#!/bin/sh

echo "======================================================="
echo "Alpine Linux One-Key Initialize for Web Application"
echo "1.4/JAN.07-2023"
echo "(C)Yuu 2023"
echo "======================================================="
echo "[UPDATE]Database"
echo "Progress: 1/10"
apk update
sleep 2s
echo "[UPDATE]Packages"
echo "Progress: 2/10"
apk upgrade
sleep 2s
echo "[INSTALL]Nginx"
echo "Progress: 3/10"
apk add nginx
echo "[INIT]Nginx"
echo "Progress: 4/10"
service nginx restart
rc-update add nginx
sleep 2s
echo "[INSTALL]PHP"
echo "Progress: 5/10"
apk add php81 php81-mysqli php81-pdo_mysql php81-mbstring php81-json php81-zlib php81-gd php81-intl php81-session php81-fpm php81-opcache
echo "[INSTALL]SQLite Support for PHP"
echo "Progress: 6/10"
apk add php81-pdo_sqlite php81-tokenizer php81-ctype
echo "[INIT]PHP"
echo "Progress: 7/10"
rc-update add php-fpm81
service php-fpm81 restart
sleep 2s
echo "[INIT]BBR TCP Congestion Control"
echo "Progress: 8/10"
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
sysctl net.ipv4.tcp_available_congestion_control
lsmod | grep bbr
sleep 5s
echo "[INIT]IPTables"
echo "Progress: 9/10"
apk add iptables
rc-update add iptables
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables  -A INPUT -p icmp --icmp 8 -j ACCEPT
iptables -A OUTPUT  -p icmp --icmp 0 -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j ACCEPT
service iptables save
iptables -L -n
sleep 5s
echo "[INIT]Timezone Data and NTP"
echo "Progress: 10/10"
apk add -u tzdata
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
apk add chrony
chronyd
echo "======================================================="
echo "ALL DONE!"
echo "THANK YOU FOR USING THIS SCRIPT!"
echo "YOUR SERVER WILL REBOOT IN 5 SECOND"
echo "======================================================="
sleep 5s
reboot