From 7ea4219ee7fe2e918fc6aef45dc2a3090461c4ba Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 17 Apr 2019 04:24:44 +0200 Subject: [PATCH 1/4] fix hsts for html sites --- CHANGELOG.md | 2 +- wo/cli/plugins/site.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d71a0dc..2c0ad9e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,7 +40,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Increase MySQL root password size to 16 characters - Increase MySQL users password size to 16 characters - Nginx locations template is the same for php7.2 & 7.3 -- refactor install script - backend SSL configuration now stored in /var/www/22222/conf/nginx/ssl.conf #### Fixed @@ -58,6 +57,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - fix command "wo info" - phpmyadmin install with composer - command "wo clean --memcached" +- phpredisadmin setup ### v3.9.4 - 2019-03-15 diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index f96642f..e69c4a3 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -908,7 +908,7 @@ class WOSiteUpdateController(CementBaseController): (stype == 'wpsubdir' and oldsitetype in ['wpsubdomain']) or (stype == 'wpsubdomain' and oldsitetype in ['wpsubdir']) or (stype == oldsitetype and cache == oldcachetype) and - not pargs.php73): + not pargs.php73 or pargs.hsts): Log.info(self, Log.FAIL + "can not update {0} {1} to {2} {3}". format(oldsitetype, oldcachetype, stype, cache)) return 1 From c2d2a180e9d4ab0befa36d60d5452d4f8b260e04 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 17 Apr 2019 12:50:57 +0200 Subject: [PATCH 2/4] add hsts operation before site update --- wo/cli/plugins/site.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index e69c4a3..17fa3eb 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -899,6 +899,17 @@ class WOSiteUpdateController(CementBaseController): Log.info(self, "\nPassword Unchanged.") return 0 + if (pargs.hsts and not (pargs.html or + pargs.php or pargs.php73 or pargs.mysql or + pargs.wp or pargs.wpfc or pargs.wpsc or + pargs.wpsubdir or pargs.wpsubdomain)): + try: + setupHsts(self, wo_domain) + except SiteError as e: + Log.debug(self, str(e)) + Log.info(self, "\nFail to enable HSTS") + return 0 + if ((stype == 'php' and oldsitetype not in ['html', 'proxy', 'php73']) or (stype == 'mysql' and oldsitetype not in ['html', 'php', From 7d7ecc69e3732a03ada0549597dd9df1ec822784 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 17 Apr 2019 12:55:07 +0200 Subject: [PATCH 3/4] do not update package list with flag --travis --- .travis.yml | 2 +- install | 65 ++++++++++++++++++++++++++++++----------------------- 2 files changed, 38 insertions(+), 29 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0581229..673a75e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,7 @@ script: - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree - - sudo bash install -b $TRAVIS_BRANCH + - sudo bash install -b $TRAVIS_BRANCH --travis - sudo wo --help && sudo wo stack install && sudo wo stack install --admin - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log diff --git a/install b/install index fc47f13..a474f03 100755 --- a/install +++ b/install @@ -51,6 +51,31 @@ wo_lib_error() { exit "$2" } +### +# 1 - script argument parsing +### + +while [ "$#" -gt 0 ]; do + case "$1" in + -b | --branch) + wo_branch="$2" + shift + ;; + -p | --preserve) + wo_preserve_config="y" + ;; + --force) + wo_force_install="y" + ;; + --travis) + wo_travis="y" + ;; + *) # positional args + ;; + esac + shift +done + ### # 1 - Check whether the installation is called with elevated rights ### @@ -67,8 +92,10 @@ echo "" ### # 1- Update the apt sewers with fresh info ### +[ -z "$wo_travis" ] && { wo_lib_echo "Updating apt-get repository info" apt-get update -qq +} ### # 1- Check whether lsb_release is installed, and if not, install it @@ -78,24 +105,6 @@ if [ -z "$(command -v lsb_release)" ]; then apt-get -y install lsb-release -qq fi -while [ "$#" -gt 0 ]; do - case "$1" in - -b | --branch) - wo_branch="$2" - shift - ;; - -p | --preserve) - wo_preserve_config="y" - ;; - --force) - wo_force_install="y" - ;; - *) # positional args - ;; - esac - shift -done - ### # 1 - Define variables for later use ### @@ -124,19 +133,19 @@ fi # 1 - Checking linux distro ### if [ -z "$wo_force_install" ]; then -if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment." - wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support" - wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." - exit 100 -else - check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|jessie|stretch") - if [ -z "$check_wo_linux_distro" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04, Debian 8.x and Debian 9.x" + if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment." + wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support" + wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." exit 100 + else + check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|jessie|stretch") + if [ -z "$check_wo_linux_distro" ]; then + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04, Debian 8.x and Debian 9.x" + exit 100 + fi fi fi -fi ### # 1 - To prevent errors or unexpected behaviour, create the log and ACL it From 21a72aacd075b300eccd4eebd1930c5ff059ec6f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 17 Apr 2019 14:16:38 +0200 Subject: [PATCH 4/4] add hsts command to readme --- CHANGELOG.md | 1 + README.md | 1 + 2 files changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2c0ad9e..816b810 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -58,6 +58,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - phpmyadmin install with composer - command "wo clean --memcached" - phpredisadmin setup +- --hsts flag with basic html site ### v3.9.4 - 2019-03-15 diff --git a/README.md b/README.md index d22d233..8ed6c8f 100644 --- a/README.md +++ b/README.md @@ -130,6 +130,7 @@ wo site create example.com --proxy=127.0.0.1:3000 # create example.com with ngi ```bash wo site create example.com --wp --letsencrypt # install wordpress & secure site with letsencrypt wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt +wo site create site.tld --wp --letsencrypt --hsts # install wordpress & secure site with letsencrypt with HSTS ``` ## Update WordOps