All Recipes
140 recipes available
WIP - Lock Down DB
WIP - need to open 3306 on private network - ???
# Ditch nginx
sudo service nginx stop
sudo apt-get purge nginx nginx-common
sudo apt-get autoremove
WIP - Block Incoming HTTP/HTTPS (ufw)
WIP Super naive script for right now. - Assumes ufw is installed. - Block ports 80/443, so you can run something like a db server from forge, w/o public http
sudo ufw deny http
sudo ufw deny httpsInstall Laravel Installer and Spark Installer and add to path
/usr/local/bin/composer global require "laravel/installer"
/usr/local/bin/composer global require "laravel/spark-installer"
echo 'PATH=$PATH:/home/forge/.config/composer/vendor/bin' >> /home/forge/.profile
PATH=$PATH:/home/forge/.config/composer/vendor/bin
Install Datadog Agent
# Set up apt so that it can download through https:
sudo apt-get update
sudo apt-get install apt-transport-https
Enable HTTP2 on Nginx (work)
If the version of Nginx is higher than 1.9.5, it enable the HTTP2 protocol for sites with ssl. comparing version code from Stack Overflow http://stackoverflow.com/questions/16989598/bash-comparin...
function version_gt() { test "$(echo "$@" | tr " " "\n" | sort -V | head -n 1)" != "$1"; }
if version_gt $(nginx -v 2>&1 | grep -E '[0-9]+\.[0-9]+(\.[0-9]+)?' -o) 1.9.5; then
for I in `grep -l 'listen 443 ssl;' /etc/nginx/sites-available/*`; do
Enable HTTP2 on Nginx (work)
If the version of Nginx is higher than 1.9.5, it enable the HTTP2 protocol for sites with ssl. comparing version code from Stack Overflow http://stackoverflow.com/questions/16989598/bash-comparin...
function version_gt() { test "$(echo "$@" | tr " " "\n" | sort -V | head -n 1)" != "$1"; }
if version_gt $(nginx -v 2>&1 | grep -E '[0-9]+\.[0-9]+(\.[0-9]+)?' -o) 1.9.5; then
for I in `grep -l 'listen 443 ssl;' /etc/nginx/sites-available/*`; do
Add cloudflare real ip config to nginx
Adds a list of cloudflare ip addresses so your app will receive the real ip address
cat >/etc/nginx/conf.d/cloudflare-real-ip.conf <<"EOF"
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
Add cloudflare real ip config to nginx
Adds a list of cloudflare ip addresses so your app will receive the real ip address
cat >/etc/nginx/conf.d/cloudflare-real-ip.conf <<"EOF"
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
Add 4G Swap to Ubuntu 14.04
Creates a 4G swap file, turns it on, and modifies settings so that the system prefers not to use swap unless absolutely necessary. See https://www.digitalocean.com/community/tutorials/how-to-add-sw...
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
Install MongoDB
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list
sudo apt-get update
sudo apt-get install -y mongodb-org
Install ElasticSearch 2.x
Forked from @artisangoose Recipe #70; updated Elasticsearch version
echo ">> Installing Elastic GPG Key"
wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add -
echo ">> Adding deb package"
H5BP Nginx HTTP server boilerplate configs
This script copies the directory ”h5bp” from GitHub repo to /etc/nginx/h5bp and add “include h5bp/basic.conf;” to the configuration files of available sites. Make sure to run this recipe as...
NGINX_DIR=/etc/nginx
cd $NGINX_DIR
# Copy h5bp directory from server-configs-nginx.git to /etc/nginx/h5bp.