2019-08-05 04:56:33 +02:00
|
|
|
import codecs
|
|
|
|
|
import configparser
|
|
|
|
|
import os
|
|
|
|
|
import random
|
|
|
|
|
import shutil
|
|
|
|
|
import string
|
2019-09-02 04:37:13 +02:00
|
|
|
|
2019-09-02 23:23:47 +02:00
|
|
|
import psutil
|
2019-08-26 18:33:27 +02:00
|
|
|
import requests
|
2019-08-29 20:26:06 +02:00
|
|
|
from wo.cli.plugins.site_functions import *
|
2019-08-05 04:56:33 +02:00
|
|
|
from wo.cli.plugins.stack_services import WOStackStatusController
|
|
|
|
|
from wo.core.apt_repo import WORepo
|
|
|
|
|
from wo.core.aptget import WOAptGet
|
2019-09-02 04:37:13 +02:00
|
|
|
from wo.core.checkfqdn import check_fqdn_ip
|
2019-08-05 04:56:33 +02:00
|
|
|
from wo.core.cron import WOCron
|
|
|
|
|
from wo.core.extract import WOExtract
|
|
|
|
|
from wo.core.fileutils import WOFileUtils
|
|
|
|
|
from wo.core.git import WOGit
|
|
|
|
|
from wo.core.logging import Log
|
|
|
|
|
from wo.core.mysql import WOMysql
|
2019-10-03 15:44:23 +02:00
|
|
|
from wo.core.nginxhashbucket import hashbucket
|
2019-08-05 04:56:33 +02:00
|
|
|
from wo.core.services import WOService
|
|
|
|
|
from wo.core.shellexec import CommandExecutionError, WOShellExec
|
2019-09-21 16:42:49 +02:00
|
|
|
from wo.core.sslutils import SSL
|
2019-09-02 04:37:13 +02:00
|
|
|
from wo.core.template import WOTemplate
|
2019-10-02 13:13:32 +02:00
|
|
|
from wo.core.variables import WOVar
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def pre_pref(self, apt_packages):
|
|
|
|
|
"""Pre settings to do before installation packages"""
|
|
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
if ("mariadb-server" in apt_packages or "mariadb-client" in apt_packages):
|
2019-08-05 04:56:33 +02:00
|
|
|
# add mariadb repository excepted on raspbian and ubuntu 19.04
|
2019-10-02 13:13:32 +02:00
|
|
|
if (not WOVar.wo_distro == 'raspbian'):
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.info(self, "Adding repository for MySQL, please wait...")
|
|
|
|
|
mysql_pref = ("Package: *\nPin: origin "
|
|
|
|
|
"sfo1.mirrors.digitalocean.com"
|
|
|
|
|
"\nPin-Priority: 1000\n")
|
|
|
|
|
with open('/etc/apt/preferences.d/'
|
|
|
|
|
'MariaDB.pref', 'w') as mysql_pref_file:
|
|
|
|
|
mysql_pref_file.write(mysql_pref)
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add(self, repo_url=WOVar.wo_mysql_repo)
|
2019-09-06 13:00:24 +02:00
|
|
|
WORepo.add_key(self, '0xcbcb082a1bb943db',
|
2019-10-09 17:35:23 +02:00
|
|
|
keyserver='keyserver.ubuntu.com')
|
2019-09-06 13:00:24 +02:00
|
|
|
WORepo.add_key(self, '0xF1656F24C74CD1D8',
|
2019-10-09 17:35:23 +02:00
|
|
|
keyserver='keyserver.ubuntu.com')
|
2019-09-06 14:27:45 +02:00
|
|
|
if "mariadb-server" in apt_packages:
|
2019-08-05 04:56:33 +02:00
|
|
|
# generate random 24 characters root password
|
|
|
|
|
chars = ''.join(random.sample(string.ascii_letters, 24))
|
2019-09-01 13:59:27 +02:00
|
|
|
|
2019-08-05 04:56:33 +02:00
|
|
|
# configure MySQL non-interactive install
|
2019-10-02 13:13:32 +02:00
|
|
|
if ((WOVar.wo_distro == 'raspbian') and
|
|
|
|
|
(WOVar.wo_platform_codename == 'stretch')):
|
2019-08-15 23:46:16 +02:00
|
|
|
mariadb_ver = '10.1'
|
2019-09-01 13:59:27 +02:00
|
|
|
else:
|
|
|
|
|
mariadb_ver = '10.3'
|
2019-08-15 23:46:16 +02:00
|
|
|
|
|
|
|
|
Log.debug(self, "Pre-seeding MySQL")
|
|
|
|
|
Log.debug(self, "echo \"mariadb-server-{0} "
|
|
|
|
|
"mysql-server/root_password "
|
|
|
|
|
"password \" | "
|
|
|
|
|
"debconf-set-selections"
|
|
|
|
|
.format(mariadb_ver))
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(self, "echo \"mariadb-server-{0} "
|
|
|
|
|
"mysql-server/root_password "
|
|
|
|
|
"password {chars}\" | "
|
|
|
|
|
"debconf-set-selections"
|
|
|
|
|
.format(mariadb_ver, chars=chars),
|
|
|
|
|
log=False)
|
|
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
2019-09-02 22:24:46 +02:00
|
|
|
Log.error(self, "Failed to initialize MySQL package")
|
2019-08-15 23:46:16 +02:00
|
|
|
|
|
|
|
|
Log.debug(self, "echo \"mariadb-server-{0} "
|
|
|
|
|
"mysql-server/root_password_again "
|
|
|
|
|
"password \" | "
|
|
|
|
|
"debconf-set-selections"
|
|
|
|
|
.format(mariadb_ver))
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(self, "echo \"mariadb-server-{0} "
|
|
|
|
|
"mysql-server/root_password_again "
|
|
|
|
|
"password {chars}\" | "
|
|
|
|
|
"debconf-set-selections"
|
|
|
|
|
.format(mariadb_ver, chars=chars),
|
|
|
|
|
log=False)
|
|
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
2019-09-02 18:56:34 +02:00
|
|
|
Log.error(self, "Failed to initialize MySQL package")
|
2019-08-05 04:56:33 +02:00
|
|
|
# generate my.cnf root credentials
|
|
|
|
|
mysql_config = """
|
|
|
|
|
[client]
|
|
|
|
|
user = root
|
|
|
|
|
password = {chars}
|
|
|
|
|
""".format(chars=chars)
|
|
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
config.read_string(mysql_config)
|
|
|
|
|
Log.debug(self, 'Writting configuration into MySQL file')
|
|
|
|
|
conf_path = "/etc/mysql/conf.d/my.cnf"
|
|
|
|
|
os.makedirs(os.path.dirname(conf_path), exist_ok=True)
|
|
|
|
|
with open(conf_path, encoding='utf-8',
|
|
|
|
|
mode='w') as configfile:
|
|
|
|
|
config.write(configfile)
|
|
|
|
|
Log.debug(self, 'Setting my.cnf permission')
|
|
|
|
|
WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf", 0o600)
|
|
|
|
|
|
|
|
|
|
# add nginx repository
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_nginx).issubset(set(apt_packages)):
|
2019-08-15 00:42:49 +02:00
|
|
|
Log.info(self, "Adding repository for NGINX, please wait...")
|
2019-10-02 13:13:32 +02:00
|
|
|
if (WOVar.wo_distro == 'ubuntu'):
|
|
|
|
|
WORepo.add(self, ppa=WOVar.wo_nginx_repo)
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Adding ppa for Nginx')
|
|
|
|
|
else:
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add(self, repo_url=WOVar.wo_nginx_repo)
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Adding repository for Nginx')
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add_key(self, WOVar.wo_nginx_key)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
# add php repository
|
2019-10-02 13:13:32 +02:00
|
|
|
if (set(WOVar.wo_php73).issubset(set(apt_packages)) or
|
|
|
|
|
set(WOVar.wo_php).issubset(set(apt_packages))):
|
2019-08-15 00:42:49 +02:00
|
|
|
Log.info(self, "Adding repository for PHP, please wait...")
|
2019-10-02 13:13:32 +02:00
|
|
|
if (WOVar.wo_distro == 'ubuntu'):
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Adding ppa for PHP')
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add(self, ppa=WOVar.wo_php_repo)
|
2019-08-05 04:56:33 +02:00
|
|
|
else:
|
|
|
|
|
# Add repository for php
|
2019-10-02 13:13:32 +02:00
|
|
|
if (WOVar.wo_platform_codename == 'buster'):
|
2019-08-05 04:56:33 +02:00
|
|
|
php_pref = ("Package: *\nPin: origin "
|
|
|
|
|
"packages.sury.org"
|
|
|
|
|
"\nPin-Priority: 1000\n")
|
|
|
|
|
with open('/etc/apt/preferences.d/'
|
|
|
|
|
'PHP.pref', 'w') as php_pref_file:
|
|
|
|
|
php_pref_file.write(php_pref)
|
|
|
|
|
Log.debug(self, 'Adding repo_url of php for debian')
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add(self, repo_url=WOVar.wo_php_repo)
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Adding deb.sury GPG key')
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add_key(self, WOVar.wo_php_key)
|
2019-08-05 04:56:33 +02:00
|
|
|
# add redis repository
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_redis).issubset(set(apt_packages)):
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.info(self, "Adding repository for Redis, please wait...")
|
2019-10-02 13:13:32 +02:00
|
|
|
if WOVar.wo_distro == 'ubuntu':
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Adding ppa for redis')
|
2019-10-02 13:13:32 +02:00
|
|
|
WORepo.add(self, ppa=WOVar.wo_redis_repo)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
|
2019-08-27 15:12:01 +02:00
|
|
|
def post_pref(self, apt_packages, packages, upgrade=False):
|
2019-08-05 04:56:33 +02:00
|
|
|
"""Post activity after installation of packages"""
|
|
|
|
|
if (apt_packages):
|
|
|
|
|
# Nginx configuration
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_nginx).issubset(set(apt_packages)):
|
2019-08-29 16:19:27 +02:00
|
|
|
Log.info(self, "Applying Nginx configuration templates")
|
2019-08-05 21:48:14 +02:00
|
|
|
# Nginx main configuration
|
2019-08-19 17:40:21 +02:00
|
|
|
ngxcnf = '/etc/nginx/conf.d'
|
|
|
|
|
ngxcom = '/etc/nginx/common'
|
2019-08-19 17:55:46 +02:00
|
|
|
ngxroot = '/var/www/'
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git")
|
2019-08-27 15:12:01 +02:00
|
|
|
data = dict(tls13=True)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-08-27 15:12:01 +02:00
|
|
|
'/etc/nginx/nginx.conf',
|
|
|
|
|
'nginx-core.mustache', data)
|
2019-08-13 09:46:21 +02:00
|
|
|
|
2019-08-19 17:44:34 +02:00
|
|
|
if not os.path.isfile('{0}/gzip.conf.disabled'.format(ngxcnf)):
|
2019-08-13 09:46:21 +02:00
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '{0}/gzip.conf'.format(ngxcnf),
|
2019-08-27 15:12:01 +02:00
|
|
|
'gzip.mustache', data)
|
2019-08-13 09:46:21 +02:00
|
|
|
|
2019-08-19 17:51:11 +02:00
|
|
|
if not os.path.isfile('{0}/brotli.conf'.format(ngxcnf)):
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-08-27 15:12:01 +02:00
|
|
|
'{0}/brotli.conf.disabled'
|
|
|
|
|
.format(ngxcnf),
|
|
|
|
|
'brotli.mustache', data)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '{0}/tweaks.conf'.format(ngxcnf),
|
2019-08-27 15:12:01 +02:00
|
|
|
'tweaks.mustache', data)
|
2019-08-16 22:57:26 +02:00
|
|
|
|
2019-08-05 04:56:33 +02:00
|
|
|
# Fix for white screen death with NGINX PLUS
|
|
|
|
|
if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params',
|
|
|
|
|
'SCRIPT_FILENAME'):
|
|
|
|
|
with open('/etc/nginx/fastcgi_params',
|
|
|
|
|
encoding='utf-8', mode='a') as wo_nginx:
|
|
|
|
|
wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME '
|
|
|
|
|
'\t$request_filename;\n')
|
2019-09-01 20:39:12 +02:00
|
|
|
try:
|
|
|
|
|
data = dict(php="9000", debug="9001",
|
2019-09-04 16:55:58 +02:00
|
|
|
php7="9070", debug7="9170")
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-01 20:39:12 +02:00
|
|
|
self, '{0}/upstream.conf'.format(ngxcnf),
|
|
|
|
|
'upstream.mustache', data, overwrite=True)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-01 20:39:12 +02:00
|
|
|
data = dict(phpconf=True if
|
|
|
|
|
WOAptGet.is_installed(self, 'php7.2-fpm')
|
|
|
|
|
else False)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/stub_status.conf'.format(ngxcnf),
|
|
|
|
|
'stub_status.mustache', data)
|
|
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/webp.conf'.format(ngxcnf),
|
|
|
|
|
'webp.mustache', data, overwrite=False)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/cloudflare.conf'.format(ngxcnf),
|
|
|
|
|
'cloudflare.mustache', data)
|
2019-08-07 13:13:30 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/map-wp-fastcgi-cache.conf'.format(
|
|
|
|
|
ngxcnf),
|
|
|
|
|
'map-wp.mustache', data)
|
|
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# Setup Nginx common directory
|
2019-08-19 17:40:21 +02:00
|
|
|
if not os.path.exists('{0}'.format(ngxcom)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, 'Creating directory'
|
|
|
|
|
'/etc/nginx/common')
|
|
|
|
|
os.makedirs('/etc/nginx/common')
|
|
|
|
|
|
2019-09-01 20:39:12 +02:00
|
|
|
try:
|
|
|
|
|
data = dict()
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-01 20:39:12 +02:00
|
|
|
# Common Configuration
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/locations-wo.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'locations.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpsubdir.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpsubdir.mustache', data)
|
|
|
|
|
data = dict(upstream="php72")
|
|
|
|
|
# PHP 7.2 conf
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'php.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/redis-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'redis.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpcommon-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpcommon.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpfc-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpfc.mustache', data)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpsc-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpsc.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wprocket-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wprocket.mustache', data)
|
2019-08-15 19:59:23 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpce-php72.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpce.mustache', data)
|
|
|
|
|
# PHP 7.3 conf
|
|
|
|
|
data = dict(upstream="php73")
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'php.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/redis-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'redis.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpcommon-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpcommon.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpfc-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpfc.mustache', data)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpsc-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpsc.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wprocket-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wprocket.mustache', data)
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-09-01 20:39:12 +02:00
|
|
|
'{0}/wpce-php73.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'wpce.mustache', data)
|
|
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-09-01 16:50:13 +02:00
|
|
|
with open("/etc/nginx/common/release",
|
|
|
|
|
"w") as release_file:
|
|
|
|
|
release_file.write("v{0}"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_version))
|
2019-09-01 16:50:13 +02:00
|
|
|
release_file.close()
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
# Following files should not be overwrited
|
|
|
|
|
|
2019-08-19 18:42:16 +02:00
|
|
|
data = dict(webroot=ngxroot)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-08-27 15:12:01 +02:00
|
|
|
'{0}/acl.conf'
|
|
|
|
|
.format(ngxcom),
|
|
|
|
|
'acl.mustache', data, overwrite=False)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-08-27 15:12:01 +02:00
|
|
|
'{0}/blockips.conf'
|
|
|
|
|
.format(ngxcnf),
|
|
|
|
|
'blockips.mustache', data, overwrite=False)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self,
|
2019-08-27 15:12:01 +02:00
|
|
|
'{0}/fastcgi.conf'
|
|
|
|
|
.format(ngxcnf),
|
2019-09-01 16:50:13 +02:00
|
|
|
'fastcgi.mustache', data, overwrite=True)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
# add redis cache format if not already done
|
|
|
|
|
if (os.path.isfile("/etc/nginx/nginx.conf") and
|
|
|
|
|
not os.path.isfile("/etc/nginx/conf.d"
|
|
|
|
|
"/redis.conf")):
|
|
|
|
|
with open("/etc/nginx/conf.d/"
|
|
|
|
|
"redis.conf", "a") as redis_file:
|
2019-08-31 14:18:38 +02:00
|
|
|
redis_file.write(
|
|
|
|
|
"# Log format Settings\n"
|
|
|
|
|
"log_format rt_cache_redis "
|
|
|
|
|
"'$remote_addr "
|
|
|
|
|
"$upstream_response_time "
|
|
|
|
|
"$srcache_fetch_status "
|
|
|
|
|
"[$time_local] '\n"
|
|
|
|
|
"'$http_host \"$request\" $status"
|
|
|
|
|
" $body_bytes_sent '\n"
|
|
|
|
|
"'\"$http_referer\" "
|
|
|
|
|
"\"$http_user_agent\"';\n")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
# Nginx-Plus does not have nginx
|
|
|
|
|
# package structure like this
|
|
|
|
|
# So creating directories
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('/etc/nginx/sites-available'):
|
|
|
|
|
Log.debug(self, 'Creating directory'
|
|
|
|
|
'/etc/nginx/sites-available')
|
|
|
|
|
os.makedirs('/etc/nginx/sites-available')
|
|
|
|
|
|
|
|
|
|
if not os.path.exists('/etc/nginx/sites-enabled'):
|
|
|
|
|
Log.debug(self, 'Creating directory'
|
|
|
|
|
'/etc/nginx/sites-available')
|
|
|
|
|
os.makedirs('/etc/nginx/sites-enabled')
|
|
|
|
|
|
2019-09-02 04:37:13 +02:00
|
|
|
# 22222 port settings
|
|
|
|
|
data = dict(webroot=ngxroot)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-02 04:37:13 +02:00
|
|
|
self,
|
|
|
|
|
'/etc/nginx/sites-available/22222',
|
2019-09-06 02:23:40 +02:00
|
|
|
'22222.mustache', data, overwrite=True)
|
2019-09-02 04:37:13 +02:00
|
|
|
passwd = ''.join([random.choice
|
|
|
|
|
(string.ascii_letters + string.digits)
|
|
|
|
|
for n in range(24)])
|
|
|
|
|
if not os.path.isfile('/etc/nginx/htpasswd-wo'):
|
2019-08-05 09:45:08 +02:00
|
|
|
try:
|
2019-08-31 14:18:38 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "printf \"WordOps:"
|
|
|
|
|
"$(openssl passwd -crypt "
|
|
|
|
|
"{password} 2> /dev/null)\n\""
|
|
|
|
|
"> /etc/nginx/htpasswd-wo "
|
|
|
|
|
"2>/dev/null"
|
|
|
|
|
.format(password=passwd))
|
2019-08-05 09:45:08 +02:00
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.error(self, "Failed to save HTTP Auth")
|
2019-09-02 04:37:13 +02:00
|
|
|
if not os.path.islink('/etc/nginx/sites-enabled/22222'):
|
|
|
|
|
# Create Symbolic link for 22222
|
2019-08-31 14:18:38 +02:00
|
|
|
WOFileUtils.create_symlink(
|
|
|
|
|
self, ['/etc/nginx/'
|
|
|
|
|
'sites-available/'
|
|
|
|
|
'22222',
|
|
|
|
|
'/etc/nginx/'
|
|
|
|
|
'sites-enabled/'
|
|
|
|
|
'22222'])
|
2019-09-06 14:27:45 +02:00
|
|
|
# Create log and cert folder and softlinks
|
|
|
|
|
if not os.path.exists('{0}22222/logs'
|
|
|
|
|
.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/logs "
|
|
|
|
|
.format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/logs'
|
2019-08-31 14:18:38 +02:00
|
|
|
.format(ngxroot))
|
|
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
if not os.path.exists('{0}22222/cert'
|
|
|
|
|
.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/cert"
|
|
|
|
|
.format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/cert'
|
2019-08-31 14:18:38 +02:00
|
|
|
.format(ngxroot))
|
|
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
if not os.path.isdir('{0}22222/conf/nginx'
|
|
|
|
|
.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/conf/nginx"
|
|
|
|
|
.format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/conf/nginx'
|
2019-08-31 14:18:38 +02:00
|
|
|
.format(ngxroot))
|
|
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
WOFileUtils.create_symlink(
|
|
|
|
|
self,
|
|
|
|
|
['/var/log/nginx/'
|
|
|
|
|
'22222.access.log',
|
|
|
|
|
'{0}22222/'
|
|
|
|
|
'logs/access.log'
|
|
|
|
|
.format(ngxroot)]
|
|
|
|
|
)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
WOFileUtils.create_symlink(
|
|
|
|
|
self,
|
|
|
|
|
['/var/log/nginx/'
|
|
|
|
|
'22222.error.log',
|
|
|
|
|
'{0}22222/'
|
|
|
|
|
'logs/error.log'
|
|
|
|
|
.format(ngxroot)]
|
|
|
|
|
)
|
|
|
|
|
if (not os.path.isfile('{0}22222/cert/22222.key'
|
|
|
|
|
.format(ngxroot))):
|
2019-09-06 16:13:46 +02:00
|
|
|
SSL.selfsignedcert(self, proftpd=False, backend=True)
|
2019-09-06 14:27:45 +02:00
|
|
|
|
|
|
|
|
if not os.path.isfile('{0}22222/conf/nginx/ssl.conf'
|
|
|
|
|
.format(ngxroot)):
|
|
|
|
|
with open("/var/www/22222/conf/nginx/"
|
|
|
|
|
"ssl.conf", "w") as php_file:
|
|
|
|
|
php_file.write("ssl_certificate "
|
|
|
|
|
"/var/www/22222/cert/22222.crt;\n"
|
|
|
|
|
"ssl_certificate_key "
|
|
|
|
|
"/var/www/22222/cert/22222.key;\n")
|
2019-09-01 20:39:12 +02:00
|
|
|
|
2019-08-26 18:33:27 +02:00
|
|
|
server_ip = requests.get('http://v4.wordops.eu')
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-08-31 01:02:16 +02:00
|
|
|
if set(["nginx"]).issubset(set(apt_packages)):
|
|
|
|
|
print("WordOps backend configuration was successful\n"
|
|
|
|
|
"You can access it on : https://{0}:22222"
|
|
|
|
|
.format(server_ip))
|
|
|
|
|
print("HTTP Auth User Name: WordOps" +
|
|
|
|
|
"\nHTTP Auth Password : {0}".format(passwd))
|
|
|
|
|
WOService.reload_service(self, 'nginx')
|
|
|
|
|
else:
|
|
|
|
|
self.msg = (self.msg + ["HTTP Auth User "
|
|
|
|
|
"Name: WordOps"] +
|
|
|
|
|
["HTTP Auth Password : {0}"
|
|
|
|
|
.format(passwd)])
|
|
|
|
|
self.msg = (self.msg + ["WordOps backend is available "
|
|
|
|
|
"on https://{0}:22222 "
|
|
|
|
|
"or https://{1}:22222"
|
|
|
|
|
.format(server_ip.text,
|
2019-10-02 13:13:32 +02:00
|
|
|
WOVar.wo_fqdn)])
|
2019-08-27 15:12:01 +02:00
|
|
|
|
2019-08-29 19:22:29 +02:00
|
|
|
if not os.path.isfile("/opt/cf-update.sh"):
|
2019-08-31 14:27:47 +02:00
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '/opt/cf-update.sh',
|
2019-08-29 19:22:29 +02:00
|
|
|
'cf-update.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOFileUtils.chmod(self, "/opt/cf-update.sh", 0o775)
|
|
|
|
|
WOCron.setcron_weekly(self, '/opt/cf-update.sh '
|
|
|
|
|
'> /dev/null 2>&1',
|
|
|
|
|
comment='Cloudflare IP refresh cronjob '
|
|
|
|
|
'added by WordOps')
|
2019-08-27 15:12:01 +02:00
|
|
|
|
|
|
|
|
# Nginx Configation into GIT
|
2019-09-27 11:58:02 +02:00
|
|
|
if not WOService.restart_service(self, 'nginx'):
|
|
|
|
|
try:
|
|
|
|
|
hashbucket(self)
|
|
|
|
|
WOService.restart_service(self, 'nginx')
|
|
|
|
|
except Exception:
|
|
|
|
|
Log.warn(
|
|
|
|
|
self, "increasing nginx server_names_hash_bucket_size "
|
|
|
|
|
"do not fix the issue")
|
|
|
|
|
Log.info(self, "Rolling back to previous configuration")
|
|
|
|
|
WOGit.rollback(self, ["/etc/nginx"])
|
|
|
|
|
if not WOService.restart_service(self, 'nginx'):
|
|
|
|
|
Log.error(
|
|
|
|
|
self, "There is an error in Nginx configuration.\n"
|
|
|
|
|
"Use the command nginx -t to identify "
|
|
|
|
|
"the cause of this issue", False)
|
2019-10-03 15:44:23 +02:00
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git")
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_php).issubset(set(apt_packages)):
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git")
|
2019-08-29 16:19:27 +02:00
|
|
|
Log.info(self, "Configuring php7.2-fpm")
|
2019-08-19 18:45:30 +02:00
|
|
|
ngxroot = '/var/www/'
|
2019-08-05 09:45:08 +02:00
|
|
|
# Create log directories
|
|
|
|
|
if not os.path.exists('/var/log/php/7.2/'):
|
|
|
|
|
Log.debug(self, 'Creating directory /var/log/php/7.2/')
|
|
|
|
|
os.makedirs('/var/log/php/7.2/')
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-19 17:40:21 +02:00
|
|
|
if not os.path.isfile('/etc/php/7.2/fpm/php.ini.orig'):
|
|
|
|
|
WOFileUtils.copyfile(self, '/etc/php/7.2/fpm/php.ini',
|
|
|
|
|
'/etc/php/7.2/fpm/php.ini.orig')
|
|
|
|
|
|
|
|
|
|
# Parse etc/php/7.2/fpm/php.ini
|
2019-08-05 12:25:00 +02:00
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
Log.debug(self, "configuring php file "
|
|
|
|
|
"/etc/php/7.2/fpm/php.ini")
|
2019-08-19 17:40:21 +02:00
|
|
|
config.read('/etc/php/7.2/fpm/php.ini.orig')
|
2019-08-05 12:25:00 +02:00
|
|
|
config['PHP']['expose_php'] = 'Off'
|
|
|
|
|
config['PHP']['post_max_size'] = '100M'
|
|
|
|
|
config['PHP']['upload_max_filesize'] = '100M'
|
|
|
|
|
config['PHP']['max_execution_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_vars'] = '20000'
|
2019-10-02 13:13:32 +02:00
|
|
|
config['Date']['date.timezone'] = WOVar.wo_timezone
|
2019-08-05 12:25:00 +02:00
|
|
|
config['opcache']['opcache.enable'] = '1'
|
|
|
|
|
config['opcache']['opcache.interned_strings_buffer'] = '8'
|
|
|
|
|
config['opcache']['opcache.max_accelerated_files'] = '10000'
|
|
|
|
|
config['opcache']['opcache.memory_consumption'] = '256'
|
|
|
|
|
config['opcache']['opcache.save_comments'] = '1'
|
|
|
|
|
config['opcache']['opcache.revalidate_freq'] = '5'
|
|
|
|
|
config['opcache']['opcache.consistency_checks'] = '0'
|
|
|
|
|
config['opcache']['opcache.validate_timestamps'] = '1'
|
|
|
|
|
with open('/etc/php/7.2/fpm/php.ini',
|
|
|
|
|
encoding='utf-8', mode='w') as configfile:
|
|
|
|
|
Log.debug(self, "Writting php configuration into "
|
2019-08-05 04:56:33 +02:00
|
|
|
"/etc/php/7.2/fpm/php.ini")
|
2019-08-05 12:25:00 +02:00
|
|
|
config.write(configfile)
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-25 13:05:23 +02:00
|
|
|
# Render php-fpm pool template for php7.3
|
2019-08-05 12:25:00 +02:00
|
|
|
data = dict(pid="/run/php/php7.2-fpm.pid",
|
2019-09-25 13:05:23 +02:00
|
|
|
error_log="/var/log/php7.2-fpm.log",
|
2019-08-15 23:46:16 +02:00
|
|
|
include="/etc/php/7.2/fpm/pool.d/*.conf")
|
2019-09-25 13:05:23 +02:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/php/7.2/fpm/php-fpm.conf',
|
|
|
|
|
'php-fpm.mustache', data)
|
|
|
|
|
|
|
|
|
|
data = dict(pool='www-php72', listen='php72-fpm.sock',
|
|
|
|
|
user='www-data',
|
|
|
|
|
group='www-data', listenuser='root',
|
|
|
|
|
listengroup='www-data', openbasedir=True)
|
|
|
|
|
WOTemplate.deploy(self, '/etc/php/7.2/fpm/pool.d/www.conf',
|
|
|
|
|
'php-pool.mustache', data)
|
|
|
|
|
data = dict(pool='www-two-php72', listen='php72-two-fpm.sock',
|
|
|
|
|
user='www-data',
|
|
|
|
|
group='www-data', listenuser='root',
|
|
|
|
|
listengroup='www-data', openbasedir=True)
|
|
|
|
|
WOTemplate.deploy(self, '/etc/php/7.2/fpm/pool.d/www-two.conf',
|
|
|
|
|
'php-pool.mustache', data)
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# Generate /etc/php/7.2/fpm/pool.d/debug.conf
|
|
|
|
|
WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf",
|
|
|
|
|
"/etc/php/7.2/fpm/pool.d/debug.conf")
|
|
|
|
|
WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/"
|
2019-09-25 14:30:29 +02:00
|
|
|
"debug.conf", "[www-php72]", "[debug]")
|
2019-08-05 12:25:00 +02:00
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
config.read('/etc/php/7.2/fpm/pool.d/debug.conf')
|
|
|
|
|
config['debug']['listen'] = '127.0.0.1:9172'
|
|
|
|
|
config['debug']['rlimit_core'] = 'unlimited'
|
|
|
|
|
config['debug']['slowlog'] = '/var/log/php/7.2/slow.log'
|
|
|
|
|
config['debug']['request_slowlog_timeout'] = '10s'
|
|
|
|
|
with open('/etc/php/7.2/fpm/pool.d/debug.conf',
|
|
|
|
|
encoding='utf-8', mode='w') as confifile:
|
|
|
|
|
Log.debug(self, "writting PHP7.2 configuration into "
|
|
|
|
|
"/etc/php/7.2/fpm/pool.d/debug.conf")
|
|
|
|
|
config.write(confifile)
|
|
|
|
|
|
|
|
|
|
with open("/etc/php/7.2/fpm/pool.d/debug.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as myfile:
|
|
|
|
|
myfile.write("php_admin_value[xdebug.profiler_output_dir] "
|
|
|
|
|
"= /tmp/ \nphp_admin_value[xdebug.profiler_"
|
|
|
|
|
"output_name] = cachegrind.out.%p-%H-%R "
|
|
|
|
|
"\nphp_admin_flag[xdebug.profiler_enable"
|
|
|
|
|
"_trigger] = on \nphp_admin_flag[xdebug."
|
|
|
|
|
"profiler_enable] = off\n")
|
|
|
|
|
|
|
|
|
|
# Disable xdebug
|
|
|
|
|
if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'"
|
|
|
|
|
" /etc/php/7.2/mods-available/"
|
|
|
|
|
"xdebug.ini"):
|
|
|
|
|
WOFileUtils.searchreplace(self, "/etc/php/7.2/"
|
|
|
|
|
"mods-available/"
|
|
|
|
|
"xdebug.ini",
|
|
|
|
|
"zend_extension",
|
|
|
|
|
";zend_extension")
|
|
|
|
|
|
|
|
|
|
# PHP and Debug pull configuration
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/fpm/status/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/fpm/status/ '
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/fpm/status/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-09-01 20:39:12 +02:00
|
|
|
open('{0}22222/htdocs/fpm/status/debug72'
|
|
|
|
|
.format(ngxroot),
|
|
|
|
|
encoding='utf-8', mode='a').close()
|
|
|
|
|
open('{0}22222/htdocs/fpm/status/php72'
|
|
|
|
|
.format(ngxroot),
|
|
|
|
|
encoding='utf-8', mode='a').close()
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# Write info.php
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/php/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/php/ '
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/php'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
|
2019-09-01 20:39:12 +02:00
|
|
|
with open("{0}22222/htdocs/php/info.php"
|
|
|
|
|
.format(ngxroot),
|
|
|
|
|
encoding='utf-8', mode='w') as myfile:
|
|
|
|
|
myfile.write("<?php\nphpinfo();\n?>")
|
2019-08-05 12:25:00 +02:00
|
|
|
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, "{0}22222/htdocs"
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data', recursive=True)
|
2019-08-05 12:25:00 +02:00
|
|
|
|
2019-10-03 15:44:23 +02:00
|
|
|
# check service restart or rollback configuration
|
|
|
|
|
if not WOService.restart_service(self, 'php7.2-fpm'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/php"], msg="Rollback PHP")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# PHP7.3 configuration
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_php73).issubset(set(apt_packages)):
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git")
|
2019-08-29 16:19:27 +02:00
|
|
|
Log.info(self, "Configuring php7.3-fpm")
|
2019-08-19 18:45:30 +02:00
|
|
|
ngxroot = '/var/www/'
|
2019-08-05 09:45:08 +02:00
|
|
|
# Create log directories
|
|
|
|
|
if not os.path.exists('/var/log/php/7.3/'):
|
|
|
|
|
Log.debug(self, 'Creating directory /var/log/php/7.3/')
|
|
|
|
|
os.makedirs('/var/log/php/7.3/')
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-19 17:40:21 +02:00
|
|
|
if not os.path.isfile('/etc/php/7.3/fpm/php.ini.orig'):
|
|
|
|
|
WOFileUtils.copyfile(self, '/etc/php/7.3/fpm/php.ini',
|
|
|
|
|
'/etc/php/7.3/fpm/php.ini.orig')
|
|
|
|
|
|
2019-08-05 12:25:00 +02:00
|
|
|
# Parse etc/php/7.3/fpm/php.ini
|
|
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
Log.debug(self, "configuring php file /etc/php/7.3/"
|
|
|
|
|
"fpm/php.ini")
|
2019-08-19 17:40:21 +02:00
|
|
|
config.read('/etc/php/7.3/fpm/php.ini.orig')
|
2019-08-05 12:25:00 +02:00
|
|
|
config['PHP']['expose_php'] = 'Off'
|
|
|
|
|
config['PHP']['post_max_size'] = '100M'
|
|
|
|
|
config['PHP']['upload_max_filesize'] = '100M'
|
|
|
|
|
config['PHP']['max_execution_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_vars'] = '20000'
|
2019-10-02 13:13:32 +02:00
|
|
|
config['Date']['date.timezone'] = WOVar.wo_timezone
|
2019-08-05 12:25:00 +02:00
|
|
|
config['opcache']['opcache.enable'] = '1'
|
|
|
|
|
config['opcache']['opcache.interned_strings_buffer'] = '8'
|
|
|
|
|
config['opcache']['opcache.max_accelerated_files'] = '10000'
|
|
|
|
|
config['opcache']['opcache.memory_consumption'] = '256'
|
|
|
|
|
config['opcache']['opcache.save_comments'] = '1'
|
|
|
|
|
config['opcache']['opcache.revalidate_freq'] = '5'
|
|
|
|
|
config['opcache']['opcache.consistency_checks'] = '0'
|
|
|
|
|
config['opcache']['opcache.validate_timestamps'] = '1'
|
|
|
|
|
with open('/etc/php/7.3/fpm/php.ini',
|
|
|
|
|
encoding='utf-8', mode='w') as configfile:
|
|
|
|
|
Log.debug(self, "Writting php configuration into "
|
|
|
|
|
"/etc/php/7.3/fpm/php.ini")
|
|
|
|
|
config.write(configfile)
|
|
|
|
|
|
2019-09-25 13:05:23 +02:00
|
|
|
# Render php-fpm pool template for php7.3
|
2019-08-05 12:25:00 +02:00
|
|
|
data = dict(pid="/run/php/php7.3-fpm.pid",
|
2019-08-15 23:46:16 +02:00
|
|
|
error_log="/var/log/php7.3-fpm.log",
|
|
|
|
|
include="/etc/php/7.3/fpm/pool.d/*.conf")
|
2019-09-25 13:05:23 +02:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/php/7.3/fpm/php-fpm.conf',
|
|
|
|
|
'php-fpm.mustache', data)
|
|
|
|
|
|
|
|
|
|
data = dict(pool='www-php73', listen='php73-fpm.sock',
|
|
|
|
|
user='www-data',
|
|
|
|
|
group='www-data', listenuser='root',
|
|
|
|
|
listengroup='www-data', openbasedir=True)
|
|
|
|
|
WOTemplate.deploy(self, '/etc/php/7.3/fpm/pool.d/www.conf',
|
|
|
|
|
'php-pool.mustache', data)
|
|
|
|
|
data = dict(pool='www-two-php73', listen='php73-two-fpm.sock',
|
|
|
|
|
user='www-data',
|
|
|
|
|
group='www-data', listenuser='root',
|
|
|
|
|
listengroup='www-data', openbasedir=True)
|
|
|
|
|
WOTemplate.deploy(self, '/etc/php/7.3/fpm/pool.d/www-two.conf',
|
|
|
|
|
'php-pool.mustache', data)
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# Generate /etc/php/7.3/fpm/pool.d/debug.conf
|
|
|
|
|
WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf",
|
|
|
|
|
"/etc/php/7.3/fpm/pool.d/debug.conf")
|
|
|
|
|
WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/"
|
2019-09-25 14:30:29 +02:00
|
|
|
"debug.conf", "[www-php73]", "[debug]")
|
2019-08-05 12:25:00 +02:00
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
config.read('/etc/php/7.3/fpm/pool.d/debug.conf')
|
|
|
|
|
config['debug']['listen'] = '127.0.0.1:9173'
|
|
|
|
|
config['debug']['rlimit_core'] = 'unlimited'
|
|
|
|
|
config['debug']['slowlog'] = '/var/log/php/7.3/slow.log'
|
|
|
|
|
config['debug']['request_slowlog_timeout'] = '10s'
|
|
|
|
|
with open('/etc/php/7.3/fpm/pool.d/debug.conf',
|
|
|
|
|
encoding='utf-8', mode='w') as confifile:
|
|
|
|
|
Log.debug(self, "writting PHP 7.3 configuration into "
|
|
|
|
|
"/etc/php/7.3/fpm/pool.d/debug.conf")
|
|
|
|
|
config.write(confifile)
|
|
|
|
|
|
|
|
|
|
with open("/etc/php/7.3/fpm/pool.d/debug.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as myfile:
|
2019-09-15 14:47:58 +02:00
|
|
|
myfile.write(
|
|
|
|
|
"php_admin_value[xdebug.profiler_output_dir] "
|
|
|
|
|
"= /tmp/ \nphp_admin_value[xdebug.profiler_"
|
|
|
|
|
"output_name] = cachegrind.out.%p-%H-%R "
|
|
|
|
|
"\nphp_admin_flag[xdebug.profiler_enable"
|
|
|
|
|
"_trigger] = on \nphp_admin_flag[xdebug."
|
|
|
|
|
"profiler_enable] = off\n")
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# Disable xdebug
|
2019-09-15 14:47:58 +02:00
|
|
|
if not WOShellExec.cmd_exec(
|
|
|
|
|
self, "grep -q \';zend_extension\'"
|
|
|
|
|
" /etc/php/7.3/mods-available/xdebug.ini"):
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/php/7.3/mods-available/"
|
|
|
|
|
"xdebug.ini",
|
|
|
|
|
"zend_extension", ";zend_extension")
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# PHP and Debug pull configuration
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/fpm/status/'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/fpm/status/ '
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/fpm/status/'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
open('{0}22222/htdocs/fpm/status/debug73'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot),
|
2019-08-05 12:25:00 +02:00
|
|
|
encoding='utf-8', mode='a').close()
|
|
|
|
|
open('{0}22222/htdocs/fpm/status/php73'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot),
|
2019-08-05 12:25:00 +02:00
|
|
|
encoding='utf-8', mode='a').close()
|
|
|
|
|
|
|
|
|
|
# Write info.php
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/php/'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/php/ '
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/php'
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
with open("{0}22222/htdocs/php/info.php"
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot),
|
2019-08-05 12:25:00 +02:00
|
|
|
encoding='utf-8', mode='w') as myfile:
|
|
|
|
|
myfile.write("<?php\nphpinfo();\n?>")
|
|
|
|
|
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, "{0}22222/htdocs"
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data', recursive=True)
|
2019-10-03 15:44:23 +02:00
|
|
|
# check service restart or rollback configuration
|
|
|
|
|
if not WOService.restart_service(self, 'php7.3-fpm'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/php"], msg="Rollback PHP")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# create mysql config if it doesn't exist
|
2019-09-06 14:37:47 +02:00
|
|
|
if "mariadb-server" in apt_packages:
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git")
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.isfile("/etc/mysql/my.cnf"):
|
|
|
|
|
config = ("[mysqld]\nwait_timeout = 30\n"
|
|
|
|
|
"interactive_timeout=60\nperformance_schema = 0"
|
|
|
|
|
"\nquery_cache_type = 1")
|
|
|
|
|
config_file = open("/etc/mysql/my.cnf",
|
|
|
|
|
encoding='utf-8', mode='w')
|
|
|
|
|
config_file.write(config)
|
|
|
|
|
config_file.close()
|
2019-09-04 18:33:13 +02:00
|
|
|
else:
|
2019-08-29 16:19:27 +02:00
|
|
|
Log.info(self, "Tuning MariaDB configuration")
|
2019-09-04 18:40:11 +02:00
|
|
|
if not os.path.isfile("/etc/mysql/my.cnf.default-pkg"):
|
|
|
|
|
WOFileUtils.copyfile(self, "/etc/mysql/my.cnf",
|
|
|
|
|
"/etc/mysql/my.cnf.default-pkg")
|
2019-08-05 14:22:20 +02:00
|
|
|
wo_ram = psutil.virtual_memory().total / (1024 * 1024)
|
2019-08-26 18:05:26 +02:00
|
|
|
# set InnoDB variable depending on the RAM available
|
2019-08-05 14:22:20 +02:00
|
|
|
wo_ram_innodb = int(wo_ram*0.3)
|
|
|
|
|
wo_ram_log_buffer = int(wo_ram_innodb*0.25)
|
|
|
|
|
wo_ram_log_size = int(wo_ram_log_buffer*0.5)
|
2019-09-04 19:44:57 +02:00
|
|
|
if (wo_ram < 2000):
|
2019-09-04 18:33:13 +02:00
|
|
|
wo_innodb_instance = int(1)
|
|
|
|
|
tmp_table_size = int(32)
|
2019-09-04 19:44:57 +02:00
|
|
|
elif (wo_ram > 2000) and (wo_ram < 64000):
|
|
|
|
|
wo_innodb_instance = int(wo_ram/1000)
|
|
|
|
|
tmp_table_size = int(128)
|
|
|
|
|
elif (wo_ram > 64000):
|
2019-09-04 18:33:13 +02:00
|
|
|
wo_innodb_instance = int(64)
|
|
|
|
|
tmp_table_size = int(256)
|
|
|
|
|
data = dict(
|
|
|
|
|
tmp_table_size=tmp_table_size, inno_log=wo_ram_log_size,
|
|
|
|
|
inno_buffer=wo_ram_innodb,
|
|
|
|
|
inno_log_buffer=wo_ram_log_buffer,
|
|
|
|
|
innodb_instances=wo_innodb_instance)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-04 18:33:13 +02:00
|
|
|
self, '/etc/mysql/my.cnf', 'my.mustache', data)
|
2019-08-05 14:22:20 +02:00
|
|
|
# replacing default values
|
|
|
|
|
Log.debug(self, "Tuning MySQL configuration")
|
2019-08-26 18:05:26 +02:00
|
|
|
# set innodb_buffer_pool_instances depending
|
|
|
|
|
# on the amount of RAM
|
2019-08-05 14:22:20 +02:00
|
|
|
WOService.stop_service(self, 'mysql')
|
|
|
|
|
WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0',
|
|
|
|
|
'/var/lib/mysql/ib_logfile0.bak')
|
|
|
|
|
WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile1',
|
|
|
|
|
'/var/lib/mysql/ib_logfile1.bak')
|
|
|
|
|
WOService.start_service(self, 'mysql')
|
|
|
|
|
|
|
|
|
|
WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair '
|
|
|
|
|
'> /dev/null 2>&1',
|
|
|
|
|
comment='MySQL optimization cronjob '
|
|
|
|
|
'added by WordOps')
|
|
|
|
|
WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# create fail2ban configuration files
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_fail2ban).issubset(set(apt_packages)):
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/fail2ban"],
|
|
|
|
|
msg="Adding Fail2ban into Git")
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"):
|
2019-08-29 16:19:27 +02:00
|
|
|
Log.info(self, "Configuring Fail2Ban")
|
2019-08-05 09:45:08 +02:00
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-15 14:47:58 +02:00
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/jail.d/custom.conf',
|
|
|
|
|
'fail2ban.mustache',
|
|
|
|
|
data, overwrite=False)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-15 14:47:58 +02:00
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/filter.d/wo-wordpress.conf',
|
|
|
|
|
'fail2ban-wp.mustache',
|
|
|
|
|
data, overwrite=False)
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(
|
2019-09-15 14:47:58 +02:00
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/filter.d/nginx-forbidden.conf',
|
|
|
|
|
'fail2ban-forbidden.mustache',
|
|
|
|
|
data, overwrite=False)
|
2019-08-20 13:53:41 +02:00
|
|
|
|
2019-10-03 15:44:23 +02:00
|
|
|
if not WOService.reload_service(self, 'fail2ban'):
|
|
|
|
|
WOGit.rollback(
|
|
|
|
|
self, ['/etc/fail2ban'], msg="Rollback f2b config")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/fail2ban"],
|
|
|
|
|
msg="Adding Fail2ban into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
# Proftpd configuration
|
2019-09-06 14:37:47 +02:00
|
|
|
if "proftpd-basic" in apt_packages:
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Adding ProFTPd into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
if os.path.isfile("/etc/proftpd/proftpd.conf"):
|
|
|
|
|
Log.debug(self, "Setting up Proftpd configuration")
|
2019-09-15 14:47:58 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/proftpd/proftpd.conf",
|
|
|
|
|
"# DefaultRoot", "DefaultRoot")
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/proftpd/proftpd.conf",
|
|
|
|
|
"# RequireValidShell", "RequireValidShell")
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/proftpd/proftpd.conf",
|
|
|
|
|
"# PassivePorts "
|
|
|
|
|
"49152 65534",
|
|
|
|
|
"PassivePorts "
|
|
|
|
|
" 49000 50000")
|
2019-08-05 04:56:33 +02:00
|
|
|
# proftpd TLS configuration
|
|
|
|
|
if not os.path.isdir("/etc/proftpd/ssl"):
|
|
|
|
|
WOFileUtils.mkdir(self, "/etc/proftpd/ssl")
|
2019-09-06 16:13:46 +02:00
|
|
|
SSL.selfsignedcert(self, proftpd=True, backend=False)
|
2019-08-05 04:56:33 +02:00
|
|
|
WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700)
|
|
|
|
|
WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700)
|
|
|
|
|
data = dict()
|
2019-09-25 14:30:29 +02:00
|
|
|
WOTemplate.deploy(self, '/etc/proftpd/tls.conf',
|
|
|
|
|
'proftpd-tls.mustache', data)
|
2019-08-05 04:56:33 +02:00
|
|
|
WOFileUtils.searchreplace(self, "/etc/proftpd/"
|
|
|
|
|
"proftpd.conf",
|
|
|
|
|
"#Include /etc/proftpd/tls.conf",
|
|
|
|
|
"Include /etc/proftpd/tls.conf")
|
|
|
|
|
WOService.restart_service(self, 'proftpd')
|
|
|
|
|
|
2019-09-24 12:09:43 +02:00
|
|
|
if os.path.isfile('/etc/ufw/ufw.conf'):
|
|
|
|
|
# add rule for proftpd with UFW
|
|
|
|
|
if WOFileUtils.grepcheck(
|
|
|
|
|
self, '/etc/ufw/ufw.conf', 'ENABLED=yes'):
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw limit 21")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw allow 49000:50000/tcp")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw reload")
|
|
|
|
|
except Exception as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.error(self, "Unable to add UFW rules")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-29 20:02:35 +02:00
|
|
|
if ((os.path.isfile("/etc/fail2ban/jail.d/custom.conf")) and
|
2019-09-01 13:59:27 +02:00
|
|
|
(not WOFileUtils.grep(
|
|
|
|
|
self, "/etc/fail2ban/jail.d/custom.conf",
|
|
|
|
|
"proftpd"))):
|
2019-08-05 04:56:33 +02:00
|
|
|
with open("/etc/fail2ban/jail.d/custom.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as f2bproftpd:
|
|
|
|
|
f2bproftpd.write("\n\n[proftpd]\nenabled = true\n")
|
|
|
|
|
WOService.reload_service(self, 'fail2ban')
|
|
|
|
|
|
2019-10-03 15:44:23 +02:00
|
|
|
if not WOService.reload_service(self, 'proftpd'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Rollback ProFTPd")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Adding ProFTPd into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-09-20 14:21:42 +02:00
|
|
|
if "ufw" in apt_packages:
|
|
|
|
|
# check if ufw is already enabled
|
|
|
|
|
if not WOFileUtils.grep(self,
|
|
|
|
|
'/etc/ufw/ufw.conf', 'ENABLED=yes'):
|
|
|
|
|
Log.wait(self, "Configuring UFW")
|
|
|
|
|
# check if ufw script is already created
|
|
|
|
|
if not os.path.isfile("/opt/ufw.sh"):
|
|
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '/opt/ufw.sh',
|
2019-09-20 14:21:42 +02:00
|
|
|
'ufw.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOFileUtils.chmod(self, "/opt/ufw.sh", 0o700)
|
|
|
|
|
# setup ufw rules
|
|
|
|
|
WOShellExec.cmd_exec(self, "bash /opt/ufw.sh")
|
|
|
|
|
Log.valide(self, "Configuring UFW")
|
|
|
|
|
else:
|
|
|
|
|
Log.info(self, "UFW is already installed and enabled")
|
|
|
|
|
|
2019-08-31 12:18:16 +02:00
|
|
|
# Redis configuration
|
2019-09-06 14:37:47 +02:00
|
|
|
if "redis-server" in apt_packages:
|
2019-08-31 12:18:16 +02:00
|
|
|
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
|
|
|
|
|
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/"
|
|
|
|
|
"upstream.conf",
|
|
|
|
|
"redis"):
|
|
|
|
|
with open("/etc/nginx/conf.d/upstream.conf",
|
|
|
|
|
"a") as redis_file:
|
|
|
|
|
redis_file.write("upstream redis {\n"
|
|
|
|
|
" server 127.0.0.1:6379;\n"
|
|
|
|
|
" keepalive 10;\n}\n")
|
|
|
|
|
|
|
|
|
|
if os.path.isfile("/etc/nginx/nginx.conf"):
|
|
|
|
|
if not os.path.isfile("/etc/nginx/conf.d/redis.conf"):
|
|
|
|
|
with open("/etc/nginx/conf.d/redis.conf",
|
|
|
|
|
"a") as redis_file:
|
2019-09-01 13:59:27 +02:00
|
|
|
redis_file.write(
|
|
|
|
|
"# Log format Settings\n"
|
|
|
|
|
"log_format rt_cache_redis '$remote_addr "
|
|
|
|
|
"$upstream_response_time $srcache_fetch_status "
|
|
|
|
|
"[$time_local] '\n '$http_host \"$request\" "
|
|
|
|
|
"$status $body_bytes_sent '\n'\"$http_referer\" "
|
|
|
|
|
"\"$http_user_agent\"';\n")
|
2019-08-31 12:18:16 +02:00
|
|
|
# set redis.conf parameter
|
|
|
|
|
# set maxmemory 10% for ram below 512MB and 20% for others
|
|
|
|
|
# set maxmemory-policy allkeys-lru
|
|
|
|
|
# enable systemd service
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/redis"],
|
|
|
|
|
msg="Adding Redis into Git")
|
2019-08-31 12:18:16 +02:00
|
|
|
Log.debug(self, "Enabling redis systemd service")
|
|
|
|
|
WOShellExec.cmd_exec(self, "systemctl enable redis-server")
|
|
|
|
|
if (os.path.isfile("/etc/redis/redis.conf") and
|
2019-08-31 14:18:38 +02:00
|
|
|
(not WOFileUtils.grep(self, "/etc/redis/redis.conf",
|
|
|
|
|
"WordOps"))):
|
2019-09-06 14:47:50 +02:00
|
|
|
Log.wait(self, "Tuning Redis configuration")
|
2019-08-31 12:18:16 +02:00
|
|
|
with open("/etc/redis/redis.conf",
|
2019-08-20 13:53:41 +02:00
|
|
|
"a") as redis_file:
|
2019-09-25 14:47:48 +02:00
|
|
|
redis_file.write("\n# WordOps v3.9.9\n")
|
2019-08-31 12:18:16 +02:00
|
|
|
wo_ram = psutil.virtual_memory().total / (1024 * 1024)
|
|
|
|
|
if wo_ram < 1024:
|
|
|
|
|
Log.debug(self, "Setting maxmemory variable to "
|
|
|
|
|
"{0} in redis.conf"
|
|
|
|
|
.format(int(wo_ram*1024*1024*0.1)))
|
|
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory <bytes>",
|
|
|
|
|
"maxmemory {0}"
|
|
|
|
|
.format
|
|
|
|
|
(int(wo_ram*1024*1024*0.1)))
|
2019-08-20 13:53:41 +02:00
|
|
|
|
2019-08-31 12:18:16 +02:00
|
|
|
else:
|
|
|
|
|
Log.debug(self, "Setting maxmemory variable to {0} "
|
|
|
|
|
"in redis.conf"
|
|
|
|
|
.format(int(wo_ram*1024*1024*0.2)))
|
|
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory <bytes>",
|
|
|
|
|
"maxmemory {0}"
|
|
|
|
|
.format
|
|
|
|
|
(int(wo_ram*1024*1024*0.2)))
|
|
|
|
|
|
|
|
|
|
Log.debug(
|
|
|
|
|
self, "Setting maxmemory-policy variable to "
|
|
|
|
|
"allkeys-lru in redis.conf")
|
2019-09-01 13:59:27 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory-policy noeviction",
|
|
|
|
|
"maxmemory-policy allkeys-lru")
|
2019-08-31 12:18:16 +02:00
|
|
|
Log.debug(
|
|
|
|
|
self, "Setting tcp-backlog variable to "
|
|
|
|
|
"in redis.conf")
|
2019-08-07 03:05:32 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
2019-08-31 12:18:16 +02:00
|
|
|
"tcp-backlog 511",
|
|
|
|
|
"tcp-backlog 32768")
|
|
|
|
|
WOFileUtils.chown(self, '/etc/redis/redis.conf',
|
|
|
|
|
'redis', 'redis', recursive=False)
|
2019-09-06 14:47:50 +02:00
|
|
|
Log.valide(self, "Tuning Redis configuration")
|
2019-10-03 15:44:23 +02:00
|
|
|
if not WOService.restart_service(self, 'redis-server'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/redis"], msg="Rollback Redis")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/redis"], msg="Adding Redis into Git")
|
2019-08-31 12:18:16 +02:00
|
|
|
|
2019-08-31 12:47:35 +02:00
|
|
|
# ClamAV configuration
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_clamav).issubset(set(apt_packages)):
|
2019-08-31 14:23:29 +02:00
|
|
|
Log.debug(self, "Setting up freshclam cronjob")
|
2019-08-31 12:47:35 +02:00
|
|
|
if not os.path.isfile("/opt/freshclam.sh"):
|
2019-08-31 14:27:47 +02:00
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '/opt/freshclam.sh',
|
2019-08-31 12:47:35 +02:00
|
|
|
'freshclam.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOFileUtils.chmod(self, "/opt/freshclam.sh", 0o775)
|
2019-08-31 14:27:47 +02:00
|
|
|
WOCron.setcron_weekly(self, '/opt/freshclam.sh '
|
|
|
|
|
'> /dev/null 2>&1',
|
|
|
|
|
comment='ClamAV freshclam cronjob '
|
|
|
|
|
'added by WordOps')
|
2019-08-26 18:05:26 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
if (packages):
|
2019-08-29 20:02:35 +02:00
|
|
|
# WP-CLI
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/usr/local/bin/wp' == x[1] for x in packages):
|
|
|
|
|
Log.debug(self, "Setting Privileges"
|
|
|
|
|
" to /usr/local/bin/wp file ")
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775)
|
|
|
|
|
|
2019-08-29 20:02:35 +02:00
|
|
|
# PHPMyAdmin
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/var/lib/wo/tmp/pma.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
WOExtract.extract(
|
|
|
|
|
self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/')
|
|
|
|
|
Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to '
|
|
|
|
|
'location /var/lib/wo/tmp/')
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/db'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Creating new directory "
|
|
|
|
|
"{0}22222/htdocs/db"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/db'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/db/pma/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.move('/var/lib/wo/tmp/phpmyadmin-STABLE/',
|
|
|
|
|
'{0}22222/htdocs/db/pma/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.copyfile('{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.sample.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, 'Setting Blowfish Secret Key '
|
|
|
|
|
'FOR COOKIE AUTH to '
|
|
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
blowfish_key = ''.join([random.choice
|
|
|
|
|
(string.ascii_letters +
|
|
|
|
|
string.digits)
|
2019-08-17 14:18:03 +02:00
|
|
|
for n in range(32)])
|
2019-08-05 09:45:08 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
'{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
"$cfg[\'blowfish_secret\']"
|
|
|
|
|
" = \'\';",
|
|
|
|
|
"$cfg[\'blowfish_secret\']"
|
|
|
|
|
" = \'{0}\';"
|
|
|
|
|
.format(blowfish_key))
|
|
|
|
|
Log.debug(self, 'Setting HOST Server For Mysql to '
|
|
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
'{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
"$cfg[\'Servers\'][$i][\'host\']"
|
|
|
|
|
" = \'localhost\';", "$cfg"
|
2019-08-23 17:11:43 +02:00
|
|
|
"[\'Servers\'][$i][\'host\'] "
|
|
|
|
|
"= \'{0}\';"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_mysql_host))
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Setting Privileges of webroot permission to '
|
2019-08-17 13:40:28 +02:00
|
|
|
'{0}22222/htdocs/db/pma file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 04:56:33 +02:00
|
|
|
recursive=True)
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# composer install and phpmyadmin update
|
|
|
|
|
if any('/var/lib/wo/tmp/composer-install' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Installing composer")
|
2019-08-05 09:45:08 +02:00
|
|
|
WOShellExec.cmd_exec(self, "php -q /var/lib/wo"
|
|
|
|
|
"/tmp/composer-install "
|
|
|
|
|
"--install-dir=/var/lib/wo/tmp/")
|
|
|
|
|
shutil.copyfile('/var/lib/wo/tmp/composer.phar',
|
|
|
|
|
'/usr/local/bin/composer')
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.valide(self, "Installing composer")
|
2019-09-01 13:59:27 +02:00
|
|
|
if ((os.path.isdir("/var/www/22222/htdocs/db/pma")) and
|
|
|
|
|
(not os.path.isfile('/var/www/22222/htdocs/db/'
|
|
|
|
|
'pma/composer.lock'))):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Updating phpMyAdmin")
|
2019-08-31 14:18:38 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "/usr/local/bin/composer update "
|
2019-09-21 16:42:49 +02:00
|
|
|
"--no-plugins --no-scripts -n --no-dev -d "
|
|
|
|
|
"/var/www/22222/htdocs/db/pma/")
|
2019-08-31 14:18:38 +02:00
|
|
|
WOFileUtils.chown(
|
|
|
|
|
self, '{0}22222/htdocs/db/pma'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.valide(self, "Updating phpMyAdmin")
|
2019-08-31 14:18:38 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/cache/'
|
|
|
|
|
'redis/phpRedisAdmin'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-31 14:18:38 +02:00
|
|
|
Log.debug(self, "Creating new directory "
|
|
|
|
|
"{0}22222/htdocs/cache/redis"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-31 14:18:38 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 13:59:27 +02:00
|
|
|
if not os.path.isfile('/var/www/22222/htdocs/cache/redis/'
|
|
|
|
|
'phpRedisAdmin/composer.lock'):
|
2019-09-21 16:42:49 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "/usr/local/bin/composer "
|
|
|
|
|
"create-project --no-plugins --no-scripts -n -s dev "
|
|
|
|
|
"erik-dubbelboer/php-redis-admin "
|
|
|
|
|
"/var/www/22222/htdocs/cache/redis/phpRedisAdmin")
|
2019-09-01 13:59:27 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 13:59:27 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
2019-08-31 14:18:38 +02:00
|
|
|
|
2019-08-29 20:02:35 +02:00
|
|
|
# MySQLtuner
|
2019-08-16 22:44:47 +02:00
|
|
|
if any('/usr/bin/mysqltuner' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "CHMOD MySQLTuner in /usr/bin/mysqltuner")
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775)
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# netdata install
|
|
|
|
|
if any('/var/lib/wo/tmp/kickstart.sh' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Installing Netdata")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "bash /var/lib/wo/tmp/kickstart.sh "
|
|
|
|
|
"--dont-wait", errormsg='', log=False)
|
|
|
|
|
Log.valide(self, "Installing Netdata")
|
2019-09-01 13:59:27 +02:00
|
|
|
if os.path.isdir('/etc/netdata'):
|
|
|
|
|
wo_netdata = "/"
|
|
|
|
|
elif os.path.isdir('/opt/netdata'):
|
|
|
|
|
wo_netdata = "/opt/netdata/"
|
|
|
|
|
# disable mail notifications
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}etc/netdata/orig/health_alarm_notify.conf"
|
|
|
|
|
.format(wo_netdata),
|
|
|
|
|
'SEND_EMAIL="YES"',
|
|
|
|
|
'SEND_EMAIL="NO"')
|
|
|
|
|
# make changes persistant
|
|
|
|
|
WOFileUtils.copyfile(
|
|
|
|
|
self, "{0}etc/netdata/orig/"
|
|
|
|
|
"health_alarm_notify.conf"
|
|
|
|
|
.format(wo_netdata),
|
|
|
|
|
"{0}etc/netdata/health_alarm_notify.conf"
|
|
|
|
|
.format(wo_netdata))
|
|
|
|
|
# check if mysql credentials are available
|
|
|
|
|
if WOShellExec.cmd_exec(self, "mysqladmin ping"):
|
|
|
|
|
try:
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self,
|
|
|
|
|
"create user 'netdata'@'localhost';",
|
|
|
|
|
log=False)
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self,
|
|
|
|
|
"grant usage on *.* to 'netdata'@'localhost';",
|
|
|
|
|
log=False)
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self, "flush privileges;",
|
|
|
|
|
log=False)
|
2019-09-24 00:11:26 +02:00
|
|
|
except Exception as e:
|
2019-09-01 13:59:27 +02:00
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.info(
|
|
|
|
|
self, "fail to setup mysql user for netdata")
|
|
|
|
|
WOFileUtils.chown(self, '{0}etc/netdata'
|
|
|
|
|
.format(wo_netdata),
|
|
|
|
|
'netdata',
|
|
|
|
|
'netdata',
|
|
|
|
|
recursive=True)
|
|
|
|
|
WOService.restart_service(self, 'netdata')
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
# WordOps Dashboard
|
|
|
|
|
if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-01 16:50:13 +02:00
|
|
|
Log.debug(self, "Extracting wo-dashboard.tar.gz "
|
|
|
|
|
"to location {0}22222/htdocs/"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOExtract.extract(self, '/var/lib/wo/tmp/'
|
|
|
|
|
'wo-dashboard.tar.gz',
|
|
|
|
|
'{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | "
|
|
|
|
|
"grep -oP \"dev [^[:space:]]+ \" "
|
|
|
|
|
"| cut -d ' ' -f 2").read()
|
|
|
|
|
if (wo_wan != 'eth0' and wo_wan != ''):
|
|
|
|
|
WOFileUtils.searchreplace(self,
|
2019-09-22 14:11:12 +02:00
|
|
|
"{0}22222/htdocs/index.html"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 16:50:13 +02:00
|
|
|
"eth0",
|
|
|
|
|
"{0}".format(wo_wan))
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Setting Privileges to "
|
2019-09-01 16:50:13 +02:00
|
|
|
"{0}22222/htdocs"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 04:56:33 +02:00
|
|
|
recursive=True)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-09-01 16:50:13 +02:00
|
|
|
# Extplorer FileManager
|
|
|
|
|
if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "Extracting extplorer.tar.gz "
|
|
|
|
|
"to location {0}22222/htdocs/files"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz',
|
|
|
|
|
'/var/lib/wo/tmp/')
|
|
|
|
|
shutil.move('/var/lib/wo/tmp/extplorer-{0}'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_extplorer),
|
2019-09-01 16:50:13 +02:00
|
|
|
'{0}22222/htdocs/files'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
Log.debug(self, "Setting Privileges to "
|
|
|
|
|
"{0}22222/htdocs/files"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 16:50:13 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# webgrind
|
|
|
|
|
if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "Extracting file webgrind.tar.gz to "
|
|
|
|
|
"location /var/lib/wo/tmp/ ")
|
|
|
|
|
WOExtract.extract(
|
|
|
|
|
self, '/var/lib/wo/tmp/webgrind.tar.gz',
|
|
|
|
|
'/var/lib/wo/tmp/')
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Creating directroy "
|
|
|
|
|
"{0}22222/htdocs/php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/php/webgrind'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.move('/var/lib/wo/tmp/webgrind-master/',
|
|
|
|
|
'{0}22222/htdocs/php/webgrind'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-08-31 14:18:38 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"/usr/local/bin/dot", "/usr/bin/dot")
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"Europe/Copenhagen",
|
2019-10-02 13:13:32 +02:00
|
|
|
WOVar.wo_timezone)
|
2019-08-31 14:18:38 +02:00
|
|
|
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"90", "100")
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
Log.debug(self, "Setting Privileges of webroot permission to "
|
|
|
|
|
"{0}22222/htdocs/php/webgrind/ file "
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 09:45:08 +02:00
|
|
|
recursive=True)
|
|
|
|
|
# anemometer
|
|
|
|
|
if any('/var/lib/wo/tmp/anemometer.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "Extracting file anemometer.tar.gz to "
|
|
|
|
|
"location /var/lib/wo/tmp/ ")
|
|
|
|
|
WOExtract.extract(
|
|
|
|
|
self, '/var/lib/wo/tmp/anemometer.tar.gz',
|
|
|
|
|
'/var/lib/wo/tmp/')
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/db/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Creating directory")
|
|
|
|
|
os.makedirs('{0}22222/htdocs/db/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/db/anemometer'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.move('/var/lib/wo/tmp/Anemometer-master',
|
|
|
|
|
'{0}22222/htdocs/db/anemometer'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
chars = ''.join(random.sample(string.ascii_letters, 8))
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db'
|
|
|
|
|
'/anemometer/install.sql'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-15 14:47:58 +02:00
|
|
|
except Exception as e:
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "{0}".format(e))
|
2019-09-15 14:47:58 +02:00
|
|
|
Log.error(self, "failed to configure Anemometer",
|
|
|
|
|
exit=False)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
WOMysql.execute(self, 'grant select on'
|
|
|
|
|
' *.* to \'anemometer\''
|
|
|
|
|
'@\'{0}\' IDENTIFIED'
|
|
|
|
|
' BY \'{1}\''.format(self.app.config.get
|
|
|
|
|
('mysql',
|
|
|
|
|
'grant-host'),
|
|
|
|
|
chars))
|
|
|
|
|
Log.debug(self, "grant all on slow-query-log.*"
|
|
|
|
|
" to anemometer@root_user"
|
|
|
|
|
" IDENTIFIED BY password ")
|
2019-08-31 14:18:38 +02:00
|
|
|
WOMysql.execute(
|
|
|
|
|
self, 'grant all on slow_query_log.* to'
|
|
|
|
|
'\'anemometer\'@\'{0}\' IDENTIFIED'
|
|
|
|
|
' BY \'{1}\''.format(self.app.config.get(
|
|
|
|
|
'mysql', 'grant-host'),
|
|
|
|
|
chars),
|
|
|
|
|
errormsg="cannot grant priviledges",
|
|
|
|
|
log=False)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
# Custom Anemometer configuration
|
|
|
|
|
Log.debug(self, "configration Anemometer")
|
2019-10-02 13:13:32 +02:00
|
|
|
data = dict(host=WOVar.wo_mysql_host, port='3306',
|
2019-08-05 09:45:08 +02:00
|
|
|
user='anemometer', password=chars)
|
2019-09-25 14:30:29 +02:00
|
|
|
WOTemplate.deploy(self, '{0}22222/htdocs/db/anemometer'
|
|
|
|
|
'/conf/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-25 14:30:29 +02:00
|
|
|
'anemometer.mustache', data)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-08-26 18:05:26 +02:00
|
|
|
# pt-query-advisor
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/usr/bin/pt-query-advisor' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775)
|
2019-09-27 01:19:45 +02:00
|
|
|
|
|
|
|
|
# ngxblocker
|
|
|
|
|
if any('/usr/local/sbin/install-ngxblocker' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
WOFileUtils.chmod(
|
|
|
|
|
self, "/usr/local/sbin/install-ngxblocker", 0o700)
|
|
|
|
|
WOShellExec.cmd_exec(self, '/usr/local/sbin/install-ngxblocker -x')
|
|
|
|
|
WOFileUtils.chmod(
|
|
|
|
|
self, "/usr/local/sbin/update-ngxblocker", 0o700)
|
2019-10-23 01:59:10 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def pre_stack(self):
|
|
|
|
|
"""Inital server configuration and tweak"""
|
|
|
|
|
# wo sysctl tweaks
|
|
|
|
|
Log.wait(self, 'Applying Linux tweaks')
|
|
|
|
|
wo_arch = os.uname()[4]
|
|
|
|
|
if os.path.isfile('/proc/1/environ'):
|
|
|
|
|
wo_lxc = WOFileUtils.grepcheck(
|
|
|
|
|
self, '/proc/1/environ', 'container=lxc')
|
|
|
|
|
wo_wsl = WOFileUtils.grepcheck(
|
|
|
|
|
self, '/proc/1/environ', 'wsl')
|
|
|
|
|
if os.path.isfile('/etc/sysctl.d/60-ubuntu-nginx-web-server.conf'):
|
|
|
|
|
WOFileUtils.rm(self, '/etc/sysctl.d/60-ubuntu-nginx-web-server.conf')
|
|
|
|
|
if wo_arch == 'x86_64':
|
|
|
|
|
if (wo_lxc is not True) and (wo_wsl is not True):
|
|
|
|
|
data = dict()
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/sysctl.d/60-wo-tweaks.conf',
|
|
|
|
|
'sysctl.mustache', data, True)
|
|
|
|
|
if (WOVar.wo_platform_codename == 'bionic' or
|
|
|
|
|
WOVar.wo_platform_codename == 'disco' or
|
|
|
|
|
WOVar.wo_platform_codename == 'buster'):
|
|
|
|
|
if WOShellExec.cmd_exec(self, 'modprobe tcp_bbr'):
|
|
|
|
|
with open("/etc/modules-load.d/bbr.conf",
|
|
|
|
|
encoding='utf-8', mode='w') as bbr_file:
|
|
|
|
|
bbr_file.write('tcp_bbr')
|
|
|
|
|
with open("/etc/sysctl.d/60-wo-tweaks.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as sysctl_file:
|
|
|
|
|
sysctl_file.write(
|
|
|
|
|
'\nnet.ipv4.tcp_congestion_control = bbr'
|
|
|
|
|
'\nnet.ipv4.tcp_notsent_lowat = 16384')
|
|
|
|
|
else:
|
|
|
|
|
if WOShellExec.cmd_exec(self, 'modprobe tcp_htcp'):
|
|
|
|
|
with open("/etc/modules-load.d/htcp.conf",
|
|
|
|
|
encoding='utf-8', mode='w') as bbr_file:
|
|
|
|
|
bbr_file.write('tcp_htcp')
|
|
|
|
|
with open("/etc/sysctl.d/60-wo-tweaks.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as sysctl_file:
|
|
|
|
|
sysctl_file.write(
|
|
|
|
|
'\nnet.ipv4.tcp_congestion_control = htcp')
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, 'sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf')
|
|
|
|
|
# sysctl tweak service
|
2019-10-23 02:30:23 +02:00
|
|
|
data = dict()
|
2019-10-23 01:59:10 +02:00
|
|
|
if not os.path.isfile('/opt/wo-kernel.sh'):
|
|
|
|
|
WOTemplate.deploy(self, '/opt/wo-kernel.sh',
|
|
|
|
|
'wo-kernel-script.mustache', data)
|
|
|
|
|
if not os.path.isfile('/lib/systemd/system/wo-kernel.service'):
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/lib/systemd/system/wo-kernel.service',
|
2019-10-23 02:30:23 +02:00
|
|
|
'wo-kernel-service.mustache', data)
|
2019-10-23 01:59:10 +02:00
|
|
|
WOShellExec.cmd_exec(self, 'systemctl enable wo-kernel.service')
|
|
|
|
|
WOShellExec.cmd_exec(self, 'systemctl start wo-kernel.service')
|
|
|
|
|
# open_files_limit tweak
|
|
|
|
|
if not WOFileUtils.grepcheck(self, '/etc/security/limits.conf', '500000'):
|
|
|
|
|
with open("/etc/security/limits.conf",
|
|
|
|
|
encoding='utf-8', mode='w') as limit_file:
|
|
|
|
|
limit_file.write(
|
|
|
|
|
'* hard nofile 500000\n'
|
|
|
|
|
'* soft nofile 500000\n'
|
|
|
|
|
'root hard nofile 500000\n'
|
|
|
|
|
'root soft nofile 500000\n')
|
|
|
|
|
Log.valide(self, 'Applying Linux tweaks')
|
