From 00fd55cb8f87c1e81c986d11b608be76ad1f10a7 Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Sun, 2 Jun 2024 19:16:59 +0200
Subject: [PATCH 1/5] Remove doublons in wo site update

---
 wo/cli/plugins/site_update.py | 53 -----------------------------------
 1 file changed, 53 deletions(-)

diff --git a/wo/cli/plugins/site_update.py b/wo/cli/plugins/site_update.py
index 5cc6d71..13ea8e0 100644
--- a/wo/cli/plugins/site_update.py
+++ b/wo/cli/plugins/site_update.py
@@ -532,12 +532,6 @@ class WOSiteUpdateController(CementBaseController):
                 Log.debug(self, f"check_php_versions set to {version}")
                 break
 
-        if pargs.hsts:
-            data['hsts'] = bool(pargs.hsts == "on")
-
-        if pargs.ngxblocker:
-            ngxblocker = bool(pargs.ngxblocker == 'on')
-
         if not data:
             Log.error(self, "Cannot update {0}, Invalid Options"
                       .format(wo_domain))
@@ -750,53 +744,6 @@ class WOSiteUpdateController(CementBaseController):
             updateSiteInfo(self, wo_domain, ssl=letsencrypt)
             return 0
 
-        if pargs.hsts:
-            if data['hsts'] is True:
-                if os.path.isfile(("{0}/conf/nginx/ssl.conf")
-                                  .format(wo_site_webroot)):
-                    if not os.path.isfile("{0}/conf/nginx/hsts.conf"
-                                          .format(wo_site_webroot)):
-                        SSL.setuphsts(self, wo_domain)
-                    else:
-                        Log.error(self, "HSTS is already configured for given "
-                                        "site")
-                    if not WOService.reload_service(self, 'nginx'):
-                        Log.error(self, "service nginx reload failed. "
-                                  "check issues with `nginx -t` command")
-                else:
-                    Log.error(self, "HTTPS is not configured for given "
-                              "site")
-
-            elif data['hsts'] is False:
-                if os.path.isfile(("{0}/conf/nginx/hsts.conf")
-                                  .format(wo_site_webroot)):
-                    WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
-                                       .format(wo_site_webroot),
-                                       '{0}/conf/nginx/hsts.conf.disabled'
-                                       .format(wo_site_webroot))
-                    if not WOService.reload_service(self, 'nginx'):
-                        Log.error(self, "service nginx reload failed. "
-                                  "check issues with `nginx -t` command")
-                else:
-                    Log.error(self, "HSTS is not configured for given "
-                              "site")
-        if pargs.ngxblocker:
-            if ngxblocker is True:
-                setupngxblocker(self, wo_domain)
-            elif ngxblocker is False:
-                if os.path.isfile("{0}/conf/nginx/ngxblocker.conf"
-                                  .format(wo_site_webroot)):
-                    WOFileUtils.mvfile(
-                        self,
-                        "{0}/conf/nginx/ngxblocker.conf"
-                        .format(wo_site_webroot),
-                        "{0}/conf/nginx/ngxblocker.conf.disabled"
-                        .format(wo_site_webroot))
-            # Service Nginx Reload
-            if not WOService.reload_service(self, 'nginx'):
-                Log.error(self, "service nginx reload failed. "
-                          "check issues with `nginx -t` command")
-
         if stype == oldsitetype and cache == oldcachetype:
 
             # Service Nginx Reload

From 582ececbdc1401428a3f00206dcf5bfd04a869ed Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Sun, 2 Jun 2024 22:11:21 +0200
Subject: [PATCH 2/5] End site update after --hsts or --ngxblocker

---
 wo/cli/plugins/site_update.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/wo/cli/plugins/site_update.py b/wo/cli/plugins/site_update.py
index 13ea8e0..28e76e9 100644
--- a/wo/cli/plugins/site_update.py
+++ b/wo/cli/plugins/site_update.py
@@ -222,8 +222,9 @@ class WOSiteUpdateController(CementBaseController):
                     Log.error(
                         self, "service nginx reload failed. "
                         "check issues with `nginx -t` command")
-
-            # setup ngxblocker
+                else:
+                    return 0
+                    # setup ngxblocker
             if (pargs.ngxblocker):
                 if pargs.ngxblocker == "on":
                     if os.path.isdir('/etc/nginx/bots.d'):
@@ -245,6 +246,8 @@ class WOSiteUpdateController(CementBaseController):
                 if not WOService.reload_service(self, 'nginx'):
                     Log.error(self, "service nginx reload failed. "
                               "check issues with `nginx -t` command")
+                else:
+                    return 0
 
             # letsencryot rebew
             if (pargs.letsencrypt == 'renew'):

From 6177647a6f4c19c1b84c82a3df1005ac1cba8d65 Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Sun, 2 Jun 2024 23:28:54 +0200
Subject: [PATCH 3/5] Fix disabling hsts

---
 wo/core/fileutils.py | 2 +-
 wo/core/sslutils.py  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/wo/core/fileutils.py b/wo/core/fileutils.py
index 92d45bf..d6139c4 100644
--- a/wo/core/fileutils.py
+++ b/wo/core/fileutils.py
@@ -370,7 +370,7 @@ class WOFileUtils():
 
     def enabledisable(self, path, enable=True):
         """Switch conf from .conf.disabled to .conf or vice-versa"""
-        if enable:
+        if enable is True:
             Log.debug(self, "Check if disabled file exist")
             if os.path.exists('{0}.disabled'.format(path)):
                 Log.debug(self, "Moving .disabled file")
diff --git a/wo/core/sslutils.py b/wo/core/sslutils.py
index a347466..09b05ce 100644
--- a/wo/core/sslutils.py
+++ b/wo/core/sslutils.py
@@ -136,7 +136,7 @@ class SSL:
 
     def setuphsts(self, wo_domain_name, enable=True):
         """Enable or disable htsts for a site"""
-        if enable:
+        if enable is True:
             if WOFileUtils.enabledisable(
                 self, '/var/www/{0}/conf/nginx/hsts.conf'
             ):

From d1e50d06b5780a7b32e69b23ce5eef0bf2cc29d8 Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Mon, 3 Jun 2024 00:48:14 +0200
Subject: [PATCH 4/5] Fix --hsts

---
 wo/core/sslutils.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wo/core/sslutils.py b/wo/core/sslutils.py
index 09b05ce..ef167e4 100644
--- a/wo/core/sslutils.py
+++ b/wo/core/sslutils.py
@@ -138,7 +138,7 @@ class SSL:
         """Enable or disable htsts for a site"""
         if enable is True:
             if WOFileUtils.enabledisable(
-                self, '/var/www/{0}/conf/nginx/hsts.conf'
+                self, f'/var/www/{wo_domain_name}/conf/nginx/hsts.conf'
             ):
                 return 0
             else:
@@ -158,7 +158,7 @@ class SSL:
                 return 0
         else:
             if WOFileUtils.enabledisable(
-                self, '/var/www/{0}/conf/nginx/hsts.conf',
+                self, f'/var/www/{wo_domain_name}/conf/nginx/hsts.conf',
                 enable=False
             ):
                 Log.info(self, "HSTS disabled")

From 6b5e5ecb47a27c68c8ab511c1067e02e6599e222 Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Mon, 3 Jun 2024 00:56:23 +0200
Subject: [PATCH 5/5] Fix hsts enable disable

---
 wo/core/sslutils.py | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/wo/core/sslutils.py b/wo/core/sslutils.py
index ef167e4..5c6ded5 100644
--- a/wo/core/sslutils.py
+++ b/wo/core/sslutils.py
@@ -146,8 +146,7 @@ class SSL:
                     self, "Adding /var/www/{0}/conf/nginx/hsts.conf"
                     .format(wo_domain_name))
 
-                hstsconf = open("/var/www/{0}/conf/nginx/hsts.conf"
-                                .format(wo_domain_name),
+                hstsconf = open(f"/var/www/{wo_domain_name}/conf/nginx/hsts.conf",
                                 encoding='utf-8', mode='w')
                 hstsconf.write("more_set_headers "
                                "\"Strict-Transport-Security: "
@@ -177,13 +176,11 @@ class SSL:
         try:
             WOShellExec.cmd_exec(
                 self, "openssl genrsa -out "
-                "{0}/ssl.key 2048"
-                .format(selfs_tmp))
+                f"{selfs_tmp}/ssl.key 2048")
             WOShellExec.cmd_exec(
                 self, "openssl req -new -batch  "
                 "-subj /commonName=localhost/ "
-                "-key {0}/ssl.key -out {0}/ssl.csr"
-                .format(selfs_tmp))
+                f"-key {selfs_tmp}/ssl.key -out {selfs_tmp}/ssl.csr")
 
             WOFileUtils.mvfile(
                 self, "{0}/ssl.key"