added recipes

1 files changed, 157 insertions, 5 deletions

diff --git a/tech/set up debian droplet basics + nginx.txt b/tech/set up debian droplet basics + nginx.txt
index bdb9570..1b1af00 100755
--- a/tech/set up debian droplet basics + nginx.txt
+++ b/tech/set up debian droplet basics + nginx.txt
@@ -56,12 +56,14 @@ Add ssh keys
 
 ---
 
-###Install Tmux
+###Install Zsh/Tmux
 
 (because doing only one thing at a time sucks)
 
     sudo apt-get update
-    sudo apt-get install tmux
+    sudo apt-get install tmux zsh
+    curl -L https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh | sh
+    chsh -s /bin/zsh whatever
     
 ###Set up fail2ban and UFW 
 
@@ -86,11 +88,161 @@ Add ssh keys
 
 ###Vim
     
-    apt-get install vim-gtk
+    apt-get install vim
     #I point to these in my vimrc, skip if you don't need them
     mkdir -p ~/.vim/bundle/
     git clone https://github.com/VundleVim/Vundle.vim.git ~/.vim/bundle/Vundle.vim
 
-### Misc Apps
+##Setup Nginx
+
+    # check http://nginx.org/en/download.html for the latest version of nginx
+    # check https://developers.google.com/speed/pagespeed/module/build_ngx_pagespeed_from_source for latest version of ngx_pagespeed and psol
+    # latest headers more https://github.com/openresty/headers-more-nginx-module/tags
+    # naxsi: https://github.com/nbs-system/naxsi/releases
+
+prereqs for building stuff:
+
+    apt-get -y install build-essential zlib1g-dev libpcre3 libpcre3-dev libbz2-dev libssl-dev tar unzip
+
+prereqs for geo and ssl: 
+
+    apt-get install libgeoip1 libgeoip-dev  openssl libssl-dev
+    # then grab the libraries:
+    sudo mkdir -p /etc/nginx/geoip
+    cd /etc/nginx/geoip
+    sudo wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
+    sudo gunzip GeoIP.dat.gz
+    sudo wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
+    sudo gunzip GeoLiteCity.dat.gz
+
+    #install the GeoIP C library. 
+    cd /tmp
+    wget geolite.maxmind.com/download/geoip/api/c/GeoIP.tar.gz
+    tar -zxvf GeoIP.tar.gz
+    cd GeoIP-*
+    ./configure
+    make
+    sudo make install
+
+    # That's all the pre-reqs, now cd in to nginx and compile:
+    cd nginx-*
+    
+    
+config script for nginx source (debian paths):
+
+    ./configure \
+        --prefix=/usr/share/nginx \
+        --sbin-path=/usr/sbin/nginx \
+        --conf-path=/etc/nginx/nginx.conf \
+        --pid-path=/var/run/nginx.pid \
+        --lock-path=/var/lock/nginx.lock \
+        --error-log-path=/var/log/nginx/error.log \
+        --http-log-path=/var/log/access.log \
+        --user=www-data \
+        --group=www-data \
+        --without-mail_pop3_module \
+        --without-mail_imap_module \
+        --without-mail_smtp_module \
+        --with-http_stub_status_module \
+        --with-http_ssl_module \
+        --with-http_v2_module \
+        --with-http_gzip_static_module \
+        --with-pcre \
+        --with-file-aio \
+
+
+./configure \
+--user=http \
+--group=http \
+--prefix=/etc/nginx                   \
+--sbin-path=/usr/sbin/nginx           \
+--conf-path=/etc/nginx/nginx.conf     \
+--pid-path=/var/run/nginx.pid         \
+--lock-path=/var/run/nginx.lock       \
+--error-log-path=/var/log/nginx/error.log \
+--http-log-path=/var/log/nginx/access.log \
+--with-http_gzip_static_module        \
+--with-http_stub_status_module        \
+--with-http_ssl_module                \
+--with-pcre                           \
+--with-file-aio                       \
+--with-http_v2_module \
+--with-http_realip_module             \
+--without-http_scgi_module            \
+--without-mail_pop3_module \
+--without-mail_imap_module \
+--without-mail_smtp_module \
+--add-module=$HOME/ngx_pagespeed-${NPS_VERSION} ${PS_NGX_EXTRA_FLAGS}
+
+    make
+    sudo make install
+    
+The next thing is to enable autostart:
+
+    sudo vim /lib/systemd/system/nginx.service
+
+# Stop dance for nginx
+# =======================
+#
+# ExecStop sends SIGSTOP (graceful stop) to the nginx process.
+# If, after 5s (--retry QUIT/5) nginx is still running, systemd takes control
+# and sends SIGTERM (fast shutdown) to the main process.
+# After another 5s (TimeoutStopSec=5), and if nginx is alive, systemd sends
+# SIGKILL to all the remaining processes in the process group (KillMode=mixed).
+#
+# nginx signals reference doc:
+# http://nginx.org/en/docs/control.html
+#
+[Unit]
+Description=A high performance web server and a reverse proxy server
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/run/nginx.pid
+ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
+ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
+ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
+ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid
+TimeoutStopSec=5
+KillMode=mixed
+
+[Install]
+WantedBy=multi-user.target
+
+
+sudo systemctl enable nginx.service
+sudo systemctl start nginx.service
+sudo systemctl status nginx.service
+
+sudo vim /etc/nginx/nginx.conf
+
+
+user  www-data;
+events {
+    worker_connections  1024;
+}
+http {
+    include mime.types;
+    include /etc/nginx/naxsi_core.rules;
+    default_type  application/octet-stream;
+    types_hash_bucket_size 64;
+    server_names_hash_bucket_size 128;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    #access_log  logs/access.log  main;
+    more_set_headers    "Server: Graf Industries Custom Server";
+    sendfile        on;
+    keepalive_timeout  65;
+    gzip  on;
+    pagespeed on;
+    pagespeed FileCachePath /var/ngx_pagespeed_cache;
+    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
+    include /etc/nginx/sites-enabled/*.conf;
+}
+
+
+    sudo cp naxsi-0.53-2/naxci_config/naxsi_core.rule /etc/nginx
 
-    sudo apt install ctags silversearcher-ag ripgrep fzf ranger vim-gtk nginx postgresqlj