.

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

Confs/Comandos SSL.txt

@@ -0,0 +1,11 @@
+mkdir -p /etc/apache2/ssl/fatecseg
+
+openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/fatecseg/apache.csr -keyout /etc/apache2/ssl/fatecseg/apache.key
+
+ls /etc/apache2/ssl/fatecseg
+
+wget bit.ly/fatecseg-ssl -O /etc/apache2/sites-available/site.conf
+
+a2enmod ssl
+
+systemctl restart apache2

Confs/checkP2.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+
+# Definição de cores para formatação
+GREEN="\e[32m"
+RED="\e[31m"
+CYAN="\e[36m"
+YELLOW="\e[33m"
+RESET="\e[0m"
+BOLD="\e[1m"
+
+clear
+echo -e "${BOLD}${CYAN}####### Script de Diagnóstico de Configuração #######${RESET}"
+
+read -e -p "Digite os três primeiros octetos do seu IP [192.168.]: " -i "192.168." IP
+read -e -p "Digite o seu domínio: " DOMAIN
+clear
+
+echo -e "${BOLD}${CYAN}####### Data de Instalação NS1 #######${RESET}"
+echo -e "${YELLOW}$(tune2fs -l /dev/sda1 | grep created | awk '{print $5"/"$4"/"$7" "$6}')${RESET}"
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Configuração de Rede #######${RESET}"
+ip -br addr | egrep -v ^lo
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Conectividade com a Máquina Web #######${RESET}"
+if ping -c1 "$IP.2" > /dev/null; then
+  echo -e "${GREEN}Conectividade Ok${RESET}"
+else
+  echo -e "${RED}Conectividade não Ok${RESET}"
+fi
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Conectividade com a Internet #######${RESET}"
+for server in 8.8.8.8 1.1.1.1; do
+  if ping -c1 "$server" > /dev/null; then
+    echo -e "${GREEN}Conectividade $server: Ok${RESET}"
+  else
+    echo -e "${RED}Conectividade $server: Não Ok${RESET}"
+  fi
+done
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Configuração DHCP #######${RESET}"
+systemctl status isc-dhcp-server --no-pager
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Arquivo de Configuração DHCP #######${RESET}"
+cat /etc/dhcp/dhcpd.conf
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Configuração DNS Master #######${RESET}"
+for sub in www revista blog; do
+  if nslookup "$sub.$DOMAIN.com.br" "$IP.1" > /dev/null; then
+    echo -e "${sub}.${DOMAIN}.com.br: ${GREEN}OK${RESET}"
+  else
+    echo -e "${sub}.${DOMAIN}.com.br: ${RED}Não OK${RESET}"
+  fi
+done
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Configuração DNS Slave #######${RESET}"
+for sub in www revista blog; do
+  if nslookup "$sub.$DOMAIN.com.br" "$IP.2" > /dev/null; then
+    echo -e "${sub}.${DOMAIN}.com.br: ${GREEN}OK${RESET}"
+  else
+    echo -e "${sub}.${DOMAIN}.com.br: ${RED}Não OK${RESET}"
+  fi
+done
+

Confs/checkP2_WEB.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# Definição de cores para formatação
+GREEN="\e[32m"
+RED="\e[31m"
+CYAN="\e[36m"
+YELLOW="\e[33m"
+RESET="\e[0m"
+BOLD="\e[1m"
+
+clear
+echo -e "${BOLD}${CYAN}####### Script de Diagnóstico de Configuração #######${RESET}"
+
+read -e -p "Digite os três primeiros octetos do seu IP [192.168.]: " -i "192.168." IP
+#read -e -p "Digite o seu domínio: " DOMAIN
+clear
+
+echo -e "${BOLD}${CYAN}####### Data de Instalação WEB #######${RESET}"
+echo -e "${YELLOW}$(tune2fs -l /dev/sda1 | grep created | awk '{print $5"/"$4"/"$7" "$6}')${RESET}"
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Configuração de Rede #######${RESET}"
+ip -br addr | egrep -v ^lo
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Conectividade com a Máquina NS1 #######${RESET}"
+if ping -c1 "$IP.1" > /dev/null; then
+  echo -e "${GREEN}Conectividade Ok${RESET}"
+else
+  echo -e "${RED}Conectividade não Ok${RESET}"
+fi
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Conectividade com a Internet #######${RESET}"
+for server in 8.8.8.8 1.1.1.1; do
+  if ping -c1 "$server" > /dev/null; then
+    echo -e "${GREEN}Conectividade $server: Ok${RESET}"
+  else
+    echo -e "${RED}Conectividade $server: Não Ok${RESET}"
+  fi
+done
+read -p "Pressione <Enter> para continuar..."
+
+clear
+echo -e "${BOLD}${CYAN}####### Serviço Apache  #######${RESET}"
+systemctl status apache2 --no-pager
+read -p "Pressione <Enter> para continuar..."
+clear
+
+

Confs/srv1/dhcpd.conf

@@ -0,0 +1,41 @@
+# Arquivo de configuração do servidor DHCP
+
+# Desabilita as atualizações dinâmicas de DNS
+ddns-update-style none;
+
+# Define o tempo de concessão padrão (default lease time) para 600 segundos (10 minutos)
+default-lease-time 600;
+
+# Define o tempo máximo de concessão (max lease time) para 7200 segundos (2 horas)
+max-lease-time 7200;
+
+# Define que este servidor DHCP é autoritativo (envia respostas de maneira mais agressiva)
+authoritative;
+
+# Definição da rede (subnet) e máscara de rede
+subnet 172.17.0.0 netmask 255.255.255.0 {
+
+    # Define o intervalo de endereços IP que o DHCP pode atribuir aos clientes
+    range 172.17.0.100 172.17.0.199;
+
+    # Define o endereço IP do roteador (gateway) padrão
+    option routers 172.17.0.1;
+
+    # Define os servidores DNS que serão atribuídos aos clientes
+    option domain-name-servers 172.17.0.1, 172.17.0.2;
+
+    # Define o endereço de broadcast para a rede
+    option broadcast-address 172.17.0.255;
+
+    # Impede que clientes não conhecidos (não listados explicitamente) recebam um IP
+    #deny unknown-clients;
+}
+
+# Definição de um cliente específico (host) com IP fixo
+host PC-01 {
+#    # Endereço MAC da máquina
+    hardware ethernet 08:00:27:80:FF:2D;
+
+#    # Endereço IP fixo atribuído ao cliente
+    fixed-address 172.17.0.150;
+}

Confs/srv1/dns/db.0.17.172

@@ -0,0 +1,17 @@
+$TTL 3600 ; Tempo de vida das respostas fornecidas pelo DNS (cache)
+@ IN SOA ns1.fatecseg.edu.br. hostmaster.fatecseg.edu.br. (
+    2024020901 ; Serial para controle de atualizações entre master e slave
+    28800      ; Tempo de atualizações entre master e slave (refresh)
+    7200       ; Tempo de atualizações caso o refresh falhe
+    604800     ; Tempo de expiração do slave caso não contate o master
+    7200 )     ; Tempo de vida das respostas negativas do servidor
+
+	NS ns1.fatecseg.edu.br.
+
+1   PTR ns1.fatecseg.edu.br.
+2   PTR ns2.fatecseg.edu.br.
+2   PTR www.fatecseg.edu.br.
+3   PTR smtp.fatecseg.edu.br.
+4   PTR smtp2.fatecseg.edu.br.
+5   PTR pop3.fatecseg.edu.br.
+6   PTR blog.fatecseg.edu.br.

Confs/srv1/dns/db.fatecseg.edu.br

@@ -0,0 +1,24 @@
+$TTL 3600 ; Tempo de vida das respostas fornecidas pelo DNS (cache) (1H)
+@ IN SOA ns1.fatecseg.edu.br. hostmaster.fatecseg.edu.br. (
+             2024020901 ; Serial para controle de atualizações entre master e slave
+             28800      ; Tempo de atualizações entre master e slave (refresh) (8H)
+             7200       ; Tempo de atualizações caso o refresh falhe (2H)
+             604800     ; Tempo de expiração do slave caso não contate o master (7 dias)
+             7200 )     ; Tempo de vida das repostas negativas do servidor (2H)
+
+            NS ns1.fatecseg.edu.br.
+	    NS ns2.fatecseg.edu.br.
+            IN MX 10 smtp.fatecseg.edu.br.
+            IN MX 20 smtp2.fatecseg.edu.br.
+
+fatecseg.edu.br. 	A 	172.17.0.2
+ns1 			A 	172.17.0.1
+ns2			A	172.17.0.2
+www			A 	172.17.0.2
+smtp 			A 	172.17.0.3
+smtp2 			A 	172.17.0.4
+pop3 			A	172.17.0.5
+blog			A	172.17.0.6
+ftp			A	172.17.0.3
+webmail			CNAME 	pop3
+zabbix			CNAME 	www

Confs/srv1/dns/named.conf.local

@@ -0,0 +1,15 @@
+// DNS
+zone "fatecseg.edu.br" IN {
+    type master;
+    file "/etc/bind/domains/fatecseg/db.fatecseg.edu.br";
+    allow-transfer { 172.17.0.2; };  // Permite a transferência de zona para o IP especificado
+    also-notify { 172.17.0.2; };     // Notifica este IP sobre alterações na zona
+};
+
+// DNS Reverso
+zone "0.17.172.in-addr.arpa" {
+    type master;
+    file "/etc/bind/domains/fatecseg/db.0.17.172";
+    allow-transfer { 172.17.0.2; };  // Permite a transferência de zona reversa para o IP especificado
+    also-notify { 172.17.0.2; };     // Notifica este IP sobre alterações na zona reversa
+};

Confs/srv1/dns/named.conf.options

@@ -0,0 +1,34 @@
+acl "rede_interna" {
+    172.17.0.0/24;  // Definição de uma ACL (Access Control List) chamada "rede_interna", permitindo o intervalo de IPs 172.17.0.0/24.
+};
+
+options {
+    directory "/var/cache/bind";  // Diretório onde o BIND armazena arquivos de cache.
+
+    // If there is a firewall between you and nameservers you want
+    // to talk to, you may need to fix the firewall to allow multiple
+    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+    // If your ISP provided one or more IP addresses for stable
+    // nameservers, you probably want to use them as forwarders.
+    // Uncomment the following block, and insert the addresses replacing
+    // the all-0's placeholder.
+
+    forwarders {  // Configuração de servidores de encaminhamento para resolver consultas DNS.
+        8.8.8.8;  // Google Public DNS (primário).
+        8.8.4.4;  // Google Public DNS (secundário).
+    };
+
+    //========================================================================
+    // If BIND logs error messages about the root key being expired,
+    // you will need to update your keys.  See https://www.isc.org/bind-keys
+    //========================================================================
+
+    dnssec-validation no;  // Desativa a validação DNSSEC.
+    minimal-responses yes;  // Respostas mínimas, enviando apenas os dados necessários na resposta DNS.
+    version "Empresa FatecSeg";  // Define uma string personalizada para a versão do BIND que será exibida.
+    allow-query-cache { rede_interna; };  // Permite cache de consultas para a ACL "rede_interna".
+    allow-query { any; };  // Permite consultas DNS de qualquer origem.
+    allow-recursion { rede_interna; };  // Permite recursão DNS apenas para a ACL "rede_interna".
+    listen-on-v6 { any; };  // Escuta requisições em qualquer interface IPv6.
+};

Confs/srv1/interfaces

@@ -0,0 +1,24 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+auto enp0s8
+iface enp0s8 inet static
+	address 172.17.0.1
+	netmask 255.255.255.0
+	network 172.17.0.0
+	broadcast 172.17.0.255
+
+
+auto enp0s3
+iface enp0s3 inet dhcp
+
+
+auto enp0s9
+iface enp0s9 inet static
+	address 192.168.56.102/24

Confs/srv1/isc-dhcp-server

@@ -0,0 +1,18 @@
+# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
+
+# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
+#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
+#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
+
+# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
+#DHCPDv4_PID=/var/run/dhcpd.pid
+#DHCPDv6_PID=/var/run/dhcpd6.pid
+
+# Additional options to start dhcpd with.
+#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
+#OPTIONS=""
+
+# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
+#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
+INTERFACESv4="enp0s3"
+INTERFACESv6=""

Confs/srv1/nftables.conf

@@ -0,0 +1,24 @@
+table inet filter {
+	chain input {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain forward {
+		type filter hook forward priority filter; policy accept;
+	}
+
+	chain output {
+		type filter hook output priority filter; policy accept;
+	}
+}
+table ip nat {
+	chain POSTROUTING {
+		type nat hook postrouting priority srcnat; policy accept;
+		oifname "enp0s3" counter packets 0 bytes 0 masquerade
+	}
+
+	chain PREROUTING {
+		type nat hook prerouting priority dstnat; policy accept;
+		ip saddr 192.168.56.1 ip daddr 192.168.56.200 tcp dport 10001 counter packets 0 bytes 0 dnat to 172.17.0.2:22
+	}
+}

Confs/srv1/sysctl.conf

@@ -0,0 +1,68 @@
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See /etc/sysctl.d/ for additional system variables.
+# See sysctl.conf (5) for information.
+#
+
+#kernel.domainname = example.com
+
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 3 4 1 3
+
+###################################################################
+# Functions previously found in netbase
+#
+
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+#net.ipv4.conf.default.rp_filter=1
+#net.ipv4.conf.all.rp_filter=1
+
+# Uncomment the next line to enable TCP/IP SYN cookies
+# See http://lwn.net/Articles/277146/
+# Note: This may impact IPv6 TCP sessions too
+#net.ipv4.tcp_syncookies=1
+
+# Uncomment the next line to enable packet forwarding for IPv4
+net.ipv4.ip_forward=1
+
+# Uncomment the next line to enable packet forwarding for IPv6
+#  Enabling this option disables Stateless Address Autoconfiguration
+#  based on Router Advertisements for this host
+#net.ipv6.conf.all.forwarding=1
+
+
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+#net.ipv4.conf.all.log_martians = 1
+#
+
+###################################################################
+# Magic system request Key
+# 0=disable, 1=enable all, >1 bitmask of sysrq functions
+# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html
+# for what other values do
+#kernel.sysrq=438
+

Confs/srv2/Apache/fatecseg.conf

@@ -0,0 +1,14 @@
+<VirtualHost *:80>
+ServerAdmin tiago@fatecourinhos.edu.br
+ServerName  www.fatecseg.edu.br
+DocumentRoot /dados/paginas/fatecseg
+
+<Directory /dados/paginas/fatecseg/>
+        Options -Indexes
+        AllowOverRide All
+        Require all granted
+</Directory>
+
+ErrorLog  /var/log/apache2/error-fatecseg.log
+CustomLog /var/log/apache2/access-fatecseg.log combined
+</VirtualHost>

Confs/srv2/Apache/fatecseg_ssl.conf

@@ -0,0 +1,27 @@
+<VirtualHost *:80>
+    ServerAdmin webmaster@fatecseg.edu.br
+    ServerName www.fatecseg.edu.br
+    ServerAlias fatecseg.edu.br
+    Redirect permanent / https://www.fatecseg.edu.br/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerAdmin webmaster@fatecseg.edu.br
+    ServerName www.fatecseg.edu.br
+    ServerAlias fatecseg.edu.br
+    DocumentRoot /dados/paginas/fatecseg/
+
+    <Directory /dados/paginas/fatecseg/>
+        Options -Indexes
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    ErrorLog /var/log/apache2/error_fatecseg_ssl.log
+    LogLevel warn
+    CustomLog /var/log/apache2/access_fatecseg_ssl.log combined
+
+    SSLEngine on
+    SSLCertificateFile /etc/apache2/ssl/fatecseg/apache.csr
+    SSLCertificateKeyFile /etc/apache2/ssl/fatecseg/apache.key
+</VirtualHost>

Confs/srv2/dns/named.conf.local

@@ -0,0 +1,13 @@
+// DNS
+zone "fatecseg.edu.br" IN {
+    type slave;
+    file "/var/lib/bind/db.fatecseg.edu.br";
+    masters { 172.17.0.1; };
+};
+
+// DNS Reverso
+zone "0.17.172.in-addr.arpa" {
+    type slave;
+    file "/var/lib/bind/db.0.17.172";
+    masters { 172.17.0.1; };
+};

Confs/srv2/dns/named.conf.options

@@ -0,0 +1,24 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	// forwarders {
+	// 	0.0.0.0;
+	// };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation auto;
+
+	listen-on-v6 { any; };
+};

Confs/srv2/interfaces

@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+auto enp0s3
+iface enp0s3 inet static
+	address 172.17.0.2
+	netmask 255.255.255.0
+	gateway 172.17.0.1

update_srv1.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/main/Confs/srv1/sysctl.conf -O /etc/sysctl.conf --no-check-certificate --no-cache
+#
+wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/main/Confs/srv1/interfaces -O /etc/network/interfaces --no-check-certificate --no-cache
+wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/main/Confs/srv1/nftables.conf -O /etc/nftables.conf --no-check-certificate --no-cache
+sed -i s'/enp0s8/enp0s3/g' /usr/local/bin/sync-update
+#wget https://raw.githubusercontent.com/tmferreira-ti/SSORI/refs/heads/main/configs/sshd_config -O /etc/ssh/sshd_config --no-check-certificate --no-cache
+
+#apt install isc-dhcp-server -y
+#wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/refs/heads/main/Confs/srv1/dhcpd.conf -O /etc/dhcp/dhcpd.conf --no-check-certificate --no-cache
+#wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/refs/heads/main/Confs/srv1/isc-dhcp-server -O /etc/default/isc-dhcp-server --no-check-certificate --no-cache
+
+systemctl enable nftables
+#reboot
+
+#apt install bind9 -y
+
+#wget github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv1/dns/named.conf.options -O /etc/bind/named.conf.options
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv1/dns/named.conf.local -O /etc/bind/named.conf.local --no-check-certificate --no-cache
+
+#mkdir -p /etc/bind/domains/fatecseg/
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv1/dns/db.fatecseg.edu.br -O /etc/bind/domains/fatecseg/db.fatecseg.edu.br --no-check-certificate --no-cache
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv1/dns/db.0.17.172 -O /etc/bind/domains/fatecseg/db.0.17.172 --no-check-certificate --no-cache
+
+#echo "domain fatecseg.edu.br" > /etc/resolv.conf
+#echo "search fatecseg.edu.br"  >> /etc/resolv.conf
+#echo "nameserver 172.17.0.1" >> /etc/resolv.conf
+#echo "nameserver 172.17.0.2" >> /etc/resolv.conf
+
+#chattr +i /etc/resolv.conf
+
+#systemctl restart named
+reboot

update_srv2.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+wget https://raw.githubusercontent.com/tmferreira-ti/ASOR/main/Confs/srv2/interfaces -O /etc/network/interfaces --no-check-certificate --no-cache
+#wget https://raw.githubusercontent.com/tmferreira-ti/SSORI/refs/heads/main/configs/sshd_config -O /etc/ssh/sshd_config --no-check-certificate --no-cache
+
+#apt install bind9 -y
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv2/dns/named.conf.options -O /etc/bind/named.conf.options
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv2/dns/named.conf.local -O /etc/bind/named.conf.local --no-check-certificate --no-cache
+
+#apt update
+
+#apt install apache2 -y
+
+#apt install mariadb-server -y 
+
+#apt install php php-mysql libapache2-mod-php php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc -y
+
+#wget https://github.com/tmferreira-ti/ASOR/raw/refs/heads/main/Confs/srv2/Apache/fatecseg.conf -O /etc/apache2/sites-available/site.conf --no-check-certificate --no-cache
+
+#mkdir /dados/paginas/fatecseg -p
+
+#a2ensite site.conf
+
+#a2dissite 000-default.conf
+
+#mysql -u root -p -e "CREATE DATABASE wordpress;"
+#mysql -u root -p -e "GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';"
+#mysql -u root -p -e "FLUSH PRIVILEGES;"
+
+
+#cd /dados/paginas/fatecseg/
+
+#rm -f index.html
+
+#wget wordpress.org/latest.tar.gz
+
+#tar --strip-components=1 -xzvf latest.tar.gz
+
+#rm -f latest.tar.gz
+
+#chown www-data: -R /dados/paginas/fatecseg/
+
+reboot