#!/usr/bin/env bash mkdir -p /opt/src/ # Adding local path to PATH cd ~/ touch .bash_profile echo 'export PATH=$PATH:/usr/local/bin:/usr/local/sbin:' >> .bash_profile source ~/.bash_profile # Disable SELINUX setenforce 0 sed -i -e "s@SELINUX=.*@SELINUX=disabled@g" /etc/selinux/config # Adding sysctl configs cat > /etc/sysctl.d/10-avideo.conf < /etc/cron.d/youtube-dl < /dev/null @daily python -m pip install --upgrade yt-dlp > /dev/null EOF # Step 2: Install LAMP stack dnf install -y httpd mod_ssl httpd-tools sed -i -e "s@AllowOverride\ None@AllowOverride All@g" /etc/httpd/conf/httpd.conf mv -v /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.disabled cp -v /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.original cat < /etc/httpd/conf.d/ssl.conf Listen 443 https SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog SSLSessionCache shmcb:/run/httpd/sslcache(512000) SSLSessionCacheTimeout 300 SSLCryptoDevice builtin #SSLCryptoDevice ubsec EOF mkdir -pv /etc/httpd/sites-enabled mkdir -pv /etc/httpd/sites-avaliable egrep "^IncludeOptional\ sites\-enabled\/\*\.conf" /etc/httpd/conf/httpd.conf || \ echo 'IncludeOptional sites-enabled/*.conf' >> /etc/httpd/conf/httpd.conf httpd -t httpd -S ## Gen certs mkdir -p /etc/ssl/local openssl req -nodes -x509 -sha256 -newkey rsa:4096 \ -keyout /etc/ssl/local/localhost.key \ -out /etc/ssl/local/localhost.crt \ -days 3560 \ -subj "/C=IL/ST=Shomron/L=Karney Shomron/O=NgTech LTD/OU=IT/CN=020-NgTech-K-AVideo-Encoder" \ -addext "subjectAltName = DNS:localhost,DNS:020-NgTech-K-AVideo-Encoder.k.ngtech.co.il,DNS:*.k.ngtech.co.il,DNS:*.ngtech.co.il" ## Setup vhosts cat < /etc/httpd/sites-avaliable/avideo.conf ServerName kids-tube.k.ngtech.co.il ServerAlias kids-tube.ngtech.co.il DocumentRoot /var/www/AVideo DirectoryIndex index.php Options +FollowSymLinks AllowOverride All Require all granted ServerName kids-tube.k.ngtech.co.il ServerAlias kids-tube.ngtech.co.il DocumentRoot /var/www/AVideo ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLEngine on SSLHonorCipherOrder on SSLCipherSuite PROFILE=SYSTEM SSLProxyCipherSuite PROFILE=SYSTEM SSLCertificateFile /etc/ssl/local/localhost.crt SSLCertificateKeyFile /etc/ssl/local/localhost.key #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt SSLOptions +StdEnvVars SSLOptions +StdEnvVars BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" DirectoryIndex index.php Options +FollowSymLinks AllowOverride All Require all granted EOF cd /etc/httpd/sites-enabled && ln -s ../sites-avaliable/avideo.conf && cd - httpd -t httpd -S systemctl enable httpd systemctl start httpd dnf install -y php php-cli php-fpm php-curl php-mysqlnd php-gd php-readline php-mbstring php-apcu php-xml php-dom php-opcache php-zip php-intl php-common php-bcmath php-json dnf install -y perl-Image-ExifTool sed -i -e "s@^post_max_size.*@post_max_size = 1024M@g" \ -e "s@^upload_max_filesize.*@upload_max_filesize = 1024M@g" \ -e "s@^memory_limit.*@memory_limit = 1024M@g" \ -e "s@^max_execution_time.*@max_execution_time = 7200@g" /etc/php.ini sed -i -e "s@^\;env\[PATH\]@env[PATH]@g" /etc/php-fpm.d/www.conf systemctl start php-fpm systemctl enable php-fpm dnf module reset -y mariadb dnf module enable -y mariadb:10.5 dnf install -y mariadb-server systemctl start mariadb systemctl enable mariadb # Step 3: Create a database and user for avideo and avideoEncoder echo "CREATE DATABASE avideo CHARACTER SET utf8 COLLATE utf8_general_ci;" | mysql -u root echo "CREATE USER 'avideo'@'localhost' IDENTIFIED BY 'avideo';" | mysql -u root echo "GRANT ALL PRIVILEGES ON avideo.* TO 'avideo'@'localhost';" | mysql -u root echo "FLUSH PRIVILEGES;" | mysql -u root echo "CREATE DATABASE avideoEncoder CHARACTER SET utf8 COLLATE utf8_general_ci;" | mysql -u root echo "CREATE USER 'avideoEncoder'@'localhost' IDENTIFIED BY 'avideoEncoder';" | mysql -u root echo "GRANT ALL PRIVILEGES ON avideoEncoder.* TO 'avideoEncoder'@'localhost';" | mysql -u root echo "FLUSH PRIVILEGES;" | mysql -u root echo "CREATE DATABASE AVideoResources CHARACTER SET utf8 COLLATE utf8_general_ci;" | mysql -u root echo "CREATE USER 'AVideoResources'@'localhost' IDENTIFIED BY 'AVideoResources';" | mysql -u root echo "GRANT ALL PRIVILEGES ON AVideoResources.* TO 'AVideoResources'@'localhost';" | mysql -u root echo "FLUSH PRIVILEGES;" | mysql -u root # Step 4: Install Avideo mkdir -p /var/www/src git clone --depth 1 https://github.com/WWBN/AVideo.git /var/www/AVideo git clone --depth 1 https://github.com/WWBN/AVideo-Encoder.git /var/www/AVideo-Encoder chown -R apache:apache /var/www/ find /var/www/ -type d -exec chmod 775 {} \; find /var/www/ -type f -exec chmod 664 {} \; systemctl restart httpd firewall-cmd --add-service=http --permanent firewall-cmd --add-service=https --permanent firewall-cmd --add-service=mysql --permanent firewall-cmd --reload # Install ffmpeg #https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz stat /opt/src/ffmpeg-release-amd64-static.tar.xz || wget https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz -O /opt/src/ffmpeg-release-amd64-static.tar.xz tar xvf /opt/src/ffmpeg-release-amd64-static.tar.xz -C /opt/src/ cp -v /opt/src/ffmpeg-*amd64-static/{ffmpeg,ffprobe,qt-faststart} /usr/local/bin/