-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcratedb.sh
131 lines (105 loc) · 4.32 KB
/
cratedb.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#! /usr/bin/env bash
#############################################
########## RUN THIS SCRIPT AS root ##########
#############################################
######### CHANGE THESE SETTINGS #########
TIMEZONE="Europe/London"
DATADRIVE="/dev/sdb"
############### ALL DONE! ###############
echo -e "\nPlease enter a hostname for the server to begin."
read -p 'Hostname: ' hostvar
HOSTNAME=$hostvar
echo -e "\nPlease enter a name for your Elasticsearch cluster."
read -p 'Cluster Name: ' clustervar
CLUSTERNAME=$clustervar
echo -e "\nPlease enter a username to create."
read -p 'Username: ' uservar
USERNAME=$uservar
echo -e "\nPlease enter your SSH public key (Starts with 'ssh-rsa ' and often found by typing 'cat ~/.ssh/id_rsa.pub' in Terminal/Console)."
read -p 'SSH Public Key: ' sshvar
SSHPUBKEY=$sshvar
echo "Starting setup script..."
### Run Software Updates First ###
sudo apt-get install -y ca-certificates
sudo apt-get -y update
sudo apt-get -y upgrade
### Install Required Software ###
sudo apt-get install -y build-essential
sudo apt-get install -y dnsutils
sudo apt-get install -y software-properties-common
sudo apt-get install -y nscd
sudo apt-get install -y nano
sudo apt-get install -y git
sudo apt-get install -y python-pip
sudo apt-get install -y gcc
sudo apt-get install -y autoconf
sudo apt-get install -y curl
sudo apt-get install -y libtool
sudo apt-get install -y python-dev
sudo apt-get install -y make
sudo apt-get install -y g++
sudo apt-get install -y ufw
sudo apt-get install -y fail2ban
sudo apt-get -y auto-remove
### Mount & Format Data Drive ###
sudo umount "$DATADRIVE"
printf "o\nn\np\n1\n\n\nw\n" | sudo fdisk "$DATADRIVE"
sudo mkfs.ext4 "${DATADRIVE}1"
sudo tune2fs -m 0.5 "$DATADRIVE"
sudo mkdir /data
sudo echo -e "${DATADRIVE}\t/data\text4\tdefaults,noatime\t0\t0\n" >> /etc/fstab
sudo mount -a
sudo mkdir -p /data/elasticsearch
IPADDRESS=`dig -4 @resolver1.opendns.com -t a myip.opendns.com +short`
IFS='.' read -r -a array1 <<< ${HOSTNAME}; SHORTNAME=${array1[0]};
BASH_USERNAME=${USER}
CLIENTIP=`echo $SSH_CLIENT | awk '{ print $1}'`
## Fix the hostname ##
sudo hostname $HOSTNAME
sudo echo ${HOSTNAME} > /etc/hostname
sudo echo -e "127.0.0.1\tlocalhost ${HOSTNAME} ${SHORTNAME}\n${IPADDRESS}\t${HOSTNAME} ${SHORTNAME}\n\n" > /etc/hosts
### Add Cloudflare & Google DNS Resolvers ###
sudo rm -Rf /etc/resolvconf/resolv.conf.d/*
sudo touch /etc/resolvconf/resolv.conf.d/base
sudo touch /etc/resolvconf/resolv.conf.d/head
sudo touch /etc/resolvconf/resolv.conf.d/original
sudo echo -e "nameserver 127.0.0.1\nnameserver 1.1.1.1\nnameserver 8.8.8.8\nnameserver 8.8.4.4\noptions timeout 1\n" > /etc/resolvconf/resolv.conf.d/tail
resolvconf -u
### Configure Time Server & Timezone ###
sudo rm -Rf /etc/localtime;ln -fs /usr/share/zoneinfo/${TIMEZONE} /etc/localtime
sudo rm -Rf /etc/timezone;ln -fs /usr/share/zoneinfo/${TIMEZONE} /etc/timezone
sudo apt-get install -y ntp
sudo service ntp stop
sudo ntpd -gq
sudo service ntp start
### Configure SSH ###
sudo adduser ${USERNAME}
sudo adduser ${USERNAME} sudo
sudo mkdir -p /home/${USERNAME}/.ssh
sudo echo ${SSHPUBKEY} > /home/${USERNAME}/.ssh/authorized_keys
sudo chown -Rf ${USERNAME}:${USERNAME} /home/${USERNAME}
sudo wget "https://raw.githubusercontent.com/robkerry/server-setup/master/config/sshd_config" -O sshd_config
sudo mv -f /etc/ssh/sshd_config /etc/ssh/sshd_config.old
sudo mv -f sshd_config /etc/ssh/sshd_config
### Configure CrateDB ###
sudo add-apt-repository -y ppa:webupd8team/java
sudo apt-get -y install oracle-java8-installer
sudo apt-get -y install apt-transport-https
sudo apt-get -y install software-properties-common git-core
wget https://cdn.crate.io/downloads/apt/DEB-GPG-KEY-crate
sudo apt-key add DEB-GPG-KEY-crate
sudo touch /etc/apt/sources.list.d/crate-stable.list
sudo echo -e "deb https://cdn.crate.io/downloads/deb/stable/ bionic main\ndeb-src https://cdn.crate.io/downloads/deb/stable/ bionic main\n" > /etc/apt/sources.list.d/crate-stable.list
sudo apt-get -y update
sudo apt-get -y install crate
### Configure Firewall ###
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22123/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow from ${CLIENTIP}
sudo ufw enable
sudo service ufw restart
sudo service ssh restart
sudo echo -e "\nInstall Complete!\n\nIn future, SSH into this server using 'ssh ${USERNAME}@${HOSTNAME} -p 22123'"