__ __ __ __ _____ _ _ _____ _ _ _
| \/ | \ \ / / | __ \ (_) | | / ____| | | | |
| \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | |
| |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | |
| | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | |
|_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1
if you need WebShell for Seo everyday contact me on Telegram
Telegram Address : @jackleet
For_More_Tools:
---
- name: Check if Apache EIG build profile exists
stat:
path: /etc/cpanel/ea4/profiles/custom/eig_ea4.json
register: eig_ea4_result
- name: Creating Apache EIG build profile if it does not exist
copy:
src: files/eig_ea4.json
dest: /etc/cpanel/ea4/profiles/custom/
mode: 0644
when: eig_ea4_result.stat.exists == False
- name: Building Apache with EIG build
command: /usr/local/bin/ea_install_profile --install /etc/cpanel/ea4/profiles/custom/eig_ea4.json
async: 5400 # wait up-to 90 minutes
poll: 10 # checks in 10sec
when: eig_ea4_result.stat.exists == False
- name: Adding SymlinkProtect patch
copy:
src: files/pre_main_global.conf
dest: /etc/apache2/conf.d/includes/pre_main_global.conf
mode: 0600
- name: Configuring cphulkd
copy:
src: files/hulkdconf
dest: /var/cpanel/hulkd/conf
owner: root
group: root
mode: 0600
- name: Change cPanel updates to stable
lineinfile:
dest: /etc/cpupdate.conf
regexp: "^CPANEL="
line: "CPANEL=stable"
state: present
- name: Updating hgdedi repo
copy:
src: files/dedi.repo
dest: /etc/yum.repos.d/dedi.repo
owner: root
group: root
mode: 0644
- name: Install ESO-utils package
yum:
name: ESO-utils
enablerepo: hgdedi
state: present
- name: Configuring Exim
copy:
src: "files/{{ item }}"
dest: /etc/
owner: root
group: root
mode: 0644
with_items:
- exim.conf.local
- exim.conf.localopts
- name: Rebuild exim configuration
shell: /scripts/buildeximconf
- name: Restart exim
systemd:
name: exim
state: restarted
- name: Disable Firewalld
service:
name: firewalld
state: stopped
enabled: no
ignore_errors: true
- name: Uninstall Firewalld
package:
name:
- firewalld
- firewalld-filesystem
state: absent
- name: Install HGfirewall
package:
name:
- hg-dedi-firewall
- hg-dedi-firewall-cpanel-plugin
state: present
enablerepo: hgdedi
- name: Configuring bash history time
lineinfile:
dest: /root/.bashrc
regexp: "^HISTTIMEFORMAT="
line: "HISTTIMEFORMAT=\"%c : \""
state: present
- name: Pull down kcare installer
get_url:
url: https://kernelcare.com/installer
dest: /tmp/kcare_installer.sh
mode: 0755
force: yes
validate_certs: false
- name: Run KCare installer
script: /tmp/kcare_installer.sh
- name: Register KCare
command: kcarectl --register RluW6BUndTODZCst
- name: Update KCare
command: kcarectl --update
- name: Set up kcare symlink protection
lineinfile:
path: /etc/sysconfig/kcare/sysctl.conf
state: present
create: yes
line: "{{ item }}"
with_items:
- fs.enforce_symlinksifowner=1
- fs.symlinkown_gid=99
- name: Set kcare patch free update
command: kcarectl --set-patch-type extra --update
- sysctl:
name: fs.enforce_symlinksifowner
sysctl_set: yes
value: 1
- sysctl:
name: fs.symlinkown_gid
sysctl_set: yes
value: 99
- name: Updating MySQL configuration
template:
src: files/my.cnf
dest: /etc/my.cnf
- name: Turning off DNS Recursion, and DNS Xfer
blockinfile:
dest: /etc/named.conf
insertafter: "options {"
block: |2
allow-query-cache { 127.0.0.1; };
additional-from-cache no;
version none;
allow-recursion { 127.0.0.1; };
- name: Installing NTP
yum:
name: ntp
state: present
- name: Configuring NTP
copy:
src: files/ntp.conf
dest: /etc/ntp.conf
owner: root
group: root
mode: 0644
- name: Configure PHP handlers
shell: "_php_vers=( $( /usr/local/cpanel/bin/rebuild_phpconf --available | /bin/awk -F: '/suphp/ {a[i++]=$1} END {while(i--) print a[i]}') ) ; /usr/local/cpanel/bin/rebuild_phpconf --errors --default=${_php_vers[0]}$(printf -- ' --%s=suphp' ${_php_vers[@]})"
ignore_errors: true
- name: Install rkhunter package
yum:
name: rkhunter
state: present
- name: Updating rsyslog.conf
copy:
src: files/rsyslog.conf
dest: /etc/
mode: 0644
- name: Update server time to Central time
timezone:
name: America/Chicago
- name: Find php.ini files in /opt/cpanel
shell: "ls /opt/cpanel/ea-php*/root/etc/php.ini"
register: list
- name: Update timezone
lineinfile:
regexp: "^date.timezone = "
line: "date.timezone = America/Chicago"
dest: "{{ item }}"
with_items: "{{ list.stdout_lines }}"
- name: Install sys-snap package
package:
name: sys-snap
state: present
- name: Install postupcp package
package:
name:
- postupcp-dedi
- eig-upcp_control
state: present
- include_vars: vars/main.yml
- name: Adding IPs to cphulkd
command: "/scripts/cphulkdwhitelist {{ item }}"
with_items: "{{ ipaddrs }}"
- name: Setting up the firewall
lineinfile:
dest: /etc/firewall/INCLUDE
insertbefore: BOF
line: "IPTABLES=/sbin/iptables"
- name: Allowlisting IPs in the firewall
lineinfile:
dest: /etc/firewall/INCLUDE
regex: "$IPTABLES -I INPUT -s {{ item }} -j ACCEPT"
line: "$IPTABLES -I INPUT -s {{ item }} -j ACCEPT"
with_items: "{{ ipaddrs }}"