Merge pull request #658 from WordOps/updating-configuration
Remove doublons in wo site update
This commit is contained in:
VirtuBox
@@ -222,8 +222,9 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
Log.error(
|
Log.error(
|
||||||
self, "service nginx reload failed. "
|
self, "service nginx reload failed. "
|
||||||
"check issues with `nginx -t` command")
|
"check issues with `nginx -t` command")
|
||||||
|
else:
|
||||||
# setup ngxblocker
|
return 0
|
||||||
|
# setup ngxblocker
|
||||||
if (pargs.ngxblocker):
|
if (pargs.ngxblocker):
|
||||||
if pargs.ngxblocker == "on":
|
if pargs.ngxblocker == "on":
|
||||||
if os.path.isdir('/etc/nginx/bots.d'):
|
if os.path.isdir('/etc/nginx/bots.d'):
|
||||||
@@ -245,6 +246,8 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
if not WOService.reload_service(self, 'nginx'):
|
if not WOService.reload_service(self, 'nginx'):
|
||||||
Log.error(self, "service nginx reload failed. "
|
Log.error(self, "service nginx reload failed. "
|
||||||
"check issues with `nginx -t` command")
|
"check issues with `nginx -t` command")
|
||||||
|
else:
|
||||||
|
return 0
|
||||||
|
|
||||||
# letsencryot rebew
|
# letsencryot rebew
|
||||||
if (pargs.letsencrypt == 'renew'):
|
if (pargs.letsencrypt == 'renew'):
|
||||||
@@ -532,12 +535,6 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
Log.debug(self, f"check_php_versions set to {version}")
|
Log.debug(self, f"check_php_versions set to {version}")
|
||||||
break
|
break
|
||||||
|
|
||||||
if pargs.hsts:
|
|
||||||
data['hsts'] = bool(pargs.hsts == "on")
|
|
||||||
|
|
||||||
if pargs.ngxblocker:
|
|
||||||
ngxblocker = bool(pargs.ngxblocker == 'on')
|
|
||||||
|
|
||||||
if not data:
|
if not data:
|
||||||
Log.error(self, "Cannot update {0}, Invalid Options"
|
Log.error(self, "Cannot update {0}, Invalid Options"
|
||||||
.format(wo_domain))
|
.format(wo_domain))
|
||||||
@@ -750,53 +747,6 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
updateSiteInfo(self, wo_domain, ssl=letsencrypt)
|
updateSiteInfo(self, wo_domain, ssl=letsencrypt)
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
if pargs.hsts:
|
|
||||||
if data['hsts'] is True:
|
|
||||||
if os.path.isfile(("{0}/conf/nginx/ssl.conf")
|
|
||||||
.format(wo_site_webroot)):
|
|
||||||
if not os.path.isfile("{0}/conf/nginx/hsts.conf"
|
|
||||||
.format(wo_site_webroot)):
|
|
||||||
SSL.setuphsts(self, wo_domain)
|
|
||||||
else:
|
|
||||||
Log.error(self, "HSTS is already configured for given "
|
|
||||||
"site")
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
else:
|
|
||||||
Log.error(self, "HTTPS is not configured for given "
|
|
||||||
"site")
|
|
||||||
|
|
||||||
elif data['hsts'] is False:
|
|
||||||
if os.path.isfile(("{0}/conf/nginx/hsts.conf")
|
|
||||||
.format(wo_site_webroot)):
|
|
||||||
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
|
|
||||||
.format(wo_site_webroot),
|
|
||||||
'{0}/conf/nginx/hsts.conf.disabled'
|
|
||||||
.format(wo_site_webroot))
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
else:
|
|
||||||
Log.error(self, "HSTS is not configured for given "
|
|
||||||
"site")
|
|
||||||
if pargs.ngxblocker:
|
|
||||||
if ngxblocker is True:
|
|
||||||
setupngxblocker(self, wo_domain)
|
|
||||||
elif ngxblocker is False:
|
|
||||||
if os.path.isfile("{0}/conf/nginx/ngxblocker.conf"
|
|
||||||
.format(wo_site_webroot)):
|
|
||||||
WOFileUtils.mvfile(
|
|
||||||
self,
|
|
||||||
"{0}/conf/nginx/ngxblocker.conf"
|
|
||||||
.format(wo_site_webroot),
|
|
||||||
"{0}/conf/nginx/ngxblocker.conf.disabled"
|
|
||||||
.format(wo_site_webroot))
|
|
||||||
# Service Nginx Reload
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
|
|
||||||
if stype == oldsitetype and cache == oldcachetype:
|
if stype == oldsitetype and cache == oldcachetype:
|
||||||
|
|
||||||
# Service Nginx Reload
|
# Service Nginx Reload
|
||||||
|
|||||||
@@ -370,7 +370,7 @@ class WOFileUtils():
|
|||||||
|
|
||||||
def enabledisable(self, path, enable=True):
|
def enabledisable(self, path, enable=True):
|
||||||
"""Switch conf from .conf.disabled to .conf or vice-versa"""
|
"""Switch conf from .conf.disabled to .conf or vice-versa"""
|
||||||
if enable:
|
if enable is True:
|
||||||
Log.debug(self, "Check if disabled file exist")
|
Log.debug(self, "Check if disabled file exist")
|
||||||
if os.path.exists('{0}.disabled'.format(path)):
|
if os.path.exists('{0}.disabled'.format(path)):
|
||||||
Log.debug(self, "Moving .disabled file")
|
Log.debug(self, "Moving .disabled file")
|
||||||
|
|||||||
@@ -136,9 +136,9 @@ class SSL:
|
|||||||
|
|
||||||
def setuphsts(self, wo_domain_name, enable=True):
|
def setuphsts(self, wo_domain_name, enable=True):
|
||||||
"""Enable or disable htsts for a site"""
|
"""Enable or disable htsts for a site"""
|
||||||
if enable:
|
if enable is True:
|
||||||
if WOFileUtils.enabledisable(
|
if WOFileUtils.enabledisable(
|
||||||
self, '/var/www/{0}/conf/nginx/hsts.conf'
|
self, f'/var/www/{wo_domain_name}/conf/nginx/hsts.conf'
|
||||||
):
|
):
|
||||||
return 0
|
return 0
|
||||||
else:
|
else:
|
||||||
@@ -146,8 +146,7 @@ class SSL:
|
|||||||
self, "Adding /var/www/{0}/conf/nginx/hsts.conf"
|
self, "Adding /var/www/{0}/conf/nginx/hsts.conf"
|
||||||
.format(wo_domain_name))
|
.format(wo_domain_name))
|
||||||
|
|
||||||
hstsconf = open("/var/www/{0}/conf/nginx/hsts.conf"
|
hstsconf = open(f"/var/www/{wo_domain_name}/conf/nginx/hsts.conf",
|
||||||
.format(wo_domain_name),
|
|
||||||
encoding='utf-8', mode='w')
|
encoding='utf-8', mode='w')
|
||||||
hstsconf.write("more_set_headers "
|
hstsconf.write("more_set_headers "
|
||||||
"\"Strict-Transport-Security: "
|
"\"Strict-Transport-Security: "
|
||||||
@@ -158,7 +157,7 @@ class SSL:
|
|||||||
return 0
|
return 0
|
||||||
else:
|
else:
|
||||||
if WOFileUtils.enabledisable(
|
if WOFileUtils.enabledisable(
|
||||||
self, '/var/www/{0}/conf/nginx/hsts.conf',
|
self, f'/var/www/{wo_domain_name}/conf/nginx/hsts.conf',
|
||||||
enable=False
|
enable=False
|
||||||
):
|
):
|
||||||
Log.info(self, "HSTS disabled")
|
Log.info(self, "HSTS disabled")
|
||||||
@@ -177,13 +176,11 @@ class SSL:
|
|||||||
try:
|
try:
|
||||||
WOShellExec.cmd_exec(
|
WOShellExec.cmd_exec(
|
||||||
self, "openssl genrsa -out "
|
self, "openssl genrsa -out "
|
||||||
"{0}/ssl.key 2048"
|
f"{selfs_tmp}/ssl.key 2048")
|
||||||
.format(selfs_tmp))
|
|
||||||
WOShellExec.cmd_exec(
|
WOShellExec.cmd_exec(
|
||||||
self, "openssl req -new -batch "
|
self, "openssl req -new -batch "
|
||||||
"-subj /commonName=localhost/ "
|
"-subj /commonName=localhost/ "
|
||||||
"-key {0}/ssl.key -out {0}/ssl.csr"
|
f"-key {selfs_tmp}/ssl.key -out {selfs_tmp}/ssl.csr")
|
||||||
.format(selfs_tmp))
|
|
||||||
|
|
||||||
WOFileUtils.mvfile(
|
WOFileUtils.mvfile(
|
||||||
self, "{0}/ssl.key"
|
self, "{0}/ssl.key"
|
||||||
|
|||||||
Reference in New Issue
Block a user