Added Vagrant config and script for quick setting up a virtual development environment.

2022-01-17 02:37:46 +01:00 · 2022-01-17 02:37:46 +01:00 · 8df4166520
commit 8df4166520
parent fb77a936f5
9 changed files with 381 additions and 1 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -1 +1,2 @@
 * text=auto
+/msz text eol=lf
--- a/.gitignore
+++ b/.gitignore
@ -22,6 +22,12 @@
 .vs/
 .idea/

+# Vagrant things
+.vagrant/
+/devel/nginx/dhparam.pem
+/devel/nginx/misuzu.crt
+/devel/nginx/misuzu.key
+
 # Compiled/copied assets
 /public/js
 /public/css
--- a/2
+++ b/2
@ -186,7 +186,7 @@
      same "printed page" as the copyright notice for easier
      identification within third-party archives.

-   Copyright (c) 2017-2021, flashwave <me@flash.moe>
+   Copyright 2017-2022 flashwave <me@flash.moe>

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+Vagrant.configure("2") do |config|
+    config.vm.box = "ubuntu/focal64"
+    config.vm.network "forwarded_port", guest: 80, host: 10080
+    config.vm.network "forwarded_port", guest: 443, host: 10443
+    config.vm.network "forwarded_port", guest: 3306, host: 13306
+    config.vm.provision :shell, path: "devel/setup-devbox.sh"
+end
--- a/devel/misuzu/config.ini
+++ b/devel/misuzu/config.ini
@ -0,0 +1,7 @@
+[Database]
+driver = mysql
+unix_socket = /var/run/mysqld/mysqld.sock
+username = misuzu
+password = toastiscool100
+dbname = misuzu
+charset = utf8mb4
--- a/devel/nginx/fastcgi_params
+++ b/devel/nginx/fastcgi_params
@ -0,0 +1,35 @@
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+#fastcgi_param SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  SCRIPT_FILENAME    $realpath_root$fastcgi_script_name;
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+#fastcgi_param DOCUMENT_ROOT      $document_root;
+fastcgi_param  DOCUMENT_ROOT      $realpath_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+fastcgi_param  PATH_INFO          $fastcgi_path_info;
+fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+fastcgi_param  REDIRECT_STATUS    200;
+
+fastcgi_connect_timeout 60;
+fastcgi_send_timeout 180;
+fastcgi_read_timeout 180;
+fastcgi_buffers 256 4k;
+fastcgi_busy_buffers_size 256k;
+fastcgi_temp_file_write_size 256k;
--- a/devel/nginx/mime.types
+++ b/devel/nginx/mime.types
@ -0,0 +1,94 @@
+types {
+    text/html                             html htm shtml;
+    text/css                              css;
+    text/xml                              xml;
+    image/gif                             gif;
+    image/jpeg                            jpeg jpg;
+    application/javascript                js;
+    application/atom+xml                  atom;
+    application/rss+xml                   rss;
+    application/wasm                      wasm;
+
+    text/mathml                           mml;
+    text/plain                            txt;
+    text/vnd.sun.j2me.app-descriptor      jad;
+    text/vnd.wap.wml                      wml;
+    text/x-component                      htc;
+
+    image/png                             png;
+    image/tiff                            tif tiff;
+    image/vnd.wap.wbmp                    wbmp;
+    image/x-icon                          ico;
+    image/x-jng                           jng;
+    image/x-ms-bmp                        bmp;
+    image/svg+xml                         svg svgz;
+    image/webp                            webp;
+
+    application/font-woff                 woff;
+    application/java-archive              jar war ear;
+    application/json                      json;
+    application/mac-binhex40              hqx;
+    application/msword                    doc;
+    application/pdf                       pdf;
+    application/postscript                ps eps ai;
+    application/rtf                       rtf;
+    application/vnd.apple.mpegurl         m3u8;
+    application/vnd.ms-excel              xls;
+    application/vnd.ms-fontobject         eot;
+    application/vnd.ms-powerpoint         ppt;
+    application/vnd.wap.wmlc              wmlc;
+    application/vnd.google-earth.kml+xml  kml;
+    application/vnd.google-earth.kmz      kmz;
+    application/x-7z-compressed           7z;
+    application/x-cocoa                   cco;
+    application/x-java-archive-diff       jardiff;
+    application/x-java-jnlp-file          jnlp;
+    application/x-makeself                run;
+    application/x-perl                    pl pm;
+    application/x-pilot                   prc pdb;
+    application/x-rar-compressed          rar;
+    application/x-redhat-package-manager  rpm;
+    application/x-sea                     sea;
+    application/x-shockwave-flash         swf;
+    application/x-stuffit                 sit;
+    application/x-tcl                     tcl tk;
+    application/x-x509-ca-cert            der pem crt;
+    application/x-xpinstall               xpi;
+    application/xhtml+xml                 xhtml;
+    application/xspf+xml                  xspf;
+    application/zip                       zip;
+
+    application/octet-stream              bin exe dll;
+    application/octet-stream              deb;
+    application/octet-stream              dmg;
+    application/octet-stream              iso img;
+    application/octet-stream              msi msp msm;
+
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
+
+    audio/midi                            mid midi kar;
+    audio/mpeg                            mp3;
+    audio/ogg                             ogg;
+    audio/x-m4a                           m4a;
+    audio/x-realaudio                     ra;
+    audio/opus                            opus;
+    audio/x-caf                           caf;
+
+    video/3gpp                            3gpp 3gp;
+    video/mp2t                            ts;
+    video/mp4                             mp4;
+    video/mpeg                            mpeg mpg;
+    video/quicktime                       mov;
+    video/webm                            webm;
+    video/x-flv                           flv;
+    video/x-m4v                           m4v;
+    video/x-mng                           mng;
+    video/x-ms-asf                        asx asf;
+    video/x-ms-wmv                        wmv;
+    video/x-msvideo                       avi;
+
+    font/ttf                              ttf;
+    font/otf                              otf;
+}
--- a/devel/nginx/nginx.conf
+++ b/devel/nginx/nginx.conf
@ -0,0 +1,91 @@
+user www-data;
+worker_processes auto;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 768;
+}
+
+http {
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    server_tokens off;
+
+    charset utf-8;
+
+    gzip on;
+    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+    include mime.types;
+    default_type application/octet-stream;
+
+    client_max_body_size 100M;
+    disable_symlinks off;
+
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
+    ssl_ecdh_curve secp384r1;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_tickets off;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    ssl_dhparam dhparam.pem;
+
+    error_log /var/log/nginx/error.log crit;
+
+    server {
+        root /www/misuzu/public;
+        server_name misuzu;
+        index index.php;
+
+        location / {
+            try_files $uri $uri/ /index.php?$query_string;
+        }
+
+        location ~* \.(eot|otf|ttf|woff|woff2)$ {
+            add_header Access-Control-Allow-Origin *;
+        }
+
+        location /msz-storage {
+            alias /www/misuzu/store;
+            internal;
+        }
+
+        listen 80;
+        listen 443 ssl;
+        listen [::]:80;
+        listen [::]:443 ssl;
+
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            log_not_found off;
+            access_log off;
+        }
+
+        ssl_certificate misuzu.crt;
+        ssl_certificate_key misuzu.key;
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
+            fastcgi_index index.php;
+            include fastcgi_params;
+        }
+    }
+}
--- a/devel/setup-devbox.sh
+++ b/devel/setup-devbox.sh
@ -0,0 +1,139 @@
+#!/usr/bin/env bash
+
+# this is only intended for the vagrant shit
+# for the love of god don't run this on anything but that
+# configuration is almost identical to production
+
+echo -e "> Misuzu Vagrant Auto Configurator "
+echo -e ""
+
+echo -e "=> Installing apt requirements"
+apt-get update
+apt-get install -y software-properties-common dirmngr apt-transport-https
+
+echo -e "=> Adding PHP PPA"
+add-apt-repository -y ppa:ondrej/php
+
+echo -e "=> Adding MariaDB 10.6 repostiory"
+apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
+add-apt-repository -y 'deb [arch=amd64,arm64,ppc64el,s390x] https://ftp.nluug.nl/db/mariadb/repo/10.6/ubuntu focal main'
+
+echo -e "=> Performing full package upgrade"
+apt-get update
+apt-get full-upgrade -y
+
+echo -e "=> Installing required packages"
+apt-get install -y nginx-full mariadb-server-10.6 openssl \
+    php7.4 php7.4-bcmath php7.4-cli php7.4-common php7.4-curl php7.4-dev \
+    php7.4-fpm php7.4-gd php7.4-igbinary php7.4-imagick php7.4-intl \
+    php7.4-ldap php7.4-mbstring php7.4-mysql php7.4-opcache php7.4-readline \
+    php7.4-redis php7.4-sqlite3 php7.4-xml php7.4-zip
+
+SSL_DHPARAM=/vagrant/devel/nginx/dhparam.pem
+SSL_CRT=/vagrant/devel/nginx/misuzu.crt
+SSL_KEY=/vagrant/devel/nginx/misuzu.key
+
+echo -e "=> Generating dhparam.pem"
+[ -f "$SSL_DHPARAM" ] || openssl dhparam -out $SSL_DHPARAM 2048
+
+echo -e "=> Generating SSL certificate"
+[ -f "$SSL_CRT" ] || [ -f "$SSL_KEY" ] || openssl req -subj '/O=Flashii/C=NL/CN=localhost' -new -newkey rsa:2048 -sha256 -days 9001 -nodes -x509 -keyout $SSL_KEY -out $SSL_CRT
+
+echo -e "=> Replacing NGINX configuration"
+
+echo -e "==> Removing existing configuration folder"
+rm -rf /etc/nginx
+
+echo -e "==> Linking Misuzu config folder"
+ln -fs /vagrant/devel/nginx /etc/nginx
+
+echo -e "==> Restarting NGINX"
+service nginx restart
+
+echo -e "=> Adjusting PHP configuration"
+
+echo -e "==> Set display_startup_errors to On"
+sed -i 's/display_startup_errors = Off/display_startup_errors = On/g' /etc/php/7.4/fpm/php.ini
+
+echo -e "==> Increase max upload size to 150M"
+sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 150M/g' /etc/php/7.4/fpm/php.ini
+
+echo -e "==> Increase max body size to 150M"
+sed -i 's/post_max_size = 8M/post_max_size = 150M/g' /etc/php/7.4/fpm/php.ini
+
+echo -e "==> Restarting PHP-FPM"
+service php7.4-fpm restart
+
+echo -e "=> Adjusting MariaDB configuration"
+
+echo -e "==> Creating MariaDB database"
+mysql -vv -e "CREATE DATABASE misuzu COLLATE 'utf8mb4_bin'"
+
+echo -e "==> Creating MariaDB user"
+mysql -vv -e "CREATE USER 'misuzu'@'localhost' IDENTIFIED BY 'toastiscool100'"
+mysql -vv -e "CREATE USER 'misuzu'@'%' IDENTIFIED BY 'toastiscool100'"
+
+echo -e "==> Granting database access to MariaDB user"
+mysql -vv -e "GRANT EXECUTE, SELECT, SHOW VIEW, ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP, EVENT, INDEX, INSERT, REFERENCES, TRIGGER, UPDATE, LOCK TABLES  ON misuzu.* TO 'misuzu'@'localhost'"
+mysql -vv -e "GRANT EXECUTE, SELECT, SHOW VIEW, ALTER, ALTER ROUTINE, CREATE, CREATE ROUTINE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP, EVENT, INDEX, INSERT, REFERENCES, TRIGGER, UPDATE, LOCK TABLES  ON misuzu.* TO 'misuzu'@'%'"
+
+echo -e "==> Reloading MariaDB privileges"
+mysql -vv -e "FLUSH PRIVILEGES"
+
+# Taken from https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md
+# Remove when composer dependencies are dropkicked
+
+echo -e "=> Installing Composer"
+
+echo -e "==> Fetching expecting checksum"
+EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
+
+echo -e "==> Downloading installer"
+php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+
+echo -e "==> Hashing installer"
+ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
+
+echo -e "==> Confirming checksum"
+if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
+then
+    >&2 echo 'ERROR: Invalid installer checksum'
+    rm composer-setup.php
+    exit 1
+fi
+
+echo -e "==> Installing to /bin/composer"
+php composer-setup.php --quiet --install-dir=/bin --filename=composer
+
+echo -e "==> Removing installer"
+rm composer-setup.php
+# End of composer things
+
+echo -e "=> Adjusting Misuzu configuration"
+
+MSZ_CONFIG=/vagrant/config/config.ini
+
+echo -e "==> Replacing Misuzu config.ini"
+rm $MSZ_CONFIG
+cp /vagrant/devel/misuzu/config.ini $MSZ_CONFIG
+
+# ENTER: JANK
+echo -e "==> Running composer install as www-data"
+sudo -u www-data composer install -d /vagrant
+
+echo -e "==> Adding frequent cron jobs as www-data"
+(sudo -u www-data crontab -l 2>/dev/null; echo "0,10,20,30,40 * * * * php7.4 /www/misuzu/msz cron") | sudo -u www-data crontab -
+
+echo -e "==> Adding infrequent cron jobs as www-data"
+(sudo -u www-data crontab -l 2>/dev/null; echo "50 * * * * php7.4 /www/misuzu/msz cron low") | sudo -u www-data crontab -
+
+echo -e "==> Nuking /www"
+rm -rf /www
+
+echo -e "==> Creating /www"
+mkdir /www
+
+echo -e "==> Linking /vagrant to /www/misuzu"
+ln -fs /vagrant /www/misuzu
+
+echo -e "Done!"