Make sure to tar /etc/ag directory on any working AltaGrade Ubuntu servers and wget the compressed file to the new server and run:
cd /etc && wget http://backup.altagrade.net/ag.tgz && tar xzf ag.tgz && rm -rf ag.tgz
If you were to run the resulting script on this page (Click on Copy all the steps link):
cd /usr/src && wget http://in.altagrade.org:8080/https://in.altagrade.org/sites/default/files/node-92-1730173444-source-code.txt && mv node-92-1730173444-source-code.txt altaos.txt && apt-get -y install wget dos2unix && dos2unix altaos.txt && mv altaos.txt altaos.sh && chmod 755 altaos.sh && mkdir /root/.altaos && sh ./altaos.sh | tee /root/.altaos/altaos-install.log
0) Check if the system is freshly installed before doing anything else, because we don't want to run the installation script twice
if [ -d /etc/webmin ]; then echo "It seems this script has already been executed on this server." echo "This script should be run only once as otherwise it will duplicate entries in number of configuration files!" exit 0 fi chmod -x /etc/update-motd.d/* apt-get update -y && apt-get upgrade -y && apt full-upgrade -y && apt autoremove -y # Per https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1780196 apt install dracut-core -y apt install policycoreutils -y echo "net.ipv6.conf.all.disable_ipv6=1" >> /etc/sysctl.conf echo "net.ipv6.conf.default.disable_ipv6=1" >> /etc/sysctl.conf echo "net.ipv6.conf.lo.disable_ipv6=1" >> /etc/sysctl.conf apt install net-tools
1) Set some variables to use later in the installation script
if grep -q "QEMU" /proc/bus/input/devices; then PORT=19759 else PORT=19753 fi export PORT IP="$( hostname -I )" IP6="$( ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 )" IFACE=$(ip addr | grep $IP | awk '{print $NF}') OWNER="" TIMESTAMP=$(date +%s) SECONDS=0
2) Change SSH port
adduser --disabled-password --gecos "" altagrade usermod -aG sudo altagrade sed -i '/%sudo/c\%sudo ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers mkdir /home/altagrade/.ssh echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC753VZbicoElj5moS0XZ70ERwse483Cuqc6Jf3YXJvn4+ZGzdjUsUI4+0GHK0aufeFh4YNZQ9QoQnM/3HUKZIGm3/2lYvzY1Z2YtyWz57LSX6o+oskq01Pe+3g+sxbt1yOW/KhClVhTSNzFPtMV5h4//JLxdO1Z6pctXSgq2COZ9fnEAm/AzmYFpuNvg0JmNdWuFkvnSKZrkt9hmw72TTjTE+p9DviTmoq4GCr6l2Pg4y6oTlyQ595yi6wDZe0JK7cdkKMsA4U6kAyHqci7zXOu7HjLdYcKZCohCp/iddHZbERmlZuS1eGbiARYtBZb9FNdUmnUB3nggb4DU3FPeDl' >> /home/altagrade/.ssh/authorized_keys restorecon -R -v /home/altagrade/.ssh sed -i "s/#force_color_prompt=yes/force_color_prompt=yes/g" /root/.bashrc source /root/.bashrc sed -i "s/#force_color_prompt=yes/force_color_prompt=yes/g" /home/altagrade/.bashrc sed -i "s/#Port 22/Port $PORT/g" /etc/ssh/sshd_config sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g" /etc/ssh/sshd_config sed -i "s/PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config service sshd restart
3) Prepare the system
# Make boot fast systemctl disable systemd-networkd-wait-online.service systemctl mask systemd-networkd-wait-online.service if [ "$(readlink /etc/localtime)" != "/usr/share/zoneinfo/UTC" ]; then echo "==================================================================================" echo "Setting local time to UTC .." rm -f /etc/localtime ln -s /usr/share/zoneinfo/UTC /etc/localtime echo ".. done" fi if [ ! -d /backup ]; then echo "==================================================================================" echo "Creating /home/backup directory .." mkdir /backup echo ".. done" fi if [ ! -d /sandbox ]; then echo "==================================================================================" echo "Creating /sandbox directory .." mkdir /sandbox echo ".. done" fi
4) Enable Automatic Updates
apt install unattended-upgrades apt install update-notifier-common #edit /etc/apt/apt.conf.d/50unattended-upgrades per https://linoxide.com/enable-automatic-updates-on-ubuntu-20-04/ sed -i 's*//Unattended-Upgrade::Mail "";*Unattended-Upgrade::Mail "[email protected]";*g' /etc/apt/apt.conf.d/50unattended-upgrades sed -i 's*//Unattended-Upgrade::MailReport "on-change";*Unattended-Upgrade::MailReport "only-on-error";*g' /etc/apt/apt.conf.d/50unattended-upgrades sed -i 's*//Unattended-Upgrade::Automatic-Reboot "false";*Unattended-Upgrade::Automatic-Reboot "true";*g' /etc/apt/apt.conf.d/50unattended-upgrades sed -i 's*//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";*Unattended-Upgrade::Automatic-Reboot-WithUsers "true";*g' /etc/apt/apt.conf.d/50unattended-upgrades sed -i 's*//Unattended-Upgrade::Automatic-Reboot-Time "02:00";*Unattended-Upgrade::Automatic-Reboot-Time "02:36";*g' /etc/apt/apt.conf.d/50unattended-upgrades
5) Installing Webmin and Virtualmin
if [ ! -d /etc/webmin ]; then echo "==================================================================================" echo "Installing control panel .." cd /usr/src wget http://software.virtualmin.com/gpl/scripts/install.sh chmod 755 install.sh ./install.sh -y echo ".. done" fi
6) Configuring Virtualmin
# yes | /usr/share/webmin/authentic-theme/theme-update.sh # yes | /usr/share/usermin/authentic-theme/theme-update.sh # Adapting Virtualmin and Webmin jargon for cPanel users /etc/ag/cp/new-lang.sh sed -i 's/bandwidth /traffic /g' /etc/webmin/virtual-server/bw-template sed -i 's/bandwidth /traffic /g' /etc/webmin/virtual-server/warnbw-template sed -i 's/Bandwidth /Traffic /g' /etc/webmin/virtual-server/bw-template sed -i 's/Bandwidth /Traffic /g' /etc/webmin/virtual-server/warnbw-template sed -i 's/virtual server /domain /g' /etc/webmin/virtual-server/bw-template sed -i 's/virtual server /domain /g' /etc/webmin/virtual-server/warnbw-template sed -i 's/sub-servers /sub-domains /g' /etc/webmin/virtual-server/bw-template sed -i 's/sub-servers /sub-domains /g' /etc/webmin/virtual-server/warnbw-template rm -rf /etc/webmin/authentic-theme cp -R /etc/ag/webmin/authentic-theme /etc/webmin rm -rf /etc/webmin/status cp -R /etc/ag/webmin/status /etc/webmin rm -rf /etc/webmin/custom cp -R /etc/ag/webmin/custom /etc/webmin sed -i 's/mail=1/mail=2/g' /etc/webmin/virtual-server/config sed -i 's/spam=1/spam=2/g' /etc/webmin/virtual-server/config sed -i 's/dns=1/dns=2/g' /etc/webmin/virtual-server/config sed -i 's/plugins=virtualmin-awstats virtualmin-dav virtualmin-htpasswd/plugins=virtualmin-htpasswd/g' /etc/webmin/virtual-server/config sed -i 's/ftp=2/ftp=0/g' /etc/webmin/virtual-server/config sed -i 's/virus=1/virus=2/g' /etc/webmin/virtual-server/config echo 'plugins_inactive=virtualmin-awstats virtualmin-init virtualmin-dav virtualmin-registrar virtualmin-git virtualmin-sqlite virtualmin-slavedns' >> /etc/webmin/virtual-server/config echo "PORT ${PORT}" > /etc/webmin/virtual-server/globals
7) Webmin UI categories
cat > /etc/webmin/webmin.descs << 'EOT' bandwidth=Traffic Monitoring webmin=Host Manager Configuration servers=Host Manager Servers webminlog=Host Manager Log acl=Host Manager Users virtualmin-registrar=Site Manager Domain Registration virtualmin-dav=Site Manager DAV virtualmin-init=Site Manager Bootup Actions virtualmin-git=Site Manager Git virtualmin-htpasswd=Site Manager Protected Directories virtualmin-sqlite=Site Manager SQLite virtual-server=Site Manager Domains usermin=User Manager Configuration custom=AltaGrade Commands EOT cat > /etc/webmin/webmin.catnames << 'EOT' =AltaGrade EOT
8) Email template for domains
cat > /etc/webmin/virtual-server/domain-template << 'EOT' The following website has been created successfully: +=============================================+ | Website Info | ${DOM} +=============================================+ | Username: ${USER} | Password: ${PASS} ${IF-WEB} | Website: http://www.${DOM} | HTML directory: ${PUBLIC_HTML_PATH} ${IF-MAIL} | SMTP server: mail.${DOM} | POP3 server: mail.${DOM} ${ENDIF-MAIL} ${IF-WEBALIZER} | Webalizer log reporting: Enabled ${ENDIF-WEBALIZER} ${ENDIF-WEB} ${IF-MYSQL} | MySQL database: ${DB} | MySQL login: ${MYSQL_USER} ${IF-MYSQL_PASS} | MySQL password: ${MYSQL_PASS} ${ELSE-MYSQL_PASS} | MySQL password: ${PASS} ${ENDIF-MYSQL_PASS} ${ENDIF-MYSQL} | Apache Solr Host: localhost | Apache Solr Port: 8983 | Apache Solr Path: /solr/${DOM} +=============================================+ +=============================================+ | Server Info | ${IP} +=============================================+ | Dedicated IP: ${IP} | SSH and SFTP Port: ${PORT} | Control Panel: http://admin.${DOM} | (or https://${IP}:8443 before propagation) +=============================================+ Please note of the following important details: - The above access information is not for your profile account at https://my.altagrade.com. You set your own username and password for your profile account during sign-up process. If you forgot your password to your profile account, then please just reset it on https://my.altagrade.com/user/password. - You can request this e-mail any time by logging in to your control panel, selecting the website's domain name in the drop-down list on the left menu and clicking on "Administration Options" > Re-Send Signup Email. - Find more detailed information please read our documentation portal at https://www.altagrade.com/help. - If you have any questions, comments, or concerns, feel free to create a support ticket at https://my.altagrade.com. EOT cat > /etc/webmin/virtual-server/subdomain-template << 'EOT' The following website has been created successfully: +===================================+ | Website Info | ${DOM} +===================================+ | Username: ${USER} | Password: ${PASS} ${IF-WEB} | Website: http://www.${DOM} ${IF-MAIL} | SMTP server: mail.${DOM} | POP3 server: mail.${DOM} ${ENDIF-MAIL} ${IF-WEBALIZER} | Webalizer log reporting: Enabled ${ENDIF-WEBALIZER} ${ENDIF-WEB} ${IF-MYSQL} | MySQL database: ${DB} | MySQL login: ${MYSQL_USER} ${IF-MYSQL_PASS} | MySQL password: ${MYSQL_PASS} ${ELSE-MYSQL_PASS} | MySQL password: ${PASS} ${ENDIF-MYSQL_PASS} ${ENDIF-MYSQL} | Apache Solr Host: localhost | Apache Solr Port: 8983 | Apache Solr Path: /solr/${DOM} +===================================+ +===================================+ | Server Info | ${IP} +===================================+ | Dedicated IP: ${IP} | SSH and SFTP Port: ${PORT} | Control Panel: http://admin.${DOM} (or https://${IP}:8443 before propagation) +===================================+ - The above access information is not for your profile account at https://my.altagrade.com. You set your own username and password for your profile account during sign-up process. If you forgot your password to your profile account, then please just reset it on https://my.altagrade.com/user/password. - You can request this e-mail any time by logging in to your control panel, selecting the website's domain name in the drop-down list on the left menu and clicking on "Administration Options" > Re-Send Signup Email. - Find more detailed information please read our documentation portal at https://www.altagrade.com/help. - If you have any questions, comments, or concerns, feel free to create a support ticket at https://my.altagrade.com. EOT sed -i '/newdom_subject/c\ newdom_subject=Account information for ${DOM}' /etc/webmin/virtual-server/config sed -i '/newsubdom_subject/c\ newdom_subject=Account information for ${DOM}' /etc/webmin/virtual-server/config
9) Unlimited plan
cat > /etc/webmin/virtual-server/plans/0 << 'EOT' quota= quota= bwlimit= norename=0 file=/etc/webmin/virtual-server/plans/0 uquota= nodbname=1 realdomslimit= migrate=0 aliaslimit= domslimit= capabilities= ipfollow= id=0 featurelimits= mailboxlimit= name=Unlimited Plan dbslimit= aliasdomslimit= forceunder=0 scripts= safeunder=0 EOT
10) Configure firewall
sed -ie 's/port=10000/port=8443/' /etc/webmin/miniserv.conf sed -ie 's/listen=10000/listen=8443/' /etc/webmin/miniserv.conf systemctl disable --now firewalld.service apt-get install ufw -y yes | ufw enable ufw default deny incoming ufw default allow outgoing ufw allow "Apache Full" ufw allow ssh ufw allow $PORT/tcp ufw allow 8443/tcp yes | ufw enable
11) Install additional PHP packages & Composer
apt-get install php8.3-{cli,pdo,fpm,zip,gd,xml,mysql,cgi,apcu,uploadprogress} -y echo "==================================================================================" echo "Changing PHP configurations settings .." sed -ie 's/upload_max_filesize = 2M/upload_max_filesize = 20M/' /etc/php/8.3/cgi/php.ini sed -ie 's/post_max_size = 8M/post_max_size = 16M/' /etc/php/8.3/cgi/php.ini sed -ie 's/max_execution_time = 30/max_execution_time = 600/' /etc/php/8.3/cgi/php.ini sed -ie 's/max_input_time = 60/max_input_time = 600/' /etc/php/8.3/cgi/php.ini sed -ie 's/memory_limit = 128M/memory_limit = 1280M/' /etc/php/8.3/cgi/php.ini sed -ie 's/upload_max_filesize = 2M/upload_max_filesize = 20M/' /etc/php/8.3/fpm/php.ini sed -ie 's/post_max_size = 8M/post_max_size = 16M/' /etc/php/8.3/fpm/php.ini sed -ie 's/max_execution_time = 30/max_execution_time = 600/' /etc/php/8.3/fpm/php.ini sed -ie 's/max_input_time = 60/max_input_time = 600/' /etc/php/8.3/fpm/php.ini sed -ie 's/memory_limit = 128M/memory_limit = 1280M/' /etc/php/8.3/fpm/php.ini sed -ie 's/upload_max_filesize = 2M/upload_max_filesize = 20M/' /etc/php/8.3/cli/php.ini sed -ie 's/post_max_size = 8M/post_max_size = 16M/' /etc/php/8.3/cli/php.ini sed -ie 's/max_execution_time = 30/max_execution_time = 600/' /etc/php/8.3/cli/php.ini sed -ie 's/max_input_time = 60/max_input_time = 600/' /etc/php/8.3/cli/php.ini sed -ie 's/memory_limit = 128M/memory_limit = 1280M/' /etc/php/8.3/cli/php.ini echo "==================================================================================" echo "Installing Composer .." cd ~ curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer echo ".. done" apt install memcached libmemcached-tools -y sed -ie 's/-m 64/-m 4096/' /etc/memcached.conf sed -ie 's/-l ::1/#-l ::1/' /etc/memcached.conf systemctl enable memcached systemctl start memcached apt install php8.3-memcached -y
12) Install bee
cd /usr/local/src && git clone https://github.com/backdrop-contrib/bee.git ln -s /usr/local/src/bee/bee.php /usr/local/bin/bee
13) Configuring AltaGrade cron-tasks
cat > /etc/cron.daily/altagrade << 'EOF' #!/bin/bash sed -ie 's/Ubuntu Linux/AltaOS/' /etc/webmin/config >/dev/null 2>&1 sh /etc/ag/cp/new-lang.sh >/dev/null 2>&1 sed -ie 's/slider_enabled=true/slider_enabled=false/' /etc/webmin/authentic-theme/settings.js >/dev/null 2>&1 exit EOF chmod 755 /etc/cron.daily/altagrade /etc/cron.daily/altagrade
14) Add banner message
if ! grep -Fq "▓▓▓█████▓" /etc/banner then echo "==================================================================================" echo "Creating /etc/banner .." cat <<EOT >> /etc/banner ▄▄▄ ▓▓▓ ▓▓▓█████▓ ▄▄▄ ▄████ ▓▓▀███ ▄▄▄ ▓█████▄ ▓█████ ▒▓▓██▄ ▓██▒ ▓ ▓▓▒ ▓▒▒████▄ ▓▓▒ ▀█▒▓██ ▒ ▓█▒▒▓▓██▄ ▒▓▓▀ ██▌▓▓ ▀ ▒▓▓ ▀█▄ ▒▓▓░ ▒ ▓██░ ▒░▒▓▓ ▀█▄ ▒▓▓░▄▄▄░▓▓▓ ░▄█ ▒▒▓▓ ▀█▄ ░██ █▌▒▓▓██ ░██▄▄▄▄██ ▒▓▓░ ░ ▓██▓ ░ ░██▄▄▄▄██ ░▓█ ██▓▒▓▓▀▀█▄ ░██▄▄▄▄██ ░▓█▄ ▌▒▓█ ▄ ▓█ ▓██▒░██████▒▒██▒ ░ ▓█ ▓██▒░▒▓███▀▒░██▓ ▒▓▓▒ ▓█ ▓██▒░▒████▓ ░▒████▒ ▒▒ ▓▒█░░ ▒░▓ ░▒ ░░ ▒▒ ▓▒█░ ░▒ ▒ ░ ▒▓ ░▒▓░ ▒▒ ▓▒█░ ▒▒▓ ▒ ░░ ▒░ ░ ▒ ▒▒ ░░ ░ ▒ ░ ░ ▒ ▒▒ ░ ░ ░ ░▒ ░ ▒░ ▒ ▒▒ ░ ░ ▒ ▒ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ▒ ░ ░ ░ ░░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ***************************************************************************** * Welcome to AltaGrade Optimized Operating System! * * * * If you encounter any issues with the server, then please browse our Help * * section on https://www.altagrade.com/docs first. And if you couldn't find * * any solution, then submit a support request at https://my.altagrade.com. * * * ***************************************************************************** EOT echo ".. done" fi if grep -Fq "#Banner none" /etc/ssh/sshd_config then sed -ie '/#Banner none/c\Banner /etc/banner' /etc/ssh/sshd_config else echo 'Banner /etc/banner' >> /etc/ssh/sshd_config fi
15) Finalizing the installation script
# Per https://www.virtualmin.com/node/43097 rm -rf /var/webmin/module.infos.cache sh /etc/ag/cp/new-lang.sh >/dev/null 2>&1 /sbin/virtualmin check-config # Calculating execution time executed="$(($SECONDS / 60)) minutes and $(($SECONDS % 60)) seconds" echo "The installation took $executed" echo "AltaOS installed on $(date)" > /root/.altaos/install_date.txt updatedb echo "Rebooting the system..." reboot
- Log in to post comments
- Copy all the steps