diff --git a/.travis.yml b/.travis.yml index 77d94e6..fcb405b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,64 +1,65 @@ -sudo: required -dist: xenial - -language: bash - -notifications: - slack: wordops:MyZBNbI7JfhbAi3YyFckMdaa - -addons: - apt: - update: true - -git: - quiet: true - -before_install: - - rm -rf ~/.gnupg - -before_script: - - sudo rm -rf /etc/mysql - - sudo bash -c 'echo example.com > /etc/hostname' - - sudo apt-get -qq purge mysql* graphviz* redis* - - sudo apt-get -qq autoremove --purge - - unset LANG - - sudo apt-get install --assume-yes --quiet git python3-setuptools python3-dev python3-apt ccze tree - -script: - - lsb_release -a - - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - - sudo echo "Travis Banch = $TRAVIS_BRANCH" - - sed -i 's/# "nose"/"nose"/g' setup.py - - sed -i 's/# "coverage"/"coverage"/g' setup.py - - sed -i 's/# "Sphinx >= 1.0"/"Sphinx >= 1.0"/g' setup.py - - sudo bash install --travis - - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc - - sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 - - sudo wo site create wprocket.net --wprocket && sudo wo site create wprocket-php73.net --wprocket --php73 - - sudo wo site create wpce.net --wpce && sudo wo site create wpce-php73.net --wpce --php73 - - sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 - - sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 - - - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc && sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 - - sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 && sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain - - - sudo wo site create 1.com --html && sudo wo site create 2.com --php && sudo wo site create 3.com --mysql - - sudo wo site update 1.com --wp && sudo wo site update 2.com --php73 && sudo wo site update 3.com --php73 && sudo wo site update 1.com --wpfc && sudo wo site update 1.com --wpsc && sudo wo site update 1.com --wpredis - - sudo wp --allow-root --info - - sudo wo info - - sudo cat /etc/nginx/nginx.conf - - sudo tree -L 2 /etc/nginx - - sudo cat /etc/mysql/my.cnf - - sudo wo stack upgrade --nginx --no-prompt - - sudo wo stack upgrade --php --no-prompt - - sudo wo stack upgrade --netdata --no-prompt - - sudo wo stack upgrade --phpmyadmin --no-prompt - - sudo wo stack upgrade --composer --no-prompt - - sudo wo update --travis - - sudo wo stack status - - sudo tar -I pigz -cf wordops.tar.gz /var/log/wo - - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "wordops.tar.gz") && echo "" | sudo tee -a $HOME/.transfer.log && echo "" - - echo "yes" | sudo wo stack purge --all - - sudo bash install --purge +sudo: required +dist: xenial + +language: bash + +notifications: + slack: wordops:MyZBNbI7JfhbAi3YyFckMdaa + +addons: + apt: + update: true + +git: + quiet: true + +before_install: + - rm -rf ~/.gnupg + +before_script: + - sudo rm -rf /etc/mysql + - sudo bash -c 'echo example.com > /etc/hostname' + - sudo apt-get -qq purge mysql* graphviz* redis* + - sudo apt-get -qq autoremove --purge + - unset LANG + - sudo apt-get install --assume-yes --quiet git python3-setuptools python3-dev python3-apt ccze tree + +script: + - lsb_release -a + - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' + - sudo echo "Travis Banch = $TRAVIS_BRANCH" + - sed -i 's/# "nose"/"nose"/g' setup.py + - sed -i 's/# "coverage"/"coverage"/g' setup.py + - sed -i 's/# "Sphinx >= 1.0"/"Sphinx >= 1.0"/g' setup.py + - sudo bash install --travis + - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd + - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 + - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc + - sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 + - sudo wo site create wprocket.net --wprocket && sudo wo site create wprocket-php73.net --wprocket --php73 + - sudo wo site create wpce.net --wpce && sudo wo site create wpce-php73.net --wpce --php73 + - sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 + - sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 + + - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc && sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 + - sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 && sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain + + - sudo wo site create 1.com --html && sudo wo site create 2.com --php && sudo wo site create 3.com --mysql + - sudo wo site update 1.com --wp && sudo wo site update 2.com --php73 && sudo wo site update 3.com --php73 && sudo wo site update 1.com --wpfc && sudo wo site update 1.com --wpsc && sudo wo site update 1.com --wpredis + - sudo wp --allow-root --info + - sudo wo info + - sudo cat /etc/nginx/nginx.conf + - sudo tree -L 2 /etc/nginx + - sudo cat /etc/mysql/my.cnf + - sudo wo stack upgrade --nginx --force + - sudo wo stack upgrade --php --force + - sudo wo stack upgrade --netdata --force + - sudo wo stack upgrade --phpmyadmin --force + - sudo wo stack upgrade --composer --force + - sudo wo stack upgrade --dashboard --force + - sudo wo update --travis + - sudo wo stack status + - sudo tar -I pigz -cf wordops.tar.gz /var/log/wo + - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "wordops.tar.gz") && echo "" | sudo tee -a $HOME/.transfer.log && echo "" + - echo "yes" | sudo wo stack purge --all --force + - sudo bash install --purge diff --git a/CHANGELOG.md b/CHANGELOG.md index 07c1fc5..bcdc614 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,334 +1,344 @@ -# Changelog - -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - -## Releases - -### v3.9.x - [Unreleased] - -### v3.9.8 - 2019-08-16 - -#### Added - -- Allow web browser caching for json and webmanifest files -- nginx-core.mustache template used to render nginx.conf during stack setup -- APT Packages configuration step with `wo stack upgrade` to apply new configurations -- Cloudflare restore real_ip configuration -- WP-Rocket plugin support with the flag `--wprocket` -- Cache-Enabler plugin support with the flag `--wpce` -- Install unattended-upgrade and enable automated security updates -- Enable time synchronization with ntp -- Additional cache exception for woocommerce - -#### Changed - -- Do not force Nginx upgrade if a custom Nginx package compiled with nginx-ee is detected -- Gzip enabled again by default with configuration in /etc/nginx/conf.d/gzip.conf -- Brotli configuration moved in /etc/nginx/conf.d/brotli.conf.disabled (disabled by default) -- Moving package configuration in a new plugin stack_pref.py -- Cleanup templates by removing all doublons (with/without php7) and replacing them with variables -- Updated Nginx to v1.16.1 in response to HTTP/2 vulnerabilites discovered -- Disable temporary adding swap feature (not working) -- `wo stack upgrade --nginx` is now able to apply new configurations during `wo update`, it highly reduce upgrade duration - -#### Fixed - -- Error in HSTS header syntax - -### v3.9.7.2 - 2019-08-12 - -#### Fixed - -- redis.conf permissions additional fix - -### v3.9.7.1 - 2019-08-09 - -#### Changed - -- Set WordOps backend password length from 16 to 24 -- Upgrade framework cement to 2.6.0 -- Upgrade PyMySQL to 0.9.3 -- Upgrade Psutil to 5.6.3 - -#### Fixed - -- Missing import in `wo sync` -- redis.conf incorrect permissions - -### v3.9.7 - 2019-08-02 - -#### Added - -- MySQL configuration tuning -- Cronjob to optimize MySQL databases weekly -- WO-kernel systemd service to automatically apply kernel tweaks on server startup -- Proftpd stack now secured with TLS -- New Nginx package built with Brotli from operating system libraries -- Brotli configuration with only well compressible MIME types -- WordPress site url automatically updated to `https://domain.tld` when using `-le/--letsencrypt` flag -- More informations during certificate issuance about validation mode selected -- `--php72` as alternative for `--php` -- Automated removal of the deprecated variable `ssl on;` in previous Nginx ssl.conf -- Project Contributing guidelines -- Project Code of conduct - -#### Changed - -- `wo maintenance` refactored -- Improved debug log -- Updated Nginx configuration process to not overwrite files with custom data (htpasswd-wo, acl.conf etc..) -- Adminer updated to v4.7.2 -- eXtplorer updated to v2.1.13 -- Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues -- Several code quality improvements to speed up WordOps execution -- Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) -- Added /dev/urandom & /dev/shm to open_basedir in PHP-FPM configuration - -#### Fixed - -- Kernel tweaks were not applied without server reboot -- Fail2ban standalone install -- `wo stack purge --all` error due to PHP7.3 check -- Nginx helper configuration during plugin install for Nginx fastcgi_cache and redis-cache -- phpRedisAdmin stack installation -- Fixed Travis CI build on pull requests -- Nginx `server_names_hash_bucket_size` variable error after WordOps upgrade - -### v3.9.6.2 - 2019-07-24 - -#### Changed - -- Improve `wo update` process duration -- Improve package install/upgrade/remove process - -#### Fixed - -- phpMyAdmin archive download link archive -- Arguments `--letsencrypt=clean/purge` -- Incorrect directory removal during stack upgrade - -### v3.9.6.1 - 2019-07-23 - -#### Fixed - -- Typo in `--letsencrypt=subdomain` -- phpMyAdmin upgrade archive extraction -- Error in the command `wo update`. Please `wo update --beta` as workaround - -### v3.9.6 - 2019-07-20 - -#### Added - -- New Nginx package on Ubuntu with Cloudflare HTTP/2 HPACK and Dynamic TLS records -- phpMyAdmin upgrade with `wo stack upgrade --phpmyadmin` -- Wildcard SSL Certificates support with DNS validation -- Let's Encrypt DNS API support (Cloudflare, DigitalOcean, etc ..) on domain, subdomain, and wildcard -- Flag `--letsencrypt=clean` to purge a previous SSL configuration -- Support for Debian 10 buster (testing - not ready for production) -- Fail2ban with custom jails to secure WordPress & SSH -- Variable `keylength` in /etc/wo/wo.conf to define letsencrypt certificate keylenght -- ProFTPd stack with UFW & Fail2ban configurationz -- Beta branch and command `wo update --beta` for beta releases -- Extra directives in wp-config.php (limit posts revisions, set max_memory, enable auto-update for minor-releases) - -#### Fixed - -- Nginx was not reloaded after enabling HSTS -- Netdata, Composer & Fail2Ban stack remove and purge -- WordPress not installed by `wo site update` with basic php73 sites - -### v3.9.5.4 - 2019-07-13 - -#### Added - -- New Nginx package on Ubuntu with TLS v1.3 support (OpenSSL 1.1.1c) -- Netdata upgrade with `wo stack upgrade --netdata` -- Netdata stack remove/purge - -#### Changed - -- phpRedisAdmin is now installed with the stack `--admin` -- Remove memcached - not required anymore - -#### Fixed - -- phpRedisAdmin installation -- Duplicated locations /robots.txt after upgrade to v3.9.5.3 -- Let's Encrypt stack `wo site update --letsencrypt/--letsencrypt=off` -- pt-query-advisor dead link -- Netdata persistant configuration - -### v3.9.5.3 - 2019-06-18 - -#### Added - -- Argument `--preserve` with the command `wo update` to keep current Nginx configuration - -#### Fixed - -- Nginx upgrade failure when running wo update - -### v3.9.5.2 - 2019-06-17 - -#### Added - -- Non-interactive install/upgrade -- Argument `--force` with the command `wo update` -- Argument `-s|--silent` to perform non interactive installation - -#### Changed - -- robots.txt location block moved from locations-wo.conf to wpcommon(-php7).php - -#### Fixed - -- WP_CACHE_KEY_SALT set twice with wpredis -- WordOps version check when using `wo update` -- robots.txt file download if not created -- PHP-FPM socket path in stub_status.conf : PR [#82](https://github.com/WordOps/WordOps/pull/82) - -### v3.9.5.1 - 2019-05-10 - -#### Fixed - -- Adminer download link - -### v3.9.5 - 2019-05-02 - -#### Added - -- IPv6 support with HTTPS -- Brotli support in Nginx -- Let's Encrypt support with --proxy -- Install script handle migration from EEv3 -- load-balancing on unix socket for php-fpm -- stub_status vhost for metrics -- `--letsencrypt=subdomain` option -- opcache optimization for php-fpm -- EasyEngine configuration backup before migration -- EasyEngine configuration cleanup after migration -- WordOps configuration backup before upgrade -- Previous acme.sh certs migration -- "wo maintenance" command to perform server package update & cleanup -- Support for Netdata on backend : https://server.hostname:22222/netdata/ -- New Stacks : composer and netdata -- additional argument for letsencrypt : --hsts -- Clean Theme for adminer -- Credits for tools shipped with WordOps -- Cache exception for Easy Digital Download -- Additional cache exceptions for Woocommerce -- MySQL monitoring with Netdata -- WordOps-dashboard on 22222, can be installed with `wo stack install` -- Extplorer filemanager in WordOps backend -- Enable OSCP Stapling with Let's Encrypt -- Compress database backup with pigz (faster than gzip) before updating sites -- Support for Ubuntu 19.04 (disco) - few php extensions missing -- Support for Raspbian 9 (stretch) - tested on Raspberry Pi 3b+ -- backup letsencrypt certificate before upgrade -- directives emergency_restart_threshold & emergency_restart_interval to restart php-fpm in case of failure -- EasyEngine cronjob removal during install -- Kernel tweaks via systctl.conf -- open_basedir on php-fpm process to forbid access with php outside of /var/www & /run/nginx-cache - -#### Changed - -- letsencrypt stack refactored with acme.sh -- letsencrypt validation with webroot folder -- hardened nginx ssl_ecdh_curve -- Update phpredisadmin -- Increase MySQL root password size to 24 characters -- Increase MySQL users password size to 24 characters -- Nginx locations template is the same for php7.2 & 7.3 -- backend SSL configuration now stored in /var/www/22222/conf/nginx/ssl.conf -- Install Netdata with static pre-built binaries instead of having to compile it from source -- Nginx updated to new stable release (1.16.0) -- New packages (phpmyadmin, adminer, composer) are not download in /tmp anymore - -#### Fixed - -- PHP 7.3 extras when php 7.2 isn't installed -- acme.sh installation -- acme.sh alias with config home variable -- deb.sury.org repository gpg key -- Nginx upgrade from previous WordOps release -- Force new Nginx templates during update -- Error message about missing my.cnf file during upgrade -- PHP 7.2 & PHP 7.3 pool configuration during upgrade -- WordOps backup directory creation before upgrade -- EasyEngine database sync during migration -- fix command "wo info" -- phpmyadmin install with composer -- command "wo clean --memcached" -- phpredisadmin setup -- --hsts flag with basic html site -- hsts flag on site not secure with letsencrypt -- fix import of previous acme.sh certificate -- fix proxy webroot folder creation - -### v3.9.4 - 2019-03-15 - -#### Added - -- Nginx module nginx_vts -- Migration script from nginx-ee to nginx-wo -- Support for Debian 9 (testing) -- New Nginx build v1.14.2 - -#### Changed - -- Update WP-CLI version to 2.1.0 -- Update Adminer to 4.6.2 -- Update predis to v1.1.1 -- Refactored nginx.conf -- Removed HHVM Stack -- Removed old linux distro checks -- Replace wo-acme-sh by acme.sh - -#### Fixed - -- Outdated Nginx ssl_ciphers suite -- Debian 9 nginx build - -### v3.9.3 - 2019-03-07 - -#### Changed - -- Updated Nginx fastcgi_cache templates -- Updated Nginx redis_cache templates -- Updated Nginx wp-super-cache templates -- Updated Nginx configuration for WordPress 5.0 -- remove --experimental args -- MariaDB version bumped to 10.3 -- Refactored Changelog -- Updated WO manual -- Updated WO bash_completion -- Refactored README.md - -#### Added - -- Add WebP image support with Nginx mapping -- Add PHP 7.3 support -- WordPress $skip_cache variable mapping - -#### Fixed - -- Nginx variable $webp_suffix on fresh install ([#21](https://github.com/WordOps/WordOps/issues/21)) -- wo update command ([#7](https://github.com/WordOps/WordOps/issues/7)) -- Fix php services management ([#12](https://github.com/WordOps/WordOps/issues/12)) -- Fix WP-CLI install - -### v3.9.2 - 2018-11-30 - -#### Changed - -- Re-branded the fork to WordOps -- Codebase cleanup -- Set PHP 7.2 as the default -- Included support for newer OS releases -- Reworked the HTTPS configuration -- Added more automated testing with Redis -- Replaced Postfix with smtp-cli -- Dropped mail services +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), + +## Releases + +### v3.9.x - [Unreleased] + +#### Changed + +- Extra Nginx directives moved from nginx.conf to conf.d/tweaks.conf + +#### Fixed + +- MySQLTuner installation +- `wo stack remove/purge --all` +- variable substitution in install script + +### v3.9.8 - 2019-08-16 + +#### Added + +- Allow web browser caching for json and webmanifest files +- nginx-core.mustache template used to render nginx.conf during stack setup +- APT Packages configuration step with `wo stack upgrade` to apply new configurations +- Cloudflare restore real_ip configuration +- WP-Rocket plugin support with the flag `--wprocket` +- Cache-Enabler plugin support with the flag `--wpce` +- Install unattended-upgrade and enable automated security updates +- Enable time synchronization with ntp +- Additional cache exception for woocommerce + +#### Changed + +- Do not force Nginx upgrade if a custom Nginx package compiled with nginx-ee is detected +- Gzip enabled again by default with configuration in /etc/nginx/conf.d/gzip.conf +- Brotli configuration moved in /etc/nginx/conf.d/brotli.conf.disabled (disabled by default) +- Moving package configuration in a new plugin stack_pref.py +- Cleanup templates by removing all doublons (with/without php7) and replacing them with variables +- Updated Nginx to v1.16.1 in response to HTTP/2 vulnerabilites discovered +- Disable temporary adding swap feature (not working) +- `wo stack upgrade --nginx` is now able to apply new configurations during `wo update`, it highly reduce upgrade duration + +#### Fixed + +- Error in HSTS header syntax + +### v3.9.7.2 - 2019-08-12 + +#### Fixed + +- redis.conf permissions additional fix + +### v3.9.7.1 - 2019-08-09 + +#### Changed + +- Set WordOps backend password length from 16 to 24 +- Upgrade framework cement to 2.6.0 +- Upgrade PyMySQL to 0.9.3 +- Upgrade Psutil to 5.6.3 + +#### Fixed + +- Missing import in `wo sync` +- redis.conf incorrect permissions + +### v3.9.7 - 2019-08-02 + +#### Added + +- MySQL configuration tuning +- Cronjob to optimize MySQL databases weekly +- WO-kernel systemd service to automatically apply kernel tweaks on server startup +- Proftpd stack now secured with TLS +- New Nginx package built with Brotli from operating system libraries +- Brotli configuration with only well compressible MIME types +- WordPress site url automatically updated to `https://domain.tld` when using `-le/--letsencrypt` flag +- More informations during certificate issuance about validation mode selected +- `--php72` as alternative for `--php` +- Automated removal of the deprecated variable `ssl on;` in previous Nginx ssl.conf +- Project Contributing guidelines +- Project Code of conduct + +#### Changed + +- `wo maintenance` refactored +- Improved debug log +- Updated Nginx configuration process to not overwrite files with custom data (htpasswd-wo, acl.conf etc..) +- Adminer updated to v4.7.2 +- eXtplorer updated to v2.1.13 +- Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues +- Several code quality improvements to speed up WordOps execution +- Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) +- Added /dev/urandom & /dev/shm to open_basedir in PHP-FPM configuration + +#### Fixed + +- Kernel tweaks were not applied without server reboot +- Fail2ban standalone install +- `wo stack purge --all` error due to PHP7.3 check +- Nginx helper configuration during plugin install for Nginx fastcgi_cache and redis-cache +- phpRedisAdmin stack installation +- Fixed Travis CI build on pull requests +- Nginx `server_names_hash_bucket_size` variable error after WordOps upgrade + +### v3.9.6.2 - 2019-07-24 + +#### Changed + +- Improve `wo update` process duration +- Improve package install/upgrade/remove process + +#### Fixed + +- phpMyAdmin archive download link archive +- Arguments `--letsencrypt=clean/purge` +- Incorrect directory removal during stack upgrade + +### v3.9.6.1 - 2019-07-23 + +#### Fixed + +- Typo in `--letsencrypt=subdomain` +- phpMyAdmin upgrade archive extraction +- Error in the command `wo update`. Please `wo update --beta` as workaround + +### v3.9.6 - 2019-07-20 + +#### Added + +- New Nginx package on Ubuntu with Cloudflare HTTP/2 HPACK and Dynamic TLS records +- phpMyAdmin upgrade with `wo stack upgrade --phpmyadmin` +- Wildcard SSL Certificates support with DNS validation +- Let's Encrypt DNS API support (Cloudflare, DigitalOcean, etc ..) on domain, subdomain, and wildcard +- Flag `--letsencrypt=clean` to purge a previous SSL configuration +- Support for Debian 10 buster (testing - not ready for production) +- Fail2ban with custom jails to secure WordPress & SSH +- Variable `keylength` in /etc/wo/wo.conf to define letsencrypt certificate keylenght +- ProFTPd stack with UFW & Fail2ban configurationz +- Beta branch and command `wo update --beta` for beta releases +- Extra directives in wp-config.php (limit posts revisions, set max_memory, enable auto-update for minor-releases) + +#### Fixed + +- Nginx was not reloaded after enabling HSTS +- Netdata, Composer & Fail2Ban stack remove and purge +- WordPress not installed by `wo site update` with basic php73 sites + +### v3.9.5.4 - 2019-07-13 + +#### Added + +- New Nginx package on Ubuntu with TLS v1.3 support (OpenSSL 1.1.1c) +- Netdata upgrade with `wo stack upgrade --netdata` +- Netdata stack remove/purge + +#### Changed + +- phpRedisAdmin is now installed with the stack `--admin` +- Remove memcached - not required anymore + +#### Fixed + +- phpRedisAdmin installation +- Duplicated locations /robots.txt after upgrade to v3.9.5.3 +- Let's Encrypt stack `wo site update --letsencrypt/--letsencrypt=off` +- pt-query-advisor dead link +- Netdata persistant configuration + +### v3.9.5.3 - 2019-06-18 + +#### Added + +- Argument `--preserve` with the command `wo update` to keep current Nginx configuration + +#### Fixed + +- Nginx upgrade failure when running wo update + +### v3.9.5.2 - 2019-06-17 + +#### Added + +- Non-interactive install/upgrade +- Argument `--force` with the command `wo update` +- Argument `-s|--silent` to perform non interactive installation + +#### Changed + +- robots.txt location block moved from locations-wo.conf to wpcommon(-php7).php + +#### Fixed + +- WP_CACHE_KEY_SALT set twice with wpredis +- WordOps version check when using `wo update` +- robots.txt file download if not created +- PHP-FPM socket path in stub_status.conf : PR [#82](https://github.com/WordOps/WordOps/pull/82) + +### v3.9.5.1 - 2019-05-10 + +#### Fixed + +- Adminer download link + +### v3.9.5 - 2019-05-02 + +#### Added + +- IPv6 support with HTTPS +- Brotli support in Nginx +- Let's Encrypt support with --proxy +- Install script handle migration from EEv3 +- load-balancing on unix socket for php-fpm +- stub_status vhost for metrics +- `--letsencrypt=subdomain` option +- opcache optimization for php-fpm +- EasyEngine configuration backup before migration +- EasyEngine configuration cleanup after migration +- WordOps configuration backup before upgrade +- Previous acme.sh certs migration +- "wo maintenance" command to perform server package update & cleanup +- Support for Netdata on backend : https://server.hostname:22222/netdata/ +- New Stacks : composer and netdata +- additional argument for letsencrypt : --hsts +- Clean Theme for adminer +- Credits for tools shipped with WordOps +- Cache exception for Easy Digital Download +- Additional cache exceptions for Woocommerce +- MySQL monitoring with Netdata +- WordOps-dashboard on 22222, can be installed with `wo stack install` +- Extplorer filemanager in WordOps backend +- Enable OSCP Stapling with Let's Encrypt +- Compress database backup with pigz (faster than gzip) before updating sites +- Support for Ubuntu 19.04 (disco) - few php extensions missing +- Support for Raspbian 9 (stretch) - tested on Raspberry Pi 3b+ +- backup letsencrypt certificate before upgrade +- directives emergency_restart_threshold & emergency_restart_interval to restart php-fpm in case of failure +- EasyEngine cronjob removal during install +- Kernel tweaks via systctl.conf +- open_basedir on php-fpm process to forbid access with php outside of /var/www & /run/nginx-cache + +#### Changed + +- letsencrypt stack refactored with acme.sh +- letsencrypt validation with webroot folder +- hardened nginx ssl_ecdh_curve +- Update phpredisadmin +- Increase MySQL root password size to 24 characters +- Increase MySQL users password size to 24 characters +- Nginx locations template is the same for php7.2 & 7.3 +- backend SSL configuration now stored in /var/www/22222/conf/nginx/ssl.conf +- Install Netdata with static pre-built binaries instead of having to compile it from source +- Nginx updated to new stable release (1.16.0) +- New packages (phpmyadmin, adminer, composer) are not download in /tmp anymore + +#### Fixed + +- PHP 7.3 extras when php 7.2 isn't installed +- acme.sh installation +- acme.sh alias with config home variable +- deb.sury.org repository gpg key +- Nginx upgrade from previous WordOps release +- Force new Nginx templates during update +- Error message about missing my.cnf file during upgrade +- PHP 7.2 & PHP 7.3 pool configuration during upgrade +- WordOps backup directory creation before upgrade +- EasyEngine database sync during migration +- fix command "wo info" +- phpmyadmin install with composer +- command "wo clean --memcached" +- phpredisadmin setup +- --hsts flag with basic html site +- hsts flag on site not secure with letsencrypt +- fix import of previous acme.sh certificate +- fix proxy webroot folder creation + +### v3.9.4 - 2019-03-15 + +#### Added + +- Nginx module nginx_vts +- Migration script from nginx-ee to nginx-wo +- Support for Debian 9 (testing) +- New Nginx build v1.14.2 + +#### Changed + +- Update WP-CLI version to 2.1.0 +- Update Adminer to 4.6.2 +- Update predis to v1.1.1 +- Refactored nginx.conf +- Removed HHVM Stack +- Removed old linux distro checks +- Replace wo-acme-sh by acme.sh + +#### Fixed + +- Outdated Nginx ssl_ciphers suite +- Debian 9 nginx build + +### v3.9.3 - 2019-03-07 + +#### Changed + +- Updated Nginx fastcgi_cache templates +- Updated Nginx redis_cache templates +- Updated Nginx wp-super-cache templates +- Updated Nginx configuration for WordPress 5.0 +- remove --experimental args +- MariaDB version bumped to 10.3 +- Refactored Changelog +- Updated WO manual +- Updated WO bash_completion +- Refactored README.md + +#### Added + +- Add WebP image support with Nginx mapping +- Add PHP 7.3 support +- WordPress $skip_cache variable mapping + +#### Fixed + +- Nginx variable $webp_suffix on fresh install ([#21](https://github.com/WordOps/WordOps/issues/21)) +- wo update command ([#7](https://github.com/WordOps/WordOps/issues/7)) +- Fix php services management ([#12](https://github.com/WordOps/WordOps/issues/12)) +- Fix WP-CLI install + +### v3.9.2 - 2018-11-30 + +#### Changed + +- Re-branded the fork to WordOps +- Codebase cleanup +- Set PHP 7.2 as the default +- Included support for newer OS releases +- Reworked the HTTPS configuration +- Added more automated testing with Redis +- Replaced Postfix with smtp-cli +- Dropped mail services - Dropped w3tc support \ No newline at end of file diff --git a/install b/install index 25773ee..87493c2 100755 --- a/install +++ b/install @@ -7,7 +7,7 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.8 - 2019-08-16 +# Version 3.9.8 - 2019-08-17 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" readonly wo_version_new="3.9.8" @@ -186,6 +186,7 @@ wo_install_dep() { apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \ gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 + add-apt-repository ppa:wordops/nginx-wo -yu else # install dependencies apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ diff --git a/tests/cli/13_test_stack.py b/tests/cli/13_test_stack.py index 107adc7..63939cb 100644 --- a/tests/cli/13_test_stack.py +++ b/tests/cli/13_test_stack.py @@ -9,6 +9,12 @@ class CliTestCaseStack(test.WOTestCase): self.app.run() self.app.close() + def test_wo_cli_stack_install(self): + self.app = get_test_app(argv=['stack', 'install']) + self.app.setup() + self.app.run() + self.app.close() + def test_wo_cli_stack_install_web(self): self.app = get_test_app(argv=['stack', 'install', '--web']) self.app.setup() diff --git a/tests/cli/test_secure.py b/tests/cli/test_secure.py index 4b6c527..1656134 100644 --- a/tests/cli/test_secure.py +++ b/tests/cli/test_secure.py @@ -10,19 +10,19 @@ class CliTestCaseSecure(test.WOTestCase): self.app.close() def test_wo_cli_secure_auth(self): - self.app = get_test_app(argv=['secure', '--auth']) + self.app = get_test_app(argv=['secure', '--auth', 'abc', 'superpass']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_secure_port(self): - self.app = get_test_app(argv=['secure', '--port']) + self.app = get_test_app(argv=['secure', '--port', '22222']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_secure_ip(self): - self.app = get_test_app(argv=['secure', '--ip']) + self.app = get_test_app(argv=['secure', '--ip', '172.16.0.1']) self.app.setup() self.app.run() self.app.close() diff --git a/tests/cli/test_stack_purge.py b/tests/cli/test_stack_purge.py index 3362360..c940744 100644 --- a/tests/cli/test_stack_purge.py +++ b/tests/cli/test_stack_purge.py @@ -10,55 +10,64 @@ class CliTestCaseStack(test.WOTestCase): self.app.close() def test_wo_cli_stack_purge_web(self): - self.app = get_test_app(argv=['stack', 'purge', '--web']) + self.app = get_test_app(argv=['stack', 'purge', + '--web', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_admin(self): - self.app = get_test_app(argv=['stack', 'purge', '--admin']) + self.app = get_test_app(argv=['stack', 'purge', + '--admin', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_nginx(self): - self.app = get_test_app(argv=['stack', 'purge', '--nginx']) + self.app = get_test_app(argv=['stack', 'purge', + '--nginx', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_php(self): - self.app = get_test_app(argv=['stack', 'purge', '--php']) + self.app = get_test_app(argv=['stack', 'purge', + '--php', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_mysql(self): - self.app = get_test_app(argv=['stack', 'purge', '--mysql']) + self.app = get_test_app(argv=['stack', 'purge', + '--mysql', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_wpcli(self): - self.app = get_test_app(argv=['stack', 'purge', '--wpcli']) + self.app = get_test_app(argv=['stack', 'purge', + '--wpcli', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_phpmyadmin(self): - self.app = get_test_app(argv=['stack', 'purge', '--phpmyadmin']) + self.app = get_test_app( + argv=['stack', 'purge', '--phpmyadmin', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_adminer(self): - self.app = get_test_app(argv=['stack', 'purge', '--adminer']) + self.app = get_test_app( + argv=['stack', 'purge', '--adminer', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_purge_utils(self): - self.app = get_test_app(argv=['stack', 'purge', '--utils']) + self.app = get_test_app(argv=['stack', 'purge', + '--utils', '--force']) self.app.setup() self.app.run() self.app.close() diff --git a/tests/cli/test_stack_remove.py b/tests/cli/test_stack_remove.py index 7380e87..08a29ad 100644 --- a/tests/cli/test_stack_remove.py +++ b/tests/cli/test_stack_remove.py @@ -10,55 +10,57 @@ class CliTestCaseStack(test.WOTestCase): self.app.close() def test_wo_cli_stack_remove_web(self): - self.app = get_test_app(argv=['stack', 'remove', '--web']) + self.app = get_test_app(argv=['stack', 'remove', '--web', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_admin(self): - self.app = get_test_app(argv=['stack', 'remove', '--admin']) + self.app = get_test_app(argv=['stack', 'remove', '--admin', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_nginx(self): - self.app = get_test_app(argv=['stack', 'remove', '--nginx']) + self.app = get_test_app(argv=['stack', 'remove', '--nginx', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_php(self): - self.app = get_test_app(argv=['stack', 'remove', '--php']) + self.app = get_test_app(argv=['stack', 'remove', '--php', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_mysql(self): - self.app = get_test_app(argv=['stack', 'remove', '--mysql']) + self.app = get_test_app(argv=['stack', 'remove', '--mysql', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_wpcli(self): - self.app = get_test_app(argv=['stack', 'remove', '--wpcli']) + self.app = get_test_app(argv=['stack', 'remove', '--wpcli', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_phpmyadmin(self): - self.app = get_test_app(argv=['stack', 'remove', '--phpmyadmin']) + self.app = get_test_app(argv=['stack', 'remove', + '--phpmyadmin', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_adminer(self): - self.app = get_test_app(argv=['stack', 'remove', '--adminer']) + self.app = get_test_app( + argv=['stack', 'remove', '--adminer', '--force']) self.app.setup() self.app.run() self.app.close() def test_wo_cli_stack_install_utils(self): - self.app = get_test_app(argv=['stack', 'remove', '--utils']) + self.app = get_test_app(argv=['stack', 'remove', '--utils', '--force']) self.app.setup() self.app.run() self.app.close() diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index a3d110d..d925c78 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -840,10 +840,6 @@ def site_package_check(self, stype): Log.debug(self, "Setting apt_packages variable for MySQL") if not WOShellExec.cmd_exec(self, "/usr/bin/mysqladmin ping"): apt_packages = apt_packages + WOVariables.wo_mysql - packages = packages + [["https://raw.githubusercontent.com/" - "major/MySQLTuner-perl/master/" - "mysqltuner.pl", "/usr/bin/mysqltuner", - "MySQLTuner"]] if stype in ['wp', 'wpsubdir', 'wpsubdomain']: Log.debug(self, "Setting packages variable for WP-CLI") diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 3320a6d..37f2bcc 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -21,7 +21,6 @@ from wo.cli.plugins.stack_migrate import WOStackMigrateController from wo.cli.plugins.stack_services import WOStackStatusController from wo.cli.plugins.stack_upgrade import WOStackUpgradeController from wo.cli.plugins.stack_pref import pre_pref, post_pref -from wo.core.addswap import WOSwap from wo.core.apt_repo import WORepo from wo.core.aptget import WOAptGet from wo.core.cron import WOCron @@ -66,6 +65,8 @@ class WOStackController(CementBaseController): (['--mysqlclient'], dict(help='Install MySQL client for remote MySQL server', action='store_true')), + (['--mysqltuner'], + dict(help='Install MySQLTuner stack', action='store_true')), (['--wpcli'], dict(help='Install WPCLI stack', action='store_true')), (['--phpmyadmin'], @@ -114,7 +115,7 @@ class WOStackController(CementBaseController): (not pargs.phpmyadmin) and (not pargs.composer) and (not pargs.netdata) and (not pargs.dashboard) and (not pargs.fail2ban) and (not pargs.security) - and (not pargs.mysqlclient) and + and (not pargs.mysqlclient) and (not pargs.mysqltuner) and (not pargs.adminer) and (not pargs.utils) and (not pargs.redis) and (not pargs.proftpd) and (not pargs.phpredisadmin) and @@ -147,6 +148,7 @@ class WOStackController(CementBaseController): pargs.netdata = True pargs.dashboard = True pargs.phpredisadmin = True + pargs.mysqltuner = True if pargs.security: pargs.fail2ban = True @@ -213,12 +215,6 @@ class WOStackController(CementBaseController): Log.debug(self, "Setting apt_packages variable for MySQL") if not WOShellExec.cmd_exec(self, "mysqladmin ping"): apt_packages = apt_packages + WOVariables.wo_mysql - packages = packages + [["https://raw." - "githubusercontent.com/" - "major/MySQLTuner-perl" - "/master/mysqltuner.pl", - "/usr/bin/mysqltuner", - "MySQLTuner"]] if pargs.mysqlclient: Log.debug(self, "Setting apt_packages variable " @@ -319,6 +315,15 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot), "Adminer theme"]] + if pargs.mysqltuner: + Log.debug(self, "Setting packages variable for MySQLTuner ") + packages = packages + [["https://raw." + "githubusercontent.com/" + "major/MySQLTuner-perl" + "/master/mysqltuner.pl", + "/usr/bin/mysqltuner", + "MySQLTuner"]] + # Netdata if pargs.netdata: Log.debug(self, "Setting packages variable for Netdata") @@ -437,7 +442,8 @@ class WOStackController(CementBaseController): (not pargs.adminer) and (not pargs.utils) and (not pargs.composer) and (not pargs.netdata) and (not pargs.fail2ban) and (not pargs.proftpd) and - (not pargs.security) and + (not pargs.security) and (not pargs.mysqltuner) and + (not pargs.mysqlclient) and (not pargs.all) and (not pargs.redis) and (not pargs.phpredisadmin)): pargs.web = True @@ -448,6 +454,10 @@ class WOStackController(CementBaseController): pargs.web = True pargs.admin = True pargs.php73 = True + pargs.fail2ban = True + pargs.proftpd = True + pargs.utils = True + pargs.redis = True if pargs.web: pargs.nginx = True @@ -459,10 +469,7 @@ class WOStackController(CementBaseController): pargs.composer = True pargs.utils = True pargs.netdata = True - if os.path.isdir('{0}22222/htdocs' - .format(WOVariables.wo_webroot)): - packages = packages + ['{0}22222/htdocs/*' - .format(WOVariables.wo_webroot)] + pargs.mysqltuner = True if pargs.security: pargs.fail2ban = True @@ -472,9 +479,7 @@ class WOStackController(CementBaseController): if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Removing apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx - else: - Log.error(self, "Cannot Remove! Nginx Stable " - "version not found.") + # PHP 7.2 if pargs.php: Log.debug(self, "Removing apt_packages variable of PHP") @@ -484,8 +489,6 @@ class WOStackController(CementBaseController): WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php - else: - Log.error(self, "PHP 7.2 not found") # PHP7.3 if pargs.php73: @@ -496,8 +499,6 @@ class WOStackController(CementBaseController): WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php73 - else: - Log.error(self, "PHP 7.3 not found") # REDIS if pargs.redis: @@ -508,43 +509,39 @@ class WOStackController(CementBaseController): if pargs.mysql: Log.debug(self, "Removing apt_packages variable of MySQL") apt_packages = apt_packages + WOVariables.wo_mysql - packages = packages + ['/usr/bin/mysqltuner'] # fail2ban if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): Log.debug(self, "Remove apt_packages variable of Fail2ban") apt_packages = apt_packages + WOVariables.wo_fail2ban - else: - Log.error(self, "Fail2ban not found") # proftpd if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): Log.debug(self, "Remove apt_packages variable for ProFTPd") apt_packages = apt_packages + ["proftpd-basic"] - else: - Log.error(self, "ProFTPd not found") # WPCLI if pargs.wpcli: Log.debug(self, "Removing package variable of WPCLI ") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] - else: - Log.warn(self, "WP-CLI is not installed with WordOps") + # PHPMYADMIN if pargs.phpmyadmin: - Log.debug(self, "Removing package variable of phpMyAdmin ") + Log.debug(self, "Removing package of phpMyAdmin ") packages = packages + ['{0}22222/htdocs/db/pma' .format(WOVariables.wo_webroot)] # Composer if pargs.composer: - Log.debug(self, "Removing package variable of Composer ") + Log.debug(self, "Removing package of Composer ") if os.path.isfile('/usr/local/bin/composer'): packages = packages + ['/usr/local/bin/composer'] - else: - Log.warn(self, "Composer is not installed with WordOps") + + if pargs.mysqltuner: + Log.debug(self, "Removing packages for MySQLTuner ") + packages = packages + ['/usr/bin/mysqltuner'] # PHPREDISADMIN if pargs.phpredisadmin: @@ -593,31 +590,30 @@ class WOStackController(CementBaseController): 'Any answer other than ' '"yes" will be stop this' ' operation : ') + if (wo_prompt != 'YES' or wo_prompt != 'yes'): + Log.error(self, "Not removing packages") - if (wo_prompt == 'YES' or wo_prompt == 'yes' - or pargs.force): + if (set(["nginx-custom"]).issubset(set(apt_packages))): + WOService.stop_service(self, 'nginx') - if (set(["nginx-custom"]).issubset(set(apt_packages))): - WOService.stop_service(self, 'nginx') + # Netdata uninstaller + if (set(['/var/lib/wo/tmp/' + 'kickstart.sh']).issubset(set(packages))): + WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" + "libexec/netdata-" + "uninstaller.sh -y -f") - # Netdata uninstaller - if (set(['/var/lib/wo/tmp/' - 'kickstart.sh']).issubset(set(packages))): - WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" - "libexec/netdata-" - "uninstaller.sh -y -f") + if (packages): + WOFileUtils.remove(self, packages) + WOAptGet.auto_remove(self) - if (packages): - WOFileUtils.remove(self, packages) - WOAptGet.auto_remove(self) + if (apt_packages): + Log.debug(self, "Removing apt_packages") + Log.info(self, "Removing packages, please wait...") + WOAptGet.remove(self, apt_packages) + WOAptGet.auto_remove(self) - if (apt_packages): - Log.debug(self, "Removing apt_packages") - Log.info(self, "Removing packages, please wait...") - WOAptGet.remove(self, apt_packages) - WOAptGet.auto_remove(self) - - Log.info(self, "Successfully removed packages") + Log.info(self, "Successfully removed packages") @expose(help="Purge packages") def purge(self): @@ -633,7 +629,8 @@ class WOStackController(CementBaseController): (not pargs.adminer) and (not pargs.utils) and (not pargs.composer) and (not pargs.netdata) and (not pargs.fail2ban) and (not pargs.proftpd) and - (not pargs.security) and + (not pargs.security) and (not pargs.mysqltuner) and + (not pargs.mysqlclient) and (not pargs.all) and (not pargs.redis) and (not pargs.phpredisadmin)): pargs.web = True @@ -644,6 +641,10 @@ class WOStackController(CementBaseController): pargs.web = True pargs.admin = True pargs.php73 = True + pargs.fail2ban = True + pargs.proftpd = True + pargs.utils = True + pargs.redis = True if pargs.web: pargs.nginx = True @@ -655,10 +656,7 @@ class WOStackController(CementBaseController): pargs.utils = True pargs.composer = True pargs.netdata = True - if os.path.isdir('{0}22222/htdocs' - .format(WOVariables.wo_webroot)): - packages = packages + ['{0}22222/htdocs/*' - .format(WOVariables.wo_webroot)] + pargs.mysqltuner = True if pargs.security: pargs.fail2ban = True @@ -667,9 +665,6 @@ class WOStackController(CementBaseController): if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Purge apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx - else: - Log.error(self, "Cannot Purge! " - "Nginx Stable version not found.") # PHP if pargs.php: @@ -680,8 +675,6 @@ class WOStackController(CementBaseController): WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php - else: - Log.error(self, "Cannot Purge PHP 7.2. not found.") # PHP 7.3 if pargs.php73: @@ -710,8 +703,6 @@ class WOStackController(CementBaseController): Log.debug(self, "Purge package variable WPCLI") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] - else: - Log.warn(self, "WP-CLI is not installed with WordOps") # PHPMYADMIN if pargs.phpmyadmin: @@ -724,8 +715,10 @@ class WOStackController(CementBaseController): Log.debug(self, "Removing package variable of Composer ") if os.path.isfile('/usr/local/bin/composer'): packages = packages + ['/usr/local/bin/composer'] - else: - Log.warn(self, "Composer is not installed with WordOps") + + if pargs.mysqltuner: + Log.debug(self, "Removing packages for MySQLTuner ") + packages = packages + ['/usr/bin/mysqltuner'] # PHPREDISADMIN if pargs.phpredisadmin: @@ -768,38 +761,39 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot)] if (packages) or (apt_packages): - wo_prompt = input('Are you sure you to want to purge ' - 'from server ' - 'along with their configuration' - ' packages,\nAny answer other than ' - '"yes" will be stop this ' - 'operation :') + if not pargs.force: + wo_prompt = input('Are you sure you to want to purge ' + 'from server ' + 'along with their configuration' + ' packages,\nAny answer other than ' + '"yes" will be stop this ' + 'operation :') + if (wo_prompt != 'YES' or wo_prompt != 'yes'): + Log.error(self, "Not purging packages") - if wo_prompt == 'YES' or wo_prompt == 'yes' or pargs.force: + if (set(["nginx-custom"]).issubset(set(apt_packages))): + WOService.stop_service(self, 'nginx') - if (set(["nginx-custom"]).issubset(set(apt_packages))): - WOService.stop_service(self, 'nginx') + # Netdata uninstaller + if (set(['/var/lib/wo/tmp/' + 'kickstart.sh']).issubset(set(packages))): + WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" + "libexec/netdata-" + "uninstaller.sh -y -f") - # Netdata uninstaller - if (set(['/var/lib/wo/tmp/' - 'kickstart.sh']).issubset(set(packages))): - WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" - "libexec/netdata-" - "uninstaller.sh -y -f") + if (set(["fail2ban"]).issubset(set(apt_packages))): + WOService.stop_service(self, 'fail2ban') - if (set(["fail2ban"]).issubset(set(apt_packages))): - WOService.stop_service(self, 'fail2ban') + if (apt_packages): + Log.info(self, "Purging packages, please wait...") + WOAptGet.remove(self, apt_packages, purge=True) + WOAptGet.auto_remove(self) - if (apt_packages): - Log.info(self, "Purging packages, please wait...") - WOAptGet.remove(self, apt_packages, purge=True) - WOAptGet.auto_remove(self) + if (packages): + WOFileUtils.remove(self, packages) + WOAptGet.auto_remove(self) - if (packages): - WOFileUtils.remove(self, packages) - WOAptGet.auto_remove(self) - - Log.info(self, "Successfully purged packages") + Log.info(self, "Successfully purged packages") def load(app): diff --git a/wo/cli/plugins/stack_migrate.py b/wo/cli/plugins/stack_migrate.py index c1a84c6..4b61074 100644 --- a/wo/cli/plugins/stack_migrate.py +++ b/wo/cli/plugins/stack_migrate.py @@ -91,7 +91,7 @@ class WOStackMigrateController(CementBaseController): if ((not self.app.pargs.mariadb)): self.app.args.print_help() if self.app.pargs.mariadb: - if WOVariables.wo_mysql_host is not "localhost": + if WOVariables.wo_mysql_host != "localhost": Log.error( self, "Remote MySQL server in use, skipping local install") diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index adccc55..7f5604a 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -160,7 +160,7 @@ def post_pref(self, apt_packages, packages): (data), 'nginx-core.mustache', out=wo_nginx) wo_nginx.close() - if not os.path.isfile('/etc/nginx/conf.d/gzip.conf'): + if not os.path.isfile('/etc/nginx/conf.d/gzip.conf.disabled'): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/gzip.conf') @@ -170,7 +170,7 @@ def post_pref(self, apt_packages, packages): (data), 'gzip.mustache', out=wo_nginx) wo_nginx.close() - if not os.path.isfile('/etc/nginx/conf.d/brotli.conf.disabled'): + if not os.path.isfile('/etc/nginx/conf.d/brotli.conf'): Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/brotli.conf.disabled') wo_nginx = open('/etc/nginx/conf.d/brotli.conf.disabled', @@ -179,6 +179,14 @@ def post_pref(self, apt_packages, packages): (data), 'brotli.mustache', out=wo_nginx) wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/tweaks.conf') + wo_nginx = open('/etc/nginx/conf.d/tweaks.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'tweaks.mustache', out=wo_nginx) + wo_nginx.close() + # Fix for white screen death with NGINX PLUS if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', 'SCRIPT_FILENAME'): @@ -1070,7 +1078,6 @@ def post_pref(self, apt_packages, packages): '/var/lib/mysql/ib_logfile1.bak') WOService.start_service(self, 'mysql') - WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' '> /dev/null 2>&1', comment='MySQL optimization cronjob ' @@ -1324,6 +1331,11 @@ def post_pref(self, apt_packages, packages): WOVariables.wo_php_user, recursive=True) + if any('/usr/bin/mysqltuner' == x[1] + for x in packages): + Log.debug(self, "CHMOD MySQLTuner in /usr/bin/mysqltuner") + WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) + # netdata install if any('/var/lib/wo/tmp/kickstart.sh' == x[1] for x in packages): diff --git a/wo/cli/plugins/stack_services.py b/wo/cli/plugins/stack_services.py index f0794c1..4060fc3 100644 --- a/wo/cli/plugins/stack_services.py +++ b/wo/cli/plugins/stack_services.py @@ -29,6 +29,8 @@ class WOStackStatusController(CementBaseController): pargs.nginx = True pargs.php = True pargs.mysql = True + pargs.fail2ban = True + pargs.netdata = True if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): @@ -198,6 +200,7 @@ class WOStackStatusController(CementBaseController): pargs.nginx = True pargs.php = True pargs.mysql = True + pargs.netdata = True if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): @@ -281,6 +284,8 @@ class WOStackStatusController(CementBaseController): pargs.nginx = True pargs.php = True pargs.mysql = True + pargs.fail2ban = True + pargs.netdata = True if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): @@ -363,6 +368,7 @@ class WOStackStatusController(CementBaseController): pargs.nginx = True pargs.php = True pargs.mysql = True + pargs.fail2ban = True if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom') or diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 35f7bf0..b4c7fbc 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -42,6 +42,8 @@ class WOStackUpgradeController(CementBaseController): dict(help='Upgrade Redis', action='store_true')), (['--netdata'], dict(help='Upgrade Netdata', action='store_true')), + (['--dashboard'], + dict(help='Upgrade WordOps Dashboard', action='store_true')), (['--composer'], dict(help='Upgrade Composer', action='store_true')), (['--phpmyadmin'], @@ -67,7 +69,7 @@ class WOStackUpgradeController(CementBaseController): (not pargs.mysql) and (not pargs.all) and (not pargs.wpcli) and (not pargs.netdata) and (not pargs.composer) and - (not pargs.phpmyadmin) and + (not pargs.phpmyadmin) and (not pargs.dashboard) and (not pargs.redis)): pargs.web = True @@ -138,6 +140,21 @@ class WOStackUpgradeController(CementBaseController): 'kickstart-static64.sh', '/var/lib/wo/tmp/kickstart.sh', 'Netdata']] + + if pargs.dashboard: + if os.path.isfile('/var/www/22222/htdocs/index.php'): + packages = packages + \ + [["https://github.com/WordOps/wordops-dashboard/" + "releases/download/v{0}/wordops-dashboard.tar.gz" + .format(WOVariables.wo_dashboard), + "/var/lib/wo/tmp/wo-dashboard.tar.gz", + "WordOps Dashboard"], + ["https://github.com/soerennb/" + "extplorer/archive/v{0}.tar.gz" + .format(WOVariables.wo_extplorer), + "/var/lib/wo/tmp/extplorer.tar.gz", + "eXtplorer"]] + if pargs.phpmyadmin: if os.path.isdir('/var/www/22222/htdocs/db/pma'): packages = packages + \ @@ -184,10 +201,13 @@ class WOStackUpgradeController(CementBaseController): if len(packages): if pargs.wpcli: - WOFileUtils.remove(self, ['/usr/local/bin/wp']) + WOFileUtils.rm(self, '/usr/local/bin/wp') if pargs.netdata: - WOFileUtils.remove(self, ['/var/lib/wo/tmp/kickstart.sh']) + WOFileUtils.rm(self, '/var/lib/wo/tmp/kickstart.sh') + + if pargs.dashboard: + WOFileUtils.rm(self, '/var/www/22222/htdocs/index.php') Log.debug(self, "Downloading following: {0}".format(packages)) WODownload.download(self, packages) @@ -201,6 +221,15 @@ class WOStackUpgradeController(CementBaseController): "kickstart.sh " "--dont-wait") + if pargs.dashboard: + Log.debug(self, "Extracting wo-dashboard.tar.gz " + "to location {0}22222/htdocs/" + .format(WOVariables.wo_webroot)) + WOExtract.extract(self, '/var/lib/wo/tmp/' + 'wo-dashboard.tar.gz', + '{0}22222/htdocs' + .format(WOVariables.wo_webroot)) + if pargs.composer: Log.info(self, "Upgrading Composer, please wait...") WOShellExec.cmd_exec(self, "php -q /var/lib/wo" diff --git a/wo/cli/templates/nginx-core.mustache b/wo/cli/templates/nginx-core.mustache index be1ea21..987aab4 100644 --- a/wo/cli/templates/nginx-core.mustache +++ b/wo/cli/templates/nginx-core.mustache @@ -1,143 +1,124 @@ -user www-data; -worker_processes auto; -worker_cpu_affinity auto; -worker_rlimit_nofile 100000; -pid /run/nginx.pid; - -pcre_jit on; - -events { - multi_accept on; - worker_connections 50000; - accept_mutex on; - use epoll; -} - - -http { - ## - # WordOps Settings - ## - - sendfile on; - sendfile_max_chunk 512k; - - tcp_nopush on; - tcp_nodelay on; - - keepalive_timeout 8; - keepalive_requests 500; - keepalive_disable msie6; - - lingering_time 20s; - lingering_timeout 5s; - - # Nginx AIO : See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/ - # http://nginx.org/en/docs/http/ngx_http_core_module.html#aio - aio threads; - - server_tokens off; - reset_timedout_connection on; - more_set_headers "X-Powered-By : WordOps"; - - open_file_cache max=50000 inactive=60s; - open_file_cache_errors off; - open_file_cache_min_uses 2; - open_file_cache_valid 120s; - open_log_file_cache max=10000 inactive=30s min_uses=2; - - # Limit Request - limit_req_status 403; - limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; - - # Proxy Settings - # set_real_ip_from proxy-server-ip; - # real_ip_header X-Forwarded-For; - - fastcgi_read_timeout 300; - client_max_body_size 100m; - - # ngx_vts_module - vhost_traffic_status_zone; - - # tls dynamic records patch directive - ssl_dyn_rec_enable on; - - - ## - # SSL Settings - ## - - ssl_session_timeout 1d; - ssl_session_cache shared:SSL:50m; - ssl_session_tickets off; - ssl_prefer_server_ciphers on; - {{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; - ssl_protocols TLSv1.2 TLSv1.3;{{/tls13}} - ssl_ecdh_curve X25519:P-521:P-384:P-256; - # Previous TLS v1.2 configuration - {{^tls13}}ssl_protocols TLSv1.2; - ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;{{/tls13}} - - # Common security headers - more_set_headers "X-Frame-Options : SAMEORIGIN"; - more_set_headers "X-Xss-Protection : 1; mode=block"; - more_set_headers "X-Content-Type-Options : nosniff"; - more_set_headers "Referrer-Policy : strict-origin-when-cross-origin"; - more_set_headers "X-Download-Options : noopen"; - - # oscp settings - resolver 8.8.8.8 1.1.1.1 8.8.4.4 1.0.0.1 valid=300s; - resolver_timeout 10; - ssl_stapling on; - - ## - # Basic Settings - ## - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # Logging Settings - ## - - access_log off; - error_log /var/log/nginx/error.log; - - # Log format Settings - log_format rt_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' - '$http_host "$request" $status $body_bytes_sent ' - '"$http_referer" "$http_user_agent" "$server_protocol"'; - - ## - # Virtual Host Configs - ## - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#} +user www-data; +worker_processes auto; +worker_cpu_affinity auto; +worker_rlimit_nofile 100000; +pid /run/nginx.pid; + +pcre_jit on; + +events { + multi_accept on; + worker_connections 50000; + accept_mutex on; + use epoll; +} + + +http { + + ## + # WordOps Settings + ## + + # Nginx AIO : See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/ + # http://nginx.org/en/docs/http/ngx_http_core_module.html#aio + aio threads; + + server_tokens off; + reset_timedout_connection on; + more_set_headers "X-Powered-By : WordOps"; + + # Limit Request + limit_req_status 403; + limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; + + # Proxy Settings + # set_real_ip_from proxy-server-ip; + # real_ip_header X-Forwarded-For; + + fastcgi_read_timeout 300; + client_max_body_size 100m; + + # ngx_vts_module + vhost_traffic_status_zone; + + # tls dynamic records patch directive + ssl_dyn_rec_enable on; + + ## + # SSL Settings + ## + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:50m; + ssl_session_tickets off; + ssl_prefer_server_ciphers on; + {{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; + ssl_protocols TLSv1.2 TLSv1.3;{{/tls13}} + ssl_ecdh_curve X25519:P-521:P-384:P-256; + # Previous TLS v1.2 configuration + {{^tls13}}ssl_protocols TLSv1.2; + ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;{{/tls13}} + + # Common security headers + more_set_headers "X-Frame-Options : SAMEORIGIN"; + more_set_headers "X-Xss-Protection : 1; mode=block"; + more_set_headers "X-Content-Type-Options : nosniff"; + more_set_headers "Referrer-Policy : strict-origin-when-cross-origin"; + more_set_headers "X-Download-Options : noopen"; + + # oscp settings + resolver 8.8.8.8 1.1.1.1 8.8.4.4 1.0.0.1 valid=300s; + resolver_timeout 10; + ssl_stapling on; + + ## + # Basic Settings + ## + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # Logging Settings + ## + + access_log off; + error_log /var/log/nginx/error.log; + + # Log format Settings + log_format rt_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' + '$http_host "$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent" "$server_protocol"'; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + + +#mail { +# # See sample authentication script at: +# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript +# +# # auth_http localhost/auth.php; +# # pop3_capabilities "TOP" "USER"; +# # imap_capabilities "IMAP4rev1" "UIDPLUS"; +# +# server { +# listen localhost:110; +# protocol pop3; +# proxy on; +# } +# +# server { +# listen localhost:143; +# protocol imap; +# proxy on; +# } +#} diff --git a/wo/cli/templates/tweaks.mustache b/wo/cli/templates/tweaks.mustache new file mode 100644 index 0000000..141db61 --- /dev/null +++ b/wo/cli/templates/tweaks.mustache @@ -0,0 +1,30 @@ +# NGINX Tweaks - WO v3.9.8 + directio 4m; + directio_alignment 512; + http2_max_field_size 16k; + http2_max_header_size 32k; + + large_client_header_buffers 8 64k; + + postpone_output 1460; + proxy_buffers 8 32k; + proxy_buffer_size 64k; + + sendfile on; + sendfile_max_chunk 512k; + + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 8; + keepalive_requests 500; + keepalive_disable msie6; + + lingering_time 20s; + lingering_timeout 5s; + + open_file_cache max=50000 inactive=60s; + open_file_cache_errors off; + open_file_cache_min_uses 2; + open_file_cache_valid 120s; + open_log_file_cache max=10000 inactive=30s min_uses=2; diff --git a/wo/cli/templates/upstream.mustache b/wo/cli/templates/upstream.mustache index 232dade..446135d 100644 --- a/wo/cli/templates/upstream.mustache +++ b/wo/cli/templates/upstream.mustache @@ -1,86 +1,86 @@ -# NGINX UPSTREAM CONFIGURATION - WO v3.9.7 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -#------------------------------- -# PHP 5.6 -#------------------------------- -upstream php { -server 127.0.0.1:{{php}}; -} - -upstream debug { -server 127.0.0.1:{{debug}}; -} - - -#------------------------------- -# PHP 7.0 -#------------------------------- - -upstream php7 { -server 127.0.0.1:{{php7}}; -} -upstream debug7 { -# Debug Pool -server 127.0.0.1:{{debug7}}; -} - - -#------------------------------- -# PHP 7.2 -#------------------------------- - -# PHP 7.2 upstream with load-balancing on two unix sockets -upstream php72 { - least_conn; - - server unix:/var/run/php/php72-fpm.sock; - server unix:/var/run/php/php72-two-fpm.sock; - - keepalive 5; -} - -# PHP 7.2 debug -upstream debug72 { -# Debug Pool -server 127.0.0.1:9172; -} - -#------------------------------- -# PHP 7.3 -#------------------------------- - -# PHP 7.3 upstream with load-balancing on two unix sockets -upstream php73 { - least_conn; - - server unix:/var/run/php/php73-fpm.sock; - server unix:/var/run/php/php73-two-fpm.sock; - - keepalive 5; -} - -# PHP 7.3 debug -upstream debug73 { -# Debug Pool - server 127.0.0.1:9173; -} - -#------------------------------- -# Netdata -#------------------------------- - -# Netdata Monitoring Upstream -upstream netdata { - server 127.0.0.1:19999; - keepalive 64; -} - -#------------------------------- -# Redis -#------------------------------- - -# Redis cache upstream -upstream redis { - server 127.0.0.1:6379; - keepalive 10; -} +# NGINX UPSTREAM CONFIGURATION - WO v3.9.8 +# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE +#------------------------------- +# PHP 5.6 +#------------------------------- +upstream php { +server 127.0.0.1:{{php}}; +} + +upstream debug { +server 127.0.0.1:{{debug}}; +} + + +#------------------------------- +# PHP 7.0 +#------------------------------- + +upstream php7 { +server 127.0.0.1:{{php7}}; +} +upstream debug7 { +# Debug Pool +server 127.0.0.1:{{debug7}}; +} + + +#------------------------------- +# PHP 7.2 +#------------------------------- + +# PHP 7.2 upstream with load-balancing on two unix sockets +upstream php72 { + least_conn; + + server unix:/var/run/php/php72-fpm.sock; + server unix:/var/run/php/php72-two-fpm.sock; + + keepalive 5; +} + +# PHP 7.2 debug +upstream debug72 { +# Debug Pool +server 127.0.0.1:9172; +} + +#------------------------------- +# PHP 7.3 +#------------------------------- + +# PHP 7.3 upstream with load-balancing on two unix sockets +upstream php73 { + least_conn; + + server unix:/var/run/php/php73-fpm.sock; + server unix:/var/run/php/php73-two-fpm.sock; + + keepalive 5; +} + +# PHP 7.3 debug +upstream debug73 { +# Debug Pool + server 127.0.0.1:9173; +} + +#------------------------------- +# Netdata +#------------------------------- + +# Netdata Monitoring Upstream +upstream netdata { + server 127.0.0.1:19999; + keepalive 64; +} + +#------------------------------- +# Redis +#------------------------------- + +# Redis cache upstream +upstream redis { + server 127.0.0.1:6379; + keepalive 10; +} diff --git a/wo/core/template.py b/wo/core/template.py new file mode 100644 index 0000000..cacad75 --- /dev/null +++ b/wo/core/template.py @@ -0,0 +1,27 @@ +from wo.core.logging import Log +import os + +""" +Render Templates +""" + + +class WOTemplate(): + def tmpl_render(self, fileconf, template, data, overwrite=False): + if overwrite: + Log.debug(self, 'Writting the configuration to ' + 'file {0}'.format(fileconf)) + wo_template = open('{0}'.format(fileconf), + encoding='utf-8', mode='w') + self.app.render((data), '{0}'.format(template), + out=wo_template) + wo_template.close() + else: + if not os.path.isfile('{0}'.format(fileconf)): + Log.debug(self, 'Writting the configuration to ' + 'file {0}'.format(fileconf)) + wo_template = open('{0}'.format(fileconf), + encoding='utf-8', mode='w') + self.app.render((data), '{0}'.format(template), + out=wo_template) + wo_template.close() diff --git a/wo/core/variables.py b/wo/core/variables.py index da20d58..7c6b6c4 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -1,170 +1,170 @@ -"""WordOps core variable module""" -import platform -import socket -import configparser -import os -import datetime - - -class WOVariables(): - """Intialization of core variables""" - - # WordOps version - wo_version = "3.9.8" - # WordOps packages versions - wo_wp_cli = "2.2.0" - wo_adminer = "4.7.2" - wo_phpmyadmin = "4.9.0.1" - wo_extplorer = "2.1.13" - wo_dashboard = "1.1" - - # Get WPCLI path - wo_wpcli_path = '/usr/local/bin/wp' - - # Current date and time of System - wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S') - - # WordOps core variables - wo_distro = os.popen("/usr/bin/lsb_release -si " - "| tr -d \'\\n\'").read().lower() - wo_platform_version = platform.linux_distribution()[1] - wo_platform_codename = os.popen( - "/usr/bin/lsb_release -sc | tr -d \'\\n\'").read() - - # Get timezone of system - if os.path.isfile('/etc/timezone'): - with open("/etc/timezone", "r") as tzfile: - wo_timezone = tzfile.read().replace('\n', '') - if wo_timezone == "Etc/UTC": - wo_timezone = "UTC" - else: - wo_timezone = "Europe/Amsterdam" - - # Get FQDN of system - wo_fqdn = socket.getfqdn() - - # WordOps default webroot path - wo_webroot = '/var/www/' - - # WordOps default renewal SSL certificates path - wo_ssl_archive = '/etc/letsencrypt/renewal' - - # WordOps default live SSL certificates path - wo_ssl_live = '/etc/letsencrypt/live' - - # PHP user - wo_php_user = 'www-data' - - # Get git user name and EMail - config = configparser.ConfigParser() - config.read(os.path.expanduser("~")+'/.gitconfig') - try: - wo_user = config['user']['name'] - wo_email = config['user']['email'] - except Exception: - wo_user = input("Enter your name: ") - wo_email = input("Enter your email: ") - os.system("/usr/bin/git config --global user.name {0}".format(wo_user)) - os.system( - "/usr/bin/git config --global user.email {0}".format(wo_email)) - - # MySQL hostname - wo_mysql_host = "" - config = configparser.RawConfigParser() - if os.path.exists('/etc/mysql/conf.d/my.cnf'): - cnfpath = "/etc/mysql/conf.d/my.cnf" - else: - cnfpath = os.path.expanduser("~")+"/.my.cnf" - if [cnfpath] == config.read(cnfpath): - try: - wo_mysql_host = config.get('client', 'host') - except configparser.NoOptionError: - wo_mysql_host = "localhost" - else: - wo_mysql_host = "localhost" - - # WordOps stack installation variables - # Nginx repo and packages - if wo_distro == 'ubuntu': - wo_nginx_repo = "ppa:wordops/nginx-wo" - elif wo_distro == 'debian': - if wo_platform_codename == 'jessie': - wo_nginx_repo = ("deb http://download.opensuse.org" - "/repositories/home:" - "/virtubox:/WordOps/Debian_8.0/ /") - elif wo_platform_codename == 'stretch': - wo_nginx_repo = ("deb http://download.opensuse.org" - "/repositories/home:" - "/virtubox:/WordOps/Debian_9.0/ /") - elif wo_platform_codename == 'buster': - wo_nginx_repo = ("deb http://download.opensuse.org" - "/repositories/home:" - "/virtubox:/WordOps/Debian_10/ /") - else: - wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/virtubox:/WordOps/Raspbian_9.0/ /") - - wo_nginx = ["nginx-custom", "nginx-wo"] - wo_nginx_key = '188C9FB063F0247A' - - # PHP repo and packages - if wo_distro == 'ubuntu': - wo_php_repo = "ppa:ondrej/php" - wo_php_key = '' - else: - wo_php_repo = ( - "deb https://packages.sury.org/php/ {codename} main" - .format(codename=wo_platform_codename)) - wo_php_key = 'AC0E47584A7A714D' - - wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", - "php7.2-readline", "php7.2-common", "php7.2-recode", - "php7.2-cli", "php7.2-mbstring", - "php7.2-bcmath", "php7.2-mysql", "php7.2-opcache", - "php7.2-zip", "php7.2-xml", "php7.2-soap"] - wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap", - "php7.3-readline", "php7.3-common", "php7.3-recode", - "php7.3-cli", "php7.3-mbstring", - "php7.3-bcmath", "php7.3-mysql", "php7.3-opcache", - "php7.3-zip", "php7.3-xml", "php7.3-soap"] - wo_php_extra = ["php-memcached", "php-imagick", - "graphviz", "php-xdebug", "php-msgpack", "php-redis"] - - # MySQL repo and packages - if wo_distro == 'ubuntu': - wo_mysql_repo = ("deb [arch=amd64,ppc64el] " - "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" - "10.3/ubuntu {codename} main" - .format(codename=wo_platform_codename)) - else: - wo_mysql_repo = ("deb [arch=amd64,ppc64el] " - "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" - "10.3/debian {codename} main" - .format(codename=wo_platform_codename)) - - wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] - - wo_mysql_client = ["mariadb-client", "python3-mysqldb"] - - wo_fail2ban = ["fail2ban"] - - # Redis repo details - if wo_distro == 'ubuntu': - wo_redis_repo = ("ppa:chris-lea/redis-server") - - else: - wo_redis_repo = ("deb https://packages.sury.org/php/ {codename} all" - .format(codename=wo_platform_codename)) - - wo_redis = ['redis-server', 'php-redis'] - - # Repo path - wo_repo_file = "wo-repo.list" - wo_repo_file_path = ("/etc/apt/sources.list.d/" + wo_repo_file) - - # Application dabase file path - basedir = os.path.abspath(os.path.dirname('/var/lib/wo/')) - wo_db_uri = 'sqlite:///' + os.path.join(basedir, 'dbase.db') - - def __init__(self): - pass +"""WordOps core variable module""" +import platform +import socket +import configparser +import os +import datetime + + +class WOVariables(): + """Intialization of core variables""" + + # WordOps version + wo_version = "3.9.8" + # WordOps packages versions + wo_wp_cli = "2.2.0" + wo_adminer = "4.7.2" + wo_phpmyadmin = "4.9.0.1" + wo_extplorer = "2.1.13" + wo_dashboard = "1.1" + + # Get WPCLI path + wo_wpcli_path = '/usr/local/bin/wp' + + # Current date and time of System + wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S') + + # WordOps core variables + wo_distro = os.popen("/usr/bin/lsb_release -si " + "| tr -d \'\\n\'").read().lower() + wo_platform_version = platform.linux_distribution()[1] + wo_platform_codename = os.popen( + "/usr/bin/lsb_release -sc | tr -d \'\\n\'").read() + + # Get timezone of system + if os.path.isfile('/etc/timezone'): + with open("/etc/timezone", "r") as tzfile: + wo_timezone = tzfile.read().replace('\n', '') + if wo_timezone == "Etc/UTC": + wo_timezone = "UTC" + else: + wo_timezone = "Europe/Amsterdam" + + # Get FQDN of system + wo_fqdn = socket.getfqdn() + + # WordOps default webroot path + wo_webroot = '/var/www/' + + # WordOps default renewal SSL certificates path + wo_ssl_archive = '/etc/letsencrypt/renewal' + + # WordOps default live SSL certificates path + wo_ssl_live = '/etc/letsencrypt/live' + + # PHP user + wo_php_user = 'www-data' + + # Get git user name and EMail + config = configparser.ConfigParser() + config.read(os.path.expanduser("~")+'/.gitconfig') + try: + wo_user = config['user']['name'] + wo_email = config['user']['email'] + except Exception: + wo_user = input("Enter your name: ") + wo_email = input("Enter your email: ") + os.system("/usr/bin/git config --global user.name {0}".format(wo_user)) + os.system( + "/usr/bin/git config --global user.email {0}".format(wo_email)) + + # MySQL hostname + wo_mysql_host = "" + config = configparser.RawConfigParser() + if os.path.exists('/etc/mysql/conf.d/my.cnf'): + cnfpath = "/etc/mysql/conf.d/my.cnf" + else: + cnfpath = os.path.expanduser("~")+"/.my.cnf" + if [cnfpath] == config.read(cnfpath): + try: + wo_mysql_host = config.get('client', 'host') + except configparser.NoOptionError: + wo_mysql_host = "localhost" + else: + wo_mysql_host = "localhost" + + # WordOps stack installation variables + # Nginx repo and packages + if wo_distro == 'ubuntu': + wo_nginx_repo = "ppa:wordops/nginx-wo" + elif wo_distro == 'debian': + if wo_platform_codename == 'jessie': + wo_nginx_repo = ("deb http://download.opensuse.org" + "/repositories/home:" + "/virtubox:/WordOps/Debian_8.0/ /") + elif wo_platform_codename == 'stretch': + wo_nginx_repo = ("deb http://download.opensuse.org" + "/repositories/home:" + "/virtubox:/WordOps/Debian_9.0/ /") + elif wo_platform_codename == 'buster': + wo_nginx_repo = ("deb http://download.opensuse.org" + "/repositories/home:" + "/virtubox:/WordOps/Debian_10/ /") + else: + wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" + "/virtubox:/WordOps/Raspbian_9.0/ /") + + wo_nginx = ["nginx-custom", "nginx-wo"] + wo_nginx_key = '188C9FB063F0247A' + + # PHP repo and packages + if wo_distro == 'ubuntu': + wo_php_repo = "ppa:ondrej/php" + wo_php_key = '' + else: + wo_php_repo = ( + "deb https://packages.sury.org/php/ {codename} main" + .format(codename=wo_platform_codename)) + wo_php_key = 'AC0E47584A7A714D' + + wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", + "php7.2-readline", "php7.2-common", "php7.2-recode", + "php7.2-cli", "php7.2-mbstring", + "php7.2-bcmath", "php7.2-mysql", "php7.2-opcache", + "php7.2-zip", "php7.2-xml", "php7.2-soap"] + wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap", + "php7.3-readline", "php7.3-common", "php7.3-recode", + "php7.3-cli", "php7.3-mbstring", + "php7.3-bcmath", "php7.3-mysql", "php7.3-opcache", + "php7.3-zip", "php7.3-xml", "php7.3-soap"] + wo_php_extra = ["php-memcached", "php-imagick", + "graphviz", "php-xdebug", "php-msgpack", "php-redis"] + + # MySQL repo and packages + if wo_distro == 'ubuntu': + wo_mysql_repo = ("deb [arch=amd64,ppc64el] " + "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" + "10.3/ubuntu {codename} main" + .format(codename=wo_platform_codename)) + else: + wo_mysql_repo = ("deb [arch=amd64,ppc64el] " + "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" + "10.3/debian {codename} main" + .format(codename=wo_platform_codename)) + + wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] + + wo_mysql_client = ["mariadb-client", "python3-mysqldb"] + + wo_fail2ban = ["fail2ban"] + + # Redis repo details + if wo_distro == 'ubuntu': + wo_redis_repo = ("ppa:chris-lea/redis-server") + + else: + wo_redis_repo = ("deb https://packages.sury.org/php/ {codename} all" + .format(codename=wo_platform_codename)) + + wo_redis = ['redis-server', 'php-redis'] + + # Repo path + wo_repo_file = "wo-repo.list" + wo_repo_file_path = ("/etc/apt/sources.list.d/" + wo_repo_file) + + # Application dabase file path + basedir = os.path.abspath(os.path.dirname('/var/lib/wo/')) + wo_db_uri = 'sqlite:///' + os.path.join(basedir, 'dbase.db') + + def __init__(self): + pass