
Show HN: Bash Script to Install a Webserver and PHP on a Clean OS - __app_dev__
https://github.com/fastsitephp/fastsitephp/blob/master/scripts/shell/bash/create-fast-site.sh
======
digitalsushi
I think this submission is great. Not necessarily because of the script
itself, but because of the openness and confidence of sharing it in a public
forum.

In this public forum, we all have some degree of visibility and an association
with our professional selves. It is an easy movement to provide a competing
viewpoint on the value of a new script. Many of us have highly integrated
systems that can provide the same result in a line or two of very terse
configuration, often with the requirement of much hidden tooling. Others
simply will have feelings about specific implementations, or languages.

So I want to just thank you for being brave and sharing this with us, because
seeing how someone else is doing it is one of the fastest ways to learn, to
remember, and to grow. I did look at your script and I think it's quite
obvious you put yourself into the script, and that it was written out of a
passion for technology as it was of a need. Kudos.

~~~
h1x
What a great comment. It makes sense to not spend too much space on the
quality of the script in it, so I want to do it shortly in this one.

This script is beautiful.

I write and read shell scripts mostly for fun, and this one is something I
will refer to for quite some time. It really shows that shell scripts can be
nice and readable.

__app_dev__, thank you for your 'Show HN' submission.

~~~
__app_dev__
Thanks so much digitalsushi and h1x!

I really appreciate your nice comments! For the script I made it a readable as
I possibly could since scripts like this need as much clarity as possible for
security purposes and to help anyone who wants to re-purpose the script for
their environment.

h1x you might want to take a look at my other shell script on this project as
well. It's about ~1500 lines of well commented code and allows file encryption
on many different Linux OS's.

[https://github.com/fastsitephp/fastsitephp/blob/master/scrip...](https://github.com/fastsitephp/fastsitephp/blob/master/scripts/shell/bash/encrypt.sh)

------
iDemonix
This reads like an advertisement for learning Ansible, where you could achieve
the same in a few lines.

~~~
__app_dev__
Thanks iDemonix, Just to clarify the comments that read like Ansible
advertisements are later down in the page now.

The script of the link (that I wrote) is intended as a starting point for a
clean and secure web server setup without a third-party ops product -
basically what you wrote “ where you could achieve the same in a few lines.”.

Rather than a few lines though the script from the line has a lot of checks
and makes needed config updates. Since it’s a single script with no
dependencies a developer or devops can easily copy it and modify it for their
needs or environment.

------
__app_dev__
Works on the lowest cost VM's on AWS ($3.50 USD per month) and the site still
runs fast with low memory.

To run download then call the script: wget
[https://www.fastsitephp.com/downloads/create-fast-
site.sh](https://www.fastsitephp.com/downloads/create-fast-site.sh) sudo bash
create-fast-site.sh

Additional Docs in multiple langugages are here:
[https://www.fastsitephp.com/en/documents/install-php-on-
linu...](https://www.fastsitephp.com/en/documents/install-php-on-linux)

~~~
mataniko
Was there a reason to use libapache2-mod-php instead of using the recommended
approach of using fastcgi and php-fpm?

~~~
__app_dev__
Thanks for posting. Can you provide some docs or links that show to use
libapache2-mod-php for Apache? Most docs I've seen show using it for Apache.

For nginx the script is using php-fpm.

During testing with this script on a clean os I am able to achieve around 2500
to 6500 requests per second on the lowest cost VM's with both setup options
(Apache or nginx) and 25k+ requests per second on higher cost servers.

~~~
__app_dev__
Here are some links for [libapache2-mod-php] vs [php-fpm] for Apache (both Pro
and Con plus install links).

For the first link where the developer switched to [php-fpm] his site could
only handle 30 users at a time so his server side framework must have been
very slow. As I mentioned the script from the post allows for 2500+ requests-
per-second (tested 100 concurrent users) and allows for many more users with
tweaking.

The setup for [php-fpm] with Apache is somewhat complex so I would recommend
using nginx if you want to use [php-fpm].

[https://smddzcy.com/posts/2017-09-16/migrating-from-mod-
php-...](https://smddzcy.com/posts/2017-09-16/migrating-from-mod-php-to-php-
fpm)

[https://www.reddit.com/r/PHP/comments/4bi9a4/why_is_mod_php_...](https://www.reddit.com/r/PHP/comments/4bi9a4/why_is_mod_php_faster_than_phpfpm/)

[https://tecadmin.net/install-apache-php-fpm-
ubuntu-18-04/](https://tecadmin.net/install-apache-php-fpm-ubuntu-18-04/)

[https://serverfault.com/questions/645755/differences-and-
dis...](https://serverfault.com/questions/645755/differences-and-dis-
advanages-between-fast-cgi-cgi-mod-php-suphp-php-fpm)

[https://stackoverflow.com/questions/47916133/need-to-
install...](https://stackoverflow.com/questions/47916133/need-to-install-
libapache2-mod-php7-0-if-im-installing-php7-0-fpm)

[https://www.linode.com/docs/web-servers/apache/running-
fastc...](https://www.linode.com/docs/web-servers/apache/running-fastcgi-php-
fpm-on-debian-7-with-apache/)

------
strzibny
Old fashioned, but it gets the job done. In fact, I also still use Bash for
deploying my side-projects on cheap virtual servers.

I am even writing a new book on web application deployment[0] and I
deliberately chose to explain things with just Bash. By "dropping" to Bash
this way you can see how things gets actually done.

You can always choose a higher level tool like Ansible later on (and at some
point you will).

[0] [https://deploymentformakers.com/](https://deploymentformakers.com/)

------
antoncohen
Along those lines, Chef's install.sh is the most impressive install shell
script I've seen:

[https://omnitruck.chef.io/install.sh](https://omnitruck.chef.io/install.sh)

It works with pure sh, not just bash. It works on Red Hat, Debian, Solaris,
AIX, and macOS. It works even if curl and wget aren't installed.

~~~
__app_dev__
Thanks for Sharing. Is this Chef script for a specific enterprise product?
It's not really clear on their repository:

[https://github.com/chef/omnitruck](https://github.com/chef/omnitruck)

And I see their cheapest product is $16,500/year.

The script I wrote is intended for a clean and secure install of either Apache
or nginx and PHP without a complex setup or the need for third-party options
so it will work on any cloud host. Currently the one I published only supports
Ubuntu but I'll add more OS's in the future.

~~~
antoncohen
The specifics of Chef's licensing are unrelated to my appreciation for their
install.sh script, I just think it is a good example of a robust cross-
platform install script.

That said, last year Chef changed their licensing[1]. My understanding is that
their _code_ is now all open source under Apache License 2.0 (there used to be
a split between open source and commercial). But, _and this is a big BUT_ ,
their distributions (installers, compiled code, etc.) are _not open source_.
This is similar to Red Hat where all the main code in RHEL is open source, but
they don't provide an ISO to install RHEL.

If you are looking for server configuration management, I've used all four of
the major ones (Puppet, Chef, Salt, and Ansible), I'd recommend giving
SaltStack[2][3] a look. The PyObjects renderer[4] is especially interesting
because it allows writing the configuration in a full programming language
(Python), similar to how Chef configuration is written in Ruby.

[1] [https://www.chef.io/press-release/chef-open-
sources-100-perc...](https://www.chef.io/press-release/chef-open-
sources-100-percent-of-its-software-under-apache-2-0-license-introduces-the-
enterprise-automation-stack/)

[2] [https://www.saltstack.com/](https://www.saltstack.com/)

[3] [https://github.com/saltstack/salt](https://github.com/saltstack/salt)

[4]
[https://docs.saltstack.com/en/master/ref/renderers/all/salt....](https://docs.saltstack.com/en/master/ref/renderers/all/salt.renderers.pyobjects.html)

~~~
__app_dev__
Thanks for sharing. SaltStack does look very nice. BTW, pure sh scripts like
one from Chef are much more difficult to write simply because you have fewer
options to work with.

------
bilekas
I think everyone who has ever setup a webserver or simular has built up a
bilble of scripts like these! :D

~~~
lancer
No doubt! I have so many scripts I had to create a framework to manage running
them :)

[0] [https://github.com/lovette/bootstrap-
bash](https://github.com/lovette/bootstrap-bash)

------
nreece
I used to rely on bash scripts, but now just use WordOps[1] for PHP/MySQL and
performant Nginx for it as well as Nodejs or ASP.NET Core.

Its made things easier to setup, configure and manage, with added performance.

[1] [https://wordops.net](https://wordops.net)

~~~
__app_dev__
Nice site, looks great for WordPress sites and servers!

------
AtomicOrbital
cool script ... really digging this approach of cutting out the middleman and
roll your own devops code without the baggage of Ansible or such ... in my
current startup I initially wrote our server side from scratch then need some
way to deploy from laptop onto our remote vps servers so I started simple and
wrote a set of bash script to deploy our git repo, recompile the project up on
vps ... since its grown into an uber script with can start from a freshly
minted virgin vps box and finish with our entire site running on a set of
containers with the webhook running auto kicking off a recompile/deploy ... oh
and it spins up all the ancillary servers like mongo, nginx, haproxy as well
as a devops container to orchestrate the machinations as the system gurgles
along post launch

now I'm liking this side of the shop ... devops demands a much wider girth of
problem solving skills which is an evergreen role with tons of freedom and
challenges

~~~
__app_dev__
Thanks! Yeah cutting out the middleman was a motivator along with allowing for
an easy and secure setup of course. Seems like so many similar scripts out
there are intended for selling products or services but sometimes all you
really need is a simple web server.

------
sarcasmatwork
Why not just use Ansible for something like this?

~~~
__app_dev__
Thanks for the link! I've opened it and will look at it in more detail.

Here it is for anyone reading this discussion:
[https://www.ansible.com/](https://www.ansible.com/)

Basically the reason I created this rather than relying on something else is
that I wanted an easy script that can setup a full production Web Server
environment for PHP without any dependencies other than the minimum needed.

The script is completely free and open source any easy to change in case
someone wants to use it for Laravel, Symfony, or something else. Most
automation scripts are used to sell additional products like Ansible so this
script avoids that.

Currently the script works on Ubuntu only but I will expand to RedHat and
other OS's as time permits. Of course if anyone can help contribute I would
gladly accept.

~~~
sarcasmatwork
I see you have a good amount of time in this script. I do appreciate the
efforts.

I just see that writing large scripts like this is a waste of time when we
have cool tech like Ansible that could do this far easier. Plus Ansible is
idempotence!

Scripts like this take time to create, debug and read to those that are seeing
it the first time, or the 100th. This is one reason imho why Ansible (Puppet,
Chef) were created. Yaml synax is easy, just need a good editor that shows the
spaces. I use Atom and sometimes Notepad++

For example, here is a Nginx role with php that I randomly found:
[https://github.com/geerlingguy/ansible-role-
nginx](https://github.com/geerlingguy/ansible-role-nginx)

~~~
harisund
I don't understand why people keep saying Ansible is idempotent. Ansible is
not somehow magically idempotent, nor is Bash "always not idempotent". You can
write bad, non-idempotent code in Ansible too and good, idempotent code in
Bash too.

Sure, if you are using some of Ansible's modules that are developed
specifically to be idempotent, then yes, but there are plenty of "shell"
module examples out there that aren't remotely idempotent

------
lhuser123
Cool script. Everything in one place.

~~~
__app_dev__
Thanks so much lhuser123! Yep, everything in once place to make basic web
server setup as easy as possible.

------
GrumpyNl
Bit old fashioned, but i still use xampp, up and running with in a minute.

------
smcleod
After doing this sort of thing (except using mostly Ruby or Python apps) for
years, then evolved to running a bunch of lightweight containerised services
about 6 or so years ago and these days I mostly opt for deploying using Google
Cloud Run, far less hassle, less maintenance, a significantly reduced
(security) footprint and absolutely minimal cost, someone else recently wrote
a good intro blogpost about their experiences with it:
[https://alexolivier.me/posts/deploy-container-stateless-
chea...](https://alexolivier.me/posts/deploy-container-stateless-cheap-google-
cloud-run-serverless)

