2019-08-05 04:56:33 +02:00
|
|
|
import configparser
|
|
|
|
|
import os
|
|
|
|
|
import random
|
|
|
|
|
import shutil
|
|
|
|
|
import string
|
2019-09-02 04:37:13 +02:00
|
|
|
|
2019-09-02 23:23:47 +02:00
|
|
|
import psutil
|
2019-08-05 04:56:33 +02:00
|
|
|
from wo.core.apt_repo import WORepo
|
|
|
|
|
from wo.core.aptget import WOAptGet
|
|
|
|
|
from wo.core.cron import WOCron
|
|
|
|
|
from wo.core.extract import WOExtract
|
|
|
|
|
from wo.core.fileutils import WOFileUtils
|
|
|
|
|
from wo.core.git import WOGit
|
|
|
|
|
from wo.core.logging import Log
|
|
|
|
|
from wo.core.mysql import WOMysql
|
|
|
|
|
from wo.core.services import WOService
|
|
|
|
|
from wo.core.shellexec import CommandExecutionError, WOShellExec
|
2019-09-21 16:42:49 +02:00
|
|
|
from wo.core.sslutils import SSL
|
2019-09-02 04:37:13 +02:00
|
|
|
from wo.core.template import WOTemplate
|
2019-10-02 13:13:32 +02:00
|
|
|
from wo.core.variables import WOVar
|
2019-12-03 19:48:18 +01:00
|
|
|
from wo.core.stackconf import WOConf
|
2020-04-23 16:36:30 +02:00
|
|
|
from wo.core.download import WODownload
|
2024-04-21 12:48:11 +02:00
|
|
|
from wo.core.checkfqdn import WOFqdn
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def pre_pref(self, apt_packages):
|
|
|
|
|
"""Pre settings to do before installation packages"""
|
|
|
|
|
|
2019-09-06 14:27:45 +02:00
|
|
|
if ("mariadb-server" in apt_packages or "mariadb-client" in apt_packages):
|
2026-02-09 11:39:33 +01:00
|
|
|
# add mariadb repository excepted on raspbian, trixie (uses native pkgs)
|
|
|
|
|
if not (WOVar.wo_distro == 'raspbian') and WOVar.wo_mysql_repo:
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.info(self, "Adding repository for MySQL, please wait...")
|
2019-11-11 19:06:11 +01:00
|
|
|
mysql_pref = (
|
2024-06-13 00:23:05 +02:00
|
|
|
"Package: *\nPin: origin deb.mariadb.org"
|
2019-11-11 19:06:11 +01:00
|
|
|
"\nPin-Priority: 1000\n")
|
2019-08-05 04:56:33 +02:00
|
|
|
with open('/etc/apt/preferences.d/'
|
|
|
|
|
'MariaDB.pref', 'w') as mysql_pref_file:
|
|
|
|
|
mysql_pref_file.write(mysql_pref)
|
2023-08-13 13:16:39 +02:00
|
|
|
if self.app.config.has_section('mariadb'):
|
|
|
|
|
mariadb_ver = self.app.config.get(
|
|
|
|
|
'mariadb', 'release')
|
2024-06-04 17:47:25 +02:00
|
|
|
wo_mysql_repo_conf = ("deb [signed-by=/etc/apt/keyrings/mariadb-keyring.pgp] "
|
2024-09-16 21:42:49 +02:00
|
|
|
"http://deb.mariadb.org/"
|
2024-06-04 17:47:25 +02:00
|
|
|
f"{mariadb_ver}/{WOVar.wo_distro} {WOVar.wo_platform_codename} main")
|
2023-08-13 13:16:39 +02:00
|
|
|
else:
|
|
|
|
|
wo_mysql_repo_conf = WOVar.wo_mysql_repo
|
|
|
|
|
# APT repositories
|
2024-06-07 14:53:50 +02:00
|
|
|
WORepo.add(self, repo_url=wo_mysql_repo_conf, repo_name="mariadb")
|
2020-10-22 14:34:03 +02:00
|
|
|
if ("mariadb-server" in apt_packages and
|
|
|
|
|
not os.path.exists('/etc/mysql/conf.d/my.cnf')):
|
2019-08-05 04:56:33 +02:00
|
|
|
# generate random 24 characters root password
|
|
|
|
|
chars = ''.join(random.sample(string.ascii_letters, 24))
|
|
|
|
|
# generate my.cnf root credentials
|
|
|
|
|
mysql_config = """
|
|
|
|
|
[client]
|
|
|
|
|
user = root
|
|
|
|
|
password = {chars}
|
2020-11-10 12:54:53 +01:00
|
|
|
socket = /run/mysqld/mysqld.sock
|
2019-08-05 04:56:33 +02:00
|
|
|
""".format(chars=chars)
|
|
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
config.read_string(mysql_config)
|
|
|
|
|
Log.debug(self, 'Writting configuration into MySQL file')
|
2020-10-22 11:15:20 +02:00
|
|
|
conf_path = "/etc/mysql/conf.d/my.cnf.tmp"
|
2019-08-05 04:56:33 +02:00
|
|
|
os.makedirs(os.path.dirname(conf_path), exist_ok=True)
|
2024-05-17 23:59:50 +02:00
|
|
|
with os.fdopen(os.open(conf_path, os.O_WRONLY | os.O_CREAT, 0o600), 'w', encoding='utf-8') as configfile:
|
2019-08-05 04:56:33 +02:00
|
|
|
config.write(configfile)
|
|
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# add OpenLiteSpeed repository
|
|
|
|
|
if set(WOVar.wo_ols).issubset(set(apt_packages)):
|
|
|
|
|
if not os.path.exists('/etc/apt/sources.list.d/openlitespeed.list'):
|
|
|
|
|
Log.info(self, "Adding repository for OpenLiteSpeed, please wait...")
|
|
|
|
|
Log.debug(self, 'Adding repository for OpenLiteSpeed')
|
|
|
|
|
WORepo.add(self, repo_url=WOVar.wo_ols_repo, repo_name="openlitespeed")
|
|
|
|
|
|
|
|
|
|
# add LSPHP repository (same as OLS repo)
|
|
|
|
|
lsphp_in_packages = False
|
|
|
|
|
for version in list(WOVar.wo_php_versions.values()):
|
|
|
|
|
short_ver = version.replace('.', '')
|
|
|
|
|
if 'lsphp{0}'.format(short_ver) in apt_packages:
|
|
|
|
|
lsphp_in_packages = True
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
if lsphp_in_packages:
|
|
|
|
|
if not os.path.exists('/etc/apt/sources.list.d/openlitespeed.list'):
|
|
|
|
|
Log.info(self, "Adding repository for LSPHP, please wait...")
|
|
|
|
|
Log.debug(self, 'Adding repository for LSPHP')
|
|
|
|
|
WORepo.add(self, repo_url=WOVar.wo_ols_repo, repo_name="openlitespeed")
|
2024-06-07 14:53:50 +02:00
|
|
|
|
2019-08-05 04:56:33 +02:00
|
|
|
# add redis repository
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_redis).issubset(set(apt_packages)):
|
2024-06-07 14:53:50 +02:00
|
|
|
if not os.path.exists('/etc/apt/sources.list.d/redis.list'):
|
|
|
|
|
WORepo.add(self, repo_url=WOVar.wo_redis_repo, repo_name="redis")
|
2019-10-31 15:42:42 +01:00
|
|
|
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-27 15:12:01 +02:00
|
|
|
def post_pref(self, apt_packages, packages, upgrade=False):
|
2019-08-05 04:56:33 +02:00
|
|
|
"""Post activity after installation of packages"""
|
|
|
|
|
if (apt_packages):
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# OpenLiteSpeed configuration
|
|
|
|
|
if set(WOVar.wo_ols).issubset(set(apt_packages)):
|
|
|
|
|
Log.wait(self, "Configuring OpenLiteSpeed")
|
|
|
|
|
ols_conf = WOVar.wo_ols_conf_dir
|
|
|
|
|
ols_vhost = WOVar.wo_ols_vhost_dir
|
2019-08-19 17:55:46 +02:00
|
|
|
ngxroot = '/var/www/'
|
2019-08-27 15:12:01 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
WOGit.add(self, ["/usr/local/lsws/conf"],
|
|
|
|
|
msg="Adding OpenLiteSpeed into Git")
|
|
|
|
|
|
|
|
|
|
# Create vhost directory structure
|
|
|
|
|
if not os.path.exists(ols_vhost):
|
|
|
|
|
os.makedirs(ols_vhost)
|
|
|
|
|
|
|
|
|
|
# Determine default PHP version
|
|
|
|
|
default_php_short = '84'
|
|
|
|
|
for ver_key, ver_num in WOVar.wo_php_versions.items():
|
|
|
|
|
short = ver_num.replace('.', '')
|
|
|
|
|
if os.path.exists('/usr/local/lsws/lsphp{0}/bin/lsphp'.format(short)):
|
|
|
|
|
default_php_short = short
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
# Deploy main httpd_config.conf
|
|
|
|
|
data = dict(
|
|
|
|
|
server_name=WOVar.wo_fqdn,
|
|
|
|
|
release=WOVar.wo_version,
|
|
|
|
|
backend_port='22222',
|
|
|
|
|
default_php_short=default_php_short)
|
|
|
|
|
WOTemplate.deploy(self,
|
|
|
|
|
'{0}/httpd_config.conf'.format(ols_conf),
|
|
|
|
|
'ols-httpd.mustache', data, overwrite=True)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Deploy extApp configs for all PHP versions
|
|
|
|
|
WOConf.olscommon(self)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Create log and cert folder for backend
|
|
|
|
|
if not os.path.exists('{0}22222/logs'.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/logs".format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/logs'.format(ngxroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
if not os.path.exists('{0}22222/cert'.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/cert".format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/cert'.format(ngxroot))
|
2020-02-26 10:01:27 +01:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
if not os.path.isdir('{0}22222/conf/ols'.format(ngxroot)):
|
|
|
|
|
Log.debug(self, "Creating directory "
|
|
|
|
|
"{0}22222/conf/ols".format(ngxroot))
|
|
|
|
|
os.makedirs('{0}22222/conf/ols'.format(ngxroot))
|
2020-02-26 10:01:27 +01:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Deploy backend vhost
|
2020-01-13 18:24:18 +01:00
|
|
|
data = dict(webroot=ngxroot,
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
release=WOVar.wo_version,
|
|
|
|
|
port='22222',
|
|
|
|
|
default_php_short=default_php_short)
|
|
|
|
|
backend_vhost_dir = '{0}/_backend'.format(ols_vhost)
|
|
|
|
|
if not os.path.exists(backend_vhost_dir):
|
|
|
|
|
os.makedirs(backend_vhost_dir)
|
2020-02-26 10:01:27 +01:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self,
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
'{0}/vhconf.conf'.format(backend_vhost_dir),
|
|
|
|
|
'ols-backend.mustache', data, overwrite=True)
|
2020-02-26 10:01:27 +01:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Setup admin password
|
2019-09-02 04:37:13 +02:00
|
|
|
passwd = ''.join([random.choice
|
|
|
|
|
(string.ascii_letters + string.digits)
|
|
|
|
|
for n in range(24)])
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
if not os.path.isfile('{0}/htpasswd-wo'.format(ols_conf)):
|
2019-08-05 09:45:08 +02:00
|
|
|
try:
|
2019-08-31 14:18:38 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "printf \"WordOps:"
|
2022-09-16 17:19:18 +02:00
|
|
|
"$(openssl passwd -apr1 "
|
2019-08-31 14:18:38 +02:00
|
|
|
"{password} 2> /dev/null)\n\""
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
"> {conf}/htpasswd-wo "
|
2019-08-31 14:18:38 +02:00
|
|
|
"2>/dev/null"
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
.format(password=passwd, conf=ols_conf))
|
2019-08-05 09:45:08 +02:00
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.error(self, "Failed to save HTTP Auth")
|
2019-08-31 14:18:38 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Generate self-signed cert for backend if missing
|
2019-09-06 14:27:45 +02:00
|
|
|
if (not os.path.isfile('{0}22222/cert/22222.key'
|
|
|
|
|
.format(ngxroot))):
|
2019-09-06 16:13:46 +02:00
|
|
|
SSL.selfsignedcert(self, proftpd=False, backend=True)
|
2019-09-06 14:27:45 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Deploy OLS admin password via admpass.sh
|
|
|
|
|
if os.path.isfile('/usr/local/lsws/admin/misc/admpass.sh'):
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self,
|
|
|
|
|
'/usr/local/lsws/admin/misc/admpass.sh '
|
|
|
|
|
'--password "{0}"'.format(passwd))
|
|
|
|
|
except CommandExecutionError as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
|
|
|
|
|
# traffic advice file
|
|
|
|
|
data = dict(release=WOVar.wo_version)
|
|
|
|
|
WOTemplate.deploy(self,
|
|
|
|
|
'/var/www/html/'
|
|
|
|
|
'.well-known/traffic-advice',
|
|
|
|
|
'traffic-advice.mustache', data)
|
|
|
|
|
|
|
|
|
|
# Start/Restart OLS
|
|
|
|
|
if not WOService.restart_service(self, 'lsws'):
|
|
|
|
|
Log.info(self, "Rolling back to previous configuration")
|
|
|
|
|
WOGit.rollback(self, ["/usr/local/lsws/conf"])
|
|
|
|
|
if not WOService.restart_service(self, 'lsws'):
|
|
|
|
|
Log.error(
|
|
|
|
|
self, "There is an error in OpenLiteSpeed configuration.\n"
|
|
|
|
|
"Use the command '/usr/local/lsws/bin/openlitespeed -t' to identify "
|
|
|
|
|
"the cause of this issue", False)
|
|
|
|
|
else:
|
|
|
|
|
Log.valide(self, "Configuring OpenLiteSpeed")
|
|
|
|
|
WOGit.add(self, ["/usr/local/lsws/conf"],
|
|
|
|
|
msg="Adding OpenLiteSpeed into Git")
|
2019-09-01 20:39:12 +02:00
|
|
|
|
2024-04-21 12:48:11 +02:00
|
|
|
server_ip = WOFqdn.get_server_ip(self)
|
|
|
|
|
if server_ip is None:
|
2024-04-21 18:18:13 +02:00
|
|
|
server_ip = WOVar.wo_fqdn
|
2019-08-27 15:12:01 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
if set(["openlitespeed"]).issubset(set(apt_packages)):
|
2019-08-31 01:02:16 +02:00
|
|
|
print("WordOps backend configuration was successful\n"
|
|
|
|
|
"You can access it on : https://{0}:22222"
|
|
|
|
|
.format(server_ip))
|
|
|
|
|
print("HTTP Auth User Name: WordOps" +
|
|
|
|
|
"\nHTTP Auth Password : {0}".format(passwd))
|
|
|
|
|
else:
|
|
|
|
|
self.msg = (self.msg + ["HTTP Auth User "
|
|
|
|
|
"Name: WordOps"] +
|
|
|
|
|
["HTTP Auth Password : {0}"
|
|
|
|
|
.format(passwd)])
|
2024-06-01 19:10:41 +02:00
|
|
|
self.msg = (self.msg + [f'WordOps backend is available on https://{server_ip}:22222 '
|
2024-05-23 15:30:05 +02:00
|
|
|
f'or https://{WOVar.wo_fqdn}:22222'])
|
2019-08-27 15:12:01 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# LSPHP configuration
|
2023-08-05 10:48:56 +02:00
|
|
|
php_list = []
|
2023-08-13 15:07:26 +02:00
|
|
|
for version in list(WOVar.wo_php_versions.values()):
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
short_ver = version.replace('.', '')
|
|
|
|
|
package_name = 'lsphp{0}'.format(short_ver)
|
2023-08-13 13:16:39 +02:00
|
|
|
if package_name in apt_packages:
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
php_list.append([version, short_ver])
|
2023-08-05 10:48:56 +02:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
for php_info in php_list:
|
|
|
|
|
php_version = php_info[0]
|
|
|
|
|
php_short = php_info[1]
|
|
|
|
|
Log.wait(self, "Configuring lsphp{0}".format(php_short))
|
2019-08-19 18:45:30 +02:00
|
|
|
ngxroot = '/var/www/'
|
2019-12-03 19:48:18 +01:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# Create log directories
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
if not os.path.exists('/var/log/php/{0}/'.format(php_version)):
|
2023-08-05 10:48:56 +02:00
|
|
|
Log.debug(
|
|
|
|
|
self, 'Creating directory /var/log/php/{0}/'
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
.format(php_version))
|
|
|
|
|
os.makedirs('/var/log/php/{0}/'.format(php_version))
|
|
|
|
|
|
|
|
|
|
# Configure LSPHP php.ini
|
|
|
|
|
lsphp_ini = '/usr/local/lsws/lsphp{0}/etc/php/{1}/litespeed/php.ini'.format(
|
|
|
|
|
php_short, php_version)
|
|
|
|
|
lsphp_ini_orig = lsphp_ini + '.orig'
|
|
|
|
|
|
|
|
|
|
if os.path.isfile(lsphp_ini):
|
|
|
|
|
if not os.path.isfile(lsphp_ini_orig):
|
|
|
|
|
WOFileUtils.copyfile(self, lsphp_ini, lsphp_ini_orig)
|
|
|
|
|
|
|
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
Log.debug(self, "configuring php file {0}".format(lsphp_ini))
|
|
|
|
|
config.read(lsphp_ini_orig)
|
|
|
|
|
config['PHP']['expose_php'] = 'Off'
|
|
|
|
|
config['PHP']['post_max_size'] = '100M'
|
|
|
|
|
config['PHP']['upload_max_filesize'] = '100M'
|
|
|
|
|
config['PHP']['max_execution_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_time'] = '300'
|
|
|
|
|
config['PHP']['max_input_vars'] = '20000'
|
|
|
|
|
config['Date']['date.timezone'] = WOVar.wo_timezone
|
|
|
|
|
config['opcache']['opcache.enable'] = '1'
|
|
|
|
|
config['opcache']['opcache.interned_strings_buffer'] = '8'
|
|
|
|
|
config['opcache']['opcache.max_accelerated_files'] = '10000'
|
|
|
|
|
config['opcache']['opcache.memory_consumption'] = '256'
|
|
|
|
|
config['opcache']['opcache.save_comments'] = '1'
|
|
|
|
|
config['opcache']['opcache.revalidate_freq'] = '5'
|
|
|
|
|
config['opcache']['opcache.consistency_checks'] = '0'
|
|
|
|
|
config['opcache']['opcache.validate_timestamps'] = '1'
|
|
|
|
|
with open(lsphp_ini,
|
|
|
|
|
encoding='utf-8', mode='w') as configfile:
|
|
|
|
|
Log.debug(self, "Writing php configuration into "
|
|
|
|
|
"{0}".format(lsphp_ini))
|
|
|
|
|
config.write(configfile)
|
|
|
|
|
|
|
|
|
|
# Deploy extApp config for this PHP version
|
|
|
|
|
data = dict(
|
|
|
|
|
php_version=php_version,
|
|
|
|
|
short_version=php_short,
|
|
|
|
|
release=WOVar.wo_version)
|
2023-08-05 10:48:56 +02:00
|
|
|
WOTemplate.deploy(self,
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
'{0}/lsphp{1}.conf'
|
|
|
|
|
.format(WOVar.wo_ols_conf_dir, php_short),
|
|
|
|
|
'ols-extapp.mustache', data)
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# PHP and Debug pull configuration
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/fpm/status/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/fpm/status/ '
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/fpm/status/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
|
|
|
|
|
# Write info.php
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/php/'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot)):
|
2019-08-05 12:25:00 +02:00
|
|
|
Log.debug(self, 'Creating directory '
|
|
|
|
|
'{0}22222/htdocs/php/ '
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/php'
|
2019-08-19 17:40:21 +02:00
|
|
|
.format(ngxroot))
|
2019-08-05 12:25:00 +02:00
|
|
|
|
2019-09-01 20:39:12 +02:00
|
|
|
with open("{0}22222/htdocs/php/info.php"
|
|
|
|
|
.format(ngxroot),
|
|
|
|
|
encoding='utf-8', mode='w') as myfile:
|
|
|
|
|
myfile.write("<?php\nphpinfo();\n?>")
|
2019-08-05 12:25:00 +02:00
|
|
|
|
2023-08-05 10:48:56 +02:00
|
|
|
# write opcache clean for phpxx
|
2019-12-04 23:34:03 +01:00
|
|
|
if not os.path.exists('{0}22222/htdocs/cache/opcache'
|
|
|
|
|
.format(ngxroot)):
|
|
|
|
|
os.makedirs('{0}22222/htdocs/cache/opcache'
|
|
|
|
|
.format(ngxroot))
|
|
|
|
|
WOFileUtils.textwrite(
|
2023-08-05 10:48:56 +02:00
|
|
|
self, '{0}22222/htdocs/cache/opcache/php{1}.php'
|
|
|
|
|
.format(ngxroot, php_short),
|
2019-12-04 23:34:03 +01:00
|
|
|
'<?php opcache_reset(); ?>')
|
|
|
|
|
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, "{0}22222/htdocs"
|
2019-08-19 18:45:30 +02:00
|
|
|
.format(ngxroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data', recursive=True)
|
2019-12-10 18:42:27 +01:00
|
|
|
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
# Restart OLS to pick up new PHP config
|
|
|
|
|
WOService.restart_service(self, 'lsws')
|
|
|
|
|
Log.valide(
|
|
|
|
|
self, "Configuring lsphp{0}".format(php_short))
|
2022-12-10 10:37:20 -03:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# create mysql config if it doesn't exist
|
2019-09-06 14:37:47 +02:00
|
|
|
if "mariadb-server" in apt_packages:
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git")
|
2020-11-10 16:28:04 +01:00
|
|
|
if not os.path.exists("/etc/mysql/my.cnf"):
|
2019-08-05 09:45:08 +02:00
|
|
|
config = ("[mysqld]\nwait_timeout = 30\n"
|
|
|
|
|
"interactive_timeout=60\nperformance_schema = 0"
|
|
|
|
|
"\nquery_cache_type = 1")
|
|
|
|
|
config_file = open("/etc/mysql/my.cnf",
|
|
|
|
|
encoding='utf-8', mode='w')
|
|
|
|
|
config_file.write(config)
|
|
|
|
|
config_file.close()
|
2019-09-04 18:33:13 +02:00
|
|
|
else:
|
2020-01-30 12:35:38 +01:00
|
|
|
# make sure root account have all privileges
|
2020-10-22 12:05:01 +02:00
|
|
|
if os.path.exists('/etc/mysql/conf.d/my.cnf.tmp'):
|
2019-12-03 19:48:18 +01:00
|
|
|
try:
|
|
|
|
|
config = configparser.ConfigParser()
|
2020-10-22 11:15:20 +02:00
|
|
|
config.read('/etc/mysql/conf.d/my.cnf.tmp')
|
2019-12-03 19:48:18 +01:00
|
|
|
chars = config['client']['password']
|
2020-10-22 11:04:23 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self,
|
|
|
|
|
'mysql -e "SET PASSWORD = '
|
2020-11-10 12:54:53 +01:00
|
|
|
'PASSWORD(\'{0}\'); flush privileges;"'
|
2022-09-13 15:52:50 +02:00
|
|
|
.format(chars), log=False)
|
2020-10-22 11:15:20 +02:00
|
|
|
WOFileUtils.mvfile(
|
|
|
|
|
self, '/etc/mysql/conf.d/my.cnf.tmp',
|
|
|
|
|
'/etc/mysql/conf.d/my.cnf')
|
2019-12-03 19:48:18 +01:00
|
|
|
except CommandExecutionError:
|
|
|
|
|
Log.error(self, "Unable to set MySQL password")
|
2020-10-22 20:39:25 +02:00
|
|
|
WOGit.add(self, ["/etc/mysql"],
|
|
|
|
|
msg="Adding MySQL into Git")
|
2020-11-10 12:54:53 +01:00
|
|
|
elif os.path.exists('/etc/mysql/conf.d/my.cnf'):
|
|
|
|
|
if ((WOAptGet.is_installed(
|
2022-09-08 20:49:35 +02:00
|
|
|
self,
|
2022-09-09 11:18:14 +02:00
|
|
|
'mariadb-server-{0}'.format(WOVar.mariadb_ver))) and
|
2020-11-10 12:54:53 +01:00
|
|
|
not (WOFileUtils.grepcheck(
|
|
|
|
|
self, '/etc/mysql/conf.d/my.cnf', 'socket'))):
|
|
|
|
|
try:
|
|
|
|
|
config = configparser.ConfigParser()
|
|
|
|
|
config.read('/etc/mysql/conf.d/my.cnf')
|
|
|
|
|
chars = config['client']['password']
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self,
|
|
|
|
|
'mysql -e "ALTER USER root@localhost '
|
|
|
|
|
'IDENTIFIED VIA unix_socket OR '
|
|
|
|
|
'mysql_native_password; '
|
|
|
|
|
'SET PASSWORD = PASSWORD(\'{0}\'); '
|
2022-09-13 15:52:50 +02:00
|
|
|
'flush privileges;"'.format(chars), log=False)
|
2020-11-10 12:54:53 +01:00
|
|
|
WOFileUtils.textappend(
|
|
|
|
|
self, '/etc/mysql/conf.d/my.cnf',
|
|
|
|
|
'socket = /run/mysqld/mysqld.sock')
|
|
|
|
|
except CommandExecutionError:
|
|
|
|
|
Log.error(self, "Unable to set MySQL password")
|
|
|
|
|
WOGit.add(self, ["/etc/mysql"],
|
|
|
|
|
msg="Adding MySQL into Git")
|
|
|
|
|
|
2020-10-22 20:39:25 +02:00
|
|
|
Log.wait(self, "Tuning MariaDB configuration")
|
2019-09-04 18:40:11 +02:00
|
|
|
if not os.path.isfile("/etc/mysql/my.cnf.default-pkg"):
|
|
|
|
|
WOFileUtils.copyfile(self, "/etc/mysql/my.cnf",
|
|
|
|
|
"/etc/mysql/my.cnf.default-pkg")
|
2019-08-05 14:22:20 +02:00
|
|
|
wo_ram = psutil.virtual_memory().total / (1024 * 1024)
|
2019-10-30 04:23:20 +01:00
|
|
|
wo_ram_innodb = int(wo_ram * 0.3)
|
|
|
|
|
wo_ram_log_buffer = int(wo_ram_innodb * 0.25)
|
|
|
|
|
wo_ram_log_size = int(wo_ram_log_buffer * 0.5)
|
2019-09-04 19:44:57 +02:00
|
|
|
if (wo_ram < 2000):
|
2019-09-04 18:33:13 +02:00
|
|
|
wo_innodb_instance = int(1)
|
|
|
|
|
tmp_table_size = int(32)
|
2019-09-04 19:44:57 +02:00
|
|
|
elif (wo_ram > 2000) and (wo_ram < 64000):
|
2019-10-30 04:23:20 +01:00
|
|
|
wo_innodb_instance = int(wo_ram / 1000)
|
2019-09-04 19:44:57 +02:00
|
|
|
tmp_table_size = int(128)
|
|
|
|
|
elif (wo_ram > 64000):
|
2019-09-04 18:33:13 +02:00
|
|
|
wo_innodb_instance = int(64)
|
|
|
|
|
tmp_table_size = int(256)
|
2020-10-22 11:04:23 +02:00
|
|
|
mariadbconf = bool(not os.path.exists(
|
|
|
|
|
'/etc/mysql/mariadb.conf.d/50-server.cnf'))
|
2019-09-04 18:33:13 +02:00
|
|
|
data = dict(
|
|
|
|
|
tmp_table_size=tmp_table_size, inno_log=wo_ram_log_size,
|
|
|
|
|
inno_buffer=wo_ram_innodb,
|
|
|
|
|
inno_log_buffer=wo_ram_log_buffer,
|
2020-10-22 11:04:23 +02:00
|
|
|
innodb_instances=wo_innodb_instance,
|
2020-10-22 12:05:01 +02:00
|
|
|
newmariadb=mariadbconf, release=WOVar.wo_version)
|
2020-05-04 17:26:10 +02:00
|
|
|
if os.path.exists('/etc/mysql/mariadb.conf.d/50-server.cnf'):
|
|
|
|
|
WOTemplate.deploy(
|
2020-10-22 12:05:01 +02:00
|
|
|
self, '/etc/mysql/mariadb.conf.d/50-server.cnf',
|
|
|
|
|
'my.mustache', data)
|
2020-05-04 17:26:10 +02:00
|
|
|
else:
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/mysql/my.cnf', 'my.mustache', data)
|
2019-08-05 14:22:20 +02:00
|
|
|
Log.debug(self, "Tuning MySQL configuration")
|
2019-10-28 14:53:15 +01:00
|
|
|
if os.path.isdir('/etc/systemd/system/mariadb.service.d'):
|
|
|
|
|
if not os.path.isfile(
|
|
|
|
|
'/etc/systemd/system/'
|
|
|
|
|
'mariadb.service.d/limits.conf'):
|
|
|
|
|
WOFileUtils.textwrite(
|
|
|
|
|
self,
|
|
|
|
|
'/etc/systemd/system/'
|
|
|
|
|
'mariadb.service.d/limits.conf',
|
|
|
|
|
'[Service]\nLimitNOFILE=500000')
|
|
|
|
|
WOShellExec.cmd_exec(self, 'systemctl daemon-reload')
|
2020-10-22 20:39:25 +02:00
|
|
|
Log.valide(self, "Tuning MySQL configuration")
|
2019-10-28 14:53:15 +01:00
|
|
|
|
2022-09-08 21:18:42 +02:00
|
|
|
WOService.restart_service(self, 'mariadb')
|
2020-10-22 20:39:25 +02:00
|
|
|
|
2019-08-05 14:22:20 +02:00
|
|
|
WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair '
|
|
|
|
|
'> /dev/null 2>&1',
|
|
|
|
|
comment='MySQL optimization cronjob '
|
|
|
|
|
'added by WordOps')
|
|
|
|
|
WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# create fail2ban configuration files
|
2019-12-04 23:34:03 +01:00
|
|
|
if "fail2ban" in apt_packages:
|
2019-12-03 19:48:18 +01:00
|
|
|
WOService.restart_service(self, 'fail2ban')
|
2020-01-30 17:07:42 +01:00
|
|
|
if os.path.exists('/etc/fail2ban'):
|
2020-01-30 12:35:38 +01:00
|
|
|
WOGit.add(self, ["/etc/fail2ban"],
|
|
|
|
|
msg="Adding Fail2ban into Git")
|
2023-08-26 14:33:59 +02:00
|
|
|
Log.wait(self, "Configuring Fail2Ban")
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
olsf2b = bool(os.path.exists('/usr/local/lsws/bin/openlitespeed'))
|
|
|
|
|
data = dict(release=WOVar.wo_version, ols=olsf2b)
|
2020-01-30 15:37:56 +01:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/jail.d/custom.conf',
|
|
|
|
|
'fail2ban.mustache',
|
2020-08-07 16:12:20 +02:00
|
|
|
data, overwrite=True)
|
2020-01-30 15:37:56 +01:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/filter.d/wo-wordpress.conf',
|
|
|
|
|
'fail2ban-wp.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self,
|
|
|
|
|
'/etc/fail2ban/filter.d/nginx-forbidden.conf',
|
|
|
|
|
'fail2ban-forbidden.mustache',
|
|
|
|
|
data, overwrite=False)
|
2019-08-20 13:53:41 +02:00
|
|
|
|
2020-08-07 16:07:31 +02:00
|
|
|
if not WOShellExec.cmd_exec(self, 'fail2ban-client reload'):
|
2020-01-30 17:07:42 +01:00
|
|
|
WOGit.rollback(
|
|
|
|
|
self, ['/etc/fail2ban'], msg="Rollback f2b config")
|
|
|
|
|
WOService.restart_service(self, 'fail2ban')
|
|
|
|
|
else:
|
2023-08-26 14:33:59 +02:00
|
|
|
Log.valide(self, "Configuring Fail2Ban")
|
2020-01-30 17:07:42 +01:00
|
|
|
WOGit.add(self, ["/etc/fail2ban"],
|
|
|
|
|
msg="Adding Fail2ban into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
|
|
|
|
# Proftpd configuration
|
2019-09-06 14:37:47 +02:00
|
|
|
if "proftpd-basic" in apt_packages:
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Adding ProFTPd into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
if os.path.isfile("/etc/proftpd/proftpd.conf"):
|
|
|
|
|
Log.debug(self, "Setting up Proftpd configuration")
|
2022-10-24 15:01:51 +02:00
|
|
|
data = dict()
|
|
|
|
|
WOTemplate.deploy(self,
|
|
|
|
|
'/etc/proftpd/proftpd.conf',
|
|
|
|
|
'proftpd.mustache', data)
|
2019-08-05 04:56:33 +02:00
|
|
|
# proftpd TLS configuration
|
|
|
|
|
if not os.path.isdir("/etc/proftpd/ssl"):
|
|
|
|
|
WOFileUtils.mkdir(self, "/etc/proftpd/ssl")
|
2019-09-06 16:13:46 +02:00
|
|
|
SSL.selfsignedcert(self, proftpd=True, backend=False)
|
2019-08-05 04:56:33 +02:00
|
|
|
WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700)
|
|
|
|
|
WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700)
|
|
|
|
|
data = dict()
|
2019-09-25 14:30:29 +02:00
|
|
|
WOTemplate.deploy(self, '/etc/proftpd/tls.conf',
|
|
|
|
|
'proftpd-tls.mustache', data)
|
2019-08-05 04:56:33 +02:00
|
|
|
WOService.restart_service(self, 'proftpd')
|
|
|
|
|
|
2019-09-24 12:09:43 +02:00
|
|
|
if os.path.isfile('/etc/ufw/ufw.conf'):
|
|
|
|
|
if WOFileUtils.grepcheck(
|
|
|
|
|
self, '/etc/ufw/ufw.conf', 'ENABLED=yes'):
|
|
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw limit 21")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw allow 49000:50000/tcp")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "ufw reload")
|
|
|
|
|
except Exception as e:
|
|
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.error(self, "Unable to add UFW rules")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2020-01-30 12:35:38 +01:00
|
|
|
if ((os.path.exists("/etc/fail2ban/jail.d/custom.conf")) and
|
|
|
|
|
(not WOFileUtils.grepcheck(
|
2019-09-01 13:59:27 +02:00
|
|
|
self, "/etc/fail2ban/jail.d/custom.conf",
|
|
|
|
|
"proftpd"))):
|
2019-08-05 04:56:33 +02:00
|
|
|
with open("/etc/fail2ban/jail.d/custom.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as f2bproftpd:
|
|
|
|
|
f2bproftpd.write("\n\n[proftpd]\nenabled = true\n")
|
|
|
|
|
WOService.reload_service(self, 'fail2ban')
|
|
|
|
|
|
2019-10-03 15:44:23 +02:00
|
|
|
if not WOService.reload_service(self, 'proftpd'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Rollback ProFTPd")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/proftpd"],
|
|
|
|
|
msg="Adding ProFTPd into Git")
|
2019-08-05 04:56:33 +02:00
|
|
|
|
2020-10-14 14:50:05 +02:00
|
|
|
# Sendmail configuration
|
|
|
|
|
if "sendmail" in apt_packages:
|
|
|
|
|
if (os.path.exists("/usr/bin/yes") and
|
|
|
|
|
os.path.exists("/usr/sbin/sendmailconfig")):
|
|
|
|
|
Log.wait(self, "Configuring Sendmail")
|
|
|
|
|
if WOShellExec.cmd_exec(self, "yes 'y' | sendmailconfig"):
|
|
|
|
|
Log.valide(self, "Configuring Sendmail")
|
|
|
|
|
else:
|
|
|
|
|
Log.failed(self, "Configuring Sendmail")
|
|
|
|
|
|
2019-09-20 14:21:42 +02:00
|
|
|
if "ufw" in apt_packages:
|
|
|
|
|
if not WOFileUtils.grep(self,
|
|
|
|
|
'/etc/ufw/ufw.conf', 'ENABLED=yes'):
|
|
|
|
|
Log.wait(self, "Configuring UFW")
|
|
|
|
|
if not os.path.isfile("/opt/ufw.sh"):
|
|
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '/opt/ufw.sh',
|
2019-09-20 14:21:42 +02:00
|
|
|
'ufw.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOFileUtils.chmod(self, "/opt/ufw.sh", 0o700)
|
|
|
|
|
WOShellExec.cmd_exec(self, "bash /opt/ufw.sh")
|
|
|
|
|
Log.valide(self, "Configuring UFW")
|
|
|
|
|
else:
|
|
|
|
|
Log.info(self, "UFW is already installed and enabled")
|
|
|
|
|
|
2019-08-31 12:18:16 +02:00
|
|
|
# Redis configuration
|
2019-09-06 14:37:47 +02:00
|
|
|
if "redis-server" in apt_packages:
|
2019-09-25 14:47:48 +02:00
|
|
|
WOGit.add(self, ["/etc/redis"],
|
|
|
|
|
msg="Adding Redis into Git")
|
2019-08-31 12:18:16 +02:00
|
|
|
Log.debug(self, "Enabling redis systemd service")
|
|
|
|
|
WOShellExec.cmd_exec(self, "systemctl enable redis-server")
|
|
|
|
|
if (os.path.isfile("/etc/redis/redis.conf") and
|
2019-08-31 14:18:38 +02:00
|
|
|
(not WOFileUtils.grep(self, "/etc/redis/redis.conf",
|
|
|
|
|
"WordOps"))):
|
2019-09-06 14:47:50 +02:00
|
|
|
Log.wait(self, "Tuning Redis configuration")
|
2019-08-31 12:18:16 +02:00
|
|
|
with open("/etc/redis/redis.conf",
|
2019-08-20 13:53:41 +02:00
|
|
|
"a") as redis_file:
|
2019-09-25 14:47:48 +02:00
|
|
|
redis_file.write("\n# WordOps v3.9.9\n")
|
2019-08-31 12:18:16 +02:00
|
|
|
wo_ram = psutil.virtual_memory().total / (1024 * 1024)
|
|
|
|
|
if wo_ram < 1024:
|
|
|
|
|
Log.debug(self, "Setting maxmemory variable to "
|
|
|
|
|
"{0} in redis.conf"
|
2019-10-30 04:23:20 +01:00
|
|
|
.format(int(wo_ram * 1024 * 1024 * 0.1)))
|
2019-10-30 06:21:49 +01:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory <bytes>",
|
|
|
|
|
"maxmemory {0}"
|
|
|
|
|
.format
|
|
|
|
|
(int(wo_ram * 1024 * 1024 * 0.1)))
|
2019-08-20 13:53:41 +02:00
|
|
|
|
2019-08-31 12:18:16 +02:00
|
|
|
else:
|
|
|
|
|
Log.debug(self, "Setting maxmemory variable to {0} "
|
|
|
|
|
"in redis.conf"
|
2019-10-30 04:23:20 +01:00
|
|
|
.format(int(wo_ram * 1024 * 1024 * 0.2)))
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory <bytes>",
|
|
|
|
|
"maxmemory {0}"
|
|
|
|
|
.format
|
|
|
|
|
(int(wo_ram * 1024 * 1024 * 0.2)))
|
2019-08-31 12:18:16 +02:00
|
|
|
|
|
|
|
|
Log.debug(
|
|
|
|
|
self, "Setting maxmemory-policy variable to "
|
|
|
|
|
"allkeys-lru in redis.conf")
|
2019-09-01 13:59:27 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/redis/redis.conf",
|
|
|
|
|
"# maxmemory-policy noeviction",
|
|
|
|
|
"maxmemory-policy allkeys-lru")
|
2019-08-31 12:18:16 +02:00
|
|
|
Log.debug(
|
|
|
|
|
self, "Setting tcp-backlog variable to "
|
|
|
|
|
"in redis.conf")
|
2019-08-07 03:05:32 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
"/etc/redis/redis.conf",
|
2019-08-31 12:18:16 +02:00
|
|
|
"tcp-backlog 511",
|
|
|
|
|
"tcp-backlog 32768")
|
|
|
|
|
WOFileUtils.chown(self, '/etc/redis/redis.conf',
|
|
|
|
|
'redis', 'redis', recursive=False)
|
2019-09-06 14:47:50 +02:00
|
|
|
Log.valide(self, "Tuning Redis configuration")
|
2019-10-03 15:44:23 +02:00
|
|
|
if not WOService.restart_service(self, 'redis-server'):
|
|
|
|
|
WOGit.rollback(self, ["/etc/redis"], msg="Rollback Redis")
|
|
|
|
|
else:
|
|
|
|
|
WOGit.add(self, ["/etc/redis"], msg="Adding Redis into Git")
|
2019-08-31 12:18:16 +02:00
|
|
|
|
2019-08-31 12:47:35 +02:00
|
|
|
# ClamAV configuration
|
2019-10-02 13:13:32 +02:00
|
|
|
if set(WOVar.wo_clamav).issubset(set(apt_packages)):
|
2019-08-31 14:23:29 +02:00
|
|
|
Log.debug(self, "Setting up freshclam cronjob")
|
2019-08-31 12:47:35 +02:00
|
|
|
if not os.path.isfile("/opt/freshclam.sh"):
|
2019-08-31 14:27:47 +02:00
|
|
|
data = dict()
|
2019-09-23 16:35:20 +02:00
|
|
|
WOTemplate.deploy(self, '/opt/freshclam.sh',
|
2019-08-31 12:47:35 +02:00
|
|
|
'freshclam.mustache',
|
|
|
|
|
data, overwrite=False)
|
|
|
|
|
WOFileUtils.chmod(self, "/opt/freshclam.sh", 0o775)
|
2019-08-31 14:27:47 +02:00
|
|
|
WOCron.setcron_weekly(self, '/opt/freshclam.sh '
|
|
|
|
|
'> /dev/null 2>&1',
|
|
|
|
|
comment='ClamAV freshclam cronjob '
|
|
|
|
|
'added by WordOps')
|
2019-08-26 18:05:26 +02:00
|
|
|
|
2019-11-02 19:37:52 +01:00
|
|
|
# nanorc
|
2020-10-15 13:24:00 +02:00
|
|
|
if 'nano' in apt_packages:
|
2019-11-02 19:37:52 +01:00
|
|
|
Log.debug(self, 'Setting up nanorc')
|
|
|
|
|
WOGit.clone(self, 'https://github.com/scopatz/nanorc.git',
|
|
|
|
|
'/usr/share/nano-syntax-highlighting')
|
|
|
|
|
if os.path.exists('/etc/nanorc'):
|
|
|
|
|
Log.debug(
|
|
|
|
|
self, 'including nano syntax highlighting to /etc/nanorc')
|
|
|
|
|
if not WOFileUtils.grepcheck(self, '/etc/nanorc',
|
|
|
|
|
'nano-syntax-highlighting'):
|
|
|
|
|
WOFileUtils.textappend(
|
|
|
|
|
self, '/etc/nanorc', 'include /usr/share/'
|
|
|
|
|
'nano-syntax-highlighting/*.nanorc')
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
if (packages):
|
2019-08-29 20:02:35 +02:00
|
|
|
# WP-CLI
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/usr/local/bin/wp' == x[1] for x in packages):
|
|
|
|
|
Log.debug(self, "Setting Privileges"
|
|
|
|
|
" to /usr/local/bin/wp file ")
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775)
|
|
|
|
|
|
2019-08-29 20:02:35 +02:00
|
|
|
# PHPMyAdmin
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/var/lib/wo/tmp/pma.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
2020-04-23 16:36:30 +02:00
|
|
|
wo_phpmyadmin = WODownload.pma_release(self)
|
2019-08-05 09:45:08 +02:00
|
|
|
WOExtract.extract(
|
|
|
|
|
self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/')
|
|
|
|
|
Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to '
|
|
|
|
|
'location /var/lib/wo/tmp/')
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/db'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Creating new directory "
|
|
|
|
|
"{0}22222/htdocs/db"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/db'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/db/pma/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2020-04-23 16:36:30 +02:00
|
|
|
shutil.move('/var/lib/wo/tmp/phpMyAdmin-{0}'
|
|
|
|
|
'-all-languages/'
|
|
|
|
|
.format(wo_phpmyadmin),
|
2019-08-05 09:45:08 +02:00
|
|
|
'{0}22222/htdocs/db/pma/'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.copyfile('{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.sample.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, 'Setting Blowfish Secret Key '
|
|
|
|
|
'FOR COOKIE AUTH to '
|
|
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
blowfish_key = ''.join([random.choice
|
|
|
|
|
(string.ascii_letters +
|
|
|
|
|
string.digits)
|
2019-08-17 14:18:03 +02:00
|
|
|
for n in range(32)])
|
2019-08-05 09:45:08 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
'{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
"$cfg[\'blowfish_secret\']"
|
|
|
|
|
" = \'\';",
|
|
|
|
|
"$cfg[\'blowfish_secret\']"
|
|
|
|
|
" = \'{0}\';"
|
|
|
|
|
.format(blowfish_key))
|
|
|
|
|
Log.debug(self, 'Setting HOST Server For Mysql to '
|
|
|
|
|
'{0}22222/htdocs/db/pma/config.inc.php file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
WOFileUtils.searchreplace(self,
|
|
|
|
|
'{0}22222/htdocs/db/pma'
|
|
|
|
|
'/config.inc.php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-05 09:45:08 +02:00
|
|
|
"$cfg[\'Servers\'][$i][\'host\']"
|
|
|
|
|
" = \'localhost\';", "$cfg"
|
2019-08-23 17:11:43 +02:00
|
|
|
"[\'Servers\'][$i][\'host\'] "
|
|
|
|
|
"= \'{0}\';"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_mysql_host))
|
2019-08-05 04:56:33 +02:00
|
|
|
Log.debug(self, 'Setting Privileges of webroot permission to '
|
2019-08-17 13:40:28 +02:00
|
|
|
'{0}22222/htdocs/db/pma file '
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 04:56:33 +02:00
|
|
|
recursive=True)
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# composer install and phpmyadmin update
|
|
|
|
|
if any('/var/lib/wo/tmp/composer-install' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Installing composer")
|
2019-08-05 09:45:08 +02:00
|
|
|
WOShellExec.cmd_exec(self, "php -q /var/lib/wo"
|
|
|
|
|
"/tmp/composer-install "
|
|
|
|
|
"--install-dir=/var/lib/wo/tmp/")
|
|
|
|
|
shutil.copyfile('/var/lib/wo/tmp/composer.phar',
|
|
|
|
|
'/usr/local/bin/composer')
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.valide(self, "Installing composer")
|
2019-09-01 13:59:27 +02:00
|
|
|
if ((os.path.isdir("/var/www/22222/htdocs/db/pma")) and
|
|
|
|
|
(not os.path.isfile('/var/www/22222/htdocs/db/'
|
|
|
|
|
'pma/composer.lock'))):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Updating phpMyAdmin")
|
2019-08-31 14:18:38 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "/usr/local/bin/composer update "
|
2019-09-21 16:42:49 +02:00
|
|
|
"--no-plugins --no-scripts -n --no-dev -d "
|
|
|
|
|
"/var/www/22222/htdocs/db/pma/")
|
2019-08-31 14:18:38 +02:00
|
|
|
WOFileUtils.chown(
|
|
|
|
|
self, '{0}22222/htdocs/db/pma'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.valide(self, "Updating phpMyAdmin")
|
2019-08-31 14:18:38 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/cache/'
|
|
|
|
|
'redis/phpRedisAdmin'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-31 14:18:38 +02:00
|
|
|
Log.debug(self, "Creating new directory "
|
|
|
|
|
"{0}22222/htdocs/cache/redis"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-31 14:18:38 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 13:59:27 +02:00
|
|
|
if not os.path.isfile('/var/www/22222/htdocs/cache/redis/'
|
|
|
|
|
'phpRedisAdmin/composer.lock'):
|
2019-09-21 16:42:49 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "/usr/local/bin/composer "
|
|
|
|
|
"create-project --no-plugins --no-scripts -n -s dev "
|
|
|
|
|
"erik-dubbelboer/php-redis-admin "
|
|
|
|
|
"/var/www/22222/htdocs/cache/redis/phpRedisAdmin")
|
2019-09-01 13:59:27 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 13:59:27 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
2019-08-31 14:18:38 +02:00
|
|
|
|
2019-08-29 20:02:35 +02:00
|
|
|
# MySQLtuner
|
2019-08-16 22:44:47 +02:00
|
|
|
if any('/usr/bin/mysqltuner' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "CHMOD MySQLTuner in /usr/bin/mysqltuner")
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775)
|
|
|
|
|
|
2019-10-28 20:07:38 +01:00
|
|
|
# cheat.sh
|
|
|
|
|
if any('/usr/local/bin/cht.sh' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "CHMOD cht.sh in /usr/local/bin/cht.sh")
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/local/bin/cht.sh", 0o775)
|
|
|
|
|
if WOFileUtils.grepcheck(self, '/etc/bash_completion.d/cht.sh',
|
|
|
|
|
'cht_complete cht.sh'):
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, '/etc/bash_completion.d/cht.sh',
|
|
|
|
|
'_cht_complete cht.sh',
|
|
|
|
|
'_cht_complete cheat')
|
|
|
|
|
if not os.path.islink('/usr/local/bin/cheat'):
|
|
|
|
|
WOFileUtils.create_symlink(
|
|
|
|
|
self, ['/usr/local/bin/cht.sh', '/usr/local/bin/cheat'])
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# netdata install
|
|
|
|
|
if any('/var/lib/wo/tmp/kickstart.sh' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.wait(self, "Installing Netdata")
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, "bash /var/lib/wo/tmp/kickstart.sh "
|
2024-05-31 22:22:08 +02:00
|
|
|
"--dont-wait --stable-channel",
|
2022-02-01 14:46:58 +01:00
|
|
|
errormsg='', log=False)
|
2019-09-24 00:11:26 +02:00
|
|
|
Log.valide(self, "Installing Netdata")
|
2023-08-13 11:45:49 +02:00
|
|
|
|
2019-09-01 13:59:27 +02:00
|
|
|
# disable mail notifications
|
2024-05-31 22:22:08 +02:00
|
|
|
if os.path.exists('/usr/lib/netdata/conf.d/health_alarm_notify.conf'):
|
2023-08-13 11:45:49 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/usr/lib/netdata/conf.d/health_alarm_notify.conf",
|
|
|
|
|
'SEND_EMAIL="YES"',
|
|
|
|
|
'SEND_EMAIL="NO"')
|
|
|
|
|
|
2024-05-31 22:22:08 +02:00
|
|
|
if os.path.exists('/etc/netdata/orig/health_alarm_notify.conf'):
|
2023-08-21 16:17:24 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "/etc/netdata/orig/health_alarm_notify.conf",
|
|
|
|
|
'SEND_EMAIL="YES"',
|
|
|
|
|
'SEND_EMAIL="NO"')
|
2023-09-19 20:50:41 +02:00
|
|
|
if self.app.config.has_section('mysql'):
|
|
|
|
|
wo_grant_host = self.app.config.get('mysql', 'grant-host')
|
|
|
|
|
else:
|
|
|
|
|
wo_grant_host = 'localhost'
|
2024-06-07 16:51:53 +02:00
|
|
|
if (WOMysql.mariadb_ping(self)
|
2023-09-19 20:50:41 +02:00
|
|
|
and wo_grant_host == 'localhost'):
|
2019-09-01 13:59:27 +02:00
|
|
|
try:
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self,
|
2019-12-06 13:09:45 +01:00
|
|
|
"DELETE FROM mysql.user WHERE User = 'netdata';",
|
2019-09-01 13:59:27 +02:00
|
|
|
log=False)
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self,
|
2019-12-06 13:09:45 +01:00
|
|
|
"create user 'netdata'@'127.0.0.1';",
|
|
|
|
|
log=False)
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self,
|
|
|
|
|
"grant usage on *.* to 'netdata'@'127.0.0.1';",
|
2019-09-01 13:59:27 +02:00
|
|
|
log=False)
|
|
|
|
|
WOMysql.execute(
|
|
|
|
|
self, "flush privileges;",
|
|
|
|
|
log=False)
|
2019-09-24 00:11:26 +02:00
|
|
|
except Exception as e:
|
2019-09-01 13:59:27 +02:00
|
|
|
Log.debug(self, "{0}".format(e))
|
|
|
|
|
Log.info(
|
|
|
|
|
self, "fail to setup mysql user for netdata")
|
|
|
|
|
WOService.restart_service(self, 'netdata')
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
# WordOps Dashboard
|
|
|
|
|
if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
2019-09-01 16:50:13 +02:00
|
|
|
Log.debug(self, "Extracting wo-dashboard.tar.gz "
|
|
|
|
|
"to location {0}22222/htdocs/"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOExtract.extract(self, '/var/lib/wo/tmp/'
|
|
|
|
|
'wo-dashboard.tar.gz',
|
|
|
|
|
'{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | "
|
|
|
|
|
"grep -oP \"dev [^[:space:]]+ \" "
|
|
|
|
|
"| cut -d ' ' -f 2").read()
|
|
|
|
|
if (wo_wan != 'eth0' and wo_wan != ''):
|
|
|
|
|
WOFileUtils.searchreplace(self,
|
2019-09-22 14:11:12 +02:00
|
|
|
"{0}22222/htdocs/index.html"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 16:50:13 +02:00
|
|
|
"eth0",
|
|
|
|
|
"{0}".format(wo_wan))
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Setting Privileges to "
|
2019-09-01 16:50:13 +02:00
|
|
|
"{0}22222/htdocs"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 04:56:33 +02:00
|
|
|
recursive=True)
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-09-01 16:50:13 +02:00
|
|
|
# Extplorer FileManager
|
|
|
|
|
if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "Extracting extplorer.tar.gz "
|
|
|
|
|
"to location {0}22222/htdocs/files"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz',
|
|
|
|
|
'/var/lib/wo/tmp/')
|
|
|
|
|
shutil.move('/var/lib/wo/tmp/extplorer-{0}'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_extplorer),
|
2019-09-01 16:50:13 +02:00
|
|
|
'{0}22222/htdocs/files'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
Log.debug(self, "Setting Privileges to "
|
|
|
|
|
"{0}22222/htdocs/files"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-09-01 16:50:13 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-09-01 16:50:13 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
|
|
|
|
recursive=True)
|
|
|
|
|
|
2019-08-05 09:45:08 +02:00
|
|
|
# webgrind
|
|
|
|
|
if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
Log.debug(self, "Extracting file webgrind.tar.gz to "
|
|
|
|
|
"location /var/lib/wo/tmp/ ")
|
|
|
|
|
WOExtract.extract(
|
|
|
|
|
self, '/var/lib/wo/tmp/webgrind.tar.gz',
|
|
|
|
|
'/var/lib/wo/tmp/')
|
|
|
|
|
if not os.path.exists('{0}22222/htdocs/php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
Log.debug(self, "Creating directroy "
|
|
|
|
|
"{0}22222/htdocs/php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
os.makedirs('{0}22222/htdocs/php'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
if not os.path.exists('{0}22222/htdocs/php/webgrind'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot)):
|
2019-08-05 09:45:08 +02:00
|
|
|
shutil.move('/var/lib/wo/tmp/webgrind-master/',
|
|
|
|
|
'{0}22222/htdocs/php/webgrind'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-05 09:45:08 +02:00
|
|
|
|
2019-08-31 14:18:38 +02:00
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"/usr/local/bin/dot", "/usr/bin/dot")
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"Europe/Copenhagen",
|
2019-10-02 13:13:32 +02:00
|
|
|
WOVar.wo_timezone)
|
2019-08-31 14:18:38 +02:00
|
|
|
|
|
|
|
|
WOFileUtils.searchreplace(
|
|
|
|
|
self, "{0}22222/htdocs/php/webgrind/"
|
|
|
|
|
"config.php"
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-31 14:18:38 +02:00
|
|
|
"90", "100")
|
2019-08-05 09:45:08 +02:00
|
|
|
|
|
|
|
|
Log.debug(self, "Setting Privileges of webroot permission to "
|
|
|
|
|
"{0}22222/htdocs/php/webgrind/ file "
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot))
|
2019-08-17 13:40:28 +02:00
|
|
|
WOFileUtils.chown(self, '{0}22222/htdocs'
|
2019-10-02 13:13:32 +02:00
|
|
|
.format(WOVar.wo_webroot),
|
2019-08-26 18:05:26 +02:00
|
|
|
'www-data',
|
|
|
|
|
'www-data',
|
2019-08-05 09:45:08 +02:00
|
|
|
recursive=True)
|
|
|
|
|
|
2019-08-26 18:05:26 +02:00
|
|
|
# pt-query-advisor
|
2019-08-05 09:45:08 +02:00
|
|
|
if any('/usr/bin/pt-query-advisor' == x[1]
|
|
|
|
|
for x in packages):
|
|
|
|
|
WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775)
|
2019-09-27 01:19:45 +02:00
|
|
|
|
2019-10-23 01:59:10 +02:00
|
|
|
|
|
|
|
|
def pre_stack(self):
|
|
|
|
|
"""Inital server configuration and tweak"""
|
2019-10-25 23:58:08 +02:00
|
|
|
# remove old sysctl tweak
|
2019-10-23 01:59:10 +02:00
|
|
|
if os.path.isfile('/etc/sysctl.d/60-ubuntu-nginx-web-server.conf'):
|
2019-11-11 19:06:11 +01:00
|
|
|
WOFileUtils.rm(
|
|
|
|
|
self, '/etc/sysctl.d/60-ubuntu-nginx-web-server.conf')
|
|
|
|
|
# check if version.txt exist
|
|
|
|
|
if os.path.exists('/var/lib/wo/version.txt'):
|
|
|
|
|
with open('/var/lib/wo/version.txt',
|
|
|
|
|
mode='r', encoding='utf-8') as wo_ver:
|
|
|
|
|
wo_check = bool(wo_ver.read().strip() ==
|
|
|
|
|
'{0}'.format(WOVar.wo_version))
|
|
|
|
|
else:
|
|
|
|
|
wo_check = False
|
|
|
|
|
if wo_check is False:
|
2019-12-03 19:48:18 +01:00
|
|
|
wo_arch = bool((os.uname()[4]) == 'x86_64')
|
2019-11-11 19:06:11 +01:00
|
|
|
if os.path.isfile('/proc/1/environ'):
|
|
|
|
|
wo_lxc = WOFileUtils.grepcheck(
|
|
|
|
|
self, '/proc/1/environ', 'container=lxc')
|
|
|
|
|
wo_wsl = WOFileUtils.grepcheck(
|
|
|
|
|
self, '/proc/1/environ', 'wsl')
|
|
|
|
|
else:
|
|
|
|
|
wo_wsl = True
|
|
|
|
|
wo_lxc = True
|
2019-10-25 23:58:08 +02:00
|
|
|
|
2019-11-11 19:06:11 +01:00
|
|
|
if (wo_lxc is not True) and (wo_wsl is not True) and (wo_arch is True):
|
2019-10-23 01:59:10 +02:00
|
|
|
data = dict()
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/sysctl.d/60-wo-tweaks.conf',
|
|
|
|
|
'sysctl.mustache', data, True)
|
2023-12-01 16:52:33 +01:00
|
|
|
if (WOVar.wo_platform_codename == 'focal' or
|
2022-09-08 21:03:59 +02:00
|
|
|
WOVar.wo_platform_codename == 'buster' or
|
|
|
|
|
WOVar.wo_platform_codename == 'jammy' or
|
2023-12-01 16:52:33 +01:00
|
|
|
WOVar.wo_platform_codename == 'bullseye' or
|
feat: convert WordOps from Nginx to OpenLiteSpeed + LSPHP + LSCache
Complete conversion of the WordOps stack from Nginx + PHP-FPM to
OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7
phases of the codebase:
- Foundation: OLS paths, variables, services, removed pynginxconfig dep
- Templates: 11 new OLS mustache templates, removed nginx-specific ones
- Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate
- Site: site_functions, site, site_create, site_update
- Plugins: debug, info, log, clean rewritten for OLS
- SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks
- Other: secure, backup, clone, install script
Additional features:
- Debian 13 (trixie) support
- PHP 8.5 support
- WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock)
- --nginx CLI flag preserved for backward compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 18:55:16 +01:00
|
|
|
WOVar.wo_platform_codename == 'bookworm' or
|
|
|
|
|
WOVar.wo_platform_codename == 'trixie'):
|
2019-11-11 19:06:11 +01:00
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, 'modprobe tcp_bbr')
|
|
|
|
|
with open(
|
|
|
|
|
"/etc/modules-load.d/bbr.conf",
|
|
|
|
|
encoding='utf-8', mode='w') as bbr_file:
|
2019-10-23 01:59:10 +02:00
|
|
|
bbr_file.write('tcp_bbr')
|
2019-11-11 19:06:11 +01:00
|
|
|
with open(
|
|
|
|
|
"/etc/sysctl.d/60-wo-tweaks.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as sysctl_file:
|
2019-10-23 01:59:10 +02:00
|
|
|
sysctl_file.write(
|
|
|
|
|
'\nnet.ipv4.tcp_congestion_control = bbr'
|
|
|
|
|
'\nnet.ipv4.tcp_notsent_lowat = 16384')
|
2019-11-11 19:06:11 +01:00
|
|
|
except OSError as e:
|
|
|
|
|
Log.debug(self, str(e))
|
|
|
|
|
Log.warn(self, "failed to tweak sysctl")
|
2019-10-23 01:59:10 +02:00
|
|
|
else:
|
2019-11-11 19:06:11 +01:00
|
|
|
try:
|
|
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, 'modprobe tcp_htcp')
|
|
|
|
|
with open(
|
|
|
|
|
"/etc/modules-load.d/htcp.conf",
|
|
|
|
|
encoding='utf-8', mode='w') as bbr_file:
|
2019-10-23 01:59:10 +02:00
|
|
|
bbr_file.write('tcp_htcp')
|
2019-11-11 19:06:11 +01:00
|
|
|
with open(
|
|
|
|
|
"/etc/sysctl.d/60-wo-tweaks.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as sysctl_file:
|
2019-10-23 01:59:10 +02:00
|
|
|
sysctl_file.write(
|
|
|
|
|
'\nnet.ipv4.tcp_congestion_control = htcp')
|
2019-11-11 19:06:11 +01:00
|
|
|
except OSError as e:
|
|
|
|
|
Log.debug(self, str(e))
|
|
|
|
|
Log.warn(self, "failed to tweak sysctl")
|
|
|
|
|
|
2019-10-23 01:59:10 +02:00
|
|
|
WOShellExec.cmd_exec(
|
|
|
|
|
self, 'sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf')
|
2019-11-11 19:06:11 +01:00
|
|
|
|
|
|
|
|
# sysctl tweak service
|
|
|
|
|
data = dict()
|
|
|
|
|
if not os.path.isfile('/opt/wo-kernel.sh'):
|
|
|
|
|
WOTemplate.deploy(self, '/opt/wo-kernel.sh',
|
|
|
|
|
'wo-kernel-script.mustache', data)
|
2020-05-12 01:42:04 +02:00
|
|
|
WOFileUtils.chmod(self, '/opt/wo-kernel.sh', 0o700)
|
2019-11-11 19:06:11 +01:00
|
|
|
if not os.path.isfile('/lib/systemd/system/wo-kernel.service'):
|
|
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/lib/systemd/system/wo-kernel.service',
|
|
|
|
|
'wo-kernel-service.mustache', data)
|
|
|
|
|
WOShellExec.cmd_exec(self, 'systemctl enable wo-kernel.service')
|
|
|
|
|
WOService.start_service(self, 'wo-kernel')
|
|
|
|
|
# open_files_limit tweak
|
|
|
|
|
if not WOFileUtils.grepcheck(self,
|
|
|
|
|
'/etc/security/limits.conf', '500000'):
|
|
|
|
|
with open("/etc/security/limits.conf",
|
|
|
|
|
encoding='utf-8', mode='a') as limit_file:
|
|
|
|
|
limit_file.write(
|
|
|
|
|
'* hard nofile 500000\n'
|
|
|
|
|
'* soft nofile 500000\n'
|
|
|
|
|
'root hard nofile 500000\n'
|
|
|
|
|
'root soft nofile 500000\n')
|
|
|
|
|
# custom motd-news
|
|
|
|
|
data = dict()
|
|
|
|
|
if os.path.isdir('/etc/update-motd.d/'):
|
2019-10-27 21:08:50 +01:00
|
|
|
WOTemplate.deploy(
|
|
|
|
|
self, '/etc/update-motd.d/98-wo-update',
|
|
|
|
|
'wo-update.mustache', data)
|
2019-10-28 20:07:38 +01:00
|
|
|
WOFileUtils.chmod(
|
|
|
|
|
self, "/etc/update-motd.d/98-wo-update", 0o755)
|
2019-11-11 19:06:11 +01:00
|
|
|
with open('/var/lib/wo/version.txt',
|
|
|
|
|
mode='w', encoding='utf-8') as wo_ver:
|
|
|
|
|
wo_ver.write('{0}'.format(WOVar.wo_version))
|
