Merge pull request #82 from joglomedia/2.0.x

### New Features
- Add swap disable/enable feature
- Add Lua, NDK, NJS module (experiment)

### Bug Fixes
- Installation tries to allocate 0MiB swap file and fails ( Issue #76 )
- PHP failed to load after installation if LEMPER_USERNAME value set to not empty ( Issue #79 )
- Default username not deleted during removal if LEMPER_USERNAME value set to not empty ( Issue #80 )
- Nginx error when ssl enabled ( Issue #81 )

### Enhancements
- Recalculate swap size
- Default PHP removal
- Environment variables adjustment

.env.dist

@@ -8,21 +8,7 @@
 # Use development for local environment or production for live environment.
 ENVIRONMENT="production"
 
-# Auto install, true for auto installation,
-# false for manual or guided installation.
-AUTO_INSTALL=true
-
-# Cleanup existing LEMP / LAMP stack installation.
-AUTO_REMOVE=false
-FORCE_REMOVE=false
-
-# Dry run install, true for testing only.
-DRYRUN=false
-
-# Logging for installation process.
-LOGGING=true
-
-# Server hostname must be valid FQDN format, leave it blank for system default.
+# In production, server hostname must be valid FQDN format (e.g. hostname.domain.ext).
 SERVER_HOSTNAME=""
 
 # Server IP address, leave it blank for auto detection.
@@ -44,6 +30,26 @@ ADMIN_EMAIL="[email protected]"
 # Example: Asia/Jakarta
 TIMEZONE="UTC"
 
+# Auto install, true for auto installation,
+# false for manual or guided installation.
+AUTO_INSTALL=true
+
+# Cleanup existing LEMP / LAMP stack installation.
+AUTO_REMOVE=false
+FORCE_REMOVE=false
+
+# Fix broken packages
+FIX_BROKEN=false
+
+# Dry run install, true for testing only.
+DRYRUN=false
+
+# Logging for installation process.
+LOGGING=true
+
+# Allocate memory to work as swap.
+ENABLE_SWAP=true
+
 # Build directorty.
 BUILD_DIR="/usr/local/src/lemper"
 
@@ -66,6 +72,8 @@ HASH_LENGTH=2048
 
 [nginx]
 INSTALL_NGINX=true
+
+# Available Nginx installer: repo | source
 NGINX_INSTALLER="source"
 
 # Supported Nginx version: stable (lts) | latest (mainline),
@@ -111,10 +119,13 @@ GEOLITE2_LICENSE_KEY=""
 
 NGX_HTTP_HEADERS_MORE=true
 NGX_HTTP_IMAGE_FILTER=true
-NGX_HTTP_MEMCACHED=true
-NGX_HTTP_NAXSI=true
+NGX_HTTP_LUA=false
+NGX_HTTP_MEMCACHED=false
+NGX_HTTP_NAXSI=false
+NGX_HTTP_NDK=false
+NGX_HTTP_NJS=false
 NGX_HTTP_PASSENGER=false
-NGX_HTTP_REDIS2=true
+NGX_HTTP_REDIS2=false
 NGX_HTTP_SUBS_FILTER=true
 NGX_HTTP_UPSTREAM_FAIR=true
 NGX_HTTP_VTS=true
@@ -131,36 +142,42 @@ INSTALL_PHP=true
 # It is highly recommended to install PHP version 7.4 or greater.
 PHP_VERSION="7.4"
 
+[php-loader]
 # PHP Loader is a PHP extension (module) that enables PHP
 # to load protected and encoded files.
+INSTALL_PHP_LOADER=false
+
 # Available PHP loader: ioncube | sourceguardian
 # leave it blank or "none" to skip PHP loader installation.
 PHP_LOADER="none"
 
 [php-imagemagick]
 # ImageMagick is a free and open-source software suite for manipulating raster and vector image.
+INSTALL_PHP_IMAGEMAGICK=true
+
 # Available ImageMagick & PHP module installer: repo | source
 # leave it blank or "none" to skip PHP ImageMagick installation.
 PHP_IMAGEMAGICK_INSTALLER="repo"
 
-# Available ImageMagick version: 6.9.10-62 | 7.0.10-14 | latest
-PHP_IMAGEMAGICK_VERSION="7.0.10-14"
+# Available ImageMagick version: 6.9.10-62 | 7.1.0-0 | latest
+PHP_IMAGEMAGICK_VERSION="7.1.0-0"
 
 [php-phalcon]
 # Phalcon is a PHP web framework based on the MVC pattern delivered as C-extension.
+INSTALL_PHP_PHALCON=false
+
 # Available Phalcon installer: repo | source
-# leave it blank or "none" to skip Phalcon installation.
-PHP_PHALCON_INSTALLER="source"
+PHP_PHALCON_INSTALLER="repo"
 
 # Available Phalcon version: 3.4.5 | 4.0.6 | latest
 PHP_PHALCON_VERSION="4.1.2"
 
 # Phalcon zephir transpiler.
-PHP_ZEPHIR_INSTALL=false
+INSTALL_PHP_ZEPHIR=false
 PHP_ZEPHIR_VERSION="0.12.19"
 
 [php-composer]
-INSTALL_PHPCOMPOSER=true
+INSTALL_PHP_COMPOSER=true
 
 [mysql]
 INSTALL_MYSQL=true
@@ -212,7 +229,7 @@ REDIS_INSTALLER="repo"
 REDIS_VERSION="stable"
 
 # Enable pass authentication.
-REDIS_REQUIREPASS=false
+REDIS_REQUIRE_PASS=false
 REDIS_PASSWORD=""
 
 [dns]
@@ -231,15 +248,15 @@ SENDER_DOMAIN="example.com"
 INSTALL_CERTBOT=true
 
 [firewall]
-INSTALL_FW=true
+INSTALL_FW=false
 
 # Firewall configurator engine
 # available engine: ufw | csf | apf
 # UFW is default Ubuntu firewall configurator.
 FW_ENGINE="ufw"
 
 [fail2ban]
-INSTALL_FAIL2BAN=true
+INSTALL_FAIL2BAN=false
 
 # Available installer: repo | source.
 FAIL2BAN_INSTALLER="source"

README.md

@@ -2,7 +2,7 @@
 
 LEMPer stands for Linux, Engine-X (Nginx), MariaDB and PHP installer written in Bash script. This is just a small tool set (a bunch collection of scripts) that usually I use to deploy and manage LEMP stack on Debian/Ubuntu. LEMPer is _CloudWays_, _Ploi_, _RunCloud_, and _ServerPilot_ free alternative crafted to support wide-range PHP framework (not only WordPress).
 
-[![Build Status](https://travis-ci.org/joglomedia/LEMPer.svg?branch=2.0.x)](https://travis-ci.org/joglomedia/LEMPer)
+[![Build Status](https://api.travis-ci.com/joglomedia/LEMPer.svg?branch=2.0.x)](https://travis-ci.com/github/joglomedia/LEMPer)
 
 ## Features
 

etc/nginx/includes/ssl.conf

@@ -55,4 +55,4 @@ resolver_timeout 5s;
 # This header tells browsers to cache the certificate for a year and to connect exclusively via HTTPS.
 #add_header Strict-Transport-Security "max-age=31536000;" always;
 # This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS
-add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload;" preload;
+add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload;";

install.sh

@@ -73,9 +73,11 @@ if [ -f scripts/cleanup_server.sh ]; then
  . ./scripts/cleanup_server.sh
 fi
 
-### Check and enable swap ###
-echo ""
-enable_swap
+### Create and enable swap ###
+if "${ENABLE_SWAP}"; then
+ echo ""
+ enable_swap
+fi
 
 ### Create default account ###
 echo ""
@@ -96,6 +98,7 @@ fi
 ### PHP installation ###
 if [ -f scripts/install_php.sh ]; then
  echo ""
+ DEFAULT_PHP_VERSION="7.4"
  . ./scripts/install_php.sh
 fi
 

remove.sh

@@ -69,6 +69,7 @@ fi
 ### Remove PHP & FPM ###
 if [ -f scripts/remove_php.sh ]; then
  echo ""
+ DEFAULT_PHP_VERSION="7.4"
  . ./scripts/remove_php.sh
 fi
 
@@ -126,7 +127,7 @@ read -rp "Remove default LEMPer account? [y/n]: " -i y -e REMOVE_ACCOUNT
 fi
 if [[ "${REMOVE_ACCOUNT}" == Y* || "${REMOVE_ACCOUNT}" == y* || "${FORCE_REMOVE}" == true ]]; then
  if [ "$(type -t delete_account)" == "function" ]; then
-delete_account "lemper"
+ delete_account "${LEMPER_USERNAME}"
  fi
 fi
 
@@ -137,12 +138,12 @@ if "${AUTO_REMOVE}"; then
  REMOVE_SWAP="y"
 else
  while [[ "${REMOVE_SWAP}" != "y" && "${REMOVE_SWAP}" != "n" ]]; do
-read -rp "Remove created Swap? [y/n]: " -i y -e REMOVE_SWAP
+read -rp "Remove created Swap? [y/n]: " -e REMOVE_SWAP
  done
 fi
 if [[ "${REMOVE_SWAP}" == Y* || "${REMOVE_SWAP}" == y* || "${FORCE_REMOVE}" == true ]]; then
  if [ "$(type -t remove_swap)" == "function" ]; then
-remove_swap
+ remove_swap
  fi
 fi
 

scripts/cleanup_server.sh

@@ -27,8 +27,14 @@ requires_root
 echo "Cleaning up server..."
 
 # Fix broken install, first?
-run dpkg --configure -a
-run apt install -qq -y --fix-broken
+if "${FIX_BROKEN}"; then
+ echo "Trying to fix broken packages"
+ [ -f /var/lib/dpkg/lock ] && run rm /var/lib/dpkg/lock
+ [ -f /var/lib/dpkg/lock-frontend ] && run rm /var/lib/dpkg/lock-frontend
+ [ -f /var/cache/apt/archives/lock ] && run rm /var/cache/apt/archives/lock
+ run dpkg --configure -a
+ run apt install -qq -y --fix-broken
+fi
 
 # Remove Apache2 service if exists.
 if [[ -n $(command -v apache2) || -n $(command -v httpd) ]]; then

scripts/helper.sh

@@ -82,7 +82,7 @@ function info() {
 
 # Run command
 function run() {
- if "$DRYRUN"; then
+ if "${DRYRUN}"; then
  echo_color "${YELLOW}" -n "would run "
  echo "$@"
  else
@@ -463,7 +463,7 @@ function verify_prerequisites() {
 function get_ram_size() {
  local RAM_SIZE
 
- # RAM size in MB
+ # Calculate RAM size in MB.
  RAM_SIZE=$(dmidecode -t 17 | awk '( /Size/ && $2 ~ /^[0-9]+$/ ) { x+=$2 } END{ print x}')
 
  echo "${RAM_SIZE}"
@@ -478,12 +478,12 @@ function create_swap() {
  if [[ ${RAM_SIZE} -le 2048 ]]; then
  # If machine RAM less than / equal 2GiB, set swap to 2x of RAM size.
  local SWAP_SIZE=$((RAM_SIZE * 2))
- elif [[ ${RAM_SIZE} -gt 2048 && ${RAM_SIZE} -le 8192 ]]; then
- # If machine RAM less than / equal 8GiB and greater than 2GiB, set swap equal to RAM size.
- local SWAP_SIZE="${RAM_SIZE}"
+ elif [[ ${RAM_SIZE} -gt 2048 && ${RAM_SIZE} -le 32768 ]]; then
+ # If machine RAM less than / equal 8GiB and greater than 2GiB, set swap equal to RAM size + 1x.
+ local SWAP_SIZE=$((4096 + (RAM_SIZE - 2048)))
  else
- # Otherwise, set swap to max of 8GiB.
- local SWAP_SIZE=8192
+ # Otherwise, set swap to max of the physical / allocated memory.
+ local SWAP_SIZE="${RAM_SIZE}"
  fi
 
  echo "Creating ${SWAP_SIZE}MiB swap..."
@@ -579,7 +579,7 @@ function create_account() {
  run chmod 0600 /srv/.htpasswd
  run chown www-data:www-data /srv/.htpasswd
 
- # Generate passhword hash.
+ # Generate password hash.
  if [[ -n $(command -v mkpasswd) ]]; then
  PASSWORD_HASH=$(mkpasswd --method=sha-256 "${PASSWORD}")
  run sed -i "/^${USERNAME}:/d" /srv/.htpasswd
@@ -720,7 +720,7 @@ function footer_msg() {
 # If useful, don't forget to buy me a cup of coffee or milk :D #
 # My PayPal is always open for donation, here https://paypal.me/masedi #
 # #
-#  (c) 2014-2019 / ESLabs.ID / https://eslabs.id/lemper  #
+# (c) 2014-2021 | MasEDI.Net | https://masedi.net/lemper #
 #==========================================================================#
 _EOF_
 }

scripts/install_certbotle.sh

@@ -53,9 +53,16 @@ function init_certbotle_install() {
  esac
  ;;
  ubuntu)
- run add-apt-repository -y ppa:certbot/certbot
- run apt update -qq -y
- run apt install -qq -y certbot
+ case "${RELEASE_NAME}" in
+ focal)
+ run apt install -qq -y certbot
+ ;;
+ *)
+ run add-apt-repository -y ppa:certbot/certbot
+ run apt update -qq -y
+ run apt install -qq -y certbot
+ ;;
+ esac
  ;;
  esac
 

scripts/install_dependencies.sh

@@ -24,17 +24,19 @@ if hash apt 2>/dev/null; then
  run dpkg-reconfigure locales
 
  # Update repositories.
- echo "Updating repository, please wait..."
+ echo -e "\nUpdating repository, please wait..."
  run apt update -qq -y && \
  run apt upgrade -qq -y
 
  # Install dependencies.
  echo -e "\nInstalling pre-requisites/dependencies package..."
- install_dependencies "apt install -qq -y" debian_is_installed \
- apt-transport-https apt-utils apache2-utils autoconf automake bash build-essential ca-certificates cmake cron \
- curl dnsutils gcc geoip-bin geoip-database git gnupg2 htop iptables libc6-dev libcurl4-openssl-dev libgd-dev libgeoip-dev \
- libssl-dev libxml2-dev libpcre3-dev libtool libxslt1-dev lsb-release make openssh-server openssl pkg-config \
- python python3 re2c rsync software-properties-common sasl2-bin snmp sudo sysstat tar tzdata unzip wget whois zlib1g-dev
+ run apt install -qq -y \
+ apt-transport-https apt-utils apache2-utils autoconf automake bash build-essential \
+ ca-certificates cmake cron curl dmidecode dnsutils gcc geoip-bin geoip-database git \
+ gnupg2 htop iptables libc6-dev libcurl4-openssl-dev libgd-dev libgeoip-dev libssl-dev \
+ libxml2-dev libpcre3-dev libtool libxslt1-dev lsb-release make openssh-server openssl \
+ pkg-config python python3 re2c rsync software-properties-common sasl2-bin snmp sudo \
+ sysstat tar tzdata unzip wget whois zlib1g-dev
 
  # Configure server clock.
  echo -e "\nReconfigure server clock..."

scripts/install_imagemagick.sh

@@ -86,19 +86,19 @@ function init_imagemagick_install() {
 
  if "${AUTO_INSTALL}"; then
  if [[ -z "${PHP_IMAGEMAGICK_INSTALLER}" || "${PHP_IMAGEMAGICK_INSTALLER}" == "none" ]]; then
- INSTALL_IMAGEMAGICK="n"
+ DO_INSTALL_IMAGEMAGICK="n"
  else
- INSTALL_IMAGEMAGICK="y"
+ DO_INSTALL_IMAGEMAGICK="y"
  SELECTED_INSTALLER=${PHP_IMAGEMAGICK_INSTALLER}
  fi
  else
- while [[ "${INSTALL_IMAGEMAGICK}" != "y" && "${INSTALL_IMAGEMAGICK}" != "n" ]]; do
- read -rp "Do you want to install ImageMagick library? [y/n]: " -i y -e INSTALL_IMAGEMAGICK
+ while [[ "${DO_INSTALL_IMAGEMAGICK}" != "y" && "${DO_INSTALL_IMAGEMAGICK}" != "n" ]]; do
+ read -rp "Do you want to install ImageMagick library? [y/n]: " -i y -e DO_INSTALL_IMAGEMAGICK
  done
  echo ""
  fi
 
- if [[ "${INSTALL_IMAGEMAGICK}" == Y* || "${INSTALL_IMAGEMAGICK}" == y* ]]; then
+ if [[ ${DO_INSTALL_IMAGEMAGICK} == y* && ${INSTALL_PHP_IMAGEMAGICK} == true ]]; then
  echo "Available ImageMagick installation method:"
  echo " 1). Install from Repository (repo)"
  echo " 2). Compile from Source (source)"