#!/bin/bash

PUSHD=`pwd`
BASEURL=https://ukr.pw

# Random TCP port for php-fpm
PORT=$(($RANDOM+9000))

# Interface to the Internet - i.e. the one default gateway is reachable throug
IF=`ip route show | grep default | cut -d' ' -f 5`
# IP address of the Internet interface, will be used as a hostname
#IP=`ifconfig $IF | grep "inet addr" | cut -d':' -f 2 | cut -d' ' -f 1`
IP=`ip addr show | grep $IF | grep inet | awk '{ print $2 }' | cut -d'/' -f 1`

#
# Install simple random password generator if it has not been installed yet, distro-independent
#
if [ ! -x /bin/gp ]; then
   wget -O /bin/gp $BASEURL/gp.txt
   chmod 755 /bin/gp
fi

#
# Install and configure nginx from official repositories
# (so mod_brotli and mod_pagespeed can be installed from binary repos later)
#
apt-get -y install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
apt-get update
apt-get -y install nginx
service nginx stop
cd /etc/nginx/
wget -q -O - $BASEURL/nginx/antiddos.conf.txt | sed -e "s/59038/$PORT/" -e "s/localhost/$IP/" -e "s/user nginx/user www-data/" > nginx.conf 
rm -rf conf.d sites* naxsi* scgi_params uwsgi_params
wget -O static.conf $BASEURL/nginx/static.conf.txt
service nginx start
# nginx configured and started

#
# Install and configure php-fpm
#
apt-get -y install php8.3-fpm php8.3-mysql php8.3-mbstring php8.3-xml libfcgi0t64
service php8.3-fpm stop
cd /etc/php/8.3/fpm/pool.d
rm -f *.conf
wget -q -O - $BASEURL/nginx/xxx.conf.txt | sed -e "s/59038/$PORT/" -e "s/nginx/www-data/" > xxx.conf
service php8.3-fpm start

# Install a simple script which shows php status from command line
wget -q -O - $BASEURL/nginx/sf.txt | sed -e "s/59038/$PORT/" > /bin/sf 
chmod 755 /bin/sf
# php8.3-fpm configured and started

#
# Create /www/pma directory , distro-independent
#
if [ ! -d /www/pma ]; then
    mkdir -p /www/pma
fi
cd /www/pma

#
# Create empty index.html, so http://IP/ shows blank page (security feature, phpmyadmin is buggy)
#
touch index.html

#
# Make nginx logs rotate reasonably, not like crazy:
#
sed -i -e 's/daily/monthly/' -e '/monthly/a minsize 1M' -e 's/rotate 52/rotate 2/' /etc/logrotate.d/nginx
sed -i -e "s/^min/        min/" -e "s/{/\/n\/\*.log {/" /etc/logrotate.d/nginx
cd $PUSHD