WPIQ/install

#!/bin/bash
# -------------------------------------------------------------------------
# WordOps install and update script
# -------------------------------------------------------------------------
# Website:       https://wordops.io
# GitHub:        https://github.com/WordOps/WordOps
# Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T
# -------------------------------------------------------------------------
# Version 3.9.4 - 2019-03-22
# -------------------------------------------------------------------------
readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.3"
# CONTENTS
# ---
# 1. VARIABLES AND DECLARATIONS
# 2. PREPARE FOR INSTALLATION
# 3. INSTALLATION
# 4.

###
# 1 - Set the CLI output colors
###

TPUT_RESET=$(tput sgr0)
TPUT_FAIL=$(tput setaf 1)
TPUT_INFO=$(tput setaf 7)
TPUT_ECHO=$(tput setaf 4)

wo_lib_echo() {

    echo "${TPUT_ECHO}${*}${TPUT_RESET}"
}

wo_lib_echo_info() {

    echo "${TPUT_INFO}${*}${TPUT_RESET}"
}

wo_lib_echo_fail() {

    echo "${TPUT_FAIL}${*}${TPUT_RESET}"
}

###
# 1 - Capture errors
###

wo_lib_error() {
    echo "[ $(date) ] ${TPUT_FAIL}${*}${TPUT_RESET}"
    exit "$2"
}

###
# 1 - Check whether the installation is called with elevated rights
###
if [[ $EUID -ne 0 ]]; then
    wo_lib_echo_fail "Sudo privilege required..."
    wo_lib_echo_fail "Use: wget -qO wo wordops.se/tup && sudo bash wo"
    exit 100
fi

echo ""
wo_lib_echo "Welcome to WordOps install script v${wo_version_new}"
echo ""

###
# 1- Update the apt sewers with fresh info
###
wo_lib_echo "Updating apt-get repository info"
apt-get update -qq

###
# 1- Check whether lsb_release is installed, and if not, install it
###
if [ -z "$(command -v lsb_release)" ]; then
    wo_lib_echo "Installing lsb-release, please wait..."
    apt-get -y install lsb-release -qq
fi

###
# 1 - Define variables for later use
###
wo_branch="$1"
readonly wo_log_dir=/var/log/wo/
readonly wo_backup_dir=/var/lib/wo-backup
readonly wo_install_log=/var/log/wo/install.log
readonly wo_linux_distro=$(lsb_release -is)
readonly wo_distro_version=$(lsb_release -sc)
readonly wo_distro_id=$(lsb_release -rs)
TIME_FORMAT='%d-%b-%Y-%H%M%S'
TIME=$(date +"$TIME_FORMAT")
NGINX_BACKUP_FILE="/var/lib/wo-backup/nginx-backup.$TIME.tar.gz"
EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.gz"
WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz"

if [ -x /usr/local/bin/ee ]; then
    migration=1
else
    migration=0
fi

###
# 1 - Checking linux distro
###
if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then
    wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment."
    wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support"
    wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives."
    exit 100
else
    check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|jessie|stretch")
    if [ -z "$check_wo_linux_distro" ]; then
        wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04, Debian 8.x and Debian 9.x"
        exit 100
    fi
fi

###
# 1 - To prevent errors or unexpected behaviour, create the log and ACL it
###
if [ ! -d "$wo_log_dir" ]; then

    wo_lib_echo "Creating WordOps log directory, just a second..."
    mkdir -p "$wo_log_dir" || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $?

    wo_lib_echo "Creating WordOps backup directory, just a second..."
    mkdir -p "$wo_backup_dir" || wo_lib_error "Whoops - seems we are unable to create the backup directory $wo_backup_dir, exit status " $?
    chmod -R 600 "$wo_backup_dir"

    # create wordops log files
    touch /var/log/wo/{wordops.log,install.log}

    chmod -R 700 /var/log/wo || wo_lib_error "Whoops, there was an error setting the permissions on the WordOps log folder, exit status " $?
fi

###
# 2 - Setup the dependencies for installation
####
wo_install_dep() {

    {
        if [ "$wo_linux_distro" == "Ubuntu" ]; then
            DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban cron ccze rsync tree > /dev/null 2>&1
        else
            wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
            DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 fail2ban cron ccze rsync tree > /dev/null 2>&1
        fi

        locale-gen en
    } >> "$wo_install_log" 2>&1
    # Support PFS
    if [ -f /etc/nginx/nginx.conf ]; then
        # Replace previous ciphers
        new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
        sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
        # Change the TLS protocols
        sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf
    fi

    # Let's Encrypt .well-known folder setup
    if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
        mkdir -p /var/www/html/.well-known/acme-challenge
        chown -R www-data:www-data /var/www/html /var/www/html/.well-known
        chmod 750 /var/www/html /var/www/html/.well-known
    fi
}

###
# 3 - Create/migrate the essentials
###
wo_sync_db() {
    ###
    # Switching from EE -> WO
    ###
    if [ ! -f /var/lib/wo/dbase.db ]; then
        # Create the WordOps folder
        mkdir -p /var/lib/wo

        if [ -f /var/lib/ee/ee.db ]; then
            # Copy the EasyEngine database
            cp /var/lib/ee/ee.db /var/lib/wo/dbase-ee.db

            # Set the migration variable for the closing text
            migration=1

            ###
            # Clean WO installation
            ###

            cp /var/lib/ee/ee.db /var/lib/wo/dbase.db
        else

            # Create an empty database for WordOps
            echo "CREATE TABLE sites (
           id INTEGER PRIMARY KEY     AUTOINCREMENT,
           sitename UNIQUE,
           site_type CHAR,
           cache_type CHAR,
           site_path  CHAR,
           created_on TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
           is_enabled INT,
           is_ssl INT,
           storage_fs CHAR,
           storage_db CHAR,
           db_name VARCHAR,
           db_user VARCHAR,
           db_password VARCHAR,
           db_host VARCHAR,
           is_hhvm INT INT DEFAULT '0',
           php_version VARCHAR
            );" | sqlite3 /var/lib/wo/dbase.db

            # Check site is enable/live or disable
            AV_SITES="$(basename -a /etc/nginx/sites-available/* | grep -v default)"
            for site in $AV_SITES; do
                if [ -h "/etc/nginx/sites-enabled/$site" ]; then
                    wo_site_status='1'
                else
                    wo_site_status='0'
                fi

                # Acquire information about the current nginx configuration

                wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}')

                if [ "$(echo "$wo_site_current_type" | grep php)" ]; then
                    if [ "$(echo "$wo_site_current_type" | grep php7)" ]; then
                        wo_php_version="7.0"
                    else
                        wo_php_version="5.6"
                    fi
                else
                    wo_php_version=""
                fi

                if [ "$(echo "$wo_site_current_type" | grep redis)" ]; then
                    wo_site_current_cache="wpredis"
                elif [ -z "$(echo "$wo_site_current_type" | grep wpsc)" ]; then
                    wo_site_current_cache="wpsc"
                elif [ -z "$(echo "$wo_site_current_type" | grep wpfc)" ]; then
                    wo_site_current_cache="wpfc"
                else
                    wo_site_current_cache="basic"
                fi

                if [ "$(echo "$wo_site_current_type" | grep wp)" ]; then
                    if [ -z "$(echo "$wo_site_current_type" | grep wpsubdir)" ]; then
                        wo_site_current="wpsubdir"
                    elif [ -z "$(echo "$wo_site_current_type" | grep wpsudomain)" ]; then
                        wo_site_current="wpsubdomain"
                    else
                        wo_site_current="wp"
                    fi
                else
                    if [ -z "$(echo "$wo_site_current_type" | grep location)" ]; then
                        wo_site_current="proxy"
                    elif [ -z "$(echo "$wo_site_current_type" | grep php)" ]; then
                        wo_site_current="html"
                    else
                        if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then
                            wo_site_current="mysql"
                        else
                            wo_site_current="php"
                        fi
                    fi
                fi

            done

            wo_webroot="/var/www/$site"

            # Import the configuration into the WordOps SQLite database
            echo "INSERT INTO sites (sitename, site_type, cache_type, site_path, is_enabled, is_ssl, storage_fs, storage_db)
            VALUES (\"$site\", \"$wo_site_current\", \"$wo_site_current_cache\", \"$wo_webroot\", \"$wo_site_status\", 0, 'ext4', 'mysql');" | sqlite3 /var/lib/wo/dbase.db

            wo_lib_echo "Updating WordOps Database"
            echo "ALTER TABLE sites ADD COLUMN db_name varchar;" | sqlite3 /var/lib/wo/dbase.db
            echo "ALTER TABLE sites ADD COLUMN db_user varchar; " | sqlite3 /var/lib/wo/dbase.db
            echo "ALTER TABLE sites ADD COLUMN db_password varchar;" | sqlite3 /var/lib/wo/dbase.db
            echo "ALTER TABLE sites ADD COLUMN db_host varchar;" | sqlite3 /var/lib/wo/dbase.db
            echo "ALTER TABLE sites ADD COLUMN is_hhvm INT DEFAULT '0';" | sqlite3 /var/lib/wo/dbase.db
            echo "ALTER TABLE sites ADD COLUMN php_version varchar DEFAULT \"$wo_php_version\";" | sqlite3 /var/lib/wo/dbase.db
        fi

        #        echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db
        #        echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db
    fi
}

# Once again, set the proper ACL on the WordOps configuration directory
secure_wo_db() {

    # The owner is root
    chown -R root:root /var/lib/wo/
    # Only allow access by root, block others
    chmod -R 600 /var/lib/wo/

}

# Update the WP-CLI version
wo_update_wp_cli() {
    {
        WP_CLI_PATH=$(command -v wp)
        if [ -n "$WP_CLI_PATH" ]; then
            rm -rf "$WP_CLI_PATH"
            # Update WP-CLI to the most recent version
            wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
            chmod +x /usr/local/bin/wp
        else
            wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
            chmod +x /usr/local/bin/wp
        fi
        [ ! -h /usr/bin/wp ] && {
            ln -s /usr/local/bin/wp /usr/bin/
        }
        [ ! -f /etc/bash_completion.d/wp-completion.bash ] && {
            wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash
        }
    } >> "$wo_install_log" 2>&1
}

wo_install_acme_sh() {
    # check if acme.sh is already installed
    if [ ! -d /opt/acme.sh ]; then
        {
            # clone the git repository
            git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q
            cd /opt/acme.sh || exit 1
            # create conf directories
            [ ! -d /etc/letsencrypt/config ] && {
                mkdir -p /etc/letsencrypt/config
            }
            [ ! -d /etc/letsencrypt/live ] && {
                mkdir -p /etc/letsencrypt/live
            }
            [ ! -d /etc/letsencrypt/renewal ] && {
                mkdir -p /etc/letsencrypt/renewal
            }
            # install acme.sh
            ./acme.sh --install \
                --home /etc/letsencrypt \
                --config-home /etc/letsencrypt/config \
                --cert-home /etc/letsencrypt/renewal
            # enable auto-upgrade
            /etc/letsencrypt/acme.sh --config-home /etc/letsencrypt/config --upgrade --auto-upgrade

            # Let's Encrypt .well-known folder setup
            if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
                mkdir -p /var/www/html/.well-known/acme-challenge
                chown -R www-data:www-data /var/www/html /var/www/html/.well-known
                chmod 750 /var/www/html /var/www/html/.well-known
            else
                chmod 750 /var/www/html /var/www/html/.well-known
            fi

        } >> "$wo_install_log" 2>&1
    fi
    if [ -d "$HOME/.acme/.sh" ]; then
        {
            rsync -az --exclude="account.conf" \
                --exclude="acme.sh" \
                --exclude="acme.sh.env" \
                --exclude="deploy" \
                --exclude="dnsapi" \
                --exclude="http.header" \
                --exclude="ca" \
                "$HOME/.acme.sh/" \
                /etc/letsencrypt/renewal/
        } >> "$wo_install_log" 2>&1
    fi
}

# Now, finally, let's install WordOps
wo_install() {
    {
        rm -rf /tmp/easyengine
        rm -rf /tmp/wordops

        [ -z "$wo_branch" ] && {
            wo_branch=master
        }

        git clone -b "$wo_branch" https://github.com/WordOps/WordOps.git /tmp/wordops --quiet

        cd /tmp/wordops || exit 1
    } >> "$wo_install_log" 2>&1
    python3 setup.py install

}


wo_upgrade_nginx() {

    {

        if [ -d /var/lib/wo-backup/nginx ]; then
            tar -I pigz "$NGINX_BACKUP_FILE" /var/lib/wo-backup/nginx
            rm -rf /var/lib/wo-backup/nginx
        fi
        # backup nginx conf
        /usr/bin/rsync -az /etc/nginx/ /var/lib/wo-backup/nginx/

        # chec if the package nginx-ee is installed
        CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
        CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo)
        CHECK_PHP72=$(dpkg --list | grep php7.2-fpm)
        CHECK_PHP73=$(dpkg --list | grep php7.3-fpm)

        # add new Nginx repository
        if [ "$wo_linux_distro" = "Ubuntu" ]; then
            wget -qO /tmp/nginx-wo.key "https://download.opensuse.org/repositories/home:virtubox:WordOps/xUbuntu_${wo_distro_id}/Release.key"
        else
            if [ "$wo_distro_version" == "jessie" ]; then
                wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key
            else
                wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key
            fi
        fi
        # import the respository key for updates
        apt-key add - < /tmp/nginx-wo.key
        rm -f /tmp/nginx-wo.key
        sudo apt-get update

        # stop nginx
        service nginx stop

        # prevent apt preference to block install
        [ -f /etc/apt/preferences.d/nginx-block ] && {
            mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block"
        }

        # install new nginx package
        if [ -x /usr/local/bin/wo ]; then

            if [ -n "$CHECK_NGINX_EE" ]; then
                # remove previous package
                apt-mark unhold nginx-ee nginx-common nginx-custom
                apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom --purge
                rm -rf /etc/nginx
            elif [ -n "$CHECK_NGINX_WO" ]; then
                apt-mark unhold nginx-wo nginx-common nginx-custom
                apt-get -y -qq autoremove nginx-wo nginx-common nginx-custom --purge
                rm -rf /etc/nginx
            fi

            # remove previous php-fpm pool configuration
            if [ -n "$CHECK_PHP72" ]; then
                apt-get remove php7.2-fpm -y -qq --purge
                rm -f /etc/php/7.2/fpm/pool.d/*
            fi
            /usr/local/bin/wo stack install --nginx --php
            if [ -n "$CHECK_PHP73" ]; then
                apt-get remove php7.3-fpm -y -qq --purge
                rm -f /etc/php/7.3/fpm/pool.d/*
                /usr/local/bin/wo stack install --php73
            fi
        fi

        # restore sites and configuration
        /usr/bin/rsync -auz /var/lib/wo-backup/nginx/ /etc/nginx/

        # update redis.conf headers
        if [ -f /etc/nginx/common/redis.conf ]; then
            sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf
            sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf

        fi

        VERIFY_NGINX_CONFIG=$(nginx -t 2>&1 | grep failed)
        # check if nginx -t do not return errors
        if [ -z "$VERIFY_NGINX_CONFIG" ]; then
            systemctl stop nginx
            systemctl start nginx
        else
            VERIFY_NGINX_BUCKET=$(nginx -t 2>&1 | grep "server_names_hash_bucket_size")
            if [ -n "$VERIFY_NGINX_BUCKET" ]; then
                sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g" /etc/nginx/nginx.conf
            fi
            systemctl stop nginx
            systemctl start nginx
        fi

        # set back apt preference
        [ -f "$HOME/nginx-block" ] && {
            mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block
        }

    } >> "$wo_install_log" 2>&1

}

wo_update_latest() {

    if [ -f /etc/nginx/fastcgi_params ]; then
        CHECK_HTTP_PROXY=$(grep 'HTTP_PROXY' /etc/nginx/fastcgi_params)
        if [ -z "$CHECK_HTTP_PROXY" ]; then
            echo 'fastcgi_param  HTTP_PROXY         "";' >> /etc/nginx/fastcgi_params
            echo 'fastcgi_param  HTTP_PROXY         "";' >> /etc/nginx/fastcgi.conf
            service nginx restart | tee -ai $wo_install_log
        fi
    fi

    if [ -f /etc/ImageMagick/policy.xml ]; then
        if [ ! -f /etc/ImageMagick/patch.txt ]; then
            echo -e "\t<policy domain="coder" rights="none" pattern="EPHEMERAL" />\n\t<policy domain="coder" rights="none" pattern="URL" />\n\t<policy domain="coder" rights="none" pattern="HTTPS" />\n\t<policy domain="coder" rights="none" pattern="MVG" />\n\t<policy domain="coder" rights="none" pattern="MSL" />" >> /etc/ImageMagick/patch.txt
            sed -i '/<policymap>/r /etc/ImageMagick/patch.txt' /etc/ImageMagick/policy.xml
        fi
    fi

    # Move ~/.my.cnf to /etc/mysql/conf.d/my.cnf
    if [ ! -f /etc/mysql/conf.d/my.cnf ]; then
        # create conf.d folder if not exist
        [ ! -d /etc/mysql/conf.d ] && {
            mkdir -p /etc/mysql/conf.d
            chmod 755 /etc/mysql/conf.d
        }
        if [ -f $HOME/.my.cnf ]; then
            cp -f $HOME/.my.cnf /etc/mysql/conf.d/my.cnf
            chmod 600 /etc/mysql/conf.d/my.cnf

        elif [ -f /root/.my.cnf ]; then
            cp -f /root/.my.cnf /etc/mysql/conf.d/my.cnf
            chmod 600 /etc/mysql/conf.d/my.cnf
        fi
    else
        if [ ! -f /root/.my.cnf ]; then
            cp /etc/mysql/conf.d/my.cnf /root/.my.cnf
            chmod 600 /root/.my.cnf
        fi
    fi
    # Fix WordPress example.html issue
    # Ref: http://wptavern.com/xss-vulnerability-in-jetpack-and-the-twenty-fifteen-default-theme-affects-millions-of-wordpress-users
    CHECK_DEINSTALL_NGINX=$(dpkg --get-selections | grep -v deinstall | grep nginx)
    if [ -z "$CHECK_DEINSTALL_NGINX" ]; then
        cp /usr/lib/wo/templates/locations.mustache /etc/nginx/common/locations-php72.conf

    fi

    # Fix Redis-server security issue
    # http://redis.io/topics/security
    if [ -f /etc/redis/redis.conf ]; then
        grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1

        if [ "$?" -ne 0 ]; then
            sed -i '$ a bind 127.0.0.1' /etc/redis/redis.conf &

            service redis-server restart > /dev/null 2>&1

        fi
    fi

}

# Do git intialisation
wo_git_init() {
    # Nginx under git version control
    [ -d /etc/nginx ] && {
        cd /etc/nginx || exit 1
        if [ ! -d /etc/nginx/.git ]; then
            git init
        fi
        git add -A .
        git commit -am "Updated Nginx"
    } >> /var/log/wo/install.log 2>&1
    # WordOps under git version control
    [ -d /etc/wo ] && {
        cd /etc/wo || exit 1
        [ ! -d /etc/wo/.git ] && {
            git init
        }
        git add -A .
        git commit -am "Installed/Updated to WordOps"
    } >> /var/log/wo/install.log 2>&1
    # PHP under git version control
    [ -d /etc/php ] && {
        cd /etc/php || exit 1
        if [ ! -d /etc/php/.git ]; then
            git init
        fi
        git add -A .
        git commit -am "Updated PHP"
    } >> /var/log/wo/install.log 2>&1
}

wo_backup_ee() {
    tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee >> /var/log/wo/install.log 2>&1
}

wo_backup_wo() {
    tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo >> /var/log/wo/install.log 2>&1
}

wo_clean_ee() {
    rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee >> /var/log/wo/install.log 2>&1
}

###
# 4 - WO MAIN SETUP
###

# 1 - WO already installed
if [ -x /usr/local/bin/wo ]; then
    wo -v 2>&1 | grep $wo_version_new
    if [[ $? -ne 0 ]]; then
        read -p "Update WordOps to $wo_version_new (y/n): " wo_ans
        if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then
            wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
            wo_install_dep | tee -ai $wo_install_log
            wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log
            wo_backup_wo | tee -ai $wo_install_log
            wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
            secure_wo_db | tee -ai $wo_install_log
            wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
            wo_install >> wo_install_log 2>&1
            wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
            wo_upgrade_nginx | tee -ai $wo_install_log
            wo_update_latest | tee -ai $wo_install_log
            wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
            wo_install_acme_sh | tee -ai $wo_install_log
            wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
            wo_git_init | tee -ai $wo_install_log
            wo_update_wp_cli | tee -ai $wo_install_log
        else
            wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1
        fi
    else
        wo_lib_error "You already have WordOps $wo_version_new, exit status = " 1
    fi
else
    # 2 - Migration from EEv3
    if [ -x /usr/local/bin/ee ]; then
        read -p "Migrate from EasyEngine to WordOps (y/n): " wo_ans
        if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then
            wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
            wo_install_dep | tee -ai $wo_install_log
            wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log
            wo_backup_ee | tee -ai $wo_install_log
            wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
            wo_sync_db | tee -ai $wo_install_log
            secure_wo_db | tee -ai $wo_install_log
            wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
            wo_install >> wo_install_log 2>&1
            wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
            wo_upgrade_nginx | tee -ai $wo_install_log
            wo_update_latest | tee -ai $wo_install_log
            wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
            wo_install_acme_sh | tee -ai $wo_install_log
            wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
            wo_git_init | tee -ai $wo_install_log
            wo_update_wp_cli | tee -ai $wo_install_log
            wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log
            wo_clean_ee | tee -ai $wo_install_log
        else
            wo_lib_error "Not installing WordOps, exit status = " 1
        fi
    else
        # 3 - Fresh WO setup
        wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
        wo_install_dep | tee -ai $wo_install_log
        wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
        wo_install | tee -ai $wo_install_log
        wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
        wo_install_acme_sh | tee -ai $wo_install_log
        wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
        secure_wo_db | tee -ai $wo_install_log
        wo_git_init | tee -ai $wo_install_log
        wo_update_wp_cli | tee -ai $wo_install_log
    fi
fi

wo sync | tee -ai $wo_install_log

if [ "$migration" -eq "1" ]; then
    echo
    wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!"
    wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz"
    echo
    wo_lib_echo_info "For autocompletion, run the following command:"
    wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
    echo
    wo_lib_echo "WordOps (wo) help: https://wordops.io/docs"
else
    echo
    wo_lib_echo "For WordOps (wo) auto completion, run the following command"
    echo
    wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
    echo
    wo_lib_echo "Yay! WordOps (wo) installed/updated successfully"
    wo_lib_echo "WordOps (wo) help: https://wordops.io/docs"
fi