Update mysql_install.sh
This commit is contained in:
RomanNum3ral
parent
24ad1e41c4
commit
bd51d0faed
156
mysql_install.sh
156
mysql_install.sh
|
|
@ -3,15 +3,9 @@ set -Eeuo pipefail
|
|||
|
||||
# ============================================================
|
||||
# Arch Linux: MariaDB + Apache + PHP + phpMyAdmin installer
|
||||
# Fixes Apache threaded MPM issue by switching to prefork
|
||||
# ============================================================
|
||||
#
|
||||
# Usage:
|
||||
# sudo bash install_mariadb_phpmyadmin_arch.sh
|
||||
#
|
||||
# Optional:
|
||||
# sudo DB_ROOT_PASSWORD='yourpassword' bash install_mariadb_phpmyadmin_arch.sh
|
||||
#
|
||||
# Includes:
|
||||
# - Apache prefork fix for mod_php
|
||||
# - ServerName fix
|
||||
# ============================================================
|
||||
|
||||
DB_ROOT_PASSWORD="${DB_ROOT_PASSWORD:-}"
|
||||
|
|
@ -60,22 +54,30 @@ append_if_missing() {
|
|||
grep -Fqx "$line" "$file" 2>/dev/null || echo "$line" >> "$file"
|
||||
}
|
||||
|
||||
# ============================================================
|
||||
# FIX 1: Apache MPM (required for mod_php)
|
||||
# ============================================================
|
||||
configure_apache_mpm_for_php() {
|
||||
log "Switching Apache from threaded MPM to prefork for mod_php"
|
||||
|
||||
backup_file "$HTTPD_CONF"
|
||||
|
||||
if grep -Eq '^[[:space:]]*LoadModule mpm_event_module modules/mod_mpm_event.so' "$HTTPD_CONF"; then
|
||||
sed -i 's|^[[:space:]]*LoadModule mpm_event_module modules/mod_mpm_event.so|#LoadModule mpm_event_module modules/mod_mpm_event.so|' "$HTTPD_CONF"
|
||||
fi
|
||||
sed -i 's|^LoadModule mpm_event_module modules/mod_mpm_event.so|#LoadModule mpm_event_module modules/mod_mpm_event.so|' "$HTTPD_CONF" || true
|
||||
sed -i 's|^#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so|LoadModule mpm_prefork_module modules/mod_mpm_prefork.so|' "$HTTPD_CONF" || true
|
||||
|
||||
if grep -Eq '^[#[:space:]]*LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' "$HTTPD_CONF"; then
|
||||
sed -i 's|^[#[:space:]]*LoadModule mpm_prefork_module modules/mod_mpm_prefork.so|LoadModule mpm_prefork_module modules/mod_mpm_prefork.so|' "$HTTPD_CONF"
|
||||
elif ! grep -Eq '^[[:space:]]*LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' "$HTTPD_CONF"; then
|
||||
sed -i '/mod_unixd.so/a LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' "$HTTPD_CONF" || true
|
||||
if ! grep -Eq '^[[:space:]]*LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' "$HTTPD_CONF"; then
|
||||
echo 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' >> "$HTTPD_CONF"
|
||||
fi
|
||||
if ! grep -q "mpm_prefork_module" "$HTTPD_CONF"; then
|
||||
echo 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' >> "$HTTPD_CONF"
|
||||
fi
|
||||
}
|
||||
|
||||
# ============================================================
|
||||
# FIX 2: ServerName warning
|
||||
# ============================================================
|
||||
configure_server_name() {
|
||||
log "Setting Apache ServerName"
|
||||
|
||||
if ! grep -q "^ServerName" "$HTTPD_CONF"; then
|
||||
echo "ServerName localhost" >> "$HTTPD_CONF"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -84,11 +86,7 @@ enable_php_module_httpd() {
|
|||
|
||||
backup_file "$HTTPD_CONF"
|
||||
|
||||
if grep -Eq '^[#[:space:]]*LoadModule php_module modules/libphp.so' "$HTTPD_CONF"; then
|
||||
sed -i 's|^[#[:space:]]*LoadModule php_module modules/libphp.so|LoadModule php_module modules/libphp.so|' "$HTTPD_CONF"
|
||||
elif ! grep -Eq '^[[:space:]]*LoadModule php_module modules/libphp.so' "$HTTPD_CONF"; then
|
||||
echo 'LoadModule php_module modules/libphp.so' >> "$HTTPD_CONF"
|
||||
fi
|
||||
sed -i 's|^#LoadModule php_module modules/libphp.so|LoadModule php_module modules/libphp.so|' "$HTTPD_CONF" || true
|
||||
|
||||
append_if_missing "$HTTPD_CONF" "AddHandler php-script .php"
|
||||
append_if_missing "$HTTPD_CONF" "Include conf/extra/php_module.conf"
|
||||
|
|
@ -100,16 +98,8 @@ configure_php() {
|
|||
|
||||
backup_file "$PHP_INI"
|
||||
|
||||
sed -i 's|^[;[:space:]]*extension=mysqli|extension=mysqli|' "$PHP_INI" || true
|
||||
sed -i 's|^[;[:space:]]*extension=pdo_mysql|extension=pdo_mysql|' "$PHP_INI" || true
|
||||
|
||||
if ! grep -Eq '^extension=mysqli' "$PHP_INI"; then
|
||||
echo 'extension=mysqli' >> "$PHP_INI"
|
||||
fi
|
||||
|
||||
if ! grep -Eq '^extension=pdo_mysql' "$PHP_INI"; then
|
||||
echo 'extension=pdo_mysql' >> "$PHP_INI"
|
||||
fi
|
||||
sed -i 's|^;*extension=mysqli|extension=mysqli|' "$PHP_INI" || true
|
||||
sed -i 's|^;*extension=pdo_mysql|extension=pdo_mysql|' "$PHP_INI" || true
|
||||
}
|
||||
|
||||
configure_phpmyadmin_apache() {
|
||||
|
|
@ -130,40 +120,19 @@ EOF
|
|||
}
|
||||
|
||||
generate_blowfish_secret() {
|
||||
if command -v openssl >/dev/null 2>&1; then
|
||||
openssl rand -base64 32 | tr -d '\n'
|
||||
else
|
||||
head -c 32 /dev/urandom | base64 | tr -d '\n'
|
||||
fi
|
||||
openssl rand -base64 32 | tr -d '\n'
|
||||
}
|
||||
|
||||
configure_phpmyadmin_main() {
|
||||
log "Configuring phpMyAdmin"
|
||||
|
||||
[[ -f "$PHPMYADMIN_MAIN_CONF" ]] || die "phpMyAdmin config not found at $PHPMYADMIN_MAIN_CONF"
|
||||
|
||||
backup_file "$PHPMYADMIN_MAIN_CONF"
|
||||
|
||||
local blowfish
|
||||
blowfish="$(generate_blowfish_secret)"
|
||||
|
||||
if grep -Eq "auth_type" "$PHPMYADMIN_MAIN_CONF"; then
|
||||
sed -i "s|\(\$cfg\['Servers'\]\[\$i\]\['auth_type'\][[:space:]]*=[[:space:]]*\).*|\1'cookie';|" "$PHPMYADMIN_MAIN_CONF" || true
|
||||
else
|
||||
cat >> "$PHPMYADMIN_MAIN_CONF" <<EOF
|
||||
|
||||
\$cfg['Servers'][\$i]['auth_type'] = 'cookie';
|
||||
EOF
|
||||
fi
|
||||
|
||||
if grep -Eq "blowfish_secret" "$PHPMYADMIN_MAIN_CONF"; then
|
||||
sed -i "s|\(\$cfg\['blowfish_secret'\][[:space:]]*=[[:space:]]*\).*|\1'${blowfish}';|" "$PHPMYADMIN_MAIN_CONF" || true
|
||||
else
|
||||
cat >> "$PHPMYADMIN_MAIN_CONF" <<EOF
|
||||
|
||||
\$cfg['blowfish_secret'] = '${blowfish}';
|
||||
EOF
|
||||
fi
|
||||
echo "\$cfg['blowfish_secret'] = '${blowfish}';" >> "$PHPMYADMIN_MAIN_CONF"
|
||||
echo "\$cfg['Servers'][\$i]['auth_type'] = 'cookie';" >> "$PHPMYADMIN_MAIN_CONF"
|
||||
}
|
||||
|
||||
initialize_mariadb() {
|
||||
|
|
@ -172,7 +141,7 @@ initialize_mariadb() {
|
|||
if [[ ! -d "$MARIADB_DATA_DIR/mysql" ]]; then
|
||||
mariadb-install-db --user=mysql --basedir=/usr --datadir="$MARIADB_DATA_DIR"
|
||||
else
|
||||
warn "MariaDB data directory already appears initialized; skipping mariadb-install-db"
|
||||
warn "MariaDB already initialized"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -182,94 +151,44 @@ test_httpd_config() {
|
|||
}
|
||||
|
||||
start_enable_services() {
|
||||
log "Enabling and starting MariaDB and Apache"
|
||||
log "Enabling and starting services"
|
||||
systemctl enable --now mariadb
|
||||
systemctl enable --now httpd
|
||||
}
|
||||
|
||||
secure_mariadb() {
|
||||
log "Applying MariaDB hardening"
|
||||
log "Securing MariaDB"
|
||||
|
||||
if [[ -z "$DB_ROOT_PASSWORD" ]]; then
|
||||
DB_ROOT_PASSWORD="$(tr -dc 'A-Za-z0-9!@#%^*_+=-' </dev/urandom | head -c 24 || true)"
|
||||
if [[ -z "$DB_ROOT_PASSWORD" ]]; then
|
||||
die "Failed to generate DB_ROOT_PASSWORD"
|
||||
fi
|
||||
warn "No DB_ROOT_PASSWORD provided. Generated one automatically."
|
||||
DB_ROOT_PASSWORD="$(tr -dc 'A-Za-z0-9' </dev/urandom | head -c 20)"
|
||||
warn "Generated DB password: $DB_ROOT_PASSWORD"
|
||||
fi
|
||||
|
||||
mariadb <<SQL
|
||||
DELETE FROM mysql.user WHERE User='';
|
||||
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
|
||||
DROP DATABASE IF EXISTS test;
|
||||
ALTER USER 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}';
|
||||
FLUSH PRIVILEGES;
|
||||
SQL
|
||||
|
||||
log "MariaDB root password set successfully"
|
||||
}
|
||||
|
||||
write_php_test_page() {
|
||||
log "Writing PHP test file"
|
||||
log "Creating PHP test file"
|
||||
|
||||
mkdir -p "$WEBROOT"
|
||||
cat > "$INFO_FILE" <<'EOF'
|
||||
<?php phpinfo();
|
||||
EOF
|
||||
echo "<?php phpinfo(); ?>" > "$INFO_FILE"
|
||||
}
|
||||
|
||||
install_packages() {
|
||||
log "Installing required packages"
|
||||
|
||||
pacman -Sy --needed --noconfirm \
|
||||
mariadb apache php php-apache phpmyadmin openssl
|
||||
}
|
||||
|
||||
print_summary() {
|
||||
local ip
|
||||
ip="$(hostname -I 2>/dev/null | awk '{print $1}')"
|
||||
|
||||
echo
|
||||
echo "============================================================"
|
||||
echo "INSTALL COMPLETE"
|
||||
echo "============================================================"
|
||||
echo
|
||||
echo "Services:"
|
||||
echo " - MariaDB: systemctl status mariadb"
|
||||
echo " - Apache : systemctl status httpd"
|
||||
echo
|
||||
echo "phpMyAdmin:"
|
||||
echo " - Local: http://localhost/phpmyadmin"
|
||||
if [[ -n "${ip:-}" ]]; then
|
||||
echo " - LAN : http://${ip}/phpmyadmin"
|
||||
fi
|
||||
echo
|
||||
echo "PHP test page:"
|
||||
echo " - Local: http://localhost/info.php"
|
||||
if [[ -n "${ip:-}" ]]; then
|
||||
echo " - LAN : http://${ip}/info.php"
|
||||
fi
|
||||
echo
|
||||
echo "MariaDB root password:"
|
||||
echo " ${DB_ROOT_PASSWORD}"
|
||||
echo
|
||||
echo "phpMyAdmin login:"
|
||||
echo " Username: root"
|
||||
echo " Password: ${DB_ROOT_PASSWORD}"
|
||||
echo
|
||||
echo "Important files:"
|
||||
echo " - Apache config : ${HTTPD_CONF}"
|
||||
echo " - PHP config : ${PHP_INI}"
|
||||
echo " - phpMyAdmin Apache : ${PHPMYADMIN_APACHE_CONF}"
|
||||
echo " - phpMyAdmin main conf: ${PHPMYADMIN_MAIN_CONF}"
|
||||
echo
|
||||
warn "Delete ${INFO_FILE} after testing; it exposes PHP configuration details."
|
||||
log "Installing packages"
|
||||
pacman -Sy --needed --noconfirm mariadb apache php php-apache phpmyadmin openssl
|
||||
}
|
||||
|
||||
main() {
|
||||
require_root
|
||||
install_packages
|
||||
configure_apache_mpm_for_php
|
||||
configure_server_name
|
||||
enable_php_module_httpd
|
||||
configure_php
|
||||
configure_phpmyadmin_apache
|
||||
|
|
@ -279,7 +198,6 @@ main() {
|
|||
start_enable_services
|
||||
secure_mariadb
|
||||
write_php_test_page
|
||||
print_summary
|
||||
}
|
||||
|
||||
main "$@"
|
||||
Loading…
Reference in New Issue