#!/bin/bash numargs=$# SHOWHEADER=0 if [ $numargs -eq 0 ]; then SHOWHEADER=1 fi if [ $numargs -eq 1 ] && [ "$1" = "q" ]; then SHOWHEADER=1 fi source /etc/profile PATH=$PATH:/usr/local/vesta/bin && export PATH if [ $SHOWHEADER -eq 1 ]; then echo "======================= mvVesta-commander ================================" fi if [ -f /root/kernelupdate ]; then rm /root/kernelupdate fi apt_updated=0 apt_upgraded=0 quit_on_empty=0 if [ $SHOWHEADER -eq 1 ]; then hostname if [ -f "/root/current-status.txt" ]; then echo "------------------ WAS LONG TIME AGO ------------------" cat /root/current-status.txt truncate -s 0 /root/current-status.txt fi echo -n 'Debian ' >> /root/current-status.txt && cat /etc/debian_version >> /root/current-status.txt php -v | grep '^PHP' >> /root/current-status.txt /usr/local/vesta/bin/v-list-sys-services >> /root/current-status.txt /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:" >> /root/current-status.txt w | grep 'load average' >> /root/current-status.txt df -h | grep "/$" >> /root/current-status.txt echo "------------------------ NOW ------------------------" cat /root/current-status.txt echo "-----------------------------------------------------" echo "(press 'h' for help)" echo "" fi check_status() { echo "==============================================================" hostname echo "------------------------ WAS ------------------------" cat /root/current-status.txt echo "------------------------ NOW ------------------------" hostname echo -n 'Debian ' && cat /etc/debian_version php -v | grep '^PHP' /usr/local/vesta/bin/v-list-sys-services /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:" w | grep 'load average' df -h | grep "/$" echo "-----------------------------------------------------" } myhelp() { echo "---------- Press: -----------" echo "a = Activate Email rate limit" echo "b = bash" echo "c = check status" echo "d = df -h" echo "e = make sure Apache is in mpm_event" echo "f = free -h" echo "g = apt-get upgrade" echo "h = help" echo "m = install php-memcached" echo "p = set version of php as default" echo "q = quit" echo "r = reboot" echo "s = download sury.org apt-get key" echo "t = clean the trash" echo "u = apt-get update" echo "v = update myVesta" echo "vo = update myVesta without 'apt-get update'" echo "w = w" echo "-----------------------------" echo "inst v = install myVesta" echo "inst p = install multi-php" echo "inst pgw = install php-gate" echo "inst r = install new Roundcube" echo "inst memcached = install memcached" echo "inst redis = install Redis" echo "inst nginx-rate-limit = install nginx-rate-limit templates" echo "dis fb = stop and disable fail2ban" echo "dis dove = stop and disable dovecot" echo "dis spam = stop and disable spamassassin" echo "dis clam = stop and disable ClamAV" echo "p 7.0 = set default php 7.0" echo "p 7.3 = set default php 7.3" echo "p 7.4 = set default php 7.4" echo "p def = set proper default php" echo "e def = set mpm_event if needed" echo "m def = install php-memcached if needed" echo "check fc = check if FreshClam is up" echo "-----------------------------" echo "enable-ssh-root-password-login = Allow root password authentication via SSH" echo "id_rsa = generate id_rsa and id_rsa.pub if it does not exist and show id_rsa.pub" echo "-----------------------------" } apt_update() { echo "=============================" echo "== running: apt-get update" release=$(cat /etc/debian_version | tr "." "\n" | head -n1) if [ "$release" -lt 10 ]; then apt-get update else apt-get update --allow-releaseinfo-change fi apt_updated=1 } COUNTER=0 HAS_PARAMETERS=0 while true do COUNTER=$((COUNTER + 1)) if [ $COUNTER -le $numargs ]; then HAS_PARAMETERS=1 answer=$1 shift else if [ $HAS_PARAMETERS -eq 1 ]; then exit; fi read -p 'What to do: ' answer fi if [ "$answer" = 'prompt' ] || [ "$answer" = 'PROMPT' ]; then echo "=============================" echo "hostname: $HOSTNAME" read -p 'What to do [or press Enter to continue]: ' answer fi if [ "$answer" = '' ] && [ $quit_on_empty -eq 1 ]; then answer='q' fi if [ "$answer" = 'quit-on-empty' ]; then echo "== the script will quit on next enter" quit_on_empty=1 HAS_PARAMETERS=0 fi if [ "$answer" = 'a' ] || [ "$answer" = 'A' ]; then mv /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template-backup cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template /etc/exim4/exim4.conf.template touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour touch /etc/exim4/limit_per_email_account_max_recipients touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour touch /etc/exim4/limit_per_hosting_account_max_recipients check_grep=$(grep -c '#SPAMASSASSIN' /etc/exim4/exim4.conf.template-backup) if [ "$check_grep" -eq 0 ]; then sed -i "s|#SPAMASSASSIN|SPAMASSASSIN|g" /etc/exim4/exim4.conf.template fi check_grep=$(grep -c '#SPAM_SCORE' /etc/exim4/exim4.conf.template-backup) if [ "$check_grep" -eq 0 ]; then sed -i "s|#SPAM_SCORE|SPAM_SCORE|g" /etc/exim4/exim4.conf.template fi check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template-backup) if [ "$check_grep" -eq 0 ]; then sed -i "s|#CLAMD|CLAMD|g" /etc/exim4/exim4.conf.template fi systemctl restart exim4 echo "Email rate limit activated." fi if [ "$answer" = 'u' ] || [ "$answer" = 'U' ]; then apt_update fi if [ "$answer" = 'g' ] || [ "$answer" = 'G' ]; then echo "=============================" echo "== running: apt-get upgrade" if [ $apt_upgraded -eq 0 ]; then cp /var/log/apt/history.log /var/log/apt/history-`date +"%Y%m%d%H%M%S"`.log truncate -s 0 /var/log/apt/history.log fi apt-get -y --with-new-pkgs upgrade apt-get -y dist-upgrade apt_upgraded=1 kernelupdate=$(grep -c 'linux-image-' /var/log/apt/history.log) if [ $kernelupdate -gt 0 ]; then touch /root/kernelupdate echo "== kernel is updated" else echo "== kernel is not updated" fi fi if [ "$answer" = 'c' ] || [ "$answer" = 'C' ]; then check_status fi if [ "$answer" = 's' ] || [ "$answer" = 'S' ]; then if [ -f "/etc/apt/trusted.gpg.d/php.gpg" ]; then echo "=============================" echo "== renewing sury.org gpg key" wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg fi fi if [ "$answer" = 'e def' ] || [ "$answer" = 'E DEF' ]; then release=$(cat /etc/debian_version | tr "." "\n" | head -n1) echo "=============================" echo "== checking if we need mpm_event mode" echo "== detected Debian $release" if [ "$release" -eq 10 ] || [ "$release" -eq 11 ] || [ -f "/root/switch-apache-to-event-mode.sh" ]; then isevent=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event") if [ $isevent -eq 0 ]; then echo "== Apache should be switched to mpm_event mode" answer='e' else echo "== Apache is already in mpm_event mode" fi fi fi if [ "$answer" = 'e' ] || [ "$answer" = 'E' ]; then echo "=============================" echo "== switching to mpm_event mode" apt-get -y remove libapache2-mod-php* a2dismod ruid2 a2dismod suexec a2dismod php5.6 a2dismod php7.0 a2dismod php7.1 a2dismod php7.2 a2dismod php7.3 a2dismod php7.4 a2dismod php8.0 a2dismod php8.1 a2dismod php8.2 a2dismod mpm_prefork a2enmod mpm_event systemctl restart apache2 fi if [ "$answer" = 'dis fb' ] || [ "$answer" = 'DIS FB' ]; then echo "=============================" echo "== disabling fail2ban" systemctl stop fail2ban systemctl disable fail2ban systemctl status fail2ban fi if [ "$answer" = 'dis dove' ] || [ "$answer" = 'DIS DOVE' ]; then echo "=============================" echo "== disabling dovecot" systemctl stop dovecot.service systemctl stop dovecot.socket systemctl disable dovecot.service fi if [ "$answer" = 'dis clam' ] || [ "$answer" = 'DIS CLAM' ]; then echo "=============================" echo "== disabling ClamAV" systemctl stop clamav-daemon.service systemctl disable clamav-daemon.service systemctl stop clamav-freshclam.service systemctl disable clamav-freshclam.service sed -i "s/^CLAMD =/#CLAMD =/g" /etc/exim4/exim4.conf.template systemctl restart exim4 fi if [ "$answer" = 'dis spam' ] || [ "$answer" = 'DIS SPAM' ]; then echo "=============================" echo "== disabling SpamAssassin" release=$(cat /etc/debian_version | tr "." "\n" | head -n1) if [ "$release" -lt 12 ]; then systemctl stop spamassassin.service systemctl disable spamassassin.service else systemctl stop spamd.service systemctl disable spamd.service fi sed -i "s/^SPAMASSASSIN =/#SPAMASSASSIN =/g" /etc/exim4/exim4.conf.template sed -i "s/^SPAM_SCORE =/#SPAM_SCORE =/g" /etc/exim4/exim4.conf.template systemctl restart exim4 fi if [ "$answer" = 'p' ] || [ "$answer" = 'P' ]; then echo "=============================" echo "== changing default php version" update-alternatives --config php echo "--- NEW ---" php -v | grep '^PHP' fi if [ "$answer" = 'p 7.0' ] || [ "$answer" = 'P 7.0' ]; then echo "=============================" echo "== changing default php version to 7.0" update-alternatives --set php /usr/bin/php7.0 echo "--- NEW ---" php -v | grep '^PHP' fi if [ "$answer" = 'p 7.3' ] || [ "$answer" = 'P 7.3' ]; then echo "=============================" echo "== changing default php version to 7.3" update-alternatives --set php /usr/bin/php7.3 echo "--- NEW ---" php -v | grep '^PHP' fi if [ "$answer" = 'p 7.4' ] || [ "$answer" = 'P 7.4' ]; then echo "=============================" echo "== changing default php version to 7.4" update-alternatives --set php /usr/bin/php7.4 echo "--- NEW ---" php -v | grep '^PHP' fi if [ "$answer" = 'p def' ] || [ "$answer" = 'P DEF' ]; then echo "=============================" echo "== checking if we need to change default php version" automode=$(update-alternatives --display php | grep -c 'auto mode') echo "=============================" if [ $automode -ge 1 ]; then echo "=== php auto mode detected" release=$(cat /etc/debian_version | tr "." "\n" | head -n1) echo "== detected Debian $release" if [ "$release" -eq 8 ]; then echo "== set default php 5" update-alternatives --set php /usr/bin/php5 fi if [ "$release" -eq 9 ]; then echo "== set default php 7.0" update-alternatives --set php /usr/bin/php7.0 fi if [ "$release" -eq 10 ]; then echo "== set default php 7.3" update-alternatives --set php /usr/bin/php7.3 fi if [ "$release" -eq 11 ]; then echo "== set default php 7.4" update-alternatives --set php /usr/bin/php7.4 fi echo "--- NEW ---" php -v | grep '^PHP' else echo "== php is already in manual mode" php -v | grep '^PHP' fi fi if [ "$answer" = 'v' ] || [ "$answer" = 'V' ]; then echo "=============================" echo "== updating myVesta" if [ -f "/usr/local/vesta/bin/v-update-myvesta" ]; then /usr/local/vesta/bin/v-update-myvesta else number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l) if [ $number_of_files -gt 0 ]; then rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1 fi apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" > /usr/local/vesta/log/update-$package.log 2>&1 apt-get install --reinstall vesta fi fi if [ "$answer" = 'vo' ] || [ "$answer" = 'VO' ]; then echo "=============================" echo "== updating myVesta (without 'apt-get update')" number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l) if [ $number_of_files -gt 0 ]; then rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1 fi apt-get install --reinstall vesta fi if [ "$answer" = 'vor' ] || [ "$answer" = 'VOR' ]; then echo "=============================" echo "== updating myVesta (without apt-get update and without reinstall)" number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l) if [ $number_of_files -gt 0 ]; then rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1 fi apt-get install vesta fi if [ "$answer" = 't' ] || [ "$answer" = 'T' ]; then echo "=============================" echo "== cleaning trash" df -m echo "------" ps -Af | grep tailf | grep -v "grep tailf" echo "------" /usr/local/vesta/bin/v-clean-garbage echo "--------------" df -m echo "--------------" ps -Af | grep tailf | grep -v "grep tailf" fi if [ "$answer" = 'm def' ] || [ "$answer" = 'M DEF' ]; then phpupdate=$(grep -c 'php' /var/log/apt/history.log) if [ $phpupdate -gt 0 ]; then answer='m' fi fi if [ "$answer" = 'm' ] || [ "$answer" = 'M' ]; then echo "=============================" echo "== installing php-memcache modules" apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ") apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ") fi if [ "$answer" = 'd' ] || [ "$answer" = 'D' ]; then echo "=============================" echo "== running: df -h" df -h fi if [ "$answer" = 'f' ] || [ "$answer" = 'F' ]; then echo "=============================" echo "== running: free -h" free -h fi if [ "$answer" = 'w' ] || [ "$answer" = 'W' ]; then echo "== running: free -h" w fi if [ "$answer" = 'inst p' ] || [ "$answer" = 'INST P' ]; then echo "=============================" echo "== installing new PHP versions" cd /root wget -nv -O /root/vesta-inst-php.sh https://c.myvestacp.com/tools/multi-php-install.sh chmod u+x ./vesta-inst-php.sh mcedit ./vesta-inst-php.sh sudo ./vesta-inst-php.sh fi if [ "$answer" = 'inst pgw' ] || [ "$answer" = 'INST PGW' ]; then echo "=============================" echo "== Installing phpgate" wget -nv http://dl.myvestacp.com/vesta/install-phpgate.sh -O /root/install-phpgate.sh chmod u+x /root/install-phpgate.sh /root/install-phpgate.sh fi if [ "$answer" = 'inst memcache' ] || [ "$answer" = 'inst memcached' ] || [ "$answer" = 'INST MEMCACHE' ] || [ "$answer" = 'INST MEMCACHED' ]; then echo "=============================" echo "== Installing memcached" memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) apt-get update apt-get -y install memcached apt-get -y install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ") apt-get -y install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ") if [ $memory -lt 15000000 ]; then sed -i "s/-m 64/-m 256/" /etc/memcached.conf else sed -i "s/-m 64/-m 1024/" /etc/memcached.conf fi systemctl restart memcached echo "== memcached installed." echo "-----------------------" fi if [ "$answer" = 'inst redis' ] || [ "$answer" = 'INST REDIS' ]; then echo "=============================" echo "== Installing Redis" memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) apt-get update apt-get install -y redis-server apt-get install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-redis ") sed -i "s|^supervised no|supervised systemd|g" /etc/redis/redis.conf sed -i "s|^save |# save |g" /etc/redis/redis.conf sed -i 's|^# save ""|save ""|g' /etc/redis/redis.conf if [ $memory -lt 15000000 ]; then sed -i "s|^# maxmemory .*|maxmemory 256m|g" /etc/redis/redis.conf else sed -i "s|^# maxmemory .*|maxmemory 1g|g" /etc/redis/redis.conf fi sed -i "s|^# maxmemory-policy .*|maxmemory-policy allkeys-lru|g" /etc/redis/redis.conf systemctl restart redis redis-cli info memory echo "== Redis installed." echo "-------------------" fi if [ "$answer" = 'inst nginx-rate-limit' ] || [ "$answer" = 'INST NGINX-RATE-LIMIT' ]; then echo "=============================" echo "== Installing inst nginx-rate-limit templates" curl -O https://c.myvestacp.com/tools/rate-limit-tpl/install_rate_limit_tpl.sh bash install_rate_limit_tpl.sh echo "== nginx-rate-limit templates installed." echo "-------------------" fi if [ "$answer" = 'check fc' ] || [ "$answer" = 'CHECK FC' ]; then echo "== Checking if FreshClam is up" clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running') freshclamdown=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-freshclam' | grep -c 'off') if [ $clamavup -eq 1 ] && [ $freshclamdown -eq 1 ]; then echo "== Starting FreshClam" systemctl enable clamav-freshclam.service systemctl start clamav-freshclam.service fi fi if [ "$answer" = 'enable-ssh-root-password-login' ] || [ "$answer" = 'ENABLE-SSH-ROOT-PASSWORD-LOGIN' ]; then sed -i "s|^PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config sed -i "s|^#PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config systemctl restart sshd echo "--- New settings ---" grep '^PermitRoot' /etc/ssh/sshd_config echo "--------------------" echo "Port 22 opened in Firewall for all IP addresses." /usr/local/vesta/bin/v-unsuspend-firewall-rule "11" echo "--------------------" echo "Type 'passwd' in the terminal to set the root password." echo "--------------------" fi if [ "$answer" = 'r' ] || [ "$answer" = 'R' ]; then echo "=============================" echo "== Rebooting the server" reboot fi if [ "$answer" = 'b' ] || [ "$answer" = 'B' ]; then echo "=============================" echo "== Running bash" bash fi if [ "$answer" = 'q' ] || [ "$answer" = 'Q' ]; then echo "=============================" echo "== Exiting... bye bye :)" exit 0 fi if [ "$answer" = 'h' ] || [ "$answer" = 'H' ]; then myhelp fi if [ "$answer" = 'inst v' ] || [ "$answer" = 'INST V' ]; then echo "=============================" echo "== installing myVesta" release=$(cat /etc/debian_version | tr "." "\n" | head -n1) if [ "$release" -lt 10 ]; then apt-get update else apt-get update --allow-releaseinfo-change fi apt-get -y --with-new-pkgs upgrade && apt-get -y dist-upgrade apt-get -y install curl wget mc git sudo dnsutils screen cd ~ curl -O http://c.myvestacp.com/vst-install-debian.sh sudo bash vst-install-debian.sh source /etc/profile PATH=$PATH:/usr/local/vesta/bin && export PATH fi if [ "$answer" = 'inst r' ] || [ "$answer" = 'INST R' ]; then echo "=============================" echo "== Installing new Roundcube" wget -nv https://c.myvestacp.com/tools/install-new-roundcube.sh -O /root/install-new-roundcube.sh chmod u+x /root/install-new-roundcube.sh mcedit /root/install-new-roundcube.sh /root/install-new-roundcube.sh fi if [ "$answer" = 'id_rsa' ] || [ "$answer" = 'ID_RSA' ]; then if [ ! -f "/root/.ssh/id_rsa.pub" ]; then ssh-keygen -q -t rsa -N '' -C "$HOSTNAME" -b 4096 -f /root/.ssh/id_rsa 2>/dev/null <<< y >/dev/null fi echo "=== YOUR id_rsa.pub IS BELOW ===" cat /root/.ssh/id_rsa.pub echo "======" fi done