All Recipes
144 recipes available
Install WkhtmlToPDF
- Install wkhtmltopdf in server - With root user
echo ">> Installing wget and required libs"
apt-get install -y wget fontconfig libxrender1 xfonts-base xfonts-75dpi libjpeg-turbo8 libxext6
echo ">> Installing WkhtmltoPDF"
Install sendmail
# Command line emails for happiness
# Access your machine as root
apt-get install sendmail
# As soon as the process is completed run
Remove Databases (MySQL/PostgreSQL/Redis/Memcached)
We are hosting our database server separately from the box that serves up the PHP side of things. The latest version of MySQL pulls a huge amount of RAM and did some other likely overkill cleanup a...
service mysql stop
service mysqld stop
service postgresql stop
service redis-server stop
Block Google Analytics Referer Spam
this script utilises piwik/referrer-spam-blacklist
git clone https://github.com/piwik/referrer-spam-blacklist.git /etc/nginx/referrer-spam-blacklist/
cd /etc/nginx/referrer-spam-blacklist/ && git pull > /dev/null && echo "" > /etc/nginx/referer_spam.conf && sort spammers.txt | uniq | sed 's/\./\\\\\\\\./g' | while read host; do echo "if (\$http_referer ~ '$host') {return 403;}" >> /etc/nginx/referer_spam.conf; done; service nginx reload > /dev/null
#now add
WIP - Lock Down DB
WIP - need to open 3306 on private network - ???
# Ditch nginx
sudo service nginx stop
sudo apt-get purge nginx nginx-common
sudo apt-get autoremove
WIP - Block Incoming HTTP/HTTPS (ufw)
WIP Super naive script for right now. - Assumes ufw is installed. - Block ports 80/443, so you can run something like a db server from forge, w/o public http
sudo ufw deny http
sudo ufw deny httpsInstall Laravel Installer and Spark Installer and add to path
/usr/local/bin/composer global require "laravel/installer"
/usr/local/bin/composer global require "laravel/spark-installer"
echo 'PATH=$PATH:/home/forge/.config/composer/vendor/bin' >> /home/forge/.profile
PATH=$PATH:/home/forge/.config/composer/vendor/bin
Install Datadog Agent
# Set up apt so that it can download through https:
sudo apt-get update
sudo apt-get install apt-transport-https
Enable HTTP2 on Nginx (work)
If the version of Nginx is higher than 1.9.5, it enable the HTTP2 protocol for sites with ssl. comparing version code from Stack Overflow http://stackoverflow.com/questions/16989598/bash-comparin...
function version_gt() { test "$(echo "$@" | tr " " "\n" | sort -V | head -n 1)" != "$1"; }
if version_gt $(nginx -v 2>&1 | grep -E '[0-9]+\.[0-9]+(\.[0-9]+)?' -o) 1.9.5; then
for I in `grep -l 'listen 443 ssl;' /etc/nginx/sites-available/*`; do
Enable HTTP2 on Nginx (work)
If the version of Nginx is higher than 1.9.5, it enable the HTTP2 protocol for sites with ssl. comparing version code from Stack Overflow http://stackoverflow.com/questions/16989598/bash-comparin...
function version_gt() { test "$(echo "$@" | tr " " "\n" | sort -V | head -n 1)" != "$1"; }
if version_gt $(nginx -v 2>&1 | grep -E '[0-9]+\.[0-9]+(\.[0-9]+)?' -o) 1.9.5; then
for I in `grep -l 'listen 443 ssl;' /etc/nginx/sites-available/*`; do
Add cloudflare real ip config to nginx
Adds a list of cloudflare ip addresses so your app will receive the real ip address
cat >/etc/nginx/conf.d/cloudflare-real-ip.conf <<"EOF"
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
Add cloudflare real ip config to nginx
Adds a list of cloudflare ip addresses so your app will receive the real ip address
cat >/etc/nginx/conf.d/cloudflare-real-ip.conf <<"EOF"
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;