#!/bin/sh logfile=/FINAL_CONFIG.log echo "This script will destroy SOME files ...." echo echo "USE ONLY ON BLANK FREEBSD INSTALLATION" echo echo "Enter Code : bla" read a if test "$a" = bla; then :; else exit 0 fi BATCH=Y export BATCH echo echo echo "Final Config for FreeBSD (C) by Wolfgang Hurst" echo echo "FreeBSD 6.0 and 5.4" echo echo "ANY OUTPUT see : $logfile" echo echo exec >>$logfile exec 2>>$logfile log () { echo `date` : "$@" >`tty` echo `date` : "$@" return 0 } failed () { log " ################################# " log " ############ FAILED ############# " log " ################################# " log "please take a look into the logfile " exit 1 } # comp - compiles with j options # $1 - what # $... - args comp () { NOJ=0 export NOJ cd /usr/ports/$1 shift 1 log " * Configure `pwd`" while test $# -gt 0; do if test "$1" = NOJ; then NOJ=1 export NOJ log " - Without special -j" shift continue; fi log " - Env: $1" eval $1 export `echo $1 | cut -d= -f1` shift 1 done make configure || log " - Making" if test $NOJ = 1; then make || failed else make -j8 || failed fi log " - Installing" make install || failed rm -rf work } log "*** Final Config Begin" log "Check /etc/make.conf" if grep MASTER_SITE_OVERRIDE /etc/make.conf >/dev/null; then log " - already done" else log " - Modify /etc/make.conf with useful parameters" echo "SUP_UPDATE= yes" >>/etc/make.conf echo "SUP= /usr/local/bin/cvsup" >>/etc/make.conf echo "SUPFLAGS= -g -L 2" >>/etc/make.conf echo "SUPHOST= cvsup.de.freebsd.org" >>/etc/make.conf echo "SUPFILE= /usr/share/examples/cvsup/stable-supfile" >>/etc/make.conf echo "PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile" >>/etc/make.conf echo 'MASTER_SITE_OVERRIDE= ftp://ftp.tiscali.de/pub/FreeBSD/ports/distfiles/ ftp://ftp.tiscali.de/pub/FreeBSD/ports/distfiles/${DIST_SUBDIR}/ ' >>/etc/make.conf echo "KERNCONF = SMP" >>/etc/make.conf echo "" >>/etc/make.conf fi log "Checking /etc/rc.conf" if cat /etc/rc.conf | grep firewall_enable >/dev/null; then log " - already done" else log " - Patching /etc/rc.conf" cat /etc/rc.conf | egrep '^(defaultrouter|hostname|ifconfig)' >/etc/rc.conf.new mv /etc/rc.conf.new /etc/rc.conf log " - Enable SSH, Linux, USB, TCP, SYSLOG, ICMP" echo >>/etc/rc.conf echo "# enable services" >>/etc/rc.conf echo 'sshd_enable="YES"' >>/etc/rc.conf echo 'usbd_enable="YES"' >>/etc/rc.conf echo 'linux_enable="YES"' >>/etc/rc.conf echo 'tcp_extensions="YES"' >>/etc/rc.conf echo 'syslogd_flags="-v -v -s -s"' >>/etc/rc.conf echo 'icmp_drop_redirect="YES"' >>/etc/rc.conf echo 'icmp_log_redirect="YES"' >>/etc/rc.conf echo >>/etc/rc.conf log " - Disable LPD, IPV6, INETD, SNMP" echo '# disable services' >>/etc/rc.conf echo 'lpd_enable="NO"' >>/etc/rc.conf echo 'inetd_enable="NO"' >>/etc/rc.conf echo 'ipv6_enable="NO"' >>/etc/rc.conf echo 'snmpd_enable="NO"' >>/etc/rc.conf echo '' >>/etc/rc.conf log " - Disable NFS, RPC" echo '# nfs related services' >>/etc/rc.conf echo 'rpcbind_enable="NO"' >>/etc/rc.conf echo 'rpc_statd_enable="NO"' >>/etc/rc.conf echo 'rpc_lockd_enable="NO"' >>/etc/rc.conf echo 'nfs_server_enable="NO"' >>/etc/rc.conf echo 'nfs_client_enable="NO"' >>/etc/rc.conf echo '' >>/etc/rc.conf log " - Setup German Console" echo '# console settings' >>/etc/rc.conf echo 'font8x8="NO"' >>/etc/rc.conf echo 'font8x14="NO"' >>/etc/rc.conf echo 'font8x16="NO"' >>/etc/rc.conf echo 'keyrate="fast"' >>/etc/rc.conf echo 'keymap="german.cp850"' >>/etc/rc.conf echo '' >>/etc/rc.conf log " - Setup NTP" echo '# ntp releated' >>/etc/rc.conf echo 'ntpdate_flags="-b 194.162.162.194"' >>/etc/rc.conf echo 'ntpdate_enable="YES"' >>/etc/rc.conf echo 'ntpd_enable="YES"' >>/etc/rc.conf echo 'xntpd_enable="YES"' >>/etc/rc.conf echo 'xntpd_program="/usr/sbin/ntpd"' >>/etc/rc.conf echo 'xntpd_flags="-p /var/run/ntpd.pid"' >>/etc/rc.conf echo "server 194.162.162.197" >/etc/ntp.conf echo "server 194.162.162.200" >>/etc/ntp.conf echo '' >>/etc/rc.conf log " - Seting up Firewall (allow any to any)" echo '# firewall' >>/etc/rc.conf echo 'firewall_enable="YES"' >>/etc/rc.conf echo 'firewall_type="/etc/fwruleset"' >>/etc/rc.conf echo 'firewall_logging="YES"' >>/etc/rc.conf echo "add 1 allow ip from any to any" >/etc/fwruleset echo '' >>/etc/rc.conf fi log "Checking cvsup" if test -x /usr/local/bin/cvsup; then log " - already done" else log " - fetching cvsup from ftp.tiscali.de" case `uname -r` in 5.*) s=ftp://ftp.tiscali.de/pub/FreeBSD/releases/i386/5.4-RELEASE/packages/All x="libtool-1.5.10_1.tbz libiconv-1.9.2_1.tbz gettext-0.14.1.tbz gmake-3.80_2.tbz ezm3-1.2.tbz cvsup-without-gui-16.1h_2.tbz" ;; 6.*) s=ftp://ftp.tiscali.de/pub/FreeBSD/releases/i386/6.0-RELEASE/packages/All x="libtool-1.5.18.tbz libiconv-1.9.2_1.tbz gettext-0.14.5.tbz gmake-3.80_2.tbz ezm3-1.2.tbz cvsup-without-gui-16.1h_2.tbz" ;; *) echo "Not FreeBSD 5 or 6" failed ;; esac cd /tmp mkdir fetch-cvsup cd fetch-cvsup for l in $x; do fetch $s/$l && pkg_add $l done cd / rm -rf /tmp/fetch-cvsup fi log "Checking some /boot/loader.conf settings" if grep machdep.hyperthreading_allowed /boot/loader.conf >/dev/null; then log " - already done" else log " - setting HT, AutoBoot and DMA Atapi" echo 'autoboot_delay="5"' >>/boot/loader.conf echo 'machdep.hyperthreading_allowed=1' >>/boot/loader.conf echo 'hw.ata.atapi_dma=1' >>/boot/loader.conf fi log "Checking Brand-NEW Kernel/Ports Sources" if test -r /usr/src/Makefile; then log " - already done" else log " - fetching brand-new kernel sources" cd /usr/src /usr/local/bin/cvsup -h cvsup.de.freebsd.org /usr/share/examples/cvsup/stable-supfile log " - fetching ports sources" cd /usr/ports make update log "#############################################" log "### Please REBOOT the server NOW" log "### and start me again" log "#############################################" exit fi log "Checking Super NEW FreeBSD" if uname -r | grep RELEASE >/dev/null; then log "#############################################" log "### Please Mergemastering the Password/Group logins" log "### via Hand." log "###" log "### If you not do this please press CTRL-C to interrupt" log "### this process and enter 'mergemaster -p -i' and then" log "### start me again" log "###" log "### If you do this already. Press Enter :-)" log "#############################################" read abc log " - buildworld" cd /usr/src make clean make buildworld || failed log " - install world" make installworld || make installworld || failed else log " - already done" fi log "Checking NEW SMP FreeBSD Kernel" if cat /var/run/dmesg.boot | grep src/sys/SMP >/dev/null; then log " - already done" else cd /usr/src log " - buildkernel" make clean make buildkernel || failed log " - install kernel" make installkernel || failed echo "proc /proc procfs rw 0 0" >>/etc/fstab mkdir /proc 2>/dev/null echo "linproc /compat/linux/proc linprocfs rw 0 0" >>/etc/fstab mkdir -p /compat/linux/proc 2>/dev/null log " ##################################" log " #### Start MERGEMASTER ... THEN" log " #### REBOOT AND RERUN THIS SCRIPT" log " ##################################" exit fi log "Checking portupgrade" if test -x /usr/local/sbin/portupgrade; then log " - already done" else log " - Cleanup /usr/src [ in background ]" cd /usr/src make clean & log " - Compile Portupgrade" comp lang/ruby18 NOJ comp databases/ruby-bdb1 comp sysutils/portupgrade BATCH=Y WITHOUT_BDB4=true log " - Build Install Databases" /usr/local/sbin/pkgdb -F log " - Upgrade installed Software" BATCH=Y /usr/local/sbin/portupgrade -a fi log "Checking for some useful programms" if test -x /usr/local/bin/wget; then log " - already done" else log " - Install bash, lynx, screen, wget" comp shells/bash comp www/lynx-ssl NOJ comp sysutils/screen comp archivers/unzip comp devel/glib20 comp ftp/wget comp misc/mc comp net/rsync NOJ fi log "Checking for postfix" if test -x /usr/local/sbin/postfix; then log " - already done" else comp devel/pcre comp mail/postfix BATCH=Y cat >/etc/mail/mailer.conf <>/etc/rc.conf <>/etc/periodic.conf <>/etc/rc.conf echo 'mysql_enable="YES"' >>/etc/rc.conf echo 'mysql_dbdir="/db/master"' >>/etc/rc.conf echo '' >>/etc/rc.conf mkdir -p /db/master echo '[mysqld]' >/etc/my.cnf echo 'character_set_server = latin1' >>/etc/my.cnf echo 'collation_server = latin1_german1_ci' >>/etc/my.cnf echo 'server-id = 1' >>/etc/my.cnf echo 'log-bin' >>/etc/my.cnf fi log "Checking for Apache SSL" if test -x /usr/local/sbin/httpd; then log " - already done" else log " - Install Apache SSL Program" comp devel/mm comp www/apache13-modssl echo '# apache' >>/etc/rc.conf echo 'apache_enable="YES"' >>/etc/rc.conf echo 'apache_flags="-f /etc/apache/httpd.conf"' >>/etc/rc.conf mkdir -p /etc/rc.conf.d grep apache /etc/rc.conf >/etc/rc.conf.d/apache echo '' >>/etc/rc.conf mkdir -p /etc/apache echo '' >/etc/apache/httpd.conf echo 'include /usr/local/etc/apache/httpd.conf' >>/etc/apache/httpd.conf echo '' >>/etc/apache/httpd.conf fi log "Checking for PHP and mod_php" if test -x /usr/local/bin/php; then log " - already done" else log " - Install PHP 5 Program" comp devel/bison comp textproc/libxml2 comp lang/php5 WITH_MULTIBYTE=YES fi log "Checking for some graphics tools" if test -x /usr/local/bin/display; then log " - already done" else log " - Install ImageMagick Program" comp graphics/jpeg comp print/gsfonts comp print/ghostscript-gnu NOJ comp graphics/tiff comp graphics/libfpx comp graphics/jbigkit comp graphics/jasper comp graphics/lcms comp devel/libltdl15 comp multimedia/mpeg2codec comp graphics/ImageMagick comp graphics/gd fi log "Checking for some php modules" if test -r /usr/local/lib/php/20041030/gd.so; then log " - already done" else log " - Install Misc" comp devel/p5-Locale-gettext comp misc/help2man comp devel/autoconf259 comp devel/t1lib log " - Install PHP MySQL Module" comp databases/php5-mysql log " - Install PHP GD Program" comp graphics/php5-gd log " - Misc PHP Stuff" comp archivers/php5-bz2 comp devel/php5-pcre comp security/php5-openssl comp print/pecl-pdflib comp archivers/php5-zlib comp security/php5-mcrypt comp converters/php5-mbstring fi log "Checking for phpMyAdmin" if test -r /usr/local/www/phpMyAdmin/config.inc.php; then log " - already done" else comp databases/phpmyadmin cp /usr/local/www/phpMyAdmin/config.default.php /usr/local/www/phpMyAdmin/config.inc.php cat >/etc/apache/vhost-adminserver_9999.conf < DocumentRoot /pool/adminserver/htdocs CustomLog "|/usr/local/sbin/rotatelogs /pool/adminserver/logs/%Y%m%d%H%M%S-access_log 604800" combined ErrorLog "|/usr/local/sbin/rotatelogs /pool/adminserver/logs/%Y%m%d%H%M%S-error_log 604800" DirectoryIndex index.php index.html AddType application/x-httpd-php .php # PHP MyAAdmin Alias /admin/db/master/ "/usr/local/www/phpMyAdmin/" # Server Status SetHandler server-status # Server Info SetHandler server-info # Access RULE Order allow,deny Allow from 127.0.0.1 EOF echo "Include /etc/apache/vhost-adminserver_9999.conf" >>/etc/apache/httpd.conf echo "" >>/etc/apache/httpd.conf mkdir -p /pool/adminserver/htdocs mkdir -p /pool/adminserver/logs echo "Adminserver see /etc/apache/vhost-adminserver_9999.conf
" >/pool/adminserver/htdocs/index.html echo "phpMyAdmin
" >>/pool/adminserver/htdocs/index.html echo "hVSS is on Port 9001
" >>/pool/adminserver/htdocs/index.html echo "Server Status
" >>/pool/adminserver/htdocs/index.html echo "Server Info
" >>/pool/adminserver/htdocs/index.html fi log "Checking for hVSS" if test -r /usr/local/sbin/hVSS; then log " - already done" else log " - Install hVSS" cd /tmp fetch -o hVSS.gz http://www.whurst.net/programming/hVSS/hVSS-FreeBSD.i386.`uname -r`-0.0.9-static.gz fetch -o hVSS.sh http://www.whurst.net/programming/hVSS/Startmodul-hVSS-FreeBSD.sh gunzip hVSS.gz chmod 755 hVSS mv hVSS /usr/local/sbin/hVSS chmod 755 hVSS.sh mv hVSS.sh /usr/local/etc/rc.d fi log "### Add Patches - not really tested ..." log "Checking for DBD::MySQL41 [since 20.10.2005]" if test -r /usr/local/lib/perl5/site_perl/*/mach/auto/DBD/mysql/mysql.so; then log " - already done" else comp databases/p5-DBD-mysql41 NOJ fi log "Checking for mod_perl [since 20.10.2005]" if test -r /usr/local/libexec/apache/libperl.so; then log " - already done" else comp www/mod_perl NOJ fi log "Checking for webalizer [since 21.10.2005]" if test -r /usr/local/bin/webalizer; then log " - already done" else comp www/webalizer comp german/webalizer2 fi log "Checking for mod_jk [since 21.10.2005]" if test -r /usr/local/libexec/apache/mod_jk.so; then log " - already done" else comp www/mod_jk echo "# Mod JK - Sould be Activate if you need it" >>/etc/apache/httpd.conf echo "#LoadModule jk_module libexec/apache/mod_jk.so" >>/etc/apache/httpd.conf echo "#AddModule mod_jk.c" >>/etc/apache/httpd.conf echo "#JkWorkersFile /etc/apache/workers.properties" >>/etc/apache/httpd.conf echo "#JkMount /*.jsp jsp-hostname" >>/etc/apache/httpd.conf echo "" >>/etc/apache/httpd.conf echo "" >/etc/apache/workers.properties echo "# Sample File" >>/etc/apache/workers.properties echo "worker.list=jsp01" >>/etc/apache/workers.properties echo "" >>/etc/apache/workers.properties echo "worker.jsp01.port=8009" >>/etc/apache/workers.properties echo "worker.jsp01.host=localhost" >>/etc/apache/workers.properties echo "worker.jsp01.type=ajp13" >>/etc/apache/workers.properties echo "" >>/etc/apache/workers.properties fi log "END OF FINAL_CONFIG" exit 0