Ubuntu Nginx installer (Static files only)

ubuntu-nginx-installer.sh

#!/bin/bash

# This script does the following things
# - update apt respositories
# - Install:
# 	- nginx
#	- git 
# - Create a GIT User
# - Set up GIT bare repo
# - Set up GIT working directories for nginx
# - TODO: configure nginx to use PHP-FPM
# - TODO: perform initial checkout (run by codeship or manual remote push)
# - TODO: enable website in nginx (on catch-all vhost?) 
# - TODO: optimize nginx performance 
ValidHostnameRegex="^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$";

echo -n "App name: "
read APP
if [[ ! ${APP} =~ ^[a-zA-Z][a-zA-Z0-9_-]+$ ]]; then 
	echo "Invalid app name. Please simplify. No special chars. Start with a letter from the alphabet"
	exit 1
fi

echo -n "App hostname: "
read APP_HOSTNAME
if [[ ! ${APP_HOSTNAME} =~ $ValidHostnameRegex ]]; then 
	echo "Invalid hostname. Please simplify. No special chars. Start with a letter from the alphabet"
	exit 1
fi

echo -n "GIT branch: "
read GIT_BRANCH
if [[ ! ${GIT_BRANCH} =~ ^[a-zA-Z][a-zA-Z0-9/_-]+$ ]]; then 
	echo "Invalid git branch name. Please simplify. No special chars. Start with a letter from the alphabet"
	exit 1
fi

GIT_USER=git
GIT_GROUP=git
GIT_HOME=/home/git
GIT_REPOSITORY=$GIT_HOME/$APP.git
WEBSERVER_USER=www-data
WEBSERVER_GROUP=www-data
APPLICATION_DIR=/var/www/$APP

#############################

set -e
if [[ $EUID -ne 0 ]]; then
  echo "You must be a root user to run this script." 2>&1
  exit 1
fi

# Set TimeZone
echo "Europe/Amsterdam" | tee /etc/timezone
dpkg-reconfigure --frontend noninteractive tzdata

apt-get update
echo "Installing Postfix. Please see https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid for install instructions."
read -p "Press [Enter] key to continue..."
echo "Again: make sure you follow the instructions here! https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid"
read -p "Have you read it? Press [Enter] key to continue for real this time..."
apt-get install -y libsasl2-modules postfix # manual configuration required here! See https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid
apt-get install -y nginx 
apt-get install -y git
curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
apt-get install -y nodejs

# Install global node packages
npm install -g bower

# Create symlink to node for nodejs bin
# sudo ln -s /usr/bin/nodejs /usr/bin/node

#create web app directories and set ownership and permissions
mkdir -p $APPLICATION_DIR
chown -R $WEBSERVER_USER:$WEBSERVER_GROUP $APPLICATION_DIR
chmod -R ug+rws $APPLICATION_DIR

#Set up git user and create a bare repository
useradd -m -s /bin/bash -G $WEBSERVER_GROUP $GIT_USER # TODO make /bin/nologin
su - $GIT_USER -c "mkdir -p "$GIT_REPOSITORY" && cd "$GIT_REPOSITORY"; git init --bare;"

# START: create 'hook/post-receive' script
echo '#!/bin/bash

export GIT_WORK_TREE='$APPLICATION_DIR'

GIT_BRANCH='$GIT_BRANCH'

#################

set -e

echo "Deploying $GIT_BRANCH branch to local worktree ... "
git checkout -f $GIT_BRANCH

cd $GIT_WORK_TREE

echo "Update Bower Packages ... "
bower --allow-root install

echo "Change file ownership to $WEBSERVER_USER:$WEBSERVER_GROUP ... "
chown -R $WEBSERVER_USER:$WEBSERVER_GROUP $GIT_WORK_TREE

echo "Done deploying"
' > $GIT_REPOSITORY/hooks/post-receive
# END: create 'hook/post-receive' script

chmod 0775 $GIT_REPOSITORY/hooks/post-receive
chown -R $GIT_USER:$GIT_GROUP $GIT_HOME/*


echo '
server {
    set $host_path "'$APPLICATION_DIR'";

    server_name '$APP_HOSTNAME';
    root $host_path;

    charset utf-8;

    location / {
        index index.html;
		try_files $uri /index.html;
    }

    access_log  /var/log/nginx/'$APP_HOSTNAME'-access.log;
    error_log   /var/log/nginx/'$APP_HOSTNAME'-error.log;

    location ~ /.well-known/acme-challenge { allow all; }

    # prevent nginx from serving dotfiles (.htaccess, .svn, .git, etc.)
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }
}
' > /etc/nginx/sites-available/$APP
ln -s /etc/nginx/sites-available/$APP /etc/nginx/sites-enabled/$APP
service nginx restart

cat <<EOF > ~/install_notes.txt
Application environment is now configured. 

Hostname:    $APP_HOSTNAME
Appdir:      $APPLICATION_DIR
GIT Branch:  $GIT_BRANCH

You must perform the following tasks manually: 

1. If you have not done it previously, configure postfix to use a sendhost like mandrillapp.
   See: https://cloud.google.com/compute/docs/sending-mail#postfixsendgrid 

2. Add the CodeShip Project's SSH key to this server's git user authorized_keys file. 

    NOTE: 
    This is best done via the Google Developer console. 
    Prefix the key description with git@
    
3. Configure CodeShip Project Deployment (under Project Settings > Deployment)

    $ git fetch --unshallow origin
    $ git push git@[server hostname/ip]:$APP.git $GIT_BRANCH
    
4. Make a commit and push it to GitHub to start a build @ CodeShip. If the build succeeds, code is deployed to the server.

5. Set the $APP_HOSTNAME DNS to resolve to this server's public IP address when you have confirmed that everything works.

6. Optionally reconfigure the nginx virtualhost to use SSL. For more information, see: 
   https://www.digitalocean.com/community/tutorials/how-to-create-an-ssl-certificate-on-nginx-for-ubuntu-14-04#step-two-—-configure-nginx-to-use-ssl

EOF

cat ~/install_notes.txt