66 lines
1.4 KiB
Bash
66 lines
1.4 KiB
Bash
#!/bin/bash
|
|
|
|
APP=bordroesleme
|
|
|
|
apt update && apt upgrade
|
|
apt -y install mc rsync curl nginx
|
|
dpkg-reconfigure tzdata
|
|
|
|
useradd --system --shell=/usr/sbin/nologin ${APP}
|
|
|
|
mkdir -p /opt/${APP}/sqls
|
|
mkdir -p /opt/${APP}/migrate
|
|
mkdir -p /opt/${APP}/ui
|
|
mkdir -p /opt/${APP}/files
|
|
|
|
echo "Creating application service"
|
|
read -d '' sservice << EOF
|
|
[Unit]
|
|
Description=${APP}
|
|
After=syslog.target
|
|
After=network.target
|
|
#Requires=postgresql.service
|
|
#Requires=memcached.service
|
|
#Requires=redis.service
|
|
|
|
[Service]
|
|
# Modify these two values and uncomment them if you have
|
|
# repos with lots of files and get an HTTP error 500 because
|
|
# of that
|
|
###
|
|
LimitMEMLOCK=infinity
|
|
LimitNOFILE=1048576
|
|
|
|
RestartSec=2s
|
|
Type=simple
|
|
User=${APP}
|
|
Group=${APP}
|
|
WorkingDirectory=/opt/${APP}/
|
|
ExecStart=/opt/${APP}/${APP}
|
|
Restart=always
|
|
|
|
Environment=AUTHSERVER=http://127.0.0.1:40200 SQLSDIR=./sqls DBHOST=10.0.0.2 DBNAME=bordroesleme DBPASS=tesnos.+ed
|
|
|
|
# enable to bind to a port below 1024 uncomment
|
|
###
|
|
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
|
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
|
|
# Prevent writes to /usr, /boot, and /etc
|
|
ProtectSystem=full
|
|
|
|
# Prevent accessing /home, /root and /run/user
|
|
ProtectHome=true
|
|
|
|
# Execute pre and post scripts as root, otherwise it does it as User=
|
|
PermissionsStartOnly=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
echo "$sservice" > /etc/systemd/system/${APP}.service
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable ${APP}
|
|
|