#!/bin/bash
apt install -y vim screen tmux net-tools htop socat bc lshw locate dnsutils mc openssh-server openssl
apt install -y rsync git
apt install -y catdoc
apt install -y poppler-utils
apt install -y apache2
apt install -y mariadb-client
apt install -y apt-file
#apt install postgresql-client
#apt install ldap-utils


sed -i 's/^# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen
locale-gen

apt install -y mariadb-server
apt install -y curl graphicsmagick
apt install -y php php-apcu php-bz2 php-cli php-common php-curl php-fpm php-gd php-geoip php-intl php-json php-mbstring php-mysql php-opcache php-readline php-soap php-xml php-xmlrpc php-xsl php-zip php-pgsql php-ldap




# HEADS UP: manually executed as no connection to outside allowed
curl https://getcomposer.org/download/latest-stable/composer.phar > /usr/local/bin/composer
chmod +x /usr/local/bin/composer

export DBPASS=`openssl rand -base64 8 | tr -d /=+`

mysql -Bse "CREATE USER IF NOT EXISTs 'web'@'localhost' IDENTIFIED BY '$DBPASS';"
mysql -Bse "CREATE DATABASE IF NOT EXISTs web CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
mysql -Bse "CREATE DATABASE IF NOT EXISTs web_sync_prepare CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
mysql -Bse "GRANT ALL PRIVILEGES ON web.* TO 'web'@'localhost';"

cat > /var/www/.my.cnf << EOL
[client]
user=web
password=$DBPASS
[mysql]
database=web
EOL
chmod 600 /var/www/.my.cnf
chown www-data:www-data /var/www/.my.cnf


# required for composer dump-autoload
mkdir -p /var/www/.cache
chown www-data:www-data /var/www/.cache

chown -R www-data:www-data /var/www/html/


sed -i -e '/^www-data:/s/usr\/sbin\/nologin/bin\/bash/' /etc/passwd
mkdir -p /var/www/.ssh/
cat > /var/www/.ssh/authorized_keys << EOL
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPt7sxrtFX55Mdc4giYRHsGgZfqU+mmmSpV6zgX9/OoR ben@bnf.dev
EOL

sed -i \
	-e 's/^;*date.timezone *=.*/date.timezone = Europe\/Berlin/' \
	-e 's/^;* *max_input_vars *=.*/max_input_vars = 3000/' \
	-e 's/^;*max_execution_time *=.*/max_execution_time = 240/' \
	-e 's/^;*memory_limit *=.*/memory_limit = 384M/' \
	-e 's/^;*post_max_size *=.*/post_max_size = 128M/' \
	-e 's/^;*upload_max_filesize *=.*/upload_max_filesize = 128M/' \
	-e 's/^;*opcache.enable_cli *=.*/opcache.enable_cli = 1/' \
	/etc/php/7.2/apache2/php.ini \
        /etc/php/7.2/fpm/php.ini \
        /etc/php/7.2/cli/php.ini

cat > /etc/apache2/conf-available/web.conf << EOL
<Directory "/var/www/html">
	Options Indexes FollowSymLinks
	AllowOverride All
	Require all granted
</Directory>
EOL
a2enconf web

sed -i 's/<\/VirtualHost>/\n\t<Location "\/">\n\t\tRequire all denied\n\t<\/Location>\n&/' /etc/apache2/sites-available/000-default.conf

mv /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/000-default-ssl.conf
sed -i 's/\t<\/VirtualHost>/\n\t\t<Location "\/">\n\t\t\tRequire all denied\n\t\t<\/Location>\n&/' /etc/apache2/sites-available/000-default-ssl.conf

a2ensite 000-default-ssl

a2enmod ssl
a2enmod rewrite
a2enmod headers
a2enmod expires
service apache2 reload

cat > /etc/mysql/mariadb.conf.d/70-disable-strict-mode.cnf << EOL
[mysqld]
sql_mode=IGNORE_SPACE,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
EOL

service mysql restart