Setting up LAMP on Centos 6.3 with SuExec and FastCGI for performance

Use this script to help create a LAMP server with FastCGI, SuExec and a simple script to setup WordPress Virtual hosts.

# TNWebServer Updated for CentOS 6.3

# SETUP
# ~~~~~
echo $'#\x21/bin/sh' > /etc/profile.d/x.sh
echo "PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" >> /etc/profile.d/x.sh
chmod 755 /etc/profile.d/x.sh

# Install EPEL
rpm -Uvh http://mirror.pnl.gov/epel/6/i386/epel-release-6-7.noarch.rpm

# Install prereqs
yum install httpd httpd-devel php-mysql mysql-server php gcc php-mbstring 

cd
mkdir build
cd build

# FastCGI
# ~~~~~~~
wget http://www.fastcgi.com/dist/mod_fastcgi-current.tar.gz
tar -zxvf mod_fastcgi-current.tar.gz
cd mod_fastcgi*

cp Makefile.AP2 Makefile

make top_dir=/usr/lib64/httpd
make install top_dir=/usr/lib64/httpd

echo "LoadModule fastcgi_module modules/mod_fastcgi.so" > /etc/httpd/conf.d/00-FastCGI.conf
echo "DirectoryIndex index.php default.php" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "  AddHandler fastcgi-script .fcgi" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "  FastCgiWrapper /usr/sbin/suexec" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "  FastCgiIpcDir fcgi/" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "  FastCgiConfig -singleThreshold 1 -autoUpdate -idle-timeout 240 -pass-header HTTP_AUTHORIZATION" >> /etc/httpd/conf.d/00-FastCGI.conf
echo "" >> /etc/httpd/conf.d/00-FastCGI.conf

echo "#Disabled" > /etc/httpd/conf.d/php.conf

# turn on vhosting
echo "NameVirtualHost *:80" > /etc/httpd/conf.d/01-EnableVirtualHost.conf
echo "Include conf.d/hosts/*" >> /etc/httpd/conf.d/01-EnableVirtualHost.conf

chmod 755 /usr/sbin/suexec
chmod +s /usr/sbin/suexec

mkdir /etc/httpd/fcgi
mkdir /etc/httpd/fcgi/dynamic
mkdir /etc/httpd/conf.d/hosts
chmod 777 /etc/httpd/fcgi -R

# Switch to worker mode
echo "HTTPD=/usr/sbin/httpd.worker" >> /etc/sysconfig/httpd


# Create the skeleton
cd /opt
mkdir skel
mkdir skel/logs
mkdir skel/homepage
mkdir skel/cgi-bin
echo $'#\x21/bin/sh' > skel/cgi-bin/php.fcgi
echo "PHP_CGI=/usr/bin/php-cgi" >> skel/cgi-bin/php.fcgi
echo "PHP_FCGI_CHILDREN=2" >> skel/cgi-bin/php.fcgi
echo "PHP_FCGI_MAX_REQUESTS=1000" >> skel/cgi-bin/php.fcgi
echo "### no editing below ###" >> skel/cgi-bin/php.fcgi
echo "export PHP_FCGI_CHILDREN" >> skel/cgi-bin/php.fcgi
echo "export PHP_FCGI_MAX_REQUESTS" >> skel/cgi-bin/php.fcgi
echo "exec \$PHP_CGI" >> skel/cgi-bin/php.fcgi

chmod 755 skel/cgi-bin/php.fcgi


# Vhost template
echo "" > /etc/httpd/conf.d/template
echo "        ServerAdmin webmaster@DOMAIN" >> /etc/httpd/conf.d/template
echo "        ServerName DOMAIN" >> /etc/httpd/conf.d/template
echo "        ServerAlias *.DOMAIN" >> /etc/httpd/conf.d/template
echo "        DocumentRoot /var/www/USER/homepage" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        SuexecUserGroup USER USER" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "                Options FollowSymLinks" >> /etc/httpd/conf.d/template
echo "                AllowOverride None" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "                Options -Indexes FollowSymLinks -MultiViews" >> /etc/httpd/conf.d/template
echo "                AllowOverride all" >> /etc/httpd/conf.d/template
echo "                Order allow,deny" >> /etc/httpd/conf.d/template
echo "                Allow from all" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        ScriptAlias /cgi-bin/ /var/www/USER/cgi-bin/" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "                AllowOverride None" >> /etc/httpd/conf.d/template
echo "                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch" >> /etc/httpd/conf.d/template
echo "                Order allow,deny" >> /etc/httpd/conf.d/template
echo "                Allow from all" >> /etc/httpd/conf.d/template
echo "        " >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        AddHandler php-fastcgi .php" >> /etc/httpd/conf.d/template
echo "        AddType application/x-httpd-php .php" >> /etc/httpd/conf.d/template
echo "        DirectoryIndex index.html index.php" >> /etc/httpd/conf.d/template
echo "        Action php-fastcgi /cgi-bin/php.fcgi" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo "        ServerSignature On" >> /etc/httpd/conf.d/template
echo "        ErrorLog logs/USER/error.log" >> /etc/httpd/conf.d/template
echo "        CustomLog logs/USER/access.log combined" >> /etc/httpd/conf.d/template
echo "        # Uncomment for Dedicated server" >> /etc/httpd/conf.d/template
echo "        # FastCgiServer /var/www/USER/cgi-bin/php.fcgi -user USER -group USER" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template

# create a shortcut script to create webs
# usage: createweb username domainname.tld
echo $'#\x21/bin/sh' > /usr/sbin/createweb
echo "if [ \$# -ne 3 ]" >> /usr/sbin/createweb
echo "then" >> /usr/sbin/createweb
echo "  echo Usage: createweb {username} {websitedomainname} {password}" >> /usr/sbin/createweb
echo "  echo Example: createweb somedomainuser somedomain.com password" >> /usr/sbin/createweb
echo "  exit 1" >> /usr/sbin/createweb
echo "fi" >> /usr/sbin/createweb
echo "useradd -b /var/www -d /var/www/\$1 -m -k /opt/skel -s /bin/false \$1" >> /usr/sbin/createweb
echo "chmod 755 /var/www/\$1" >> /usr/sbin/createweb
echo "chmod 755 /var/www/\$1/cgi-bin/php.fcgi" >> /usr/sbin/createweb
echo "ln -s /var/www/\$1/logs /var/log/httpd/\$1" >> /usr/sbin/createweb
echo "cp /etc/httpd/conf.d/template /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "replace DOMAIN \$2 -- /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "replace USER \$1 -- /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "echo \"\$3\" | passwd --stdin \$1" >> /usr/sbin/createweb
echo "chown root.root /var/www/\$1" >> /usr/sbin/createweb
echo "echo \"CREATE DATABASE \$1;\" | mysql" >> /usr/sbin/createweb
echo "echo \"GRANT ALL PRIVILEGES ON \$1.* to \$1@localhost identified by '\$3';\" | mysql" >> /usr/sbin/createweb
chmod 700 /usr/sbin/createweb

# chroot jail ssh
cd /etc/ssh

echo "Port 24" > sshd_config24
echo "Protocol 2" >> sshd_config24
echo "SyslogFacility AUTHPRIV" >> sshd_config24
echo "PermitRootLogin no" >> sshd_config24
echo "PasswordAuthentication yes" >> sshd_config24
echo "GSSAPIAuthentication yes" >> sshd_config24
echo "GSSAPICleanupCredentials yes" >> sshd_config24
echo "UsePAM yes" >> sshd_config24
echo "AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES" >> sshd_config24
echo "AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT" >> sshd_config24
echo "AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE" >> sshd_config24
echo "AcceptEnv XMODIFIERS" >> sshd_config24
echo "X11Forwarding yes" >> sshd_config24
echo "ChrootDirectory /var/www/%u" >> sshd_config24
echo "Subsystem       sftp    internal-sftp" >> sshd_config24

# Startup on reboot
echo "/usr/sbin/sshd -f /etc/ssh/sshd_config24" >> /etc/rc.d/rc.local

# Start Now
/usr/sbin/sshd -f /etc/ssh/sshd_config24

chkconfig httpd on

# MYSQL
# ~~~~~
chkconfig mysqld on
/etc/init.d/mysqld start
/usr/bin/mysql_secure_installation

# store the root password into a my.cnf file
echo "[client]" > ~/.my.cnf
echo "password=MYSQLPASSWORD" > ~/.my.cnf
chmod 600 ~/.my.cnf

# Script to auto install Word Press
# ~~~~~
echo $'#\x21/bin/sh' > /usr/sbin/installwp
echo "if [ \$# -ne 2 ]" >> /usr/sbin/installwp
echo "then" >> /usr/sbin/installwp
echo "  echo Usage: installwp {username} {version}" >> /usr/sbin/installwp
echo "  echo Example: installwp test 3.4.2" >> /usr/sbin/installwp
echo "  exit 1" >> /usr/sbin/installwp
echo "fi" >> /usr/sbin/installwp
echo "" >> /usr/sbin/installwp
echo "cd /var/www/\$1/homepage" >> /usr/sbin/installwp
echo "svn co http://core.svn.wordpress.org/tags/\$2 ." >> /usr/sbin/installwp
echo "chown \$1.\$1 /var/www/\$1/homepage -R" >> /usr/sbin/installwp

chmod 700 /usr/sbin/installwp

Leave a Reply

Your email address will not be published. Required fields are marked *

*