Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #115 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-08-16 00:43:55 +02:00
committed by GitHub
parent 30e1e4c821 a2d1481d27
commit 06a0210b15
44 changed files with 2515 additions and 2473 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.travis.yml
View File

@@ -13,14 +13,11 @@ addons:
git:
quiet: true
cache:
apt: true
before_install:
- rm -rf ~/.gnupg
before_script:
- sudo rm -rf /etc/mysql/
- sudo rm -rf /etc/mysql
- sudo bash -c 'echo example.com > /etc/hostname'
- sudo apt-get -qq purge mysql* graphviz* redis*
- sudo apt-get -qq autoremove --purge
@@ -36,6 +33,8 @@ script:
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000
- sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc
- sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73
- sudo wo site create wprocket.net --wprocket && sudo wo site create wprocket-php73.net --wprocket --php73
- sudo wo site create wpce.net --wpce && sudo wo site create wpce-php73.net --wpce --php73
- sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73
- sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73
@@ -47,11 +46,16 @@ script:
- sudo wp --allow-root --info
- sudo wo info
- sudo cat /etc/nginx/nginx.conf
- sudo tree -L 2 /etc/nginx
- sudo cat /etc/mysql/my.cnf
- sudo wo stack upgrade --nginx --no-prompt
- sudo wo stack upgrade --php --no-prompt
- sudo wo stack upgrade --netdata --no-prompt
- sudo wo stack upgrade --phpmyadmin --no-prompt
- sudo wo stack upgrade --composer --no-prompt
- sudo wo update --travis
- sudo wo stack status
- sudo tar -I pigz -cf wordops.tar.gz /var/log/wo
- curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "wordops.tar.gz") && echo "" | sudo tee -a $HOME/.transfer.log && echo ""
- echo "yes" | sudo wo stack purge --all
- sudo bash install --purge

36
CHANGELOG.md
View File

@@ -8,6 +8,35 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### v3.9.x - [Unreleased]
### v3.9.7.3 - 2019-08-16
#### Added
- Allow web browser caching for json and webmanifest files
- nginx-core.mustache template used to render nginx.conf during stack setup
- APT Packages configuration step with `wo stack upgrade` to apply new configurations
- Cloudflare restore real_ip configuration
- WP-Rocket plugin support with the flag `--wprocket`
- Cache-Enabler plugin support with the flag `--wpce`
- Install unattended-upgrade and enable automated security updates
- Enable time synchronization with ntp
- Additional cache exception for woocommerce
#### Changed
- Do not force Nginx upgrade if a custom Nginx package compiled with nginx-ee is detected
- Gzip enabled again by default with configuration in /etc/nginx/conf.d/gzip.conf
- Brotli configuration moved in /etc/nginx/conf.d/brotli.conf.disabled (disabled by default)
- Moving package configuration in a new plugin stack_pref.py
- Cleanup templates by removing all doublons (with/without php7) and replacing them with variables
- Updated Nginx to v1.16.1 in response to HTTP/2 vulnerabilites discovered
- Disable temporary adding swap feature (not working)
- `wo stack upgrade --nginx` is now able to apply new configurations during `wo update`, it highly reduce upgrade duration
#### Fixed
- Error in HSTS header syntax
### v3.9.7.2 - 2019-08-12
#### Fixed
@@ -18,9 +47,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
#### Changed
- Cement framework updated to v2.8.0
- Psutil updated to v5.6.3
- PyMySQL updated to v0.9.3
- Set WordOps backend password length from 16 to 24
- Upgrade framework cement to 2.6.0
- Upgrade PyMySQL to 0.9.3
- Upgrade Psutil to 5.6.3
#### Fixed

12
README.md
View File

@@ -14,8 +14,8 @@
<img src="https://img.shields.io/github/license/wordops/wordops.svg" alt="MIT">
<img src="https://img.shields.io/github/last-commit/wordops/wordops.svg" alt="Commits">
<img alt="GitHub release" src="https://img.shields.io/github/release/WordOps/WordOps.svg">
<br><img src="https://netdata.wordops.eu/netdata/api/v1/badge.svg?chart=web_log_wops.cc.requests_per_url&options=unaligned&dimensions=download&group=sum&after=-86400&label=today&units=installations&precision=0&value_color=%230055AA" alt >
<a href="https://www.codacy.com/app/VirtuBox/WordOps?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=WordOps/WordOps&amp;utm_campaign=Badge_Grade"><img src="https://api.codacy.com/project/badge/Grade/fe9100fd2c634de7882ecec17f00a11a"/></a>
<br><img src="https://netdata.wordops.eu/netdata/api/v1/badge.svg?chart=web_log_wops.cc.requests_per_url&options=unaligned&dimensions=download&group=sum&after=-86400&label=today&units=installations&precision=0&value_color=%230055AA" alt="WordOps install" >
<a href="https://www.codacy.com/app/VirtuBox/WordOps?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=WordOps/WordOps&amp;utm_campaign=Badge_Grade"><img src="https://api.codacy.com/project/badge/Grade/fe9100fd2c634de7882ecec17f00a11a" alt="codacy"/></a>
<a href="https://twitter.com/WordOps_" target="_blank"><img src="https://img.shields.io/badge/twitter-%40WordOps__-blue.svg?style=flat&logo=twitter" alt="Badge Twitter" /></a>
<a href="https://community.wordops.net/slack" target="_blank"><img src="https://img.shields.io/badge/slack-WordOps-4A154B.svg?style=flat&logo=slack" alt="Badge Slack" /></a>
@@ -42,7 +42,7 @@
- **Easy to install** : One step automated installer with migration from EasyEngine v3 support
- **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation
- **Custom Nginx build** : Nginx 1.16.0 - TLS v1.3 Cloudflare HTTP/2 HPACK & Brotli support
- **Custom Nginx build** : Nginx 1.16.1 - TLS v1.3 Cloudflare HTTP/2 HPACK & Brotli support
- **Up-to-date** : PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- **Secured** : Hardened WordPress security with strict Nginx location directives
- **Powerful** : Optimized Nginx configurations with multiple cache backends support
@@ -87,6 +87,8 @@ wo site create example.com --wp # install wordpress without any
wo site create example.com --wp --php73 # install wordpress with PHP 7.3 without any page caching
wo site create example.com --wpfc # install wordpress + nginx fastcgi_cache
wo site create example.com --wpredis # install wordpress + nginx redis_cache
wo site create example.com --wprocket # install wordpress with WP-Rocket plugin
wo site create example.com --wpce # install wordpress with Cache-enabler plugin
wo site create example.com --wpsc # install wordpress with wp-super-cache plugin
```
@@ -97,6 +99,8 @@ wo site create example.com --wpsubdir # install wpmu-subdirectory wit
wo site create example.com --wpsubdir --wpsc # install wpmu-subdirectory with wp-super-cache plugin
wo site create example.com --wpsubdir --wpfc # install wpmu-subdirectory + nginx fastcgi_cache
wo site create example.com --wpsubdir --wpredis # install wpmu-subdirectory + nginx redis_cache
wo site create example.com --wpsubdir --wprocket # install wpmu-subdirectory + WP-Rocket plugin
wo site create example.com --wpsubdir --wpce # install wpmu-subdirectory + Cache-Enabler plugin
```
### WordPress multisite with subdomain
@@ -106,6 +110,8 @@ wo site create example.com --wpsubdomain # install wpmu-subdomain wit
wo site create example.com --wpsubdomain --wpsc # install wpmu-subdomain with wp-super-cache plugin
wo site create example.com --wpsubdomain --wpfc # install wpmu-subdomain + nginx fastcgi_cache
wo site create example.com --wpsubdomain --wpredis # install wpmu-subdomain + nginx redis_cache
wo site create example.com --wpsubdomain --wprocket # install wpmu-subdomain + WP-Rocket plugin
wo site create example.com --wpsubdomain --wpce # install wpmu-subdomain + Cache-Enabler plugin
```
### Non-WordPress sites

24
config/bash_completion.d/wo_auto.rc
View File

@@ -159,13 +159,13 @@ _wo_complete()
"create")
COMPREPLY=( $(compgen \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-- $cur) )
;;
"update")
COMPREPLY=( $(compgen \
-W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-- $cur) )
;;
"delete")
@@ -211,9 +211,9 @@ _wo_complete()
"--wp")
if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt -le --letsencrypt=subdomain --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do --php73"
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --wprocket --letsencrypt -le --letsencrypt=subdomain --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le -le=off -le=wildcard --dns --dns=dns_cf --dns=dns_do"
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le -le=off -le=wildcard --dns --dns=dns_cf --dns=dns_do"
else
retlist=""
fi
@@ -230,9 +230,9 @@ _wo_complete()
"--wpsubdir" | "--wpsubdomain")
if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --php73 --dns --dns=dns_cf --dns=dns_do"
retlist="--wpsc --wpfc --user --email --pass --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --php73 --dns --dns=dns_cf --dns=dns_do"
elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le --dns --dns=dns_cf --dns=dns_do"
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le --dns --dns=dns_cf --dns=dns_do"
else
retlist=""
fi
@@ -246,9 +246,9 @@ _wo_complete()
-- $cur) )
;;
"--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
"--wpredis --wprocket" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --php73 --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
else
retlist=""
fi
@@ -259,9 +259,9 @@ _wo_complete()
-- $cur) )
;;
"--wpredis" | "--wpfc")
"--wpredis --wprocket" | "--wpfc")
if [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le --dns --dns=dns_cf --dns=dns_do"
retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --letsencrypt=clean -le --dns --dns=dns_cf --dns=dns_do"
else
retlist=""
fi
@@ -314,7 +314,7 @@ _wo_complete()
elif [ ${COMP_WORDS[2]} == "delete" ]; then
retlist="--db --files --force"
elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew"
retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew"
else
retlist=""
fi
@@ -363,7 +363,7 @@ _wo_complete()
case "$mprev" in
"--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
fi
ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \

180
install
View File

@@ -10,7 +10,7 @@
# Version 3.9.7.2 - 2019-08-12
# -------------------------------------------------------------------------
readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.7.2"
readonly wo_version_new="3.9.7.3"
# CONTENTS
# ---
# 1. VARIABLES AND DECLARATIONS
@@ -124,11 +124,11 @@ readonly wo_install_log=/var/log/wo/install.log
readonly wo_linux_distro=$(lsb_release -is)
readonly wo_distro_version=$(lsb_release -sc)
readonly wo_distro_id=$(lsb_release -rs)
TIME_FORMAT='%d-%b-%Y-%H%M%S'
TIME=$(date +"$TIME_FORMAT")
NGINX_BACKUP_FILE="/var/lib/wo-backup/nginx-backup.$TIME.tar.gz"
EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.gz"
WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz"
readonly TIME_FORMAT='%d-%b-%Y-%H%M%S'
readonly TIME=$(date +"$TIME_FORMAT")
readonly NGINX_BACKUP_FILE="/var/lib/wo-backup/nginx-backup.$TIME.tar.gz"
readonly EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.gz"
readonly WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz"
WO_ARCH="$(uname -m)"
if [ -x /usr/local/bin/ee ]; then
@@ -147,9 +147,9 @@ if [ -z "$wo_force_install" ]; then
wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives."
exit 100
else
check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch|buster")
check_wo_linux_distro=$(lsb_release -sc | grep -E "xenial|bionic|disco|jessie|stretch|buster")
if [ -z "$check_wo_linux_distro" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x/9.x/10.x and Raspbian 9.x"
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 16.04/18.04/19.04 LTS, Debian 9.x/10.x and Raspbian 9.x"
exit 100
fi
fi
@@ -175,17 +175,21 @@ fi
wo_install_dep() {
{
export DEBIAN_FRONTEND=noninteractive
[ -z "$wo_travis" ] && {
# update server packages
DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade --option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes --quiet
apt-get dist-upgrade --option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes --quiet
}
if [ "$wo_linux_distro" == "Ubuntu" ]; then
# install dependencies
DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1
apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \
gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
else
# install dependencies
DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1
apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar \
software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
# add php repository gpg key
[ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; }
# add nginx repository gpg key
@@ -193,6 +197,13 @@ wo_install_dep() {
fi
locale-gen en
# enable unattended upgades
cp /usr/share/unattended-upgrades/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
# set default ntp pools
sed -e 's/^#NTP=/NTP=time.cloudflare.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org/' -i /etc/systemd/timesyncd.conf
# enable ntp
timedatectl set-ntp 1
} >> "$wo_install_log" 2>&1
}
@@ -406,9 +417,9 @@ wo_install_acme_sh() {
wo_install() {
{
rm -f /etc/bash_completion.d/wo_auto.rc
rm -rf /tmp/WordOps
git clone -b "$wo_branch" --depth=50 https://github.com/WordOps/WordOps.git /tmp/WordOps
cd /tmp/WordOps || exit 1
rm -rf /var/lib/wo/tmp/WordOps-*
curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp
cd /var/lib/wo/tmp/WordOps-${wo_branch} || exit 1
} \
>> "$wo_install_log" 2>&1
@@ -454,63 +465,41 @@ wo_upgrade_nginx() {
fi
# chec if the package nginx-ee is installed
CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo)
CHECK_PHP72=$(command -v php-fpm7.2)
# add new Nginx repository
if [ "$wo_linux_distro" = "Ubuntu" ]; then
if [ ! -f /etc/apt/sources.list.d/wordops-ubuntu-nginx-wo-"$(lsb_release -sc)".list ]; then
add-apt-repository ppa:wordops/nginx-wo -y -u
fi
if [ "$wo_distro_version" == "jessie" ]; then
# import the respository key for updates
curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key | apt-key add -
else
if [ "$wo_distro_version" == "jessie" ]; then
# import the respository key for updates
curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key | apt-key add -
else
curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key | apt-key add -
fi
curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key | apt-key add -
fi
# stop nginx
service nginx stop
# prevent apt preference to block install
[ -f /etc/apt/preferences.d/nginx-block ] && {
mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block"
}
# install new nginx package
if [ -n "$CHECK_NGINX_EE" ] || [ -n "$CHECK_NGINX_WO" ]; then
if [ -n "$CHECK_NGINX_EE" ]; then
if [ -x /usr/local/bin/wo ]; then
if [ -n "$CHECK_NGINX_EE" ]; then
# remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get --assume-yes purge nginx-ee nginx-common nginx-custom --allow-change-held-packages
# remove previous php-fpm pool configuration
if [ -n "$CHECK_PHP72" ]; then
apt-get purge php7.2-fpm -y -qq
rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
fi
elif [ -n "$CHECK_NGINX_WO" ]; then
apt-mark unhold nginx-wo nginx-common nginx-custom
apt-get --assume-yes purge nginx-wo nginx-common nginx-custom --allow-change-held-packages
if [ -n "$CHECK_PHP72" ]; then
apt-get purge php7.2-fpm -y -qq
rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
fi
# stop nginx
service nginx stop
# remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get --assume-yes purge nginx-ee nginx-common nginx-custom --allow-change-held-packages
# remove previous php-fpm pool configuration
if [ -n "$CHECK_PHP72" ]; then
apt-get purge php7.2-fpm -y -qq
rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
fi
if [ -d /etc/nginx ]; then
rm -rf /etc/nginx
fi
/usr/local/bin/wo stack install --nginx --php
rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf,fascgi.conf,blockips.conf} /etc/nginx/htpasswd-wo
fi
fi
rm -f /etc/nginx/common/acl.conf /etc/nginx/htpasswd-wo
/usr/bin/rsync -au --noatime /var/lib/wo-backup/nginx/ /etc/nginx/
fi
else
/usr/local/bin/wo stack upgrade --nginx --force
fi
# restore sites and configuration
/usr/bin/rsync -au --noatime /var/lib/wo-backup/nginx/ /etc/nginx/
[ -f /etc/nginx/htpasswd-ee ] && { mv /etc/nginx/htpasswd-ee /etc/nginx/htpasswd-wo; }
sed -i "s/locations.conf/locations-wo.conf/" /etc/nginx/sites-available/*
sed -i "s/locations-php7.conf/locations-wo.conf/" /etc/nginx/sites-available/*
@@ -539,12 +528,8 @@ wo_upgrade_nginx() {
systemctl start nginx
fi
# set back apt preference
[ -f "$HOME/nginx-block" ] && {
mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block
}
} >> "$wo_install_log" 2>&1
} \
>> "$wo_install_log" 2>&1
}
@@ -654,23 +639,20 @@ wo_remove_ee_cron() {
wo_tweak_kernel() {
if [ ! -f /etc/sysctl.d/60-wo-tweaks.conf ]; then
if [ "$WO_ARCH" = "x86_64" ]; then
rm -f /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
wget -qO /etc/sysctl.d/60-wo-tweaks.conf https://raw.githubusercontent.com/WordOps/WordOps/master/wo/cli/templates/sysctl.mustache
if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ] || [ "$wo_distro_version" = "buster" ]; then
modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf
echo -e '\nnet.ipv4.tcp_congestion_control = bbr\nnet.ipv4.tcp_notsent_lowat = 16384' >> /etc/sysctl.d/60-wo-tweaks.conf
else
modprobe tcp_htcp && echo 'tcp_htcp' >> /etc/modules-load.d/htcp.conf
echo 'net.ipv4.tcp_congestion_control = htcp' >> /etc/sysctl.d/60-wo-tweaks.conf
fi
# apply sysctl tweaks
sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf
if [ "$WO_ARCH" = "x86_64" ]; then
rm -f /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
wget -qO /etc/sysctl.d/60-wo-tweaks.conf https://raw.githubusercontent.com/WordOps/WordOps/"$wo_branch"/wo/cli/templates/sysctl.mustache
if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ] || [ "$wo_distro_version" = "buster" ]; then
modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf
echo -e '\nnet.ipv4.tcp_congestion_control = bbr\nnet.ipv4.tcp_notsent_lowat = 16384' >> /etc/sysctl.d/60-wo-tweaks.conf
else
sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf
modprobe tcp_htcp && echo 'tcp_htcp' >> /etc/modules-load.d/htcp.conf
echo 'net.ipv4.tcp_congestion_control = htcp' >> /etc/sysctl.d/60-wo-tweaks.conf
fi
# apply sysctl tweaks
sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf
fi
if [ ! -x /opt/wo-kernel.sh ]; then
{
# download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup
@@ -697,6 +679,46 @@ wo_uninstall() {
rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1
}
wo_ufw_setup() {
CURRENT_SSH_PORT=$(grep "Port" /etc/ssh/sshd_config | awk -F " " '{print $2}')
if [ ! -d /etc/ufw ]; then
apt-get install ufw -y
fi
# define firewall rules
ufw logging low
ufw default allow outgoing
ufw default deny incoming
# default ssh port
ufw allow 22
# custom ssh port
if [ "$CURRENT_SSH_PORT" != "22" ]; then
ufw allow "$CURRENT_SSH_PORT"
fi
# dns
ufw allow 53
# nginx
ufw allow http
ufw allow https
# ntp
ufw allow 123
# wordops backend
ufw allow 22222
# enable ufw
echo "y" | ufw enable
} >> $wo_install_log
###
# 4 - WO MAIN SETUP
###
@@ -733,7 +755,7 @@ else
fi
if [ -z "$wo_preserve_config" ]; then
if [ -n "$(command -v nginx)" ]; then
if [ ! -f /etc/nginx/common/release ] || ! grep -q "v3.9.7" /etc/nginx/common/release; then
if [ ! -f /etc/apt/preferences.d/nginx-block ]; then
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log
fi
@@ -835,5 +857,7 @@ else
wo_lib_echo "WordOps Documentation : https://docs.wordops.net"
wo_lib_echo "WordOps Community Forum : https://community.wordops.net"
echo
wo_lib_echo "Give WordOps a GitHub star : https://github.com/WordOps/WordOps/"
echo
fi

17
setup.py
View File

@@ -9,9 +9,10 @@ import shutil
conf = []
templates = []
long_description = '''WordOps is the commandline tool to manage your
Websites based on WordPress and Nginx with easy to use
commands'''
long_description = '''WordOps An essential toolset that eases WordPress
site and server administration. It provide the ability
to Install a high performance WordPress stack
with a few keystrokes'''
for name in glob.glob('config/plugins.d/*.conf'):
conf.insert(1, name)
@@ -56,13 +57,13 @@ if not os.path.isfile('/root/.gitconfig'):
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
setup(name='wo',
version='3.9.7.2',
version='3.9.7.3',
description=long_description,
long_description=long_description,
classifiers=[],
keywords='',
author='WordOps',
author_email='core@wordops.net',
author_email='contact@wordops.io',
url='https://wordops.net',
license='MIT',
packages=find_packages(exclude=['ez_setup', 'examples', 'tests',
@@ -72,10 +73,10 @@ setup(name='wo',
test_suite='nose.collector',
install_requires=[
# Required to build documentation
# "Sphinx >= 1.0",
"Sphinx >= 1.0",
# Required for testing
# "nose",
# "coverage",
"nose",
"coverage",
# Required to function
'cement == 2.8.0',
'pystache',

35
wo/cli/plugins/clean.py
View File

@@ -26,8 +26,6 @@ class WOCleanController(CementBaseController):
dict(help='Clean all cache', action='store_true')),
(['--fastcgi'],
dict(help='Clean FastCGI cache', action='store_true')),
(['--memcached'],
dict(help='Clean MemCached', action='store_true')),
(['--opcache'],
dict(help='Clean OpCache', action='store_true')),
(['--redis'],
@@ -37,22 +35,20 @@ class WOCleanController(CementBaseController):
@expose(hide=True)
def default(self):
if (not (self.app.pargs.all or self.app.pargs.fastcgi or
self.app.pargs.memcached or self.app.pargs.opcache or
self.app.pargs.redis)):
pargs = self.app.pargs
if (not (pargs.all or pargs.fastcgi or
pargs.memcached or pargs.opcache or
pargs.redis)):
self.clean_fastcgi()
if self.app.pargs.all:
self.clean_memcached()
if pargs.all:
self.clean_fastcgi()
self.clean_opcache()
self.clean_redis()
if self.app.pargs.fastcgi:
if pargs.fastcgi:
self.clean_fastcgi()
if self.app.pargs.memcached:
self.clean_memcached()
if self.app.pargs.opcache:
if pargs.opcache:
self.clean_opcache()
if self.app.pargs.redis:
if pargs.redis:
self.clean_redis()
@expose(hide=True)
@@ -64,23 +60,12 @@ class WOCleanController(CementBaseController):
else:
Log.info(self, "Redis is not installed")
@expose(hide=True)
def clean_memcached(self):
try:
if(WOAptGet.is_installed(self, "memcached")):
WOService.restart_service(self, "memcached")
Log.info(self, "Cleaning MemCached")
else:
Log.info(self, "Memcached not installed")
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to restart Memcached", False)
@expose(hide=True)
def clean_fastcgi(self):
if(os.path.isdir("/var/run/nginx-cache")):
Log.info(self, "Cleaning NGINX FastCGI cache")
WOShellExec.cmd_exec(self, "rm -rf /var/run/nginx-cache/*")
WOService.restart_service(self, 'nginx')
else:
Log.error(self, "Unable to clean FastCGI cache", False)
@@ -88,7 +73,7 @@ class WOCleanController(CementBaseController):
def clean_opcache(self):
try:
Log.info(self, "Cleaning opcache")
urllib.request.urlopen(" https://127.0.0.1:22222/cache"
urllib.request.urlopen("https://127.0.0.1:22222/cache"
"/opcache/opgui.php?reset=1").read()
except Exception as e:
Log.debug(self, "{0}".format(e))

49
wo/cli/plugins/secure.py
View File

@@ -35,31 +35,33 @@ class WOSecureController(CementBaseController):
@expose(hide=True)
def default(self):
if self.app.pargs.auth:
pargs = self.app.pargs
if pargs.auth:
self.secure_auth()
if self.app.pargs.port:
if pargs.port:
self.secure_port()
if self.app.pargs.ip:
if pargs.ip:
self.secure_ip()
@expose(hide=True)
def secure_auth(self):
"""This function secures authentication"""
pargs = self.app.pargs
passwd = ''.join([random.choice
(string.ascii_letters + string.digits)
for n in range(24)])
if not self.app.pargs.user_input:
if not pargs.user_input:
username = input("Provide HTTP authentication user "
"name [{0}] :".format(WOVariables.wo_user))
self.app.pargs.user_input = username
pargs.user_input = username
if username == "":
self.app.pargs.user_input = WOVariables.wo_user
if not self.app.pargs.user_pass:
pargs.user_input = WOVariables.wo_user
if not pargs.user_pass:
password = getpass.getpass("Provide HTTP authentication "
"password [{0}] :".format(passwd))
self.app.pargs.user_pass = password
pargs.user_pass = password
if password == "":
self.app.pargs.user_pass = passwd
pargs.user_pass = passwd
Log.debug(self, "printf username:"
"$(openssl passwd -crypt "
"password 2> /dev/null)\n\""
@@ -68,8 +70,8 @@ class WOSecureController(CementBaseController):
"$(openssl passwd -crypt "
"{password} 2> /dev/null)\n\""
"> /etc/nginx/htpasswd-wo 2>/dev/null"
.format(username=self.app.pargs.user_input,
password=self.app.pargs.user_pass),
.format(username=pargs.user_input,
password=pargs.user_pass),
log=False)
WOGit.add(self, ["/etc/nginx"],
msg="Adding changed secure auth into Git")
@@ -77,41 +79,42 @@ class WOSecureController(CementBaseController):
@expose(hide=True)
def secure_port(self):
"""This function Secures port"""
if self.app.pargs.user_input:
while not self.app.pargs.user_input.isdigit():
pargs = self.app.pargs
if pargs.user_input:
while not pargs.user_input.isdigit():
Log.info(self, "Please enter a valid port number ")
self.app.pargs.user_input = input("WordOps "
pargs.user_input = input("WordOps "
"admin port [22222]:")
if not self.app.pargs.user_input:
if not pargs.user_input:
port = input("WordOps admin port [22222]:")
if port == "":
self.app.pargs.user_input = 22222
pargs.user_input = 22222
while not port.isdigit() and port != "":
Log.info(self, "Please Enter valid port number :")
port = input("WordOps admin port [22222]:")
self.app.pargs.user_input = port
pargs.user_input = port
WOShellExec.cmd_exec(self, "sed -i \"s/listen.*/listen "
"{port} default_server ssl http2;/\" "
"/etc/nginx/sites-available/22222"
.format(port=self.app.pargs.user_input))
.format(port=pargs.user_input))
WOGit.add(self, ["/etc/nginx"],
msg="Adding changed secure port into Git")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "Successfully port changed {port}"
.format(port=self.app.pargs.user_input))
.format(port=pargs.user_input))
@expose(hide=True)
def secure_ip(self):
"""IP whitelisting"""
newlist = []
if not self.app.pargs.user_input:
pargs = self.app.pargs
if not pargs.user_input:
ip = input("Enter the comma separated IP addresses "
"to white list [127.0.0.1]:")
self.app.pargs.user_input = ip
pargs.user_input = ip
try:
user_ip = self.app.pargs.user_input.split(',')
user_ip = pargs.user_input.split(',')
except Exception as e:
Log.debug(self, "{0}".format(e))
user_ip = ['127.0.0.1']

93
wo/cli/plugins/site.py
View File

@@ -333,6 +333,12 @@ class WOSiteCreateController(CementBaseController):
(['--wpsc'],
dict(help="create WordPress single/multi site with wpsc cache",
action='store_true')),
(['--wprocket'],
dict(help="create WordPress single/multi site with WP-Rocket",
action='store_true')),
(['--wpce'],
dict(help="create WordPress single/multi site with Cache-Enabler",
action='store_true')),
(['--wpredis'],
dict(help="create WordPress single/multi site "
"with redis cache",
@@ -423,7 +429,8 @@ class WOSiteCreateController(CementBaseController):
if stype == 'proxy':
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=True, basic=False, php73=False, wp=False,
wpfc=False, wpsc=False, multisite=False,
wpfc=False, wpsc=False, wprocket=False, wpce=False,
multisite=False,
wpsubdir=False, webroot=wo_site_webroot)
data['proxy'] = True
data['host'] = host
@@ -433,14 +440,16 @@ class WOSiteCreateController(CementBaseController):
if self.app.pargs.php73:
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=False, basic=False, php73=True, wp=False,
wpfc=False, wpsc=False, multisite=False,
wpfc=False, wpsc=False, wprocket=False, wpce=False,
multisite=False,
wpsubdir=False, webroot=wo_site_webroot)
data['basic'] = True
if stype in ['html', 'php']:
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=True, basic=False, php73=False, wp=False,
wpfc=False, wpsc=False, multisite=False,
wpfc=False, wpsc=False, wprocket=False, wpce=False,
multisite=False,
wpsubdir=False, webroot=wo_site_webroot)
if stype == 'php':
@@ -451,7 +460,8 @@ class WOSiteCreateController(CementBaseController):
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=False, basic=True, wp=False, wpfc=False,
wpsc=False, wpredis=False, multisite=False,
wpsc=False, wpredis=False, wprocket=False, wpce=False,
multisite=False,
wpsubdir=False, webroot=wo_site_webroot,
wo_db_name='', wo_db_user='', wo_db_pass='',
wo_db_host='')
@@ -479,6 +489,8 @@ class WOSiteCreateController(CementBaseController):
if ((not self.app.pargs.wpfc) and
(not self.app.pargs.wpsc) and
(not self.app.pargs.wprocket) and
(not self.app.pargs.wpce) and
(not self.app.pargs.wpredis)):
data['basic'] = True
@@ -825,6 +837,10 @@ class WOSiteUpdateController(CementBaseController):
dict(help="update to wpfc cache", action='store_true')),
(['--wpsc'],
dict(help="update to wpsc cache", action='store_true')),
(['--wprocket'],
dict(help="update to WP-Rocket cache", action='store_true')),
(['--wpce'],
dict(help="update to Cache-Enabler cache", action='store_true')),
(['--wpredis'],
dict(help="update to redis cache", action='store_true')),
(['-le', '--letsencrypt'],
@@ -856,7 +872,7 @@ class WOSiteUpdateController(CementBaseController):
pargs = self.app.pargs
if pargs.php72:
self.app.pargs.php = True
pargs.php = True
if pargs.all:
if pargs.site_name:
@@ -868,6 +884,7 @@ class WOSiteUpdateController(CementBaseController):
if not (pargs.php or pargs.php73 or
pargs.mysql or pargs.wp or pargs.wpsubdir or
pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or
pargs.wprocket or pargs.wpce or
pargs.wpredis or pargs.letsencrypt or pargs.hsts or
pargs.dns or pargs.force):
Log.error(self, "Please provide options to update sites.")
@@ -946,6 +963,7 @@ class WOSiteUpdateController(CementBaseController):
if (pargs.password and not (pargs.html or
pargs.php or pargs.php73 or pargs.mysql or
pargs.wp or pargs.wpfc or pargs.wpsc or
pargs.wprocket or pargs.wpce or
pargs.wpsubdir or pargs.wpsubdomain or
pargs.hsts)):
try:
@@ -958,6 +976,7 @@ class WOSiteUpdateController(CementBaseController):
if (pargs.hsts and not (pargs.html or
pargs.php or pargs.php73 or pargs.mysql or
pargs.wp or pargs.wpfc or pargs.wpsc or
pargs.wprocket or parge.wpce or
pargs.wpsubdir or pargs.wpsubdomain or
pargs.password)):
try:
@@ -999,16 +1018,16 @@ class WOSiteUpdateController(CementBaseController):
if stype == 'php':
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=False, basic=True, wp=False, wpfc=False,
wpsc=False, wpredis=False, multisite=False,
wpsubdir=False, webroot=wo_site_webroot,
wpsc=False, wpredis=False, wprocket=False, wpce=False,
multisite=False, wpsubdir=False, webroot=wo_site_webroot,
currsitetype=oldsitetype, currcachetype=oldcachetype)
elif stype in ['mysql', 'wp', 'wpsubdir', 'wpsubdomain']:
data = dict(site_name=wo_domain, www_domain=wo_www_domain,
static=False, basic=True, wp=False, wpfc=False,
wpsc=False, wpredis=False, multisite=False,
wpsubdir=False, webroot=wo_site_webroot,
wpsc=False, wpredis=False, wprocket=False, wpce=False,
multisite=False,wpsubdir=False, webroot=wo_site_webroot,
wo_db_name='', wo_db_user='', wo_db_pass='',
wo_db_host='',
currsitetype=oldsitetype, currcachetype=oldcachetype)
@@ -1061,21 +1080,43 @@ class WOSiteUpdateController(CementBaseController):
data['wpfc'] = False
data['wpsc'] = False
data['wpredis'] = False
data['wprocket'] = False
data['wpce'] = False
elif oldcachetype == 'wpfc':
data['basic'] = False
data['wpfc'] = True
data['wpsc'] = False
data['wpredis'] = False
data['wprocket'] = False
data['wpce'] = False
elif oldcachetype == 'wpsc':
data['basic'] = False
data['wpfc'] = False
data['wpsc'] = True
data['wpredis'] = False
data['wprocket'] = False
data['wpce'] = False
elif oldcachetype == 'wpredis':
data['basic'] = False
data['wpfc'] = False
data['wpsc'] = False
data['wpredis'] = True
data['wprocket'] = False
data['wpce'] = False
elif oldcachetype == 'wprocket':
data['basic'] = False
data['wpfc'] = False
data['wpsc'] = False
data['wpredis'] = False
data['wprocket'] = True
data['wpce'] = False
elif oldcachetype == 'wpce':
data['basic'] = False
data['wpfc'] = False
data['wpsc'] = False
data['wpredis'] = False
data['wprocket'] = False
data['wpce'] = True
if pargs.php73 == 'on':
data['php73'] = True
@@ -1233,6 +1274,16 @@ class WOSiteUpdateController(CementBaseController):
data['basic'] = False
cache = 'wpredis'
if pargs.wprocket and data['currcachetype'] != 'wprocket':
data['wprocket'] = True
data['basic'] = False
cache = 'wprocket'
if pargs.wpce and data['currcachetype'] != 'wpce':
data['wpce'] = True
data['basic'] = False
cache = 'wpce'
if (php73 is old_php73) and (stype == oldsitetype and
cache == oldcachetype):
return 1
@@ -1473,7 +1524,7 @@ class WOSiteUpdateController(CementBaseController):
"and please try again")
return 1
if ((oldcachetype in ['wpsc', 'basic', 'wpredis'] and
if ((oldcachetype in ['wpsc', 'basic', 'wpredis', 'wprocket', 'wpce'] and
(data['wpfc'])) or (oldsitetype == 'wp' and
data['multisite'] and data['wpfc'])):
try:
@@ -1512,7 +1563,7 @@ class WOSiteUpdateController(CementBaseController):
"and please try again")
return 1
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc'] and
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc', 'wprocket', 'wpce'] and
(data['wpredis'])) or (oldsitetype == 'wp' and
data['multisite'] and
data['wpredis'])):
@@ -1620,6 +1671,26 @@ class WOSiteUpdateController(CementBaseController):
"`tail /var/log/wo/wordops.log` and please try again")
return 1
if oldcachetype == 'wprocket' and not data['wprocket']:
try:
uninstallwp_plugin(self, 'wp-rocket', data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
return 1
if oldcachetype == 'wpce' and not data['wpce']:
try:
uninstallwp_plugin(self, 'cache-enabler', data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
return 1
# Service Nginx Reload
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "

176
wo/cli/plugins/site_functions.py
View File

@@ -16,6 +16,7 @@ from wo.core.git import WOGit
from wo.core.logging import Log
from wo.core.mysql import *
from wo.core.services import WOService
from wo.cli.plugins.stack_pref import pre_pref, post_pref
from wo.core.shellexec import CommandExecutionError, WOShellExec
from wo.core.sslutils import SSL
from wo.core.variables import WOVariables
@@ -39,7 +40,7 @@ def pre_run_checks(self):
Log.debug(self, "checking NGINX configuration ...")
FNULL = open('/dev/null', 'w')
subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL,
stderr=subprocess.STDOUT)
stderr=subprocess.STDOUT)
except CalledProcessError as e:
Log.debug(self, "{0}".format(str(e)))
raise SiteError("nginx configuration check failed.")
@@ -90,7 +91,7 @@ def setupdomain(self, data):
Log.debug(self, "Checking generated nginx conf, please wait...")
FNULL = open('/dev/null', 'w')
subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL,
stderr=subprocess.STDOUT)
stderr=subprocess.STDOUT)
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
except CalledProcessError as e:
Log.debug(self, "{0}".format(str(e)))
@@ -240,7 +241,7 @@ def setupwordpress(self, data):
# Random characters
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase +
string.digits, 15)))
string.digits, 24)))
wo_wp_prefix = ''
# wo_wp_user = ''
# wo_wp_pass = ''
@@ -290,7 +291,7 @@ def setupwordpress(self, data):
Log.debug(self, "Setting up wp-config file")
if not data['multisite']:
Log.debug(self, "Generating wp-config for WordPress Single site")
Log.debug(self, "bash -c \"php {0} --allow-root "
Log.debug(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config create " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' --dbuser=\'{2}\' "
@@ -302,7 +303,7 @@ def setupwordpress(self, data):
.format(data['wo_db_pass'],
"\n\ndefine(\'WP_DEBUG\', false);"))
try:
if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root"
if WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root"
.format(WOVariables.wo_wpcli_path) +
" config create " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' "
@@ -325,7 +326,7 @@ def setupwordpress(self, data):
raise SiteError("generate wp-config failed for wp single site")
else:
Log.debug(self, "Generating wp-config for WordPress multisite")
Log.debug(self, "bash -c \"php {0} --allow-root "
Log.debug(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config create " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' "
@@ -340,7 +341,7 @@ def setupwordpress(self, data):
" false);",
"\n\ndefine(\'WP_DEBUG\', false);"))
try:
if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root"
if WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root"
.format(WOVariables.wo_wpcli_path) +
" config create " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' "
@@ -365,36 +366,36 @@ def setupwordpress(self, data):
try:
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_CACHE_KEY_SALT "
"\'{0}:\'\"".format(wo_domain_name))
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MEMORY_LIMIT "
"\'128M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MAX_MEMORY_LIMIT "
"\'256M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set CONCATENATE_SCRIPTS "
"false --raw\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_POST_REVISIONS "
"\'10\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set MEDIA_TRASH "
"true --raw\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set EMPTY_TRASH_DAYS "
"\'15\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_AUTO_UPDATE_CORE "
"minor\"")
@@ -456,14 +457,14 @@ def setupwordpress(self, data):
if not data['multisite']:
Log.debug(self, "Creating tables for WordPress Single site")
Log.debug(self, "php {0} --allow-root core install "
Log.debug(self, "{0} --allow-root core install "
.format(WOVariables.wo_wpcli_path) +
"--url=\'{0}\' --title=\'{0}\' --admin_name=\'{1}\' "
.format(data['www_domain'], wo_wp_user) +
"--admin_password= --admin_email=\'{1}\'"
.format(wo_wp_pass, wo_wp_email))
try:
if WOShellExec.cmd_exec(self, "php {0} --allow-root core "
if WOShellExec.cmd_exec(self, "{0} --allow-root core "
.format(WOVariables.wo_wpcli_path) +
"install --url=\'{0}\' --title=\'{0}\' "
"--admin_name=\'{1}\' "
@@ -480,7 +481,7 @@ def setupwordpress(self, data):
raise SiteError("setup WordPress tables failed for single site")
else:
Log.debug(self, "Creating tables for WordPress multisite")
Log.debug(self, "php {0} --allow-root "
Log.debug(self, "{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"core multisite-install "
"--url=\'{0}\' --title=\'{0}\' --admin_name=\'{1}\' "
@@ -491,7 +492,7 @@ def setupwordpress(self, data):
subdomains='--subdomains'
if not data['wpsubdir'] else ''))
try:
if WOShellExec.cmd_exec(self, "php {0} --allow-root "
if WOShellExec.cmd_exec(self, "{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"core multisite-install "
"--url=\'{0}\' --title=\'{0}\' "
@@ -513,7 +514,7 @@ def setupwordpress(self, data):
Log.debug(self, "Updating WordPress permalink")
try:
WOShellExec.cmd_exec(self, " php {0} --allow-root "
WOShellExec.cmd_exec(self, " {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"rewrite structure "
"/%year%/%monthnum%/%day%/%postname%/")
@@ -584,6 +585,10 @@ def setupwordpress(self, data):
if data['wpredis']:
installwp_plugin(self, 'redis-cache', data)
"""Install Cache-Enabler"""
if data['wpce']:
installwp_plugin(self, 'cache-enabler', data)
wp_creds = dict(wp_user=wo_wp_user, wp_pass=wo_wp_pass,
wp_email=wo_wp_email)
@@ -619,7 +624,7 @@ def installwp_plugin(self, plugin_name, data):
.format(plugin_name))
WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot))
try:
WOShellExec.cmd_exec(self, "php {0} plugin "
WOShellExec.cmd_exec(self, "{0} plugin "
.format(WOVariables.wo_wpcli_path) +
"--allow-root install "
"{0}".format(plugin_name))
@@ -628,7 +633,7 @@ def installwp_plugin(self, plugin_name, data):
raise SiteError("plugin installation failed")
try:
WOShellExec.cmd_exec(self, "php {0} plugin "
WOShellExec.cmd_exec(self, "{0} plugin "
.format(WOVariables.wo_wpcli_path) +
"--allow-root activate "
"{0} {na}"
@@ -785,7 +790,7 @@ def site_package_check(self, stype):
Log.info(self, "NGINX PLUS Detected ...")
apt = ["nginx-plus"] + WOVariables.wo_nginx
# apt_packages = apt_packages + WOVariables.wo_nginx
stack.post_pref(apt, packages)
stack.post_pref(self, apt, packages)
elif WOAptGet.is_installed(self, 'nginx'):
Log.info(self, "WordOps detected a previously"
"installed Nginx package. "
@@ -794,7 +799,7 @@ def site_package_check(self, stype):
"https://github.com/WordOps/WordOps/issues/ \n")
apt = ["nginx"] + WOVariables.wo_nginx
# apt_packages = apt_packages + WOVariables.wo_nginx
stack.post_pref(apt, packages)
post_pref(self, apt, packages)
else:
apt_packages = apt_packages + WOVariables.wo_nginx
else:
@@ -853,39 +858,6 @@ def site_package_check(self, stype):
if not WOAptGet.is_installed(self, 'redis-server'):
apt_packages = apt_packages + WOVariables.wo_redis
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/redis-php72.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php72.conf')
wo_nginx = open('/etc/nginx/common/redis-php72.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'redis.mustache',
out=wo_nginx)
wo_nginx.close()
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/"
"upstream.conf",
"redis"):
with open("/etc/nginx/conf.d/upstream.conf",
"a") as redis_file:
redis_file.write("upstream redis {\n"
" server 127.0.0.1:6379;\n"
" keepalive 10;\n}")
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/conf.d/redis.conf")):
with open("/etc/nginx/conf.d/redis.conf", "a") as redis_file:
redis_file.write("# Log format Settings\n"
"log_format rt_cache_redis '$remote_addr"
" $upstream_response_time "
"$srcache_fetch_status [$time_local] '\n"
"'$http_host \"$request\" $status"
" $body_bytes_sent '\n"
"'\"$http_referer\" \"$http_user_agent\"';\n")
if self.app.pargs.php73:
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
@@ -895,69 +867,6 @@ def site_package_check(self, stype):
else:
apt_packages = apt_packages + WOVariables.wo_php73
if (os.path.isdir("/etc/nginx/common") and
not os.path.isfile("/etc/nginx/common/locations-wo.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf')
wo_nginx = open('/etc/nginx/common/php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpcommon-php73.conf')
wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'wpcommon-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpfc-php73.conf')
wo_nginx = open('/etc/nginx/common/wpfc-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'wpfc-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpsc-php73.conf')
wo_nginx = open('/etc/nginx/common/wpsc-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'wpsc-php7.mustache',
out=wo_nginx)
wo_nginx.close()
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/redis-php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php73.conf')
wo_nginx = open('/etc/nginx/common/redis-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'redis-php7.mustache',
out=wo_nginx)
wo_nginx.close()
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/upstream.conf",
"php73"):
with open("/etc/nginx/conf.d/upstream.conf", "a") as php_file:
php_file.write("upstream php73 {\nserver"
"unix:/var/run/php/php73-fpm.sock;\n}\n"
"upstream debug73"
" {\nserver 127.0.0.1:9173;\n}\n")
return(stack.install(apt_packages=apt_packages, packages=packages,
disp_msg=False))
@@ -1099,7 +1008,7 @@ def detSitePar(opts):
if val and key in ['html', 'php', 'mysql', 'wp',
'wpsubdir', 'wpsubdomain', 'php73']:
typelist.append(key)
elif val and key in ['wpfc', 'wpsc', 'wpredis']:
elif val and key in ['wpfc', 'wpsc', 'wpredis', 'wprocket', 'wpce']:
cachelist.append(key)
if len(typelist) > 1 or len(cachelist) > 1:
@@ -1317,10 +1226,11 @@ def site_url_https(self, domain):
Log.info(self, "Checking if site url already "
"use https, please wait...")
WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot))
wo_siteurl = WOShellExec.cmd_exec_stdout(self,
"php {0} option get siteurl "
.format(WOVariables.wo_wpcli_path) +
"--allow-root --quiet")
wo_siteurl = \
WOShellExec.cmd_exec_stdout(self,
"php {0} option get siteurl "
.format(WOVariables.wo_wpcli_path) +
"--allow-root --quiet")
test_url = re.split(":", wo_siteurl)
if not (test_url[0] == 'https'):
try:
@@ -1382,6 +1292,8 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
else:
keylenght = "{0}".format(self.app.config.get('letsencrypt',
'keylength'))
wo_acme_exec = ("/etc/letsencrypt/acme.sh --config-home "
"'/etc/letsencrypt/config'")
if wo_dns:
acme_mode = "--dns {0}".format(wo_acme_dns)
validation_mode = "DNS with {0}".format(wo_acme_dns)
@@ -1394,9 +1306,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
if subdomain:
Log.info(self, "Issuing subdomain SSL cert with acme.sh")
Log.info(self, "Validation mode : {0}".format(validation_mode))
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) +
"--issue "
"-d {0} {1} "
"-k {2} -f"
@@ -1406,9 +1316,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
elif wildcard:
Log.info(self, "Issuing Wildcard SSL cert with acme.sh")
Log.info(self, "Validation mode : {0}".format(validation_mode))
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) +
"--issue "
"-d {0} -d *.{0} --dns {1} "
"-k {2} -f"
@@ -1418,9 +1326,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
else:
Log.info(self, "Issuing domain SSL cert with acme.sh")
Log.info(self, "Validation mode : {0}".format(validation_mode))
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) +
"--issue "
"-d {0} -d www.{0} {1} "
"-k {2} -f"
@@ -1539,7 +1445,7 @@ def setupHsts(self, wo_domain_name):
hstsconf.write("more_set_headers "
"\"Strict-Transport-Security: "
"max-age=31536000; "
"'includeSubDomains; "
"includeSubDomains; "
"preload\";")
hstsconf.close()
return 0

1829
wo/cli/plugins/stack.py
View File

File diff suppressed because it is too large Load Diff

4
wo/cli/plugins/stack_migrate.py
View File

@@ -79,10 +79,6 @@ class WOStackMigrateController(CementBaseController):
# Install MariaDB
apt_packages = WOVariables.wo_mysql
# If PHP is installed then install php7.2-mysql
if WOAptGet.is_installed(self, "php7.2-fpm"):
apt_packages = apt_packages + ["php7.2-mysql"]
Log.info(self, "Updating apt-cache, hang on...")
WOAptGet.update(self)
Log.info(self, "Installing MariaDB, hang on...")

1560
wo/cli/plugins/stack_pref.py Normal file
View File

File diff suppressed because it is too large Load Diff

205
wo/cli/plugins/stack_services.py
View File

@@ -18,24 +18,25 @@ class WOStackStatusController(CementBaseController):
def start(self):
"""Start services"""
services = []
if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or
self.app.pargs.mysql or
self.app.pargs.redis or
self.app.pargs.fail2ban or
self.app.pargs.proftpd or
self.app.pargs.netdata):
self.app.pargs.nginx = True
self.app.pargs.php = True
self.app.pargs.mysql = True
pargs = pargs = self.app.pargs
if not (pargs.nginx or pargs.php or
pargs.php73 or
pargs.mysql or
pargs.redis or
pargs.fail2ban or
pargs.proftpd or
pargs.netdata):
pargs.nginx = True
pargs.php = True
pargs.mysql = True
if self.app.pargs.nginx:
if pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom')):
services = services + ['nginx']
else:
Log.info(self, "Nginx is not installed")
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm']
else:
@@ -45,15 +46,15 @@ class WOStackStatusController(CementBaseController):
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.php73:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm']
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if pargs.mysql:
if ((WOVariables.wo_mysql_host == "localhost") or
(WOVariables.wo_mysql_host == "127.0.0.1")):
if (WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server')):
@@ -64,27 +65,27 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status")
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server']
else:
Log.info(self, "Redis server is not installed")
if self.app.pargs.fail2ban:
if pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban']
else:
Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
@@ -98,26 +99,27 @@ class WOStackStatusController(CementBaseController):
def stop(self):
"""Stop services"""
services = []
if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or
self.app.pargs.mysql or
self.app.pargs.fail2ban or
self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis):
self.app.pargs.nginx = True
self.app.pargs.php = True
self.app.pargs.mysql = True
pargs = self.app.pargs
if not (pargs.nginx or pargs.php or
pargs.php73 or
pargs.mysql or
pargs.fail2ban or
pargs.netdata or
pargs.proftpd or
pargs.redis):
pargs.nginx = True
pargs.php = True
pargs.mysql = True
# nginx
if self.app.pargs.nginx:
if pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom')):
services = services + ['nginx']
else:
Log.info(self, "Nginx is not installed")
# php7.2
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm']
else:
@@ -129,16 +131,16 @@ class WOStackStatusController(CementBaseController):
Log.info(self, "PHP7.3-FPM is not installed")
# php7.3
if self.app.pargs.php73:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm']
else:
Log.info(self, "PHP7.3-FPM is not installed")
# mysql
if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if pargs.mysql:
if ((WOVariables.wo_mysql_host == "localhost") or
(WOVariables.wo_mysql_host == "127.0.0.1")):
if (WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server')):
@@ -150,28 +152,28 @@ class WOStackStatusController(CementBaseController):
"Unable to check MySQL service status")
# redis
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server']
else:
Log.info(self, "Redis server is not installed")
# fail2ban
if self.app.pargs.fail2ban:
if pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban']
else:
Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
@@ -185,24 +187,25 @@ class WOStackStatusController(CementBaseController):
def restart(self):
"""Restart services"""
services = []
if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or
self.app.pargs.mysql or
self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or
self.app.pargs.fail2ban):
self.app.pargs.nginx = True
self.app.pargs.php = True
self.app.pargs.mysql = True
pargs = self.app.pargs
if not (pargs.nginx or pargs.php or
pargs.php73 or
pargs.mysql or
pargs.netdata or
pargs.proftpd or
pargs.redis or
pargs.fail2ban):
pargs.nginx = True
pargs.php = True
pargs.mysql = True
if self.app.pargs.nginx:
if pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom')):
services = services + ['nginx']
else:
Log.info(self, "Nginx is not installed")
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm']
else:
@@ -213,15 +216,15 @@ class WOStackStatusController(CementBaseController):
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.php73:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm']
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if pargs.mysql:
if ((WOVariables.wo_mysql_host == "localhost") or
(WOVariables.wo_mysql_host == "127.0.0.1")):
if ((WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self,
'percona-server-server-5.6') or
@@ -233,27 +236,27 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status")
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server']
else:
Log.info(self, "Redis server is not installed")
if self.app.pargs.fail2ban:
if pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban']
else:
Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
@@ -267,24 +270,25 @@ class WOStackStatusController(CementBaseController):
def status(self):
"""Status of services"""
services = []
if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or
self.app.pargs.mysql or
self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or
self.app.pargs.fail2ban):
self.app.pargs.nginx = True
self.app.pargs.php = True
self.app.pargs.mysql = True
pargs = self.app.pargs
if not (pargs.nginx or pargs.php or
pargs.php73 or
pargs.mysql or
pargs.netdata or
pargs.proftpd or
pargs.redis or
pargs.fail2ban):
pargs.nginx = True
pargs.php = True
pargs.mysql = True
if self.app.pargs.nginx:
if pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom')):
services = services + ['nginx']
else:
Log.info(self, "Nginx is not installed")
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm']
else:
@@ -295,15 +299,15 @@ class WOStackStatusController(CementBaseController):
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.php73:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm']
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if pargs.mysql:
if ((WOVariables.wo_mysql_host == "localhost") or
(WOVariables.wo_mysql_host == "127.0.0.1")):
if (WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server')):
@@ -314,27 +318,27 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status")
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server']
else:
Log.info(self, "Redis server is not installed")
if self.app.pargs.fail2ban:
if pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban']
else:
Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
@@ -348,25 +352,26 @@ class WOStackStatusController(CementBaseController):
def reload(self):
"""Reload service"""
services = []
if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or
self.app.pargs.mysql or
self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or
self.app.pargs.fail2ban):
self.app.pargs.nginx = True
self.app.pargs.php = True
self.app.pargs.mysql = True
pargs = self.app.pargs
if not (pargs.nginx or pargs.php or
pargs.php73 or
pargs.mysql or
pargs.netdata or
pargs.proftpd or
pargs.redis or
pargs.fail2ban):
pargs.nginx = True
pargs.php = True
pargs.mysql = True
if self.app.pargs.nginx:
if pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom') or
WOAptGet.is_installed(self, 'nginx-mainline')):
services = services + ['nginx']
else:
Log.info(self, "Nginx is not installed")
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm']
else:
@@ -377,15 +382,15 @@ class WOStackStatusController(CementBaseController):
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.php73:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm']
else:
Log.info(self, "PHP7.3-FPM is not installed")
if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if pargs.mysql:
if ((WOVariables.wo_mysql_host == "localhost") or
(WOVariables.wo_mysql_host == "127.0.0.1")):
if (WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server')):
@@ -396,27 +401,27 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status")
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server']
else:
Log.info(self, "Redis server is not installed")
if self.app.pargs.fail2ban:
if pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban']
else:
Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:

166
wo/cli/plugins/stack_upgrade.py
View File

@@ -1,17 +1,19 @@
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.logging import Log
from wo.core.variables import WOVariables
from wo.core.aptget import WOAptGet
from wo.core.apt_repo import WORepo
from wo.core.services import WOService
from wo.core.fileutils import WOFileUtils
from wo.core.shellexec import WOShellExec
from wo.core.extract import WOExtract
from wo.core.download import WODownload
import os
import shutil
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.apt_repo import WORepo
from wo.core.aptget import WOAptGet
from wo.core.download import WODownload
from wo.core.extract import WOExtract
from wo.core.fileutils import WOFileUtils
from wo.core.logging import Log
from wo.core.services import WOService
from wo.core.shellexec import WOShellExec
from wo.core.variables import WOVariables
from wo.cli.plugins.stack_pref import post_pref
class WOStackUpgradeController(CementBaseController):
class Meta:
@@ -29,7 +31,9 @@ class WOStackUpgradeController(CementBaseController):
(['--nginx'],
dict(help='Upgrade Nginx stack', action='store_true')),
(['--php'],
dict(help='Upgrade PHP stack', action='store_true')),
dict(help='Upgrade PHP 7.2 stack', action='store_true')),
(['--php73'],
dict(help='Upgrade PHP 7.3 stack', action='store_true')),
(['--mysql'],
dict(help='Upgrade MySQL stack', action='store_true')),
(['--wpcli'],
@@ -45,73 +49,47 @@ class WOStackUpgradeController(CementBaseController):
(['--no-prompt'],
dict(help="Upgrade Packages without any prompt",
action='store_true')),
(['--force'],
dict(help="Force Packages upgrade without any prompt",
action='store_true')),
]
@expose(hide=True)
def upgrade_php56(self):
if WOVariables.wo_distro == "ubuntu":
if os.path.isfile("/etc/apt/sources.list.d/ondrej-php5-5_6-{0}."
"list".format(WOVariables.wo_platform_codename)):
Log.error(self, "Unable to find PHP 5.5")
else:
if not(os.path.isfile(WOVariables.wo_repo_file_path) and
WOFileUtils.grep(self, WOVariables.wo_repo_file_path,
"php55")):
Log.error(self, "Unable to find PHP 5.5")
Log.info(self, "During PHP update process non nginx-cached"
" parts of your site may remain down.")
# Check prompt
if (not self.app.pargs.no_prompt):
start_upgrade = input("Do you want to continue:[y/N]")
if start_upgrade != "Y" and start_upgrade != "y":
Log.error(self, "Not starting PHP package update")
if WOVariables.wo_distro == "ubuntu":
WORepo.remove(self, ppa="ppa:ondrej/php5")
WORepo.add(self, ppa=WOVariables.wo_php_repo)
Log.info(self, "Updating apt-cache, please wait...")
WOAptGet.update(self)
Log.info(self, "Installing packages, please wait ...")
WOAptGet.install(self, WOVariables.wo_php +
WOVariables.wo_php_extra)
@expose(hide=True)
def default(self):
# All package update
apt_packages = []
packages = []
empty_packages = []
pargs = pargs = self.app.pargs
if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and
(not self.app.pargs.php) and (not self.app.pargs.mysql) and
(not self.app.pargs.all) and (not self.app.pargs.wpcli) and
(not self.app.pargs.netdata) and (not self.app.pargs.composer) and
(not self.app.pargs.phpmyadmin) and
(not self.app.pargs.redis)):
self.app.pargs.web = True
if ((not pargs.web) and (not pargs.nginx) and
(not pargs.php) and (not pargs.php73) and
(not pargs.mysql) and
(not pargs.all) and (not pargs.wpcli) and
(not pargs.netdata) and (not pargs.composer) and
(not pargs.phpmyadmin) and
(not pargs.redis)):
pargs.web = True
if self.app.pargs.all:
self.app.pargs.web = True
if pargs.all:
pargs.web = True
if self.app.pargs.web:
if pargs.web:
if WOAptGet.is_installed(self, 'nginx-custom'):
self.app.pargs.nginx = True
pargs.nginx = True
else:
Log.info(self, "Nginx is not already installed")
self.app.pargs.php = True
self.app.pargs.mysql = True
self.app.pargs.wpcli = True
self.app.pargs.netdata = True
pargs.php = True
pargs.mysql = True
pargs.wpcli = True
if self.app.pargs.nginx:
if pargs.nginx:
if WOAptGet.is_installed(self, 'nginx-custom'):
apt_packages = apt_packages + WOVariables.wo_nginx
else:
Log.info(self, "Nginx Stable is not already installed")
if self.app.pargs.php:
if pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + \
@@ -121,19 +99,29 @@ class WOStackUpgradeController(CementBaseController):
else:
Log.info(self, "PHP 7.2 is not installed")
if self.app.pargs.mysql:
if pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + \
WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.info(self, "PHP 7.3 is not installed")
if pargs.mysql:
if WOAptGet.is_installed(self, 'mariadb-server'):
apt_packages = apt_packages + WOVariables.wo_mysql
else:
Log.info(self, "MariaDB is not installed")
if self.app.pargs.redis:
if pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'):
apt_packages = apt_packages + WOVariables.wo_redis
else:
Log.info(self, "Redis is not installed")
if self.app.pargs.wpcli:
if pargs.wpcli:
if os.path.isfile('/usr/local/bin/wp'):
packages = packages + [["https://github.com/wp-cli/wp-cli/"
"releases/download/v{0}/"
@@ -144,13 +132,13 @@ class WOStackUpgradeController(CementBaseController):
else:
Log.info(self, "WPCLI is not installed with WordOps")
if self.app.pargs.netdata:
if pargs.netdata:
if os.path.isdir('/opt/netdata'):
packages = packages + [['https://my-netdata.io/'
'kickstart-static64.sh',
'/var/lib/wo/tmp/kickstart.sh',
'Netdata']]
if self.app.pargs.phpmyadmin:
if pargs.phpmyadmin:
if os.path.isdir('/var/www/22222/htdocs/db/pma'):
packages = packages + \
[["https://files.phpmyadmin.net"
@@ -163,7 +151,7 @@ class WOStackUpgradeController(CementBaseController):
else:
Log.error(self, "phpMyAdmin isn't installed")
if self.app.pargs.composer:
if pargs.composer:
if os.path.isfile('/usr/local/bin/composer'):
packages = packages + [["https://getcomposer.org/installer",
"/var/lib/wo/tmp/composer-install",
@@ -172,52 +160,48 @@ class WOStackUpgradeController(CementBaseController):
Log.error(self, "Composer isn't installed")
if len(packages) or len(apt_packages):
Log.info(self, "During package update process non nginx-cached"
" parts of your site may remain down")
# Check prompt
if (not self.app.pargs.no_prompt):
start_upgrade = input("Do you want to continue:[y/N]")
if start_upgrade != "Y" and start_upgrade != "y":
Log.error(self, "Not starting package update")
Log.info(self, "Updating packages, please wait...")
if len(apt_packages):
Log.info(self, "Your site may be down for few seconds if "
"you are upgrading Nginx, PHP-FPM, MariaDB or Redis")
# Check prompt
if ((not pargs.no_prompt) and (not pargs.force)):
start_upgrade = input("Do you want to continue:[y/N]")
if start_upgrade != "Y" and start_upgrade != "y":
Log.error(self, "Not starting package update")
Log.info(self, "Updating APT packages, please wait...")
# apt-get update
WOAptGet.update(self)
if set(WOVariables.wo_php).issubset(set(apt_packages)):
WOAptGet.remove(self, ['php7.2-fpm'],
auto=False, purge=True)
if set(WOVariables.wo_php73).issubset(set(apt_packages)):
WOAptGet.remove(self, ['php7.3-fpm'],
auto=False, purge=True)
# Update packages
WOAptGet.install(self, apt_packages)
post_pref(self, apt_packages, empty_packages)
# Post Actions after package updates
if (set(WOVariables.wo_nginx).issubset(set(apt_packages))):
WOService.restart_service(self, 'nginx')
if set(WOVariables.wo_php).issubset(set(apt_packages)):
WOService.restart_service(self, 'php7.2-fpm')
if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
WOService.restart_service(self, 'mysql')
if set(WOVariables.wo_redis).issubset(set(apt_packages)):
WOService.restart_service(self, 'redis-server')
if len(packages):
if self.app.pargs.wpcli:
if pargs.wpcli:
WOFileUtils.remove(self, ['/usr/local/bin/wp'])
if self.app.pargs.netdata:
if pargs.netdata:
WOFileUtils.remove(self, ['/var/lib/wo/tmp/kickstart.sh'])
Log.debug(self, "Downloading following: {0}".format(packages))
WODownload.download(self, packages)
if self.app.pargs.wpcli:
if pargs.wpcli:
WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775)
if self.app.pargs.netdata:
if pargs.netdata:
Log.info(self, "Upgrading Netdata, please wait...")
WOShellExec.cmd_exec(self, "/bin/bash /var/lib/wo/tmp/"
"kickstart.sh "
"--dont-wait")
if self.app.pargs.composer:
if pargs.composer:
Log.info(self, "Upgrading Composer, please wait...")
WOShellExec.cmd_exec(self, "php -q /var/lib/wo"
"/tmp/composer-install "
@@ -226,7 +210,7 @@ class WOStackUpgradeController(CementBaseController):
'/usr/local/bin/composer')
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
if self.app.pargs.phpmyadmin:
if pargs.phpmyadmin:
Log.info(self, "Upgrading phpMyAdmin, please wait...")
WOExtract.extract(self, '/var/lib/wo/tmp/pma.tar.gz',
'/var/lib/wo/tmp/')

9
wo/cli/plugins/update.py
View File

@@ -36,20 +36,21 @@ class WOUpdateController(CementBaseController):
@expose(hide=True)
def default(self):
pargs = self.app.pargs
filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S")
if self.app.pargs.travis:
if pargs.travis:
wo_branch = "updating-configuration"
install_args = "--travis --force "
elif self.app.pargs.beta:
elif pargs.beta:
wo_branch = "beta"
install_args = ""
else:
wo_branch = "master"
install_args = ""
if self.app.pargs.force:
if pargs.force:
install_args = install_args + "--force "
if self.app.pargs.preserve:
if pargs.preserve:
install_args = install_args + "--preserve "
WODownload.download(self, [["https://raw.githubusercontent.com/"

2
wo/cli/templates/22222.mustache
View File

@@ -1,4 +1,4 @@
# WordOps admin NGINX CONFIGURATION - WO v3.9.5
# WordOps admin NGINX CONFIGURATION - WO v3.9.7
server {

47
wo/cli/templates/brotli.mustache Normal file
View File

@@ -0,0 +1,47 @@
##
# Brotli Settings
##
brotli on;
brotli_static on;
brotli_buffers 16 8k;
brotli_comp_level 4;
brotli_types
application/atom+xml
application/geo+json
application/javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/vnd.ms-fontobject
application/wasm
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
application/xml+rss
font/eot
font/opentype
font/otf
image/bmp
image/svg+xml
image/vnd.microsoft.icon
image/x-icon
image/x-win-bitmap
text/cache-manifest
text/calendar
text/css
text/javascript
text/markdown
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/xml;

23
wo/cli/templates/cloudflare.mustache Normal file
View File

@@ -0,0 +1,23 @@
# WordOps (wo) set visitors real ip with Cloudflare
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;
real_ip_header CF-Connecting-IP;

1
wo/cli/templates/fail2ban-forbidden.mustache
View File

@@ -1,4 +1,3 @@
[Definition]
failregex = ^ \[error\] \d+#\d+: .* forbidden .*, client: <HOST>, .*$
ignoreregex =

8
wo/cli/templates/fastcgi.mustache
View File

@@ -1,5 +1,5 @@
# FastCGI cache settings
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M;
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=6h max_size=256M;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
fastcgi_cache_lock on;
@@ -7,11 +7,11 @@ fastcgi_cache_lock_age 5s;
fastcgi_cache_lock_timeout 5s;
fastcgi_cache_methods GET HEAD;
fastcgi_cache_background_update on;
fastcgi_cache_valid 200 1h;
fastcgi_cache_valid 200 24h;
fastcgi_cache_valid 301 302 30m;
fastcgi_cache_valid 499 502 503 1m;
fastcgi_cache_valid 404 15m;
fastcgi_cache_valid any 15m;
fastcgi_cache_valid 404 1h;
fastcgi_cache_valid any 1h;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SERVER_NAME $http_host;

51
wo/cli/templates/gzip.mustache Normal file
View File

@@ -0,0 +1,51 @@
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types
application/atom+xml
application/geo+json
application/javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/vnd.ms-fontobject
application/wasm
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
application/xml+rss
font/eot
font/opentype
font/otf
image/bmp
image/svg+xml
image/vnd.microsoft.icon
image/x-icon
image/x-win-bitmap
text/cache-manifest
text/calendar
text/css
text/javascript
text/markdown
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/xml;

54
wo/cli/templates/locations-php7.mustache
View File

@@ -1,54 +0,0 @@
# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files
location = /favicon.ico {
access_log off;
log_not_found off;
expires max;
}
location = /robots.txt {
# Some WordPress plugin gererate robots.txt file
# Refer #340 issue
try_files $uri $uri/ /index.php$is_args$args @robots;
access_log off;
log_not_found off;
}
# fallback for robots.txt with default wordpress rules
location @robots {
return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n";
}
# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires max;
}
# Cache css & js files
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires 30d;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.(?!well-known\/) {
deny all;
}
# letsencrypt validation
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
allow all;
}
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
deny all;
}
# Deny backup extensions & log files and return 403 forbidden
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
deny all;
}
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
deny all;
}

4
wo/cli/templates/locations.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files
location = /favicon.ico {
@@ -7,7 +7,7 @@ location = /favicon.ico {
expires max;
}
# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json|webmanifest)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;

15
wo/cli/templates/map-wp.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.5
# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# do not cache xhtml request
@@ -19,6 +19,7 @@ map $http_cookie $cookie_no_cache {
"~*woocommerce_cart_hash" 1;
"~*wptouch_switch_toogle" 1;
"~*comment_author_email_" 1;
"~*wptouch_switch_toggle" 1;
"~*edd" 1;
}
@@ -44,6 +45,11 @@ map $request_uri $uri_no_cache {
"~*/wc-api/*" 1;
"~*/logout/" 1;
"~*/lost-password/" 1;
"~*/panier/" 1;
"~*/mon-compte/" 1;
"~*/embed" 1;
"~*/commande/" 1;
"~*/resetpass/" 1;
}
# do not cache requests with query strings
@@ -58,8 +64,13 @@ map $http_request_no_cache$cookie_no_cache$uri_no_cache$query_no_cache $skip_cac
0000 0;
}
# map $skip_cache with $cache_uri for --wpsc stack
# map $skip_cache with $cache_uri for --wpsc --wpce & --wprocket stack
map $skip_cache $cache_uri {
0 $request_uri;
default 'null cache';
}
map $https $https_prefix {
default "";
on "-https";
}

70
wo/cli/templates/nginx-core.mustache
View File

@@ -40,6 +40,12 @@ http {
reset_timedout_connection on;
more_set_headers "X-Powered-By : WordOps";
open_file_cache max=50000 inactive=60s;
open_file_cache_errors off;
open_file_cache_min_uses 2;
open_file_cache_valid 120s;
open_log_file_cache max=10000 inactive=30s min_uses=2;
# Limit Request
limit_req_status 403;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
@@ -66,12 +72,12 @@ http {
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_prefer_server_ciphers on;
ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20';
ssl_protocols TLSv1.2 TLSv1.3;
{{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20';
ssl_protocols TLSv1.2 TLSv1.3;{{/tls13}}
ssl_ecdh_curve X25519:P-521:P-384:P-256;
# Previous TLS v1.2 configuration
# ssl_protocols TLSv1.2;
# ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;
{{^tls13}}ssl_protocols TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;{{/tls13}}
# Common security headers
more_set_headers "X-Frame-Options : SAMEORIGIN";
@@ -106,62 +112,6 @@ http {
'$http_host "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$server_protocol"';
##
# Gzip Settings
##
# mitigation for CRIME/BREACH attacks
gzip off;
##
# Brotli Settings
##
brotli on;
brotli_static on;
brotli_buffers 16 8k;
brotli_min_length 64000;
brotli_comp_level 4;
brotli_types
application/atom+xml
application/geo+json
application/javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/vnd.ms-fontobject
application/wasm
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
application/xml+rss
font/eot
font/opentype
font/otf
image/bmp
image/svg+xml
image/vnd.microsoft.icon
image/x-icon
image/x-win-bitmap
text/cache-manifest
text/calendar
text/css
text/javascript
text/markdown
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/xml;
##
# Virtual Host Configs
##

4
wo/cli/templates/php.mustache
View File

@@ -1,4 +1,4 @@
# PHP NGINX CONFIGURATION - WO v3.9.5
# PHP NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / {
try_files $uri $uri/ /index.php$is_args$args;
@@ -6,5 +6,5 @@ location / {
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php72;
fastcgi_pass {{upstream}};
}

10
wo/cli/templates/php7.mustache
View File

@@ -1,10 +0,0 @@
# PHP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php73;
}

42
wo/cli/templates/redis-php7.mustache
View File

@@ -1,42 +0,0 @@
# Redis NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /redis-fetch {
internal ;
set $redis_key $args;
redis_pass redis;
}
location /redis-store {
internal ;
set_unescape_uri $key $arg_key ;
redis2_query set $key $echo_request_body;
redis2_query expire $key 14400;
redis2_pass redis;
}
location ~ \.php$ {
set $key "nginx-cache:$scheme$request_method$host$request_uri";
try_files $uri =404;
srcache_fetch_skip $skip_cache;
srcache_store_skip $skip_cache;
srcache_response_cache_control off;
set_escape_uri $escaped_key $key;
srcache_fetch GET /redis-fetch $key;
srcache_store PUT /redis-store key=$escaped_key;
more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status';
more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
include fastcgi_params;
fastcgi_pass php73;
}

8
wo/cli/templates/redis.mustache
View File

@@ -1,4 +1,4 @@
# Redis NGINX CONFIGURATION - WO v3.9.5
# Redis NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf
@@ -10,14 +10,14 @@ location / {
location /redis-fetch {
internal ;
set $redis_key $args;
redis_pass redis;
redis_pass redis;
}
location /redis-store {
internal ;
set_unescape_uri $key $arg_key ;
redis2_query set $key $echo_request_body;
redis2_query expire $key 14400;
redis2_pass redis;
redis2_pass redis;
}
@@ -39,5 +39,5 @@ location ~ \.php$ {
more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
include fastcgi_params;
fastcgi_pass php72;
fastcgi_pass {{upstream}};
}

12
wo/cli/templates/sysctl.mustache
View File

@@ -1,10 +1,10 @@
# Kernel sysctl configuration file for Linux
#
# Version 1.16 - 2019-10-25
# Version 1.18 - 2019-08-07
# Michiel Klaver - IT Professional
# Modified by VirtuBox
# Modified by VirtuBox (https://github.com/VirtuBox)
# For WordOps (https://github.com/WordOps/WordOps)
#
# Instructions available on https://github.com/VirtuBox/ubuntu-nginx-web-server
#
# Sources :
# https://klaver.it/linux/sysctl.conf
@@ -27,10 +27,6 @@
# http://lartc.org/howto/lartc.kernel.obscure.html
# http://en.wikipedia.org/wiki/Sysctl
#
# Usage
# wget -O /etc/sysctl.d/60-ubuntu-nginx-web-server.conf https://virtubox.github.io/ubuntu-nginx-web-server/files/etc/sysctl.d/60-ubuntu-nginx-web-server.conf
#
# sysctl -e -p /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details.
#
@@ -200,6 +196,8 @@ net.core.somaxconn = 32768
# Increase number of incoming connections backlog
net.core.netdev_max_backlog = 16384
net.core.dev_weight = 64
net.core.netdev_budget = 1200
net.core.netdev_budget_usecs = 8000
# Increase the maximum amount of option memory buffers
net.core.optmem_max = 65535

2
wo/cli/templates/upstream.mustache
View File

@@ -1,4 +1,4 @@
# NGINX UPSTREAM CONFIGURATION - WO v3.9.5
# NGINX UPSTREAM CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
#-------------------------------
# PHP 5.6

2
wo/cli/templates/virtualconf-php7.mustache
View File

@@ -49,7 +49,7 @@ server {
}
{{/static}}
{{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}
{{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php73.conf;{{/wprocket}}{{#wpce}}common/wpce-php73.conf;{{/wpce}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php73.conf;{{/wp}}
include common/locations-wo.conf;{{/proxy}}

2
wo/cli/templates/virtualconf.mustache
View File

@@ -49,7 +49,7 @@ server {
}
{{/static}}
{{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}
{{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}}{{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php72.conf;{{/wprocket}}{{#wpce}}common/wpce-php72.conf;{{/wpce}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php72.conf;{{/wp}}
include common/locations-wo.conf;{{/proxy}}

2
wo/cli/templates/webp.mustache
View File

@@ -1,4 +1,4 @@
# WEBP NGINX CONFIGURATION - WO v3.9.5
# WEBP NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
map $http_accept $webp_suffix {

19
wo/cli/templates/wpce.mustache Normal file
View File

@@ -0,0 +1,19 @@
# WPCE NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
try_files /wp-content/cache/cache-enabler/${http_host}${cache_uri}index.html $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass {{upstream}};
}
location ~* /cache/cache-enabler/\.html$ {
etag on;
add_header Vary "Accept-Encoding, Cookie";
access_log off;
log_not_found off;
expires 10h;
}

70
wo/cli/templates/wpcommon-php7.mustache
View File

@@ -1,70 +0,0 @@
# WordPress COMMON SETTINGS - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include fastcgi_params;
fastcgi_pass php73;
}
# Disable wp-config.txt
location = /wp-config.txt {
deny all;
access_log off;
log_not_found off;
}
location = /robots.txt {
# Some WordPress plugin gererate robots.txt file
# Refer #340 issue
try_files $uri $uri/ /index.php?$args @robots;
access_log off;
log_not_found off;
}
# fallback for robots.txt with default wordpress rules
location @robots {
return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n";
}
# webp rewrite rules for jpg and png images
# try to load alternative image.png.webp before image.png
location /wp-content/uploads {
location ~ \.(png|jpe?g)$ {
add_header Vary "Accept-Encoding";
add_header "Access-Control-Allow-Origin" "*";
add_header Cache-Control "public, no-transform";
access_log off;
log_not_found off;
expires max;
try_files $uri$webp_suffix $uri =404;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# webp rewrite rules for EWWW testing image
location /wp-content/plugins/ewww-image-optimizer/images {
location ~ \.(png|jpe?g)$ {
add_header Vary "Accept-Encoding";
add_header "Access-Control-Allow-Origin" "*";
add_header Cache-Control "public, no-transform";
access_log off;
log_not_found off;
expires max;
try_files $uri$webp_suffix $uri =404;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# mitigate DoS attack CVE with WordPress script concatenation
# add the following line to wp-config.php
# define( 'CONCATENATE_SCRIPTS', false );
location ~ \/wp-admin\/load-(scripts|styles).php {
deny all;
}

18
wo/cli/templates/wpcommon.mustache
View File

@@ -1,10 +1,10 @@
# WordPress COMMON SETTINGS - WO v3.9.5
# WordPress COMMON SETTINGS - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include fastcgi_params;
fastcgi_pass php72;
fastcgi_pass {{upstream}};
}
# Disable wp-config.txt
location = /wp-config.txt {
@@ -56,6 +56,20 @@ location /wp-content/plugins/ewww-image-optimizer/images {
deny all;
}
}
# enable gzip on static assets - php files are forbidden
location /wp-content/cache {
# Cache css & js files
location ~* \.(?:css(\.map)?|js(\.map)?|.html)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires 30d;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)

21
wo/cli/templates/wpfc-php7.mustache
View File

@@ -1,21 +0,0 @@
# WPFC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf
add_header X-fastcgi-cache $upstream_cache_status;
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php73;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
}
location ~ /purge(/.*) {
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
access_log off;
}

4
wo/cli/templates/wpfc.mustache
View File

@@ -1,4 +1,4 @@
# WPFC NGINX CONFIGURATION - WO v3.9.5
# WPFC NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf
@@ -10,7 +10,7 @@ location / {
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php72;
fastcgi_pass {{upstream}};
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;

19
wo/cli/templates/wprocket.mustache Normal file
View File

@@ -0,0 +1,19 @@
# WPROCKET NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass {{upstream}};
}
location ~* /cache/wp-rocket/\.html$ {
etag on;
add_header Vary "Accept-Encoding, Cookie";
access_log off;
log_not_found off;
expires 10h;
}

17
wo/cli/templates/wpsc-php7.mustache
View File

@@ -1,17 +0,0 @@
# WPSC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
# If we add index.php?$args its break WooCommerce like plugins
# Ref: #330
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php73;
# Following line is needed by WP Super Cache plugin
fastcgi_param SERVER_NAME $http_host;
}

4
wo/cli/templates/wpsc.mustache
View File

@@ -1,4 +1,4 @@
# WPSC NGINX CONFIGURATION - WO v3.9.5
# WPSC NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf
@@ -11,7 +11,7 @@ location / {
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php72;
fastcgi_pass {{upstream}};
# Following line is needed by WP Super Cache plugin
fastcgi_param SERVER_NAME $http_host;
}

50
wo/core/variables.py
View File

@@ -10,12 +10,13 @@ class WOVariables():
"""Intialization of core variables"""
# WordOps version
wo_version = "3.9.7.2"
wo_version = "3.9.7.3"
# WordOps packages versions
wo_wp_cli = "2.2.0"
wo_adminer = "4.7.2"
wo_phpmyadmin = "4.9.0.1"
wo_extplorer = "2.1.13"
wo_dashboard = "1.1"
# Get WPCLI path
wo_wpcli_path = '/usr/local/bin/wp'
@@ -109,39 +110,26 @@ class WOVariables():
# PHP repo and packages
if wo_distro == 'ubuntu':
wo_php_repo = "ppa:ondrej/php"
wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap",
"php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.2-cli", "php7.2-mbstring",
"php7.2-bcmath", "php7.2-mysql", "php7.2-opcache",
"php7.2-zip", "php7.2-xml", "php7.2-soap"]
wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap",
"php7.3-readline", "php7.3-common", "php7.3-recode",
"php7.3-cli", "php7.3-mbstring",
"php7.3-bcmath", "php7.3-mysql", "php7.3-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"]
wo_php_extra = ["php-memcached", "php-imagick",
"graphviz", "php-xdebug", "php-msgpack", "php-redis"]
wo_php_key = ''
else:
wo_php_repo = (
"deb https://packages.sury.org/php/ {codename} main"
.format(codename=wo_platform_codename))
wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap",
"php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.2-cli", "php7.2-mbstring",
"php7.2-bcmath", "php7.2-mysql", "php7.2-opcache",
"php7.2-zip", "php7.2-xml", "php7.2-soap"]
wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap",
"php7.3-readline", "php7.3-common", "php7.3-recode",
"php7.3-cli", "php7.3-mbstring",
"php7.3-bcmath", "php7.3-mysql", "php7.3-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"]
wo_php_extra = ["php-memcached", "php-imagick",
"graphviz", "php-xdebug", "php-msgpack",
"php-redis", "php-mysql"]
wo_php_key = 'AC0E47584A7A714D'
wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap",
"php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.2-cli", "php7.2-mbstring",
"php7.2-bcmath", "php7.2-mysql", "php7.2-opcache",
"php7.2-zip", "php7.2-xml", "php7.2-soap"]
wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap",
"php7.3-readline", "php7.3-common", "php7.3-recode",
"php7.3-cli", "php7.3-mbstring",
"php7.3-bcmath", "php7.3-mysql", "php7.3-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"]
wo_php_extra = ["php-memcached", "php-imagick",
"graphviz", "php-xdebug", "php-msgpack", "php-redis"]
# MySQL repo and packages
if wo_distro == 'ubuntu':
wo_mysql_repo = ("deb [arch=amd64,ppc64el] "
@@ -154,11 +142,9 @@ class WOVariables():
"10.3/debian {codename} main"
.format(codename=wo_platform_codename))
if wo_platform_codename == 'jessie':
wo_mysql = ["mariadb-server", "percona-toolkit",
"python3-mysql.connector"]
else:
wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"]
wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"]
wo_mysql_client = ["mariadb-client", "python3-mysqldb"]
wo_fail2ban = ["fail2ban"]