diff --git a/README.md b/README.md index ef9dff4c..e4447616 100644 --- a/README.md +++ b/README.md @@ -1,26 +1,80 @@ -# yiimp -Install script for yiimp on Ubuntu 16.04 -This script will install yimmp on your Ubuntu 16.04 system. +# Yiimp_install_scrypt v0.2 (update Avril, 2020) -Before running this script make sure you are on a fresh server and running as a user. Do not run this script under root! +Site : https://www.xavatar.com -This install script will get you 95% ready to go with yiimp. There are a few things you need to do after the main install is finished. +Discord : https://discord.gg/zcCXjkQ -You must update the following files: +TUTO Youtube (16.04 / 18.04 - Without SSL) : https://www.youtube.com/watch?v=qE0rhfJ1g2k -1. /var/web/serverconfig.php - update this file to include your public ip to access the admin panel. update with public keys from exchanges. update with other information specific to your server.. -2. /etc/yiimp/keys.php - update with secrect keys from the exchanges. +Official Yiimp (used in this script for Yiimp Installation): https://github.com/tpruvot/yiimp -After you add the missing information to those files then run: -./main.sh -./loop2.sh -./block.sh +Original Yiimp Installer : https://github.com/cryptopool-builders/multipool_original_yiimp_installer -curl -Lo install.sh https://raw.githubusercontent.com/crombiecrunch/yiimp/master/install.sh -bash install.sh -You will be prompted for email, FDQN, and time zone. You onkly get one shot to enter this information correctly! +*********************************** -If this helped you or you feel giving please donate BTC Donation: 1AxK9a7dgeHvf3VFuwZ2adGiQTX6S1nhrp +## Install script for yiimp on Ubuntu Server 16.04 / 18.04 (use Tpruvot's Yiimp) -Crombie Crunch +USE THIS SCRIPT ON FRESH INSTALL UBUNTU Server 16.04 / 18.04 ! + +Connect on your VPS => +- apt update +- apt upgrade +- reboot +- adduser pool (pool it's just an example...) +- adduser pool sudo +- su - pool +- sudo apt -y install git +- git clone https://github.com/xavatar/yiimp_install_scrypt.git +- cd yiimp_install_scrypt/ +- bash install.sh (DO NOT RUN THE SCRIPT AS ROOT or SUDO) +- At the end, you MUST REBOOT to finalize installation... + +Finish ! +- Go http://xxx.xxx.xxx.xxx or https://xxx.xxx.xxx.xxx (if you have chosen LetsEncrypt SSL). Enjoy ! +- Go http://xxx.xxx.xxx.xxx/AdminPanel or https://xxx.xxx.xxx.xxx/AdminPanel to access Panel Admin + +If you are issue after installation (nginx,mariadb... not found), use this script : bash install-debug.sh (watch the log during installation) + +###### :bangbang: **Kudaraidee Install Script :** +- Instead Tpruvot's Yiimp, you can use the Kudaraidee's Repo Yiimp : git clone -b Kudaraidee https://github.com/Kudaraidee/yiimp.git +- It's an updated Yiimp, with more algo, some fix.... + +###### :bangbang: **YOU MUST UPDATE THE FOLLOWING FILES :** +- **/var/web/serverconfig.php :** update this file to include your public ip (line = YAAMP_ADMIN_IP) to access the admin panel (Put your PERSONNAL IP, NOT IP of your VPS). update with public keys from exchanges. update with other information specific to your server.. +- **/etc/yiimp/keys.php :** update with secrect keys from the exchanges (not mandatory) +- **If you want change 'AdminPanel' to access Panel Admin :** Edit this file "/var/web/yaamp/modules/site/SiteController.php" and Line 11 => change 'AdminPanel' + + +###### :bangbang: **IMPORTANT** : + +- The configuration of yiimp and coin require a minimum of knowledge in linux +- Your mysql information (login/Password) is saved in **~/.my.cnf** + +*********************************** + +###### This script has an interactive beginning and will ask for the following information : + +- Server Name (no http:// or www !!!!! Example : crypto.com OR pool.crypto.com OR 80.41.52.63) +- Are you using a subdomain (mypoolx11.crypto.com) +- Enter support email +- Set stratum to AutoExchange +- Your Public IP for admin access (Put your PERSONNAL IP, NOT IP of your VPS) +- Install Fail2ban +- Install UFW and configure ports +- Install LetsEncrypt SSL + +*********************************** + +**This install script will get you 95% ready to go with yiimp. There are a few things you need to do after the main install is finished.** + +While I did add some server security to the script, it is every server owners responsibility to fully secure their own servers. After the installation you will still need to customize your serverconfig.php file to your liking, add your API keys, and build/add your coins to the control panel. + +There will be several wallets already in yiimp. These have nothing to do with the installation script and are from the database import from the yiimp github. + +If you need further assistance we have a small but growing discord channel at https://discord.gg/zcCXjkQ + +If this helped you or you feel giving please donate : +- BTC Donation : 1C1hnjk3WhuAvUN6Ny6LTxPD3rwSZwapW7 +- BCH Donation : 1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz +- ETH Donation : 0xc23E6902fF8Cd8878EDADE18Dc49B3505395F0a1 diff --git a/RELEASE b/RELEASE new file mode 100644 index 00000000..3b04cfb6 --- /dev/null +++ b/RELEASE @@ -0,0 +1 @@ +0.2 diff --git a/changelog b/changelog new file mode 100644 index 00000000..3904aaa5 --- /dev/null +++ b/changelog @@ -0,0 +1,20 @@ +Yiimp Install Scrypt v0.2 // 10.04.2020 +Thanks to cryptopool-builders !!!!!!!! + +Information => +* Works with Ubuntu Server 16.04 / 18.04 +* Update PHP 7.3 +* Change Aptitude by APT +* Remove question Panel Admin +* Remove question Time Zone +* Add screen-scrypt to crontab +* Add script to remove all coin (utils/delcoin.sh) + +Fix => +* Fix command cli « Yiimp » : OK +* Fix Backup SQL FrontEnd : OK (/var/yiimp/sauv) +* Fix Permission on some folder + +Change => +* /etc/screen-scrypt.sh = add to crontab (main,loop2,blocks,debug) +* /var/yiimp/sauv = Backup SQL FrontEnd diff --git a/conf/editconf.py b/conf/editconf.py new file mode 100644 index 00000000..93eabb32 --- /dev/null +++ b/conf/editconf.py @@ -0,0 +1,137 @@ +#!/usr/bin/python3 +# +# This is a helper tool for editing configuration files during the setup +# process. The tool is given new values for settings as command-line +# arguments. It comments-out existing setting values in the configuration +# file and adds new values either after their former location or at the +# end. +# +# The configuration file has settings that look like: +# +# NAME=VALUE +# +# If the -s option is given, then space becomes the delimiter, i.e.: +# +# NAME VALUE +# +# If the -c option is given, then the supplied character becomes the comment character +# +# If the -w option is given, then setting lines continue onto following +# lines while the lines start with whitespace, e.g.: +# +# NAME VAL +# UE + +import sys, re + +# sanity check +if len(sys.argv) < 3: + print("usage: python3 editconf.py /etc/file.conf [-s] [-w] [-c ] [-t] NAME=VAL [NAME=VAL ...]") + sys.exit(1) + +# parse command line arguments +filename = sys.argv[1] +settings = sys.argv[2:] + +delimiter = "=" +delimiter_re = r"\s*=\s*" +comment_char = "#" +folded_lines = False +testing = False +while settings[0][0] == "-" and settings[0] != "--": + opt = settings.pop(0) + if opt == "-s": + # Space is the delimiter + delimiter = " " + delimiter_re = r"\s+" + elif opt == "-w": + # Line folding is possible in this file. + folded_lines = True + elif opt == "-c": + # Specifies a different comment character. + comment_char = settings.pop(0) + elif opt == "-t": + testing = True + else: + print("Invalid option.") + sys.exit(1) + +# sanity check command line +for setting in settings: + try: + name, value = setting.split("=", 1) + except: + import subprocess + print("Invalid command line: ", subprocess.list2cmdline(sys.argv)) + +# create the new config file in memory + +found = set() +buf = "" +input_lines = list(open(filename)) + +while len(input_lines) > 0: + line = input_lines.pop(0) + + # If this configuration file uses folded lines, append any folded lines + # into our input buffer. + if folded_lines and line[0] not in (comment_char, " ", ""): + while len(input_lines) > 0 and input_lines[0][0] in " \t": + line += input_lines.pop(0) + + # See if this line is for any settings passed on the command line. + for i in range(len(settings)): + # Check that this line contain this setting from the command-line arguments. + name, val = settings[i].split("=", 1) + m = re.match( + "(\s*)" + + "(" + re.escape(comment_char) + "\s*)?" + + re.escape(name) + delimiter_re + "(.*?)\s*$", + line, re.S) + if not m: continue + indent, is_comment, existing_val = m.groups() + + # If this is already the setting, do nothing. + if is_comment is None and existing_val == val: + # It may be that we've already inserted this setting higher + # in the file so check for that first. + if i in found: break + buf += line + found.add(i) + break + + # comment-out the existing line (also comment any folded lines) + if is_comment is None: + buf += comment_char + line.rstrip().replace("\n", "\n" + comment_char) + "\n" + else: + # the line is already commented, pass it through + buf += line + + # if this option oddly appears more than once, don't add the setting again + if i in found: + break + + # add the new setting + buf += indent + name + delimiter + val + "\n" + + # note that we've applied this option + found.add(i) + + break + else: + # If did not match any setting names, pass this line through. + buf += line + +# Put any settings we didn't see at the end of the file. +for i in range(len(settings)): + if i not in found: + name, val = settings[i].split("=", 1) + buf += name + delimiter + val + "\n" + +if not testing: + # Write out the new file. + with open(filename, "w") as f: + f.write(buf) +else: + # Just print the new file to stdout. + print(buf) diff --git a/conf/functions.sh b/conf/functions.sh new file mode 100644 index 00000000..c763c617 --- /dev/null +++ b/conf/functions.sh @@ -0,0 +1,162 @@ +#!/bin/bash +##################################################### +# Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox +# Updated by cryptopool.builders for crypto use... +# Modified by Xavatar +##################################################### + +ESC_SEQ="\x1b[" +COL_RESET=$ESC_SEQ"39;49;00m" +RED=$ESC_SEQ"31;01m" +GREEN=$ESC_SEQ"32;01m" +YELLOW=$ESC_SEQ"33;01m" +BLUE=$ESC_SEQ"34;01m" +MAGENTA=$ESC_SEQ"35;01m" +CYAN=$ESC_SEQ"36;01m" + + +function spinner { + local pid=$! + local delay=0.75 + local spinstr='|/-\' + while [ "$(ps a | awk '{print $1}' | grep $pid)" ]; do + local temp=${spinstr#?} + printf " [%c] " "$spinstr" + local spinstr=$temp${spinstr%"$temp"} + sleep $delay + printf "\b\b\b\b\b\b" + done + printf " \b\b\b\b" + } + + +function hide_output { + OUTPUT=$(tempfile) + $@ &> $OUTPUT & spinner + E=$? + if [ $E != 0 ]; then + echo + echo FAILED: $@ + echo ----------------------------------------- + cat $OUTPUT + echo ----------------------------------------- + exit $E + fi + + rm -f $OUTPUT +} + + +function apt_get_quiet { + DEBIAN_FRONTEND=noninteractive hide_output sudo apt -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" "$@" +} + + +function apt_install { + PACKAGES=$@ + apt_get_quiet install $PACKAGES +} + + +function ufw_allow { + if [ -z "$DISABLE_FIREWALL" ]; then + sudo ufw allow $1 > /dev/null; + fi +} + +function restart_service { + hide_output sudo service $1 restart +} + +## Dialog Functions ## +function message_box { + dialog --title "$1" --msgbox "$2" 0 0 +} + +function input_box { + # input_box "title" "prompt" "defaultvalue" VARIABLE + # The user's input will be stored in the variable VARIABLE. + # The exit code from dialog will be stored in VARIABLE_EXITCODE. + declare -n result=$4 + declare -n result_code=$4_EXITCODE + result=$(dialog --stdout --title "$1" --inputbox "$2" 0 0 "$3") + result_code=$? +} + +function input_menu { + # input_menu "title" "prompt" "tag item tag item" VARIABLE + # The user's input will be stored in the variable VARIABLE. + # The exit code from dialog will be stored in VARIABLE_EXITCODE. + declare -n result=$4 + declare -n result_code=$4_EXITCODE + local IFS=^$'\n' + result=$(dialog --stdout --title "$1" --menu "$2" 0 0 0 $3) + result_code=$? +} + +function get_publicip_from_web_service { + # This seems to be the most reliable way to determine the + # machine's public IP address: asking a very nice web API + # for how they see us. Thanks go out to icanhazip.com. + # See: https://major.io/icanhazip-com-faq/ + # + # Pass '4' or '6' as an argument to this function to specify + # what type of address to get (IPv4, IPv6). + curl -$1 --fail --silent --max-time 15 icanhazip.com 2>/dev/null +} + +function get_default_privateip { + # Return the IP address of the network interface connected + # to the Internet. + # + # Pass '4' or '6' as an argument to this function to specify + # what type of address to get (IPv4, IPv6). + # + # We used to use `hostname -I` and then filter for either + # IPv4 or IPv6 addresses. However if there are multiple + # network interfaces on the machine, not all may be for + # reaching the Internet. + # + # Instead use `ip route get` which asks the kernel to use + # the system's routes to select which interface would be + # used to reach a public address. We'll use 8.8.8.8 as + # the destination. It happens to be Google Public DNS, but + # no connection is made. We're just seeing how the box + # would connect to it. There many be multiple IP addresses + # assigned to an interface. `ip route get` reports the + # preferred. That's good enough for us. See issue #121. + # + # With IPv6, the best route may be via an interface that + # only has a link-local address (fe80::*). These addresses + # are only unique to an interface and so need an explicit + # interface specification in order to use them with bind(). + # In these cases, we append "%interface" to the address. + # See the Notes section in the man page for getaddrinfo and + # https://discourse.mailinabox.email/t/update-broke-mailinabox/34/9. + # + # Also see ae67409603c49b7fa73c227449264ddd10aae6a9 and + # issue #3 for why/how we originally added IPv6. + + target=8.8.8.8 + + # For the IPv6 route, use the corresponding IPv6 address + # of Google Public DNS. Again, it doesn't matter so long + # as it's an address on the public Internet. + if [ "$1" == "6" ]; then target=2001:4860:4860::8888; fi + + # Get the route information. + route=$(ip -$1 -o route get $target | grep -v unreachable) + + # Parse the address out of the route information. + address=$(echo $route | sed "s/.* src \([^ ]*\).*/\1/") + + if [[ "$1" == "6" && $address == fe80:* ]]; then + # For IPv6 link-local addresses, parse the interface out + # of the route information and append it with a '%'. + interface=$(echo $route | sed "s/.* dev \([^ ]*\).*/\1/") + address=$address%$interface + fi + + echo $address + +} \ No newline at end of file diff --git a/conf/getip.sh b/conf/getip.sh new file mode 100644 index 00000000..d8a0a9f1 --- /dev/null +++ b/conf/getip.sh @@ -0,0 +1,104 @@ +##################################################### +# Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox +# Updated by cryptopool.builders for crypto use... +##################################################### + +source /etc/functions.sh +echo +echo +echo -e "$CYAN => Setting our global variables : $COL_RESET" +echo + +# If the machine is behind a NAT, inside a VM, etc., it may not know +# its IP address on the public network / the Internet. Ask the Internet +# and possibly confirm with user. +if [ -z "${PUBLIC_IP:-}" ]; then +# Ask the Internet. +GUESSED_IP=$(get_publicip_from_web_service 4) + +# On the first run, if we got an answer from the Internet then don't +# ask the user. +if [[ -z "${DEFAULT_PUBLIC_IP:-}" && ! -z "$GUESSED_IP" ]]; then +PUBLIC_IP=$GUESSED_IP + +# On later runs, if the previous value matches the guessed value then +# don't ask the user either. +elif [ "${DEFAULT_PUBLIC_IP:-}" == "$GUESSED_IP" ]; then +PUBLIC_IP=$GUESSED_IP +fi + +if [ -z "${PUBLIC_IP:-}" ]; then +input_box "Public IP Address" \ +"Enter the public IP address of this machine, as given to you by your ISP. +\n\nPublic IP address:" \ +"$DEFAULT_PUBLIC_IP" \ +PUBLIC_IP + +if [ -z "$PUBLIC_IP" ]; then +# user hit ESC/cancel +exit +fi +fi +fi + +# Same for IPv6. But it's optional. Also, if it looks like the system +# doesn't have an IPv6, don't ask for one. +if [ -z "${PUBLIC_IPV6:-}" ]; then + # Ask the Internet. + GUESSED_IP=$(get_publicip_from_web_service 6) + MATCHED=0 + if [[ -z "${DEFAULT_PUBLIC_IPV6:-}" && ! -z "$GUESSED_IP" ]]; then + PUBLIC_IPV6=$GUESSED_IP + elif [[ "${DEFAULT_PUBLIC_IPV6:-}" == "$GUESSED_IP" ]]; then + # No IPv6 entered and machine seems to have none, or what + # the user entered matches what the Internet tells us. + PUBLIC_IPV6=$GUESSED_IP + MATCHED=1 + elif [[ -z "${DEFAULT_PUBLIC_IPV6:-}" ]]; then + DEFAULT_PUBLIC_IP=$(get_default_privateip 6) + fi + + if [[ -z "${PUBLIC_IPV6:-}" && $MATCHED == 0 ]]; then + input_box "IPv6 Address (Optional)" \ + "Enter the public IPv6 address of this machine, as given to you by your ISP. + \n\nLeave blank if the machine does not have an IPv6 address. + \n\nPublic IPv6 address:" \ + ${DEFAULT_PUBLIC_IPV6:-} \ + PUBLIC_IPV6 + + if [ ! $PUBLIC_IPV6_EXITCODE ]; then + # user hit ESC/cancel + exit + fi + fi +fi + +# Get the IP addresses of the local network interface(s) that are connected +# to the Internet. We need these when we want to have services bind only to +# the public network interfaces (not loopback, not tunnel interfaces). +# if [ -z "$PRIVATE_IP" ]; then +# DEFAULT_PRIVATE_IP=$(get_default_privateip 4) +# input_box "Private IP Address (Optional)" \ +# "Enter the private IP address of this machine, as given to you by your ISP. +# \n\nLeave as your public IP if the machine does not have a private IP address. +# \n\nPrivate IP address:" \ +# $DEFAULT_PRIVATE_IP \ +# PRIVATE_IP +# +# if [ -z "$PRIVATE_IP" ]; then +# user hit ESC/cancel +# exit +# fi +# fi + +# Automatic configuration, e.g. as used in our Vagrant configuration. +if [ "$PUBLIC_IP" = "auto" ]; then +# Use a public API to get our public IP address, or fall back to local network configuration. +PUBLIC_IP=$(get_publicip_from_web_service 4 || get_default_privateip 4) +fi +if [ "$PUBLIC_IPV6" = "auto" ]; then +# Use a public API to get our public IPv6 address, or fall back to local network configuration. +PUBLIC_IPV6=$(get_publicip_from_web_service 6 || get_default_privateip 6) +fi + +echo -e "$GREEN Done...$COL_RESET" \ No newline at end of file diff --git a/conf/prerequisite.sh b/conf/prerequisite.sh new file mode 100644 index 00000000..8cb5b1a1 --- /dev/null +++ b/conf/prerequisite.sh @@ -0,0 +1,80 @@ +#!/bin/bash +##################################################### +# Source https://mailinabox.email/ https://github.com/mail-in-a-box/mailinabox +# Updated by cryptopool.builders for crypto use... +# Modified by Xavatar +##################################################### + +echo +echo +echo -e "$CYAN => Check prerequisite : $COL_RESET" +echo + +if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then + DISTRO=18 + sudo chmod g-w /etc /etc/default /usr +else [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/16\.04\.[0-9]/16.04/' `" != "Ubuntu 16.04 LTS" ]; + DISTRO=16 +fi + +#TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}') +#if [ $TOTAL_PHYSICAL_MEM -lt 1436000 ]; then +# if [ ! -d /vagrant ]; then +# TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000) +# echo "Your Mining Pool Server needs more memory (RAM) to function properly." +# echo "Please provision a machine with at least 1536 GB, 6 GB recommended." +# echo "This machine has $TOTAL_PHYSICAL_MEM MB memory." +# exit +# fi +#fi + +#if [ $TOTAL_PHYSICAL_MEM -lt 1436000 ]; then +# echo "WARNING: Your Mining Pool Server has less than 1.5 GB of memory." +# echo " It might run unreliably when under heavy load." +#fi + +# Check swap +#echo Checking if swap space is needed and if so creating... + +#SWAP_MOUNTED=$(cat /proc/swaps | tail -n+2) +#SWAP_IN_FSTAB=$(grep "swap" /etc/fstab) +#ROOT_IS_BTRFS=$(grep "\/ .*btrfs" /proc/mounts) +#TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}') +#AVAILABLE_DISK_SPACE=$(df / --output=avail | tail -n 1) +#if +# [ -z "$SWAP_MOUNTED" ] && +# [ -z "$SWAP_IN_FSTAB" ] && +# [ ! -e /swapfile ] && +# [ -z "$ROOT_IS_BTRFS" ] && +# [ $TOTAL_PHYSICAL_MEM -lt 1536000 ] && +# [ $AVAILABLE_DISK_SPACE -gt 5242880 ] +#then +# echo "Adding a swap file to the system..." + + # Allocate and activate the swap file. Allocate in 1KB chuncks + # doing it in one go, could fail on low memory systems +# sudo fallocate -l 3G /swapfile +# if [ -e /swapfile ]; then +# sudo chmod 600 /swapfile +# hide_output sudo mkswap /swapfile +# sudo swapon /swapfile +# echo "vm.swappiness=10" >> sudo /etc/sysctl.conf +# fi +# Check if swap is mounted then activate on boot +# if swapon -s | grep -q "\/swapfile"; then +# echo "/swapfile none swap sw 0 0" >> sudo /etc/fstab +# else +# echo "ERROR: Swap allocation failed" +# fi +#fi + +ARCHITECTURE=$(uname -m) +if [ "$ARCHITECTURE" != "x86_64" ]; then + if [ -z "$ARM" ]; then + echo -e "$REDYiimP Install Script only supports x86_64 and will not work on any other architecture, like ARM or 32 bit OS. $COL_RESET" + echo -e "$REDYour architecture is $ARCHITECTURE $COL_RESET" + exit + fi +fi + +echo -e "$GREEN Done...$COL_RESET" \ No newline at end of file diff --git a/install-debug.sh b/install-debug.sh new file mode 100644 index 00000000..8b2746a8 --- /dev/null +++ b/install-debug.sh @@ -0,0 +1,1202 @@ +#!/bin/bash +################################################################################ +# Original Author: crombiecrunch +# Modified by : Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: https://www.xavatar.com +# +# Program: +# Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 +# v0.2 (update Avril, 2020) +# +################################################################################ + + + output() { + printf "\E[0;33;40m" + echo $1 + printf "\E[0m" + } + + displayErr() { + echo + echo $1; + echo + exit 1; + } + + #Add user group sudo + no password + whoami=`whoami` + sudo usermod -aG sudo ${whoami} + echo '# yiimp + # It needs passwordless sudo functionality. + '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL + ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 + + #Copy needed files + sudo cp -r conf/functions.sh /etc/ + sudo cp -r utils/screen-scrypt.sh /etc/ + sudo cp -r conf/editconf.py /usr/bin/ + sudo chmod +x /usr/bin/editconf.py + sudo chmod +x /etc/screen-scrypt.sh + + source /etc/functions.sh + + + clear + echo + echo -e "$GREEN************************************************************************$COL_RESET" + echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" + echo -e "$GREEN Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 $COL_RESET" + echo -e "$GREEN************************************************************************$COL_RESET" + echo + sleep 3 + + + # Update package and Upgrade Ubuntu + echo + echo + echo -e "$CYAN => Updating system and installing required packages :$COL_RESET" + echo + sleep 3 + + sudo apt -y update + sudo apt -y upgrade + sudo apt -y autoremove + sudo apt -y install dialog python3 python3-pip acl nano apt-transport-https + echo -e "$GREEN Done...$COL_RESET" + + + source conf/prerequisite.sh + sleep 3 + source conf/getip.sh + + + echo 'PUBLIC_IP='"${PUBLIC_IP}"' + PUBLIC_IPV6='"${PUBLIC_IPV6}"' + DISTRO='"${DISTRO}"' + PRIVATE_IP='"${PRIVATE_IP}"'' | sudo -E tee conf/pool.conf >/dev/null 2>&1 + + echo + echo + echo -e "$RED Make sure you double check before hitting enter! Only one shot at these! $COL_RESET" + echo + #read -e -p "Enter time zone (e.g. America/New_York) : " TIME + read -e -p "Domain Name (no http:// or www. just : example.com or pool.example.com or 185.22.24.26) : " server_name + read -e -p "Are you using a subdomain (mycryptopool.example.com?) [y/N] : " sub_domain + read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL + read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC + #read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel + read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public + read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban + read -e -p "Install UFW and configure ports? [Y/n] : " UFW + read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install + + + # Switch Aptitude + #echo + #echo -e "$CYAN Switching to Aptitude $COL_RESET" + #echo + #sleep 3 + #sudo apt -y install aptitude + #echo -e "$GREEN Done...$COL_RESET $COL_RESET" + + + # Installing Nginx + echo + echo + echo -e "$CYAN => Installing Nginx server : $COL_RESET" + echo + sleep 3 + + if [ -f /usr/sbin/apache2 ]; then + echo -e "Removing apache..." + apt-get -y purge apache2 apache2-* + apt-get -y --purge autoremove + fi + + sudo apt -y install nginx + sudo rm /etc/nginx/sites-enabled/default + sudo systemctl start nginx.service + sudo systemctl enable nginx.service + sudo systemctl start cron.service + sudo systemctl enable cron.service + sleep 5 + sudo systemctl status nginx | sed -n "1,3p" + sleep 15 + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Making Nginx a bit hard + echo 'map $http_user_agent $blockedagent { + default 0; + ~*malicious 1; + ~*bot 1; + ~*backdoor 1; + ~*crawler 1; + ~*bandit 1; + } + ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 + + + # Installing Mariadb + echo + echo + echo -e "$CYAN => Installing Mariadb Server : $COL_RESET" + echo + sleep 3 + + # Create random password + rootpasswd=$(openssl rand -base64 12) + export DEBIAN_FRONTEND="noninteractive" + sudo apt -y install mariadb-server + sudo systemctl start mysql + sudo systemctl enable mysql + sleep 5 + sudo systemctl status mysql | sed -n "1,3p" + sleep 15 + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing Installing php7.3 + echo + echo + echo -e "$CYAN => Installing php7.3 : $COL_RESET" + echo + sleep 3 + + source conf/pool.conf + if [ ! -f /etc/apt/sources.list.d/ondrej-php-bionic.list ]; then + sudo add-apt-repository -y ppa:ondrej/php + fi + sudo apt -y update + + if [[ ("$DISTRO" == "16") ]]; then + sudo apt -y install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ + php7.3-cgi php-pear php-auth imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ + php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring + #sudo phpenmod mcrypt + #sudo phpenmod mbstring + else + sudo apt -y install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ + php7.3-cgi php-pear imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ + php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring \ + libpsl-dev libnghttp2-dev + fi + sleep 5 + sudo systemctl start php7.3-fpm + sudo systemctl status php7.3-fpm | sed -n "1,3p" + sleep 15 + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing other needed files + echo + echo + echo -e "$CYAN => Installing other needed files : $COL_RESET" + echo + sleep 3 + + sudo apt -y install libgmp3-dev libmysqlclient-dev libcurl4-gnutls-dev libkrb5-dev libldap2-dev libidn11-dev gnutls-dev \ + librtmp-dev sendmail mutt screen git + sudo apt -y install pwgen -y + echo -e "$GREEN Done...$COL_RESET" + sleep 3 + + + # Installing Package to compile crypto currency + echo + echo + echo -e "$CYAN => Installing Package to compile crypto currency $COL_RESET" + echo + sleep 3 + + sudo apt -y install software-properties-common build-essential + sudo apt -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext + sudo apt -y install libminiupnpc10 libzmq5 + sudo apt -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev + sudo apt -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler + sudo add-apt-repository -y ppa:bitcoin/bitcoin + sudo apt -y update + sudo apt -y install libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ + echo -e "$GREEN Done...$COL_RESET" + + + # Generating Random Passwords + password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + AUTOGENERATED_PASS=`pwgen -c -1 20` + + + # Test Email + echo + echo + echo -e "$CYAN => Testing to see if server emails are sent $COL_RESET" + echo + sleep 3 + + if [[ "$root_email" != "" ]]; then + echo $root_email > sudo tee --append ~/.email + echo $root_email > sudo tee --append ~/.forward + + if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then + echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message + echo "You should receive this !" >> sudo tee --append /tmp/email.message + echo "" >> sudo tee --append /tmp/email.message + echo "Cheers" >> sudo tee --append /tmp/email.message + sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message + + sudo rm -f /tmp/email.message + echo "Mail sent" + fi + fi + echo -e "$GREEN Done...$COL_RESET" + + # Installing Fail2Ban & UFW + echo + echo + echo -e "$CYAN => Some optional installs (Fail2Ban & UFW) $COL_RESET" + echo + sleep 3 + + + if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then + sudo apt -y install fail2ban + sleep 5 + sudo systemctl status fail2ban | sed -n "1,3p" + fi + + + if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then + sudo apt -y install ufw + sudo ufw default deny incoming + sudo ufw default allow outgoing + sudo ufw allow ssh + sudo ufw allow http + sudo ufw allow https + sudo ufw allow 3333/tcp + sudo ufw allow 3339/tcp + sudo ufw allow 3334/tcp + sudo ufw allow 3433/tcp + sudo ufw allow 3555/tcp + sudo ufw allow 3556/tcp + sudo ufw allow 3573/tcp + sudo ufw allow 3535/tcp + sudo ufw allow 3533/tcp + sudo ufw allow 3553/tcp + sudo ufw allow 3633/tcp + sudo ufw allow 3733/tcp + sudo ufw allow 3636/tcp + sudo ufw allow 3737/tcp + sudo ufw allow 3739/tcp + sudo ufw allow 3747/tcp + sudo ufw allow 3833/tcp + sudo ufw allow 3933/tcp + sudo ufw allow 4033/tcp + sudo ufw allow 4133/tcp + sudo ufw allow 4233/tcp + sudo ufw allow 4234/tcp + sudo ufw allow 4333/tcp + sudo ufw allow 4433/tcp + sudo ufw allow 4533/tcp + sudo ufw allow 4553/tcp + sudo ufw allow 4633/tcp + sudo ufw allow 4733/tcp + sudo ufw allow 4833/tcp + sudo ufw allow 4933/tcp + sudo ufw allow 5033/tcp + sudo ufw allow 5133/tcp + sudo ufw allow 5233/tcp + sudo ufw allow 5333/tcp + sudo ufw allow 5433/tcp + sudo ufw allow 5533/tcp + sudo ufw allow 5733/tcp + sudo ufw allow 5743/tcp + sudo ufw allow 3252/tcp + sudo ufw allow 5755/tcp + sudo ufw allow 5766/tcp + sudo ufw allow 5833/tcp + sudo ufw allow 5933/tcp + sudo ufw allow 6033/tcp + sudo ufw allow 5034/tcp + sudo ufw allow 6133/tcp + sudo ufw allow 6233/tcp + sudo ufw allow 6333/tcp + sudo ufw allow 6433/tcp + sudo ufw allow 7433/tcp + sudo ufw allow 8333/tcp + sudo ufw allow 8463/tcp + sudo ufw allow 8433/tcp + sudo ufw allow 8533/tcp + sudo ufw --force enable + sleep 5 + sudo systemctl status ufw | sed -n "1,3p" + fi + + + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing PhpMyAdmin + echo + echo + echo -e "$CYAN => Installing phpMyAdmin $COL_RESET" + echo + sleep 3 + + echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections + sudo apt -y install phpmyadmin + echo -e "$GREEN Done...$COL_RESET" + + + # Installing Yiimp + echo + echo + echo -e "$CYAN => Installing Yiimp $COL_RESET" + echo + echo -e "Grabbing yiimp fron Github, building files and setting file structure." + echo + sleep 3 + + + # Generating Random Password for stratum + blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + + # Compil Blocknotify + cd ~ + git clone https://github.com/tpruvot/yiimp + cd $HOME/yiimp/blocknotify + sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp + sudo make + + # Compil iniparser + cd $HOME/yiimp/stratum/iniparser + sudo make + + # Compil Stratum + cd $HOME/yiimp/stratum + if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then + sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile + fi + sudo make + + # Copy Files (Blocknotify,iniparser,Stratum) + cd $HOME/yiimp + sudo sed -i 's/AdminRights/'AdminPanel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php + sudo cp -r $HOME/yiimp/web /var/ + sudo mkdir -p /var/stratum + cd $HOME/yiimp/stratum + sudo cp -a config.sample/. /var/stratum/config + sudo cp -r stratum /var/stratum + sudo cp -r run.sh /var/stratum + cd $HOME/yiimp + sudo cp -r $HOME/yiimp/bin/. /bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ + sudo mkdir -p /etc/yiimp + sudo mkdir -p /$HOME/backup/ + #fixing yiimp + sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp + #fixing run.sh + sudo rm -r /var/stratum/config/run.sh + echo ' + #!/bin/bash + ulimit -n 10240 + ulimit -u 10240 + cd /var/stratum + while true; do + ./stratum /var/stratum/config/$1 + sleep 2 + done + exec bash + ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 + sudo chmod +x /var/stratum/config/run.sh + + echo -e "$GREEN Done...$COL_RESET" + + + # Update Timezone + echo + echo + echo -e "$CYAN => Update default timezone. $COL_RESET" + echo + + echo -e " Setting TimeZone to UTC...$COL_RESET" + if [ ! -f /etc/timezone ]; then + echo "Setting timezone to UTC." + echo "Etc/UTC" > sudo /etc/timezone + sudo systemctl restart rsyslog + fi + sudo systemctl status rsyslog | sed -n "1,3p" + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Creating webserver initial config file + echo + echo + echo -e "$CYAN => Creating webserver initial config file $COL_RESET" + echo + + # Adding user to group, creating dir structure, setting permissions + sudo mkdir -p /var/www/$server_name/html + + if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.3-fpm.service + sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + + # Install SSL (with SubDomain) + echo + echo -e "Install LetsEncrypt and setting SSL (with SubDomain)" + echo + + sudo apt -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + fi + + sudo systemctl reload php7.3-fpm.service + sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + + else + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"' www.'"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.3-fpm.service + sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (without SubDomain) + echo + echo -e "Install LetsEncrypt and setting SSL (without SubDomain)" + echo + sleep 3 + + sudo apt -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"' www.'"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + echo -e "$GREEN Done...$COL_RESET" + + fi + sudo systemctl reload php7.3-fpm.service + sudo systemctl restart nginx.service + fi + + + # Config Database + echo + echo + echo -e "$CYAN => Now for the database fun! $COL_RESET" + echo + sleep 3 + + # Create database + Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" + Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" + Q3="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}${Q3}" + sudo mysql -u root -p="" -e "$SQL" + + # Create stratum user + Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" + Q2="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}" + sudo mysql -u root -p="" -e "$SQL" + + #Create my.cnf + + echo ' + [clienthost1] + user=panel + password='"${password}"' + database=yiimpfrontend + host=localhost + [clienthost2] + user=stratum + password='"${password2}"' + database=yiimpfrontend + host=localhost + [myphpadmin] + user=phpmyadmin + password='"${AUTOGENERATED_PASS}"' + [mysql] + user=root + password='"${rootpasswd}"' + ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 + sudo chmod 0600 ~/.my.cnf + + + # Create keys file + echo ' + /dev/null 2>&1 + + echo -e "$GREEN Done...$COL_RESET" + + + # Peforming the SQL import + echo + echo + echo -e "$CYAN => Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you $COL_RESET" + echo + echo -e "Performing the SQL import" + echo + sleep 3 + + cd ~ + cd yiimp/sql + + # Import sql dump + sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 + + # Oh the humanity! + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql + echo -e "$GREEN Done...$COL_RESET" + + + # Generating a basic Yiimp serverconfig.php + echo + echo + echo -e "$CYAN => Generating a basic Yiimp serverconfig.php $COL_RESET" + echo + sleep 3 + + # Make config file + echo ' + 0.3 + define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); + + // nicehash keys deposit account & amount to deposit at a time + define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); + define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); + define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); + define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); + + $cold_wallet_table = array( + '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, + ); + + // Sample fixed pool fees + $configFixedPoolFees = array( + '"'"'zr5'"'"' => 2.0, + '"'"'scrypt'"'"' => 20.0, + '"'"'sha256'"'"' => 5.0, + ); + + // Sample custom stratum ports + $configCustomPorts = array( + // '"'"'x11'"'"' => 7000, + ); + + // mBTC Coefs per algo (default is 1.0) + $configAlgoNormCoef = array( + // '"'"'x11'"'"' => 5.0, + ); + ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 + + echo -e "$GREEN Done...$COL_RESET" + + + # Updating stratum config files with database connection info + echo + echo + echo -e "$CYAN => Updating stratum config files with database connection info. $COL_RESET" + echo + sleep 3 + + cd /var/stratum/config + sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf + sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf + sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf + sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf + sudo sed -i 's/username = root/username = stratum/g' *.conf + sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf + cd ~ + echo -e "$GREEN Done...$COL_RESET" + + + # Final Directory permissions + echo + echo + echo -e "$CYAN => Final Directory permissions $COL_RESET" + echo + sleep 3 + + whoami=`whoami` + sudo usermod -aG www-data $whoami + sudo usermod -a -G www-data $whoami + + sudo find /var/web -type d -exec chmod 775 {} + + sudo find /var/web -type f -exec chmod 664 {} + + sudo chgrp www-data /var/web -R + sudo chmod g+w /var/web -R + + sudo mkdir /var/log/yiimp + sudo touch /var/log/yiimp/debug.log + sudo chgrp www-data /var/log/yiimp -R + sudo chmod 775 /var/log/yiimp -R + + sudo chgrp www-data /var/stratum -R + sudo chmod 775 /var/stratum + + sudo mkdir -p /var/yiimp/sauv + sudo chgrp www-data /var/yiimp -R + sudo chmod 775 /var/yiimp -R + + + #Add to contrab screen-scrypt + (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - + + #fix error screen main "service" + sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php + sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php + + #fix error screen main "backup sql frontend" + sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php + sudo sed -i '14d' /var/web/yaamp/defaultconfig.php + + #Misc + sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder + sudo rm -rf /var/log/nginx/* + + #Hold update OpenSSL + #If you want remove the hold : sudo apt-mark unhold openssl + sudo apt-mark hold openssl + + #Restart service + sudo systemctl restart cron.service + sudo systemctl restart mysql + sudo systemctl status mysql | sed -n "1,3p" + sudo systemctl restart nginx.service + sudo systemctl status nginx | sed -n "1,3p" + sudo systemctl restart php7.3-fpm.service + sudo systemctl status php7.3-fpm | sed -n "1,3p" + + + echo + echo -e "$GREEN Done...$COL_RESET" + sleep 3 + + echo + echo + echo + echo -e "$GREEN***************************$COL_RESET" + echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" + echo -e "$GREEN Finish !!! $COL_RESET" + echo -e "$GREEN***************************$COL_RESET" + echo + echo + echo + echo -e "$CYAN Whew that was fun, just some reminders. $COL_RESET" + echo -e "$RED Your mysql information is saved in ~/.my.cnf. $COL_RESET" + echo + echo -e "$RED Yiimp at : http://"$server_name" (https... if SSL enabled)" + echo -e "$RED Yiimp Admin at : http://"$server_name"/site/AdminPanel (https... if SSL enabled)" + echo -e "$RED Yiimp phpMyAdmin at : http://"$server_name"/phpmyadmin (https... if SSL enabled)" + echo + echo -e "$RED If you want change 'AdminPanel' to access Panel Admin : Edit this file : /var/web/yaamp/modules/site/SiteController.php" + echo -e "$RED Line 11 => change 'AdminPanel' and use the new address" + echo + echo -e "$CYAN Please make sure to change your public keys / wallet addresses in the /var/web/serverconfig.php file. $COL_RESET" + echo -e "$CYAN Please make sure to change your private keys in the /etc/yiimp/keys.php file. $COL_RESET" + echo + echo -e "$CYAN TUTO Youtube : https://www.youtube.com/watch?v=qE0rhfJ1g2k $COL_RESET" + echo -e "$CYAN Xavatar WebSite : https://www.xavatar.com $COL_RESET" + echo + echo + echo -e "$RED***************************************************$COL_RESET" + echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" + echo -e "$RED***************************************************$COL_RESET" + echo + echo diff --git a/install.sh b/install.sh index 326f7bc6..8380d9cc 100644 --- a/install.sh +++ b/install.sh @@ -1,117 +1,464 @@ #!/bin/bash ################################################################################ -# Author: crombiecrunch -# -# Web: www.thecryptopool.com +# Original Author: crombiecrunch +# Modified by : Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: https://www.xavatar.com # # Program: -# Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.x -# BTC Donation: 1AxK9a7dgeHvf3VFuwZ2adGiQTX6S1nhrp +# Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 +# v0.2 (update Avril, 2020) # ################################################################################ -output() { + + + output() { printf "\E[0;33;40m" echo $1 printf "\E[0m" -} + } -displayErr() { + displayErr() { echo echo $1; echo exit 1; -} -clear - read -p "Enter admin email (e.g. admin@example.com) : " EMAIL - read -p "Enter servername (e.g. portal.example.com) : " SERVNAME - read -p "Enter time zone (e.g. America/New_York) : " TIME - - output "If you found this helpful, please donate to BTC Donation: 1AxK9a7dgeHvf3VFuwZ2adGiQTX6S1nhrp" - output "Updating system and installing required packages." - - #Disable AppArmor - sudo service apparmor stop - sudo update-rc.d -f apparmor remove - sudo apt-get -y remove apparmor apparmor-utils - - # update package and upgrade Ubuntu - sudo apt-get -y update - sudo apt-get -y upgrade - sudo apt-get -y autoremove + } + + #Add user group sudo + no password + whoami=`whoami` + sudo usermod -aG sudo ${whoami} + echo '# yiimp + # It needs passwordless sudo functionality. + '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL + ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 + + #Copy needed files + sudo cp -r conf/functions.sh /etc/ + sudo cp -r utils/screen-scrypt.sh /etc/ + sudo cp -r conf/editconf.py /usr/bin/ + sudo chmod +x /usr/bin/editconf.py + sudo chmod +x /etc/screen-scrypt.sh + + source /etc/functions.sh + + clear - output "Switching to Aptitude" - sudo apt-get -y install aptitude + echo + echo -e "$GREEN************************************************************************$COL_RESET" + echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" + echo -e "$GREEN Install yiimp on Ubuntu 16.04/18.04 running Nginx, MariaDB, and php7.3 $COL_RESET" + echo -e "$GREEN************************************************************************$COL_RESET" + echo + sleep 3 + + + # Update package and Upgrade Ubuntu + echo + echo + echo -e "$CYAN => Updating system and installing required packages :$COL_RESET" + echo + sleep 3 + + hide_output sudo apt -y update + hide_output sudo apt -y upgrade + hide_output sudo apt -y autoremove + apt_install dialog python3 python3-pip acl nano apt-transport-https + echo -e "$GREEN Done...$COL_RESET" + + + source conf/prerequisite.sh + sleep 3 + source conf/getip.sh + + + echo 'PUBLIC_IP='"${PUBLIC_IP}"' + PUBLIC_IPV6='"${PUBLIC_IPV6}"' + DISTRO='"${DISTRO}"' + PRIVATE_IP='"${PRIVATE_IP}"'' | sudo -E tee conf/pool.conf >/dev/null 2>&1 + + echo + echo + echo -e "$RED Make sure you double check before hitting enter! Only one shot at these! $COL_RESET" + echo + #read -e -p "Enter time zone (e.g. America/New_York) : " TIME + read -e -p "Domain Name (no http:// or www. just : example.com or pool.example.com or 185.22.24.26) : " server_name + read -e -p "Are you using a subdomain (mycryptopool.example.com?) [y/N] : " sub_domain + read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL + read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC + #read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel + read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public + read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban + read -e -p "Install UFW and configure ports? [Y/n] : " UFW + read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install + + + # Switch Aptitude + #echo + #echo -e "$CYAN Switching to Aptitude $COL_RESET" + #echo + #sleep 3 + #apt_install aptitude + #echo -e "$GREEN Done...$COL_RESET $COL_RESET" + + + # Installing Nginx + echo + echo + echo -e "$CYAN => Installing Nginx server : $COL_RESET" + echo + sleep 3 + + if [ -f /usr/sbin/apache2 ]; then + echo -e "Removing apache..." + hide_output apt-get -y purge apache2 apache2-* + hide_output apt-get -y --purge autoremove + fi + + apt_install nginx + hide_output sudo rm /etc/nginx/sites-enabled/default + hide_output sudo systemctl start nginx.service + hide_output sudo systemctl enable nginx.service + hide_output sudo systemctl start cron.service + hide_output sudo systemctl enable cron.service + sleep 5 + sudo systemctl status nginx | sed -n "1,3p" + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Making Nginx a bit hard + echo 'map $http_user_agent $blockedagent { + default 0; + ~*malicious 1; + ~*bot 1; + ~*backdoor 1; + ~*crawler 1; + ~*bandit 1; + } + ' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 - output "Installing Nginx server." - sudo aptitude -y install nginx - sudo service nginx start - sudo service cron start - output "Installing Mariadb Server." - # create random password + # Installing Mariadb + echo + echo + echo -e "$CYAN => Installing Mariadb Server : $COL_RESET" + echo + sleep 3 + + # Create random password rootpasswd=$(openssl rand -base64 12) export DEBIAN_FRONTEND="noninteractive" - sudo aptitude -y install mariadb-server - - output "Installing php7.x and other needed files" - sudo aptitude -y install php7.0-fpm - sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring - sudo phpenmod mcrypt - sudo phpenmod mbstring - sudo aptitude -y install libgmp3-dev - sudo aptitude -y install libmysqlclient-dev - sudo aptitude -y install libcurl4-gnutls-dev - sudo aptitude -y install libkrb5-dev - sudo aptitude -y install libldap2-dev - sudo aptitude -y install libidn11-dev - sudo aptitude -y install gnutls-dev - sudo aptitude -y install librtmp-dev - sudo aptitude -y install build-essential libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils - sudo aptitude -y install sendmail - clear - output "Grabbing yiimp fron Github, building files and setting file structure." + apt_install mariadb-server + hide_output sudo systemctl start mysql + hide_output sudo systemctl enable mysql + sleep 5 + sudo systemctl status mysql | sed -n "1,3p" + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing Installing php7.3 + echo + echo + echo -e "$CYAN => Installing php7.3 : $COL_RESET" + echo + sleep 3 + + source conf/pool.conf + if [ ! -f /etc/apt/sources.list.d/ondrej-php-bionic.list ]; then + hide_output sudo add-apt-repository -y ppa:ondrej/php + fi + hide_output sudo apt -y update + + if [[ ("$DISTRO" == "16") ]]; then + apt_install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ + php7.3-cgi php-pear php-auth imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ + php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring + #hide_output sudo phpenmod mcrypt + #hide_output sudo phpenmod mbstring + else + apt_install php7.3-fpm php7.3-opcache php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli \ + php7.3-cgi php-pear imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell mcrypt\ + php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring \ + libpsl-dev libnghttp2-dev + fi + sleep 5 + hide_output sudo systemctl start php7.3-fpm + sudo systemctl status php7.3-fpm | sed -n "1,3p" + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing other needed files + echo + echo + echo -e "$CYAN => Installing other needed files : $COL_RESET" + echo + sleep 3 + + apt_install libgmp3-dev libmysqlclient-dev libcurl4-gnutls-dev libkrb5-dev libldap2-dev libidn11-dev gnutls-dev \ + librtmp-dev sendmail mutt screen git + apt_install pwgen -y + echo -e "$GREEN Done...$COL_RESET" + sleep 3 + + + # Installing Package to compile crypto currency + echo + echo + echo -e "$CYAN => Installing Package to compile crypto currency $COL_RESET" + echo + sleep 3 + + apt_install software-properties-common build-essential + apt_install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext + apt_install libminiupnpc10 libzmq5 + apt_install libcanberra-gtk-module libqrencode-dev libzmq3-dev + apt_install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler + hide_output sudo add-apt-repository -y ppa:bitcoin/bitcoin + hide_output sudo apt -y update + apt_install libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ + echo -e "$GREEN Done...$COL_RESET" + + + # Generating Random Passwords + password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + AUTOGENERATED_PASS=`pwgen -c -1 20` + + + # Test Email + echo + echo + echo -e "$CYAN => Testing to see if server emails are sent $COL_RESET" + echo + sleep 3 + + if [[ "$root_email" != "" ]]; then + echo $root_email > sudo tee --append ~/.email + echo $root_email > sudo tee --append ~/.forward + + if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then + echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message + echo "You should receive this !" >> sudo tee --append /tmp/email.message + echo "" >> sudo tee --append /tmp/email.message + echo "Cheers" >> sudo tee --append /tmp/email.message + sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message + + sudo rm -f /tmp/email.message + echo "Mail sent" + fi + fi + echo -e "$GREEN Done...$COL_RESET" + + # Installing Fail2Ban & UFW + echo + echo + echo -e "$CYAN => Some optional installs (Fail2Ban & UFW) $COL_RESET" + echo + sleep 3 + + + if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then + apt_install fail2ban + sleep 5 + sudo systemctl status fail2ban | sed -n "1,3p" + fi + + + if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then + apt_install ufw + hide_output sudo ufw default deny incoming + hide_output sudo ufw default allow outgoing + hide_output sudo ufw allow ssh + hide_output sudo ufw allow http + hide_output sudo ufw allow https + hide_output sudo ufw allow 3333/tcp + hide_output sudo ufw allow 3339/tcp + hide_output sudo ufw allow 3334/tcp + hide_output sudo ufw allow 3433/tcp + hide_output sudo ufw allow 3555/tcp + hide_output sudo ufw allow 3556/tcp + hide_output sudo ufw allow 3573/tcp + hide_output sudo ufw allow 3535/tcp + hide_output sudo ufw allow 3533/tcp + hide_output sudo ufw allow 3553/tcp + hide_output sudo ufw allow 3633/tcp + hide_output sudo ufw allow 3733/tcp + hide_output sudo ufw allow 3636/tcp + hide_output sudo ufw allow 3737/tcp + hide_output sudo ufw allow 3739/tcp + hide_output sudo ufw allow 3747/tcp + hide_output sudo ufw allow 3833/tcp + hide_output sudo ufw allow 3933/tcp + hide_output sudo ufw allow 4033/tcp + hide_output sudo ufw allow 4133/tcp + hide_output sudo ufw allow 4233/tcp + hide_output sudo ufw allow 4234/tcp + hide_output sudo ufw allow 4333/tcp + hide_output sudo ufw allow 4433/tcp + hide_output sudo ufw allow 4533/tcp + hide_output sudo ufw allow 4553/tcp + hide_output sudo ufw allow 4633/tcp + hide_output sudo ufw allow 4733/tcp + hide_output sudo ufw allow 4833/tcp + hide_output sudo ufw allow 4933/tcp + hide_output sudo ufw allow 5033/tcp + hide_output sudo ufw allow 5133/tcp + hide_output sudo ufw allow 5233/tcp + hide_output sudo ufw allow 5333/tcp + hide_output sudo ufw allow 5433/tcp + hide_output sudo ufw allow 5533/tcp + hide_output sudo ufw allow 5733/tcp + hide_output sudo ufw allow 5743/tcp + hide_output sudo ufw allow 3252/tcp + hide_output sudo ufw allow 5755/tcp + hide_output sudo ufw allow 5766/tcp + hide_output sudo ufw allow 5833/tcp + hide_output sudo ufw allow 5933/tcp + hide_output sudo ufw allow 6033/tcp + hide_output sudo ufw allow 5034/tcp + hide_output sudo ufw allow 6133/tcp + hide_output sudo ufw allow 6233/tcp + hide_output sudo ufw allow 6333/tcp + hide_output sudo ufw allow 6433/tcp + hide_output sudo ufw allow 7433/tcp + hide_output sudo ufw allow 8333/tcp + hide_output sudo ufw allow 8463/tcp + hide_output sudo ufw allow 8433/tcp + hide_output sudo ufw allow 8533/tcp + hide_output sudo ufw --force enable + sleep 5 + sudo systemctl status ufw | sed -n "1,3p" + fi + + + echo + echo -e "$GREEN Done...$COL_RESET" + + + # Installing PhpMyAdmin + echo + echo + echo -e "$CYAN => Installing phpMyAdmin $COL_RESET" + echo + sleep 3 + + echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections + apt_install phpmyadmin + echo -e "$GREEN Done...$COL_RESET" + + + # Installing Yiimp + echo + echo + echo -e "$CYAN => Installing Yiimp $COL_RESET" + echo + echo -e "Grabbing yiimp fron Github, building files and setting file structure." + echo + sleep 3 + + + # Generating Random Password for stratum + blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + + # Compil Blocknotify cd ~ - git clone https://github.com/tpruvot/yiimp.git - cd yiimp - cd blocknotify - sudo make - cd ~/yiimp/stratum/iniparser - sudo make - cd .. - sudo make - cd .. - sudo cp -r web /var/ + hide_output git clone https://github.com/tpruvot/yiimp + cd $HOME/yiimp/blocknotify + sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp + hide_output sudo make + + # Compil iniparser + cd $HOME/yiimp/stratum/iniparser + hide_output sudo make + + # Compil Stratum + cd $HOME/yiimp/stratum + if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then + sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile + fi + hide_output sudo make + + # Copy Files (Blocknotify,iniparser,Stratum) + cd $HOME/yiimp + sudo sed -i 's/AdminRights/'AdminPanel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php + sudo cp -r $HOME/yiimp/web /var/ + sudo mkdir -p /var/stratum + cd $HOME/yiimp/stratum + sudo cp -a config.sample/. /var/stratum/config sudo cp -r stratum /var/stratum - sudo cp -a bin/. /bin/ - sudo cp -r blocknotify/blocknotify /var/stratum - sudo mkdir /etc/yiimp - sudo cp /etc/stratum/config /etc/stratum/config.old - sudo cp /etc/stratum.config.sample /etc/stratum/config - output "Update default timezone." - output "Thanks for using this installation script. Donations welcome" - # check if link file - sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime - # update time zone - sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime - sudo aptitude -y install ntpdate - # write time to clock. - sudo hwclock -w - clear - output "Making Web Server Magic Happen!" - # adding user to group, creating dir structure, setting permissions - whoami=`whoami` - sudo mkdir -p /var/www/$SERVNAME/html - sudo chown -R $whoami:$whoami /var/www/$SERVNAME/html - sudo chmod -R 775 /var/www/$SERVNAME/html + sudo cp -r run.sh /var/stratum + cd $HOME/yiimp + sudo cp -r $HOME/yiimp/bin/. /bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ + sudo mkdir -p /etc/yiimp + sudo mkdir -p /$HOME/backup/ + #fixing yiimp + sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp + #fixing run.sh + sudo rm -r /var/stratum/config/run.sh + echo ' + #!/bin/bash + ulimit -n 10240 + ulimit -u 10240 + cd /var/stratum + while true; do + ./stratum /var/stratum/config/$1 + sleep 2 + done + exec bash + ' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 + sudo chmod +x /var/stratum/config/run.sh + + echo -e "$GREEN Done...$COL_RESET" + + + # Update Timezone + echo + echo + echo -e "$CYAN => Update default timezone. $COL_RESET" + echo + + echo -e " Setting TimeZone to UTC...$COL_RESET" + if [ ! -f /etc/timezone ]; then + echo "Setting timezone to UTC." + echo "Etc/UTC" > sudo /etc/timezone + sudo systemctl restart rsyslog + fi + sudo systemctl status rsyslog | sed -n "1,3p" + echo + echo -e "$GREEN Done...$COL_RESET" + - output "Creating webserver initial config file" -echo ' - server { + # Creating webserver initial config file + echo + echo + echo -e "$CYAN => Creating webserver initial config file $COL_RESET" + echo + + # Adding user to group, creating dir structure, setting permissions + sudo mkdir -p /var/www/$server_name/html + + if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } listen 80; listen [::]:80; - server_name '"${SERVNAME}"'; - - root "/var/www/'"${SERVNAME}"'/html/web"; + server_name '"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; index index.html index.htm index.php; charset utf-8; @@ -125,18 +472,19 @@ echo ' location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } - access_log off; - error_log /var/log/nginx/'"${SERVNAME}"'.app-error.log error; + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; # allow larger file uploads and longer script runtimes - client_max_body_size 100m; - client_body_timeout 120s; - + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; sendfile off; - location ~ \.php$ { + location ~ ^/index\.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; @@ -146,55 +494,98 @@ echo ' fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; + try_files $uri $uri/ =404; } - - location ~ /\.ht { - deny all; + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; } - location ~ /.well-known { - allow all; + location ~ /\.ht { + deny all; } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } } -' | sudo -E tee /etc/nginx/sites-available/$SERVNAME.conf >/dev/null 2>&1 - -sudo ln -s /etc/nginx/sites-available/$SERVNAME.conf /etc/nginx/sites-enabled/$SERVNAME.conf -sudo ln -s /var/web /var/www/$SERVNAME/html -sudo service nginx restart - output "Install LetsEncrypt and setting SSL" - sudo aptitude -y install letsencrypt - sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$SERVNAME" - sudo rm /etc/nginx/sites-available/$SERVNAME.conf + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + hide_output sudo systemctl reload php7.3-fpm.service + hide_output sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + + # Install SSL (with SubDomain) + echo + echo -e "Install LetsEncrypt and setting SSL (with SubDomain)" + echo + + apt_install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 # I am SSL Man! - echo ' - server { + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } listen 80; listen [::]:80; - server_name '"${SERVNAME}"'; + server_name '"${server_name}"'; # enforce https return 301 https://$server_name$request_uri; } server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } listen 443 ssl http2; listen [::]:443 ssl http2; - server_name '"${SERVNAME}"'; + server_name '"${server_name}"'; - root /var/www/'"${SERVNAME}"'/html/web; + root /var/www/'"${server_name}"'/html/web; index index.php; - access_log /var/log/nginx/'"${SERVNAME}"'.app-accress.log; - error_log /var/log/nginx/'"${SERVNAME}"'.app-error.log error; + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; # allow larger file uploads and longer script runtimes - client_max_body_size 100m; - client_body_timeout 120s; - - sendfile off; + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; # strengthen ssl security - ssl_certificate /etc/letsencrypt/live/'"${SERVNAME}"'/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/'"${SERVNAME}"'/privkey.pem; + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; @@ -216,9 +607,9 @@ sudo service nginx restart } - location ~ \.php$ { + location ~ ^/index\.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; @@ -229,218 +620,580 @@ sudo service nginx restart fastcgi_send_timeout 300; fastcgi_read_timeout 300; include /etc/nginx/fastcgi_params; - } + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } location ~ /\.ht { deny all; } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + fi + + hide_output sudo systemctl reload php7.3-fpm.service + hide_output sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + + else + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"' www.'"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + hide_output sudo systemctl reload php7.3-fpm.service + hide_output sudo systemctl restart nginx.service + echo -e "$GREEN Done...$COL_RESET" + + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (without SubDomain) + echo + echo -e "Install LetsEncrypt and setting SSL (without SubDomain)" + echo + sleep 3 + + apt_install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"' www.'"${server_name}"'; -' | sudo -E tee /etc/nginx/sites-available/thecryptopool.com.conf >/dev/null 2>&1 -sudo service nginx restart -sudo service php7.0-fpm reload - clear - output "Now for the database fun!" - # create database - password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.3-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + + ' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + echo -e "$GREEN Done...$COL_RESET" + + fi + hide_output sudo systemctl reload php7.3-fpm.service + hide_output sudo systemctl restart nginx.service + fi + + + # Config Database + echo + echo + echo -e "$CYAN => Now for the database fun! $COL_RESET" + echo + sleep 3 + + # Create database Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" Q3="FLUSH PRIVILEGES;" SQL="${Q1}${Q2}${Q3}" - sudo mysql -u root -p="" -e "$SQL" - # create stratum user - password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + + # Create stratum user Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" Q2="FLUSH PRIVILEGES;" SQL="${Q1}${Q2}" - sudo mysql -u root -p="" -e "$SQL" - echo ' -[clienthost1] -user=panel -password='"${password}"' -database=yiimpfrontend -host=localhost -[clienthost2] -user=stratum -password='"${password2}"' -database=yiimpfrontend -host=localhost -[mysql] -user=root -password='"${rootpasswd}"' -' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 + + #Create my.cnf + + echo ' + [clienthost1] + user=panel + password='"${password}"' + database=yiimpfrontend + host=localhost + [clienthost2] + user=stratum + password='"${password2}"' + database=yiimpfrontend + host=localhost + [myphpadmin] + user=phpmyadmin + password='"${AUTOGENERATED_PASS}"' + [mysql] + user=root + password='"${rootpasswd}"' + ' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 sudo chmod 0600 ~/.my.cnf - echo ' + + # Create keys file + echo ' '"'"'); -define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); -define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); -define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); -define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); -define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); -define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); -define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); -' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 - + /* Sample config file to put in /etc/yiimp/keys.php */ + define('"'"'YIIMP_MYSQLDUMP_USER'"'"', '"'"'panel'"'"'); + define('"'"'YIIMP_MYSQLDUMP_PASS'"'"', '"'"''"${password}"''"'"'); + define('"'"'YIIMP_MYSQLDUMP_PATH'"'"', '"'"''"/var/yiimp/sauv"''"'"'); + /* Keys required to create/cancel orders and access your balances/deposit addresses */ + define('"'"'EXCH_BITTREX_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); + define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); + define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); + define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); + define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); + define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); + define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); + ' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 - output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you" - output "BTC Donation: 1AxK9a7dgeHvf3VFuwZ2adGiQTX6S1nhrp" - wait 35 + echo -e "$GREEN Done...$COL_RESET" + + + # Peforming the SQL import + echo + echo + echo -e "$CYAN => Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you $COL_RESET" + echo + echo -e "Performing the SQL import" + echo + sleep 3 - output "Peforming the SQL import" cd ~ cd yiimp/sql - # import sql dump + + # Import sql dump sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 - # oh the humanity! - sudo mysql --defaults-group-suffix=host1 --force < 2015-07-01-accounts_hostaddr.sql - sudo mysql --defaults-group-suffix=host1 --force < 2015-07-15-coins_hasmasternodes.sql - sudo mysql --defaults-group-suffix=host1 --force < 2015-09-20-blocks_worker.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-02-17-payouts_errmsg.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-02-23-shares_diff.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-03-26-markets.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-03-30-coins.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-04-03-accounts.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql - sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql - sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql - sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql - sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql - sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql - - clear - output "Generating a basic serverconfig.php" - # make config file -echo ' - 0.3 -define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); - -// nicehash keys deposit account & amount to deposit at a time -define('"'"'NICEHASH_API_KEY'"'"','"'"'521c254d-8cc7-4319-83d2-ac6c604b5b49'"'"'); -define('"'"'NICEHASH_API_ID'"'"','"'"'9205'"'"'); -define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3J9tapPoFCtouAZH7Th8HAPsD8aoykEHzk'"'"'); -define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); - - -$cold_wallet_table = array( - '"'"'1C23KmLeCaQSLLyKVykHEUse1R7jRDv9j9'"'"' => 0.10, -); - -// Sample fixed pool fees -$configFixedPoolFees = array( + + # Oh the humanity! + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql + echo -e "$GREEN Done...$COL_RESET" + + + # Generating a basic Yiimp serverconfig.php + echo + echo + echo -e "$CYAN => Generating a basic Yiimp serverconfig.php $COL_RESET" + echo + sleep 3 + + # Make config file + echo ' + 0.3 + define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); + + // nicehash keys deposit account & amount to deposit at a time + define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); + define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); + define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); + define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); + + $cold_wallet_table = array( + '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, + ); + + // Sample fixed pool fees + $configFixedPoolFees = array( '"'"'zr5'"'"' => 2.0, '"'"'scrypt'"'"' => 20.0, '"'"'sha256'"'"' => 5.0, -); - -// Sample custom stratum ports -$configCustomPorts = array( -// '"'"'x11'"'"' => 7000, -); - -// mBTC Coefs per algo (default is 1.0) -$configAlgoNormCoef = array( -// '"'"'x11'"'"' => 5.0, -); -' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 - - output "Final Directory permissions" -sudo usermod -aG www-data $whoami -sudo chown -R www-data:www-data /var/www/$SERVNAME/html -sudo chown -R www-data:www-data /var/log -sudo chown -R www-data:www-data /var/stratum -sudo chmod -R 775 /var/www/$SERVNAME/html -sudo chmod -R 775 /var/log -sudo chmod -R 775 /var/stratum -sudo chown -R www-data:www-data /var/web -sudo chmod -R 775 /var/web -sudo mkdir /root/backup/ -sudo service nginx restart -sudo service php7.0-fpm reload -clear -output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.conf. this installer did not directly install anything required to build coins." -output "Please make sure to chnage your wallet addresses in the /var/web/serverconfig.php file." -output "Please make sure to add your public and private keys." -output "If you found this script helpful please consider donating some BTC Donation: 1AxK9a7dgeHvf3VFuwZ2adGiQTX6S1nhrp" + ); + + // Sample custom stratum ports + $configCustomPorts = array( + // '"'"'x11'"'"' => 7000, + ); + + // mBTC Coefs per algo (default is 1.0) + $configAlgoNormCoef = array( + // '"'"'x11'"'"' => 5.0, + ); + ' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 + + echo -e "$GREEN Done...$COL_RESET" + + + # Updating stratum config files with database connection info + echo + echo + echo -e "$CYAN => Updating stratum config files with database connection info. $COL_RESET" + echo + sleep 3 + + cd /var/stratum/config + sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf + sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf + sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf + sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf + sudo sed -i 's/username = root/username = stratum/g' *.conf + sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf + cd ~ + echo -e "$GREEN Done...$COL_RESET" + + + # Final Directory permissions + echo + echo + echo -e "$CYAN => Final Directory permissions $COL_RESET" + echo + sleep 3 + + whoami=`whoami` + sudo usermod -aG www-data $whoami + sudo usermod -a -G www-data $whoami + + sudo find /var/web -type d -exec chmod 775 {} + + sudo find /var/web -type f -exec chmod 664 {} + + sudo chgrp www-data /var/web -R + sudo chmod g+w /var/web -R + + sudo mkdir /var/log/yiimp + sudo touch /var/log/yiimp/debug.log + sudo chgrp www-data /var/log/yiimp -R + sudo chmod 775 /var/log/yiimp -R + + sudo chgrp www-data /var/stratum -R + sudo chmod 775 /var/stratum + + sudo mkdir -p /var/yiimp/sauv + sudo chgrp www-data /var/yiimp -R + sudo chmod 775 /var/yiimp -R + #Add to contrab screen-scrypt + (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - + + #fix error screen main "service" + sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php + sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php + + #fix error screen main "backup sql frontend" + sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php + sudo sed -i '14d' /var/web/yaamp/defaultconfig.php + + #Misc + sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder + sudo rm -rf /var/log/nginx/* + + #Hold update OpenSSL + #If you want remove the hold : sudo apt-mark unhold openssl + sudo apt-mark hold openssl + + #Restart service + sudo systemctl restart cron.service + sudo systemctl restart mysql + sudo systemctl status mysql | sed -n "1,3p" + sudo systemctl restart nginx.service + sudo systemctl status nginx | sed -n "1,3p" + sudo systemctl restart php7.3-fpm.service + sudo systemctl status php7.3-fpm | sed -n "1,3p" + + + echo + echo -e "$GREEN Done...$COL_RESET" + sleep 3 + + echo + echo + echo + echo -e "$GREEN***************************$COL_RESET" + echo -e "$GREEN Yiimp Install Script v0.2 $COL_RESET" + echo -e "$GREEN Finish !!! $COL_RESET" + echo -e "$GREEN***************************$COL_RESET" + echo + echo + echo + echo -e "$CYAN Whew that was fun, just some reminders. $COL_RESET" + echo -e "$RED Your mysql information is saved in ~/.my.cnf. $COL_RESET" + echo + echo -e "$RED Yiimp at : http://"$server_name" (https... if SSL enabled)" + echo -e "$RED Yiimp Admin at : http://"$server_name"/site/AdminPanel (https... if SSL enabled)" + echo -e "$RED Yiimp phpMyAdmin at : http://"$server_name"/phpmyadmin (https... if SSL enabled)" + echo + echo -e "$RED If you want change 'AdminPanel' to access Panel Admin : Edit this file : /var/web/yaamp/modules/site/SiteController.php" + echo -e "$RED Line 11 => change 'AdminPanel' and use the new address" + echo + echo -e "$CYAN Please make sure to change your public keys / wallet addresses in the /var/web/serverconfig.php file. $COL_RESET" + echo -e "$CYAN Please make sure to change your private keys in the /etc/yiimp/keys.php file. $COL_RESET" + echo + echo -e "$CYAN TUTO Youtube : https://www.youtube.com/watch?v=qE0rhfJ1g2k $COL_RESET" + echo -e "$CYAN Xavatar WebSite : https://www.xavatar.com $COL_RESET" + echo + echo + echo -e "$RED***************************************************$COL_RESET" + echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" + echo -e "$RED***************************************************$COL_RESET" + echo + echo diff --git a/old/README-v0.1.md b/old/README-v0.1.md new file mode 100644 index 00000000..04b3e9fc --- /dev/null +++ b/old/README-v0.1.md @@ -0,0 +1,78 @@ +# Yiimp_install_scrypt v0.1 (update Avril, 2020) + +Site : https://www.xavatar.com + +Discord : https://discord.gg/zcCXjkQ + +TUTO Youtube (16.04 - Without SSL) : https://www.youtube.com/watch?v=vdBCw6_cyig + +TUTO Youtube (16.04 - With SSL) : https://www.youtube.com/watch?v=fWwGow_i-Vw + +Official Yiimp (used in this script for Yiimp Installation): https://github.com/tpruvot/yiimp + +Install script for yiimp on Ubuntu 17.10 : https://github.com/xavatar/yiimp_install_scrypt_ubuntu17.10 + +Install script for yiimp on Ubuntu 18.04 : https://github.com/xavatar/yiimp_install_scrypt_ubuntu18.04 + + +*********************************** + +## Install script for yiimp on Ubuntu Server 16.04 + +USE THIS SCRIPT ON FRESH INSTALL UBUNTU Server 16.04 ! + +Connect on your VPS => +- adduser pool +- adduser pool sudo +- su - pool +- sudo apt-get -y install git +- git clone https://github.com/xavatar/yiimp_install_scrypt.git +- cd yiimp_install_scrypt/ +- sudo bash install.sh (Do not run the script as root) +- sudo bash screen-scrypt.sh (in tuto youtube, i launch the script with root... it does not matter) +- NOT MANDATORY => sudo bash screen-stratum.sh (CONFIGURE BEFORE START this script... add or remove algo you use). + +Finish ! +Go http://xxx.xxxxxx.xxx or https://xxx.xxxxxx.xxx (if you have chosen LetsEncrypt SSL). Enjoy ! + +###### :bangbang: **YOU MUST UPDATE THE FOLLOWING FILES :** +- **/var/web/serverconfig.php :** update this file to include your public ip (line = YAAMP_ADMIN_IP) to access the admin panel (Put your PERSONNAL IP, NOT IP of your VPS). update with public keys from exchanges. update with other information specific to your server.. +- **/etc/yiimp/keys.php :** update with secrect keys from the exchanges (not mandatory) + + +###### :bangbang: **IMPORTANT** : + +- The configuration of yiimp and coin require a minimum of knowledge in linux +- Your mysql information (login/Password) is saved in **~/.my.cnf** +- **If you reboot your VPS**, you must restart screen-scrypt.sh (or add crontab) +- Remember to restart **memcached service** after the db change (update or import new .sql) + +*********************************** + +###### This script has an interactive beginning and will ask for the following information : + +- Enter time zone +- Server Name +- Are you using a subdomain +- Enter support email +- Set stratum to AutoExchange +- New location for /site/adminRights +- Your Public IP for admin access (Put your PERSONNAL IP, NOT IP of your VPS) +- Install Fail2ban +- Install UFW and configure ports +- Install LetsEncrypt SSL + +*********************************** + +**This install script will get you 95% ready to go with yiimp. There are a few things you need to do after the main install is finished.** + +While I did add some server security to the script, it is every server owners responsibility to fully secure their own servers. After the installation you will still need to customize your serverconfig.php file to your liking, add your API keys, and build/add your coins to the control panel. + +There will be several wallets already in yiimp. These have nothing to do with the installation script and are from the database import from the yiimp github. + +If you need further assistance we have a small but growing discord channel at https://discord.gg/zcCXjkQ + +If this helped you or you feel giving please donate : +- BTC Donation : 1C1hnjk3WhuAvUN6Ny6LTxPD3rwSZwapW7 +- BCH Donation : 1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz +- ETH Donation : 0xc23E6902fF8Cd8878EDADE18Dc49B3505395F0a1 diff --git a/old/install-v0.1.sh b/old/install-v0.1.sh new file mode 100644 index 00000000..772e3934 --- /dev/null +++ b/old/install-v0.1.sh @@ -0,0 +1,1016 @@ +#!/bin/bash +################################################################################ +# Original Author: crombiecrunch +# Fork Author: manfromafar +# Current Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: +# +# Program: +# Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0.x +# +# +################################################################################ +output() { + printf "\E[0;33;40m" + echo $1 + printf "\E[0m" +} + +displayErr() { + echo + echo $1; + echo + exit 1; +} + + output " " + output "Make sure you double check before hitting enter! Only one shot at these!" + output " " + read -e -p "Enter time zone (e.g. America/New_York) : " TIME + read -e -p "Server name (no http:// or www. just : example.com or pool.example.com) : " server_name + read -e -p "Are you using a subdomain (pool.example.com?) [y/N] : " sub_domain + read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL + read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC + read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel + read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public + read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban + read -e -p "Install UFW and configure ports? [Y/n] : " UFW + read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install + + + # Update package and Upgrade Ubuntu + output " " + output "Updating system and installing required packages." + output " " + sleep 3 + + sudo apt-get -y update + sudo apt-get -y upgrade + sudo apt-get -y autoremove + + + # Switch Aptitude + output " " + output "Switching to Aptitude" + output " " + sleep 3 + + sudo apt-get -y install aptitude + + + # Installing Nginx + output " " + output "Installing Nginx server." + output " " + sleep 3 + + sudo aptitude -y install nginx + sudo rm /etc/nginx/sites-enabled/default + sudo systemctl start nginx.service + sudo systemctl enable nginx.service + sudo systemctl start cron.service + sudo systemctl enable cron.service + + + # Making Nginx a bit hard + echo 'map $http_user_agent $blockedagent { +default 0; +~*malicious 1; +~*bot 1; +~*backdoor 1; +~*crawler 1; +~*bandit 1; +} +' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 + + + # Installing Mariadb + output " " + output "Installing Mariadb Server." + output " " + sleep 3 + + # Create random password + rootpasswd=$(openssl rand -base64 12) + export DEBIAN_FRONTEND="noninteractive" + sudo aptitude -y install mariadb-server + sudo systemctl start mysql + sudo systemctl enable mysql + + + # Installing Installing php7.x + output " " + output "Installing php7.x" + output " " + sleep 3 + + sudo aptitude -y install php7.0-fpm + sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring + sudo phpenmod mcrypt + sudo phpenmod mbstring + sudo systemctl start php7.0-fpm.service + + + # Installing other needed files + output " " + output "Installing other needed files" + output " " + sleep 3 + + sudo aptitude -y install libgmp3-dev + sudo aptitude -y install libmysqlclient-dev + sudo aptitude -y install libcurl4-gnutls-dev + sudo aptitude -y install libkrb5-dev + sudo aptitude -y install libldap2-dev + sudo aptitude -y install libidn11-dev + sudo aptitude -y install gnutls-dev + sudo aptitude -y install librtmp-dev + sudo aptitude -y install sendmail + sudo aptitude -y install mutt + sudo aptitude -y install git screen + sudo aptitude -y install pwgen -y + + + # Installing Package to compile crypto currency + output " " + output "Installing Package to compile crypto currency" + output " " + sleep 3 + + sudo aptitude -y install software-properties-common build-essential + sudo aptitude -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev + sudo aptitude -y install libminiupnpc10 libzmq5 + sudo aptitude -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev + sudo aptitude -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler + sudo add-apt-repository -y ppa:bitcoin/bitcoin + sudo apt-get -y update + sudo apt-get install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ + + + # Generating Random Passwords + password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + AUTOGENERATED_PASS=`pwgen -c -1 20` + + + # Test Email + output " " + output "Testing to see if server emails are sent" + output " " + sleep 3 + + if [[ "$root_email" != "" ]]; then + echo $root_email > sudo tee --append ~/.email + echo $root_email > sudo tee --append ~/.forward + + if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then + echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message + echo "You should receive this !" >> sudo tee --append /tmp/email.message + echo "" >> sudo tee --append /tmp/email.message + echo "Cheers" >> sudo tee --append /tmp/email.message + sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message + + sudo rm -f /tmp/email.message + echo "Mail sent" + fi + fi + + + # Installing Fail2Ban & UFW + output " " + output "Some optional installs (Fail2Ban & UFW)" + output " " + sleep 3 + + + if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then + sudo aptitude -y install fail2ban + fi + if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then + sudo apt-get install ufw + sudo ufw default deny incoming + sudo ufw default allow outgoing + sudo ufw allow ssh + sudo ufw allow http + sudo ufw allow https + sudo ufw allow 3333/tcp + sudo ufw allow 3339/tcp + sudo ufw allow 3334/tcp + sudo ufw allow 3433/tcp + sudo ufw allow 3555/tcp + sudo ufw allow 3556/tcp + sudo ufw allow 3573/tcp + sudo ufw allow 3535/tcp + sudo ufw allow 3533/tcp + sudo ufw allow 3553/tcp + sudo ufw allow 3633/tcp + sudo ufw allow 3733/tcp + sudo ufw allow 3636/tcp + sudo ufw allow 3737/tcp + sudo ufw allow 3739/tcp + sudo ufw allow 3747/tcp + sudo ufw allow 3833/tcp + sudo ufw allow 3933/tcp + sudo ufw allow 4033/tcp + sudo ufw allow 4133/tcp + sudo ufw allow 4233/tcp + sudo ufw allow 4234/tcp + sudo ufw allow 4333/tcp + sudo ufw allow 4433/tcp + sudo ufw allow 4533/tcp + sudo ufw allow 4553/tcp + sudo ufw allow 4633/tcp + sudo ufw allow 4733/tcp + sudo ufw allow 4833/tcp + sudo ufw allow 4933/tcp + sudo ufw allow 5033/tcp + sudo ufw allow 5133/tcp + sudo ufw allow 5233/tcp + sudo ufw allow 5333/tcp + sudo ufw allow 5433/tcp + sudo ufw allow 5533/tcp + sudo ufw allow 5733/tcp + sudo ufw allow 5743/tcp + sudo ufw allow 3252/tcp + sudo ufw allow 5755/tcp + sudo ufw allow 5766/tcp + sudo ufw allow 5833/tcp + sudo ufw allow 5933/tcp + sudo ufw allow 6033/tcp + sudo ufw allow 5034/tcp + sudo ufw allow 6133/tcp + sudo ufw allow 6233/tcp + sudo ufw allow 6333/tcp + sudo ufw allow 6433/tcp + sudo ufw allow 7433/tcp + sudo ufw allow 8333/tcp + sudo ufw allow 8463/tcp + sudo ufw allow 8433/tcp + sudo ufw allow 8533/tcp + sudo ufw --force enable + fi + + + # Installing PhpMyAdmin + output " " + output "Installing phpmyadmin" + output " " + sleep 3 + + echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections + sudo aptitude -y install phpmyadmin + + + # Installing Yiimp + output " " + output " Installing Yiimp" + output " " + output "Grabbing yiimp fron Github, building files and setting file structure." + output " " + sleep 3 + + + # Generating Random Password for stratum + blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + + # Compil Blocknotify + cd ~ + git clone https://github.com/tpruvot/yiimp.git + cd $HOME/yiimp/blocknotify + sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp + sudo make + + # Compil iniparser + cd $HOME/yiimp/stratum/iniparser + sudo make + + # Compil Stratum + cd $HOME/yiimp/stratum + if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then + sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile + sudo make + fi + sudo make + + # Copy Files (Blocknotify,iniparser,Stratum) + cd $HOME/yiimp + sudo sed -i 's/AdminRights/'$admin_panel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php + sudo cp -r $HOME/yiimp/web /var/ + sudo mkdir -p /var/stratum + cd $HOME/yiimp/stratum + sudo cp -a config.sample/. /var/stratum/config + sudo cp -r stratum /var/stratum + sudo cp -r run.sh /var/stratum + cd $HOME/yiimp + sudo cp -r $HOME/yiimp/bin/. /bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ + sudo mkdir -p /etc/yiimp + sudo mkdir -p /$HOME/backup/ + #fixing yiimp + sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp + #fixing run.sh + sudo rm -r /var/stratum/config/run.sh + echo ' +#!/bin/bash +ulimit -n 10240 +ulimit -u 10240 +cd /var/stratum +while true; do +./stratum /var/stratum/config/$1 +sleep 2 +done +exec bash +' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 + sudo chmod +x /var/stratum/config/run.sh + + + # Update Timezone + output " " + output "Update default timezone." + output " " + + # Check if link file + sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime + + # Update time zone + sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime + sudo aptitude -y install ntpdate + + # Write time to clock. + sudo hwclock -w + + + # Making Web Server Magic Happen + output " " + output "Making Web Server Magic Happen!" + output " " + + # Adding user to group, creating dir structure, setting permissions + sudo mkdir -p /var/www/$server_name/html + + + # Creating webserver initial config file + output " " + output "Creating webserver initial config file" + output " " + + if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (with SubDomain) + output " " + output "Install LetsEncrypt and setting SSL (with SubDomain)" + output " " + + sudo aptitude -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + fi + + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + else + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"' www.'"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (without SubDomain) + output " " + output "Install LetsEncrypt and setting SSL (without SubDomain)" + output " " + sleep 3 + + sudo aptitude -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"' www.'"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + fi + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + fi + + + # Config Database + output " " + output "Now for the database fun!" + output " " + sleep 3 + + # Create database + Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" + Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" + Q3="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}${Q3}" + sudo mysql -u root -p="" -e "$SQL" + + # Create stratum user + Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" + Q2="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}" + sudo mysql -u root -p="" -e "$SQL" + + #Create my.cnf + + echo ' +[clienthost1] +user=panel +password='"${password}"' +database=yiimpfrontend +host=localhost +[clienthost2] +user=stratum +password='"${password2}"' +database=yiimpfrontend +host=localhost +[myphpadmin] +user=phpmyadmin +password='"${AUTOGENERATED_PASS}"' +[mysql] +user=root +password='"${rootpasswd}"' +' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 + sudo chmod 0600 ~/.my.cnf + + # Create keys file + echo ' + '"'"'); +define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); +define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); +define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); +' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 + + + # Peforming the SQL import + output " " + output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you" + output " " + output "Peforming the SQL import" + output " " + sleep 3 + + cd ~ + cd yiimp/sql + + # Import sql dump + sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 + + # Oh the humanity! + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql + + + # Generating a basic Yiimp serverconfig.php + output " " + output "Generating a basic Yiimp serverconfig.php" + output " " + sleep 3 + + # Make config file +echo ' + 0.3 +define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); +// nicehash keys deposit account & amount to deposit at a time +define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); +define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); +define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); +define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); +$cold_wallet_table = array( + '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, +); +// Sample fixed pool fees +$configFixedPoolFees = array( + '"'"'zr5'"'"' => 2.0, + '"'"'scrypt'"'"' => 20.0, + '"'"'sha256'"'"' => 5.0, +); +// Sample custom stratum ports +$configCustomPorts = array( +// '"'"'x11'"'"' => 7000, +); +// mBTC Coefs per algo (default is 1.0) +$configAlgoNormCoef = array( +// '"'"'x11'"'"' => 5.0, +); +' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 + + + # Updating stratum config files with database connection info + output " " + output "Updating stratum config files with database connection info." + output " " + sleep 3 + + cd /var/stratum/config + sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf + sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf + sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf + sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf + sudo sed -i 's/username = root/username = stratum/g' *.conf + sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf + cd ~ + + + # Final Directory permissions + output " " + output "Final Directory permissions" + output " " + sleep 3 + + whoami=`whoami` + sudo mkdir /root/backup/ + #sudo usermod -aG www-data $whoami + #sudo chown -R www-data:www-data /var/log + sudo chown -R www-data:www-data /var/stratum + sudo chown -R www-data:www-data /var/web + sudo touch /var/log/debug.log + sudo chown -R www-data:www-data /var/log/debug.log + sudo chmod -R 775 /var/www/$server_name/html + sudo chmod -R 775 /var/web + sudo chmod -R 775 /var/stratum + sudo chmod -R 775 /var/web/yaamp/runtime + sudo chmod -R 664 /root/backup/ + sudo chmod -R 644 /var/log/debug.log + sudo chmod -R 775 /var/web/serverconfig.php + sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder + sudo rm -rf /var/log/nginx/* + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + + output " " + output " " + output " " + output " " + output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.cnf. this installer did not directly install anything required to build coins." + output " " + output "Please make sure to change your wallet addresses in the /var/web/serverconfig.php file." + output " " + output "Please make sure to add your public and private keys." + output " " + output "TUTO Youtube : https://www.youtube.com/watch?v=vdBCw6_cyig" + output " " + output " " diff --git a/old/install-v0.11.sh b/old/install-v0.11.sh new file mode 100644 index 00000000..f95a4920 --- /dev/null +++ b/old/install-v0.11.sh @@ -0,0 +1,1090 @@ +#!/bin/bash +################################################################################ +# Original Author: crombiecrunch +# Fork Author: manfromafar +# Current Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: https://www.xavatar.com +# +# Program: +# Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0 +# +# +################################################################################ +output() { + printf "\E[0;33;40m" + echo $1 + printf "\E[0m" +} + +displayErr() { + echo + echo $1; + echo + exit 1; +} + + #Add user group sudo + no password + whoami=`whoami` + sudo usermod -aG sudo ${whoami} + echo '# yiimp + # It needs passwordless sudo functionality. + '""''"${whoami}"''""' ALL=(ALL) NOPASSWD:ALL + ' | sudo -E tee /etc/sudoers.d/${whoami} >/dev/null 2>&1 + + #Copy needed files + sudo cp -r ../utils/screen-scrypt.sh /etc/ + sudo chmod +x /etc/screen-scrypt.sh + + + clear + output " " + output "Yiimp Install Script v0.1" + output "Install yiimp on Ubuntu 16.04 running Nginx, MariaDB, and php7.0" + output " " + sleep 3 + + output " " + output " " + output "Make sure you double check before hitting enter! Only one shot at these!" + output " " + read -e -p "Enter time zone (e.g. America/New_York) : " TIME + read -e -p "Server name (no http:// or www. just : example.com or pool.example.com) : " server_name + read -e -p "Are you using a subdomain (pool.example.com?) [y/N] : " sub_domain + read -e -p "Enter support email (e.g. admin@example.com) : " EMAIL + read -e -p "Set Pool to AutoExchange? i.e. mine any coin with BTC address? [y/N] : " BTC + read -e -p "Please enter a new location for /site/adminRights this is to customize the Admin Panel entrance url (e.g. myAdminpanel) : " admin_panel + read -e -p "Enter the Public IP of the system you will use to access the admin panel (http://www.whatsmyip.org/) : " Public + read -e -p "Install Fail2ban? [Y/n] : " install_fail2ban + read -e -p "Install UFW and configure ports? [Y/n] : " UFW + read -e -p "Install LetsEncrypt SSL? IMPORTANT! You MUST have your domain name pointed to this server prior to running the script!! [Y/n]: " ssl_install + + + # Update package and Upgrade Ubuntu + output " " + output "Updating system and installing required packages." + output " " + sleep 3 + + sudo apt-get -y update + sudo apt-get -y upgrade + sudo apt-get -y autoremove + + + # Switch Aptitude + output " " + output "Switching to Aptitude" + output " " + sleep 3 + + sudo apt-get -y install aptitude + + + # Installing Nginx + output " " + output "Installing Nginx server." + output " " + sleep 3 + + sudo aptitude -y install nginx + sudo rm /etc/nginx/sites-enabled/default + sudo systemctl start nginx.service + sudo systemctl enable nginx.service + sudo systemctl start cron.service + sudo systemctl enable cron.service + + + # Making Nginx a bit hard + echo 'map $http_user_agent $blockedagent { +default 0; +~*malicious 1; +~*bot 1; +~*backdoor 1; +~*crawler 1; +~*bandit 1; +} +' | sudo -E tee /etc/nginx/blockuseragents.rules >/dev/null 2>&1 + + + # Installing Mariadb + output " " + output "Installing Mariadb Server." + output " " + sleep 3 + + # Create random password + rootpasswd=$(openssl rand -base64 12) + export DEBIAN_FRONTEND="noninteractive" + sudo aptitude -y install mariadb-server + sudo systemctl start mysql + sudo systemctl enable mysql + + + # Installing Installing php7.x + output " " + output "Installing php7.x" + output " " + sleep 3 + + sudo aptitude -y install php7.0-fpm + sudo aptitude -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring + sudo phpenmod mcrypt + sudo phpenmod mbstring + sudo systemctl start php7.0-fpm.service + + + # Installing other needed files + output " " + output "Installing other needed files" + output " " + sleep 3 + + sudo aptitude -y install libgmp3-dev + sudo aptitude -y install libmysqlclient-dev + sudo aptitude -y install libcurl4-gnutls-dev + sudo aptitude -y install libkrb5-dev + sudo aptitude -y install libldap2-dev + sudo aptitude -y install libidn11-dev + sudo aptitude -y install gnutls-dev + sudo aptitude -y install librtmp-dev + sudo aptitude -y install sendmail + sudo aptitude -y install mutt + sudo aptitude -y install git screen + sudo aptitude -y install pwgen -y + + + # Installing Package to compile crypto currency + output " " + output "Installing Package to compile crypto currency" + output " " + sleep 3 + + sudo aptitude -y install software-properties-common build-essential + sudo aptitude -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext + sudo aptitude -y install libminiupnpc10 libzmq5 + sudo aptitude -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev + sudo aptitude -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler + sudo add-apt-repository -y ppa:bitcoin/bitcoin + sudo apt-get -y update + sudo apt-get install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ + + + # Generating Random Passwords + password=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + password2=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + AUTOGENERATED_PASS=`pwgen -c -1 20` + + + # Test Email + output " " + output "Testing to see if server emails are sent" + output " " + sleep 3 + + if [[ "$root_email" != "" ]]; then + echo $root_email > sudo tee --append ~/.email + echo $root_email > sudo tee --append ~/.forward + + if [[ ("$send_email" == "y" || "$send_email" == "Y" || "$send_email" == "") ]]; then + echo "This is a mail test for the SMTP Service." > sudo tee --append /tmp/email.message + echo "You should receive this !" >> sudo tee --append /tmp/email.message + echo "" >> sudo tee --append /tmp/email.message + echo "Cheers" >> sudo tee --append /tmp/email.message + sudo sendmail -s "SMTP Testing" $root_email < sudo tee --append /tmp/email.message + + sudo rm -f /tmp/email.message + echo "Mail sent" + fi + fi + + + # Installing Fail2Ban & UFW + output " " + output "Some optional installs (Fail2Ban & UFW)" + output " " + sleep 3 + + + if [[ ("$install_fail2ban" == "y" || "$install_fail2ban" == "Y" || "$install_fail2ban" == "") ]]; then + sudo aptitude -y install fail2ban + fi + if [[ ("$UFW" == "y" || "$UFW" == "Y" || "$UFW" == "") ]]; then + sudo apt-get install ufw + sudo ufw default deny incoming + sudo ufw default allow outgoing + sudo ufw allow ssh + sudo ufw allow http + sudo ufw allow https + sudo ufw allow 3333/tcp + sudo ufw allow 3339/tcp + sudo ufw allow 3334/tcp + sudo ufw allow 3433/tcp + sudo ufw allow 3555/tcp + sudo ufw allow 3556/tcp + sudo ufw allow 3573/tcp + sudo ufw allow 3535/tcp + sudo ufw allow 3533/tcp + sudo ufw allow 3553/tcp + sudo ufw allow 3633/tcp + sudo ufw allow 3733/tcp + sudo ufw allow 3636/tcp + sudo ufw allow 3737/tcp + sudo ufw allow 3739/tcp + sudo ufw allow 3747/tcp + sudo ufw allow 3833/tcp + sudo ufw allow 3933/tcp + sudo ufw allow 4033/tcp + sudo ufw allow 4133/tcp + sudo ufw allow 4233/tcp + sudo ufw allow 4234/tcp + sudo ufw allow 4333/tcp + sudo ufw allow 4433/tcp + sudo ufw allow 4533/tcp + sudo ufw allow 4553/tcp + sudo ufw allow 4633/tcp + sudo ufw allow 4733/tcp + sudo ufw allow 4833/tcp + sudo ufw allow 4933/tcp + sudo ufw allow 5033/tcp + sudo ufw allow 5133/tcp + sudo ufw allow 5233/tcp + sudo ufw allow 5333/tcp + sudo ufw allow 5433/tcp + sudo ufw allow 5533/tcp + sudo ufw allow 5733/tcp + sudo ufw allow 5743/tcp + sudo ufw allow 3252/tcp + sudo ufw allow 5755/tcp + sudo ufw allow 5766/tcp + sudo ufw allow 5833/tcp + sudo ufw allow 5933/tcp + sudo ufw allow 6033/tcp + sudo ufw allow 5034/tcp + sudo ufw allow 6133/tcp + sudo ufw allow 6233/tcp + sudo ufw allow 6333/tcp + sudo ufw allow 6433/tcp + sudo ufw allow 7433/tcp + sudo ufw allow 8333/tcp + sudo ufw allow 8463/tcp + sudo ufw allow 8433/tcp + sudo ufw allow 8533/tcp + sudo ufw --force enable + fi + + + # Installing PhpMyAdmin + output " " + output "Installing phpmyadmin" + output " " + sleep 3 + + echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-user string root" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/admin-pass password $rootpasswd" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENERATED_PASS" | sudo debconf-set-selections + echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENERATED_PASS" | sudo debconf-set-selections + sudo aptitude -y install phpmyadmin + + + # Installing Yiimp + output " " + output " Installing Yiimp" + output " " + output "Grabbing yiimp fron Github, building files and setting file structure." + output " " + sleep 3 + + + # Generating Random Password for stratum + blckntifypass=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1` + + # Compil Blocknotify + cd ~ + git clone https://github.com/tpruvot/yiimp.git + cd $HOME/yiimp/blocknotify + sudo sed -i 's/tu8tu5/'$blckntifypass'/' blocknotify.cpp + sudo make + + # Compil iniparser + cd $HOME/yiimp/stratum/iniparser + sudo make + + # Compil Stratum + cd $HOME/yiimp/stratum + if [[ ("$BTC" == "y" || "$BTC" == "Y") ]]; then + sudo sed -i 's/CFLAGS += -DNO_EXCHANGE/#CFLAGS += -DNO_EXCHANGE/' $HOME/yiimp/stratum/Makefile + sudo make + fi + sudo make + + # Copy Files (Blocknotify,iniparser,Stratum) + cd $HOME/yiimp + sudo sed -i 's/AdminRights/'$admin_panel'/' $HOME/yiimp/web/yaamp/modules/site/SiteController.php + sudo cp -r $HOME/yiimp/web /var/ + sudo mkdir -p /var/stratum + cd $HOME/yiimp/stratum + sudo cp -a config.sample/. /var/stratum/config + sudo cp -r stratum /var/stratum + sudo cp -r run.sh /var/stratum + cd $HOME/yiimp + sudo cp -r $HOME/yiimp/bin/. /bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /usr/bin/ + sudo cp -r $HOME/yiimp/blocknotify/blocknotify /var/stratum/ + sudo mkdir -p /etc/yiimp + sudo mkdir -p /$HOME/backup/ + #fixing yiimp + sudo sed -i "s|ROOTDIR=/data/yiimp|ROOTDIR=/var|g" /bin/yiimp + #fixing run.sh + sudo rm -r /var/stratum/config/run.sh + echo ' +#!/bin/bash +ulimit -n 10240 +ulimit -u 10240 +cd /var/stratum +while true; do +./stratum /var/stratum/config/$1 +sleep 2 +done +exec bash +' | sudo -E tee /var/stratum/config/run.sh >/dev/null 2>&1 + sudo chmod +x /var/stratum/config/run.sh + + + # Update Timezone + output " " + output "Update default timezone." + output " " + + # Check if link file + sudo [ -L /etc/localtime ] && sudo unlink /etc/localtime + + # Update time zone + sudo ln -sf /usr/share/zoneinfo/$TIME /etc/localtime + sudo aptitude -y install ntpdate + + # Write time to clock. + sudo hwclock -w + + + # Making Web Server Magic Happen + output " " + output "Making Web Server Magic Happen!" + output " " + + # Adding user to group, creating dir structure, setting permissions + sudo mkdir -p /var/www/$server_name/html + + + # Creating webserver initial config file + output " " + output "Creating webserver initial config file" + output " " + + if [[ ("$sub_domain" == "y" || "$sub_domain" == "Y") ]]; then + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (with SubDomain) + output " " + output "Install LetsEncrypt and setting SSL (with SubDomain)" + output " " + + sudo aptitude -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + fi + + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + else + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"' www.'"${server_name}"'; + root "/var/www/'"${server_name}"'/html/web"; + index index.html index.htm index.php; + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + location ~ /\.ht { + deny all; + } + location ~ /.well-known { + allow all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + sudo ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf + sudo ln -s /var/web /var/www/$server_name/html + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + if [[ ("$ssl_install" == "y" || "$ssl_install" == "Y" || "$ssl_install" == "") ]]; then + + # Install SSL (without SubDomain) + output " " + output "Install LetsEncrypt and setting SSL (without SubDomain)" + output " " + sleep 3 + + sudo aptitude -y install letsencrypt + sudo letsencrypt certonly -a webroot --webroot-path=/var/web --email "$EMAIL" --agree-tos -d "$server_name" -d www."$server_name" + sudo rm /etc/nginx/sites-available/$server_name.conf + sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 + # I am SSL Man! + echo 'include /etc/nginx/blockuseragents.rules; + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 80; + listen [::]:80; + server_name '"${server_name}"'; + # enforce https + return 301 https://$server_name$request_uri; + } + + server { + if ($blockedagent) { + return 403; + } + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 444; + } + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name '"${server_name}"' www.'"${server_name}"'; + + root /var/www/'"${server_name}"'/html/web; + index index.php; + + access_log /var/log/nginx/'"${server_name}"'.app-access.log; + error_log /var/log/nginx/'"${server_name}"'.app-error.log; + + # allow larger file uploads and longer script runtimes + client_body_buffer_size 50k; + client_header_buffer_size 50k; + client_max_body_size 50k; + large_client_header_buffers 2 50k; + sendfile off; + + # strengthen ssl security + ssl_certificate /etc/letsencrypt/live/'"${server_name}"'/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/'"${server_name}"'/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + ssl_dhparam /etc/ssl/certs/dhparam.pem; + + # Add headers to serve security related headers + add_header Strict-Transport-Security "max-age=15768000; preload;"; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location / { + try_files $uri $uri/ /index.php?$args; + } + location @rewrite { + rewrite ^/(.*)$ /index.php?r=$1; + } + + + location ~ ^/index\.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + try_files $uri $uri/ =404; + } + location ~ \.php$ { + return 404; + } + location ~ \.sh { + return 404; + } + + location ~ /\.ht { + deny all; + } + location /phpmyadmin { + root /usr/share/; + index index.php; + try_files $uri $uri/ =404; + location ~ ^/phpmyadmin/(doc|sql|setup)/ { + deny all; + } + location ~ /phpmyadmin/(.+\.php)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + include snippets/fastcgi-php.conf; + } + } + } + +' | sudo -E tee /etc/nginx/sites-available/$server_name.conf >/dev/null 2>&1 + + fi + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + fi + + + # Config Database + output " " + output "Now for the database fun!" + output " " + sleep 3 + + # Create database + Q1="CREATE DATABASE IF NOT EXISTS yiimpfrontend;" + Q2="GRANT ALL ON *.* TO 'panel'@'localhost' IDENTIFIED BY '$password';" + Q3="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}${Q3}" + sudo mysql -u root -p="" -e "$SQL" + + # Create stratum user + Q1="GRANT ALL ON *.* TO 'stratum'@'localhost' IDENTIFIED BY '$password2';" + Q2="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}" + sudo mysql -u root -p="" -e "$SQL" + + #Create my.cnf + + echo ' +[clienthost1] +user=panel +password='"${password}"' +database=yiimpfrontend +host=localhost +[clienthost2] +user=stratum +password='"${password2}"' +database=yiimpfrontend +host=localhost +[myphpadmin] +user=phpmyadmin +password='"${AUTOGENERATED_PASS}"' +[mysql] +user=root +password='"${rootpasswd}"' +' | sudo -E tee ~/.my.cnf >/dev/null 2>&1 + sudo chmod 0600 ~/.my.cnf + + # Create keys file + echo ' + '"'"'); +define('"'"'EXCH_BITSTAMP_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_BLEUTRADE_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_BTER_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_CCEX_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_COINMARKETS_PASS'"'"', '"'"''"'"'); +define('"'"'EXCH_CRYPTOPIA_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_EMPOEX_SECKEY'"'"', '"'"''"'"'); +define('"'"'EXCH_HITBTC_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_KRAKEN_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_LIVECOIN_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_NOVA_SECRET'"'"','"'"''"'"'); +define('"'"'EXCH_POLONIEX_SECRET'"'"', '"'"''"'"'); +define('"'"'EXCH_YOBIT_SECRET'"'"', '"'"''"'"'); +' | sudo -E tee /etc/yiimp/keys.php >/dev/null 2>&1 + + + # Peforming the SQL import + output " " + output "Database 'yiimpfrontend' and users 'panel' and 'stratum' created with password $password and $password2, will be saved for you" + output " " + output "Peforming the SQL import" + output " " + sleep 3 + + cd ~ + cd yiimp/sql + + # Import sql dump + sudo zcat 2016-04-03-yaamp.sql.gz | sudo mysql --defaults-group-suffix=host1 + + # Oh the humanity! + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-24-market_history.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-04-27-settings.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-11-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-15-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-05-23-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-01-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-06-04-bench_chips.sql + sudo mysql --defaults-group-suffix=host1 --force < 2016-11-23-coins.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-02-05-benchmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-03-31-earnings_index.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-05-accounts_case_swaptime.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-06-payouts_coinid_memo.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-09-notifications.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-10-bookmarks.sql + sudo mysql --defaults-group-suffix=host1 --force < 2017-11-segwit.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-01-stratums_ports.sql + sudo mysql --defaults-group-suffix=host1 --force < 2018-02-coins_getinfo.sql + + + # Generating a basic Yiimp serverconfig.php + output " " + output "Generating a basic Yiimp serverconfig.php" + output " " + sleep 3 + + # Make config file +echo ' + 0.3 +define('"'"'EXCH_AUTO_WITHDRAW'"'"', 0.3); + +// nicehash keys deposit account & amount to deposit at a time +define('"'"'NICEHASH_API_KEY'"'"','"'"'f96c65a7-3d2f-4f3a-815c-cacf00674396'"'"'); +define('"'"'NICEHASH_API_ID'"'"','"'"'825979'"'"'); +define('"'"'NICEHASH_DEPOSIT'"'"','"'"'3ABoqBjeorjzbyHmGMppM62YLssUgJhtuf'"'"'); +define('"'"'NICEHASH_DEPOSIT_AMOUNT'"'"','"'"'0.01'"'"'); + +$cold_wallet_table = array( + '"'"'1PqjApUdjwU9k4v1RDWf6XveARyEXaiGUz'"'"' => 0.10, +); + +// Sample fixed pool fees +$configFixedPoolFees = array( + '"'"'zr5'"'"' => 2.0, + '"'"'scrypt'"'"' => 20.0, + '"'"'sha256'"'"' => 5.0, +); + +// Sample custom stratum ports +$configCustomPorts = array( +// '"'"'x11'"'"' => 7000, +); + +// mBTC Coefs per algo (default is 1.0) +$configAlgoNormCoef = array( +// '"'"'x11'"'"' => 5.0, +); +' | sudo -E tee /var/web/serverconfig.php >/dev/null 2>&1 + + + # Updating stratum config files with database connection info + output " " + output "Updating stratum config files with database connection info." + output " " + sleep 3 + + cd /var/stratum/config + sudo sed -i 's/password = tu8tu5/password = '$blckntifypass'/g' *.conf + sudo sed -i 's/server = yaamp.com/server = '$server_name'/g' *.conf + sudo sed -i 's/host = yaampdb/host = localhost/g' *.conf + sudo sed -i 's/database = yaamp/database = yiimpfrontend/g' *.conf + sudo sed -i 's/username = root/username = stratum/g' *.conf + sudo sed -i 's/password = patofpaq/password = '$password2'/g' *.conf + cd ~ + + + # Final Directory permissions + output " " + output "Final Directory permissions" + output " " + sleep 3 + + whoami=`whoami` + sudo usermod -aG www-data $whoami + sudo usermod -a -G www-data $whoami + + sudo find /var/web -type d -exec chmod 775 {} + + sudo find /var/web -type f -exec chmod 664 {} + + sudo chgrp www-data /var/web -R + sudo chmod g+w /var/web -R + + sudo mkdir /var/log/yiimp + sudo touch /var/log/yiimp/debug.log + sudo chgrp www-data /var/log/yiimp -R + sudo chmod 775 /var/log/yiimp -R + + sudo chgrp www-data /var/stratum -R + sudo chmod 775 /var/stratum + + sudo mkdir -p /var/yiimp/sauv + sudo chgrp www-data /var/yiimp -R + sudo chmod 775 /var/yiimp -R + + + #Add to contrab screen-scrypt + (crontab -l 2>/dev/null; echo "@reboot sleep 20 && /etc/screen-scrypt.sh") | crontab - + + #fix error screen main "service" + sudo sed -i 's/service $webserver start/sudo service $webserver start/g' /var/web/yaamp/modules/thread/CronjobController.php + sudo sed -i 's/service nginx stop/sudo service nginx stop/g' /var/web/yaamp/modules/thread/CronjobController.php + + #fix error screen main "backup sql frontend" + sudo sed -i "s|/root/backup|/var/yiimp/sauv|g" /var/web/yaamp/core/backend/system.php + sudo sed -i '14d' /var/web/yaamp/defaultconfig.php + + #Misc + sudo mv $HOME/yiimp/ $HOME/yiimp-install-only-do-not-run-commands-from-this-folder + sudo rm -rf /var/log/nginx/* + + #Hold update OpenSSL + #If you want remove the hold : sudo apt-mark unhold openssl + sudo apt-mark hold openssl + + sudo systemctl reload php7.0-fpm.service + sudo systemctl restart nginx.service + + + output " " + output " " + output " " + output " " + output "Whew that was fun, just some reminders. Your mysql information is saved in ~/.my.cnf. this installer did not directly install anything required to build coins." + output " " + output "Please make sure to change your wallet addresses in the /var/web/serverconfig.php file." + output " " + output "Please make sure to add your public and private keys." + output " " + output "TUTO Youtube : https://www.youtube.com/watch?v=vdBCw6_cyig" + output " " + output " " + echo -e "$RED***************************************************$COL_RESET" + echo -e "$RED YOU MUST REBOOT NOW TO FINALIZE INSTALLATION !!! $COL_RESET" + echo -e "$RED***************************************************$COL_RESET" + echo + echo diff --git a/utils/coin.list b/utils/coin.list new file mode 100644 index 00000000..93b0f6e5 --- /dev/null +++ b/utils/coin.list @@ -0,0 +1,980 @@ +007 +URO +CANN +POT +TAG +DOGE +RBY +NOTE +LTC +NVC +START +42 +JBS +LSD +J +SLG +VIK +RPC +XG +DP +MARYJ +XMG +RUBLE +XCLD +SWIFT +ARCH +GAIA +WWC +XRP +LMR +MNE +CRW +VDO +NOPE +XWT +MUE +DTC +SRC +QRK +SMBR +PXC +FTC +HYP +LOG +QBK +CENT +BLOCK +CATC +SCSY +GUN +ABY +BALLS +QSLV +U +BYC +BUN +UFO +ZER +ZNY +VTC +MRY +HLC +CRYPT +ACHK +BRXv2 +GSX +PFC +EXE +MN +VPN +VIOR +BAY +HIC +DEAF +BTS +CKC +VIA +ERM +FUD +AM +FIND +CBR +SPR +PTC +METAL +CXC +ULTC +SYS +BCF +DGC +MONA +MEC +ANC +RMS +BTM +WDC +CAT +HUC +EVENT +FAIR +DS +DGB +BCENT +SMLY +XPY +NOO +SUPER +VTR +CLAM +TTC +XAI +NKT +FLO +RDD +NXT +BC +MYR-qubit +UTC +888 +EFL +DIME +SLR +WATER +NLG +GIVE +WC +NOBL +BITS +BLU +OC +THC +ENRG +SHIBE +SFR +NAUT +VRC +CURE +SYNC +BLC +XSI +XC +XDQ +MMXIV +CAIX +BBR +HYPER +CCN +KTK +MUGA +VOOT +BN +XMR +CLOAK +CHCC +BURN +KORE +RZR +XDN +MIN +TECH +GML +TRK +WKC +QTL +XXX +AERO +TRUST +BRIT +JUDGE +NAV +XST +APEX +ZET +BTCD +KEY +NUD +TRI +PES +ICG +UNO +ESC +PINK +IOC +SDC +RAW +MAX +LXC +BOOM +BOB +UNAT +MWC +VAULT +FC2 +SSD +HAL +BIG +NEOS +GB +ROOT +AXR +RIPO +FIBRE +SHADE +FLEX +XBOT +XCASH +BURST +LTCD +CRAIG +TIT +BSTY +GNS +DCN +PXI +MLS +ROS +STV +OPAL +EXCL +PYRA +NET +SEED +PND +GHC +DOPE +ONE +BLEU +BVC +CAGE +CDN +CESC +CLR +CZC +XVG +DON +FJC +GCN +GRN +GUA +HAM +HEX +HTML5 +IFC +IRL +KARM +MINT +MOON +MTLMC +NMC +NYC +ORB +PAC +PCC +PHC +PPC +RC +SXC +TRL +USD +VTA +XPM +BTQ +EMC2 +GIMP +GRC +KRYP +MIC +MOTO +MSC +NIC +NWO +PLCN +PROZ +SONG +SPUDS +SQC +VOXP +VTX +XRC +XSX +AC +ACOIN +AGS +ALF +ALN +AMC +ARG +AUR +BCX +BEN +BET +BNCR +BOST +BQC +BTB +BTE +BTG +BUK +CACH +CAP +CASH +CGB +CINNI +CMC +CNC +CNL +COMM +COOL +CRACK +CRC +CSC +DEM +DMD +DRKC +DT +DVC +EAC +ELC +EMD +EZC +FFC +FLT +FRAC +FRK +FST +GDC +GLC +GLD +GLX +GLYPH +GUE +HBN +HVC +ICB +IXC +JKC +KDC +KGC +LAB +LGD +LK7 +LKY +LTB +LTCX +LYC +MED +MNC +MZC +NAN +NBL +NEC +NRB +NRS +NYAN +OSC +PHS +Points +PSEUD +PTS +PYC +RT2 +RYC +SAT2 +SBC +SHLD +SILK +SMC +SOLE +SPA +SPT +SSV +STR +TAK +TEK +TES +TGC +TOR +TRC +UNB +USDe +XCR +XJO +XLB +YAC +YBC +ZCC +ZED +ADT +ASC +BAT +COL +CPR +CTM +DBL +DMC +ELP +FLAP +GME +LEAF +LOT +MEM +MEOW +MST +RBBT +RED +TIPS +TIX +XNC +ZEIT +EQX +UCI +ggggg +VMC +GMC +2015 +HGC +UIS +SBIT +BLK +BCR +XSP +INCA +NKA +CON +EAGS +GP +USDT +XBS +ARI +DGD +XPC +XDE +CSD +RBR +FSC2 +XWC +1CR +ACH +ADN +BCN +BELA +C2 +CGA +CHA +CNMT +CYC +DIEM +DSH +FLDC +GAP +GDN +GEMZ +GOLD +GRS +HIRO +HZ +JLH +LTBC +MAID +MCN +MIL +MMC +MMNXT +MNTA +MRS +NBT +NOXT +NXTI +PIGGY +PRC +RIC +SJCX +SQL +SRCC +SWARM +UNITY +WOLF +XAP +XBC +XCH +XCN +XCP +XDP +XUSD +YACC +GIG +SOON +OBS +XFB +CCC +OMA +CETI +XPB +BTCS +MYST +10K +XTR +AMBER +LQD +GEO +KOBO +CELL +CBX +XPD +NVCD +PEN +BEAN +BITB +DGORE +XTC +LTS +SLM +GRID +SMAC +DD +CIN +SUP +LYB +PTY +GSM +NSR +MTR +ECASH +WBB +XVC +VOYA +XCO +ZRC +UNC +XFC +XAU +MINE +ASN +RBT +LDOGE +PAY +OMC +BITZ +CRAVE +ZIRK +XDB +DASH +BTCRY +ICASH +256 +SLFI +XEM +CC +CAD +EUR +OCTO +ICN +URC +CRY +PXL +QORA +CYP +MRP +EKN +EGG +STP +NXE +AECC +PLANET +FIRE +ANAL +MTLMC3 +TWIST +CRIME +BTCR +TEC +KARMA +TCX +TAB +NDOGE +GIFT +BBCC +TRICK +DGMS +CCB +OZC +STK +SIC +DECR +RICE +XPRO +TRON +GIZ +ETRUST +LEA +HZT +P7C +IEC +8BIT +OK +ACP +CGN +CF +CTK +NTRN +COV +SLING +MYR +UIS-skein +UIS-qubit +LUX +DRZ +7 +HUGE +BLITZ +NIRO +GRAM +SIGU +AIB +UNAT-skein +QTZ +DOX +XTP +XNX +XSEED +XMS +GUM +SPHR +TDFB +BTX +UNIT +BUB +GPH +GRAV +SPC +CTO +EPY +GOAT +PNC +UTLE +VIRAL +ISL +GAM +PKB +EPC +VTN +FCS +TKT +FSN +BTI +LIMX +SHELL +CLV +TB +BIT16 +16BIT +M1 +KRAK +BA +AST +GRT +BTA +MRB +PTA +DCC +ARB +CORG +DB +EQM +FADE +SED +SKB +TNG +TWERK +CS +GENIUS +PRE +NICE +XNA +32BIT +VCN +CREVA +ADC +SNRG +ECC +RDN +PSY +TWLV +VCOIN +MOIN +GREED +EXB +GLUCK +DRA +OPTION +SEEDS +NANAS +BNB +ARPA +VAPOR +DUB +FIST +XPH +XCE +DRKT +ILM +GEN +TRANSF +EOC +SAK +SEN +HEDG +ERC +NODX +WOC2 +CIRC +SMSR +GLOBE +XVI +FUTC +BOD +GTFO +DIBS +GRM +GENE +SPKTR +BUCKS +GENI +INDEX +POLY +TAM +HAZE +TAGR +EA +SPEC +XRA +BLUS +KC +TENNET +EXT +SPX +GMCX +SJW +BAM +CRPS +HXX +FLAX +CHC +YOVI +DRP +XDC +DOT +WSX +POP +DARK +SVC +MDC +66 +$$$ +XGR +XPL +KIWI +NTC +TTY +TOP +CIV +GXG +FTCC +$MINE +ADD +$MINEW +$MINEZ +IPC +SPN +BSY +DUCK +UNIC +FUNK +CNO +CHAO +BLZ +EMC +OFF +BDSM +EXC +FETISH +SHA +SKC +MARS +CX +CDC +ANI +DUO +GRW +PLC +V +QUIT +BNX +ALCUREX +BTRHA +CV2 +DRM +FAIL +FIMK +FRSH +FX01 +HANSA +ISO +MRC +NODE +P0001 +PHO +PPCD +RUM +TALK +VAPE +ZUR +CARB +IDC +MCAR +VERSA +LFO +FIC +2BACCO +NUKE +SPROUT +MDT +SPRTS +CPN +BSC +BSD +DIGS +IBITS +CPC +AXIOM +AEON +ETH +GCR +MACRO +TX +SHF +BCY +PRIME +EXP +NEU +SWING +MAPC +INFX +SOIL +OMNI +AMP +AGRS +XLM +BITCNY +CUBE +BST +AMS +SCRT +SCOT +CLUB +BNT +VOX +MND +FCT +EGC +SLS +HIRE +STEPS +RADS +DCR +SEC +DNET +WARP +CRBIT +FUEL +NOC +TROLL +BITUSD +SC +1337 +ADCN +AND +ANTI +APC +AR2 +BAC +BIC +BIOS +BTCHC +CBIT +CHIP +CIONZ +CRE +CYG +DEUR +DROP +EC +EDRC +FNX +FLOZ +FTP +GCC +GMX +GSY +HMP +HNC +HODL +HTC +KLC +KNC +MBL +MI +MMXVI +NKC +OP +OPES +PULSE +RBIES +REV +TRBO +SIB +STS +TBC +VAL +WLC +WOP +XCT +XHI +XID +YOC +PRT +ZOOM +LGBTQ +BOLI +DGCS +ADZ +RICHX +REP +RUBIT +SANDG +BRONZ +X2 +LTCR +EVO +BTP +CPNC +EVIL +JIF +BTCU +SPL +BUZZ +TRUMP +DBIC +FONZ +GAME +CFC +VGC +PR +GRE-OLD +EUC +PAK +CAPT +I0C +EBG +BUMBA +FLY +WHIPPED +SHND +G3N +UMO +FOOT +CHAI +CZECO +DRK +HZDOGE +STATS +BANX +MCZ +MEME +KUMA +CHILD +XQN +DES +UNF + diff --git a/utils/compile.sh b/utils/compile.sh new file mode 100644 index 00000000..b4e146bf --- /dev/null +++ b/utils/compile.sh @@ -0,0 +1,103 @@ +#!/bin/bash +################################################################################ +# Original Author: crombiecrunch +# Current Author: Xavatar +# Web: https://www.xavatar.com +# +# Program: +# After entering coin name and github link automatically build coin +# +# +################################################################################ +output() { + printf "\E[0;33;40m" + echo $1 + printf "\E[0m" +} +displayErr() { + echo + echo $1; + echo + exit 1; +} +cd ~ + +if [[ ! -e 'CoinBuilds' ]]; then + sudo mkdir CoinBuilds +elif [[ ! -d 'CoinBuilds' ]]; then + output "Coinbuilds already exists.... Skipping" 1>&2 +fi + +clear +cd CoinBuilds +output "This script assumes you already have the dependicies installed on your system!" +output "" + read -e -p "Enter the name of the coin : " coin + read -e -p "Paste the github link for the coin : " git_hub + +if [[ ! -e '$coin' ]]; then + sudo git clone $git_hub $coin +elif [[ ! -d ~$CoinBuilds/$coin ]]; then + output "Coinbuilds/$coin already exists.... Skipping" 1>&2 + output "Can not continue" + exit 0 +fi + +cd "${coin}" + +if [ -f autogen.sh ]; then + output " " + output "Auto Compilation Starting " + output " " + output "Starting ./autogen.sh" + output " " + sudo chmod +x ./autogen.sh + sudo ./autogen.sh + output " " + output "Starting ./configure" + output " " + sudo chmod +x ./configure + sudo ./configure CPPFLAGS="-I/usr/local/include" + sudo chmod +x share/genbuild.sh + output " " + output "Starting make" + output " " + sudo make + output " " + output "$coin_name finished and can be found in CoinBuilds/$coin/src/ Make sure you sudo strip Coind and coin-cli if it exists, copy to /usr/bin" + output " " +else + cd src + +if [ -f rpcrawtransaction.cpp ]; then + + sudo sed -i 's///g' rpcrawtransaction.cpp + +if [[ ! -e 'obj' ]]; then + output " " + output "Creation directory obj" + output " " + sudo mkdir obj +elif [[ ! -d 'obj' ]]; then + output "Hey the developer did his job" 1>&2 +fi + +if [ -d 'leveldb' ]; then + output " " + output "Compilation libleveldb.a libmemenv.a" + output " " + cd leveldb + sudo chmod +x build_detect_platform + sudo make clean + sudo make libleveldb.a libmemenv.a + cd .. +fi +output " " +output "SRC Compilation Starting " +output " " +sudo make -f makefile.unix +output " " +output "$coin finished and can be found in CoinBuilds/$coin/src/ Make sure you sudo strip Coind and coin-cli if it exists, copy to /usr/bin" +output " " +fi diff --git a/utils/delcoin.sh b/utils/delcoin.sh new file mode 100644 index 00000000..98cde777 --- /dev/null +++ b/utils/delcoin.sh @@ -0,0 +1,14 @@ +#!/bin/bash +################################################################################ +# Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: https://www.xavatar.com +# +# Program: +# Remove all coin in Yiimp +# +# +################################################################################ + +for line in $(cat coin.list); do +yiimp coin "$line" delete; +done diff --git a/utils/packagecompile.sh b/utils/packagecompile.sh new file mode 100644 index 00000000..b0602326 --- /dev/null +++ b/utils/packagecompile.sh @@ -0,0 +1,26 @@ + +#!/bin/bash +################################################################################ +# Original Author: Xavatar (https://github.com/xavatar/yiimp_install_scrypt) +# Web: https://www.xavatar.com +# +# Program: +# Install needed Package to compile crypto currency +# +# +################################################################################ + + # Installing Package to compile crypto currency + output " " + output "Installing needed Package to compile crypto currency" + output " " + sleep 3 + + sudo apt -y install software-properties-common build-essential + sudo apt -y install libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils git cmake libboost-all-dev zlib1g-dev libz-dev libseccomp-dev libcap-dev libminiupnpc-dev gettext + sudo apt -y install libminiupnpc10 libzmq5 + sudo apt -y install libcanberra-gtk-module libqrencode-dev libzmq3-dev + sudo apt -y install libqt5gui5 libqt5core5a libqt5webkit5-dev libqt5dbus5 qttools5-dev qttools5-dev-tools libprotobuf-dev protobuf-compiler + sudo add-apt-repository -y ppa:bitcoin/bitcoin + sudo apt -y update + sudo apt install -y libdb4.8-dev libdb4.8++-dev libdb5.3 libdb5.3++ diff --git a/utils/screen-scrypt.sh b/utils/screen-scrypt.sh new file mode 100644 index 00000000..e97c01c7 --- /dev/null +++ b/utils/screen-scrypt.sh @@ -0,0 +1,13 @@ +#!/bin/bash + LOG_DIR=/var/log/yiimp + WEB_DIR=/var/web + STRATUM_DIR=/var/stratum + USR_BIN=/usr/bin + + screen -dmS main bash $WEB_DIR/main.sh + screen -dmS loop2 bash $WEB_DIR/loop2.sh + screen -dmS blocks bash $WEB_DIR/blocks.sh + screen -dmS debug tail -f $LOG_DIR/debug.log + + + \ No newline at end of file diff --git a/utils/screen-stratum.sh b/utils/screen-stratum.sh new file mode 100644 index 00000000..848b1ab2 --- /dev/null +++ b/utils/screen-stratum.sh @@ -0,0 +1,13 @@ +#!/bin/bash + STRATUM_DIR=/var/stratum + + screen -dmS groestl $STRATUM_DIR/run.sh groestl + screen -dmS keccak $STRATUM_DIR/run.sh keccak + screen -dmS neoscrypt $STRATUM_DIR/run.sh neo + screen -dmS nist5 $STRATUM_DIR/run.sh nist5 + screen -dmS quark $STRATUM_DIR/run.sh quark + screen -dmS scrypt $STRATUM_DIR/run.sh scrypt + screen -dmS skein $STRATUM_DIR/run.sh skein + screen -dmS x11 $STRATUM_DIR/run.sh x11 + screen -dmS xevan $STRATUM_DIR/run.sh xevan + \ No newline at end of file