Created
December 20, 2020 20:37
-
-
Save corupta/303c0de520bfe8fca73b1755ddfec6fe to your computer and use it in GitHub Desktop.
Create neo4j 3.5 deployment (run it in aws ec2 ubuntu)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
wget -O - http://debian.neo4j.org/neotechnology.gpg.key | apt-key add - | |
echo 'deb http://debian.neo4j.org/repo stable/' > /etc/apt/sources.list.d/neo4j.list | |
apt-get update | |
apt-get -y install neo4j=1:3.5.14 | |
cd /var/lib/neo4j/plugins || exit | |
wget https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/3.5.0.11/apoc-3.5.0.11-all.jar | |
wget https://github.com/neo4j-contrib/neo4j-graph-algorithms/releases/download/3.5.4.0/graph-algorithms-algo-3.5.4.0.jar | |
wget https://github.com/neo4j-contrib/spatial/releases/download/0.26.2-neo4j-3.5.2/neo4j-spatial-0.26.2-neo4j-3.5.2-server-plugin.jar | |
echo 'dbms.security.procedures.unrestricted=apoc.*, algo.*' >> /etc/neo4j/neo4j.conf | |
echo 'dbms.connectors.default_listen_address=0.0.0.0' >> /etc/neo4j/neo4j.conf | |
service neo4j restart | |
# RESTART ON REBOOT | |
cp /usr/bin/neo4j /etc/init.d/neo4j | |
echo ' | |
#!/bin/sh | |
OWNER=root #Set to the owner of the Neo4j installation | |
case "$1" in | |
"start") | |
su - $OWNER -c "service neo4j start" | |
;; | |
"stop") | |
su - $OWNER -c "service neo4j stop" | |
;; | |
"restart") | |
su - $OWNER -c "service neo4j restart" | |
;; | |
*) | |
echo "Usage: $0 { start | stop | restart }" | |
exit 1 | |
;; | |
esac | |
exit 0 | |
EOF | |
' > /etc/init.d/neo4j_ctl | |
chmod 744 /etc/init.d/neo4j_ctl | |
ln -s /etc/init.d/neo4j_ctl /etc/rc3.d/S40neo4j_ctl | |
ln -s /etc/init.d/neo4j_ctl /etc/rc5.d/S40neo4j_ctl | |
ln -s /etc/init.d/neo4j_ctl /etc/rc0.d/K30neo4j_ctl | |
# SSL PART | |
apt-get update | |
apt-get install software-properties-common | |
add-apt-repository ppa:certbot/certbot | |
apt-get update | |
apt-get install -y certbot | |
# run 'sudo certbot certonly' to obtain ssl certificates, afterwards run /home/ubuntu/ssl-neo4j.sh | |
echo '#!/usr/bin/env bash | |
sudo chgrp -R neo4j /etc/letsencrypt/* | |
sudo chmod -R g+rx /etc/letsencrypt/* | |
cd /var/lib/neo4j/certificates | |
sudo mkdir -p revoked trusted bak/trusted bak/revoked | |
sudo mv neo4j.* bak | |
sudo mv trusted/neo4j.* bak/trusted | |
sudo mv revoked/neo4j.* bak/revoked | |
export MY_DOMAIN=graph.somehost.com | |
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem neo4j.cert | |
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/privkey.pem neo4j.key | |
sudo ln -s /etc/letsencrypt/live/$MY_DOMAIN/fullchain.pem trusted/neo4j.cert | |
echo " | |
bolt.ssl_policy=default | |
dbms.ssl.policy.default.base_directory=/var/lib/neo4j/certificates | |
dbms.ssl.policy.default.allow_key_generation=false | |
dbms.ssl.policy.default.private_key=/var/lib/neo4j/certificates/neo4j.key | |
dbms.ssl.policy.default.public_certificate=/var/lib/neo4j/certificates/neo4j.cert | |
dbms.ssl.policy.default.revoked_dir=/var/lib/neo4j/certificates/revoked | |
dbms.ssl.policy.default.client_auth=NONE | |
dbms.connectors.default_advertised_address=$MY_DOMAIN | |
" >> /etc/neo4j/neo4j.conf | |
service neo4j restart | |
' > /home/ubuntu/ssl-neo4j.sh | |
chmod +x /home/ubuntu/ssl-neo4j.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment