apache-secure/install.sh

raw link view readme
1 yum install setroubleshoot -y
2
3 semanage fcontext -at httpd_sys_rw_content_t "/srv(/.*)?"
4
5 yum install firewalld -y
6 systemctl start firewalld
7 systemctl enable firewalld
8 firewall-cmd --permanent --zone=public --add-interface=eth0
9 firewall-cmd --permanent --add-service=http --add-service=https --zone=public
10 firewall-cmd --reload
11
12 yum install httpd mod_ssl -y
13
14 systemctl start httpd
15 systemctl enable httpd
16
17 export PUBLIC_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
18
19 cat >> /etc/hosts << EOF
20 $PUBLIC_IP aleph bet webapi
21 EOF
22
23 create ()
24 {
25
26 mkdir -p /srv/$1
27
28 cat > /srv/$1/index.html << EOF
29 $1 here
30 EOF
31
32 mkdir -p /srv/_cert
33 openssl req -nodes -new -x509 -keyout /srv/_cert/$1.key -out /srv/_cert/$1.crt << EOF
34
35
36
37
38
39
40
41
42
43 EOF
44
45 cat > /etc/httpd/conf.d/$1.conf << EOF
46
47 Require all granted
48
49
50 ServerAdmin someone@$1
51 DocumentRoot /srv/$1
52 ServerName $1
53 SSLEngine On
54 SSLCertificateFile /srv/_cert/$1.crt
55 SSLCertificateKeyFile /srv/_cert/$1.key
56 ErrorLog logs/$1-error.log
57 CustomLog logs/$1-access.log common
58
59 EOF
60
61 }
62
63 create aleph
64 create bet
65
66 restorecon -R -v /srv
67 chown -R nobody:apache /srv
68
69 systemctl restart httpd
70