021-10-18T01:12:49", "updated": "2023-12-06T00:07:58", "rev_note": "", "script": "#!/bin/bash\nset -o errexit\nset -o nounset\nset -o pipefail\nset -o xtrace\n\n# \n# \n# \n# \n\n## REQUIRED IN EVERY MARKETPLACE SUBMISSION\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nexport DEBIAN_FRONTEND=\"noninteractive\"\napt-get \\\n -o 'Acquire::ForceIPv4=true' \\\n --yes \\\n update\n\napt-get \\\n -o 'DPkg::options::=--force-confdef' \\\n -o 'DPkg::options::=--force-confold' \\\n --yes \\\n install grub-pc\n\napt-get \\\n -o Acquire::ForceIPv4=true \\\n --yes \\\n update\n# # END OF REQUIRED CODE FOR MARKETPLACE SUBMISSION\n\n# Handle the arguments.\nWIRESPEED_ADMIN_EMAIL=\"$(echo -e \"${WIRESPEED_ADMIN_EMAIL}\" | tr --delete '[:space:]')\"\nWIRESPEED_HTTP_HOST=\"$(echo -e \"${WIRESPEED_HTTP_HOST}\" | tr --delete '[:space:]')\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//\\//}\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//https:/}\"\nWIRESPEED_HTTP_HOST=\"${WIRESPEED_HTTP_HOST//http:/}\"\n\nif [[ -z \"${WIRESPEED_ADMIN_EMAIL}\" ]]; then\n echo \"Missing required parameter: admin email\"\n exit 101\nfi\n\nif [[ -z \"${WIRESPEED_HTTP_HOST}\" ]]; then\n echo \"Missing required parameter: http host\"\n exit 102\nfi\n\nif [[ -z \"${WIRESPEED_DATA_DIR}\" ]]; then\n WIRESPEED_DATA_DIR=\"/wirespeed\"\nfi\n\n# Set hostname\nIP=\"$(hostname --all-ip-addresses | awk '{ print $1 }')\"\nhostnamectl set-hostname \"${WIRESPEED_HTTP_HOST}\"\necho \"${IP} ${WIRESPEED_HTTP_HOST}\" >>/etc/hosts\n\nwget https://bunker.services/wirespeed-installer.sh\nchmod +x wirespeed-installer.sh\n./wirespeed-installer.sh \\\n \"${WIRESPEED_HTTP_HOST}\" \\\n \"${WIRESPEED_DATA_DIR}\" \\\n \"${WIRESPEED_ADMIN_EMAIL}\" \\\n \"${WIRESPEED_ADMIN_PASSWORD}\" \\\n --non-interactive\n\n# Force IPv4 and noninteractive upgrade after script runs to prevent breaking nf_conntrack for UFW\necho 'Acquire::ForceIPv4 \"true\";' >/etc/apt/apt.conf.d/99force-ipv4\napt-get upgrade --yes\n\nfor file in /root/StackScript /root/ssinclude* /root/wirespeed-installer.sh; do\n rm \"${file}\"\ndone\n\necho 'WireSpeed Installation complete!'", "user_defined_fields": [ { "name": "wirespeed_admin_email", "label": "Admin Email", "default": "", "example": "it@example.com" }, { "name": "wirespeed_admin_password", "label": "Admin Password", "default": "", "example": "Password" }, { "name": "wirespeed_http_host", "label": "DNS Name", "default": "", "example": "vpn.example.com" }, { "name": "wirespeed_data_dir", "label": "Data Directory", "default": "/wirespeed", "example": "/wirespeed" } ] }, { "id": 913276, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Wazuh One-Click", "description": "Wazuh One-Click", "ordinal": 117, "logo_url": "assets/wazuh.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 5340, "deployments_active": 836, "is_public": true, "mine": false, "created": "2021-09-30T18:27:36", "updated": "2023-12-07T16:02:33", "rev_note": "", "script": "#!/bin/bash\n\n# #\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings \n#\n#\n#\n\n## Enable logging\n# set -o pipefail\nset -x\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n## Import the Bash StackScript Library\nsource \n## Import the DNS/API Functions Library\nsource \n## Import the OCA Helper Functions\nsource \n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\n# UFW https://documentation.wazuh.com/current/getting-started/architecture.html\nufw allow 1514\nufw allow 1515\nufw allow 1516\nufw allow 514\nufw allow 55000\nufw allow 443\nufw allow 80\nufw allow 9200\nufw allow 9300\n\n# NGINX\napt install git nginx certbot python3-certbot-nginx -y\n\nmkdir -p /var/www/certs/.well-known\nchown -R www-data:www-data /var/www/certs/\ncat < /etc/nginx/sites-available/$FQDN\nserver {\n listen 80;\n listen [::]:80;\n server_name $FQDN;\n root /var/www/certs;\n location / {\n try_files \\$uri \\$uri/ =404;\n }\n# allow .well-known\n location ^~ /.well-known {\n allow all;\n auth_basic off;\n alias /var/www/certs/.well-known;\n }\n}\nEOF\nln -s /etc/nginx/sites-available/$FQDN /etc/nginx/sites-enabled/$FQDN\nunlink /etc/nginx/sites-enabled/default\nsystemctl restart nginx\n\n# SSL Certbot\n#certbot certonly --agree-tos --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n\nfunction get_cert {\n if [ \"$1\" == \"dry_run\" ]; then\n certbot certonly --dry-run --agree-tos --non-interactive --no-eff-email --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n return $?\n elif [ \"$1\" == \"run\" ]; then\n certbot certonly --agree-tos --non-interactive --no-eff-email --webroot --webroot-path=/var/www/certs -d $FQDN -m $SOA_EMAIL_ADDRESS\n return $?\n fi\n}\n\nfunction propagate {\n while [[ $count -le $retries ]]; do\n echo \"[Info] Let's Encrypt validation failed. Retrying...\"\n sleep 5\n count=$(( $count + 1 ))\n get_cert dry_run\n\n if [ $? -eq 0 ]; then\n echo \"[Info] Dry run successful..\"\n get_cert run\n return 0\n \n fi\n\n # no more retries left. Exit\n if [[ $count -eq $retries ]]; then\n echo \"[Error] Unable to get Let's Encrypt certificate for $FQDN\"\n return 1\n fi\n done\n}\n\ncount=1\nretries=24\nget_cert dry_run\nif [ $? -eq 0 ]; then\n echo \"[Info] Dry run successful. Getting certificate\"\n get_cert run\nelse\n propagate\nfi\n\n# reorder Wazuh script\ncurl -sO https://packages.wazuh.com/4.4/wazuh-install.sh && sudo bash ./wazuh-install.sh -a \ntar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt >> .deployment-secrets.txt\n\n# Set Variables\nexport WAZUH_FULL=/etc/wazuh-dashboard/certs/wazuh-dashboard.pem\nexport WAZUH_PRIVKEY=/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\n\n# Place certificates in /etc/wazuh-dashboard/certs/\ncat $FULLCHAIN > $WAZUH_FULL\ncat $PRIVKEY > $WAZUH_PRIVKEY\n\n# Restart Kibana\nservice wazuh-dashboard restart\n\n# Create Cert renewal cron script\ncat </root/certbot-renewal.sh\n#!/bin/bash\n#\n# Script to handle Certbot renewal & Kibana\n# Debug\n# set -xo pipefail\nexport WAZUH_FULL=/etc/wazuh-dashboard/certs/wazuh-dashboard.pem\nexport WAZUH_PRIVKEY=/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem\nexport FULLCHAIN=/etc/letsencrypt/live/$FQDN/fullchain.pem\nexport PRIVKEY=/etc/letsencrypt/live/$FQDN/privkey.pem\ncertbot renew\ncat $FULLCHAIN > $WAZUH_FULL\ncat $PRIVKEY > $WAZUH_PRIVKEY\nservice wazuh-dashboard restart\nEND\n\nchmod +x /root/certbot-renewal.sh\n\n# Setup Cron\ncrontab -l > cron\necho \"* 1 * * 1 bash /root/certbot-renewal.sh\" >> cron\ncrontab cron\nrm cron\n\n# Cleanup\nstackscript_cleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your WordPress server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 662116, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Webmin One-Click", "description": "Webmin One-Click", "ordinal": 118, "logo_url": "assets/webmin.svg", "images": [ "linode/debian10" ], "deployments_total": 1189, "deployments_active": 35, "is_public": true, "mine": false, "created": "2020-08-12T15:41:21", "updated": "2023-12-06T16:14:51", "rev_note": "", "script": "#!/usr/bin/env bash\n\n### UDF Variables for the StackScript\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n#\n#\n\n#Check if the script is being sourced by another script\n[[ $_ != $0 ]] && readonly SOURCED=1\n\n## Enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n## Import the Bash StackScript and API/DNS Libraries\nsource \nsource \n\n## Import the OCA Helper Functions\nsource \n\n## Run initial configuration tasks (DNS/SSH stuff, etc...)\nsource \n\nfunction webmin_install {\n # Install webmin\n echo \"deb http://download.webmin.com/download/repository sarge contrib\" >> /etc/apt/sources.list\n wget -q -O- http://www.webmin.com/jcameron-key.asc | sudo apt-key add\n system_update\n system_install_package \"webmin\"\n}\n\nfunction webmin_configure {\n local -r email_address=\"$1\"\n local -r fqdn=\"$2\"\n\n # Configure the Virtual Host\n cat < /etc/apache2/sites-available/\"${fqdn}.conf\"\n\n ServerAdmin ${email_address}\n ServerName ${fqdn}\n ProxyPass / http://localhost:10000/\n ProxyPassReverse / http://localhost:10000/\n\nEOF\n # Disable SSL in Webmin so Apache can handle it instead\n sed -i 's/^ssl=1/ssl=0/g' /etc/webmin/miniserv.conf\n\n # Add FQDN to the list of allowed domains\n echo \"referers=${fqdn}\" >> /etc/webmin/config\n\n # Restart Webmin\n systemctl restart webmin\n\n # Enable proxy_http module\n a2enmod proxy_http\n systemctl restart apache2\n\n # Enable the Virtual Host\n a2ensite \"${fqdn}\"\n systemctl reload apache2\n}\n\n\n# Open the needed firewall ports\nufw_install\nufw allow http\nufw allow https\nufw allow 10000\n\n# Make sure unzip is installed, or else the webmin install will fail\n[ ! -x /usr/bin/unzip ] && system_install_package \"unzip\"\n\n# \"${package_list[@]}\" contains a list of packages to be installed on the system\npackage_list=(\n \"gnupg1\" \\\n \"python\" \\\n \"apt-show-versions\" \\\n \"libapt-pkg-perl\" \\\n \"libauthen-pam-perl\" \\\n \"libio-pty-perl\" \\\n \"libnet-ssleay-perl\"\n)\n\n# Install all of the packages specified in ${package_list[@]}\nsystem_install_package \"${package_list[@]}\"\n\n# Intall Webmin\nwebmin_install\napache_install\nwebmin_configure \"$SOA_EMAIL_ADDRESS\" \"$FQDN\"\n\n# Install SSL Certificate - NOT READY YET\n#certbot_ssl \"$FQDN\" \"$SOA_EMAIL_ADDRESS\" 'apache'\n\n## Cleanup before exiting\nif [ \"$SOURCED\" -ne 1 ]; then\n stackscript_cleanup\nfi", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "pwless_sudo", "label": "Enable passwordless sudo access for the limited user?", "oneof": "Yes,No", "default": "No" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "auto_updates", "label": "Configure automatic security updates?", "oneof": "Yes,No", "default": "No" }, { "name": "fail2ban", "label": "Use fail2ban to prevent automated instrusion attempts?", "oneof": "Yes,No", "default": "No" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your DNS records", "default": "" }, { "name": "subdomain", "label": "The subdomain for your server", "default": "" }, { "name": "domain", "label": "Your domain", "default": "" }, { "name": "soa_email_address", "label": "Admin Email for the server", "default": "" }, { "name": "mx", "label": "Do you need an MX record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" }, { "name": "spf", "label": "Do you need an SPF record for this domain? (Yes if sending mail from this Linode)", "oneof": "Yes,No", "default": "No" } ] }, { "id": 688902, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Webuzo One-Click", "description": "Webuzo One-Click", "ordinal": 119, "logo_url": "assets/webuzo.svg", "images": [ "linode/ubuntu20.04" ], "deployments_total": 906, "deployments_active": 22, "is_public": true, "mine": false, "created": "2020-11-17T21:04:21", "updated": "2023-12-06T22:29:24", "rev_note": "", "script": "#!/usr/bin/env bash\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n# Source the Bash StackScript Library & Helpers\nsource \nsource \nsource \nsource \n\n# Logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n# Set hostname, configure apt and perform update/upgrade\napt_setup_update\n\n# Install Prereq's & Services\napt install -y wget\nwget -N http://files.webuzo.com/install.sh\nchmod +x install.sh\n./install.sh\nsleep 2\nsystemctl start webuzo.service\n\n# firewall\nufw allow 25\nufw allow 53\nufw allow 587\nufw allow 2002\nufw allow 2003\nufw allow 2004\nufw allow 2005\n\n# Cleanup \nstackscript_cleanup\nreboot", "user_defined_fields": [ { "name": "username", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "default": "" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" } ] }, { "id": 401706, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "WireGuard® One-Click", "description": "WireGuard One-Click", "ordinal": 120, "logo_url": "assets/Wireguard.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 9370, "deployments_active": 295, "is_public": true, "mine": false, "created": "2019-03-08T21:11:36", "updated": "2023-12-07T10:04:55", "rev_note": "", "script": "#!/bin/bash\n\n# \n# \n# \n# \n# \n\nsource \n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\nset -o pipefail\n\n### Set hostname, Apt configuration and update/upgrade\n\nset_hostname\napt_setup_update\n\napt install wireguard wireguard-tools linux-headers-$(uname -r) -y\n\nif [[ \"$PORT\" != \"51820\" ]]; then\n PORT=\"$PORT\"\nfi\n\n# Wireguard\n\nwg genkey | tee ~/wg-private.key | wg pubkey > ~/wg-public.key\n\nPRIVATEKEY=`cat ~/wg-private.key`\n\ncat </etc/wireguard/wg0.conf\n[Interface]\nPrivateKey = $PRIVATEKEY\nAddress = $PRIVATEIP\nListenPort = $PORT\nPostUp = iptables -A FORWARD -i wg0 -j ACCEPT; \\\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; \\\nip6tables -A FORWARD -i wg0 -j ACCEPT; \\\nip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\nPostDown = iptables -D FORWARD -i wg0 -j ACCEPT; \\\niptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; \\\nip6tables -D FORWARD -i wg0 -j ACCEPT; \\\nip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE\nSaveConfig = true\n[Peer]\nPublicKey = $PEERPUBKEY\nAllowedIPs = $PRIVATEIP_CLIENT\nEndpoint = $ENDPOINT:$PORT\nEND\n\n### Enable Port Forwarding\nsed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf\nsysctl -p /etc/sysctl.conf\nsysctl --system\n\n### Services\n\n# wg-quick up wg0. #### Removed to let systemctl manage the service\nsystemctl enable wg-quick@wg0\nsystemctl start wg-quick@wg0\nwg show\nufw_install\nufw allow \"$PORT\"/udp\nufw enable\n\nsystemctl restart wg-quick@wg0\n\nstackscript_cleanup", "user_defined_fields": [ { "name": "port", "label": "Port", "example": "51820", "default": "51820" }, { "name": "privateip", "label": "Tunnel IP", "example": "10.0.0.1/24, 172.16.0.1/24, 192.168.1.1/24, etc", "default": "10.0.1.1/24" }, { "name": "peerpubkey", "label": "WireGuard Public Key (Client)", "default": "" }, { "name": "privateip_client", "label": "Tunnel IP (Client)", "example": "10.0.0.2/24, 172.16.0.2/24, 192.168.1.2/24 etc", "default": "10.0.1.2/24" }, { "name": "endpoint", "label": "Endpoint IP (Client)", "default": "" } ] }, { "id": 401708, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "WooCommerce One-Click", "description": "WooCommerce One-Click", "ordinal": 121, "logo_url": "assets/WooCommerce.svg", "images": [ "linode/ubuntu22.04" ], "deployments_total": 4323, "deployments_active": 211, "is_public": true, "mine": false, "created": "2019-03-08T21:12:57", "updated": "2023-12-07T08:00:35", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n## Wordpress Settings\n#\n#\n\n#\n#\n#\n#\n\n## Linode/SSH Security Settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\"\nexport MARKETPLACE_APP=\"apps/linode-marketplace-woocommerce\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n local web_stack=$(echo ${WEBSERVER_STACK} | tr [:upper:] [:lower:])\n sed 's/ //g' < ${group_vars}\n\n # deployment vars\n soa_email_address: ${SOA_EMAIL_ADDRESS}\n webserver_stack: ${web_stack}\n site_title: ${SITE_TITLE}\n wp_admin_user: ${WP_ADMIN_USER}\n wp_db_user: ${WP_DB_USER}\n wp_db_name: ${WP_DB_NAME}\nEOF\n\n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n #else echo \"No domain entered\";\n else echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n}\n\nfunction installation_complete {\n # dumping credentials\n egrep \"(*^wp_|*mysql)\" ${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars | awk {'print $1 $2'} > /root/.linode_credentials.txt\n cat << EOF\n#########################\n# INSTALLATION COMPLETE #\n############################################\n# The Mysql root password can be found at: #\n# - /root/.linode_credentials.txt #\n# #\n# * Hugs are worth more than handshakes * #\n############################################\nEOF\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "webserver_stack", "label": "The stack you are looking to deploy Wordpress on", "oneof": "LAMP,LEMP" }, { "name": "site_title", "label": "Website title", "example": "My Blog" }, { "name": "wp_admin_user", "label": "Admin username", "example": "admin" }, { "name": "wp_db_user", "label": "Wordpress database user", "example": "wordpress" }, { "name": "wp_db_name", "label": "Wordpress database name", "example": "wordpress" }, { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your Linode's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record. `www` will be entered if no subdomain is supplied (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" } ] }, { "id": 741207, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Yacht One-Click", "description": "Yacht One-Click", "ordinal": 122, "logo_url": "assets/yacht.svg", "images": [ "linode/debian11", "linode/ubuntu22.04" ], "deployments_total": 965, "deployments_active": 15, "is_public": true, "mine": false, "created": "2021-01-26T21:52:26", "updated": "2023-12-06T21:24:29", "rev_note": "", "script": "#!/bin/bash\nset -e\ntrap \"cleanup $? $LINENO\" EXIT\n\n##Linode/SSH security settings\n#\n#\n#\n#\n\n## Domain Settings\n#\n#\n#\n#\n\n## Yacht Settings \n#\n#\n#\n\n# git repo\nexport GIT_REPO=\"https://github.com/akamai-compute-marketplace/marketplace-apps.git\"\nexport WORK_DIR=\"/tmp/marketplace-apps\" \nexport MARKETPLACE_APP=\"apps/linode-marketplace-yacht\"\n\n# enable logging\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\nfunction cleanup {\n if [ -d \"${WORK_DIR}\" ]; then\n rm -rf ${WORK_DIR}\n fi\n\n}\n\nfunction udf {\n local group_vars=\"${WORK_DIR}/${MARKETPLACE_APP}/group_vars/linode/vars\"\n echo \"webserver_stack: lemp\" >> ${group_vars};\n \n if [[ -n ${USER_NAME} ]]; then\n echo \"username: ${USER_NAME}\" >> ${group_vars};\n else echo \"No username entered\";\n fi\n\n if [ \"$DISABLE_ROOT\" = \"Yes\" ]; then\n echo \"disable_root: yes\" >> ${group_vars};\n else echo \"Leaving root login enabled\";\n fi\n\n if [[ -n ${PASSWORD} ]]; then\n echo \"password: ${PASSWORD}\" >> ${group_vars};\n else echo \"No password entered\";\n fi\n\n if [[ -n ${PUBKEY} ]]; then\n echo \"pubkey: ${PUBKEY}\" >> ${group_vars};\n else echo \"No pubkey entered\";\n fi\n\n # yacht vars\n \n if [[ -n ${YEMAIL} ]]; then\n echo \"yemail: ${YEMAIL}\" >> ${group_vars};\n fi\n\n if [[ -n ${COMPOSE_SUPPORT} ]]; then\n echo \"compose_support: ${COMPOSE_SUPPORT}\" >> ${group_vars};\n fi\n\n if [[ -n ${YTHEME} ]]; then\n echo \"yacht_theme: ${YTHEME}\" >> ${group_vars};\n fi\n\n if [[ -n ${SOA_EMAIL_ADDRESS} ]]; then\n echo \"soa_email_address: ${SOA_EMAIL_ADDRESS}\" >> ${group_vars};\n fi\n\n if [[ -n ${DOMAIN} ]]; then\n echo \"domain: ${DOMAIN}\" >> ${group_vars};\n else\n echo \"default_dns: $(hostname -I | awk '{print $1}'| tr '.' '-' | awk {'print $1 \".ip.linodeusercontent.com\"'})\" >> ${group_vars};\n fi\n\n if [[ -n ${SUBDOMAIN} ]]; then\n echo \"subdomain: ${SUBDOMAIN}\" >> ${group_vars};\n else echo \"subdomain: www\" >> ${group_vars};\n fi\n\n if [[ -n ${TOKEN_PASSWORD} ]]; then\n echo \"token_password: ${TOKEN_PASSWORD}\" >> ${group_vars};\n else echo \"No API token entered\";\n fi\n}\n\nfunction run {\n # install dependancies\n apt-get update\n apt-get install -y git python3 python3-pip\n\n # clone repo and set up ansible environment\n git -C /tmp clone ${GIT_REPO}\n # for a single testing branch\n # git -C /tmp clone -b ${BRANCH} ${GIT_REPO}\n\n # venv\n cd ${WORK_DIR}/${MARKETPLACE_APP}\n pip3 install virtualenv\n python3 -m virtualenv env\n source env/bin/activate\n pip install pip --upgrade\n pip install -r requirements.txt\n ansible-galaxy install -r collections.yml\n\n # populate group_vars\n udf\n # run playbooks\n for playbook in provision.yml site.yml; do ansible-playbook -v $playbook; done\n \n}\n\nfunction installation_complete {\n echo \"Installation Complete\"\n}\n# main\nrun && installation_complete\ncleanup", "user_defined_fields": [ { "name": "user_name", "label": "The limited sudo user to be created for the Linode", "default": "" }, { "name": "password", "label": "The password for the limited sudo user", "example": "an0th3r_s3cure_p4ssw0rd", "default": "" }, { "name": "disable_root", "label": "Disable root access over SSH?", "oneof": "Yes,No", "default": "No" }, { "name": "pubkey", "label": "The SSH Public Key that will be used to access the Linode (Recommended)", "default": "" }, { "name": "token_password", "label": "Your Linode API token. This is needed to create your server's DNS records", "default": "" }, { "name": "subdomain", "label": "Subdomain", "example": "The subdomain for the DNS record: www (Requires Domain)", "default": "" }, { "name": "domain", "label": "Domain", "example": "The domain for the DNS record: example.com (Requires API token)", "default": "" }, { "name": "soa_email_address", "label": "Email address (for the Let's Encrypt SSL certificate)", "example": "user@domain.tld" }, { "name": "yemail", "label": "Yacht Email", "example": "admin@yacht.local", "default": "admin@yacht.local" }, { "name": "compose_support", "label": "Yacht Compose Support", "example": "Yes", "default": "Yes", "oneof": "Yes,No" }, { "name": "ytheme", "label": "Yacht Theme", "example": "Default", "default": "Default", "oneof": "Default,RED,OMV" } ] }, { "id": 741208, "username": "linode", "user_gravatar_id": "9d4d301385af69ceb7ad658aad09c142", "label": "Zabbix One-Click", "description": "Zabbix One-Click", "ordinal": 123, "logo_url": "assets/zabbix.svg", "images": [ "linode/centos-stream8" ], "deployments_total": 1781, "deployments_active": 77, "is_public": true, "mine": false, "created": "2021-01-26T21:56:54", "updated": "2023-12-07T15:08:57", "rev_note": "", "script": "#!/bin/bash\n\n# \n\nsource \n\nsystem_set_hostname \"$HOSTNAME\"\n\nexec > >(tee /dev/ttyS0 /var/log/stackscript.log) 2>&1\n\n# Generate files\nmkdir -p /etc/my.cnf.d/\nmkdir -p /etc/nginx/conf.d/\nmkdir -p /etc/php-fpm.d/\nmkdir -p /etc/php.d/\n# mkdir -p /etc/profile.d/\nmkdir -p /etc/motd.d/\nmkdir -p /etc/zabbix/web/\nmkdir -p /var/lib/cloud/scripts/per-instance\n\ncat </etc/my.cnf.d/zabbix.cnf\n[mysqld]\nuser = mysql\nlocal_infile = 0\n\ndatadir = /var/lib/mysql/\n\ndefault-storage-engine = InnoDB\nskip-name-resolve\nkey_buffer_size = 32M\nmax_allowed_packet = 128M\ntable_open_cache = 1024\ntable_definition_cache = 1024\nmax_connections = 2000\njoin_buffer_size = 1M\nsort_buffer_size = 2M\nread_buffer_size = 256K\nread_rnd_buffer_size = 256K\nmyisam_sort_buffer_size = 1M\nthread_cache_size = 512\nopen_files_limit = 10000\nwait_timeout = 86400\n\noptimizer_switch=index_condition_pushdown=off\n\ntmp_table_size = 32M\nmax_heap_table_size = 32M\n\nbinlog_format=mixed\nbinlog_cache_size = 32M\nmax_binlog_size = 256M\nbinlog_expire_logs_seconds = 259200\n\n# innodb_page_size = 32K\ninnodb_buffer_pool_size = 512M\ninnodb_log_file_size = 256M\ninnodb_log_buffer_size = 64M\ninnodb_file_per_table = 1\ninnodb_flush_method = O_DIRECT\ninnodb_buffer_pool_instances = 4\ninnodb_write_io_threads = 4\ninnodb_read_io_threads = 4\ninnodb_adaptive_flushing = 1\ninnodb_lock_wait_timeout = 50\n\ninnodb_flush_log_at_trx_commit = 1\n\ninnodb_io_capacity = 300\ninnodb_io_capacity_max = 400\ninnodb_flush_neighbors = 0\n\ninnodb_doublewrite = 1\ninnodb_thread_concurrency = 0\n\ninnodb_purge_threads = 1\n\nserver_id = 1\nbinlog_checksum = crc32\n\ninnodb_lru_scan_depth = 512\n\ninnodb_stats_on_metadata = 0\n\nEND\n\ncat </etc/nginx/conf.d/zabbix_ssl.conf\nserver {\n listen 0.0.0.0:443 ssl http2;\n # server_name ;\n index index.php;\n\n root \\$webroot;\n charset utf8;\n set \\$webroot '/usr/share/zabbix';\n\n access_log /var/log/nginx/zabbix_access_ssl.log main;\n error_log /var/log/nginx/zabbix_error_ssl.log error;\n\n ssl_stapling on;\n ssl_stapling_verify on;\n\n #resolver 192.168.13.160 192.168.10.24;\n\n ssl_certificate /etc/ssl/certs/zabbix_example.crt;\n ssl_certificate_key /etc/ssl/private/zabbix_example.key;\n\n ssl_dhparam /etc/ssl/private/zabbix_dhparam.pem;\n\n ssl_protocols TLSv1.2 TLSv1.3;\n ssl_verify_depth 3;\n #ssl_ciphers HIGH:!aNULL:!MD5;\n ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;\n #ssl_session_cache shared:SSL:10m;\n ssl_session_cache shared:MozSSL:10m;\n ssl_session_timeout 1d;\n ssl_prefer_server_ciphers off;\n ssl_session_tickets off;\n\n add_header Strict-Transport-Security \"max-age=63072000\" always;\n add_header Content-Security-Policy-Report-Only \"default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report\";\n\n location = /favicon.ico {\n log_not_found off;\n }\n\n location / {\n index index.php;\n try_files \\$uri \\$uri/ =404;\n }\n\n location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {\n access_log off;\n expires 10d;\n }\n\n location ~ /\\.ht {\n deny all;\n }\n\n location ~ /(api\\/|conf[^\\.]|include|locale) {\n deny all;\n return 404;\n }\n\n location ~ [^/]\\.php(/|$) {\n fastcgi_pass unix:/run/php-fpm/zabbix.sock;\n fastcgi_split_path_info ^(.+\\.php)(/.+)$;\n fastcgi_index index.php;\n\n fastcgi_param DOCUMENT_ROOT /usr/share/zabbix;\n fastcgi_param SCRIPT_FILENAME /usr/share/zabbix\\$fastcgi_script_name;\n fastcgi_param PATH_TRANSLATED /usr/share/zabbix\\$fastcgi_script_name;\n\n include fastcgi_params;\n fastcgi_param QUERY_STRING \\$query_string;\n fastcgi_param REQUEST_METHOD \\$request_method;\n fastcgi_param CONTENT_TYPE \\$content_type;\n fastcgi_param CONTENT_LENGTH \\$content_length;\n\n fastcgi_intercept_errors on;\n fastcgi_ignore_client_abort off;\n fastcgi_connect_timeout 60;\n fastcgi_send_timeout 180;\n fastcgi_read_timeout 180;\n fastcgi_buffer_size 128k;\n fastcgi_buffers 4 256k;\n fastcgi_busy_buffers_size 256k;\n fastcgi_temp_file_write_size 256k;\n }\n}\n\nEND\n\ncat </etc/nginx/conf.d/zabbix.conf\nserver {\n listen 0.0.0.0:80;\n # server_name zabbix;\n\n return 301 https://\\$host\\$request_uri;\n}\n\nEND\n\ncat </etc/nginx/nginx.conf\n# For more information on configuration, see:\n# * Official English Documentation: http://nginx.org/en/docs/\n# * Official Russian Documentation: http://nginx.org/ru/docs/\n\nuser nginx;\nworker_processes auto;\nworker_priority -5;\nworker_rlimit_nofile 256000;\n\nerror_log /var/log/nginx/error.log;\n\npid /run/nginx.pid;\n\n# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.\ninclude /usr/share/nginx/modules/*.conf;\n\nevents {\n worker_connections 5120;\n use epoll;\n multi_accept on;\n}\n\n\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n\n log_format main\n '\\$http_x_forwarded_for - \\$remote_user [\\$time_local] '\n '\"\\$request\" \\$status \\$bytes_sent '\n '\"\\$http_referer\" \"\\$http_user_agent\" '\n '\"\\$gzip_ratio\"';\n\n access_log /var/log/nginx/access.log main;\n\n open_file_cache max=200000 inactive=20s;\n open_file_cache_valid 30s;\n open_file_cache_min_uses 2;\n open_file_cache_errors on;\n\n limit_conn_zone \\$binary_remote_addr zone=perip:10m;\n limit_conn_zone \\$server_name zone=perserver:10m;\n\n client_header_timeout 5m;\n client_body_timeout 5m;\n send_timeout 5m;\n\n connection_pool_size 4096;\n client_header_buffer_size 4k;\n large_client_header_buffers 4 4k;\n request_pool_size 4k;\n\n reset_timedout_connection on;\n\n\n gzip on;\n gzip_min_length 100;\n gzip_buffers 4 8k;\n gzip_comp_level 5;\n gzip_types text/plain text/css text/xml application/x-javascript application/xml application/xhtml+xml;\n\n types_hash_max_size 2048;\n\n output_buffers 128 512k;\n postpone_output 1460;\n aio on;\n directio 512;\n\n sendfile on;\n client_max_body_size 8m;\n fastcgi_intercept_errors on;\n\n tcp_nopush on;\n tcp_nodelay on;\n\n keepalive_timeout 75 20;\n\n ignore_invalid_headers on;\n\n index index.php;\n server_tokens off;\n\n # Load modular configuration files from the /etc/nginx/conf.d directory.\n # See http://nginx.org/en/docs/ngx_core_module.html#include\n # for more information.\n include /etc/nginx/conf.d/*.conf;\n}\n\nEND\n\ncat </etc/php-fpm.d/zabbix.conf\n[zabbix]\nuser = apache\ngroup = apache\n\nlisten = /run/php-fpm/zabbix.sock\nlisten.acl_users = apache,nginx\nlisten.allowed_clients = 127.0.0.1\n\npm = dynamic\npm.max_children = 50\npm.start_servers = 5\npm.min_spare_servers = 5\npm.max_spare_servers = 35\n\nphp_value[session.save_handler] = files\nphp_value[session.save_path] = /var/lib/php/session\n\nphp_value[max_execution_time] = 300\nphp_value[memory_limit] = 128M\nphp_value[post_max_size] = 16M\nphp_value[upload_max_filesize] = 2M\nphp_value[max_input_time] = 300\nphp_value[max_input_vars] = 10000\n; php_value[date.timezone] = Europe/Riga\nEND\n\n# cat </etc/php.d/99-zabbix.ini\n# max_execution_time=300\n# memory_limit=128M\n# post_max_size=16M\n# upload_max_filesize=2M\n# max_input_time=300\n# always_populate_raw_post_data=-1\n# max_input_vars=10000\n# date.timezone=UTC\n# session.save_path=/var/lib/php/\n# END\n\n# cat </etc/profile.d/zabbix_welcome.sh\n# #!/bin/sh\n# #\n# myip=\\$(hostname -I | awk '{print\\$1}')\n# cat </etc/motd.d/zabbix\n********************************************************************************\n\nZabbix frontend credentials:\n\nUsername: Admin\n\nPassword: replace_password\n\n\nTo learn about available professional services, including technical suppport and training, please visit https://www.zabbix.com/services\n\nOfficial Zabbix documentation available at https://www.zabbix.com/documentation/current/\n\n\n********************************************************************************\nEND\n\n# cat </etc/systemd/system/zabbix-instance-init.service\n# [Unit]\n# After=mariadb.service\n\n# [Service]\n# ExecStart=/var/lib/cloud/scripts/per-instance/001-zabbix\n\n# [Install]\n# WantedBy=multi-user.target\n# END\n\n# cat </etc/yum.repos.d/MariaDB.repo\n# # MariaDB 10.3 CentOS repository list - created 2019-03-28 10:57 UTC\n# # http://downloads.mariadb.org/mariadb/repositories/\n# [mariadb]\n# name = MariaDB\n# baseurl = http://yum.mariadb.org/10.2/centos7-amd64\n# gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB\n# gpgcheck=1\n# END\n\ncat </etc/yum.repos.d/Nginx.repo\n[nginx-stable]\nname=nginx stable repo\nbaseurl=http://nginx.org/packages/centos/\\$releasever/\\$basearch/\ngpgcheck=1\nenabled=1\ngpgkey=https://nginx.org/keys/nginx_signing.key\nmodule_hotfixes=true\n\n[nginx-mainline]\nname=nginx mainline repo\nbaseurl=http://nginx.org/packages/mainline/centos/\\$releasever/\\$basearch/\ngpgcheck=1\nenabled=0\ngpgkey=https://nginx.org/keys/nginx_signing.key\nmodule_hotfixes=true\nEND\n\ncat </etc/zabbix/web/zabbix.conf.php\n 'http://localhost:9200',\n//\t'text' => 'http://localhost:9200'\n//];\n// Value types stored in Elasticsearch.\n//\\$HISTORY['types'] = ['uint', 'text'];\n\n// Used for SAML authentication.\n// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings.\n//\\$SSO['SP_KEY']\t\t\t= 'conf/certs/sp.key';\n//\\$SSO['SP_CERT']\t\t\t= 'conf/certs/sp.crt';\n//\\$SSO['IDP_CERT']\t\t= 'conf/certs/idp.crt';\n//\\$SSO['SETTINGS']\t\t= [];\nEND\n\ncat </tmp/zabbix_server_custom.te\nmodule zabbix_server_custom 1.2;\nrequire {\n type zabbix_var_run_t;\n type tmp_t;\n type zabbix_t;\n class sock_file { create unlink write };\n class unix_stream_socket connectto;\n class process setrlimit;\n class capability dac_override;\n}\n#============= zabbix_t ==============\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:process setrlimit;\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:unix_stream_socket connectto;\n#!!!! This avc is allowed in the current policy\nallow zabbix_t tmp_t:sock_file { create unlink write };\n#!!!! This avc is allowed in the current policy\nallow zabbix_t zabbix_var_run_t:sock_file { create unlink write };\n#!!!! This avc is allowed in the current policy\nallow zabbix_t self:capability dac_override;\nEND\n\n# Installing RPM packages\nyum makecache\nyum -y upgrade\nyum -y install wget\nwget https://dev.mysql.com/get/mysql80-community-release-el8-3.noarch.rpm\ndnf -y install mysql80-community-release-el8-3.noarch.rpm\ndnf -y module disable mysql\ndnf -y install https://repo.zabbix.com/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm\ndnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm\ndnf -y install epel-release\ndnf -y module enable php:remi-8.1\nyum -y install cloud-init cloud-utils-growpart firewalld nginx php-fpm mysql-community-client mysql-community-server java-1.8.0-openjdk-headless zabbix-server-mysql zabbix-web-mysql zabbix-nginx-conf zabbix-sql-scripts zabbix-agent zabbix-get zabbix-sender zabbix-java-gateway zabbix-js\n\n\n# Configure firewalld\nsystemctl enable firewalld\nsystemctl start firewalld\nfirewall-cmd --permanent --add-service=ssh --zone=public\nfirewall-cmd --permanent --add-service=http --zone=public\nfirewall-cmd --permanent --add-service=https --zone=public\nfirewall-cmd --permanent --add-port=10051/tcp --zone=public\nfirewall-cmd --reload\n\n# Configure SELinux\nrm -rf /tmp/zabbix_server_custom.mod /tmp/zabbix_server_custom.pp\ncheckmodule -M -m -o /tmp/zabbix_server_custom.mod /tmp/zabbix_server_custom.te\nsemodule_package -o /tmp/zabbix_server_custom.pp -m /tmp/zabbix_server_custom.mod\nsemodule -i /tmp/zabbix_server_custom.pp\n\nsetsebool -P httpd_can_connect_zabbix=1\nsetsebool -P zabbix_can_network=1\n\n# Generate SSL certificate\nmkdir -p /etc/ssl/private\nopenssl dhparam -out /etc/ssl/private/zabbix_dhparam.pem 2048\n\nopenssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/zabbix_example.key \\\n -out /etc/ssl/certs/zabbix_example.crt -subj \"/C=LV/ST=Riga/L=Riga/O=Global Security/OU=IT Department/CN=example.zabbix.com\"\n\n# Configure Zabbix instance\nsystemctl enable mysqld\nsystemctl disable nginx\nsystemctl disable php-fpm\nsystemctl disable zabbix-server\nsystemctl enable zabbix-agent\nsystemctl enable zabbix-java-gateway\n\nsystemctl stop nginx php-fpm\n\necho \"Requires=multi-user.target\" >> /usr/lib/systemd/system/cloud-init.target\n\nsystemctl set-default cloud-init.target\n\nchown -R apache:apache /var/lib/php/\n\nchmod g+r /etc/zabbix/zabbix_server.conf\nchmod o+w /run/zabbix/\n\nchmod 755 /etc/my.cnf\nchmod -R 755 /etc/my.cnf.d/\n\nsed -i 's/^#PrintMotd yes/&\\nPrintMotd no/g' /etc/ssh/sshd_config\n\nsed -i '/^; php_value\\[date.timezone\\] /s/^; //' /etc/php-fpm.d/zabbix.conf\n\nsed -i 's/^# JavaGateway=.*/&\\nJavaGateway=127.0.0.1/g' /etc/zabbix/zabbix_server.conf\nsed -i 's/^# StartJavaPollers=.*/&\\nStartJavaPollers=5/g' /etc/zabbix/zabbix_server.conf\nsed -i 's/^# LISTEN_IP=.*/&\\nLISTEN_IP=\"127.0.0.1\"/g' /etc/zabbix/zabbix_java_gateway.conf\n\nescape_spec_char() {\n local var_value=$1\n\n var_value=\"${var_value//\\\\/\\\\\\\\}\"\n var_value=\"${var_value//[$'\\n']/}\"\n var_value=\"${var_value//\\//\\\\/}\"\n var_value=\"${var_value//./\\\\.}\"\n var_value=\"${var_value//\\*/\\\\*}\"\n var_value=\"${var_value//^/\\\\^}\"\n var_value=\"${var_value//\\$/\\\\$}\"\n var_value=\"${var_value//\\&/\\\\&}\"\n var_value=\"${var_value//\\[/\\\\[}\"\n var_value=\"${var_value//\\]/\\\\]}\"\n\n echo \"$var_value\"\n}\n\nsystemctl start mysqld\nsystemctl enable mysqld\nsystemctl enable nginx\nsystemctl enable php-fpm\nsystemctl enable zabbix-server\n\nDB_ROOT_TMP_PASS=$(grep 'temporary password' /var/log/mysqld.log | awk '{print $13}' | tail -1)\nWEB_PASS=$(openssl rand -base64 14)\nWEB_PASS=${WEB_PASS%?}\nINST_NAME=$(hostname)\n\nrm -f /root/.my.cnf\n\nDB_ROOT_PASS=$(MYSQL_PWD=\"$DB_ROOT_TMP_PASS\" mysql --connect-expired-password -s -N -e \"SET PASSWORD FOR root@localhost TO RANDOM;\" | awk '{print $3}')\nDB_ZBX_PASS=$(MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -s -N -e \"CREATE USER 'zabbix_srv'@'localhost' IDENTIFIED WITH mysql_native_password BY RANDOM PASSWORD\" | awk '{print $3}')\nDB_ZBXWEB_PASS=$(MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -s -N -e \"CREATE USER 'zabbix_web'@'localhost' IDENTIFIED WITH mysql_native_password BY RANDOM PASSWORD\" | awk '{print $3}')\n\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"CREATE DATABASE zabbix CHARACTER SET 'utf8' COLLATE 'utf8_bin'\"\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"GRANT SELECT, UPDATE, DELETE, INSERT, CREATE, DROP, ALTER, INDEX, REFERENCES ON zabbix.* TO 'zabbix_srv'@'localhost'\"\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"GRANT SELECT, UPDATE, DELETE, INSERT, CREATE, DROP ON zabbix.* TO 'zabbix_web'@'localhost'\"\n\ncat > /root/.my.cnf << EOF\n[client]\npassword=\"$DB_ROOT_PASS\"\nEOF\n\nzcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | MYSQL_PWD=\"$DB_ROOT_PASS\" mysql -uroot zabbix\n\nMYSQL_PWD=\"$DB_ROOT_PASS\" mysql -u root -e \"UPDATE users SET passwd = MD5('$WEB_PASS') WHERE username = 'Admin'\" zabbix\n\nWEB_PASS=$(escape_spec_char \"$WEB_PASS\")\nsed -i \"s/replace_password/$WEB_PASS/g\" /etc/motd.d/zabbix\n\nsed -i \"s/replace_name/$INST_NAME/g\" /etc/zabbix/web/zabbix.conf.php\n\nDB_ZBX_PASS=$(escape_spec_char \"$DB_ZBX_PASS\")\nDB_ZBXWEB_PASS=$(escape_spec_char \"$DB_ZBXWEB_PASS\")\n\nsed -i \"s/^DBUser=.*/DBUser=zabbix_srv/g\" /etc/zabbix/zabbix_server.conf\nsed -i -e \"/^[#;] DBPassword=/s/.*/&\\nDBPassword=$DB_ZBX_PASS/\" /etc/zabbix/zabbix_server.conf\nsed -i \"s/replace_password/$DB_ZBXWEB_PASS/g\" /etc/zabbix/web/zabbix.conf.php\nsed -i \"s/replace_user/zabbix_web/g\" /etc/zabbix/web/zabbix.conf.php\n\n# Cleaning up remote machine\nrm -rf /etc/nginx/conf.d/default.conf\nrm -rf /tmp/* /var/tmp/*\nhistory -c\ncat /dev/null > /root/.bash_history\nunset HISTFILE\nfind /var/log -mtime -1 -type f ! -name 'stackscript.log' -exec truncate -s 0 {} \\;\n\n\n\nsystemctl start zabbix-server zabbix-agent zabbix-java-gateway\nsystemctl start nginx php-fpm\n\necho \"Installation complete!\"", "user_defined_fields": [ { "name": "hostname", "label": "Hostname" } ] } ], "page": 1, "pages": 1, "results": 129 } \ No newline at end of file diff --git a/packages/manager/src/features/OneClickApps/oneClickApps.ts b/packages/manager/src/features/OneClickApps/oneClickApps.ts index 159d368e7f2..07f7e37cfee 100644 --- a/packages/manager/src/features/OneClickApps/oneClickApps.ts +++ b/packages/manager/src/features/OneClickApps/oneClickApps.ts @@ -1130,18 +1130,18 @@ export const oneClickApps: OCA[] = [ end: '041125', start: '6DBA98', }, - description: `MainConcept FFmpeg Plugins are suited for both VOD and live production workflows, with advanced features such as Hybrid GPU acceleration and xHE-AAC audio format.`, + description: `MainConcept FFmpeg Plugins Demo is suited for both VOD and live production workflows, with advanced features such as Hybrid GPU acceleration and xHE-AAC audio format.`, logo_url: 'mainconcept.svg', - name: 'MainConcept FFmpeg Plugins', + name: 'MainConcept FFmpeg Plugins Demo', related_guides: [ { href: - 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-ffmpeg-plugins/', + 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-ffmpeg-plugins-demo/', title: - 'Deploy MainConcept FFmpeg Plugins through the Linode Marketplace', + 'Deploy MainConcept FFmpeg Plugins Demo through the Linode Marketplace', }, ], - summary: 'MainConcept FFmpeg Plugins are advanced video encoding tools.', + summary: 'MainConcept FFmpeg Plugins Demo contains advanced video encoding tools.', website: 'https://www.mainconcept.com/ffmpeg', }, { @@ -1152,14 +1152,14 @@ export const oneClickApps: OCA[] = [ end: '041125', start: '6DBA98', }, - description: `MainConcept Live Encoder is a powerful all-in-one encoding engine designed to simplify common broadcast and OTT video workflows.`, + description: `MainConcept Live Encoder Demo is a powerful all-in-one encoding engine designed to simplify common broadcast and OTT video workflows.`, logo_url: 'mainconcept.svg', - name: 'MainConcept Live Encoder', + name: 'MainConcept Live Encoder Demo', related_guides: [ { href: - 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-live-encoder/', - title: 'Deploy MainConcept Live Encoder through the Linode Marketplace', + 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-live-encoder-demo/', + title: 'Deploy MainConcept Live Encoder Demo through the Linode Marketplace', }, ], summary: 'MainConcept Live Encoder is a real time video encoding engine.', @@ -1173,19 +1173,19 @@ export const oneClickApps: OCA[] = [ end: '041125', start: '6DBA98', }, - description: `MainConcept P2 AVC-ULTRA Transcoder is an optimized Docker container for file-based transcoding of media files into professional Panasonic camera formats like P2 AVC-Intra, P2 AVC LongG and AVC-intra RP2027.v1 and AAC High Efficiency v2 formats into an MP4 container.`, + description: `MainConcept P2 AVC ULTRA Transcoder Demo is an optimized Docker container for file-based transcoding of media files into professional Panasonic camera formats like P2 AVC-Intra, P2 AVC LongG and AVC-intra RP2027.v1 and AAC High Efficiency v2 formats into an MP4 container.`, logo_url: 'mainconcept.svg', - name: 'MainConcept P2 AVC ULTRA Transcoder', + name: 'MainConcept P2 AVC ULTRA Transcoder Demo', related_guides: [ { href: - 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-p2-avc-ultra/', + 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-p2-avc-ultra-demo/', title: - 'Deploy MainConcept P2 AVC-ULTRA Transcoder through the Linode Marketplace', + 'Deploy MainConcept P2 AVC ULTRA Transcoder Demo through the Linode Marketplace', }, ], summary: - 'MainConcept P2 AVC-ULTRA Transcoder is a Docker container for file-based transcoding of media files into professional Panasonic camera formats.', + 'MainConcept P2 AVC ULTRA Transcoder is a Docker container for file-based transcoding of media files into professional Panasonic camera formats.', website: 'https://www.mainconcept.com/transcoders', }, { @@ -1196,15 +1196,15 @@ export const oneClickApps: OCA[] = [ end: '041125', start: '6DBA98', }, - description: `MainConcept XAVC Transcoder is an optimized Docker container for file-based transcoding of media files into professional Sony camera formats like XAVC-Intra, XAVC Long GOP and XAVC-S.`, + description: `MainConcept XAVC Transcoder Demo is an optimized Docker container for file-based transcoding of media files into professional Sony camera formats like XAVC-Intra, XAVC Long GOP and XAVC-S.`, logo_url: 'mainconcept.svg', - name: 'MainConcept XAVC Transcoder', + name: 'MainConcept XAVC Transcoder Demo', related_guides: [ { href: - 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-xavc-transcoder/', + 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-xavc-transcoder-demo/', title: - 'Deploy MainConcept XAVC Transcoder through the Linode Marketplace', + 'Deploy MainConcept XAVC Transcoder Demo through the Linode Marketplace', }, ], summary: @@ -1219,15 +1219,15 @@ export const oneClickApps: OCA[] = [ end: '041125', start: '6DBA98', }, - description: `MainConcept XDCAM Transcoder is an optimized Docker container for file-based transcoding of media files into professional Sony camera formats like XDCAM HD, XDCAM EX, XDCAM IMX and DVCAM (XDCAM DV).`, + description: `MainConcept XDCAM Transcoder Demo is an optimized Docker container for file-based transcoding of media files into professional Sony camera formats like XDCAM HD, XDCAM EX, XDCAM IMX and DVCAM (XDCAM DV).`, logo_url: 'mainconcept.svg', - name: 'MainConcept XDCAM Transcoder', + name: 'MainConcept XDCAM Transcoder Demo', related_guides: [ { href: - 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-xdcam-transcoder/', + 'https://www.linode.com/docs/products/tools/marketplace/guides/mainconcept-xdcam-transcoder-demo/', title: - 'Deploy MainConcept XDCAM Transcoder through the Linode Marketplace', + 'Deploy MainConcept XDCAM Transcoder Demo through the Linode Marketplace', }, ], summary: diff --git a/packages/manager/src/features/StackScripts/stackScriptUtils.ts b/packages/manager/src/features/StackScripts/stackScriptUtils.ts index 3a29602a96f..3c78ca81e8d 100644 --- a/packages/manager/src/features/StackScripts/stackScriptUtils.ts +++ b/packages/manager/src/features/StackScripts/stackScriptUtils.ts @@ -135,13 +135,12 @@ export const baseApps = { '1160820': 'Appwrite', '1177225': 'Seatable', '1177605': 'Illa Builder', - // uncomment after 10/30/23 release - // '1243759': 'MainConcept FFmpeg Plugins', - // '1243760': 'MainConcept Live Encoder', - // '1243762': 'MainConcept P2 AVC-ULTRA Transcoder', - // '1243763': 'MainConcept XAVC Transcoder', - // '1243764': 'MainConcept XDCAM Transcoder', - // '1243780': 'SimpleX Chat', + '1243759': 'MainConcept FFmpeg Plugins Demo', + '1243760': 'MainConcept Live Encoder Demo', + '1243762': 'MainConcept P2 AVC ULTRA Transcoder Demo', + '1243763': 'MainConcept XAVC Transcoder Demo', + '1243764': 'MainConcept XDCAM Transcoder Demo', + '1243780': 'SimpleX Chat', }; const oneClickFilter = [