From ccba38d1c8da3c2a97c5d57fc7181994335be05d Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 00:20:09 +0200 Subject: [PATCH 01/41] Simplify letsencrypt --- wo/cli/plugins/site_functions.py | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 4181afe..032ae6f 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -39,7 +39,7 @@ def pre_run_checks(self): Log.debug(self, "checking NGINX configuration ...") FNULL = open('/dev/null', 'w') subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL, - stderr=subprocess.STDOUT) + stderr=subprocess.STDOUT) except CalledProcessError as e: Log.debug(self, "{0}".format(str(e))) raise SiteError("nginx configuration check failed.") @@ -90,7 +90,7 @@ def setupdomain(self, data): Log.debug(self, "Checking generated nginx conf, please wait...") FNULL = open('/dev/null', 'w') subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL, - stderr=subprocess.STDOUT) + stderr=subprocess.STDOUT) Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") except CalledProcessError as e: Log.debug(self, "{0}".format(str(e))) @@ -1382,6 +1382,8 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, else: keylenght = "{0}".format(self.app.config.get('letsencrypt', 'keylength')) + wo_acme_exec = ("/etc/letsencrypt/acme.sh --config-home " + "'/etc/letsencrypt/config'") if wo_dns: acme_mode = "--dns {0}".format(wo_acme_dns) validation_mode = "DNS with {0}".format(wo_acme_dns) @@ -1394,9 +1396,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, if subdomain: Log.info(self, "Issuing subdomain SSL cert with acme.sh") Log.info(self, "Validation mode : {0}".format(validation_mode)) - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " + ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) + "--issue " "-d {0} {1} " "-k {2} -f" @@ -1406,9 +1406,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, elif wildcard: Log.info(self, "Issuing Wildcard SSL cert with acme.sh") Log.info(self, "Validation mode : {0}".format(validation_mode)) - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " + ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) + "--issue " "-d {0} -d *.{0} --dns {1} " "-k {2} -f" @@ -1418,9 +1416,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, else: Log.info(self, "Issuing domain SSL cert with acme.sh") Log.info(self, "Validation mode : {0}".format(validation_mode)) - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " + ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) + "--issue " "-d {0} -d www.{0} {1} " "-k {2} -f" From 69b66e941e0567d7cac78817d1ba50b148810410 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 00:23:04 +0200 Subject: [PATCH 02/41] simplify travis --- .travis.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 593ae87..ae182c5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,10 +20,9 @@ before_install: - rm -rf ~/.gnupg before_script: - - sudo rm -rf /etc/mysql/ + - sudo rm -rf /etc/mysql - sudo bash -c 'echo example.com > /etc/hostname' - - sudo apt-get -qq purge mysql* graphviz* redis* - - sudo apt-get -qq autoremove --purge + - sudo apt-get -qq autoremove mysql* graphviz* redis* --purge script: - lsb_release -a From 2090336ddebf0e6214e91d06ad22f0b6b197bcaf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 04:27:27 +0200 Subject: [PATCH 03/41] Add package configuration with stack upgrade --- install | 4 ++-- wo/cli/plugins/stack_upgrade.py | 29 +++++++++++++++++------------ 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/install b/install index d0d2de2..08452d3 100755 --- a/install +++ b/install @@ -147,9 +147,9 @@ if [ -z "$wo_force_install" ]; then wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." exit 100 else - check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch|buster") + check_wo_linux_distro=$(lsb_release -sc | grep -E "xenial|bionic|disco|jessie|stretch|buster") if [ -z "$check_wo_linux_distro" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x/9.x/10.x and Raspbian 9.x" + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 16.04/18.04/19.04 LTS, Debian 9.x/10.x and Raspbian 9.x" exit 100 fi fi diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 0344c09..5af52b8 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -1,17 +1,19 @@ -from cement.core.controller import CementBaseController, expose -from cement.core import handler, hook -from wo.core.logging import Log -from wo.core.variables import WOVariables -from wo.core.aptget import WOAptGet -from wo.core.apt_repo import WORepo -from wo.core.services import WOService -from wo.core.fileutils import WOFileUtils -from wo.core.shellexec import WOShellExec -from wo.core.extract import WOExtract -from wo.core.download import WODownload import os import shutil +from cement.core import handler, hook +from cement.core.controller import CementBaseController, expose +from wo.cli.plugins.stack import WOStackController +from wo.core.apt_repo import WORepo +from wo.core.aptget import WOAptGet +from wo.core.download import WODownload +from wo.core.extract import WOExtract +from wo.core.fileutils import WOFileUtils +from wo.core.logging import Log +from wo.core.services import WOService +from wo.core.shellexec import WOShellExec +from wo.core.variables import WOVariables + class WOStackUpgradeController(CementBaseController): class Meta: @@ -83,6 +85,9 @@ class WOStackUpgradeController(CementBaseController): # All package update apt_packages = [] packages = [] + empty_packages = [] + stack = WOStackController() + stack.app = self.app if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and @@ -187,7 +192,7 @@ class WOStackUpgradeController(CementBaseController): WOAptGet.update(self) # Update packages WOAptGet.install(self, apt_packages) - + stack.post_pref(apt_packages, empty_packages) # Post Actions after package updates if (set(WOVariables.wo_nginx).issubset(set(apt_packages))): WOService.restart_service(self, 'nginx') From 8e0384d7e111b5ffecf9c212d1ee2fcbd152290d Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 04:28:37 +0200 Subject: [PATCH 04/41] update travis --- .travis.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.travis.yml b/.travis.yml index ae182c5..3e9437a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,6 +47,8 @@ script: - sudo wo info - sudo cat /etc/nginx/nginx.conf - sudo cat /etc/mysql/my.cnf + - sudo wo stack upgrade --nginx + - sudo wo stack upgrade --php - sudo wo stack upgrade --netdata --no-prompt - sudo wo stack upgrade --phpmyadmin --no-prompt - sudo wo stack upgrade --composer --no-prompt From cd62916cfca8d8c935d84c44e3e6d7dc8c920b10 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 04:56:33 +0200 Subject: [PATCH 05/41] Add stack_pref --- wo/cli/plugins/stack.py | 1336 +----------------------------- wo/cli/plugins/stack_pref.py | 1357 +++++++++++++++++++++++++++++++ wo/cli/plugins/stack_upgrade.py | 8 +- 3 files changed, 1364 insertions(+), 1337 deletions(-) create mode 100644 wo/cli/plugins/stack_pref.py diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index a1ccaf0..563f6b9 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1,7 +1,7 @@ """Stack Plugin for WordOps""" -from cement.core import handler, hook from cement.core.controller import CementBaseController, expose +from cement.core import handler, hook import codecs import configparser @@ -20,6 +20,7 @@ from wo.cli.plugins.sitedb import * from wo.cli.plugins.stack_migrate import WOStackMigrateController from wo.cli.plugins.stack_services import WOStackStatusController from wo.cli.plugins.stack_upgrade import WOStackUpgradeController +from wo.cli.plugins.stack_pref import pre_pref, post_pref from wo.core.addswap import WOSwap from wo.core.apt_repo import WORepo from wo.core.aptget import WOAptGet @@ -93,1335 +94,6 @@ class WOStackController(CementBaseController): """default action of wo stack command""" self.app.args.print_help() - @expose(hide=True) - def pre_pref(self, apt_packages): - """Pre settings to do before installation packages""" - - if set(WOVariables.wo_mysql).issubset(set(apt_packages)): - # add mariadb repository excepted on raspbian and ubuntu 19.04 - if (not WOVariables.wo_distro == 'raspbian'): - Log.info(self, "Adding repository for MySQL, please wait...") - mysql_pref = ("Package: *\nPin: origin " - "sfo1.mirrors.digitalocean.com" - "\nPin-Priority: 1000\n") - with open('/etc/apt/preferences.d/' - 'MariaDB.pref', 'w') as mysql_pref_file: - mysql_pref_file.write(mysql_pref) - WORepo.add(self, repo_url=WOVariables.wo_mysql_repo) - Log.debug(self, 'Adding key for {0}' - .format(WOVariables.wo_mysql_repo)) - WORepo.add_key(self, '0xcbcb082a1bb943db', - keyserver="keyserver.ubuntu.com") - WORepo.add_key(self, '0xF1656F24C74CD1D8', - keyserver="keyserver.ubuntu.com") - # generate random 24 characters root password - chars = ''.join(random.sample(string.ascii_letters, 24)) - # configure MySQL non-interactive install - if (not WOVariables.wo_distro == 'raspbian'): - Log.debug(self, "Pre-seeding MySQL") - Log.debug(self, "echo \"mariadb-server-10.3 " - "mysql-server/root_password " - "password \" | " - "debconf-set-selections") - try: - WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.3 " - "mysql-server/root_password " - "password {chars}\" | " - "debconf-set-selections" - .format(chars=chars), - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error("Failed to initialize MySQL package") - - Log.debug(self, "echo \"mariadb-server-10.3 " - "mysql-server/root_password_again " - "password \" | " - "debconf-set-selections") - try: - WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.3 " - "mysql-server/root_password_again " - "password {chars}\" | " - "debconf-set-selections" - .format(chars=chars), - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error("Failed to initialize MySQL package") - else: - Log.debug(self, "Pre-seeding MySQL") - Log.debug(self, "echo \"mariadb-server-10.1 " - "mysql-server/root_password " - "password \" | " - "debconf-set-selections") - try: - WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " - "mysql-server/root_password " - "password {chars}\" | " - "debconf-set-selections" - .format(chars=chars), - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error("Failed to initialize MySQL package") - - Log.debug(self, "echo \"mariadb-server-10.1 " - "mysql-server/root_password_again " - "password \" | " - "debconf-set-selections") - try: - WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " - "mysql-server/root_password_again " - "password {chars}\" | " - "debconf-set-selections" - .format(chars=chars), - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error(self, "Failed to initialize MySQL package") - # generate my.cnf root credentials - mysql_config = """ - [client] - user = root - password = {chars} - """.format(chars=chars) - config = configparser.ConfigParser() - config.read_string(mysql_config) - Log.debug(self, 'Writting configuration into MySQL file') - conf_path = "/etc/mysql/conf.d/my.cnf" - os.makedirs(os.path.dirname(conf_path), exist_ok=True) - with open(conf_path, encoding='utf-8', - mode='w') as configfile: - config.write(configfile) - Log.debug(self, 'Setting my.cnf permission') - WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf", 0o600) - - # add nginx repository - if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - if (WOVariables.wo_distro == 'ubuntu'): - Log.info(self, "Adding repository for NGINX, please wait...") - WORepo.add(self, ppa=WOVariables.wo_nginx_repo) - Log.debug(self, 'Adding ppa for Nginx') - else: - Log.info(self, "Adding repository for NGINX, please wait...") - WORepo.add(self, repo_url=WOVariables.wo_nginx_repo) - Log.debug(self, 'Adding repository for Nginx') - WORepo.add_key(self, WOVariables.wo_nginx_key) - - # add php repository - if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or - set(WOVariables.wo_php).issubset(set(apt_packages))): - if (WOVariables.wo_distro == 'ubuntu'): - Log.info(self, "Adding repository for PHP, please wait...") - Log.debug(self, 'Adding ppa for PHP') - WORepo.add(self, ppa=WOVariables.wo_php_repo) - else: - Log.info(self, "Adding repository for PHP, please wait...") - # Add repository for php - if (WOVariables.wo_platform_codename == 'buster'): - php_pref = ("Package: *\nPin: origin " - "packages.sury.org" - "\nPin-Priority: 1000\n") - with open('/etc/apt/preferences.d/' - 'PHP.pref', 'w') as php_pref_file: - php_pref_file.write(php_pref) - Log.debug(self, 'Adding repo_url of php for debian') - WORepo.add(self, repo_url=WOVariables.wo_php_repo) - Log.debug(self, 'Adding deb.sury GPG key') - WORepo.add_key(self, WOVariables.wo_php_key) - # add redis repository - if set(WOVariables.wo_redis).issubset(set(apt_packages)): - Log.info(self, "Adding repository for Redis, please wait...") - if WOVariables.wo_distro == 'ubuntu': - Log.debug(self, 'Adding ppa for redis') - WORepo.add(self, ppa=WOVariables.wo_redis_repo) - else: - Log.debug(self, 'Adding repo_url of redis for debian') - - @expose(hide=True) - def post_pref(self, apt_packages, packages): - """Post activity after installation of packages""" - if (apt_packages): - - # Nginx configuration - if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - - # Fix for white screen death with NGINX PLUS - if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', - 'SCRIPT_FILENAME'): - with open('/etc/nginx/fastcgi_params', - encoding='utf-8', mode='a') as wo_nginx: - wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' - '\t$request_filename;\n') - - if os.path.isfile('/etc/nginx/nginx.conf'): - data = dict(php="9000", debug="9001", - php7="9070", debug7="9170") - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/upstream.conf') - wo_nginx = open('/etc/nginx/conf.d/upstream.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'upstream.mustache', out=wo_nginx) - wo_nginx.close() - - data = dict(phpconf=True if - WOAptGet.is_installed(self, 'php7.2-fpm') - else False) - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/stub_status.conf') - wo_nginx = open('/etc/nginx/conf.d/stub_status.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'stub_status.mustache', out=wo_nginx) - wo_nginx.close() - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/webp.conf') - wo_nginx = open('/etc/nginx/conf.d/webp.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'webp.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/' - 'map-wp-fastcgi-cache.conf') - wo_nginx = open('/etc/nginx/conf.d/' - 'map-wp-fastcgi-cache.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'map-wp.mustache', - out=wo_nginx) - wo_nginx.close() - - # Setup Nginx common directory - if not os.path.exists('/etc/nginx/common'): - Log.debug(self, 'Creating directory' - '/etc/nginx/common') - os.makedirs('/etc/nginx/common') - - if os.path.exists('/etc/nginx/common'): - data = dict(webroot=WOVariables.wo_webroot) - - # Common Configuration - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-wo.conf') - wo_nginx = open('/etc/nginx/common/locations-wo.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'locations.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsubdir.conf') - wo_nginx = open('/etc/nginx/common/wpsubdir.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsubdir.mustache', - out=wo_nginx) - wo_nginx.close() - - # PHP 7.2 conf - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php72.conf') - wo_nginx = open('/etc/nginx/common/php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpcommon-php72.conf') - wo_nginx = open('/etc/nginx/common/wpcommon-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-php72.conf') - wo_nginx = open('/etc/nginx/common/wpfc-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-php72.conf') - wo_nginx = open('/etc/nginx/common/wpsc-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc.mustache', - out=wo_nginx) - wo_nginx.close() - - # PHP 7.3 conf - if os.path.isdir("/etc/nginx/common"): - data = dict() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php73.conf') - wo_nginx = open('/etc/nginx/common/php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpcommon-php73.conf') - wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - # create redis conf - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', - out=wo_nginx) - wo_nginx.close() - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - with open("/etc/nginx/common/release", - "a") as release_file: - release_file.write("v{0}" - .format(WOVariables.wo_version)) - release_file.close() - - # Following files should not be overwrited - - if not os.path.isfile('/etc/nginx/common/acl.conf'): - data = dict(webroot=WOVariables.wo_webroot) - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/acl.conf') - wo_nginx = open('/etc/nginx/common/acl.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'acl.mustache', - out=wo_nginx) - wo_nginx.close() - if not os.path.isfile('/etc/nginx/conf.d/blockips.conf'): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/blockips.conf') - wo_nginx = open('/etc/nginx/conf.d/blockips.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'blockips.mustache', out=wo_nginx) - wo_nginx.close() - - if not os.path.isfile('/etc/nginx/conf.d/fastcgi.conf'): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/fastcgi.conf') - wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'fastcgi.mustache', out=wo_nginx) - wo_nginx.close() - - # add redis cache format if not already done - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/conf.d" - "/redis.conf")): - with open("/etc/nginx/conf.d/" - "redis.conf", "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis " - "'$remote_addr " - "$upstream_response_time " - "$srcache_fetch_status " - "[$time_local] '\n" - "'$http_host \"$request\" $status" - " $body_bytes_sent '\n" - "'\"$http_referer\" " - "\"$http_user_agent\"';\n") - - # Nginx-Plus does not have nginx - # package structure like this - # So creating directories - if not os.path.exists('/etc/nginx/sites-available'): - Log.debug(self, 'Creating directory' - '/etc/nginx/sites-available') - os.makedirs('/etc/nginx/sites-available') - - if not os.path.exists('/etc/nginx/sites-enabled'): - Log.debug(self, 'Creating directory' - '/etc/nginx/sites-available') - os.makedirs('/etc/nginx/sites-enabled') - - # 22222 port settings - if not os.path.isfile("/etc/nginx/sites-available/22222"): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/sites-available/' - '22222') - wo_nginx = open('/etc/nginx/sites-available/22222', - encoding='utf-8', mode='w') - self.app.render((data), '22222.mustache', - out=wo_nginx) - wo_nginx.close() - - passwd = ''.join([random.choice - (string.ascii_letters + string.digits) - for n in range(16)]) - try: - WOShellExec.cmd_exec(self, "printf \"WordOps:" - "$(openssl passwd -crypt " - "{password} 2> /dev/null)\n\"" - "> /etc/nginx/htpasswd-wo " - "2>/dev/null" - .format(password=passwd)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error(self, "Failed to save HTTP Auth") - - # Create Symbolic link for 22222 - WOFileUtils.create_symlink(self, ['/etc/nginx/' - 'sites-available/' - '22222', - '/etc/nginx/' - 'sites-enabled/' - '22222']) - # Create log and cert folder and softlinks - if not os.path.exists('{0}22222/logs' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/logs " - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/logs' - .format(WOVariables.wo_webroot)) - - if not os.path.exists('{0}22222/cert' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/cert" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/cert' - .format(WOVariables.wo_webroot)) - - if not os.path.exists('{0}22222/conf/nginx' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/conf/nginx" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/conf/nginx' - .format(WOVariables.wo_webroot)) - - WOFileUtils.create_symlink(self, ['/var/log/nginx/' - '22222.access.log', - '{0}22222/' - 'logs/access.log' - .format(WOVariables.wo_webroot)] - ) - - WOFileUtils.create_symlink(self, ['/var/log/nginx/' - '22222.error.log', - '{0}22222/' - 'logs/error.log' - .format(WOVariables.wo_webroot)] - ) - - try: - WOShellExec.cmd_exec(self, "openssl genrsa -out " - "{0}22222/cert/22222.key 2048" - .format(WOVariables.wo_webroot)) - WOShellExec.cmd_exec(self, "openssl req -new -batch " - "-subj /commonName=localhost/ " - "-key {0}22222/cert/22222.key " - "-out {0}22222/cert/" - "22222.csr" - .format(WOVariables.wo_webroot)) - - WOFileUtils.mvfile(self, "{0}22222/cert/22222.key" - .format(WOVariables.wo_webroot), - "{0}22222/cert/" - "22222.key.org" - .format(WOVariables.wo_webroot)) - - WOShellExec.cmd_exec(self, "openssl rsa -in " - "{0}22222/cert/" - "22222.key.org -out " - "{0}22222/cert/22222.key" - .format(WOVariables.wo_webroot)) - - WOShellExec.cmd_exec(self, "openssl x509 -req -days " - "3652 -in {0}22222/cert/" - "22222.csr -signkey {0}" - "22222/cert/22222.key -out " - "{0}22222/cert/22222.crt" - .format(WOVariables.wo_webroot)) - - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error( - self, "Failed to generate HTTPS " - "certificate for 22222") - server_ip = requests.get('http://v4.wordops.eu') - - if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' - .format(WOVariables.wo_webroot)): - - with open("/var/www/22222/conf/nginx/" - "ssl.conf", "a") as php_file: - php_file.write("ssl_certificate " - "/var/www/22222/cert/22222.crt;\n" - "ssl_certificate_key " - "/var/www/22222/cert/22222.key;\n") - - # Nginx Configation into GIT - WOGit.add(self, - ["/etc/nginx"], msg="Adding Nginx into Git") - WOService.reload_service(self, 'nginx') - - if set(["nginx"]).issubset(set(apt_packages)): - - print("WordOps backend configuration was successful\n" - "You can access it on : https://{0}:22222" - .format(server_ip)) - print("HTTP Auth User Name: WordOps" + - "\nHTTP Auth Password : {0}".format(passwd)) - WOService.reload_service(self, 'nginx') - else: - self.msg = (self.msg + ["HTTP Auth User " - "Name: WordOps"] + - ["HTTP Auth Password : {0}" - .format(passwd)]) - self.msg = (self.msg + ["WordOps backend is available " - "on https://{0}:22222 " - "or https://{1}:22222" - .format(server_ip.text, - WOVariables.wo_fqdn)]) - else: - WOService.restart_service(self, 'nginx') - - # create nginx configuration for redis - if set(WOVariables.wo_redis).issubset(set(apt_packages)): - if os.path.isdir('/etc/nginx/common'): - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', - out=wo_nginx) - wo_nginx.close() - - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "upstream.conf", - "redis"): - with open("/etc/nginx/conf.d/upstream.conf", - "a") as redis_file: - redis_file.write("upstream redis {\n" - " server 127.0.0.1:6379;\n" - " keepalive 10;\n}\n") - - if os.path.isfile("/etc/nginx/nginx.conf"): - if not os.path.isfile("/etc/nginx/conf.d/redis.conf"): - with open("/etc/nginx/conf.d/redis.conf", - "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis " - "'$remote_addr " - "$upstream_response_time " - "$srcache_fetch_status " - "[$time_local]" - " '\n '$http_host" - " \"$request\" " - "$status $body_bytes_sent '\n" - "'\"$http_referer\" " - "\"$http_user_agent\"';\n") - - if set(WOVariables.wo_php).issubset(set(apt_packages)): - # Create log directories - if not os.path.exists('/var/log/php/7.2/'): - Log.debug(self, 'Creating directory /var/log/php/7.2/') - os.makedirs('/var/log/php/7.2/') - - # Parse etc/php/7.2/fpm/php.ini - config = configparser.ConfigParser() - Log.debug(self, "configuring php file " - "/etc/php/7.2/fpm/php.ini") - config.read('/etc/php/7.2/fpm/php.ini') - config['PHP']['expose_php'] = 'Off' - config['PHP']['post_max_size'] = '100M' - config['PHP']['upload_max_filesize'] = '100M' - config['PHP']['max_execution_time'] = '300' - config['PHP']['max_input_time'] = '300' - config['PHP']['max_input_vars'] = '20000' - config['Date']['date.timezone'] = WOVariables.wo_timezone - config['opcache']['opcache.enable'] = '1' - config['opcache']['opcache.interned_strings_buffer'] = '8' - config['opcache']['opcache.max_accelerated_files'] = '10000' - config['opcache']['opcache.memory_consumption'] = '256' - config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '5' - config['opcache']['opcache.consistency_checks'] = '0' - config['opcache']['opcache.validate_timestamps'] = '1' - with open('/etc/php/7.2/fpm/php.ini', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writting php configuration into " - "/etc/php/7.2/fpm/php.ini") - config.write(configfile) - - # Parse /etc/php/7.2/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.2-fpm.pid", - error_log="/var/log/php/7.2/fpm.log", - include="/etc/php/7.2/fpm/pool.d/*.conf") - Log.debug(self, "writting php7.2 configuration into " - "/etc/php/7.2/fpm/php-fpm.conf") - wo_php_fpm = open('/etc/php/7.2/fpm/php-fpm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) - wo_php_fpm.close() - - # Parse /etc/php/7.2/fpm/pool.d/www.conf - config = configparser.ConfigParser() - config.read_file(codecs.open('/etc/php/7.2/fpm/' - 'pool.d/www.conf', - "r", "utf8")) - config['www']['ping.path'] = '/ping' - config['www']['pm.status_path'] = '/status' - config['www']['pm.max_requests'] = '1500' - config['www']['pm.max_children'] = '50' - config['www']['pm.start_servers'] = '10' - config['www']['pm.min_spare_servers'] = '5' - config['www']['pm.max_spare_servers'] = '15' - config['www']['request_terminate_timeout'] = '300' - config['www']['pm'] = 'ondemand' - config['www']['chdir'] = '/' - config['www']['prefix'] = '/var/run/php' - config['www']['listen'] = 'php72-fpm.sock' - config['www']['listen.mode'] = '0660' - config['www']['listen.backlog'] = '32768' - config['www']['catch_workers_output'] = 'yes' - with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writing PHP 7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/www.conf") - config.write(configfile) - - with open("/etc/php/7.2/fpm/pool.d/www.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("\nphp_admin_value[open_basedir] " - "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/:" - "/dev/shm:/dev/urandom\"\n") - - # Generate /etc/php/7.2/fpm/pool.d/www-two.conf - WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", - "/etc/php/7.2/fpm/pool.d/www-two.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" - "www-two.conf", "[www]", "[www-two]") - config = configparser.ConfigParser() - config.read('/etc/php/7.2/fpm/pool.d/www-two.conf') - config['www-two']['listen'] = 'php72-two-fpm.sock' - with open('/etc/php/7.2/fpm/pool.d/www-two.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/www-two.conf") - config.write(confifile) - - # Generate /etc/php/7.2/fpm/pool.d/debug.conf - WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", - "/etc/php/7.2/fpm/pool.d/debug.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" - "debug.conf", "[www]", "[debug]") - config = configparser.ConfigParser() - config.read('/etc/php/7.2/fpm/pool.d/debug.conf') - config['debug']['listen'] = '127.0.0.1:9172' - config['debug']['rlimit_core'] = 'unlimited' - config['debug']['slowlog'] = '/var/log/php/7.2/slow.log' - config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/php/7.2/fpm/pool.d/debug.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/debug.conf") - config.write(confifile) - - with open("/etc/php/7.2/fpm/pool.d/debug.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") - - # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" - " /etc/php/7.2/mods-available/" - "xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.2/" - "mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") - - # PHP and Debug pull configuration - if not os.path.exists('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/fpm/status/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)) - open('{0}22222/htdocs/fpm/status/debug72' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - open('{0}22222/htdocs/fpm/status/php72' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - - # Write info.php - if not os.path.exists('{0}22222/htdocs/php/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/php/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) - - with open("{0}22222/htdocs/php/info.php" - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') as myfile: - myfile.write("") - - WOFileUtils.chown(self, "{0}22222" - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, recursive=True) - - WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") - WOService.restart_service(self, 'php7.2-fpm') - - # PHP7.3 configuration - if set(WOVariables.wo_php73).issubset(set(apt_packages)): - # Create log directories - if not os.path.exists('/var/log/php/7.3/'): - Log.debug(self, 'Creating directory /var/log/php/7.3/') - os.makedirs('/var/log/php/7.3/') - - # Parse etc/php/7.3/fpm/php.ini - config = configparser.ConfigParser() - Log.debug(self, "configuring php file /etc/php/7.3/" - "fpm/php.ini") - config.read('/etc/php/7.3/fpm/php.ini') - config['PHP']['expose_php'] = 'Off' - config['PHP']['post_max_size'] = '100M' - config['PHP']['upload_max_filesize'] = '100M' - config['PHP']['max_execution_time'] = '300' - config['PHP']['max_input_time'] = '300' - config['PHP']['max_input_vars'] = '20000' - config['Date']['date.timezone'] = WOVariables.wo_timezone - config['opcache']['opcache.enable'] = '1' - config['opcache']['opcache.interned_strings_buffer'] = '8' - config['opcache']['opcache.max_accelerated_files'] = '10000' - config['opcache']['opcache.memory_consumption'] = '256' - config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '5' - config['opcache']['opcache.consistency_checks'] = '0' - config['opcache']['opcache.validate_timestamps'] = '1' - with open('/etc/php/7.3/fpm/php.ini', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writting php configuration into " - "/etc/php/7.3/fpm/php.ini") - config.write(configfile) - - # Parse /etc/php/7.3/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.3-fpm.pid", - error_log="/var/log/php7.3-fpm.log", - include="/etc/php/7.3/fpm/pool.d/*.conf") - Log.debug(self, "writting php 7.3 configuration into " - "/etc/php/7.3/fpm/php-fpm.conf") - wo_php_fpm = open('/etc/php/7.3/fpm/php-fpm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) - wo_php_fpm.close() - - # Parse /etc/php/7.3/fpm/pool.d/www.conf - config = configparser.ConfigParser() - config.read_file(codecs.open('/etc/php/7.3/fpm/' - 'pool.d/www.conf', - "r", "utf8")) - config['www']['ping.path'] = '/ping' - config['www']['pm.status_path'] = '/status' - config['www']['pm.max_requests'] = '1500' - config['www']['pm.max_children'] = '50' - config['www']['pm.start_servers'] = '10' - config['www']['pm.min_spare_servers'] = '5' - config['www']['pm.max_spare_servers'] = '15' - config['www']['request_terminate_timeout'] = '300' - config['www']['pm'] = 'ondemand' - config['www']['chdir'] = '/' - config['www']['prefix'] = '/var/run/php' - config['www']['listen'] = 'php73-fpm.sock' - config['www']['listen.mode'] = '0660' - config['www']['listen.backlog'] = '32768' - config['www']['catch_workers_output'] = 'yes' - with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/www.conf") - config.write(configfile) - - with open("/etc/php/7.3/fpm/pool.d/www.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("\nphp_admin_value[open_basedir] " - "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/:" - "/dev/shm:/dev/urandom\"\n") - - # Generate /etc/php/7.3/fpm/pool.d/www-two.conf - WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", - "/etc/php/7.3/fpm/pool.d/www-two.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" - "www-two.conf", "[www]", "[www-two]") - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/pool.d/www-two.conf') - config['www-two']['listen'] = 'php73-two-fpm.sock' - with open('/etc/php/7.3/fpm/pool.d/www-two.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/www-two.conf") - config.write(confifile) - - # Generate /etc/php/7.3/fpm/pool.d/debug.conf - WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", - "/etc/php/7.3/fpm/pool.d/debug.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" - "debug.conf", "[www]", "[debug]") - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/pool.d/debug.conf') - config['debug']['listen'] = '127.0.0.1:9173' - config['debug']['rlimit_core'] = 'unlimited' - config['debug']['slowlog'] = '/var/log/php/7.3/slow.log' - config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/php/7.3/fpm/pool.d/debug.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/debug.conf") - config.write(confifile) - - with open("/etc/php/7.3/fpm/pool.d/debug.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") - - # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" - " /etc/php/7.3/mods-available" - "/xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.3/" - "mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") - - # PHP and Debug pull configuration - if not os.path.exists('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/fpm/status/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)) - open('{0}22222/htdocs/fpm/status/debug73' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - open('{0}22222/htdocs/fpm/status/php73' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - - # Write info.php - if not os.path.exists('{0}22222/htdocs/php/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/php/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) - - with open("{0}22222/htdocs/php/info.php" - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') as myfile: - myfile.write("") - - WOFileUtils.chown(self, "{0}22222" - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, recursive=True) - - WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") - WOService.restart_service(self, 'php7.3-fpm') - - # create mysql config if it doesn't exist - if set(WOVariables.wo_mysql).issubset(set(apt_packages)): - if not os.path.isfile("/etc/mysql/my.cnf"): - config = ("[mysqld]\nwait_timeout = 30\n" - "interactive_timeout=60\nperformance_schema = 0" - "\nquery_cache_type = 1") - config_file = open("/etc/mysql/my.cnf", - encoding='utf-8', mode='w') - config_file.write(config) - config_file.close() - - WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) - WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' - '> /dev/null 2>&1', - comment='MySQL optimization cronjob ' - 'added by WordOps') - WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") - WOService.reload_service(self, 'mysql') - - # create fail2ban configuration files - if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): - if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): - data = dict() - Log.debug(self, "Setting up fail2ban jails configuration") - fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban.mustache', - out=fail2ban_config) - fail2ban_config.close() - - Log.debug(self, "Setting up fail2ban wp filter") - fail2ban_config = open('/etc/fail2ban/filter.d/' - 'wo-wordpress.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban-wp.mustache', - out=fail2ban_config) - fail2ban_config.close() - - Log.debug(self, "Setting up fail2ban wp filter") - fail2ban_config = open('/etc/fail2ban/filter.d/' - 'nginx-forbidden.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban-forbidden.mustache', - out=fail2ban_config) - fail2ban_config.close() - WOGit.add(self, ["/etc/fail2ban"], - msg="Adding Fail2ban into Git") - WOService.reload_service(self, 'fail2ban') - - # Proftpd configuration - if set(["proftpd-basic"]).issubset(set(apt_packages)): - if os.path.isfile("/etc/proftpd/proftpd.conf"): - Log.debug(self, "Setting up Proftpd configuration") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# DefaultRoot", - "DefaultRoot") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# RequireValidShell", - "RequireValidShell") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# PassivePorts " - " " - "49152 65534", - "PassivePorts " - " " - " 49000 50000") - # proftpd TLS configuration - if not os.path.isdir("/etc/proftpd/ssl"): - WOFileUtils.mkdir(self, "/etc/proftpd/ssl") - - try: - WOShellExec.cmd_exec(self, "openssl genrsa -out " - "/etc/proftpd/ssl/proftpd.key 2048") - WOShellExec.cmd_exec(self, "openssl req -new -batch " - "-subj /commonName=localhost/ " - "-key /etc/proftpd/ssl/proftpd.key " - "-out /etc/proftpd/ssl/proftpd.csr") - WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", - "/etc/proftpd/ssl/proftpd.key.org") - WOShellExec.cmd_exec(self, "openssl rsa -in " - "/etc/proftpd/ssl/proftpd.key.org " - "-out /etc/proftpd/ssl/proftpd.key") - WOShellExec.cmd_exec(self, "openssl x509 -req -days " - "3652 -in /etc/proftpd/ssl/proftpd.csr " - "-signkey /etc/proftpd/ssl/proftpd.key " - " -out /etc/proftpd/ssl/proftpd.crt") - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error( - self, "Failed to generate SSL " - "certificate for Proftpd") - WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700) - WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700) - data = dict() - Log.debug(self, 'Writting the proftpd configuration to ' - 'file /etc/proftpd/tls.conf') - wo_proftpdconf = open('/etc/proftpd/tls.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'proftpd-tls.mustache', - out=wo_proftpdconf) - wo_proftpdconf.close() - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "#Include /etc/proftpd/tls.conf", - "Include /etc/proftpd/tls.conf") - WOService.restart_service(self, 'proftpd') - - # add rule for proftpd with UFW - if WOAptGet.is_installed(self, 'ufw'): - try: - WOShellExec.cmd_exec(self, "ufw allow " - "49000:50000/tcp") - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error(self, "Unable to add UFW rule") - - if os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): - with open("/etc/fail2ban/jail.d/custom.conf", - encoding='utf-8', mode='a') as f2bproftpd: - f2bproftpd.write("\n\n[proftpd]\nenabled = true\n") - WOService.reload_service(self, 'fail2ban') - - WOGit.add(self, ["/etc/proftpd"], - msg="Adding ProFTPd into Git") - WOService.reload_service(self, 'proftpd') - - if (packages): - if any('/usr/local/bin/wp' == x[1] for x in packages): - Log.debug(self, "Setting Privileges" - " to /usr/local/bin/wp file ") - WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775) - - if any('/var/lib/wo/tmp/pma.tar.gz' == x[1] - for x in packages): - WOExtract.extract( - self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/') - Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to ' - 'location /var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/db' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating new directory " - "{0}22222/htdocs/db" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/db' - .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/db/pma/' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/phpmyadmin-STABLE/', - '{0}22222/htdocs/db/pma/' - .format(WOVariables.wo_webroot)) - shutil.copyfile('{0}22222/htdocs/db/pma' - '/config.sample.inc.php' - .format(WOVariables.wo_webroot), - '{0}22222/htdocs/db/pma/config.inc.php' - .format(WOVariables.wo_webroot)) - Log.debug(self, 'Setting Blowfish Secret Key ' - 'FOR COOKIE AUTH to ' - '{0}22222/htdocs/db/pma/config.inc.php file ' - .format(WOVariables.wo_webroot)) - blowfish_key = ''.join([random.choice - (string.ascii_letters + - string.digits) - for n in range(25)]) - WOFileUtils.searchreplace(self, - '{0}22222/htdocs/db/pma' - '/config.inc.php' - .format(WOVariables.wo_webroot), - "$cfg[\'blowfish_secret\']" - " = \'\';", - "$cfg[\'blowfish_secret\']" - " = \'{0}\';" - .format(blowfish_key)) - Log.debug(self, 'Setting HOST Server For Mysql to ' - '{0}22222/htdocs/db/pma/config.inc.php file ' - .format(WOVariables.wo_webroot)) - WOFileUtils.searchreplace(self, - '{0}22222/htdocs/db/pma' - '/config.inc.php' - .format(WOVariables.wo_webroot), - "$cfg[\'Servers\'][$i][\'host\']" - " = \'localhost\';", "$cfg" - "[\'Servers\'][$i][\'host\'] = \'{0}\';" - .format(WOVariables.wo_mysql_host)) - Log.debug(self, 'Setting Privileges of webroot permission to ' - '{0}22222/htdocs/db/pma file '.format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222'.format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - - # composer install and phpmyadmin update - if any('/var/lib/wo/tmp/composer-install' == x[1] - for x in packages): - Log.info(self, "Installing composer, please wait...") - WOShellExec.cmd_exec(self, "php -q /var/lib/wo" - "/tmp/composer-install " - "--install-dir=/var/lib/wo/tmp/") - shutil.copyfile('/var/lib/wo/tmp/composer.phar', - '/usr/local/bin/composer') - WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) - Log.info(self, "Updating phpMyAdmin, please wait...") - WOShellExec.cmd_exec(self, "sudo -u www-data -H composer " - "update -n --no-dev -d " - "/var/www/22222/htdocs/db/pma/") - - # netdata install - if any('/var/lib/wo/tmp/kickstart.sh' == x[1] - for x in packages): - if ((not os.path.exists('/opt/netdata')) and - (not os.path.exists('/etc/netdata'))): - Log.info(self, "Installing Netdata, please wait...") - WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/" - "kickstart.sh " - "--dont-wait") - # disable mail notifications - WOFileUtils.searchreplace(self, "/opt/netdata/usr/" - "lib/netdata/conf.d/" - "health_alarm_notify.conf", - 'SEND_EMAIL="YES"', - 'SEND_EMAIL="NO"') - # make changes persistant - WOFileUtils.copyfile(self, "/opt/netdata/usr/" - "lib/netdata/conf.d/" - "health_alarm_notify.conf", - "/opt/netdata/etc/netdata/" - "health_alarm_notify.conf") - # check if mysql credentials are available - if os.path.isfile('/etc/mysql/conf.d/my.cnf'): - try: - WOMysql.execute(self, - "create user " - "'netdata'@'localhost';", - log=False) - WOMysql.execute(self, - "grant usage on *.* to " - "'netdata'@'localhost';", - log=False) - WOMysql.execute(self, - "flush privileges;", - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.info( - self, "fail to setup mysql user for netdata") - WOService.restart_service(self, 'netdata') - - # WordOps Dashboard - if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1] - for x in packages): - if not os.path.isfile('{0}22222/htdocs/index.php' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Extracting wo-dashboard.tar.gz " - "to location {0}22222/htdocs/" - .format(WOVariables.wo_webroot)) - WOExtract.extract(self, '/var/lib/wo/tmp/' - 'wo-dashboard.tar.gz', - '{0}22222/htdocs' - .format(WOVariables.wo_webroot)) - wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " - "grep -oP \"dev [^[:space:]]+ \" " - "| cut -d ' ' -f 2").read() - if (wo_wan != 'eth0' and wo_wan != ''): - WOFileUtils.searchreplace(self, - "{0}22222/htdocs/index.php" - .format(WOVariables.wo_webroot), - "eth0", - "{0}".format(wo_wan)) - Log.debug(self, "Setting Privileges to " - "{0}22222/htdocs" - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - - # Extplorer FileManager - if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1] - for x in packages): - if not os.path.exists('{0}22222/htdocs/files' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Extracting explorer.tar.gz " - "to location {0}22222/htdocs/files" - .format(WOVariables.wo_webroot)) - WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz', - '/var/lib/wo/tmp/') - shutil.move('/var/lib/wo/tmp/extplorer-{0}' - .format(WOVariables.wo_extplorer), - '{0}22222/htdocs/files' - .format(WOVariables.wo_webroot)) - Log.debug(self, "Setting Privileges to " - "{0}22222/htdocs/files" - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - - # webgrind - if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1] - for x in packages): - Log.debug(self, "Extracting file webgrind.tar.gz to " - "location /var/lib/wo/tmp/ ") - WOExtract.extract( - self, '/var/lib/wo/tmp/webgrind.tar.gz', - '/var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directroy " - "{0}22222/htdocs/php" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/php/webgrind' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/webgrind-master/', - '{0}22222/htdocs/php/webgrind' - .format(WOVariables.wo_webroot)) - - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "/usr/local/bin/dot", "/usr/bin/dot") - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "Europe/Copenhagen", - WOVariables.wo_timezone) - - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "90", "100") - - Log.debug(self, "Setting Privileges of webroot permission to " - "{0}22222/htdocs/php/webgrind/ file " - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - # anemometer - if any('/var/lib/wo/tmp/anemometer.tar.gz' == x[1] - for x in packages): - Log.debug(self, "Extracting file anemometer.tar.gz to " - "location /var/lib/wo/tmp/ ") - WOExtract.extract( - self, '/var/lib/wo/tmp/anemometer.tar.gz', - '/var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/db/' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory") - os.makedirs('{0}22222/htdocs/db/' - .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/db/anemometer' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/Anemometer-master', - '{0}22222/htdocs/db/anemometer' - .format(WOVariables.wo_webroot)) - chars = ''.join(random.sample(string.ascii_letters, 8)) - try: - WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db' - '/anemometer/install.sql' - .format(WOVariables.wo_webroot)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - raise SiteError("Unable to import Anemometer database") - - WOMysql.execute(self, 'grant select on' - ' *.* to \'anemometer\'' - '@\'{0}\' IDENTIFIED' - ' BY \'{1}\''.format(self.app.config.get - ('mysql', - 'grant-host'), - chars)) - Log.debug(self, "grant all on slow-query-log.*" - " to anemometer@root_user" - " IDENTIFIED BY password ") - WOMysql.execute(self, 'grant all on slow_query_log.* to' - '\'anemometer\'@\'{0}\' IDENTIFIED' - ' BY \'{1}\''.format(self.app.config.get( - 'mysql', 'grant-host'), - chars), - errormsg="cannot grant priviledges", - log=False) - - # Custom Anemometer configuration - Log.debug(self, "configration Anemometer") - data = dict(host=WOVariables.wo_mysql_host, port='3306', - user='anemometer', password=chars) - wo_anemometer = open('{0}22222/htdocs/db/anemometer' - '/conf/config.inc.php' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') - self.app.render((data), 'anemometer.mustache', - out=wo_anemometer) - wo_anemometer.close() - - if any('/usr/bin/pt-query-advisor' == x[1] - for x in packages): - WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) - - # phpredisadmin - if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] - for x in packages): - if not os.path.exists('{0}22222/htdocs/cache/' - 'redis/phpRedisAdmin' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating new directory " - "{0}22222/htdocs/cache/redis" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin' - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - if os.path.isfile("/usr/local/bin/composer"): - WOShellExec.cmd_exec(self, "sudo -u www-data -H " - "composer " - "create-project -n -s dev " - "erik-dubbelboer/php-redis-admin " - "/var/www/22222/htdocs/cache" - "/redis/phpRedisAdmin ") - Log.debug(self, 'Setting Privileges of webroot permission to ' - '{0}22222/htdocs/cache/file ' - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - @expose(help="Install packages") def install(self, packages=[], apt_packages=[], disp_msg=True): """Start installation of packages""" @@ -1719,7 +391,7 @@ class WOStackController(CementBaseController): if (apt_packages) or (packages): Log.debug(self, "Calling pre_pref") - self.pre_pref(apt_packages) + pre_pref(self, apt_packages) if (apt_packages): meminfo = (os.popen('cat /proc/meminfo ' '| grep MemTotal').read()).split(":") @@ -1735,7 +407,7 @@ class WOStackController(CementBaseController): Log.debug(self, "Downloading following: {0}".format(packages)) WODownload.download(self, packages) Log.debug(self, "Calling post_pref") - self.post_pref(apt_packages, packages) + post_pref(self, apt_packages, packages) if 'redis-server' in apt_packages: # set redis.conf parameter # set maxmemory 10% for ram below 512MB and 20% for others diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py new file mode 100644 index 0000000..9b7a9ed --- /dev/null +++ b/wo/cli/plugins/stack_pref.py @@ -0,0 +1,1357 @@ +import codecs +import configparser +import os +import pwd +import random +import shutil +import string +import re +import requests + +import psutil +# from pynginxconfig import NginxConfig +from wo.cli.plugins.site_functions import * +from wo.cli.plugins.sitedb import * +from wo.cli.plugins.stack_services import WOStackStatusController +from wo.core.addswap import WOSwap +from wo.core.apt_repo import WORepo +from wo.core.aptget import WOAptGet +from wo.core.cron import WOCron +from wo.core.download import WODownload +from wo.core.extract import WOExtract +from wo.core.fileutils import WOFileUtils +from wo.core.git import WOGit +from wo.core.logging import Log +from wo.core.mysql import WOMysql +from wo.core.services import WOService +from wo.core.shellexec import CommandExecutionError, WOShellExec +from wo.core.variables import WOVariables + + +def pre_pref(self, apt_packages): + """Pre settings to do before installation packages""" + + if set(WOVariables.wo_mysql).issubset(set(apt_packages)): + # add mariadb repository excepted on raspbian and ubuntu 19.04 + if (not WOVariables.wo_distro == 'raspbian'): + Log.info(self, "Adding repository for MySQL, please wait...") + mysql_pref = ("Package: *\nPin: origin " + "sfo1.mirrors.digitalocean.com" + "\nPin-Priority: 1000\n") + with open('/etc/apt/preferences.d/' + 'MariaDB.pref', 'w') as mysql_pref_file: + mysql_pref_file.write(mysql_pref) + WORepo.add(self, repo_url=WOVariables.wo_mysql_repo) + Log.debug(self, 'Adding key for {0}' + .format(WOVariables.wo_mysql_repo)) + WORepo.add_key(self, '0xcbcb082a1bb943db', + keyserver="keyserver.ubuntu.com") + WORepo.add_key(self, '0xF1656F24C74CD1D8', + keyserver="keyserver.ubuntu.com") + # generate random 24 characters root password + chars = ''.join(random.sample(string.ascii_letters, 24)) + # configure MySQL non-interactive install + if (not WOVariables.wo_distro == 'raspbian'): + Log.debug(self, "Pre-seeding MySQL") + Log.debug(self, "echo \"mariadb-server-10.3 " + "mysql-server/root_password " + "password \" | " + "debconf-set-selections") + try: + WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.3 " + "mysql-server/root_password " + "password {chars}\" | " + "debconf-set-selections" + .format(chars=chars), + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error("Failed to initialize MySQL package") + + Log.debug(self, "echo \"mariadb-server-10.3 " + "mysql-server/root_password_again " + "password \" | " + "debconf-set-selections") + try: + WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.3 " + "mysql-server/root_password_again " + "password {chars}\" | " + "debconf-set-selections" + .format(chars=chars), + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error("Failed to initialize MySQL package") + else: + Log.debug(self, "Pre-seeding MySQL") + Log.debug(self, "echo \"mariadb-server-10.1 " + "mysql-server/root_password " + "password \" | " + "debconf-set-selections") + try: + WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " + "mysql-server/root_password " + "password {chars}\" | " + "debconf-set-selections" + .format(chars=chars), + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error("Failed to initialize MySQL package") + + Log.debug(self, "echo \"mariadb-server-10.1 " + "mysql-server/root_password_again " + "password \" | " + "debconf-set-selections") + try: + WOShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " + "mysql-server/root_password_again " + "password {chars}\" | " + "debconf-set-selections" + .format(chars=chars), + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error(self, "Failed to initialize MySQL package") + # generate my.cnf root credentials + mysql_config = """ + [client] + user = root + password = {chars} + """.format(chars=chars) + config = configparser.ConfigParser() + config.read_string(mysql_config) + Log.debug(self, 'Writting configuration into MySQL file') + conf_path = "/etc/mysql/conf.d/my.cnf" + os.makedirs(os.path.dirname(conf_path), exist_ok=True) + with open(conf_path, encoding='utf-8', + mode='w') as configfile: + config.write(configfile) + Log.debug(self, 'Setting my.cnf permission') + WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf", 0o600) + + # add nginx repository + if set(WOVariables.wo_nginx).issubset(set(apt_packages)): + if (WOVariables.wo_distro == 'ubuntu'): + Log.info(self, "Adding repository for NGINX, please wait...") + WORepo.add(self, ppa=WOVariables.wo_nginx_repo) + Log.debug(self, 'Adding ppa for Nginx') + else: + Log.info(self, "Adding repository for NGINX, please wait...") + WORepo.add(self, repo_url=WOVariables.wo_nginx_repo) + Log.debug(self, 'Adding repository for Nginx') + WORepo.add_key(self, WOVariables.wo_nginx_key) + + # add php repository + if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or + set(WOVariables.wo_php).issubset(set(apt_packages))): + if (WOVariables.wo_distro == 'ubuntu'): + Log.info(self, "Adding repository for PHP, please wait...") + Log.debug(self, 'Adding ppa for PHP') + WORepo.add(self, ppa=WOVariables.wo_php_repo) + else: + Log.info(self, "Adding repository for PHP, please wait...") + # Add repository for php + if (WOVariables.wo_platform_codename == 'buster'): + php_pref = ("Package: *\nPin: origin " + "packages.sury.org" + "\nPin-Priority: 1000\n") + with open('/etc/apt/preferences.d/' + 'PHP.pref', 'w') as php_pref_file: + php_pref_file.write(php_pref) + Log.debug(self, 'Adding repo_url of php for debian') + WORepo.add(self, repo_url=WOVariables.wo_php_repo) + Log.debug(self, 'Adding deb.sury GPG key') + WORepo.add_key(self, WOVariables.wo_php_key) + # add redis repository + if set(WOVariables.wo_redis).issubset(set(apt_packages)): + Log.info(self, "Adding repository for Redis, please wait...") + if WOVariables.wo_distro == 'ubuntu': + Log.debug(self, 'Adding ppa for redis') + WORepo.add(self, ppa=WOVariables.wo_redis_repo) + else: + Log.debug(self, 'Adding repo_url of redis for debian') + + +def post_pref(self, apt_packages, packages): + """Post activity after installation of packages""" + if (apt_packages): + + # Nginx configuration + if set(WOVariables.wo_nginx).issubset(set(apt_packages)): + + # Fix for white screen death with NGINX PLUS + if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', + 'SCRIPT_FILENAME'): + with open('/etc/nginx/fastcgi_params', + encoding='utf-8', mode='a') as wo_nginx: + wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' + '\t$request_filename;\n') + + if os.path.isfile('/etc/nginx/nginx.conf'): + data = dict(php="9000", debug="9001", + php7="9070", debug7="9170") + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/upstream.conf') + wo_nginx = open('/etc/nginx/conf.d/upstream.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'upstream.mustache', out=wo_nginx) + wo_nginx.close() + + data = dict(phpconf=True if + WOAptGet.is_installed(self, 'php7.2-fpm') + else False) + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/stub_status.conf') + wo_nginx = open('/etc/nginx/conf.d/stub_status.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'stub_status.mustache', out=wo_nginx) + wo_nginx.close() + + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/webp.conf') + wo_nginx = open('/etc/nginx/conf.d/webp.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'webp.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/' + 'map-wp-fastcgi-cache.conf') + wo_nginx = open('/etc/nginx/conf.d/' + 'map-wp-fastcgi-cache.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'map-wp.mustache', + out=wo_nginx) + wo_nginx.close() + + # Setup Nginx common directory + if not os.path.exists('/etc/nginx/common'): + Log.debug(self, 'Creating directory' + '/etc/nginx/common') + os.makedirs('/etc/nginx/common') + + if os.path.exists('/etc/nginx/common'): + data = dict(webroot=WOVariables.wo_webroot) + + # Common Configuration + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/locations-wo.conf') + wo_nginx = open('/etc/nginx/common/locations-wo.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'locations.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsubdir.conf') + wo_nginx = open('/etc/nginx/common/wpsubdir.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsubdir.mustache', + out=wo_nginx) + wo_nginx.close() + + # PHP 7.2 conf + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/php72.conf') + wo_nginx = open('/etc/nginx/common/php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpcommon-php72.conf') + wo_nginx = open('/etc/nginx/common/wpcommon-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpcommon.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpfc-php72.conf') + wo_nginx = open('/etc/nginx/common/wpfc-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpfc.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsc-php72.conf') + wo_nginx = open('/etc/nginx/common/wpsc-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsc.mustache', + out=wo_nginx) + wo_nginx.close() + + # PHP 7.3 conf + if os.path.isdir("/etc/nginx/common"): + data = dict() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/php73.conf') + wo_nginx = open('/etc/nginx/common/php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php7.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpcommon-php73.conf') + wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpcommon-php7.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpfc-php73.conf') + wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpfc-php7.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsc-php73.conf') + wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsc-php7.mustache', + out=wo_nginx) + wo_nginx.close() + + # create redis conf + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() + + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php73.conf') + wo_nginx = open('/etc/nginx/common/redis-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis-php7.mustache', + out=wo_nginx) + wo_nginx.close() + + with open("/etc/nginx/common/release", + "a") as release_file: + release_file.write("v{0}" + .format(WOVariables.wo_version)) + release_file.close() + + # Following files should not be overwrited + + if not os.path.isfile('/etc/nginx/common/acl.conf'): + data = dict(webroot=WOVariables.wo_webroot) + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/acl.conf') + wo_nginx = open('/etc/nginx/common/acl.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'acl.mustache', + out=wo_nginx) + wo_nginx.close() + if not os.path.isfile('/etc/nginx/conf.d/blockips.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/blockips.conf') + wo_nginx = open('/etc/nginx/conf.d/blockips.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'blockips.mustache', out=wo_nginx) + wo_nginx.close() + + if not os.path.isfile('/etc/nginx/conf.d/fastcgi.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/fastcgi.conf') + wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'fastcgi.mustache', out=wo_nginx) + wo_nginx.close() + + # add redis cache format if not already done + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/conf.d" + "/redis.conf")): + with open("/etc/nginx/conf.d/" + "redis.conf", "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local] '\n" + "'$http_host \"$request\" $status" + " $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") + + # Nginx-Plus does not have nginx + # package structure like this + # So creating directories + if not os.path.exists('/etc/nginx/sites-available'): + Log.debug(self, 'Creating directory' + '/etc/nginx/sites-available') + os.makedirs('/etc/nginx/sites-available') + + if not os.path.exists('/etc/nginx/sites-enabled'): + Log.debug(self, 'Creating directory' + '/etc/nginx/sites-available') + os.makedirs('/etc/nginx/sites-enabled') + + # 22222 port settings + if not os.path.isfile("/etc/nginx/sites-available/22222"): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/sites-available/' + '22222') + wo_nginx = open('/etc/nginx/sites-available/22222', + encoding='utf-8', mode='w') + self.app.render((data), '22222.mustache', + out=wo_nginx) + wo_nginx.close() + + passwd = ''.join([random.choice + (string.ascii_letters + string.digits) + for n in range(16)]) + try: + WOShellExec.cmd_exec(self, "printf \"WordOps:" + "$(openssl passwd -crypt " + "{password} 2> /dev/null)\n\"" + "> /etc/nginx/htpasswd-wo " + "2>/dev/null" + .format(password=passwd)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error(self, "Failed to save HTTP Auth") + + # Create Symbolic link for 22222 + WOFileUtils.create_symlink(self, ['/etc/nginx/' + 'sites-available/' + '22222', + '/etc/nginx/' + 'sites-enabled/' + '22222']) + # Create log and cert folder and softlinks + if not os.path.exists('{0}22222/logs' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/logs " + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/logs' + .format(WOVariables.wo_webroot)) + + if not os.path.exists('{0}22222/cert' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/cert" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/cert' + .format(WOVariables.wo_webroot)) + + if not os.path.exists('{0}22222/conf/nginx' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/conf/nginx" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/conf/nginx' + .format(WOVariables.wo_webroot)) + + WOFileUtils.create_symlink(self, ['/var/log/nginx/' + '22222.access.log', + '{0}22222/' + 'logs/access.log' + .format(WOVariables.wo_webroot)] + ) + + WOFileUtils.create_symlink(self, ['/var/log/nginx/' + '22222.error.log', + '{0}22222/' + 'logs/error.log' + .format(WOVariables.wo_webroot)] + ) + + try: + WOShellExec.cmd_exec(self, "openssl genrsa -out " + "{0}22222/cert/22222.key 2048" + .format(WOVariables.wo_webroot)) + WOShellExec.cmd_exec(self, "openssl req -new -batch " + "-subj /commonName=localhost/ " + "-key {0}22222/cert/22222.key " + "-out {0}22222/cert/" + "22222.csr" + .format(WOVariables.wo_webroot)) + + WOFileUtils.mvfile(self, "{0}22222/cert/22222.key" + .format(WOVariables.wo_webroot), + "{0}22222/cert/" + "22222.key.org" + .format(WOVariables.wo_webroot)) + + WOShellExec.cmd_exec(self, "openssl rsa -in " + "{0}22222/cert/" + "22222.key.org -out " + "{0}22222/cert/22222.key" + .format(WOVariables.wo_webroot)) + + WOShellExec.cmd_exec(self, "openssl x509 -req -days " + "3652 -in {0}22222/cert/" + "22222.csr -signkey {0}" + "22222/cert/22222.key -out " + "{0}22222/cert/22222.crt" + .format(WOVariables.wo_webroot)) + + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error( + self, "Failed to generate HTTPS " + "certificate for 22222") + server_ip = requests.get('http://v4.wordops.eu') + + if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' + .format(WOVariables.wo_webroot)): + + with open("/var/www/22222/conf/nginx/" + "ssl.conf", "a") as php_file: + php_file.write("ssl_certificate " + "/var/www/22222/cert/22222.crt;\n" + "ssl_certificate_key " + "/var/www/22222/cert/22222.key;\n") + + # Nginx Configation into GIT + WOGit.add(self, + ["/etc/nginx"], msg="Adding Nginx into Git") + WOService.reload_service(self, 'nginx') + + if set(["nginx"]).issubset(set(apt_packages)): + + print("WordOps backend configuration was successful\n" + "You can access it on : https://{0}:22222" + .format(server_ip)) + print("HTTP Auth User Name: WordOps" + + "\nHTTP Auth Password : {0}".format(passwd)) + WOService.reload_service(self, 'nginx') + else: + self.msg = (self.msg + ["HTTP Auth User " + "Name: WordOps"] + + ["HTTP Auth Password : {0}" + .format(passwd)]) + self.msg = (self.msg + ["WordOps backend is available " + "on https://{0}:22222 " + "or https://{1}:22222" + .format(server_ip.text, + WOVariables.wo_fqdn)]) + else: + WOService.restart_service(self, 'nginx') + + # create nginx configuration for redis + if set(WOVariables.wo_redis).issubset(set(apt_packages)): + if os.path.isdir('/etc/nginx/common'): + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() + + if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): + if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" + "upstream.conf", + "redis"): + with open("/etc/nginx/conf.d/upstream.conf", + "a") as redis_file: + redis_file.write("upstream redis {\n" + " server 127.0.0.1:6379;\n" + " keepalive 10;\n}\n") + + if os.path.isfile("/etc/nginx/nginx.conf"): + if not os.path.isfile("/etc/nginx/conf.d/redis.conf"): + with open("/etc/nginx/conf.d/redis.conf", + "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local]" + " '\n '$http_host" + " \"$request\" " + "$status $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") + + if set(WOVariables.wo_php).issubset(set(apt_packages)): + # Create log directories + if not os.path.exists('/var/log/php/7.2/'): + Log.debug(self, 'Creating directory /var/log/php/7.2/') + os.makedirs('/var/log/php/7.2/') + + # Parse etc/php/7.2/fpm/php.ini + config = configparser.ConfigParser() + Log.debug(self, "configuring php file " + "/etc/php/7.2/fpm/php.ini") + config.read('/etc/php/7.2/fpm/php.ini') + config['PHP']['expose_php'] = 'Off' + config['PHP']['post_max_size'] = '100M' + config['PHP']['upload_max_filesize'] = '100M' + config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' + config['PHP']['max_input_vars'] = '20000' + config['Date']['date.timezone'] = WOVariables.wo_timezone + config['opcache']['opcache.enable'] = '1' + config['opcache']['opcache.interned_strings_buffer'] = '8' + config['opcache']['opcache.max_accelerated_files'] = '10000' + config['opcache']['opcache.memory_consumption'] = '256' + config['opcache']['opcache.save_comments'] = '1' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' + config['opcache']['opcache.validate_timestamps'] = '1' + with open('/etc/php/7.2/fpm/php.ini', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writting php configuration into " + "/etc/php/7.2/fpm/php.ini") + config.write(configfile) + + # Parse /etc/php/7.2/fpm/php-fpm.conf + data = dict(pid="/run/php/php7.2-fpm.pid", + error_log="/var/log/php/7.2/fpm.log", + include="/etc/php/7.2/fpm/pool.d/*.conf") + Log.debug(self, "writting php7.2 configuration into " + "/etc/php/7.2/fpm/php-fpm.conf") + wo_php_fpm = open('/etc/php/7.2/fpm/php-fpm.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) + wo_php_fpm.close() + + # Parse /etc/php/7.2/fpm/pool.d/www.conf + config = configparser.ConfigParser() + config.read_file(codecs.open('/etc/php/7.2/fpm/' + 'pool.d/www.conf', + "r", "utf8")) + config['www']['ping.path'] = '/ping' + config['www']['pm.status_path'] = '/status' + config['www']['pm.max_requests'] = '1500' + config['www']['pm.max_children'] = '50' + config['www']['pm.start_servers'] = '10' + config['www']['pm.min_spare_servers'] = '5' + config['www']['pm.max_spare_servers'] = '15' + config['www']['request_terminate_timeout'] = '300' + config['www']['pm'] = 'ondemand' + config['www']['chdir'] = '/' + config['www']['prefix'] = '/var/run/php' + config['www']['listen'] = 'php72-fpm.sock' + config['www']['listen.mode'] = '0660' + config['www']['listen.backlog'] = '32768' + config['www']['catch_workers_output'] = 'yes' + with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writing PHP 7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/www.conf") + config.write(configfile) + + with open("/etc/php/7.2/fpm/pool.d/www.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("\nphp_admin_value[open_basedir] " + "= \"/var/www/:/usr/share/php/:" + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") + + # Generate /etc/php/7.2/fpm/pool.d/www-two.conf + WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", + "/etc/php/7.2/fpm/pool.d/www-two.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" + "www-two.conf", "[www]", "[www-two]") + config = configparser.ConfigParser() + config.read('/etc/php/7.2/fpm/pool.d/www-two.conf') + config['www-two']['listen'] = 'php72-two-fpm.sock' + with open('/etc/php/7.2/fpm/pool.d/www-two.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/www-two.conf") + config.write(confifile) + + # Generate /etc/php/7.2/fpm/pool.d/debug.conf + WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", + "/etc/php/7.2/fpm/pool.d/debug.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" + "debug.conf", "[www]", "[debug]") + config = configparser.ConfigParser() + config.read('/etc/php/7.2/fpm/pool.d/debug.conf') + config['debug']['listen'] = '127.0.0.1:9172' + config['debug']['rlimit_core'] = 'unlimited' + config['debug']['slowlog'] = '/var/log/php/7.2/slow.log' + config['debug']['request_slowlog_timeout'] = '10s' + with open('/etc/php/7.2/fpm/pool.d/debug.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/debug.conf") + config.write(confifile) + + with open("/etc/php/7.2/fpm/pool.d/debug.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("php_admin_value[xdebug.profiler_output_dir] " + "= /tmp/ \nphp_admin_value[xdebug.profiler_" + "output_name] = cachegrind.out.%p-%H-%R " + "\nphp_admin_flag[xdebug.profiler_enable" + "_trigger] = on \nphp_admin_flag[xdebug." + "profiler_enable] = off\n") + + # Disable xdebug + if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" + " /etc/php/7.2/mods-available/" + "xdebug.ini"): + WOFileUtils.searchreplace(self, "/etc/php/7.2/" + "mods-available/" + "xdebug.ini", + "zend_extension", + ";zend_extension") + + # PHP and Debug pull configuration + if not os.path.exists('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/fpm/status/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)) + open('{0}22222/htdocs/fpm/status/debug72' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + open('{0}22222/htdocs/fpm/status/php72' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + + # Write info.php + if not os.path.exists('{0}22222/htdocs/php/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/php/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) + + with open("{0}22222/htdocs/php/info.php" + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') as myfile: + myfile.write("") + + WOFileUtils.chown(self, "{0}22222" + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, recursive=True) + + WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") + WOService.restart_service(self, 'php7.2-fpm') + + # PHP7.3 configuration + if set(WOVariables.wo_php73).issubset(set(apt_packages)): + # Create log directories + if not os.path.exists('/var/log/php/7.3/'): + Log.debug(self, 'Creating directory /var/log/php/7.3/') + os.makedirs('/var/log/php/7.3/') + + # Parse etc/php/7.3/fpm/php.ini + config = configparser.ConfigParser() + Log.debug(self, "configuring php file /etc/php/7.3/" + "fpm/php.ini") + config.read('/etc/php/7.3/fpm/php.ini') + config['PHP']['expose_php'] = 'Off' + config['PHP']['post_max_size'] = '100M' + config['PHP']['upload_max_filesize'] = '100M' + config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' + config['PHP']['max_input_vars'] = '20000' + config['Date']['date.timezone'] = WOVariables.wo_timezone + config['opcache']['opcache.enable'] = '1' + config['opcache']['opcache.interned_strings_buffer'] = '8' + config['opcache']['opcache.max_accelerated_files'] = '10000' + config['opcache']['opcache.memory_consumption'] = '256' + config['opcache']['opcache.save_comments'] = '1' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' + config['opcache']['opcache.validate_timestamps'] = '1' + with open('/etc/php/7.3/fpm/php.ini', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writting php configuration into " + "/etc/php/7.3/fpm/php.ini") + config.write(configfile) + + # Parse /etc/php/7.3/fpm/php-fpm.conf + data = dict(pid="/run/php/php7.3-fpm.pid", + error_log="/var/log/php7.3-fpm.log", + include="/etc/php/7.3/fpm/pool.d/*.conf") + Log.debug(self, "writting php 7.3 configuration into " + "/etc/php/7.3/fpm/php-fpm.conf") + wo_php_fpm = open('/etc/php/7.3/fpm/php-fpm.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) + wo_php_fpm.close() + + # Parse /etc/php/7.3/fpm/pool.d/www.conf + config = configparser.ConfigParser() + config.read_file(codecs.open('/etc/php/7.3/fpm/' + 'pool.d/www.conf', + "r", "utf8")) + config['www']['ping.path'] = '/ping' + config['www']['pm.status_path'] = '/status' + config['www']['pm.max_requests'] = '1500' + config['www']['pm.max_children'] = '50' + config['www']['pm.start_servers'] = '10' + config['www']['pm.min_spare_servers'] = '5' + config['www']['pm.max_spare_servers'] = '15' + config['www']['request_terminate_timeout'] = '300' + config['www']['pm'] = 'ondemand' + config['www']['chdir'] = '/' + config['www']['prefix'] = '/var/run/php' + config['www']['listen'] = 'php73-fpm.sock' + config['www']['listen.mode'] = '0660' + config['www']['listen.backlog'] = '32768' + config['www']['catch_workers_output'] = 'yes' + with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "writting PHP 7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/www.conf") + config.write(configfile) + + with open("/etc/php/7.3/fpm/pool.d/www.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("\nphp_admin_value[open_basedir] " + "= \"/var/www/:/usr/share/php/:" + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") + + # Generate /etc/php/7.3/fpm/pool.d/www-two.conf + WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", + "/etc/php/7.3/fpm/pool.d/www-two.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" + "www-two.conf", "[www]", "[www-two]") + config = configparser.ConfigParser() + config.read('/etc/php/7.3/fpm/pool.d/www-two.conf') + config['www-two']['listen'] = 'php73-two-fpm.sock' + with open('/etc/php/7.3/fpm/pool.d/www-two.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/www-two.conf") + config.write(confifile) + + # Generate /etc/php/7.3/fpm/pool.d/debug.conf + WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", + "/etc/php/7.3/fpm/pool.d/debug.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" + "debug.conf", "[www]", "[debug]") + config = configparser.ConfigParser() + config.read('/etc/php/7.3/fpm/pool.d/debug.conf') + config['debug']['listen'] = '127.0.0.1:9173' + config['debug']['rlimit_core'] = 'unlimited' + config['debug']['slowlog'] = '/var/log/php/7.3/slow.log' + config['debug']['request_slowlog_timeout'] = '10s' + with open('/etc/php/7.3/fpm/pool.d/debug.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP 7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/debug.conf") + config.write(confifile) + + with open("/etc/php/7.3/fpm/pool.d/debug.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("php_admin_value[xdebug.profiler_output_dir] " + "= /tmp/ \nphp_admin_value[xdebug.profiler_" + "output_name] = cachegrind.out.%p-%H-%R " + "\nphp_admin_flag[xdebug.profiler_enable" + "_trigger] = on \nphp_admin_flag[xdebug." + "profiler_enable] = off\n") + + # Disable xdebug + if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" + " /etc/php/7.3/mods-available" + "/xdebug.ini"): + WOFileUtils.searchreplace(self, "/etc/php/7.3/" + "mods-available/" + "xdebug.ini", + "zend_extension", + ";zend_extension") + + # PHP and Debug pull configuration + if not os.path.exists('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/fpm/status/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)) + open('{0}22222/htdocs/fpm/status/debug73' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + open('{0}22222/htdocs/fpm/status/php73' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + + # Write info.php + if not os.path.exists('{0}22222/htdocs/php/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/php/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) + + with open("{0}22222/htdocs/php/info.php" + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') as myfile: + myfile.write("") + + WOFileUtils.chown(self, "{0}22222" + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, recursive=True) + + WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") + WOService.restart_service(self, 'php7.3-fpm') + + # create mysql config if it doesn't exist + if set(WOVariables.wo_mysql).issubset(set(apt_packages)): + if not os.path.isfile("/etc/mysql/my.cnf"): + config = ("[mysqld]\nwait_timeout = 30\n" + "interactive_timeout=60\nperformance_schema = 0" + "\nquery_cache_type = 1") + config_file = open("/etc/mysql/my.cnf", + encoding='utf-8', mode='w') + config_file.write(config) + config_file.close() + + WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) + WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' + '> /dev/null 2>&1', + comment='MySQL optimization cronjob ' + 'added by WordOps') + WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") + WOService.reload_service(self, 'mysql') + + # create fail2ban configuration files + if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): + if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): + data = dict() + Log.debug(self, "Setting up fail2ban jails configuration") + fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban.mustache', + out=fail2ban_config) + fail2ban_config.close() + + Log.debug(self, "Setting up fail2ban wp filter") + fail2ban_config = open('/etc/fail2ban/filter.d/' + 'wo-wordpress.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban-wp.mustache', + out=fail2ban_config) + fail2ban_config.close() + + Log.debug(self, "Setting up fail2ban wp filter") + fail2ban_config = open('/etc/fail2ban/filter.d/' + 'nginx-forbidden.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban-forbidden.mustache', + out=fail2ban_config) + fail2ban_config.close() + WOGit.add(self, ["/etc/fail2ban"], + msg="Adding Fail2ban into Git") + WOService.reload_service(self, 'fail2ban') + + # Proftpd configuration + if set(["proftpd-basic"]).issubset(set(apt_packages)): + if os.path.isfile("/etc/proftpd/proftpd.conf"): + Log.debug(self, "Setting up Proftpd configuration") + WOFileUtils.searchreplace(self, "/etc/proftpd/" + "proftpd.conf", + "# DefaultRoot", + "DefaultRoot") + WOFileUtils.searchreplace(self, "/etc/proftpd/" + "proftpd.conf", + "# RequireValidShell", + "RequireValidShell") + WOFileUtils.searchreplace(self, "/etc/proftpd/" + "proftpd.conf", + "# PassivePorts " + " " + "49152 65534", + "PassivePorts " + " " + " 49000 50000") + # proftpd TLS configuration + if not os.path.isdir("/etc/proftpd/ssl"): + WOFileUtils.mkdir(self, "/etc/proftpd/ssl") + + try: + WOShellExec.cmd_exec(self, "openssl genrsa -out " + "/etc/proftpd/ssl/proftpd.key 2048") + WOShellExec.cmd_exec(self, "openssl req -new -batch " + "-subj /commonName=localhost/ " + "-key /etc/proftpd/ssl/proftpd.key " + "-out /etc/proftpd/ssl/proftpd.csr") + WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", + "/etc/proftpd/ssl/proftpd.key.org") + WOShellExec.cmd_exec(self, "openssl rsa -in " + "/etc/proftpd/ssl/proftpd.key.org " + "-out /etc/proftpd/ssl/proftpd.key") + WOShellExec.cmd_exec(self, "openssl x509 -req -days " + "3652 -in /etc/proftpd/ssl/proftpd.csr " + "-signkey /etc/proftpd/ssl/proftpd.key " + " -out /etc/proftpd/ssl/proftpd.crt") + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error( + self, "Failed to generate SSL " + "certificate for Proftpd") + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700) + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700) + data = dict() + Log.debug(self, 'Writting the proftpd configuration to ' + 'file /etc/proftpd/tls.conf') + wo_proftpdconf = open('/etc/proftpd/tls.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'proftpd-tls.mustache', + out=wo_proftpdconf) + wo_proftpdconf.close() + WOFileUtils.searchreplace(self, "/etc/proftpd/" + "proftpd.conf", + "#Include /etc/proftpd/tls.conf", + "Include /etc/proftpd/tls.conf") + WOService.restart_service(self, 'proftpd') + + # add rule for proftpd with UFW + if WOAptGet.is_installed(self, 'ufw'): + try: + WOShellExec.cmd_exec(self, "ufw allow " + "49000:50000/tcp") + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error(self, "Unable to add UFW rule") + + if os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): + with open("/etc/fail2ban/jail.d/custom.conf", + encoding='utf-8', mode='a') as f2bproftpd: + f2bproftpd.write("\n\n[proftpd]\nenabled = true\n") + WOService.reload_service(self, 'fail2ban') + + WOGit.add(self, ["/etc/proftpd"], + msg="Adding ProFTPd into Git") + WOService.reload_service(self, 'proftpd') + + if (packages): + if any('/usr/local/bin/wp' == x[1] for x in packages): + Log.debug(self, "Setting Privileges" + " to /usr/local/bin/wp file ") + WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775) + + if any('/var/lib/wo/tmp/pma.tar.gz' == x[1] + for x in packages): + WOExtract.extract( + self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/') + Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to ' + 'location /var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/db' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating new directory " + "{0}22222/htdocs/db" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/db' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/db/pma/' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/phpmyadmin-STABLE/', + '{0}22222/htdocs/db/pma/' + .format(WOVariables.wo_webroot)) + shutil.copyfile('{0}22222/htdocs/db/pma' + '/config.sample.inc.php' + .format(WOVariables.wo_webroot), + '{0}22222/htdocs/db/pma/config.inc.php' + .format(WOVariables.wo_webroot)) + Log.debug(self, 'Setting Blowfish Secret Key ' + 'FOR COOKIE AUTH to ' + '{0}22222/htdocs/db/pma/config.inc.php file ' + .format(WOVariables.wo_webroot)) + blowfish_key = ''.join([random.choice + (string.ascii_letters + + string.digits) + for n in range(25)]) + WOFileUtils.searchreplace(self, + '{0}22222/htdocs/db/pma' + '/config.inc.php' + .format(WOVariables.wo_webroot), + "$cfg[\'blowfish_secret\']" + " = \'\';", + "$cfg[\'blowfish_secret\']" + " = \'{0}\';" + .format(blowfish_key)) + Log.debug(self, 'Setting HOST Server For Mysql to ' + '{0}22222/htdocs/db/pma/config.inc.php file ' + .format(WOVariables.wo_webroot)) + WOFileUtils.searchreplace(self, + '{0}22222/htdocs/db/pma' + '/config.inc.php' + .format(WOVariables.wo_webroot), + "$cfg[\'Servers\'][$i][\'host\']" + " = \'localhost\';", "$cfg" + "[\'Servers\'][$i][\'host\'] = \'{0}\';" + .format(WOVariables.wo_mysql_host)) + Log.debug(self, 'Setting Privileges of webroot permission to ' + '{0}22222/htdocs/db/pma file '.format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222'.format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + + # composer install and phpmyadmin update + if any('/var/lib/wo/tmp/composer-install' == x[1] + for x in packages): + Log.info(self, "Installing composer, please wait...") + WOShellExec.cmd_exec(self, "php -q /var/lib/wo" + "/tmp/composer-install " + "--install-dir=/var/lib/wo/tmp/") + shutil.copyfile('/var/lib/wo/tmp/composer.phar', + '/usr/local/bin/composer') + WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) + Log.info(self, "Updating phpMyAdmin, please wait...") + WOShellExec.cmd_exec(self, "sudo -u www-data -H composer " + "update -n --no-dev -d " + "/var/www/22222/htdocs/db/pma/") + + # netdata install + if any('/var/lib/wo/tmp/kickstart.sh' == x[1] + for x in packages): + if ((not os.path.exists('/opt/netdata')) and + (not os.path.exists('/etc/netdata'))): + Log.info(self, "Installing Netdata, please wait...") + WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/" + "kickstart.sh " + "--dont-wait") + # disable mail notifications + WOFileUtils.searchreplace(self, "/opt/netdata/usr/" + "lib/netdata/conf.d/" + "health_alarm_notify.conf", + 'SEND_EMAIL="YES"', + 'SEND_EMAIL="NO"') + # make changes persistant + WOFileUtils.copyfile(self, "/opt/netdata/usr/" + "lib/netdata/conf.d/" + "health_alarm_notify.conf", + "/opt/netdata/etc/netdata/" + "health_alarm_notify.conf") + # check if mysql credentials are available + if os.path.isfile('/etc/mysql/conf.d/my.cnf'): + try: + WOMysql.execute(self, + "create user " + "'netdata'@'localhost';", + log=False) + WOMysql.execute(self, + "grant usage on *.* to " + "'netdata'@'localhost';", + log=False) + WOMysql.execute(self, + "flush privileges;", + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.info( + self, "fail to setup mysql user for netdata") + WOService.restart_service(self, 'netdata') + + # WordOps Dashboard + if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1] + for x in packages): + if not os.path.isfile('{0}22222/htdocs/index.php' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Extracting wo-dashboard.tar.gz " + "to location {0}22222/htdocs/" + .format(WOVariables.wo_webroot)) + WOExtract.extract(self, '/var/lib/wo/tmp/' + 'wo-dashboard.tar.gz', + '{0}22222/htdocs' + .format(WOVariables.wo_webroot)) + wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " + "grep -oP \"dev [^[:space:]]+ \" " + "| cut -d ' ' -f 2").read() + if (wo_wan != 'eth0' and wo_wan != ''): + WOFileUtils.searchreplace(self, + "{0}22222/htdocs/index.php" + .format(WOVariables.wo_webroot), + "eth0", + "{0}".format(wo_wan)) + Log.debug(self, "Setting Privileges to " + "{0}22222/htdocs" + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + + # Extplorer FileManager + if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1] + for x in packages): + if not os.path.exists('{0}22222/htdocs/files' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Extracting explorer.tar.gz " + "to location {0}22222/htdocs/files" + .format(WOVariables.wo_webroot)) + WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz', + '/var/lib/wo/tmp/') + shutil.move('/var/lib/wo/tmp/extplorer-{0}' + .format(WOVariables.wo_extplorer), + '{0}22222/htdocs/files' + .format(WOVariables.wo_webroot)) + Log.debug(self, "Setting Privileges to " + "{0}22222/htdocs/files" + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + + # webgrind + if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1] + for x in packages): + Log.debug(self, "Extracting file webgrind.tar.gz to " + "location /var/lib/wo/tmp/ ") + WOExtract.extract( + self, '/var/lib/wo/tmp/webgrind.tar.gz', + '/var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directroy " + "{0}22222/htdocs/php" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/php/webgrind' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/webgrind-master/', + '{0}22222/htdocs/php/webgrind' + .format(WOVariables.wo_webroot)) + + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "/usr/local/bin/dot", "/usr/bin/dot") + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "Europe/Copenhagen", + WOVariables.wo_timezone) + + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "90", "100") + + Log.debug(self, "Setting Privileges of webroot permission to " + "{0}22222/htdocs/php/webgrind/ file " + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + # anemometer + if any('/var/lib/wo/tmp/anemometer.tar.gz' == x[1] + for x in packages): + Log.debug(self, "Extracting file anemometer.tar.gz to " + "location /var/lib/wo/tmp/ ") + WOExtract.extract( + self, '/var/lib/wo/tmp/anemometer.tar.gz', + '/var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/db/' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory") + os.makedirs('{0}22222/htdocs/db/' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/db/anemometer' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/Anemometer-master', + '{0}22222/htdocs/db/anemometer' + .format(WOVariables.wo_webroot)) + chars = ''.join(random.sample(string.ascii_letters, 8)) + try: + WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db' + '/anemometer/install.sql' + .format(WOVariables.wo_webroot)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + raise SiteError("Unable to import Anemometer database") + + WOMysql.execute(self, 'grant select on' + ' *.* to \'anemometer\'' + '@\'{0}\' IDENTIFIED' + ' BY \'{1}\''.format(self.app.config.get + ('mysql', + 'grant-host'), + chars)) + Log.debug(self, "grant all on slow-query-log.*" + " to anemometer@root_user" + " IDENTIFIED BY password ") + WOMysql.execute(self, 'grant all on slow_query_log.* to' + '\'anemometer\'@\'{0}\' IDENTIFIED' + ' BY \'{1}\''.format(self.app.config.get( + 'mysql', 'grant-host'), + chars), + errormsg="cannot grant priviledges", + log=False) + + # Custom Anemometer configuration + Log.debug(self, "configration Anemometer") + data = dict(host=WOVariables.wo_mysql_host, port='3306', + user='anemometer', password=chars) + wo_anemometer = open('{0}22222/htdocs/db/anemometer' + '/conf/config.inc.php' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') + self.app.render((data), 'anemometer.mustache', + out=wo_anemometer) + wo_anemometer.close() + + if any('/usr/bin/pt-query-advisor' == x[1] + for x in packages): + WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) + + # phpredisadmin + if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] + for x in packages): + if not os.path.exists('{0}22222/htdocs/cache/' + 'redis/phpRedisAdmin' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating new directory " + "{0}22222/htdocs/cache/redis" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin' + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + if os.path.isfile("/usr/local/bin/composer"): + WOShellExec.cmd_exec(self, "sudo -u www-data -H " + "composer " + "create-project -n -s dev " + "erik-dubbelboer/php-redis-admin " + "/var/www/22222/htdocs/cache" + "/redis/phpRedisAdmin ") + Log.debug(self, 'Setting Privileges of webroot permission to ' + '{0}22222/htdocs/cache/file ' + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 5af52b8..9edad10 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -1,9 +1,8 @@ import os import shutil -from cement.core import handler, hook from cement.core.controller import CementBaseController, expose -from wo.cli.plugins.stack import WOStackController +from cement.core import handler, hook from wo.core.apt_repo import WORepo from wo.core.aptget import WOAptGet from wo.core.download import WODownload @@ -13,6 +12,7 @@ from wo.core.logging import Log from wo.core.services import WOService from wo.core.shellexec import WOShellExec from wo.core.variables import WOVariables +from wo.cli.plugins.stack_pref import post_pref class WOStackUpgradeController(CementBaseController): @@ -86,8 +86,6 @@ class WOStackUpgradeController(CementBaseController): apt_packages = [] packages = [] empty_packages = [] - stack = WOStackController() - stack.app = self.app if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and @@ -192,7 +190,7 @@ class WOStackUpgradeController(CementBaseController): WOAptGet.update(self) # Update packages WOAptGet.install(self, apt_packages) - stack.post_pref(apt_packages, empty_packages) + post_pref(self, apt_packages, empty_packages) # Post Actions after package updates if (set(WOVariables.wo_nginx).issubset(set(apt_packages))): WOService.restart_service(self, 'nginx') From d58d334f8722b44cdfe2f9176f328437e8ef4c69 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 05:11:13 +0200 Subject: [PATCH 06/41] Fix travis non-interactive --- .travis.yml | 4 ++-- CHANGELOG.md | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 3e9437a..b3ca2ea 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,8 +47,8 @@ script: - sudo wo info - sudo cat /etc/nginx/nginx.conf - sudo cat /etc/mysql/my.cnf - - sudo wo stack upgrade --nginx - - sudo wo stack upgrade --php + - sudo wo stack upgrade --nginx --no-prompt + - sudo wo stack upgrade --php --no-prompt - sudo wo stack upgrade --netdata --no-prompt - sudo wo stack upgrade --phpmyadmin --no-prompt - sudo wo stack upgrade --composer --no-prompt diff --git a/CHANGELOG.md b/CHANGELOG.md index ba005be..d5dfb72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +#### Added + +- APT Packages configuration step with `wo stack upgrade` to apply new configurations + +#### Changed + +- Moving package configuration in a new plugin stack_pref.py + ### v3.9.7 - 2019-08-02 #### Added From 316768a934487d74fb016c1d7cc39a823c990741 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 06:57:39 +0200 Subject: [PATCH 07/41] Fix stack pref --- wo/cli/plugins/stack_pref.py | 1 - 1 file changed, 1 deletion(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 9b7a9ed..2667045 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -9,7 +9,6 @@ import re import requests import psutil -# from pynginxconfig import NginxConfig from wo.cli.plugins.site_functions import * from wo.cli.plugins.sitedb import * from wo.cli.plugins.stack_services import WOStackStatusController From 2bdb552a1fbe293956afc684a1923e68c8171c0c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 07:49:08 +0200 Subject: [PATCH 08/41] Fix travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index b3ca2ea..5fc0384 100644 --- a/.travis.yml +++ b/.travis.yml @@ -44,7 +44,7 @@ script: - sudo wo site create 1.com --html && sudo wo site create 2.com --php && sudo wo site create 3.com --mysql - sudo wo site update 1.com --wp && sudo wo site update 2.com --php73 && sudo wo site update 3.com --php73 && sudo wo site update 1.com --wpfc && sudo wo site update 1.com --wpsc && sudo wo site update 1.com --wpredis - sudo wp --allow-root --info - - sudo wo info + - sudo wo info || tail -a /var/log/wo/wordops.log - sudo cat /etc/nginx/nginx.conf - sudo cat /etc/mysql/my.cnf - sudo wo stack upgrade --nginx --no-prompt From dbc2984a31a9424c68855604082684f3473b5128 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 07:49:35 +0200 Subject: [PATCH 09/41] Set back xenial --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 5fc0384..58e4c7e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ sudo: required -dist: bionic +dist: xenial language: bash @@ -44,7 +44,7 @@ script: - sudo wo site create 1.com --html && sudo wo site create 2.com --php && sudo wo site create 3.com --mysql - sudo wo site update 1.com --wp && sudo wo site update 2.com --php73 && sudo wo site update 3.com --php73 && sudo wo site update 1.com --wpfc && sudo wo site update 1.com --wpsc && sudo wo site update 1.com --wpredis - sudo wp --allow-root --info - - sudo wo info || tail -a /var/log/wo/wordops.log + - sudo wo info - sudo cat /etc/nginx/nginx.conf - sudo cat /etc/mysql/my.cnf - sudo wo stack upgrade --nginx --no-prompt From 992174de37badcebe41a4ff90f43c1481b3a229a Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 09:45:08 +0200 Subject: [PATCH 10/41] Reindent stack_pref --- wo/cli/plugins/stack_pref.py | 1156 +++++++++++++++++----------------- 1 file changed, 580 insertions(+), 576 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 2667045..1e71bb2 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -228,241 +228,241 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() - # Setup Nginx common directory - if not os.path.exists('/etc/nginx/common'): - Log.debug(self, 'Creating directory' - '/etc/nginx/common') - os.makedirs('/etc/nginx/common') + # Setup Nginx common directory + if not os.path.exists('/etc/nginx/common'): + Log.debug(self, 'Creating directory' + '/etc/nginx/common') + os.makedirs('/etc/nginx/common') - if os.path.exists('/etc/nginx/common'): - data = dict(webroot=WOVariables.wo_webroot) + if os.path.exists('/etc/nginx/common'): + data = dict(webroot=WOVariables.wo_webroot) - # Common Configuration - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-wo.conf') - wo_nginx = open('/etc/nginx/common/locations-wo.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'locations.mustache', - out=wo_nginx) - wo_nginx.close() + # Common Configuration + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/locations-wo.conf') + wo_nginx = open('/etc/nginx/common/locations-wo.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'locations.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsubdir.conf') - wo_nginx = open('/etc/nginx/common/wpsubdir.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsubdir.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsubdir.conf') + wo_nginx = open('/etc/nginx/common/wpsubdir.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsubdir.mustache', + out=wo_nginx) + wo_nginx.close() - # PHP 7.2 conf - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php72.conf') - wo_nginx = open('/etc/nginx/common/php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php.mustache', - out=wo_nginx) - wo_nginx.close() + # PHP 7.2 conf + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/php72.conf') + wo_nginx = open('/etc/nginx/common/php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpcommon-php72.conf') - wo_nginx = open('/etc/nginx/common/wpcommon-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpcommon-php72.conf') + wo_nginx = open('/etc/nginx/common/wpcommon-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpcommon.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-php72.conf') - wo_nginx = open('/etc/nginx/common/wpfc-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpfc-php72.conf') + wo_nginx = open('/etc/nginx/common/wpfc-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpfc.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-php72.conf') - wo_nginx = open('/etc/nginx/common/wpsc-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsc-php72.conf') + wo_nginx = open('/etc/nginx/common/wpsc-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsc.mustache', + out=wo_nginx) + wo_nginx.close() - # PHP 7.3 conf - if os.path.isdir("/etc/nginx/common"): - data = dict() + # PHP 7.3 conf + if os.path.isdir("/etc/nginx/common"): + data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php73.conf') - wo_nginx = open('/etc/nginx/common/php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php7.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/php73.conf') + wo_nginx = open('/etc/nginx/common/php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php7.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpcommon-php73.conf') - wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon-php7.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpcommon-php73.conf') + wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpcommon-php7.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-php7.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpfc-php73.conf') + wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpfc-php7.mustache', + out=wo_nginx) + wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-php7.mustache', - out=wo_nginx) - wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsc-php73.conf') + wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsc-php7.mustache', + out=wo_nginx) + wo_nginx.close() - # create redis conf - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', - out=wo_nginx) - wo_nginx.close() + # create redis conf + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php73.conf') + wo_nginx = open('/etc/nginx/common/redis-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis-php7.mustache', + out=wo_nginx) + wo_nginx.close() - with open("/etc/nginx/common/release", - "a") as release_file: - release_file.write("v{0}" - .format(WOVariables.wo_version)) - release_file.close() + with open("/etc/nginx/common/release", + "a") as release_file: + release_file.write("v{0}" + .format(WOVariables.wo_version)) + release_file.close() - # Following files should not be overwrited + # Following files should not be overwrited - if not os.path.isfile('/etc/nginx/common/acl.conf'): - data = dict(webroot=WOVariables.wo_webroot) - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/acl.conf') - wo_nginx = open('/etc/nginx/common/acl.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'acl.mustache', - out=wo_nginx) - wo_nginx.close() - if not os.path.isfile('/etc/nginx/conf.d/blockips.conf'): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/blockips.conf') - wo_nginx = open('/etc/nginx/conf.d/blockips.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'blockips.mustache', out=wo_nginx) - wo_nginx.close() + if not os.path.isfile('/etc/nginx/common/acl.conf'): + data = dict(webroot=WOVariables.wo_webroot) + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/acl.conf') + wo_nginx = open('/etc/nginx/common/acl.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'acl.mustache', + out=wo_nginx) + wo_nginx.close() + if not os.path.isfile('/etc/nginx/conf.d/blockips.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/blockips.conf') + wo_nginx = open('/etc/nginx/conf.d/blockips.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'blockips.mustache', out=wo_nginx) + wo_nginx.close() - if not os.path.isfile('/etc/nginx/conf.d/fastcgi.conf'): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/fastcgi.conf') - wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'fastcgi.mustache', out=wo_nginx) - wo_nginx.close() + if not os.path.isfile('/etc/nginx/conf.d/fastcgi.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/fastcgi.conf') + wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'fastcgi.mustache', out=wo_nginx) + wo_nginx.close() - # add redis cache format if not already done - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/conf.d" - "/redis.conf")): - with open("/etc/nginx/conf.d/" - "redis.conf", "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis " - "'$remote_addr " - "$upstream_response_time " - "$srcache_fetch_status " - "[$time_local] '\n" - "'$http_host \"$request\" $status" - " $body_bytes_sent '\n" - "'\"$http_referer\" " - "\"$http_user_agent\"';\n") + # add redis cache format if not already done + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/conf.d" + "/redis.conf")): + with open("/etc/nginx/conf.d/" + "redis.conf", "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local] '\n" + "'$http_host \"$request\" $status" + " $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") # Nginx-Plus does not have nginx # package structure like this # So creating directories - if not os.path.exists('/etc/nginx/sites-available'): - Log.debug(self, 'Creating directory' - '/etc/nginx/sites-available') - os.makedirs('/etc/nginx/sites-available') + if not os.path.exists('/etc/nginx/sites-available'): + Log.debug(self, 'Creating directory' + '/etc/nginx/sites-available') + os.makedirs('/etc/nginx/sites-available') - if not os.path.exists('/etc/nginx/sites-enabled'): - Log.debug(self, 'Creating directory' - '/etc/nginx/sites-available') - os.makedirs('/etc/nginx/sites-enabled') + if not os.path.exists('/etc/nginx/sites-enabled'): + Log.debug(self, 'Creating directory' + '/etc/nginx/sites-available') + os.makedirs('/etc/nginx/sites-enabled') - # 22222 port settings - if not os.path.isfile("/etc/nginx/sites-available/22222"): - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/sites-available/' - '22222') - wo_nginx = open('/etc/nginx/sites-available/22222', - encoding='utf-8', mode='w') - self.app.render((data), '22222.mustache', - out=wo_nginx) - wo_nginx.close() + # 22222 port settings + if not os.path.isfile("/etc/nginx/sites-available/22222"): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/sites-available/' + '22222') + wo_nginx = open('/etc/nginx/sites-available/22222', + encoding='utf-8', mode='w') + self.app.render((data), '22222.mustache', + out=wo_nginx) + wo_nginx.close() - passwd = ''.join([random.choice - (string.ascii_letters + string.digits) - for n in range(16)]) - try: - WOShellExec.cmd_exec(self, "printf \"WordOps:" - "$(openssl passwd -crypt " - "{password} 2> /dev/null)\n\"" - "> /etc/nginx/htpasswd-wo " - "2>/dev/null" - .format(password=passwd)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error(self, "Failed to save HTTP Auth") + passwd = ''.join([random.choice + (string.ascii_letters + string.digits) + for n in range(16)]) + try: + WOShellExec.cmd_exec(self, "printf \"WordOps:" + "$(openssl passwd -crypt " + "{password} 2> /dev/null)\n\"" + "> /etc/nginx/htpasswd-wo " + "2>/dev/null" + .format(password=passwd)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error(self, "Failed to save HTTP Auth") # Create Symbolic link for 22222 - WOFileUtils.create_symlink(self, ['/etc/nginx/' - 'sites-available/' - '22222', - '/etc/nginx/' - 'sites-enabled/' - '22222']) - # Create log and cert folder and softlinks - if not os.path.exists('{0}22222/logs' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/logs " - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/logs' - .format(WOVariables.wo_webroot)) + WOFileUtils.create_symlink(self, ['/etc/nginx/' + 'sites-available/' + '22222', + '/etc/nginx/' + 'sites-enabled/' + '22222']) + # Create log and cert folder and softlinks + if not os.path.exists('{0}22222/logs' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/logs " + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/logs' + .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/cert' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/cert" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/cert' - .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/cert' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/cert" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/cert' + .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/conf/nginx' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory " - "{0}22222/conf/nginx" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/conf/nginx' - .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/conf/nginx' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory " + "{0}22222/conf/nginx" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/conf/nginx' + .format(WOVariables.wo_webroot)) WOFileUtils.create_symlink(self, ['/var/log/nginx/' '22222.access.log', @@ -525,75 +525,74 @@ def post_pref(self, apt_packages, packages): "ssl_certificate_key " "/var/www/22222/cert/22222.key;\n") - # Nginx Configation into GIT - WOGit.add(self, - ["/etc/nginx"], msg="Adding Nginx into Git") - WOService.reload_service(self, 'nginx') + # Nginx Configation into GIT + WOGit.add(self, + ["/etc/nginx"], msg="Adding Nginx into Git") + WOService.reload_service(self, 'nginx') - if set(["nginx"]).issubset(set(apt_packages)): + if set(["nginx"]).issubset(set(apt_packages)): + print("WordOps backend configuration was successful\n" + "You can access it on : https://{0}:22222" + .format(server_ip)) + print("HTTP Auth User Name: WordOps" + + "\nHTTP Auth Password : {0}".format(passwd)) + WOService.reload_service(self, 'nginx') + else: + self.msg = (self.msg + ["HTTP Auth User " + "Name: WordOps"] + + ["HTTP Auth Password : {0}" + .format(passwd)]) + self.msg = (self.msg + ["WordOps backend is available " + "on https://{0}:22222 " + "or https://{1}:22222" + .format(server_ip.text, + WOVariables.wo_fqdn)]) + else: + WOService.restart_service(self, 'nginx') - print("WordOps backend configuration was successful\n" - "You can access it on : https://{0}:22222" - .format(server_ip)) - print("HTTP Auth User Name: WordOps" + - "\nHTTP Auth Password : {0}".format(passwd)) - WOService.reload_service(self, 'nginx') - else: - self.msg = (self.msg + ["HTTP Auth User " - "Name: WordOps"] + - ["HTTP Auth Password : {0}" - .format(passwd)]) - self.msg = (self.msg + ["WordOps backend is available " - "on https://{0}:22222 " - "or https://{1}:22222" - .format(server_ip.text, - WOVariables.wo_fqdn)]) - else: - WOService.restart_service(self, 'nginx') + # create nginx configuration for redis + if set(WOVariables.wo_redis).issubset(set(apt_packages)): + if os.path.isdir('/etc/nginx/common'): + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() - # create nginx configuration for redis - if set(WOVariables.wo_redis).issubset(set(apt_packages)): - if os.path.isdir('/etc/nginx/common'): - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', - out=wo_nginx) - wo_nginx.close() + if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): + if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" + "upstream.conf", + "redis"): + with open("/etc/nginx/conf.d/upstream.conf", + "a") as redis_file: + redis_file.write("upstream redis {\n" + " server 127.0.0.1:6379;\n" + " keepalive 10;\n}\n") - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "upstream.conf", - "redis"): - with open("/etc/nginx/conf.d/upstream.conf", - "a") as redis_file: - redis_file.write("upstream redis {\n" - " server 127.0.0.1:6379;\n" - " keepalive 10;\n}\n") + if os.path.isfile("/etc/nginx/nginx.conf"): + if not os.path.isfile("/etc/nginx/conf.d/redis.conf"): + with open("/etc/nginx/conf.d/redis.conf", + "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local]" + " '\n '$http_host" + " \"$request\" " + "$status $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") - if os.path.isfile("/etc/nginx/nginx.conf"): - if not os.path.isfile("/etc/nginx/conf.d/redis.conf"): - with open("/etc/nginx/conf.d/redis.conf", - "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis " - "'$remote_addr " - "$upstream_response_time " - "$srcache_fetch_status " - "[$time_local]" - " '\n '$http_host" - " \"$request\" " - "$status $body_bytes_sent '\n" - "'\"$http_referer\" " - "\"$http_user_agent\"';\n") - - if set(WOVariables.wo_php).issubset(set(apt_packages)): - # Create log directories - if not os.path.exists('/var/log/php/7.2/'): - Log.debug(self, 'Creating directory /var/log/php/7.2/') - os.makedirs('/var/log/php/7.2/') + if set(WOVariables.wo_php).issubset(set(apt_packages)): + # Create log directories + if not os.path.exists('/var/log/php/7.2/'): + Log.debug(self, 'Creating directory /var/log/php/7.2/') + os.makedirs('/var/log/php/7.2/') # Parse etc/php/7.2/fpm/php.ini config = configparser.ConfigParser() @@ -752,12 +751,12 @@ def post_pref(self, apt_packages, packages): WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") WOService.restart_service(self, 'php7.2-fpm') - # PHP7.3 configuration - if set(WOVariables.wo_php73).issubset(set(apt_packages)): - # Create log directories - if not os.path.exists('/var/log/php/7.3/'): - Log.debug(self, 'Creating directory /var/log/php/7.3/') - os.makedirs('/var/log/php/7.3/') + # PHP7.3 configuration + if set(WOVariables.wo_php73).issubset(set(apt_packages)): + # Create log directories + if not os.path.exists('/var/log/php/7.3/'): + Log.debug(self, 'Creating directory /var/log/php/7.3/') + os.makedirs('/var/log/php/7.3/') # Parse etc/php/7.3/fpm/php.ini config = configparser.ConfigParser() @@ -916,16 +915,16 @@ def post_pref(self, apt_packages, packages): WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") WOService.restart_service(self, 'php7.3-fpm') - # create mysql config if it doesn't exist - if set(WOVariables.wo_mysql).issubset(set(apt_packages)): - if not os.path.isfile("/etc/mysql/my.cnf"): - config = ("[mysqld]\nwait_timeout = 30\n" - "interactive_timeout=60\nperformance_schema = 0" - "\nquery_cache_type = 1") - config_file = open("/etc/mysql/my.cnf", - encoding='utf-8', mode='w') - config_file.write(config) - config_file.close() + # create mysql config if it doesn't exist + if set(WOVariables.wo_mysql).issubset(set(apt_packages)): + if not os.path.isfile("/etc/mysql/my.cnf"): + config = ("[mysqld]\nwait_timeout = 30\n" + "interactive_timeout=60\nperformance_schema = 0" + "\nquery_cache_type = 1") + config_file = open("/etc/mysql/my.cnf", + encoding='utf-8', mode='w') + config_file.write(config) + config_file.close() WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' @@ -935,32 +934,32 @@ def post_pref(self, apt_packages, packages): WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") WOService.reload_service(self, 'mysql') - # create fail2ban configuration files - if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): - if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): - data = dict() - Log.debug(self, "Setting up fail2ban jails configuration") - fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban.mustache', - out=fail2ban_config) - fail2ban_config.close() + # create fail2ban configuration files + if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): + if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): + data = dict() + Log.debug(self, "Setting up fail2ban jails configuration") + fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban.mustache', + out=fail2ban_config) + fail2ban_config.close() - Log.debug(self, "Setting up fail2ban wp filter") - fail2ban_config = open('/etc/fail2ban/filter.d/' - 'wo-wordpress.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban-wp.mustache', - out=fail2ban_config) - fail2ban_config.close() + Log.debug(self, "Setting up fail2ban wp filter") + fail2ban_config = open('/etc/fail2ban/filter.d/' + 'wo-wordpress.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban-wp.mustache', + out=fail2ban_config) + fail2ban_config.close() - Log.debug(self, "Setting up fail2ban wp filter") - fail2ban_config = open('/etc/fail2ban/filter.d/' - 'nginx-forbidden.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'fail2ban-forbidden.mustache', - out=fail2ban_config) - fail2ban_config.close() + Log.debug(self, "Setting up fail2ban wp filter") + fail2ban_config = open('/etc/fail2ban/filter.d/' + 'nginx-forbidden.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'fail2ban-forbidden.mustache', + out=fail2ban_config) + fail2ban_config.close() WOGit.add(self, ["/etc/fail2ban"], msg="Adding Fail2ban into Git") WOService.reload_service(self, 'fail2ban') @@ -1045,63 +1044,63 @@ def post_pref(self, apt_packages, packages): msg="Adding ProFTPd into Git") WOService.reload_service(self, 'proftpd') - if (packages): - if any('/usr/local/bin/wp' == x[1] for x in packages): - Log.debug(self, "Setting Privileges" - " to /usr/local/bin/wp file ") - WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775) + if (packages): + if any('/usr/local/bin/wp' == x[1] for x in packages): + Log.debug(self, "Setting Privileges" + " to /usr/local/bin/wp file ") + WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775) - if any('/var/lib/wo/tmp/pma.tar.gz' == x[1] - for x in packages): - WOExtract.extract( - self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/') - Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to ' - 'location /var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/db' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating new directory " - "{0}22222/htdocs/db" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/db' + if any('/var/lib/wo/tmp/pma.tar.gz' == x[1] + for x in packages): + WOExtract.extract( + self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/') + Log.debug(self, 'Extracting file /var/lib/wo/tmp/pma.tar.gz to ' + 'location /var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/db' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating new directory " + "{0}22222/htdocs/db" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/db' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/db/pma/' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/phpmyadmin-STABLE/', + '{0}22222/htdocs/db/pma/' + .format(WOVariables.wo_webroot)) + shutil.copyfile('{0}22222/htdocs/db/pma' + '/config.sample.inc.php' + .format(WOVariables.wo_webroot), + '{0}22222/htdocs/db/pma/config.inc.php' .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/db/pma/' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/phpmyadmin-STABLE/', - '{0}22222/htdocs/db/pma/' - .format(WOVariables.wo_webroot)) - shutil.copyfile('{0}22222/htdocs/db/pma' - '/config.sample.inc.php' - .format(WOVariables.wo_webroot), - '{0}22222/htdocs/db/pma/config.inc.php' - .format(WOVariables.wo_webroot)) - Log.debug(self, 'Setting Blowfish Secret Key ' - 'FOR COOKIE AUTH to ' - '{0}22222/htdocs/db/pma/config.inc.php file ' - .format(WOVariables.wo_webroot)) - blowfish_key = ''.join([random.choice - (string.ascii_letters + - string.digits) - for n in range(25)]) - WOFileUtils.searchreplace(self, - '{0}22222/htdocs/db/pma' - '/config.inc.php' - .format(WOVariables.wo_webroot), - "$cfg[\'blowfish_secret\']" - " = \'\';", - "$cfg[\'blowfish_secret\']" - " = \'{0}\';" - .format(blowfish_key)) - Log.debug(self, 'Setting HOST Server For Mysql to ' - '{0}22222/htdocs/db/pma/config.inc.php file ' - .format(WOVariables.wo_webroot)) - WOFileUtils.searchreplace(self, - '{0}22222/htdocs/db/pma' - '/config.inc.php' - .format(WOVariables.wo_webroot), - "$cfg[\'Servers\'][$i][\'host\']" - " = \'localhost\';", "$cfg" - "[\'Servers\'][$i][\'host\'] = \'{0}\';" - .format(WOVariables.wo_mysql_host)) + Log.debug(self, 'Setting Blowfish Secret Key ' + 'FOR COOKIE AUTH to ' + '{0}22222/htdocs/db/pma/config.inc.php file ' + .format(WOVariables.wo_webroot)) + blowfish_key = ''.join([random.choice + (string.ascii_letters + + string.digits) + for n in range(25)]) + WOFileUtils.searchreplace(self, + '{0}22222/htdocs/db/pma' + '/config.inc.php' + .format(WOVariables.wo_webroot), + "$cfg[\'blowfish_secret\']" + " = \'\';", + "$cfg[\'blowfish_secret\']" + " = \'{0}\';" + .format(blowfish_key)) + Log.debug(self, 'Setting HOST Server For Mysql to ' + '{0}22222/htdocs/db/pma/config.inc.php file ' + .format(WOVariables.wo_webroot)) + WOFileUtils.searchreplace(self, + '{0}22222/htdocs/db/pma' + '/config.inc.php' + .format(WOVariables.wo_webroot), + "$cfg[\'Servers\'][$i][\'host\']" + " = \'localhost\';", "$cfg" + "[\'Servers\'][$i][\'host\'] = \'{0}\';" + .format(WOVariables.wo_mysql_host)) Log.debug(self, 'Setting Privileges of webroot permission to ' '{0}22222/htdocs/db/pma file '.format(WOVariables.wo_webroot)) WOFileUtils.chown(self, '{0}22222'.format(WOVariables.wo_webroot), @@ -1109,74 +1108,79 @@ def post_pref(self, apt_packages, packages): WOVariables.wo_php_user, recursive=True) - # composer install and phpmyadmin update - if any('/var/lib/wo/tmp/composer-install' == x[1] - for x in packages): - Log.info(self, "Installing composer, please wait...") - WOShellExec.cmd_exec(self, "php -q /var/lib/wo" - "/tmp/composer-install " - "--install-dir=/var/lib/wo/tmp/") - shutil.copyfile('/var/lib/wo/tmp/composer.phar', - '/usr/local/bin/composer') - WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) - Log.info(self, "Updating phpMyAdmin, please wait...") - WOShellExec.cmd_exec(self, "sudo -u www-data -H composer " - "update -n --no-dev -d " - "/var/www/22222/htdocs/db/pma/") + # composer install and phpmyadmin update + if any('/var/lib/wo/tmp/composer-install' == x[1] + for x in packages): + Log.info(self, "Installing composer, please wait...") + WOShellExec.cmd_exec(self, "php -q /var/lib/wo" + "/tmp/composer-install " + "--install-dir=/var/lib/wo/tmp/") + shutil.copyfile('/var/lib/wo/tmp/composer.phar', + '/usr/local/bin/composer') + WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) + Log.info(self, "Updating phpMyAdmin, please wait...") + WOShellExec.cmd_exec(self, "/usr/local/bin/composer update --no-plugins --no-scripts " + "-n --no-dev -d " + "/var/www/22222/htdocs/db/pma/") + WOFileUtils.chown(self, '{0}22222/htdocs/db/pma' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) - # netdata install - if any('/var/lib/wo/tmp/kickstart.sh' == x[1] - for x in packages): - if ((not os.path.exists('/opt/netdata')) and - (not os.path.exists('/etc/netdata'))): - Log.info(self, "Installing Netdata, please wait...") - WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/" - "kickstart.sh " - "--dont-wait") - # disable mail notifications - WOFileUtils.searchreplace(self, "/opt/netdata/usr/" - "lib/netdata/conf.d/" - "health_alarm_notify.conf", - 'SEND_EMAIL="YES"', - 'SEND_EMAIL="NO"') - # make changes persistant - WOFileUtils.copyfile(self, "/opt/netdata/usr/" - "lib/netdata/conf.d/" - "health_alarm_notify.conf", - "/opt/netdata/etc/netdata/" - "health_alarm_notify.conf") - # check if mysql credentials are available - if os.path.isfile('/etc/mysql/conf.d/my.cnf'): - try: - WOMysql.execute(self, - "create user " - "'netdata'@'localhost';", - log=False) - WOMysql.execute(self, - "grant usage on *.* to " - "'netdata'@'localhost';", - log=False) - WOMysql.execute(self, - "flush privileges;", - log=False) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.info( - self, "fail to setup mysql user for netdata") - WOService.restart_service(self, 'netdata') + # netdata install + if any('/var/lib/wo/tmp/kickstart.sh' == x[1] + for x in packages): + if ((not os.path.exists('/opt/netdata')) and + (not os.path.exists('/etc/netdata'))): + Log.info(self, "Installing Netdata, please wait...") + WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/" + "kickstart.sh " + "--dont-wait") + # disable mail notifications + WOFileUtils.searchreplace(self, "/opt/netdata/usr/" + "lib/netdata/conf.d/" + "health_alarm_notify.conf", + 'SEND_EMAIL="YES"', + 'SEND_EMAIL="NO"') + # make changes persistant + WOFileUtils.copyfile(self, "/opt/netdata/usr/" + "lib/netdata/conf.d/" + "health_alarm_notify.conf", + "/opt/netdata/etc/netdata/" + "health_alarm_notify.conf") + # check if mysql credentials are available + if os.path.isfile('/etc/mysql/conf.d/my.cnf'): + try: + WOMysql.execute(self, + "create user " + "'netdata'@'localhost';", + log=False) + WOMysql.execute(self, + "grant usage on *.* to " + "'netdata'@'localhost';", + log=False) + WOMysql.execute(self, + "flush privileges;", + log=False) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.info( + self, "fail to setup mysql user for netdata") + WOService.restart_service(self, 'netdata') - # WordOps Dashboard - if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1] - for x in packages): - if not os.path.isfile('{0}22222/htdocs/index.php' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Extracting wo-dashboard.tar.gz " - "to location {0}22222/htdocs/" - .format(WOVariables.wo_webroot)) - WOExtract.extract(self, '/var/lib/wo/tmp/' - 'wo-dashboard.tar.gz', - '{0}22222/htdocs' - .format(WOVariables.wo_webroot)) + # WordOps Dashboard + if any('/var/lib/wo/tmp/wo-dashboard.tar.gz' == x[1] + for x in packages): + if not os.path.isfile('{0}22222/htdocs/index.php' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Extracting wo-dashboard.tar.gz " + "to location {0}22222/htdocs/" + .format(WOVariables.wo_webroot)) + WOExtract.extract(self, '/var/lib/wo/tmp/' + 'wo-dashboard.tar.gz', + '{0}22222/htdocs' + .format(WOVariables.wo_webroot)) wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " "grep -oP \"dev [^[:space:]]+ \" " "| cut -d ' ' -f 2").read() @@ -1195,162 +1199,162 @@ def post_pref(self, apt_packages, packages): WOVariables.wo_php_user, recursive=True) - # Extplorer FileManager - if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1] - for x in packages): - if not os.path.exists('{0}22222/htdocs/files' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Extracting explorer.tar.gz " - "to location {0}22222/htdocs/files" - .format(WOVariables.wo_webroot)) - WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz', - '/var/lib/wo/tmp/') - shutil.move('/var/lib/wo/tmp/extplorer-{0}' - .format(WOVariables.wo_extplorer), - '{0}22222/htdocs/files' - .format(WOVariables.wo_webroot)) - Log.debug(self, "Setting Privileges to " - "{0}22222/htdocs/files" - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - - # webgrind - if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1] - for x in packages): - Log.debug(self, "Extracting file webgrind.tar.gz to " - "location /var/lib/wo/tmp/ ") - WOExtract.extract( - self, '/var/lib/wo/tmp/webgrind.tar.gz', - '/var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directroy " - "{0}22222/htdocs/php" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/php/webgrind' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/webgrind-master/', - '{0}22222/htdocs/php/webgrind' - .format(WOVariables.wo_webroot)) - - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "/usr/local/bin/dot", "/usr/bin/dot") - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "Europe/Copenhagen", - WOVariables.wo_timezone) - - WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" - "config.php" - .format(WOVariables.wo_webroot), - "90", "100") - - Log.debug(self, "Setting Privileges of webroot permission to " - "{0}22222/htdocs/php/webgrind/ file " + # Extplorer FileManager + if any('/var/lib/wo/tmp/extplorer.tar.gz' == x[1] + for x in packages): + if not os.path.exists('{0}22222/htdocs/files' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Extracting explorer.tar.gz " + "to location {0}22222/htdocs/files" + .format(WOVariables.wo_webroot)) + WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz', + '/var/lib/wo/tmp/') + shutil.move('/var/lib/wo/tmp/extplorer-{0}' + .format(WOVariables.wo_extplorer), + '{0}22222/htdocs/files' + .format(WOVariables.wo_webroot)) + Log.debug(self, "Setting Privileges to " + "{0}22222/htdocs/files" .format(WOVariables.wo_webroot)) WOFileUtils.chown(self, '{0}22222' .format(WOVariables.wo_webroot), WOVariables.wo_php_user, WOVariables.wo_php_user, recursive=True) - # anemometer - if any('/var/lib/wo/tmp/anemometer.tar.gz' == x[1] - for x in packages): - Log.debug(self, "Extracting file anemometer.tar.gz to " - "location /var/lib/wo/tmp/ ") - WOExtract.extract( - self, '/var/lib/wo/tmp/anemometer.tar.gz', - '/var/lib/wo/tmp/') - if not os.path.exists('{0}22222/htdocs/db/' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating directory") - os.makedirs('{0}22222/htdocs/db/' - .format(WOVariables.wo_webroot)) - if not os.path.exists('{0}22222/htdocs/db/anemometer' - .format(WOVariables.wo_webroot)): - shutil.move('/var/lib/wo/tmp/Anemometer-master', - '{0}22222/htdocs/db/anemometer' - .format(WOVariables.wo_webroot)) - chars = ''.join(random.sample(string.ascii_letters, 8)) - try: - WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db' - '/anemometer/install.sql' - .format(WOVariables.wo_webroot)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - raise SiteError("Unable to import Anemometer database") - WOMysql.execute(self, 'grant select on' - ' *.* to \'anemometer\'' - '@\'{0}\' IDENTIFIED' - ' BY \'{1}\''.format(self.app.config.get - ('mysql', - 'grant-host'), - chars)) - Log.debug(self, "grant all on slow-query-log.*" - " to anemometer@root_user" - " IDENTIFIED BY password ") - WOMysql.execute(self, 'grant all on slow_query_log.* to' - '\'anemometer\'@\'{0}\' IDENTIFIED' - ' BY \'{1}\''.format(self.app.config.get( - 'mysql', 'grant-host'), - chars), - errormsg="cannot grant priviledges", - log=False) - - # Custom Anemometer configuration - Log.debug(self, "configration Anemometer") - data = dict(host=WOVariables.wo_mysql_host, port='3306', - user='anemometer', password=chars) - wo_anemometer = open('{0}22222/htdocs/db/anemometer' - '/conf/config.inc.php' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') - self.app.render((data), 'anemometer.mustache', - out=wo_anemometer) - wo_anemometer.close() - - if any('/usr/bin/pt-query-advisor' == x[1] - for x in packages): - WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) - - # phpredisadmin - if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] - for x in packages): - if not os.path.exists('{0}22222/htdocs/cache/' - 'redis/phpRedisAdmin' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Creating new directory " - "{0}22222/htdocs/cache/redis" - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin' - .format(WOVariables.wo_webroot)) - WOFileUtils.chown(self, '{0}22222' - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, - recursive=True) - if os.path.isfile("/usr/local/bin/composer"): - WOShellExec.cmd_exec(self, "sudo -u www-data -H " - "composer " - "create-project -n -s dev " - "erik-dubbelboer/php-redis-admin " - "/var/www/22222/htdocs/cache" - "/redis/phpRedisAdmin ") - Log.debug(self, 'Setting Privileges of webroot permission to ' - '{0}22222/htdocs/cache/file ' + # webgrind + if any('/var/lib/wo/tmp/webgrind.tar.gz' == x[1] + for x in packages): + Log.debug(self, "Extracting file webgrind.tar.gz to " + "location /var/lib/wo/tmp/ ") + WOExtract.extract( + self, '/var/lib/wo/tmp/webgrind.tar.gz', + '/var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directroy " + "{0}22222/htdocs/php" .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/php/webgrind' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/webgrind-master/', + '{0}22222/htdocs/php/webgrind' + .format(WOVariables.wo_webroot)) + + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "/usr/local/bin/dot", "/usr/bin/dot") + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "Europe/Copenhagen", + WOVariables.wo_timezone) + + WOFileUtils.searchreplace(self, "{0}22222/htdocs/php/webgrind/" + "config.php" + .format(WOVariables.wo_webroot), + "90", "100") + + Log.debug(self, "Setting Privileges of webroot permission to " + "{0}22222/htdocs/php/webgrind/ file " + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) + # anemometer + if any('/var/lib/wo/tmp/anemometer.tar.gz' == x[1] + for x in packages): + Log.debug(self, "Extracting file anemometer.tar.gz to " + "location /var/lib/wo/tmp/ ") + WOExtract.extract( + self, '/var/lib/wo/tmp/anemometer.tar.gz', + '/var/lib/wo/tmp/') + if not os.path.exists('{0}22222/htdocs/db/' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating directory") + os.makedirs('{0}22222/htdocs/db/' + .format(WOVariables.wo_webroot)) + if not os.path.exists('{0}22222/htdocs/db/anemometer' + .format(WOVariables.wo_webroot)): + shutil.move('/var/lib/wo/tmp/Anemometer-master', + '{0}22222/htdocs/db/anemometer' + .format(WOVariables.wo_webroot)) + chars = ''.join(random.sample(string.ascii_letters, 8)) + try: + WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db' + '/anemometer/install.sql' + .format(WOVariables.wo_webroot)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + raise SiteError("Unable to import Anemometer database") + + WOMysql.execute(self, 'grant select on' + ' *.* to \'anemometer\'' + '@\'{0}\' IDENTIFIED' + ' BY \'{1}\''.format(self.app.config.get + ('mysql', + 'grant-host'), + chars)) + Log.debug(self, "grant all on slow-query-log.*" + " to anemometer@root_user" + " IDENTIFIED BY password ") + WOMysql.execute(self, 'grant all on slow_query_log.* to' + '\'anemometer\'@\'{0}\' IDENTIFIED' + ' BY \'{1}\''.format(self.app.config.get( + 'mysql', 'grant-host'), + chars), + errormsg="cannot grant priviledges", + log=False) + + # Custom Anemometer configuration + Log.debug(self, "configration Anemometer") + data = dict(host=WOVariables.wo_mysql_host, port='3306', + user='anemometer', password=chars) + wo_anemometer = open('{0}22222/htdocs/db/anemometer' + '/conf/config.inc.php' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') + self.app.render((data), 'anemometer.mustache', + out=wo_anemometer) + wo_anemometer.close() + + if any('/usr/bin/pt-query-advisor' == x[1] + for x in packages): + WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) + + # phpredisadmin + if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] + for x in packages): + if not os.path.exists('{0}22222/htdocs/cache/' + 'redis/phpRedisAdmin' + .format(WOVariables.wo_webroot)): + Log.debug(self, "Creating new directory " + "{0}22222/htdocs/cache/redis" + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/cache/redis/phpRedisAdmin' + .format(WOVariables.wo_webroot)) WOFileUtils.chown(self, '{0}22222' .format(WOVariables.wo_webroot), WOVariables.wo_php_user, WOVariables.wo_php_user, recursive=True) + if os.path.isfile("/usr/local/bin/composer"): + WOShellExec.cmd_exec(self, "sudo -u www-data -H " + "composer " + "create-project -n -s dev " + "erik-dubbelboer/php-redis-admin " + "/var/www/22222/htdocs/cache" + "/redis/phpRedisAdmin ") + Log.debug(self, 'Setting Privileges of webroot permission to ' + '{0}22222/htdocs/cache/file ' + .format(WOVariables.wo_webroot)) + WOFileUtils.chown(self, '{0}22222' + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, + recursive=True) From e84fed489edb1c44b54ffaf70d729e8686fbc1f6 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 11:46:45 +0200 Subject: [PATCH 11/41] Another fix for stack_pref --- wo/cli/plugins/stack_pref.py | 40 +++++++++++++++--------------------- 1 file changed, 17 insertions(+), 23 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 1e71bb2..01b3642 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -1,22 +1,16 @@ import codecs import configparser import os -import pwd import random import shutil import string -import re import requests -import psutil from wo.cli.plugins.site_functions import * -from wo.cli.plugins.sitedb import * from wo.cli.plugins.stack_services import WOStackStatusController -from wo.core.addswap import WOSwap from wo.core.apt_repo import WORepo from wo.core.aptget import WOAptGet from wo.core.cron import WOCron -from wo.core.download import WODownload from wo.core.extract import WOExtract from wo.core.fileutils import WOFileUtils from wo.core.git import WOGit @@ -530,23 +524,23 @@ def post_pref(self, apt_packages, packages): ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') - if set(["nginx"]).issubset(set(apt_packages)): - print("WordOps backend configuration was successful\n" - "You can access it on : https://{0}:22222" - .format(server_ip)) - print("HTTP Auth User Name: WordOps" + - "\nHTTP Auth Password : {0}".format(passwd)) - WOService.reload_service(self, 'nginx') - else: - self.msg = (self.msg + ["HTTP Auth User " - "Name: WordOps"] + - ["HTTP Auth Password : {0}" - .format(passwd)]) - self.msg = (self.msg + ["WordOps backend is available " - "on https://{0}:22222 " - "or https://{1}:22222" - .format(server_ip.text, - WOVariables.wo_fqdn)]) + if set(["nginx"]).issubset(set(apt_packages)): + print("WordOps backend configuration was successful\n" + "You can access it on : https://{0}:22222" + .format(server_ip)) + print("HTTP Auth User Name: WordOps" + + "\nHTTP Auth Password : {0}".format(passwd)) + WOService.reload_service(self, 'nginx') + else: + self.msg = (self.msg + ["HTTP Auth User " + "Name: WordOps"] + + ["HTTP Auth Password : {0}" + .format(passwd)]) + self.msg = (self.msg + ["WordOps backend is available " + "on https://{0}:22222 " + "or https://{1}:22222" + .format(server_ip.text, + WOVariables.wo_fqdn)]) else: WOService.restart_service(self, 'nginx') From 915b3f41f813032fa6e7a2f21c7e90beb6f6bbf0 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 12:25:00 +0200 Subject: [PATCH 12/41] Fix php upgrade --- CHANGELOG.md | 1 + wo/cli/plugins/stack_pref.py | 574 +++++++++++++++++------------------ 2 files changed, 288 insertions(+), 287 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d5dfb72..6e12027 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), #### Changed - Moving package configuration in a new plugin stack_pref.py +- Set WordOps backend password length from 16 to 24 ### v3.9.7 - 2019-08-02 diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 01b3642..23d652a 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -412,16 +412,16 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() - passwd = ''.join([random.choice - (string.ascii_letters + string.digits) - for n in range(16)]) + randompass = ''.join([random.choice + (string.ascii_letters + string.digits) + for n in range(24)]) try: WOShellExec.cmd_exec(self, "printf \"WordOps:" "$(openssl passwd -crypt " "{password} 2> /dev/null)\n\"" "> /etc/nginx/htpasswd-wo " "2>/dev/null" - .format(password=passwd)) + .format(password=randompass)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) Log.error(self, "Failed to save HTTP Auth") @@ -589,161 +589,161 @@ def post_pref(self, apt_packages, packages): os.makedirs('/var/log/php/7.2/') # Parse etc/php/7.2/fpm/php.ini - config = configparser.ConfigParser() - Log.debug(self, "configuring php file " + config = configparser.ConfigParser() + Log.debug(self, "configuring php file " + "/etc/php/7.2/fpm/php.ini") + config.read('/etc/php/7.2/fpm/php.ini') + config['PHP']['expose_php'] = 'Off' + config['PHP']['post_max_size'] = '100M' + config['PHP']['upload_max_filesize'] = '100M' + config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' + config['PHP']['max_input_vars'] = '20000' + config['Date']['date.timezone'] = WOVariables.wo_timezone + config['opcache']['opcache.enable'] = '1' + config['opcache']['opcache.interned_strings_buffer'] = '8' + config['opcache']['opcache.max_accelerated_files'] = '10000' + config['opcache']['opcache.memory_consumption'] = '256' + config['opcache']['opcache.save_comments'] = '1' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' + config['opcache']['opcache.validate_timestamps'] = '1' + with open('/etc/php/7.2/fpm/php.ini', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writting php configuration into " "/etc/php/7.2/fpm/php.ini") - config.read('/etc/php/7.2/fpm/php.ini') - config['PHP']['expose_php'] = 'Off' - config['PHP']['post_max_size'] = '100M' - config['PHP']['upload_max_filesize'] = '100M' - config['PHP']['max_execution_time'] = '300' - config['PHP']['max_input_time'] = '300' - config['PHP']['max_input_vars'] = '20000' - config['Date']['date.timezone'] = WOVariables.wo_timezone - config['opcache']['opcache.enable'] = '1' - config['opcache']['opcache.interned_strings_buffer'] = '8' - config['opcache']['opcache.max_accelerated_files'] = '10000' - config['opcache']['opcache.memory_consumption'] = '256' - config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '5' - config['opcache']['opcache.consistency_checks'] = '0' - config['opcache']['opcache.validate_timestamps'] = '1' - with open('/etc/php/7.2/fpm/php.ini', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writting php configuration into " - "/etc/php/7.2/fpm/php.ini") - config.write(configfile) + config.write(configfile) - # Parse /etc/php/7.2/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.2-fpm.pid", - error_log="/var/log/php/7.2/fpm.log", + # Parse /etc/php/7.2/fpm/php-fpm.conf + data = dict(pid="/run/php/php7.2-fpm.pid", + error_log="/var/log/php/7.2/fpm.log", include="/etc/php/7.2/fpm/pool.d/*.conf") - Log.debug(self, "writting php7.2 configuration into " - "/etc/php/7.2/fpm/php-fpm.conf") - wo_php_fpm = open('/etc/php/7.2/fpm/php-fpm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) - wo_php_fpm.close() + Log.debug(self, "writting php7.2 configuration into " + "/etc/php/7.2/fpm/php-fpm.conf") + wo_php_fpm = open('/etc/php/7.2/fpm/php-fpm.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) + wo_php_fpm.close() - # Parse /etc/php/7.2/fpm/pool.d/www.conf - config = configparser.ConfigParser() - config.read_file(codecs.open('/etc/php/7.2/fpm/' - 'pool.d/www.conf', - "r", "utf8")) - config['www']['ping.path'] = '/ping' - config['www']['pm.status_path'] = '/status' - config['www']['pm.max_requests'] = '1500' - config['www']['pm.max_children'] = '50' - config['www']['pm.start_servers'] = '10' - config['www']['pm.min_spare_servers'] = '5' - config['www']['pm.max_spare_servers'] = '15' - config['www']['request_terminate_timeout'] = '300' - config['www']['pm'] = 'ondemand' - config['www']['chdir'] = '/' - config['www']['prefix'] = '/var/run/php' - config['www']['listen'] = 'php72-fpm.sock' - config['www']['listen.mode'] = '0660' - config['www']['listen.backlog'] = '32768' - config['www']['catch_workers_output'] = 'yes' - with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writing PHP 7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/www.conf") - config.write(configfile) + # Parse /etc/php/7.2/fpm/pool.d/www.conf + config = configparser.ConfigParser() + config.read_file(codecs.open('/etc/php/7.2/fpm/' + 'pool.d/www.conf', + "r", "utf8")) + config['www']['ping.path'] = '/ping' + config['www']['pm.status_path'] = '/status' + config['www']['pm.max_requests'] = '1500' + config['www']['pm.max_children'] = '50' + config['www']['pm.start_servers'] = '10' + config['www']['pm.min_spare_servers'] = '5' + config['www']['pm.max_spare_servers'] = '15' + config['www']['request_terminate_timeout'] = '300' + config['www']['pm'] = 'ondemand' + config['www']['chdir'] = '/' + config['www']['prefix'] = '/var/run/php' + config['www']['listen'] = 'php72-fpm.sock' + config['www']['listen.mode'] = '0660' + config['www']['listen.backlog'] = '32768' + config['www']['catch_workers_output'] = 'yes' + with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writing PHP 7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/www.conf") + config.write(configfile) - with open("/etc/php/7.2/fpm/pool.d/www.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("\nphp_admin_value[open_basedir] " - "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/:" - "/dev/shm:/dev/urandom\"\n") + with open("/etc/php/7.2/fpm/pool.d/www.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("\nphp_admin_value[open_basedir] " + "= \"/var/www/:/usr/share/php/:" + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") - # Generate /etc/php/7.2/fpm/pool.d/www-two.conf - WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", - "/etc/php/7.2/fpm/pool.d/www-two.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" - "www-two.conf", "[www]", "[www-two]") - config = configparser.ConfigParser() - config.read('/etc/php/7.2/fpm/pool.d/www-two.conf') - config['www-two']['listen'] = 'php72-two-fpm.sock' - with open('/etc/php/7.2/fpm/pool.d/www-two.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/www-two.conf") - config.write(confifile) + # Generate /etc/php/7.2/fpm/pool.d/www-two.conf + WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", + "/etc/php/7.2/fpm/pool.d/www-two.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" + "www-two.conf", "[www]", "[www-two]") + config = configparser.ConfigParser() + config.read('/etc/php/7.2/fpm/pool.d/www-two.conf') + config['www-two']['listen'] = 'php72-two-fpm.sock' + with open('/etc/php/7.2/fpm/pool.d/www-two.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/www-two.conf") + config.write(confifile) - # Generate /etc/php/7.2/fpm/pool.d/debug.conf - WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", - "/etc/php/7.2/fpm/pool.d/debug.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" - "debug.conf", "[www]", "[debug]") - config = configparser.ConfigParser() - config.read('/etc/php/7.2/fpm/pool.d/debug.conf') - config['debug']['listen'] = '127.0.0.1:9172' - config['debug']['rlimit_core'] = 'unlimited' - config['debug']['slowlog'] = '/var/log/php/7.2/slow.log' - config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/php/7.2/fpm/pool.d/debug.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.2 configuration into " - "/etc/php/7.2/fpm/pool.d/debug.conf") - config.write(confifile) + # Generate /etc/php/7.2/fpm/pool.d/debug.conf + WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", + "/etc/php/7.2/fpm/pool.d/debug.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/" + "debug.conf", "[www]", "[debug]") + config = configparser.ConfigParser() + config.read('/etc/php/7.2/fpm/pool.d/debug.conf') + config['debug']['listen'] = '127.0.0.1:9172' + config['debug']['rlimit_core'] = 'unlimited' + config['debug']['slowlog'] = '/var/log/php/7.2/slow.log' + config['debug']['request_slowlog_timeout'] = '10s' + with open('/etc/php/7.2/fpm/pool.d/debug.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.2 configuration into " + "/etc/php/7.2/fpm/pool.d/debug.conf") + config.write(confifile) - with open("/etc/php/7.2/fpm/pool.d/debug.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") + with open("/etc/php/7.2/fpm/pool.d/debug.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("php_admin_value[xdebug.profiler_output_dir] " + "= /tmp/ \nphp_admin_value[xdebug.profiler_" + "output_name] = cachegrind.out.%p-%H-%R " + "\nphp_admin_flag[xdebug.profiler_enable" + "_trigger] = on \nphp_admin_flag[xdebug." + "profiler_enable] = off\n") - # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" - " /etc/php/7.2/mods-available/" - "xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.2/" - "mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") + # Disable xdebug + if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" + " /etc/php/7.2/mods-available/" + "xdebug.ini"): + WOFileUtils.searchreplace(self, "/etc/php/7.2/" + "mods-available/" + "xdebug.ini", + "zend_extension", + ";zend_extension") - # PHP and Debug pull configuration - if not os.path.exists('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/fpm/status/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)) - open('{0}22222/htdocs/fpm/status/debug72' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - open('{0}22222/htdocs/fpm/status/php72' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() + # PHP and Debug pull configuration + if not os.path.exists('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/fpm/status/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)) + open('{0}22222/htdocs/fpm/status/debug72' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + open('{0}22222/htdocs/fpm/status/php72' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() - # Write info.php - if not os.path.exists('{0}22222/htdocs/php/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/php/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) + # Write info.php + if not os.path.exists('{0}22222/htdocs/php/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/php/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) - with open("{0}22222/htdocs/php/info.php" - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') as myfile: - myfile.write("") + with open("{0}22222/htdocs/php/info.php" + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') as myfile: + myfile.write("") - WOFileUtils.chown(self, "{0}22222" - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, recursive=True) + WOFileUtils.chown(self, "{0}22222" + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, recursive=True) - WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") - WOService.restart_service(self, 'php7.2-fpm') + WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") + WOService.restart_service(self, 'php7.2-fpm') # PHP7.3 configuration if set(WOVariables.wo_php73).issubset(set(apt_packages)): @@ -752,162 +752,162 @@ def post_pref(self, apt_packages, packages): Log.debug(self, 'Creating directory /var/log/php/7.3/') os.makedirs('/var/log/php/7.3/') - # Parse etc/php/7.3/fpm/php.ini - config = configparser.ConfigParser() - Log.debug(self, "configuring php file /etc/php/7.3/" - "fpm/php.ini") - config.read('/etc/php/7.3/fpm/php.ini') - config['PHP']['expose_php'] = 'Off' - config['PHP']['post_max_size'] = '100M' - config['PHP']['upload_max_filesize'] = '100M' - config['PHP']['max_execution_time'] = '300' - config['PHP']['max_input_time'] = '300' - config['PHP']['max_input_vars'] = '20000' - config['Date']['date.timezone'] = WOVariables.wo_timezone - config['opcache']['opcache.enable'] = '1' - config['opcache']['opcache.interned_strings_buffer'] = '8' - config['opcache']['opcache.max_accelerated_files'] = '10000' - config['opcache']['opcache.memory_consumption'] = '256' - config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '5' - config['opcache']['opcache.consistency_checks'] = '0' - config['opcache']['opcache.validate_timestamps'] = '1' - with open('/etc/php/7.3/fpm/php.ini', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writting php configuration into " - "/etc/php/7.3/fpm/php.ini") - config.write(configfile) + # Parse etc/php/7.3/fpm/php.ini + config = configparser.ConfigParser() + Log.debug(self, "configuring php file /etc/php/7.3/" + "fpm/php.ini") + config.read('/etc/php/7.3/fpm/php.ini') + config['PHP']['expose_php'] = 'Off' + config['PHP']['post_max_size'] = '100M' + config['PHP']['upload_max_filesize'] = '100M' + config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' + config['PHP']['max_input_vars'] = '20000' + config['Date']['date.timezone'] = WOVariables.wo_timezone + config['opcache']['opcache.enable'] = '1' + config['opcache']['opcache.interned_strings_buffer'] = '8' + config['opcache']['opcache.max_accelerated_files'] = '10000' + config['opcache']['opcache.memory_consumption'] = '256' + config['opcache']['opcache.save_comments'] = '1' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' + config['opcache']['opcache.validate_timestamps'] = '1' + with open('/etc/php/7.3/fpm/php.ini', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "Writting php configuration into " + "/etc/php/7.3/fpm/php.ini") + config.write(configfile) - # Parse /etc/php/7.3/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.3-fpm.pid", + # Parse /etc/php/7.3/fpm/php-fpm.conf + data = dict(pid="/run/php/php7.3-fpm.pid", error_log="/var/log/php7.3-fpm.log", include="/etc/php/7.3/fpm/pool.d/*.conf") - Log.debug(self, "writting php 7.3 configuration into " - "/etc/php/7.3/fpm/php-fpm.conf") - wo_php_fpm = open('/etc/php/7.3/fpm/php-fpm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) - wo_php_fpm.close() + Log.debug(self, "writting php 7.3 configuration into " + "/etc/php/7.3/fpm/php-fpm.conf") + wo_php_fpm = open('/etc/php/7.3/fpm/php-fpm.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) + wo_php_fpm.close() - # Parse /etc/php/7.3/fpm/pool.d/www.conf - config = configparser.ConfigParser() - config.read_file(codecs.open('/etc/php/7.3/fpm/' - 'pool.d/www.conf', - "r", "utf8")) - config['www']['ping.path'] = '/ping' - config['www']['pm.status_path'] = '/status' - config['www']['pm.max_requests'] = '1500' - config['www']['pm.max_children'] = '50' - config['www']['pm.start_servers'] = '10' - config['www']['pm.min_spare_servers'] = '5' - config['www']['pm.max_spare_servers'] = '15' - config['www']['request_terminate_timeout'] = '300' - config['www']['pm'] = 'ondemand' - config['www']['chdir'] = '/' - config['www']['prefix'] = '/var/run/php' - config['www']['listen'] = 'php73-fpm.sock' - config['www']['listen.mode'] = '0660' - config['www']['listen.backlog'] = '32768' - config['www']['catch_workers_output'] = 'yes' - with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/www.conf") - config.write(configfile) + # Parse /etc/php/7.3/fpm/pool.d/www.conf + config = configparser.ConfigParser() + config.read_file(codecs.open('/etc/php/7.3/fpm/' + 'pool.d/www.conf', + "r", "utf8")) + config['www']['ping.path'] = '/ping' + config['www']['pm.status_path'] = '/status' + config['www']['pm.max_requests'] = '1500' + config['www']['pm.max_children'] = '50' + config['www']['pm.start_servers'] = '10' + config['www']['pm.min_spare_servers'] = '5' + config['www']['pm.max_spare_servers'] = '15' + config['www']['request_terminate_timeout'] = '300' + config['www']['pm'] = 'ondemand' + config['www']['chdir'] = '/' + config['www']['prefix'] = '/var/run/php' + config['www']['listen'] = 'php73-fpm.sock' + config['www']['listen.mode'] = '0660' + config['www']['listen.backlog'] = '32768' + config['www']['catch_workers_output'] = 'yes' + with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', + encoding='utf-8', mode='w') as configfile: + Log.debug(self, "writting PHP 7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/www.conf") + config.write(configfile) - with open("/etc/php/7.3/fpm/pool.d/www.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("\nphp_admin_value[open_basedir] " - "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/:" - "/dev/shm:/dev/urandom\"\n") + with open("/etc/php/7.3/fpm/pool.d/www.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("\nphp_admin_value[open_basedir] " + "= \"/var/www/:/usr/share/php/:" + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") - # Generate /etc/php/7.3/fpm/pool.d/www-two.conf - WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", - "/etc/php/7.3/fpm/pool.d/www-two.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" - "www-two.conf", "[www]", "[www-two]") - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/pool.d/www-two.conf') - config['www-two']['listen'] = 'php73-two-fpm.sock' - with open('/etc/php/7.3/fpm/pool.d/www-two.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/www-two.conf") - config.write(confifile) + # Generate /etc/php/7.3/fpm/pool.d/www-two.conf + WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", + "/etc/php/7.3/fpm/pool.d/www-two.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" + "www-two.conf", "[www]", "[www-two]") + config = configparser.ConfigParser() + config.read('/etc/php/7.3/fpm/pool.d/www-two.conf') + config['www-two']['listen'] = 'php73-two-fpm.sock' + with open('/etc/php/7.3/fpm/pool.d/www-two.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/www-two.conf") + config.write(confifile) - # Generate /etc/php/7.3/fpm/pool.d/debug.conf - WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", - "/etc/php/7.3/fpm/pool.d/debug.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" - "debug.conf", "[www]", "[debug]") - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/pool.d/debug.conf') - config['debug']['listen'] = '127.0.0.1:9173' - config['debug']['rlimit_core'] = 'unlimited' - config['debug']['slowlog'] = '/var/log/php/7.3/slow.log' - config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/php/7.3/fpm/pool.d/debug.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/debug.conf") - config.write(confifile) + # Generate /etc/php/7.3/fpm/pool.d/debug.conf + WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", + "/etc/php/7.3/fpm/pool.d/debug.conf") + WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" + "debug.conf", "[www]", "[debug]") + config = configparser.ConfigParser() + config.read('/etc/php/7.3/fpm/pool.d/debug.conf') + config['debug']['listen'] = '127.0.0.1:9173' + config['debug']['rlimit_core'] = 'unlimited' + config['debug']['slowlog'] = '/var/log/php/7.3/slow.log' + config['debug']['request_slowlog_timeout'] = '10s' + with open('/etc/php/7.3/fpm/pool.d/debug.conf', + encoding='utf-8', mode='w') as confifile: + Log.debug(self, "writting PHP 7.3 configuration into " + "/etc/php/7.3/fpm/pool.d/debug.conf") + config.write(confifile) - with open("/etc/php/7.3/fpm/pool.d/debug.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") + with open("/etc/php/7.3/fpm/pool.d/debug.conf", + encoding='utf-8', mode='a') as myfile: + myfile.write("php_admin_value[xdebug.profiler_output_dir] " + "= /tmp/ \nphp_admin_value[xdebug.profiler_" + "output_name] = cachegrind.out.%p-%H-%R " + "\nphp_admin_flag[xdebug.profiler_enable" + "_trigger] = on \nphp_admin_flag[xdebug." + "profiler_enable] = off\n") - # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" - " /etc/php/7.3/mods-available" - "/xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.3/" - "mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") + # Disable xdebug + if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" + " /etc/php/7.3/mods-available" + "/xdebug.ini"): + WOFileUtils.searchreplace(self, "/etc/php/7.3/" + "mods-available/" + "xdebug.ini", + "zend_extension", + ";zend_extension") - # PHP and Debug pull configuration - if not os.path.exists('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/fpm/status/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)) - open('{0}22222/htdocs/fpm/status/debug73' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - open('{0}22222/htdocs/fpm/status/php73' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() + # PHP and Debug pull configuration + if not os.path.exists('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/fpm/status/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/fpm/status/' + .format(WOVariables.wo_webroot)) + open('{0}22222/htdocs/fpm/status/debug73' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() + open('{0}22222/htdocs/fpm/status/php73' + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='a').close() - # Write info.php - if not os.path.exists('{0}22222/htdocs/php/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/php/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) + # Write info.php + if not os.path.exists('{0}22222/htdocs/php/' + .format(WOVariables.wo_webroot)): + Log.debug(self, 'Creating directory ' + '{0}22222/htdocs/php/ ' + .format(WOVariables.wo_webroot)) + os.makedirs('{0}22222/htdocs/php' + .format(WOVariables.wo_webroot)) - with open("{0}22222/htdocs/php/info.php" - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') as myfile: - myfile.write("") + with open("{0}22222/htdocs/php/info.php" + .format(WOVariables.wo_webroot), + encoding='utf-8', mode='w') as myfile: + myfile.write("") - WOFileUtils.chown(self, "{0}22222" - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, recursive=True) + WOFileUtils.chown(self, "{0}22222" + .format(WOVariables.wo_webroot), + WOVariables.wo_php_user, + WOVariables.wo_php_user, recursive=True) - WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") - WOService.restart_service(self, 'php7.3-fpm') + WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") + WOService.restart_service(self, 'php7.3-fpm') # create mysql config if it doesn't exist if set(WOVariables.wo_mysql).issubset(set(apt_packages)): From 65af41eb244c697efb76e319de5bf85ec357d890 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 12:32:07 +0200 Subject: [PATCH 13/41] Fix php72 upgrade --- wo/cli/plugins/stack_upgrade.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 9edad10..0d2c3ea 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -190,6 +190,10 @@ class WOStackUpgradeController(CementBaseController): WOAptGet.update(self) # Update packages WOAptGet.install(self, apt_packages) + if set(WOVariables.wo_php).issubset(set(apt_packages)): + WOFileUtils.rm(self, "/etc/php/7.2/fpm/pool.d/www.conf") + WOFileUtils.rm(self, "/etc/php/7.2/fpm/" + "pool.d/www-two.conf") post_pref(self, apt_packages, empty_packages) # Post Actions after package updates if (set(WOVariables.wo_nginx).issubset(set(apt_packages))): From 3ab5f74c862dde83b464b5a3b7e712092731dfb0 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 12:38:50 +0200 Subject: [PATCH 14/41] Remove outdated part of wo upgrade --- wo/cli/plugins/stack_upgrade.py | 55 +++++++++++++-------------------- 1 file changed, 21 insertions(+), 34 deletions(-) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 0d2c3ea..bafeeff 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -31,7 +31,9 @@ class WOStackUpgradeController(CementBaseController): (['--nginx'], dict(help='Upgrade Nginx stack', action='store_true')), (['--php'], - dict(help='Upgrade PHP stack', action='store_true')), + dict(help='Upgrade PHP 7.2 stack', action='store_true')), + (['--php73'], + dict(help='Upgrade PHP 7.3 stack', action='store_true')), (['--mysql'], dict(help='Upgrade MySQL stack', action='store_true')), (['--wpcli'], @@ -49,37 +51,6 @@ class WOStackUpgradeController(CementBaseController): action='store_true')), ] - @expose(hide=True) - def upgrade_php56(self): - if WOVariables.wo_distro == "ubuntu": - if os.path.isfile("/etc/apt/sources.list.d/ondrej-php5-5_6-{0}." - "list".format(WOVariables.wo_platform_codename)): - Log.error(self, "Unable to find PHP 5.5") - else: - if not(os.path.isfile(WOVariables.wo_repo_file_path) and - WOFileUtils.grep(self, WOVariables.wo_repo_file_path, - "php55")): - Log.error(self, "Unable to find PHP 5.5") - - Log.info(self, "During PHP update process non nginx-cached" - " parts of your site may remain down.") - - # Check prompt - if (not self.app.pargs.no_prompt): - start_upgrade = input("Do you want to continue:[y/N]") - if start_upgrade != "Y" and start_upgrade != "y": - Log.error(self, "Not starting PHP package update") - - if WOVariables.wo_distro == "ubuntu": - WORepo.remove(self, ppa="ppa:ondrej/php5") - WORepo.add(self, ppa=WOVariables.wo_php_repo) - - Log.info(self, "Updating apt-cache, please wait...") - WOAptGet.update(self) - Log.info(self, "Installing packages, please wait ...") - WOAptGet.install(self, WOVariables.wo_php + - WOVariables.wo_php_extra) - @expose(hide=True) def default(self): # All package update @@ -88,7 +59,8 @@ class WOStackUpgradeController(CementBaseController): empty_packages = [] if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and - (not self.app.pargs.php) and (not self.app.pargs.mysql) and + (not self.app.pargs.php) and (not self.app.pargs.php73) and + (not self.app.pargs.mysql) and (not self.app.pargs.all) and (not self.app.pargs.wpcli) and (not self.app.pargs.netdata) and (not self.app.pargs.composer) and (not self.app.pargs.phpmyadmin) and @@ -106,7 +78,6 @@ class WOStackUpgradeController(CementBaseController): self.app.pargs.php = True self.app.pargs.mysql = True self.app.pargs.wpcli = True - self.app.pargs.netdata = True if self.app.pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): @@ -124,6 +95,16 @@ class WOStackUpgradeController(CementBaseController): else: Log.info(self, "PHP 7.2 is not installed") + if self.app.pargs.php73: + if WOAptGet.is_installed(self, 'php7.3-fpm'): + if not WOAptGet.is_installed(self, 'php7.2-fpm'): + apt_packages = apt_packages + WOVariables.wo_php73 + \ + WOVariables.wo_php_extra + else: + apt_packages = apt_packages + WOVariables.wo_php73 + else: + Log.info(self, "PHP 7.3 is not installed") + if self.app.pargs.mysql: if WOAptGet.is_installed(self, 'mariadb-server'): apt_packages = apt_packages + WOVariables.wo_mysql @@ -194,12 +175,18 @@ class WOStackUpgradeController(CementBaseController): WOFileUtils.rm(self, "/etc/php/7.2/fpm/pool.d/www.conf") WOFileUtils.rm(self, "/etc/php/7.2/fpm/" "pool.d/www-two.conf") + if set(WOVariables.wo_php73).issubset(set(apt_packages)): + WOFileUtils.rm(self, "/etc/php/7.3/fpm/pool.d/www.conf") + WOFileUtils.rm(self, "/etc/php/7.3/fpm/" + "pool.d/www-two.conf") post_pref(self, apt_packages, empty_packages) # Post Actions after package updates if (set(WOVariables.wo_nginx).issubset(set(apt_packages))): WOService.restart_service(self, 'nginx') if set(WOVariables.wo_php).issubset(set(apt_packages)): WOService.restart_service(self, 'php7.2-fpm') + if set(WOVariables.wo_php73).issubset(set(apt_packages)): + WOService.restart_service(self, 'php7.3-fpm') if set(WOVariables.wo_mysql).issubset(set(apt_packages)): WOService.restart_service(self, 'mysql') if set(WOVariables.wo_redis).issubset(set(apt_packages)): From 72a8800ebd90d84c55d57210e5ab056de48f7e3c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 12:50:12 +0200 Subject: [PATCH 15/41] Another fix for php7.x-fpm upgrade --- wo/cli/plugins/stack_upgrade.py | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index bafeeff..dbcb074 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -169,16 +169,12 @@ class WOStackUpgradeController(CementBaseController): if len(apt_packages): # apt-get update WOAptGet.update(self) + if set(WOVariables.wo_php).issubset(set(apt_packages)): + WOAptGet.purge(self, ['php7.2-fpm']) + if set(WOVariables.wo_php73).issubset(set(apt_packages)): + WOAptGet.purge(self, ['php7.3-fpm']) # Update packages WOAptGet.install(self, apt_packages) - if set(WOVariables.wo_php).issubset(set(apt_packages)): - WOFileUtils.rm(self, "/etc/php/7.2/fpm/pool.d/www.conf") - WOFileUtils.rm(self, "/etc/php/7.2/fpm/" - "pool.d/www-two.conf") - if set(WOVariables.wo_php73).issubset(set(apt_packages)): - WOFileUtils.rm(self, "/etc/php/7.3/fpm/pool.d/www.conf") - WOFileUtils.rm(self, "/etc/php/7.3/fpm/" - "pool.d/www-two.conf") post_pref(self, apt_packages, empty_packages) # Post Actions after package updates if (set(WOVariables.wo_nginx).issubset(set(apt_packages))): From 7d8577eb17a80e995f99196b92487925759e0837 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 13:05:56 +0200 Subject: [PATCH 16/41] Fix passwd variable --- setup.py | 3 ++- wo/cli/plugins/stack_migrate.py | 4 ---- wo/cli/plugins/stack_pref.py | 4 ++-- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/setup.py b/setup.py index 14a12e6..dff04ab 100644 --- a/setup.py +++ b/setup.py @@ -62,7 +62,7 @@ setup(name='wo', classifiers=[], keywords='', author='WordOps', - author_email='core@wordops.net', + author_email='contact@wordops.io', url='https://wordops.net', license='MIT', packages=find_packages(exclude=['ez_setup', 'examples', 'tests', @@ -85,6 +85,7 @@ setup(name='wo', 'psutil == 3.1.1', 'sh', 'SQLAlchemy', + 'requests == 2.22.0', ], data_files=[('/etc/wo', ['config/wo.conf']), ('/etc/wo/plugins.d', conf), diff --git a/wo/cli/plugins/stack_migrate.py b/wo/cli/plugins/stack_migrate.py index a81d2b4..c1a84c6 100644 --- a/wo/cli/plugins/stack_migrate.py +++ b/wo/cli/plugins/stack_migrate.py @@ -79,10 +79,6 @@ class WOStackMigrateController(CementBaseController): # Install MariaDB apt_packages = WOVariables.wo_mysql - # If PHP is installed then install php7.2-mysql - if WOAptGet.is_installed(self, "php7.2-fpm"): - apt_packages = apt_packages + ["php7.2-mysql"] - Log.info(self, "Updating apt-cache, hang on...") WOAptGet.update(self) Log.info(self, "Installing MariaDB, hang on...") diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 23d652a..c4f3863 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -412,7 +412,7 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() - randompass = ''.join([random.choice + passwd = ''.join([random.choice (string.ascii_letters + string.digits) for n in range(24)]) try: @@ -421,7 +421,7 @@ def post_pref(self, apt_packages, packages): "{password} 2> /dev/null)\n\"" "> /etc/nginx/htpasswd-wo " "2>/dev/null" - .format(password=randompass)) + .format(password=passwd)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) Log.error(self, "Failed to save HTTP Auth") From 3729d27fb29043825f16cb525540ae6efdd7570a Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 13:11:24 +0200 Subject: [PATCH 17/41] Fix package purge --- wo/cli/plugins/stack_upgrade.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index dbcb074..a834857 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -170,9 +170,11 @@ class WOStackUpgradeController(CementBaseController): # apt-get update WOAptGet.update(self) if set(WOVariables.wo_php).issubset(set(apt_packages)): - WOAptGet.purge(self, ['php7.2-fpm']) + WOAptGet.remove(self, ['php7.2-fpm'], + auto=False, purge=True) if set(WOVariables.wo_php73).issubset(set(apt_packages)): - WOAptGet.purge(self, ['php7.3-fpm']) + WOAptGet.remove(self, ['php7.3-fpm'], + auto=False, purge=True) # Update packages WOAptGet.install(self, apt_packages) post_pref(self, apt_packages, empty_packages) From 6f6df150683fe8e0f250fdc0ad5e673c31117c66 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 14:22:20 +0200 Subject: [PATCH 18/41] add more mysql settings --- wo/cli/plugins/stack.py | 68 ---------------------- wo/cli/plugins/stack_pref.py | 107 ++++++++++++++++++++++++++++++++--- 2 files changed, 98 insertions(+), 77 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 563f6b9..7c75c30 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -465,74 +465,6 @@ class WOStackController(CementBaseController): "maxmemory-policy " "allkeys-lru") WOService.restart_service(self, 'redis-server') - if 'mariadb-server' in apt_packages: - # setting innodb memory usage - wo_ram = psutil.virtual_memory().total / (1024 * 1024) - wo_ram_innodb = int(wo_ram*0.3) - wo_ram_log_buffer = int(wo_ram_innodb*0.25) - wo_ram_log_size = int(wo_ram_log_buffer*0.5) - # replacing default values - if os.path.isfile("/etc/mysql/my.cnf"): - Log.debug(self, "Tuning MySQL configuration") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_buffer_pool_size = 256M", - "innodb_buffer_pool_size = {0}M" - .format(wo_ram_innodb)) - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_log_buffer_size = 8M", - "innodb_log_buffer_size = {0}M" - .format(wo_ram_log_buffer)) - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "#innodb_log_file_size = 50M", - "innodb_log_file_size = {0}M" - .format(wo_ram_log_size)) - WOFileUtils.searchreplace(self, - "/etc/mysql/my.cnf", - "wait_timeout " - "= 600", - "wait_timeout " - "= 120") - # disabling mariadb binlog - WOFileUtils.searchreplace(self, - "/etc/mysql/my.cnf", - "log_bin " - "= /var/log/mysql/" - "mariadb-bin", - "#log_bin " - " = /var/log/" - "mysql/mariadb-bin") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - 'log_bin_index ' - "= /var/log/mysql/" - "mariadb-bin.index", - "#log_bin_index " - "= /var/log/mysql/" - "mariadb-bin.index") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "expire_logs_days = 10", - "#expire_logs_days " - "= 10") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "max_binlog_size " - "= 100M", - "#max_binlog_size " - "= 100M") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_open_files =" - " 400", - "innodb_open_files =" - " 16000") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_io_capacity =" - " 400", - "innodb_io_capacity =" - " 16000") - WOService.stop_service(self, 'mysql') - WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0', - '/var/lib/mysql/ib_logfile0.bak') - WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile1', - '/var/lib/mysql/ib_logfile1.bak') - WOService.start_service(self, 'mysql') if disp_msg: if (self.msg): diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index c4f3863..5f47d2f 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -5,6 +5,7 @@ import random import shutil import string import requests +import psutil from wo.cli.plugins.site_functions import * from wo.cli.plugins.stack_services import WOStackStatusController @@ -413,8 +414,8 @@ def post_pref(self, apt_packages, packages): wo_nginx.close() passwd = ''.join([random.choice - (string.ascii_letters + string.digits) - for n in range(24)]) + (string.ascii_letters + string.digits) + for n in range(24)]) try: WOShellExec.cmd_exec(self, "printf \"WordOps:" "$(openssl passwd -crypt " @@ -919,14 +920,102 @@ def post_pref(self, apt_packages, packages): encoding='utf-8', mode='w') config_file.write(config) config_file.close() + else: + wo_ram = psutil.virtual_memory().total / (1024 * 1024) + wo_ram_innodb = int(wo_ram*0.3) + wo_ram_log_buffer = int(wo_ram_innodb*0.25) + wo_ram_log_size = int(wo_ram_log_buffer*0.5) + # replacing default values + Log.debug(self, "Tuning MySQL configuration") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_buffer_pool_size = 256M", + "innodb_buffer_pool_size = {0}M" + .format(wo_ram_innodb)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_log_buffer_size = 8M", + "innodb_log_buffer_size = {0}M" + .format(wo_ram_log_buffer)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "#innodb_log_file_size = 50M", + "innodb_log_file_size = {0}M" + .format(wo_ram_log_size)) + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "wait_timeout " + "= 600", + "wait_timeout " + "= 120") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "skip-external-locking", + "skip-external-locking\n" + "skip-name-resolve = 1\n") + # disabling mariadb binlog + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "log_bin " + "= /var/log/mysql/" + "mariadb-bin", + "#log_bin " + " = /var/log/" + "mysql/mariadb-bin") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + 'log_bin_index ' + "= /var/log/mysql/" + "mariadb-bin.index", + "#log_bin_index " + "= /var/log/mysql/" + "mariadb-bin.index") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "expire_logs_days = 10", + "#expire_logs_days " + "= 10") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "max_binlog_size " + "= 100M", + "#max_binlog_size " + "= 100M") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_open_files =" + " 400", + "innodb_open_files =" + " 16000") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_io_capacity =" + " 400", + "innodb_io_capacity =" + " 16000") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "query_cache_size = 64M", + "query_cache_size = 0") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "#query_cache_type = DEMAND", + "query_cache_type = 0") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "max_allowed_packet = 16M", + "max_allowed_packet = 64M") + if (wo_ram_innodb > 1000) and (wo_ram_innodb < 64000): + wo_innodb_instance = int(wo_ram_innodb/1000) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "# * Security Features", + "innodb_buffer_pool_instances " + "= {0}\n" + .format(wo_innodb_instance) + + "# * Security Features") - WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) - WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' - '> /dev/null 2>&1', - comment='MySQL optimization cronjob ' - 'added by WordOps') - WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") - WOService.reload_service(self, 'mysql') + WOService.stop_service(self, 'mysql') + WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0', + '/var/lib/mysql/ib_logfile0.bak') + WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile1', + '/var/lib/mysql/ib_logfile1.bak') + WOService.start_service(self, 'mysql') + + WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) + WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' + '> /dev/null 2>&1', + comment='MySQL optimization cronjob ' + 'added by WordOps') + WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") + WOService.restart_service(self, 'mysql') # create fail2ban configuration files if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): From 3211a7494094ebc8c8653706446c83fa5853ef55 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 14:40:48 +0200 Subject: [PATCH 19/41] more MariaDB optimizations --- wo/cli/plugins/stack_pref.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 5f47d2f..2098a62 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -949,6 +949,7 @@ def post_pref(self, apt_packages, packages): "skip-external-locking", "skip-external-locking\n" "skip-name-resolve = 1\n") + # disabling mariadb binlog WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", @@ -990,6 +991,12 @@ def post_pref(self, apt_packages, packages): WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", "#query_cache_type = DEMAND", "query_cache_type = 0") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "#open-files-limit = 2000", + "open-files-limit = 10000") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "table_open_cache = 400", + "table_open_cache = 16000") WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", "max_allowed_packet = 16M", "max_allowed_packet = 64M") From 01e6eaecb01e2226951785d0018b55b40174da26 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 19:17:59 +0200 Subject: [PATCH 20/41] Implement `--wprocket` * cleanup templates by using variables * add configuration for wp-rocket * update mapping for wp-rocket --- wo/cli/plugins/site.py | 51 ++++++++++++++-- wo/cli/plugins/site_functions.py | 24 +++++--- wo/cli/plugins/stack_pref.py | 41 ++++++++----- wo/cli/templates/22222.mustache | 2 +- wo/cli/templates/locations-php7.mustache | 54 ----------------- wo/cli/templates/locations.mustache | 2 +- wo/cli/templates/map-wp.mustache | 7 ++- wo/cli/templates/php.mustache | 4 +- wo/cli/templates/php7.mustache | 10 ---- wo/cli/templates/redis-php7.mustache | 42 ------------- wo/cli/templates/redis.mustache | 4 +- wo/cli/templates/upstream.mustache | 2 +- wo/cli/templates/virtualconf-php7.mustache | 2 +- wo/cli/templates/virtualconf.mustache | 2 +- wo/cli/templates/webp.mustache | 2 +- wo/cli/templates/wpcommon-php7.mustache | 70 ---------------------- wo/cli/templates/wpcommon.mustache | 4 +- wo/cli/templates/wpfc-php7.mustache | 21 ------- wo/cli/templates/wpfc.mustache | 4 +- wo/cli/templates/wprocket.mustache | 21 +++++++ wo/cli/templates/wpsc-php7.mustache | 17 ------ wo/cli/templates/wpsc.mustache | 4 +- 22 files changed, 131 insertions(+), 259 deletions(-) delete mode 100644 wo/cli/templates/locations-php7.mustache delete mode 100644 wo/cli/templates/php7.mustache delete mode 100644 wo/cli/templates/redis-php7.mustache delete mode 100644 wo/cli/templates/wpcommon-php7.mustache delete mode 100644 wo/cli/templates/wpfc-php7.mustache create mode 100644 wo/cli/templates/wprocket.mustache delete mode 100644 wo/cli/templates/wpsc-php7.mustache diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index d5e5e59..20948e4 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -333,6 +333,9 @@ class WOSiteCreateController(CementBaseController): (['--wpsc'], dict(help="create WordPress single/multi site with wpsc cache", action='store_true')), + (['--wprocket'], + dict(help="create WordPress single/multi site with WP-Rocket", + action='store_true')), (['--wpredis'], dict(help="create WordPress single/multi site " "with redis cache", @@ -423,7 +426,8 @@ class WOSiteCreateController(CementBaseController): if stype == 'proxy': data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=True, basic=False, php73=False, wp=False, - wpfc=False, wpsc=False, multisite=False, + wpfc=False, wpsc=False, wprocket=False, + multisite=False, wpsubdir=False, webroot=wo_site_webroot) data['proxy'] = True data['host'] = host @@ -433,14 +437,16 @@ class WOSiteCreateController(CementBaseController): if self.app.pargs.php73: data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=False, basic=False, php73=True, wp=False, - wpfc=False, wpsc=False, multisite=False, + wpfc=False, wpsc=False, wprocket=False, + multisite=False, wpsubdir=False, webroot=wo_site_webroot) data['basic'] = True if stype in ['html', 'php']: data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=True, basic=False, php73=False, wp=False, - wpfc=False, wpsc=False, multisite=False, + wpfc=False, wpsc=False, wprocket=False, + multisite=False, wpsubdir=False, webroot=wo_site_webroot) if stype == 'php': @@ -451,7 +457,8 @@ class WOSiteCreateController(CementBaseController): data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=False, basic=True, wp=False, wpfc=False, - wpsc=False, wpredis=False, multisite=False, + wpsc=False, wpredis=False, wprocket=False, + multisite=False, wpsubdir=False, webroot=wo_site_webroot, wo_db_name='', wo_db_user='', wo_db_pass='', wo_db_host='') @@ -479,6 +486,7 @@ class WOSiteCreateController(CementBaseController): if ((not self.app.pargs.wpfc) and (not self.app.pargs.wpsc) and + (not self.app.pargs.wprocket) and (not self.app.pargs.wpredis)): data['basic'] = True @@ -488,6 +496,7 @@ class WOSiteCreateController(CementBaseController): data['basic'] = False self.app.pargs.wpredis = True + # Check rerequired packages are installed or not wo_auth = site_package_check(self, stype) @@ -825,6 +834,8 @@ class WOSiteUpdateController(CementBaseController): dict(help="update to wpfc cache", action='store_true')), (['--wpsc'], dict(help="update to wpsc cache", action='store_true')), + (['--wprocket'], + dict(help="update to WP-Rocket cache", action='store_true')), (['--wpredis'], dict(help="update to redis cache", action='store_true')), (['-le', '--letsencrypt'], @@ -868,6 +879,7 @@ class WOSiteUpdateController(CementBaseController): if not (pargs.php or pargs.php73 or pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or + pargs.wprocket or pargs.wpredis or pargs.letsencrypt or pargs.hsts or pargs.dns or pargs.force): Log.error(self, "Please provide options to update sites.") @@ -946,6 +958,7 @@ class WOSiteUpdateController(CementBaseController): if (pargs.password and not (pargs.html or pargs.php or pargs.php73 or pargs.mysql or pargs.wp or pargs.wpfc or pargs.wpsc or + pargs.wprocket or pargs.wpsubdir or pargs.wpsubdomain or pargs.hsts)): try: @@ -958,6 +971,7 @@ class WOSiteUpdateController(CementBaseController): if (pargs.hsts and not (pargs.html or pargs.php or pargs.php73 or pargs.mysql or pargs.wp or pargs.wpfc or pargs.wpsc or + pargs.wprocket or pargs.wpsubdir or pargs.wpsubdomain or pargs.password)): try: @@ -999,7 +1013,7 @@ class WOSiteUpdateController(CementBaseController): if stype == 'php': data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=False, basic=True, wp=False, wpfc=False, - wpsc=False, wpredis=False, multisite=False, + wpsc=False, wpredis=False, wprocket=False, multisite=False, wpsubdir=False, webroot=wo_site_webroot, currsitetype=oldsitetype, currcachetype=oldcachetype) @@ -1007,7 +1021,7 @@ class WOSiteUpdateController(CementBaseController): data = dict(site_name=wo_domain, www_domain=wo_www_domain, static=False, basic=True, wp=False, wpfc=False, - wpsc=False, wpredis=False, multisite=False, + wpsc=False, wpredis=False, wprocket=False, multisite=False, wpsubdir=False, webroot=wo_site_webroot, wo_db_name='', wo_db_user='', wo_db_pass='', wo_db_host='', @@ -1061,21 +1075,31 @@ class WOSiteUpdateController(CementBaseController): data['wpfc'] = False data['wpsc'] = False data['wpredis'] = False + data['wprocket'] = False elif oldcachetype == 'wpfc': data['basic'] = False data['wpfc'] = True data['wpsc'] = False data['wpredis'] = False + data['wprocket'] = False elif oldcachetype == 'wpsc': data['basic'] = False data['wpfc'] = False data['wpsc'] = True data['wpredis'] = False + data['wprocket'] = False elif oldcachetype == 'wpredis': data['basic'] = False data['wpfc'] = False data['wpsc'] = False data['wpredis'] = True + data['wprocket'] = False + elif oldcachetype == 'wprocket': + data['basic'] = False + data['wpfc'] = False + data['wpsc'] = False + data['wpredis'] = False + data['wprocket'] = True if pargs.php73 == 'on': data['php73'] = True @@ -1233,6 +1257,11 @@ class WOSiteUpdateController(CementBaseController): data['basic'] = False cache = 'wpredis' + if pargs.wprocket and data['currcachetype'] != 'wprocket': + data['wprocket'] = True + data['basic'] = False + cache = 'wprocket' + if (php73 is old_php73) and (stype == oldsitetype and cache == oldcachetype): return 1 @@ -1620,6 +1649,16 @@ class WOSiteUpdateController(CementBaseController): "`tail /var/log/wo/wordops.log` and please try again") return 1 + if oldcachetype == 'wprocket' and not data['wprocket']: + try: + uninstallwp_plugin(self, 'wp-rocket', data) + except SiteError as e: + Log.debug(self, str(e)) + Log.info(self, Log.FAIL + "Update site failed." + "Check the log for details: " + "`tail /var/log/wo/wordops.log` and please try again") + return 1 + # Service Nginx Reload if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 032ae6f..dd66040 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -897,12 +897,12 @@ def site_package_check(self, stype): if (os.path.isdir("/etc/nginx/common") and not os.path.isfile("/etc/nginx/common/locations-wo.conf")): - data = dict() + data = dict(upstream="php73") Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/locations-wo.conf') wo_nginx = open('/etc/nginx/common/locations-wo.conf', encoding='utf-8', mode='w') - self.app.render((data), 'locations-php7.mustache', + self.app.render((data), 'locations.mustache', out=wo_nginx) wo_nginx.close() @@ -910,7 +910,7 @@ def site_package_check(self, stype): 'file /etc/nginx/common/php73.conf') wo_nginx = open('/etc/nginx/common/php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'php7.mustache', + self.app.render((data), 'php.mustache', out=wo_nginx) wo_nginx.close() @@ -918,7 +918,7 @@ def site_package_check(self, stype): 'file /etc/nginx/common/wpcommon-php73.conf') wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon-php7.mustache', + self.app.render((data), 'wpcommon.mustache', out=wo_nginx) wo_nginx.close() @@ -926,7 +926,7 @@ def site_package_check(self, stype): 'file /etc/nginx/common/wpfc-php73.conf') wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-php7.mustache', + self.app.render((data), 'wpfc.mustache', out=wo_nginx) wo_nginx.close() @@ -934,18 +934,26 @@ def site_package_check(self, stype): 'file /etc/nginx/common/wpsc-php73.conf') wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-php7.mustache', + self.app.render((data), 'wpsc.mustache', + out=wo_nginx) + wo_nginx.close() + + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wprocket-php73.conf') + wo_nginx = open('/etc/nginx/common/wprocket-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wprocket.mustache', out=wo_nginx) wo_nginx.close() if (os.path.isfile("/etc/nginx/nginx.conf") and not os.path.isfile("/etc/nginx/common/redis-php73.conf")): - data = dict() + data = dict(upstream="php73") Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php73.conf') wo_nginx = open('/etc/nginx/common/redis-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', + self.app.render((data), 'redis.mustache', out=wo_nginx) wo_nginx.close() diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 2098a62..df9bf9c 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -230,7 +230,7 @@ def post_pref(self, apt_packages, packages): os.makedirs('/etc/nginx/common') if os.path.exists('/etc/nginx/common'): - data = dict(webroot=WOVariables.wo_webroot) + data = dict() # Common Configuration Log.debug(self, 'Writting the nginx configuration to ' @@ -248,7 +248,7 @@ def post_pref(self, apt_packages, packages): self.app.render((data), 'wpsubdir.mustache', out=wo_nginx) wo_nginx.close() - + data = dict(upstream="php72") # PHP 7.2 conf Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php72.conf') @@ -258,6 +258,14 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/wpcommon-php72.conf') wo_nginx = open('/etc/nginx/common/wpcommon-php72.conf', @@ -282,15 +290,23 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wprocket-php72.conf') + wo_nginx = open('/etc/nginx/common/wprocket-php72.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wprocket.mustache', + out=wo_nginx) + wo_nginx.close() + # PHP 7.3 conf if os.path.isdir("/etc/nginx/common"): - data = dict() + data = dict(upstream="php73") Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php73.conf') wo_nginx = open('/etc/nginx/common/php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'php7.mustache', + self.app.render((data), 'php.mustache', out=wo_nginx) wo_nginx.close() @@ -298,7 +314,7 @@ def post_pref(self, apt_packages, packages): 'file /etc/nginx/common/wpcommon-php73.conf') wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon-php7.mustache', + self.app.render((data), 'wpcommon.mustache', out=wo_nginx) wo_nginx.close() @@ -306,7 +322,7 @@ def post_pref(self, apt_packages, packages): 'file /etc/nginx/common/wpfc-php73.conf') wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-php7.mustache', + self.app.render((data), 'wpfc.mustache', out=wo_nginx) wo_nginx.close() @@ -314,26 +330,23 @@ def post_pref(self, apt_packages, packages): 'file /etc/nginx/common/wpsc-php73.conf') wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-php7.mustache', + self.app.render((data), 'wpsc.mustache', out=wo_nginx) wo_nginx.close() - # create redis conf - data = dict() Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', + 'file /etc/nginx/common/wprocket-php73.conf') + wo_nginx = open('/etc/nginx/common/wprocket-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', + self.app.render((data), 'wprocket.mustache', out=wo_nginx) wo_nginx.close() - data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php73.conf') wo_nginx = open('/etc/nginx/common/redis-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', + self.app.render((data), 'redis.mustache', out=wo_nginx) wo_nginx.close() diff --git a/wo/cli/templates/22222.mustache b/wo/cli/templates/22222.mustache index 3106ee7..e34fa36 100644 --- a/wo/cli/templates/22222.mustache +++ b/wo/cli/templates/22222.mustache @@ -1,4 +1,4 @@ -# WordOps admin NGINX CONFIGURATION - WO v3.9.5 +# WordOps admin NGINX CONFIGURATION - WO v3.9.7 server { diff --git a/wo/cli/templates/locations-php7.mustache b/wo/cli/templates/locations-php7.mustache deleted file mode 100644 index 267891c..0000000 --- a/wo/cli/templates/locations-php7.mustache +++ /dev/null @@ -1,54 +0,0 @@ -# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# Basic locations files -location = /favicon.ico { - access_log off; - log_not_found off; - expires max; -} -location = /robots.txt { -# Some WordPress plugin gererate robots.txt file -# Refer #340 issue - try_files $uri $uri/ /index.php$is_args$args @robots; - access_log off; - log_not_found off; -} -# fallback for robots.txt with default wordpress rules -location @robots { - return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n"; -} -# Cache static files -location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ { - add_header "Access-Control-Allow-Origin" "*"; - access_log off; - log_not_found off; - expires max; -} -# Cache css & js files -location ~* \.(?:css(\.map)?|js(\.map)?)$ { - add_header "Access-Control-Allow-Origin" "*"; - access_log off; - log_not_found off; - expires 30d; -} -# Security settings for better privacy -# Deny hidden files -location ~ /\.(?!well-known\/) { - deny all; -} -# letsencrypt validation -location /.well-known/acme-challenge/ { - alias /var/www/html/.well-known/acme-challenge/; - allow all; -} -# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files -location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" { - deny all; -} -# Deny backup extensions & log files and return 403 forbidden -location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" { - deny all; -} -location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { - deny all; -} diff --git a/wo/cli/templates/locations.mustache b/wo/cli/templates/locations.mustache index ba1d66f..26e8230 100644 --- a/wo/cli/templates/locations.mustache +++ b/wo/cli/templates/locations.mustache @@ -1,4 +1,4 @@ -# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5 +# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Basic locations files location = /favicon.ico { diff --git a/wo/cli/templates/map-wp.mustache b/wo/cli/templates/map-wp.mustache index 5cdb3d9..f764020 100644 --- a/wo/cli/templates/map-wp.mustache +++ b/wo/cli/templates/map-wp.mustache @@ -1,4 +1,4 @@ -# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.5 +# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # do not cache xhtml request @@ -52,6 +52,11 @@ map $is_args $query_no_cache { "" 0; } +map $https $https_prefix { + default ""; + on "-https" +} + # if all previous check are passed, $skip_cache = 0 map $http_request_no_cache$cookie_no_cache$uri_no_cache$query_no_cache $skip_cache { default 1; diff --git a/wo/cli/templates/php.mustache b/wo/cli/templates/php.mustache index 59903a8..27c861d 100644 --- a/wo/cli/templates/php.mustache +++ b/wo/cli/templates/php.mustache @@ -1,4 +1,4 @@ -# PHP NGINX CONFIGURATION - WO v3.9.5 +# PHP NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE location / { try_files $uri $uri/ /index.php$is_args$args; @@ -6,5 +6,5 @@ location / { location ~ \.php$ { try_files $uri =404; include fastcgi_params; - fastcgi_pass php72; + fastcgi_pass {{upstream}}; } diff --git a/wo/cli/templates/php7.mustache b/wo/cli/templates/php7.mustache deleted file mode 100644 index 4005572..0000000 --- a/wo/cli/templates/php7.mustache +++ /dev/null @@ -1,10 +0,0 @@ -# PHP NGINX CONFIGURATION - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -location / { - try_files $uri $uri/ /index.php$is_args$args; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass php73; -} diff --git a/wo/cli/templates/redis-php7.mustache b/wo/cli/templates/redis-php7.mustache deleted file mode 100644 index 5e21f7a..0000000 --- a/wo/cli/templates/redis-php7.mustache +++ /dev/null @@ -1,42 +0,0 @@ -# Redis NGINX CONFIGURATION - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf - -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - try_files $uri $uri/ /index.php$is_args$args; -} - -location /redis-fetch { - internal ; - set $redis_key $args; - redis_pass redis; -} -location /redis-store { - internal ; - set_unescape_uri $key $arg_key ; - redis2_query set $key $echo_request_body; - redis2_query expire $key 14400; - redis2_pass redis; -} - -location ~ \.php$ { - set $key "nginx-cache:$scheme$request_method$host$request_uri"; - try_files $uri =404; - - srcache_fetch_skip $skip_cache; - srcache_store_skip $skip_cache; - - srcache_response_cache_control off; - - set_escape_uri $escaped_key $key; - - srcache_fetch GET /redis-fetch $key; - srcache_store PUT /redis-store key=$escaped_key; - - more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status'; - more_set_headers 'X-SRCache-Store-Status $srcache_store_status'; - - include fastcgi_params; - fastcgi_pass php73; -} diff --git a/wo/cli/templates/redis.mustache b/wo/cli/templates/redis.mustache index cdde0b1..dcbb0c1 100644 --- a/wo/cli/templates/redis.mustache +++ b/wo/cli/templates/redis.mustache @@ -1,4 +1,4 @@ -# Redis NGINX CONFIGURATION - WO v3.9.5 +# Redis NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf @@ -39,5 +39,5 @@ location ~ \.php$ { more_set_headers 'X-SRCache-Store-Status $srcache_store_status'; include fastcgi_params; - fastcgi_pass php72; + fastcgi_pass {{upstream}}; } diff --git a/wo/cli/templates/upstream.mustache b/wo/cli/templates/upstream.mustache index 686a6a5..232dade 100644 --- a/wo/cli/templates/upstream.mustache +++ b/wo/cli/templates/upstream.mustache @@ -1,4 +1,4 @@ -# NGINX UPSTREAM CONFIGURATION - WO v3.9.5 +# NGINX UPSTREAM CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE #------------------------------- # PHP 5.6 diff --git a/wo/cli/templates/virtualconf-php7.mustache b/wo/cli/templates/virtualconf-php7.mustache index 625fd2a..56c1e96 100644 --- a/wo/cli/templates/virtualconf-php7.mustache +++ b/wo/cli/templates/virtualconf-php7.mustache @@ -49,7 +49,7 @@ server { } {{/static}} - {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} + {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php73.conf{{/wprocket}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}} include common/locations-wo.conf;{{/proxy}} diff --git a/wo/cli/templates/virtualconf.mustache b/wo/cli/templates/virtualconf.mustache index d8610de..87d1100 100644 --- a/wo/cli/templates/virtualconf.mustache +++ b/wo/cli/templates/virtualconf.mustache @@ -49,7 +49,7 @@ server { } {{/static}} - {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} + {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}}{{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php72.conf{{/wprocket}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}} include common/locations-wo.conf;{{/proxy}} diff --git a/wo/cli/templates/webp.mustache b/wo/cli/templates/webp.mustache index 3ed187b..d53dc46 100644 --- a/wo/cli/templates/webp.mustache +++ b/wo/cli/templates/webp.mustache @@ -1,4 +1,4 @@ -# WEBP NGINX CONFIGURATION - WO v3.9.5 +# WEBP NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE map $http_accept $webp_suffix { diff --git a/wo/cli/templates/wpcommon-php7.mustache b/wo/cli/templates/wpcommon-php7.mustache deleted file mode 100644 index 85d2739..0000000 --- a/wo/cli/templates/wpcommon-php7.mustache +++ /dev/null @@ -1,70 +0,0 @@ -# WordPress COMMON SETTINGS - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# Limit access to avoid brute force attack -location = /wp-login.php { - limit_req zone=one burst=1 nodelay; - include fastcgi_params; - fastcgi_pass php73; -} -# Disable wp-config.txt -location = /wp-config.txt { - deny all; - access_log off; - log_not_found off; -} -location = /robots.txt { -# Some WordPress plugin gererate robots.txt file -# Refer #340 issue - try_files $uri $uri/ /index.php?$args @robots; - access_log off; - log_not_found off; -} -# fallback for robots.txt with default wordpress rules -location @robots { - return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n"; -} -# webp rewrite rules for jpg and png images -# try to load alternative image.png.webp before image.png -location /wp-content/uploads { - location ~ \.(png|jpe?g)$ { - add_header Vary "Accept-Encoding"; - add_header "Access-Control-Allow-Origin" "*"; - add_header Cache-Control "public, no-transform"; - access_log off; - log_not_found off; - expires max; - try_files $uri$webp_suffix $uri =404; - } - location ~ \.php$ { -#Prevent Direct Access Of PHP Files From Web Browsers - deny all; - } -} -# webp rewrite rules for EWWW testing image -location /wp-content/plugins/ewww-image-optimizer/images { - location ~ \.(png|jpe?g)$ { - add_header Vary "Accept-Encoding"; - add_header "Access-Control-Allow-Origin" "*"; - add_header Cache-Control "public, no-transform"; - access_log off; - log_not_found off; - expires max; - try_files $uri$webp_suffix $uri =404; - } - location ~ \.php$ { -#Prevent Direct Access Of PHP Files From Web Browsers - deny all; - } -} -# Deny access to any files with a .php extension in the uploads directory -# Works in sub-directory installs and also in multisite network -# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) -location ~* /(?:uploads|files)/.*\.php$ { - deny all; -} -# mitigate DoS attack CVE with WordPress script concatenation -# add the following line to wp-config.php -# define( 'CONCATENATE_SCRIPTS', false ); -location ~ \/wp-admin\/load-(scripts|styles).php { - deny all; -} diff --git a/wo/cli/templates/wpcommon.mustache b/wo/cli/templates/wpcommon.mustache index 7e6edb3..f646cd6 100644 --- a/wo/cli/templates/wpcommon.mustache +++ b/wo/cli/templates/wpcommon.mustache @@ -1,10 +1,10 @@ -# WordPress COMMON SETTINGS - WO v3.9.5 +# WordPress COMMON SETTINGS - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Limit access to avoid brute force attack location = /wp-login.php { limit_req zone=one burst=1 nodelay; include fastcgi_params; - fastcgi_pass php72; + fastcgi_pass {{upstream}}; } # Disable wp-config.txt location = /wp-config.txt { diff --git a/wo/cli/templates/wpfc-php7.mustache b/wo/cli/templates/wpfc-php7.mustache deleted file mode 100644 index 3667c40..0000000 --- a/wo/cli/templates/wpfc-php7.mustache +++ /dev/null @@ -1,21 +0,0 @@ -# WPFC NGINX CONFIGURATION - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf - -add_header X-fastcgi-cache $upstream_cache_status; -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - try_files $uri $uri/ /index.php$is_args$args; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass php73; - fastcgi_cache_bypass $skip_cache; - fastcgi_no_cache $skip_cache; - fastcgi_cache WORDPRESS; -} -location ~ /purge(/.*) { - fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; - access_log off; -} diff --git a/wo/cli/templates/wpfc.mustache b/wo/cli/templates/wpfc.mustache index 447870f..5dbae7c 100644 --- a/wo/cli/templates/wpfc.mustache +++ b/wo/cli/templates/wpfc.mustache @@ -1,4 +1,4 @@ -# WPFC NGINX CONFIGURATION - WO v3.9.5 +# WPFC NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf @@ -10,7 +10,7 @@ location / { location ~ \.php$ { try_files $uri =404; include fastcgi_params; - fastcgi_pass php72; + fastcgi_pass {{upstream}}; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache WORDPRESS; diff --git a/wo/cli/templates/wprocket.mustache b/wo/cli/templates/wprocket.mustache new file mode 100644 index 0000000..e73f859 --- /dev/null +++ b/wo/cli/templates/wprocket.mustache @@ -0,0 +1,21 @@ +# WPSC NGINX CONFIGURATION - WO v3.9.7 +# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE +# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf + +# Use cached or actual file if they exists, Otherwise pass request to WordPress +location / { + try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args; +} +location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass {{upstream}}; +} + +location ~* /cache/wp-rocket/\.html$ { + etag on; + add_header Vary "Accept-Encoding, Cookie"; + access_log off; + log_not_found off; + expire 10h; +} \ No newline at end of file diff --git a/wo/cli/templates/wpsc-php7.mustache b/wo/cli/templates/wpsc-php7.mustache deleted file mode 100644 index 1fe48a6..0000000 --- a/wo/cli/templates/wpsc-php7.mustache +++ /dev/null @@ -1,17 +0,0 @@ -# WPSC NGINX CONFIGURATION - WO v3.9.5 -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf - -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - # If we add index.php?$args its break WooCommerce like plugins - # Ref: #330 - try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass php73; - # Following line is needed by WP Super Cache plugin - fastcgi_param SERVER_NAME $http_host; -} diff --git a/wo/cli/templates/wpsc.mustache b/wo/cli/templates/wpsc.mustache index cfe5070..ce5baa7 100644 --- a/wo/cli/templates/wpsc.mustache +++ b/wo/cli/templates/wpsc.mustache @@ -1,4 +1,4 @@ -# WPSC NGINX CONFIGURATION - WO v3.9.5 +# WPSC NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf @@ -11,7 +11,7 @@ location / { location ~ \.php$ { try_files $uri =404; include fastcgi_params; - fastcgi_pass php72; + fastcgi_pass {{upstream}}; # Following line is needed by WP Super Cache plugin fastcgi_param SERVER_NAME $http_host; } From 47ad8cd343d9e1fe3960516c05c27cec46447e3a Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 19:29:04 +0200 Subject: [PATCH 21/41] add coverage with codacy --- .travis.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 58e4c7e..20a4f07 100644 --- a/.travis.yml +++ b/.travis.yml @@ -29,8 +29,13 @@ script: - unset LANG - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt ccze tree + - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt python3-pip ccze tree + - export $CODACY_TOKEN - sudo bash install --travis + - python3 -m pip install coverage + - python3 -m pip install codacy-coverage + - coverage xml + - python-codacy-coverage -c $TRAVIS_COMMIT -d $TRAVIS_BUILD_DIR -r coverage.xml - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc From ffb82d8d8bb070e528eba08306f724a2f3a44e7b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 5 Aug 2019 21:48:14 +0200 Subject: [PATCH 22/41] Fix wprocket --- .travis.yml | 5 ----- wo/cli/plugins/site.py | 4 ++-- wo/cli/plugins/stack_pref.py | 14 ++++++++++++++ wo/cli/templates/map-wp.mustache | 10 +++++----- wo/cli/templates/nginx-core.mustache | 8 ++++---- wo/cli/templates/virtualconf-php7.mustache | 2 +- wo/cli/templates/virtualconf.mustache | 2 +- 7 files changed, 27 insertions(+), 18 deletions(-) diff --git a/.travis.yml b/.travis.yml index 20a4f07..1b45e50 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,12 +30,7 @@ script: - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt python3-pip ccze tree - - export $CODACY_TOKEN - sudo bash install --travis - - python3 -m pip install coverage - - python3 -m pip install codacy-coverage - - coverage xml - - python-codacy-coverage -c $TRAVIS_COMMIT -d $TRAVIS_BUILD_DIR -r coverage.xml - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 20948e4..ec63fd6 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1502,7 +1502,7 @@ class WOSiteUpdateController(CementBaseController): "and please try again") return 1 - if ((oldcachetype in ['wpsc', 'basic', 'wpredis'] and + if ((oldcachetype in ['wpsc', 'basic', 'wpredis', 'wprocket'] and (data['wpfc'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpfc'])): try: @@ -1541,7 +1541,7 @@ class WOSiteUpdateController(CementBaseController): "and please try again") return 1 - elif ((oldcachetype in ['wpsc', 'basic', 'wpfc'] and + elif ((oldcachetype in ['wpsc', 'basic', 'wpfc', 'wprocket'] and (data['wpredis'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpredis'])): diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index df9bf9c..b7c84fb 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -173,6 +173,20 @@ def post_pref(self, apt_packages, packages): # Nginx configuration if set(WOVariables.wo_nginx).issubset(set(apt_packages)): + # Nginx main configuration + if os.path.isfile('/etc/nginx/nginx.conf'): + if (WOVariables.wo_distro == 'ubuntu' or + WOVariables.wo_platform_codename == 'buster'): + data = dict(tls13=True) + else: + data = dict(tls13=False) + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/nginx.conf') + wo_nginx = open('/etc/nginx/nginx.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'nginx-core.mustache', out=wo_nginx) + wo_nginx.close() # Fix for white screen death with NGINX PLUS if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', diff --git a/wo/cli/templates/map-wp.mustache b/wo/cli/templates/map-wp.mustache index f764020..87be917 100644 --- a/wo/cli/templates/map-wp.mustache +++ b/wo/cli/templates/map-wp.mustache @@ -52,11 +52,6 @@ map $is_args $query_no_cache { "" 0; } -map $https $https_prefix { - default ""; - on "-https" -} - # if all previous check are passed, $skip_cache = 0 map $http_request_no_cache$cookie_no_cache$uri_no_cache$query_no_cache $skip_cache { default 1; @@ -68,3 +63,8 @@ map $skip_cache $cache_uri { 0 $request_uri; default 'null cache'; } + +map $https $https_prefix { + default ""; + on "-https" +} diff --git a/wo/cli/templates/nginx-core.mustache b/wo/cli/templates/nginx-core.mustache index dd4631e..4201f52 100644 --- a/wo/cli/templates/nginx-core.mustache +++ b/wo/cli/templates/nginx-core.mustache @@ -66,12 +66,12 @@ http { ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_prefer_server_ciphers on; - ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; - ssl_protocols TLSv1.2 TLSv1.3; + {{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; + ssl_protocols TLSv1.2 TLSv1.3;{{/tls13}} ssl_ecdh_curve X25519:P-521:P-384:P-256; # Previous TLS v1.2 configuration - # ssl_protocols TLSv1.2; - # ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES; + {{^tls13}}ssl_protocols TLSv1.2; + ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;{{/tls13}} # Common security headers more_set_headers "X-Frame-Options : SAMEORIGIN"; diff --git a/wo/cli/templates/virtualconf-php7.mustache b/wo/cli/templates/virtualconf-php7.mustache index 56c1e96..fa137cb 100644 --- a/wo/cli/templates/virtualconf-php7.mustache +++ b/wo/cli/templates/virtualconf-php7.mustache @@ -49,7 +49,7 @@ server { } {{/static}} - {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php73.conf{{/wprocket}} + {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php73.conf;{{/wprocket}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}} include common/locations-wo.conf;{{/proxy}} diff --git a/wo/cli/templates/virtualconf.mustache b/wo/cli/templates/virtualconf.mustache index 87d1100..19a1afb 100644 --- a/wo/cli/templates/virtualconf.mustache +++ b/wo/cli/templates/virtualconf.mustache @@ -49,7 +49,7 @@ server { } {{/static}} - {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}}{{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php72.conf{{/wprocket}} + {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}}{{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}{{#wprocket}}common/wprocket-php72.conf;{{/wprocket}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}} include common/locations-wo.conf;{{/proxy}} From e2b2db22b971585e41a065d4390f9da62ee4f230 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 00:31:47 +0200 Subject: [PATCH 23/41] Fix typo --- wo/cli/plugins/stack_pref.py | 2 +- wo/cli/templates/map-wp.mustache | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index b7c84fb..06bb82f 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -535,7 +535,6 @@ def post_pref(self, apt_packages, packages): Log.error( self, "Failed to generate HTTPS " "certificate for 22222") - server_ip = requests.get('http://v4.wordops.eu') if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' .format(WOVariables.wo_webroot)): @@ -553,6 +552,7 @@ def post_pref(self, apt_packages, packages): WOService.reload_service(self, 'nginx') if set(["nginx"]).issubset(set(apt_packages)): + server_ip = requests.get('http://v4.wordops.eu') print("WordOps backend configuration was successful\n" "You can access it on : https://{0}:22222" .format(server_ip)) diff --git a/wo/cli/templates/map-wp.mustache b/wo/cli/templates/map-wp.mustache index 87be917..00d21da 100644 --- a/wo/cli/templates/map-wp.mustache +++ b/wo/cli/templates/map-wp.mustache @@ -66,5 +66,5 @@ map $skip_cache $cache_uri { map $https $https_prefix { default ""; - on "-https" + on "-https"; } From 13ebe2af3f8106aba5dc27a2a60c581b26971475 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 01:31:51 +0200 Subject: [PATCH 24/41] fix server_ip --- wo/cli/plugins/stack_pref.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 06bb82f..3726783 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -550,9 +550,8 @@ def post_pref(self, apt_packages, packages): WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') - + server_ip = requests.get('http://v4.wordops.eu') if set(["nginx"]).issubset(set(apt_packages)): - server_ip = requests.get('http://v4.wordops.eu') print("WordOps backend configuration was successful\n" "You can access it on : https://{0}:22222" .format(server_ip)) From d0799a08e710e625eeb71e38b108b65204c32053 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 01:49:13 +0200 Subject: [PATCH 25/41] export logs with travis --- .travis.yml | 2 ++ install | 4 ++-- setup.py | 2 +- wo/cli/plugins/site_functions.py | 9 --------- wo/core/variables.py | 2 +- 5 files changed, 6 insertions(+), 13 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1b45e50..5bd7075 100644 --- a/.travis.yml +++ b/.travis.yml @@ -54,5 +54,7 @@ script: - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - sudo wo stack status + - sudo tar -I pigz -cf /var/log/wo + - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "$1") && echo ""; } | tee -a $HOME/.transfer.log && echo "" - echo "yes" | sudo wo stack purge --all - sudo bash install --purge diff --git a/install b/install index 08452d3..17c7243 100755 --- a/install +++ b/install @@ -7,10 +7,10 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.7 - 2019-08-02 +# Version 3.9.7.1 - 2019-08-06 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" -readonly wo_version_new="3.9.7" +readonly wo_version_new="3.9.7.1" # CONTENTS # --- # 1. VARIABLES AND DECLARATIONS diff --git a/setup.py b/setup.py index dff04ab..c05b21e 100644 --- a/setup.py +++ b/setup.py @@ -56,7 +56,7 @@ if not os.path.isfile('/root/.gitconfig'): shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') setup(name='wo', - version='3.9.7', + version='3.9.7.1', description=long_description, long_description=long_description, classifiers=[], diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index dd66040..a37f7bb 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -957,15 +957,6 @@ def site_package_check(self, stype): out=wo_nginx) wo_nginx.close() - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/upstream.conf", - "php73"): - with open("/etc/nginx/conf.d/upstream.conf", "a") as php_file: - php_file.write("upstream php73 {\nserver" - "unix:/var/run/php/php73-fpm.sock;\n}\n" - "upstream debug73" - " {\nserver 127.0.0.1:9173;\n}\n") - return(stack.install(apt_packages=apt_packages, packages=packages, disp_msg=False)) diff --git a/wo/core/variables.py b/wo/core/variables.py index cf3474e..f565cff 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -10,7 +10,7 @@ class WOVariables(): """Intialization of core variables""" # WordOps version - wo_version = "3.9.7" + wo_version = "3.9.7.1" # WordOps packages versions wo_wp_cli = "2.2.0" wo_adminer = "4.7.2" From 89ebbe9cd622e9105775aa857f4caa87750a0a1f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 11:37:03 +0200 Subject: [PATCH 26/41] Fix for redis and variable glob --- wo/cli/plugins/stack_pref.py | 18 +++++++++--------- wo/cli/plugins/sync.py | 1 + wo/cli/templates/redis.mustache | 2 +- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 3726783..f6700e6 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -536,15 +536,15 @@ def post_pref(self, apt_packages, packages): self, "Failed to generate HTTPS " "certificate for 22222") - if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' - .format(WOVariables.wo_webroot)): + if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' + .format(WOVariables.wo_webroot)): - with open("/var/www/22222/conf/nginx/" - "ssl.conf", "a") as php_file: - php_file.write("ssl_certificate " - "/var/www/22222/cert/22222.crt;\n" - "ssl_certificate_key " - "/var/www/22222/cert/22222.key;\n") + with open("/var/www/22222/conf/nginx/" + "ssl.conf", "a") as php_file: + php_file.write("ssl_certificate " + "/var/www/22222/cert/22222.crt;\n" + "ssl_certificate_key " + "/var/www/22222/cert/22222.key;\n") # Nginx Configation into GIT WOGit.add(self, @@ -574,7 +574,7 @@ def post_pref(self, apt_packages, packages): # create nginx configuration for redis if set(WOVariables.wo_redis).issubset(set(apt_packages)): if os.path.isdir('/etc/nginx/common'): - data = dict() + data = dict(upstream="php72") Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php72.conf') wo_nginx = open('/etc/nginx/common/redis-php72.conf', diff --git a/wo/cli/plugins/sync.py b/wo/cli/plugins/sync.py index d646544..8495bec 100644 --- a/wo/cli/plugins/sync.py +++ b/wo/cli/plugins/sync.py @@ -4,6 +4,7 @@ from wo.core.fileutils import WOFileUtils from wo.cli.plugins.sitedb import * from wo.core.mysql import * from wo.core.logging import Log +import glob def wo_sync_hook(app): diff --git a/wo/cli/templates/redis.mustache b/wo/cli/templates/redis.mustache index dcbb0c1..88a49e0 100644 --- a/wo/cli/templates/redis.mustache +++ b/wo/cli/templates/redis.mustache @@ -10,7 +10,7 @@ location / { location /redis-fetch { internal ; set $redis_key $args; - redis_pass redis; + redis_pass redis; } location /redis-store { internal ; From 9e4cdbd05b0c795d19f2c1a8510ac882b32125d1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 12:10:50 +0200 Subject: [PATCH 27/41] Additional fix for redis --- wo/cli/plugins/site_functions.py | 40 ++++++++++++++++---------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index a37f7bb..d3b5d1a 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -290,7 +290,7 @@ def setupwordpress(self, data): Log.debug(self, "Setting up wp-config file") if not data['multisite']: Log.debug(self, "Generating wp-config for WordPress Single site") - Log.debug(self, "bash -c \"php {0} --allow-root " + Log.debug(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config create " + "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbuser=\'{2}\' " @@ -302,7 +302,7 @@ def setupwordpress(self, data): .format(data['wo_db_pass'], "\n\ndefine(\'WP_DEBUG\', false);")) try: - if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root" + if WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root" .format(WOVariables.wo_wpcli_path) + " config create " + "--dbname=\'{0}\' --dbprefix=\'{1}\' " @@ -325,7 +325,7 @@ def setupwordpress(self, data): raise SiteError("generate wp-config failed for wp single site") else: Log.debug(self, "Generating wp-config for WordPress multisite") - Log.debug(self, "bash -c \"php {0} --allow-root " + Log.debug(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config create " + "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' " @@ -340,7 +340,7 @@ def setupwordpress(self, data): " false);", "\n\ndefine(\'WP_DEBUG\', false);")) try: - if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root" + if WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root" .format(WOVariables.wo_wpcli_path) + " config create " + "--dbname=\'{0}\' --dbprefix=\'{1}\' " @@ -365,36 +365,36 @@ def setupwordpress(self, data): try: - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_CACHE_KEY_SALT " "\'{0}:\'\"".format(wo_domain_name)) - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_MEMORY_LIMIT " "\'128M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_MAX_MEMORY_LIMIT " "\'256M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set CONCATENATE_SCRIPTS " "false --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_POST_REVISIONS " "\'10\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set MEDIA_TRASH " "true --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set EMPTY_TRASH_DAYS " "\'15\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_AUTO_UPDATE_CORE " "minor\"") @@ -456,14 +456,14 @@ def setupwordpress(self, data): if not data['multisite']: Log.debug(self, "Creating tables for WordPress Single site") - Log.debug(self, "php {0} --allow-root core install " + Log.debug(self, "{0} --allow-root core install " .format(WOVariables.wo_wpcli_path) + "--url=\'{0}\' --title=\'{0}\' --admin_name=\'{1}\' " .format(data['www_domain'], wo_wp_user) + "--admin_password= --admin_email=\'{1}\'" .format(wo_wp_pass, wo_wp_email)) try: - if WOShellExec.cmd_exec(self, "php {0} --allow-root core " + if WOShellExec.cmd_exec(self, "{0} --allow-root core " .format(WOVariables.wo_wpcli_path) + "install --url=\'{0}\' --title=\'{0}\' " "--admin_name=\'{1}\' " @@ -480,7 +480,7 @@ def setupwordpress(self, data): raise SiteError("setup WordPress tables failed for single site") else: Log.debug(self, "Creating tables for WordPress multisite") - Log.debug(self, "php {0} --allow-root " + Log.debug(self, "{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "core multisite-install " "--url=\'{0}\' --title=\'{0}\' --admin_name=\'{1}\' " @@ -491,7 +491,7 @@ def setupwordpress(self, data): subdomains='--subdomains' if not data['wpsubdir'] else '')) try: - if WOShellExec.cmd_exec(self, "php {0} --allow-root " + if WOShellExec.cmd_exec(self, "{0} --allow-root " .format(WOVariables.wo_wpcli_path) + "core multisite-install " "--url=\'{0}\' --title=\'{0}\' " @@ -513,7 +513,7 @@ def setupwordpress(self, data): Log.debug(self, "Updating WordPress permalink") try: - WOShellExec.cmd_exec(self, " php {0} --allow-root " + WOShellExec.cmd_exec(self, " {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "rewrite structure " "/%year%/%monthnum%/%day%/%postname%/") @@ -619,7 +619,7 @@ def installwp_plugin(self, plugin_name, data): .format(plugin_name)) WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) try: - WOShellExec.cmd_exec(self, "php {0} plugin " + WOShellExec.cmd_exec(self, "{0} plugin " .format(WOVariables.wo_wpcli_path) + "--allow-root install " "{0}".format(plugin_name)) @@ -628,7 +628,7 @@ def installwp_plugin(self, plugin_name, data): raise SiteError("plugin installation failed") try: - WOShellExec.cmd_exec(self, "php {0} plugin " + WOShellExec.cmd_exec(self, "{0} plugin " .format(WOVariables.wo_wpcli_path) + "--allow-root activate " "{0} {na}" @@ -856,7 +856,7 @@ def site_package_check(self, stype): if (os.path.isfile("/etc/nginx/nginx.conf") and not os.path.isfile("/etc/nginx/common/redis-php72.conf")): - data = dict() + data = dict(upstream="php72") Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php72.conf') wo_nginx = open('/etc/nginx/common/redis-php72.conf', From e2bd566c2081ff6b902cea56de5fd6f8ed5125fc Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 12:42:00 +0200 Subject: [PATCH 28/41] Fix travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5bd7075..904b818 100644 --- a/.travis.yml +++ b/.travis.yml @@ -54,7 +54,7 @@ script: - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - sudo wo stack status - - sudo tar -I pigz -cf /var/log/wo + - sudo tar -I pigz -cf wordops.tar.gz /var/log/wo - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "$1") && echo ""; } | tee -a $HOME/.transfer.log && echo "" - echo "yes" | sudo wo stack purge --all - sudo bash install --purge From 07175a673782c1671ca6c6a47096dee8f028c524 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 6 Aug 2019 12:56:24 +0200 Subject: [PATCH 29/41] Final fix for travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 904b818..f484bef 100644 --- a/.travis.yml +++ b/.travis.yml @@ -55,6 +55,6 @@ script: - sudo wo update --travis - sudo wo stack status - sudo tar -I pigz -cf wordops.tar.gz /var/log/wo - - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "$1") && echo ""; } | tee -a $HOME/.transfer.log && echo "" + - curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/$(basename "wordops.tar.gz") && echo "" | sudo tee -a $HOME/.transfer.log && echo "" - echo "yes" | sudo wo stack purge --all - sudo bash install --purge From 553cc226bdd6916a7e717ab87a18bdfbe5d8dadc Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 02:34:12 +0200 Subject: [PATCH 30/41] Fix WP download --- wo/cli/plugins/site_functions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index d3b5d1a..d9233a1 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -240,7 +240,7 @@ def setupwordpress(self, data): # Random characters wo_random = (''.join(random.sample(string.ascii_uppercase + string.ascii_lowercase + - string.digits, 15))) + string.digits, 24))) wo_wp_prefix = '' # wo_wp_user = '' # wo_wp_pass = '' From 637cd1660a4334890965449ea4c28a73753c73e1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 02:45:26 +0200 Subject: [PATCH 31/41] Reduce WO size --- wo/cli/plugins/clean.py | 17 +-- wo/cli/plugins/secure.py | 49 ++++---- wo/cli/plugins/stack_pref.py | 3 +- wo/cli/plugins/stack_services.py | 185 ++++++++++++++++--------------- wo/cli/plugins/stack_upgrade.py | 63 +++++------ wo/cli/plugins/update.py | 9 +- 6 files changed, 169 insertions(+), 157 deletions(-) diff --git a/wo/cli/plugins/clean.py b/wo/cli/plugins/clean.py index 1a8643b..589bf80 100644 --- a/wo/cli/plugins/clean.py +++ b/wo/cli/plugins/clean.py @@ -37,22 +37,23 @@ class WOCleanController(CementBaseController): @expose(hide=True) def default(self): - if (not (self.app.pargs.all or self.app.pargs.fastcgi or - self.app.pargs.memcached or self.app.pargs.opcache or - self.app.pargs.redis)): + pargs = self.app.pargs + if (not (pargs.all or pargs.fastcgi or + pargs.memcached or pargs.opcache or + pargs.redis)): self.clean_fastcgi() - if self.app.pargs.all: + if pargs.all: self.clean_memcached() self.clean_fastcgi() self.clean_opcache() self.clean_redis() - if self.app.pargs.fastcgi: + if pargs.fastcgi: self.clean_fastcgi() - if self.app.pargs.memcached: + if pargs.memcached: self.clean_memcached() - if self.app.pargs.opcache: + if pargs.opcache: self.clean_opcache() - if self.app.pargs.redis: + if pargs.redis: self.clean_redis() @expose(hide=True) diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index c9a7de6..119a31b 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -35,31 +35,33 @@ class WOSecureController(CementBaseController): @expose(hide=True) def default(self): - if self.app.pargs.auth: + pargs = self.app.pargs + if pargs.auth: self.secure_auth() - if self.app.pargs.port: + if pargs.port: self.secure_port() - if self.app.pargs.ip: + if pargs.ip: self.secure_ip() @expose(hide=True) def secure_auth(self): """This function secures authentication""" + pargs = self.app.pargs passwd = ''.join([random.choice (string.ascii_letters + string.digits) for n in range(24)]) - if not self.app.pargs.user_input: + if not pargs.user_input: username = input("Provide HTTP authentication user " "name [{0}] :".format(WOVariables.wo_user)) - self.app.pargs.user_input = username + pargs.user_input = username if username == "": - self.app.pargs.user_input = WOVariables.wo_user - if not self.app.pargs.user_pass: + pargs.user_input = WOVariables.wo_user + if not pargs.user_pass: password = getpass.getpass("Provide HTTP authentication " "password [{0}] :".format(passwd)) - self.app.pargs.user_pass = password + pargs.user_pass = password if password == "": - self.app.pargs.user_pass = passwd + pargs.user_pass = passwd Log.debug(self, "printf username:" "$(openssl passwd -crypt " "password 2> /dev/null)\n\"" @@ -68,8 +70,8 @@ class WOSecureController(CementBaseController): "$(openssl passwd -crypt " "{password} 2> /dev/null)\n\"" "> /etc/nginx/htpasswd-wo 2>/dev/null" - .format(username=self.app.pargs.user_input, - password=self.app.pargs.user_pass), + .format(username=pargs.user_input, + password=pargs.user_pass), log=False) WOGit.add(self, ["/etc/nginx"], msg="Adding changed secure auth into Git") @@ -77,41 +79,42 @@ class WOSecureController(CementBaseController): @expose(hide=True) def secure_port(self): """This function Secures port""" - if self.app.pargs.user_input: - while not self.app.pargs.user_input.isdigit(): + pargs = self.app.pargs + if pargs.user_input: + while not pargs.user_input.isdigit(): Log.info(self, "Please enter a valid port number ") - self.app.pargs.user_input = input("WordOps " + pargs.user_input = input("WordOps " "admin port [22222]:") - if not self.app.pargs.user_input: + if not pargs.user_input: port = input("WordOps admin port [22222]:") if port == "": - self.app.pargs.user_input = 22222 + pargs.user_input = 22222 while not port.isdigit() and port != "": Log.info(self, "Please Enter valid port number :") port = input("WordOps admin port [22222]:") - self.app.pargs.user_input = port + pargs.user_input = port WOShellExec.cmd_exec(self, "sed -i \"s/listen.*/listen " "{port} default_server ssl http2;/\" " "/etc/nginx/sites-available/22222" - .format(port=self.app.pargs.user_input)) + .format(port=pargs.user_input)) WOGit.add(self, ["/etc/nginx"], msg="Adding changed secure port into Git") if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") Log.info(self, "Successfully port changed {port}" - .format(port=self.app.pargs.user_input)) + .format(port=pargs.user_input)) @expose(hide=True) def secure_ip(self): """IP whitelisting""" - newlist = [] - if not self.app.pargs.user_input: + pargs = self.app.pargs + if not pargs.user_input: ip = input("Enter the comma separated IP addresses " "to white list [127.0.0.1]:") - self.app.pargs.user_input = ip + pargs.user_input = ip try: - user_ip = self.app.pargs.user_input.split(',') + user_ip = pargs.user_input.split(',') except Exception as e: Log.debug(self, "{0}".format(e)) user_ip = ['127.0.0.1'] diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index f6700e6..c308c24 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -1235,7 +1235,8 @@ def post_pref(self, apt_packages, packages): '/usr/local/bin/composer') WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) Log.info(self, "Updating phpMyAdmin, please wait...") - WOShellExec.cmd_exec(self, "/usr/local/bin/composer update --no-plugins --no-scripts " + WOShellExec.cmd_exec(self, "/usr/local/bin/composer update " + "--no-plugins --no-scripts " "-n --no-dev -d " "/var/www/22222/htdocs/db/pma/") WOFileUtils.chown(self, '{0}22222/htdocs/db/pma' diff --git a/wo/cli/plugins/stack_services.py b/wo/cli/plugins/stack_services.py index 56985b8..86796bc 100644 --- a/wo/cli/plugins/stack_services.py +++ b/wo/cli/plugins/stack_services.py @@ -18,24 +18,25 @@ class WOStackStatusController(CementBaseController): def start(self): """Start services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or - self.app.pargs.php73 or - self.app.pargs.mysql or - self.app.pargs.redis or - self.app.pargs.fail2ban or - self.app.pargs.proftpd or - self.app.pargs.netdata): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True + pargs = pargs = self.app.pargs + if not (pargs.nginx or pargs.php or + pargs.php73 or + pargs.mysql or + pargs.redis or + pargs.fail2ban or + pargs.proftpd or + pargs.netdata): + pargs.nginx = True + pargs.php = True + pargs.mysql = True - if self.app.pargs.nginx: + if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): services = services + ['php7.2-fpm'] else: @@ -45,13 +46,13 @@ class WOStackStatusController(CementBaseController): else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): services = services + ['php7.3-fpm'] else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.mysql: + if pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): if (WOAptGet.is_installed(self, 'mysql-server') or @@ -64,27 +65,27 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): services = services + ['redis-server'] else: Log.info(self, "Redis server is not installed") - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): services = services + ['fail2ban'] else: Log.info(self, "fail2ban is not installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): services = services + ['proftpd'] else: Log.info(self, "ProFTPd is not installed") # netdata - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir("/opt/netdata"): services = services + ['netdata'] else: @@ -98,26 +99,27 @@ class WOStackStatusController(CementBaseController): def stop(self): """Stop services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or - self.app.pargs.php73 or - self.app.pargs.mysql or - self.app.pargs.fail2ban or - self.app.pargs.netdata or - self.app.pargs.proftpd or - self.app.pargs.redis): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True + pargs = self.app.pargs + if not (pargs.nginx or pargs.php or + pargs.php73 or + pargs.mysql or + pargs.fail2ban or + pargs.netdata or + pargs.proftpd or + pargs.redis): + pargs.nginx = True + pargs.php = True + pargs.mysql = True # nginx - if self.app.pargs.nginx: + if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") # php7.2 - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): services = services + ['php7.2-fpm'] else: @@ -129,14 +131,14 @@ class WOStackStatusController(CementBaseController): Log.info(self, "PHP7.3-FPM is not installed") # php7.3 - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): services = services + ['php7.3-fpm'] else: Log.info(self, "PHP7.3-FPM is not installed") # mysql - if self.app.pargs.mysql: + if pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): if (WOAptGet.is_installed(self, 'mysql-server') or @@ -150,28 +152,28 @@ class WOStackStatusController(CementBaseController): "Unable to check MySQL service status") # redis - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): services = services + ['redis-server'] else: Log.info(self, "Redis server is not installed") # fail2ban - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): services = services + ['fail2ban'] else: Log.info(self, "fail2ban is not installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): services = services + ['proftpd'] else: Log.info(self, "ProFTPd is not installed") # netdata - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir("/opt/netdata"): services = services + ['netdata'] else: @@ -185,24 +187,25 @@ class WOStackStatusController(CementBaseController): def restart(self): """Restart services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or - self.app.pargs.php73 or - self.app.pargs.mysql or - self.app.pargs.netdata or - self.app.pargs.proftpd or - self.app.pargs.redis or - self.app.pargs.fail2ban): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True + pargs = self.app.pargs + if not (pargs.nginx or pargs.php or + pargs.php73 or + pargs.mysql or + pargs.netdata or + pargs.proftpd or + pargs.redis or + pargs.fail2ban): + pargs.nginx = True + pargs.php = True + pargs.mysql = True - if self.app.pargs.nginx: + if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): services = services + ['php7.2-fpm'] else: @@ -213,13 +216,13 @@ class WOStackStatusController(CementBaseController): else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): services = services + ['php7.3-fpm'] else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.mysql: + if pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): if ((WOAptGet.is_installed(self, 'mysql-server') or @@ -233,27 +236,27 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): services = services + ['redis-server'] else: Log.info(self, "Redis server is not installed") - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): services = services + ['fail2ban'] else: Log.info(self, "fail2ban is not installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): services = services + ['proftpd'] else: Log.info(self, "ProFTPd is not installed") # netdata - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir("/opt/netdata"): services = services + ['netdata'] else: @@ -267,24 +270,25 @@ class WOStackStatusController(CementBaseController): def status(self): """Status of services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or - self.app.pargs.php73 or - self.app.pargs.mysql or - self.app.pargs.netdata or - self.app.pargs.proftpd or - self.app.pargs.redis or - self.app.pargs.fail2ban): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True + pargs = self.app.pargs + if not (pargs.nginx or pargs.php or + pargs.php73 or + pargs.mysql or + pargs.netdata or + pargs.proftpd or + pargs.redis or + pargs.fail2ban): + pargs.nginx = True + pargs.php = True + pargs.mysql = True - if self.app.pargs.nginx: + if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): services = services + ['php7.2-fpm'] else: @@ -295,13 +299,13 @@ class WOStackStatusController(CementBaseController): else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): services = services + ['php7.3-fpm'] else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.mysql: + if pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): if (WOAptGet.is_installed(self, 'mysql-server') or @@ -314,27 +318,27 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): services = services + ['redis-server'] else: Log.info(self, "Redis server is not installed") - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): services = services + ['fail2ban'] else: Log.info(self, "fail2ban is not installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): services = services + ['proftpd'] else: Log.info(self, "ProFTPd is not installed") # netdata - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir("/opt/netdata"): services = services + ['netdata'] else: @@ -348,25 +352,26 @@ class WOStackStatusController(CementBaseController): def reload(self): """Reload service""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or - self.app.pargs.php73 or - self.app.pargs.mysql or - self.app.pargs.netdata or - self.app.pargs.proftpd or - self.app.pargs.redis or - self.app.pargs.fail2ban): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True + pargs = self.app.pargs + if not (pargs.nginx or pargs.php or + pargs.php73 or + pargs.mysql or + pargs.netdata or + pargs.proftpd or + pargs.redis or + pargs.fail2ban): + pargs.nginx = True + pargs.php = True + pargs.mysql = True - if self.app.pargs.nginx: + if pargs.nginx: if (WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): services = services + ['php7.2-fpm'] else: @@ -377,13 +382,13 @@ class WOStackStatusController(CementBaseController): else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): services = services + ['php7.3-fpm'] else: Log.info(self, "PHP7.3-FPM is not installed") - if self.app.pargs.mysql: + if pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): if (WOAptGet.is_installed(self, 'mysql-server') or @@ -396,27 +401,27 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): services = services + ['redis-server'] else: Log.info(self, "Redis server is not installed") - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): services = services + ['fail2ban'] else: Log.info(self, "fail2ban is not installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): services = services + ['proftpd'] else: Log.info(self, "ProFTPd is not installed") # netdata - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir("/opt/netdata"): services = services + ['netdata'] else: diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index a834857..5b84e22 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -57,35 +57,36 @@ class WOStackUpgradeController(CementBaseController): apt_packages = [] packages = [] empty_packages = [] + pargs = pargs = self.app.pargs - if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and - (not self.app.pargs.php) and (not self.app.pargs.php73) and - (not self.app.pargs.mysql) and - (not self.app.pargs.all) and (not self.app.pargs.wpcli) and - (not self.app.pargs.netdata) and (not self.app.pargs.composer) and - (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.redis)): - self.app.pargs.web = True + if ((not pargs.web) and (not pargs.nginx) and + (not pargs.php) and (not pargs.php73) and + (not pargs.mysql) and + (not pargs.all) and (not pargs.wpcli) and + (not pargs.netdata) and (not pargs.composer) and + (not pargs.phpmyadmin) and + (not pargs.redis)): + pargs.web = True - if self.app.pargs.all: - self.app.pargs.web = True + if pargs.all: + pargs.web = True - if self.app.pargs.web: + if pargs.web: if WOAptGet.is_installed(self, 'nginx-custom'): - self.app.pargs.nginx = True + pargs.nginx = True else: Log.info(self, "Nginx is not already installed") - self.app.pargs.php = True - self.app.pargs.mysql = True - self.app.pargs.wpcli = True + pargs.php = True + pargs.mysql = True + pargs.wpcli = True - if self.app.pargs.nginx: + if pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): apt_packages = apt_packages + WOVariables.wo_nginx else: Log.info(self, "Nginx Stable is not already installed") - if self.app.pargs.php: + if pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'): apt_packages = apt_packages + WOVariables.wo_php + \ @@ -95,7 +96,7 @@ class WOStackUpgradeController(CementBaseController): else: Log.info(self, "PHP 7.2 is not installed") - if self.app.pargs.php73: + if pargs.php73: if WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.2-fpm'): apt_packages = apt_packages + WOVariables.wo_php73 + \ @@ -105,19 +106,19 @@ class WOStackUpgradeController(CementBaseController): else: Log.info(self, "PHP 7.3 is not installed") - if self.app.pargs.mysql: + if pargs.mysql: if WOAptGet.is_installed(self, 'mariadb-server'): apt_packages = apt_packages + WOVariables.wo_mysql else: Log.info(self, "MariaDB is not installed") - if self.app.pargs.redis: + if pargs.redis: if WOAptGet.is_installed(self, 'redis-server'): apt_packages = apt_packages + WOVariables.wo_redis else: Log.info(self, "Redis is not installed") - if self.app.pargs.wpcli: + if pargs.wpcli: if os.path.isfile('/usr/local/bin/wp'): packages = packages + [["https://github.com/wp-cli/wp-cli/" "releases/download/v{0}/" @@ -128,13 +129,13 @@ class WOStackUpgradeController(CementBaseController): else: Log.info(self, "WPCLI is not installed with WordOps") - if self.app.pargs.netdata: + if pargs.netdata: if os.path.isdir('/opt/netdata'): packages = packages + [['https://my-netdata.io/' 'kickstart-static64.sh', '/var/lib/wo/tmp/kickstart.sh', 'Netdata']] - if self.app.pargs.phpmyadmin: + if pargs.phpmyadmin: if os.path.isdir('/var/www/22222/htdocs/db/pma'): packages = packages + \ [["https://files.phpmyadmin.net" @@ -147,7 +148,7 @@ class WOStackUpgradeController(CementBaseController): else: Log.error(self, "phpMyAdmin isn't installed") - if self.app.pargs.composer: + if pargs.composer: if os.path.isfile('/usr/local/bin/composer'): packages = packages + [["https://getcomposer.org/installer", "/var/lib/wo/tmp/composer-install", @@ -160,7 +161,7 @@ class WOStackUpgradeController(CementBaseController): Log.info(self, "During package update process non nginx-cached" " parts of your site may remain down") # Check prompt - if (not self.app.pargs.no_prompt): + if (not pargs.no_prompt): start_upgrade = input("Do you want to continue:[y/N]") if start_upgrade != "Y" and start_upgrade != "y": Log.error(self, "Not starting package update") @@ -191,25 +192,25 @@ class WOStackUpgradeController(CementBaseController): WOService.restart_service(self, 'redis-server') if len(packages): - if self.app.pargs.wpcli: + if pargs.wpcli: WOFileUtils.remove(self, ['/usr/local/bin/wp']) - if self.app.pargs.netdata: + if pargs.netdata: WOFileUtils.remove(self, ['/var/lib/wo/tmp/kickstart.sh']) Log.debug(self, "Downloading following: {0}".format(packages)) WODownload.download(self, packages) - if self.app.pargs.wpcli: + if pargs.wpcli: WOFileUtils.chmod(self, "/usr/local/bin/wp", 0o775) - if self.app.pargs.netdata: + if pargs.netdata: Log.info(self, "Upgrading Netdata, please wait...") WOShellExec.cmd_exec(self, "/bin/bash /var/lib/wo/tmp/" "kickstart.sh " "--dont-wait") - if self.app.pargs.composer: + if pargs.composer: Log.info(self, "Upgrading Composer, please wait...") WOShellExec.cmd_exec(self, "php -q /var/lib/wo" "/tmp/composer-install " @@ -218,7 +219,7 @@ class WOStackUpgradeController(CementBaseController): '/usr/local/bin/composer') WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) - if self.app.pargs.phpmyadmin: + if pargs.phpmyadmin: Log.info(self, "Upgrading phpMyAdmin, please wait...") WOExtract.extract(self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/') diff --git a/wo/cli/plugins/update.py b/wo/cli/plugins/update.py index 04e5344..b507170 100644 --- a/wo/cli/plugins/update.py +++ b/wo/cli/plugins/update.py @@ -36,20 +36,21 @@ class WOUpdateController(CementBaseController): @expose(hide=True) def default(self): + pargs = self.app.pargs filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S") - if self.app.pargs.travis: + if pargs.travis: wo_branch = "updating-configuration" install_args = "--travis --force " - elif self.app.pargs.beta: + elif pargs.beta: wo_branch = "beta" install_args = "" else: wo_branch = "master" install_args = "" - if self.app.pargs.force: + if pargs.force: install_args = install_args + "--force " - if self.app.pargs.preserve: + if pargs.preserve: install_args = install_args + "--preserve " WODownload.download(self, [["https://raw.githubusercontent.com/" From f3a16e900f914be3a58f366883b92296b1846372 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 03:05:32 +0200 Subject: [PATCH 32/41] Fix redis stack install --- wo/cli/plugins/site.py | 2 +- wo/cli/plugins/stack.py | 387 +++++++++++++++-------------------- wo/cli/plugins/stack_pref.py | 59 ++++++ 3 files changed, 228 insertions(+), 220 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index ec63fd6..41538a0 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -867,7 +867,7 @@ class WOSiteUpdateController(CementBaseController): pargs = self.app.pargs if pargs.php72: - self.app.pargs.php = True + pargs.php = True if pargs.all: if pargs.site_name: diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 7c75c30..9ce0a04 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -86,6 +86,9 @@ class WOStackController(CementBaseController): dict(help='Install phpRedisAdmin', action='store_true')), (['--proftpd'], dict(help='Install ProFTPd', action='store_true')), + (['--force'], + dict(help='Force install/remove/purge without prompt', + action='store_true')), ] usage = "wo stack (command) [options]" @@ -98,63 +101,64 @@ class WOStackController(CementBaseController): def install(self, packages=[], apt_packages=[], disp_msg=True): """Start installation of packages""" self.msg = [] + pargs = self.app.pargs try: # Default action for stack installation - if ((not self.app.pargs.web) and (not self.app.pargs.admin) and - (not self.app.pargs.nginx) and (not self.app.pargs.php) and - (not self.app.pargs.mysql) and (not self.app.pargs.wpcli) and - (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.composer) and - (not self.app.pargs.netdata) and - (not self.app.pargs.dashboard) and - (not self.app.pargs.fail2ban) and - (not self.app.pargs.security) and - (not self.app.pargs.adminer) and (not self.app.pargs.utils) and - (not self.app.pargs.redis) and (not self.app.pargs.proftpd) and - (not self.app.pargs.phpredisadmin) and - (not self.app.pargs.php73)): - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.security = True + if ((not pargs.web) and (not pargs.admin) and + (not pargs.nginx) and (not pargs.php) and + (not pargs.mysql) and (not pargs.wpcli) and + (not pargs.phpmyadmin) and + (not pargs.composer) and + (not pargs.netdata) and + (not pargs.dashboard) and + (not pargs.fail2ban) and + (not pargs.security) and + (not pargs.adminer) and (not pargs.utils) and + (not pargs.redis) and (not pargs.proftpd) and + (not pargs.phpredisadmin) and + (not pargs.php73)): + pargs.web = True + pargs.admin = True + pargs.security = True - if self.app.pargs.all: - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.php73 = True - self.app.pargs.redis = True - self.app.pargs.proftpd = True + if pargs.all: + pargs.web = True + pargs.admin = True + pargs.php73 = True + pargs.redis = True + pargs.proftpd = True - if self.app.pargs.web: - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True - self.app.pargs.wpcli = True + if pargs.web: + pargs.nginx = True + pargs.php = True + pargs.mysql = True + pargs.wpcli = True - if self.app.pargs.admin: - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True - self.app.pargs.adminer = True - self.app.pargs.phpmyadmin = True - self.app.pargs.composer = True - self.app.pargs.utils = True - self.app.pargs.netdata = True - self.app.pargs.dashboard = True - self.app.pargs.phpredisadmin = True + if pargs.admin: + pargs.nginx = True + pargs.php = True + pargs.mysql = True + pargs.adminer = True + pargs.phpmyadmin = True + pargs.composer = True + pargs.utils = True + pargs.netdata = True + pargs.dashboard = True + pargs.phpredisadmin = True - if self.app.pargs.security: - self.app.pargs.fail2ban = True + if pargs.security: + pargs.fail2ban = True # Redis - if self.app.pargs.redis: + if pargs.redis: if not WOAptGet.is_installed(self, 'redis-server'): apt_packages = apt_packages + WOVariables.wo_redis - self.app.pargs.php = True + pargs.php = True else: Log.info(self, "Redis already installed") # Nginx - if self.app.pargs.nginx: + if pargs.nginx: Log.debug(self, "Setting apt_packages variable for Nginx") if not (WOAptGet.is_installed(self, 'nginx-custom')): @@ -177,7 +181,7 @@ class WOStackController(CementBaseController): Log.debug(self, "Nginx Stable already installed") # PHP 7.2 - if self.app.pargs.php: + if pargs.php: Log.debug(self, "Setting apt_packages variable for PHP 7.2") if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.3-fpm')): @@ -190,7 +194,7 @@ class WOStackController(CementBaseController): Log.info(self, "PHP 7.2 already installed") # PHP 7.3 - if self.app.pargs.php73: + if pargs.php73: Log.debug(self, "Setting apt_packages variable for PHP 7.3") if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not (WOAptGet.is_installed(self, 'php7.2-fpm')): @@ -203,7 +207,7 @@ class WOStackController(CementBaseController): Log.info(self, "PHP 7.3 already installed") # MariaDB 10.3 - if self.app.pargs.mysql: + if pargs.mysql: Log.debug(self, "Setting apt_packages variable for MySQL") if not WOShellExec.cmd_exec(self, "mysqladmin ping"): apt_packages = apt_packages + WOVariables.wo_mysql @@ -219,7 +223,7 @@ class WOStackController(CementBaseController): Log.info(self, "MySQL connection is already alive") # WP-CLI - if self.app.pargs.wpcli: + if pargs.wpcli: Log.debug(self, "Setting packages variable for WP-CLI") if not WOShellExec.cmd_exec(self, "command -v wp"): packages = packages + [["https://github.com/wp-cli/wp-cli/" @@ -233,7 +237,7 @@ class WOStackController(CementBaseController): Log.info(self, "WP-CLI is already installed") # fail2ban - if self.app.pargs.fail2ban: + if pargs.fail2ban: Log.debug(self, "Setting apt_packages variable for Fail2ban") if not WOAptGet.is_installed(self, 'fail2ban'): apt_packages = apt_packages + WOVariables.wo_fail2ban @@ -242,7 +246,7 @@ class WOStackController(CementBaseController): Log.info(self, "Fail2ban already installed") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: Log.debug(self, "Setting apt_packages variable for ProFTPd") if not WOAptGet.is_installed(self, 'proftpd-basic'): apt_packages = apt_packages + ["proftpd-basic"] @@ -251,11 +255,11 @@ class WOStackController(CementBaseController): Log.info(self, "ProFTPd already installed") # PHPMYADMIN - if self.app.pargs.phpmyadmin: + if pargs.phpmyadmin: if not os.path.isdir('/var/www/22222/htdocs/db/pma'): Log.debug(self, "Setting packages variable " "for phpMyAdmin ") - self.app.pargs.composer = True + pargs.composer = True packages = packages + [["https://github.com/phpmyadmin/" "phpmyadmin/archive/STABLE.tar.gz", "/var/lib/wo/tmp/pma.tar.gz", @@ -265,7 +269,7 @@ class WOStackController(CementBaseController): Log.info(self, "phpMyAdmin already installed") # Composer - if self.app.pargs.composer: + if pargs.composer: if not os.path.isfile('/usr/local/bin/composer'): Log.debug(self, "Setting packages variable for Composer ") packages = packages + [["https://getcomposer.org/" @@ -277,12 +281,12 @@ class WOStackController(CementBaseController): Log.info(self, "Composer already installed") # PHPREDISADMIN - if self.app.pargs.phpredisadmin: + if pargs.phpredisadmin: if not os.path.isdir('/var/www/22222/htdocs/' 'cache/redis/phpRedisAdmin'): Log.debug( self, "Setting packages variable for phpRedisAdmin") - self.app.pargs.composer = True + pargs.composer = True packages = packages + [["https://github.com/" "erikdubbelboer/" "phpRedisAdmin/archive" @@ -294,7 +298,7 @@ class WOStackController(CementBaseController): Log.info(self, "phpRedisAdmin already installed") # ADMINER - if self.app.pargs.adminer: + if pargs.adminer: Log.debug(self, "Setting packages variable for Adminer ") packages = packages + [["https://github.com/vrana/adminer/" "releases/download/v{0}" @@ -313,7 +317,7 @@ class WOStackController(CementBaseController): "Adminer theme"]] # Netdata - if self.app.pargs.netdata: + if pargs.netdata: Log.debug(self, "Setting packages variable for Netdata") if not os.path.exists('/opt/netdata'): packages = packages + [['https://my-netdata.io/' @@ -325,7 +329,7 @@ class WOStackController(CementBaseController): Log.info(self, "Netdata already installed") # WordOps Dashboard - if self.app.pargs.dashboard: + if pargs.dashboard: if not os.path.isfile('/var/www/22222/htdocs/index.php'): Log.debug( self, "Setting packages variable for WO-Dashboard") @@ -345,7 +349,7 @@ class WOStackController(CementBaseController): Log.info(self, "WordOps dashboard already installed") # UTILS - if self.app.pargs.utils: + if pargs.utils: Log.debug(self, "Setting packages variable for utils") packages = packages + [["https://raw.githubusercontent.com" "/rtCamp/eeadmin/master/cache/nginx/" @@ -408,63 +412,6 @@ class WOStackController(CementBaseController): WODownload.download(self, packages) Log.debug(self, "Calling post_pref") post_pref(self, apt_packages, packages) - if 'redis-server' in apt_packages: - # set redis.conf parameter - # set maxmemory 10% for ram below 512MB and 20% for others - # set maxmemory-policy allkeys-lru - # enable systemd service - Log.debug(self, "Enabling redis systemd service") - WOShellExec.cmd_exec(self, "systemctl enable redis-server") - if os.path.isfile("/etc/redis/redis.conf"): - wo_ram = psutil.virtual_memory().total / (1024 * 1024) - if wo_ram < 1024: - Log.debug(self, "Setting maxmemory variable to " - "{0} in redis.conf" - .format(int(wo_ram*1024*1024*0.1))) - WOFileUtils.searchreplace(self, - "/etc/redis/redis.conf", - "# maxmemory ", - "maxmemory {0}" - .format - (int(wo_ram*1024*1024*0.1))) - Log.debug( - self, "Setting maxmemory-policy variable to " - "allkeys-lru in redis.conf") - WOFileUtils.searchreplace(self, - "/etc/redis/redis.conf", - "# maxmemory-policy " - "noeviction", - "maxmemory-policy " - "allkeys-lru") - Log.debug( - self, "Setting tcp-backlog variable to " - "in redis.conf") - WOFileUtils.searchreplace(self, - "/etc/redis/redis.conf", - "tcp-backlog 511", - "tcp-backlog 32768") - - WOService.restart_service(self, 'redis-server') - else: - Log.debug(self, "Setting maxmemory variable to {0} " - "in redis.conf" - .format(int(wo_ram*1024*1024*0.2))) - WOFileUtils.searchreplace(self, - "/etc/redis/redis.conf", - "# maxmemory ", - "maxmemory {0}" - .format - (int(wo_ram*1024*1024*0.1))) - Log.debug( - self, "Setting maxmemory-policy variable " - "to allkeys-lru in redis.conf") - WOFileUtils.searchreplace(self, - "/etc/redis/redis.conf", - "# maxmemory-policy " - "noeviction", - "maxmemory-policy " - "allkeys-lru") - WOService.restart_service(self, 'redis-server') if disp_msg: if (self.msg): @@ -479,46 +426,46 @@ class WOStackController(CementBaseController): """Start removal of packages""" apt_packages = [] packages = [] + pargs = self.app.pargs + if ((not pargs.web) and (not pargs.admin) and + (not pargs.nginx) and (not pargs.php) and + (not pargs.php73) and (not pargs.mysql) and + (not pargs.wpcli) and (not pargs.phpmyadmin) and + (not pargs.adminer) and (not pargs.utils) and + (not pargs.composer) and (not pargs.netdata) and + (not pargs.fail2ban) and (not pargs.proftpd) and + (not pargs.security) and + (not pargs.all) and (not pargs.redis) and + (not pargs.phpredisadmin)): + pargs.web = True + pargs.admin = True + pargs.security = True - if ((not self.app.pargs.web) and (not self.app.pargs.admin) and - (not self.app.pargs.nginx) and (not self.app.pargs.php) and - (not self.app.pargs.php73) and (not self.app.pargs.mysql) and - (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.adminer) and (not self.app.pargs.utils) and - (not self.app.pargs.composer) and (not self.app.pargs.netdata) and - (not self.app.pargs.fail2ban) and (not self.app.pargs.proftpd) and - (not self.app.pargs.security) and - (not self.app.pargs.all) and (not self.app.pargs.redis) and - (not self.app.pargs.phpredisadmin)): - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.security = True + if pargs.all: + pargs.web = True + pargs.admin = True + pargs.php73 = True - if self.app.pargs.all: - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.php73 = True + if pargs.web: + pargs.nginx = True + pargs.php = True + pargs.mysql = True + pargs.wpcli = True - if self.app.pargs.web: - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True - self.app.pargs.wpcli = True + if pargs.admin: + pargs.composer = True + pargs.utils = True + pargs.netdata = True + if os.path.isdir('{0}22222/htdocs' + .format(WOVariables.wo_webroot)): + packages = packages + ['{0}22222/htdocs/*' + .format(WOVariables.wo_webroot)] - if self.app.pargs.admin: - self.app.pargs.adminer = True - self.app.pargs.phpmyadmin = True - self.app.pargs.composer = True - self.app.pargs.utils = True - self.app.pargs.netdata = True - self.app.pargs.dashboard = True - self.app.pargs.phpredisadmin = True - - if self.app.pargs.security: - self.app.pargs.fail2ban = True + if pargs.security: + pargs.fail2ban = True # NGINX - if self.app.pargs.nginx: + if pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Removing apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx @@ -526,7 +473,7 @@ class WOStackController(CementBaseController): Log.error(self, "Cannot Remove! Nginx Stable " "version not found.") # PHP 7.2 - if self.app.pargs.php: + if pargs.php: Log.debug(self, "Removing apt_packages variable of PHP") if WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'): @@ -538,7 +485,7 @@ class WOStackController(CementBaseController): Log.error(self, "PHP 7.2 not found") # PHP7.3 - if self.app.pargs.php73: + if pargs.php73: Log.debug(self, "Removing apt_packages variable of PHP 7.3") if WOAptGet.is_installed(self, 'php7.3-fpm'): if not (WOAptGet.is_installed(self, 'php7.2-fpm')): @@ -550,18 +497,18 @@ class WOStackController(CementBaseController): Log.error(self, "PHP 7.3 not found") # REDIS - if self.app.pargs.redis: + if pargs.redis: Log.debug(self, "Remove apt_packages variable of Redis") apt_packages = apt_packages + WOVariables.wo_redis # MariaDB - if self.app.pargs.mysql: + if pargs.mysql: Log.debug(self, "Removing apt_packages variable of MySQL") apt_packages = apt_packages + WOVariables.wo_mysql packages = packages + ['/usr/bin/mysqltuner'] # fail2ban - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): Log.debug(self, "Remove apt_packages variable of Fail2ban") apt_packages = apt_packages + WOVariables.wo_fail2ban @@ -569,7 +516,7 @@ class WOStackController(CementBaseController): Log.error(self, "Fail2ban not found") # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): Log.debug(self, "Remove apt_packages variable for ProFTPd") apt_packages = apt_packages + ["proftpd-basic"] @@ -577,19 +524,19 @@ class WOStackController(CementBaseController): Log.error(self, "ProFTPd not found") # WPCLI - if self.app.pargs.wpcli: + if pargs.wpcli: Log.debug(self, "Removing package variable of WPCLI ") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] else: Log.warn(self, "WP-CLI is not installed with WordOps") # PHPMYADMIN - if self.app.pargs.phpmyadmin: + if pargs.phpmyadmin: Log.debug(self, "Removing package variable of phpMyAdmin ") packages = packages + ['{0}22222/htdocs/db/pma' .format(WOVariables.wo_webroot)] # Composer - if self.app.pargs.composer: + if pargs.composer: Log.debug(self, "Removing package variable of Composer ") if os.path.isfile('/usr/local/bin/composer'): packages = packages + ['/usr/local/bin/composer'] @@ -597,7 +544,7 @@ class WOStackController(CementBaseController): Log.warn(self, "Composer is not installed with WordOps") # PHPREDISADMIN - if self.app.pargs.phpredisadmin: + if pargs.phpredisadmin: Log.debug(self, "Removing package variable of phpRedisAdmin ") if os.path.isdir('{0}22222/htdocs/cache/redis' .format(WOVariables.wo_webroot)): @@ -605,11 +552,11 @@ class WOStackController(CementBaseController): 'cache/redis/phpRedisAdmin' .format(WOVariables.wo_webroot)] # ADMINER - if self.app.pargs.adminer: + if pargs.adminer: Log.debug(self, "Removing package variable of Adminer ") packages = packages + ['{0}22222/htdocs/db/adminer' .format(WOVariables.wo_webroot)] - if self.app.pargs.utils: + if pargs.utils: Log.debug(self, "Removing package variable of utils ") packages = packages + ['{0}22222/htdocs/php/webgrind/' .format(WOVariables.wo_webroot), @@ -621,29 +568,31 @@ class WOStackController(CementBaseController): '{0}22222/htdocs/db/anemometer' .format(WOVariables.wo_webroot)] - if self.app.pargs.netdata: + if pargs.netdata: Log.debug(self, "Removing Netdata") if os.path.isfile('/opt/netdata/usr/' 'libexec/netdata-uninstaller.sh'): packages = packages + ['/var/lib/wo/tmp/kickstart.sh'] - if self.app.pargs.dashboard: + if pargs.dashboard: Log.debug(self, "Removing Wo-Dashboard") - packages = packages + ['{0}22222/htdocs/assets/' + packages = packages + ['{0}22222/htdocs/assets' .format(WOVariables.wo_webroot), '{0}22222/htdocs/index.php' .format(WOVariables.wo_webroot)] if (packages) or (apt_packages): - wo_prompt = input('Are you sure you to want to' - ' remove from server.' - '\nPackage configuration will remain' - ' on server after this operation.\n' - 'Any answer other than ' - '"yes" will be stop this' - ' operation : ') + if not pargs.force: + wo_prompt = input('Are you sure you to want to' + ' remove from server.' + '\nPackage configuration will remain' + ' on server after this operation.\n' + 'Any answer other than ' + '"yes" will be stop this' + ' operation : ') - if wo_prompt == 'YES' or wo_prompt == 'yes': + if (wo_prompt == 'YES' or wo_prompt == 'yes' + or pargs.force): if (set(["nginx-custom"]).issubset(set(apt_packages))): WOService.stop_service(self, 'nginx') @@ -672,46 +621,46 @@ class WOStackController(CementBaseController): """Start purging of packages""" apt_packages = [] packages = [] - + pargs = self.app.pargs # Default action for stack purge - if ((not self.app.pargs.web) and (not self.app.pargs.admin) and - (not self.app.pargs.nginx) and (not self.app.pargs.php) and - (not self.app.pargs.php73) and (not self.app.pargs.mysql) and - (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.adminer) and (not self.app.pargs.utils) and - (not self.app.pargs.composer) and (not self.app.pargs.netdata) and - (not self.app.pargs.fail2ban) and (not self.app.pargs.proftpd) and - (not self.app.pargs.security) and - (not self.app.pargs.all) and (not self.app.pargs.redis) and - (not self.app.pargs.phpredisadmin)): - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.security = True + if ((not pargs.web) and (not pargs.admin) and + (not pargs.nginx) and (not pargs.php) and + (not pargs.php73) and (not pargs.mysql) and + (not pargs.wpcli) and (not pargs.phpmyadmin) and + (not pargs.adminer) and (not pargs.utils) and + (not pargs.composer) and (not pargs.netdata) and + (not pargs.fail2ban) and (not pargs.proftpd) and + (not pargs.security) and + (not pargs.all) and (not pargs.redis) and + (not pargs.phpredisadmin)): + pargs.web = True + pargs.admin = True + pargs.security = True - if self.app.pargs.all: - self.app.pargs.web = True - self.app.pargs.admin = True - self.app.pargs.php73 = True + if pargs.all: + pargs.web = True + pargs.admin = True + pargs.php73 = True - if self.app.pargs.web: - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True - self.app.pargs.wpcli = True + if pargs.web: + pargs.nginx = True + pargs.php = True + pargs.mysql = True + pargs.wpcli = True - if self.app.pargs.admin: - self.app.pargs.adminer = True - self.app.pargs.phpmyadmin = True - self.app.pargs.utils = True - self.app.pargs.composer = True - self.app.pargs.netdata = True - self.app.pargs.dashboard = True - self.app.pargs.phpredisadmin = True + if pargs.admin: + pargs.utils = True + pargs.composer = True + pargs.netdata = True + if os.path.isdir('{0}22222/htdocs' + .format(WOVariables.wo_webroot)): + packages = packages + ['{0}22222/htdocs/*' + .format(WOVariables.wo_webroot)] - if self.app.pargs.security: - self.app.pargs.fail2ban = True + if pargs.security: + pargs.fail2ban = True # NGINX - if self.app.pargs.nginx: + if pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Purge apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx @@ -720,7 +669,7 @@ class WOStackController(CementBaseController): "Nginx Stable version not found.") # PHP - if self.app.pargs.php: + if pargs.php: Log.debug(self, "Purge apt_packages variable PHP") if WOAptGet.is_installed(self, 'php7.2-fpm'): if not (WOAptGet.is_installed(self, 'php7.3-fpm')): @@ -732,7 +681,7 @@ class WOStackController(CementBaseController): Log.error(self, "Cannot Purge PHP 7.2. not found.") # PHP 7.3 - if self.app.pargs.php73: + if pargs.php73: Log.debug(self, "Removing apt_packages variable of PHP 7.3") if WOAptGet.is_installed(self, 'php7.3-fpm'): if not (WOAptGet.is_installed(self, 'php7.2-fpm')): @@ -742,19 +691,19 @@ class WOStackController(CementBaseController): apt_packages = apt_packages + WOVariables.wo_php73 # fail2ban - if self.app.pargs.fail2ban: + if pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): Log.debug(self, "Purge apt_packages variable of Fail2ban") apt_packages = apt_packages + WOVariables.wo_fail2ban # proftpd - if self.app.pargs.proftpd: + if pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): Log.debug(self, "Purge apt_packages variable for ProFTPd") apt_packages = apt_packages + ["proftpd-basic"] # WP-CLI - if self.app.pargs.wpcli: + if pargs.wpcli: Log.debug(self, "Purge package variable WPCLI") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] @@ -762,13 +711,13 @@ class WOStackController(CementBaseController): Log.warn(self, "WP-CLI is not installed with WordOps") # PHPMYADMIN - if self.app.pargs.phpmyadmin: + if pargs.phpmyadmin: packages = packages + ['{0}22222/htdocs/db/pma'. format(WOVariables.wo_webroot)] Log.debug(self, "Purge package variable phpMyAdmin") # Composer - if self.app.pargs.composer: + if pargs.composer: Log.debug(self, "Removing package variable of Composer ") if os.path.isfile('/usr/local/bin/composer'): packages = packages + ['/usr/local/bin/composer'] @@ -776,7 +725,7 @@ class WOStackController(CementBaseController): Log.warn(self, "Composer is not installed with WordOps") # PHPREDISADMIN - if self.app.pargs.phpredisadmin: + if pargs.phpredisadmin: Log.debug(self, "Removing package variable of phpRedisAdmin ") if os.path.isdir('{0}22222/htdocs/cache/redis' .format(WOVariables.wo_webroot)): @@ -784,12 +733,12 @@ class WOStackController(CementBaseController): 'cache/redis/phpRedisAdmin' .format(WOVariables.wo_webroot)] # Adminer - if self.app.pargs.adminer: + if pargs.adminer: Log.debug(self, "Purge package variable Adminer") packages = packages + ['{0}22222/htdocs/db/adminer' .format(WOVariables.wo_webroot)] # utils - if self.app.pargs.utils: + if pargs.utils: Log.debug(self, "Purge package variable utils") packages = packages + ['{0}22222/htdocs/php/webgrind/' .format(WOVariables.wo_webroot), @@ -802,13 +751,13 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot) ] - if self.app.pargs.netdata: + if pargs.netdata: Log.debug(self, "Removing Netdata") if os.path.isfile('/opt/netdata/usr/' 'libexec/netdata-uninstaller.sh'): packages = packages + ['/var/lib/wo/tmp/kickstart.sh'] - if self.app.pargs.dashboard: + if pargs.dashboard: Log.debug(self, "Removing Wo-Dashboard") packages = packages + ['{0}22222/htdocs/assets/' .format(WOVariables.wo_webroot), @@ -823,7 +772,7 @@ class WOStackController(CementBaseController): '"yes" will be stop this ' 'operation :') - if wo_prompt == 'YES' or wo_prompt == 'yes': + if wo_prompt == 'YES' or wo_prompt == 'yes' or pargs.force: if (set(["nginx-custom"]).issubset(set(apt_packages))): WOService.stop_service(self, 'nginx') diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index c308c24..20726ba 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -1160,6 +1160,65 @@ def post_pref(self, apt_packages, packages): msg="Adding ProFTPd into Git") WOService.reload_service(self, 'proftpd') + # Redis configuration + if set(["redis-server"]).issubset(set(apt_packages)): + # set redis.conf parameter + # set maxmemory 10% for ram below 512MB and 20% for others + # set maxmemory-policy allkeys-lru + # enable systemd service + Log.debug(self, "Enabling redis systemd service") + WOShellExec.cmd_exec(self, "systemctl enable redis-server") + if os.path.isfile("/etc/redis/redis.conf"): + wo_ram = psutil.virtual_memory().total / (1024 * 1024) + if wo_ram < 1024: + Log.debug(self, "Setting maxmemory variable to " + "{0} in redis.conf" + .format(int(wo_ram*1024*1024*0.1))) + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory ", + "maxmemory {0}" + .format + (int(wo_ram*1024*1024*0.1))) + Log.debug( + self, "Setting maxmemory-policy variable to " + "allkeys-lru in redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory-policy " + "noeviction", + "maxmemory-policy " + "allkeys-lru") + Log.debug( + self, "Setting tcp-backlog variable to " + "in redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "tcp-backlog 511", + "tcp-backlog 32768") + + WOService.restart_service(self, 'redis-server') + else: + Log.debug(self, "Setting maxmemory variable to {0} " + "in redis.conf" + .format(int(wo_ram*1024*1024*0.2))) + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory ", + "maxmemory {0}" + .format + (int(wo_ram*1024*1024*0.1))) + Log.debug( + self, "Setting maxmemory-policy variable " + "to allkeys-lru in redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory-policy " + "noeviction", + "maxmemory-policy " + "allkeys-lru") + WOService.restart_service(self, 'redis-server') + if (packages): if any('/usr/local/bin/wp' == x[1] for x in packages): Log.debug(self, "Setting Privileges" From c7410e1a5f2bd88a93a588d0e9ecc01408ce8c9e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 12:30:17 +0200 Subject: [PATCH 33/41] testing cement 2.6 --- requirements.txt | 2 +- setup.py | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/requirements.txt b/requirements.txt index 24fb221..9cacc2a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -cement>=2.4.0 +cement>=2.6.0 diff --git a/setup.py b/setup.py index c05b21e..5c32f9e 100644 --- a/setup.py +++ b/setup.py @@ -72,12 +72,12 @@ setup(name='wo', test_suite='nose.collector', install_requires=[ # Required to build documentation - # "Sphinx >= 1.0", + "Sphinx >= 1.0", # Required for testing - # "nose", - # "coverage", + "nose", + "coverage", # Required to function - 'cement == 2.4', + 'cement == 2.6', 'pystache', 'python-apt', 'pynginxconfig', From 29a5633e8250f340dbfe59b168a832adb8bf26bf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 12:36:29 +0200 Subject: [PATCH 34/41] update psutil & PyMySQL --- setup.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup.py b/setup.py index 5c32f9e..6081aa4 100644 --- a/setup.py +++ b/setup.py @@ -81,8 +81,8 @@ setup(name='wo', 'pystache', 'python-apt', 'pynginxconfig', - 'PyMySQL == 0.8.0', - 'psutil == 3.1.1', + 'PyMySQL == 0.9.3', + 'psutil == 5.6.3', 'sh', 'SQLAlchemy', 'requests == 2.22.0', From d7e4a07254003e4745b50631b09e92a7226df2ba Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 13:13:30 +0200 Subject: [PATCH 35/41] Add Cloudflare restore real-ip --- CHANGELOG.md | 4 ++++ install | 6 +++--- wo/cli/plugins/stack_pref.py | 8 ++++++++ wo/cli/templates/cloudflare.mustache | 23 +++++++++++++++++++++++ 4 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 wo/cli/templates/cloudflare.mustache diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e12027..a9a1770 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,11 +11,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), #### Added - APT Packages configuration step with `wo stack upgrade` to apply new configurations +- Cloudflare restore real_ip configuration #### Changed - Moving package configuration in a new plugin stack_pref.py - Set WordOps backend password length from 16 to 24 +- Upgrade framework cement to 2.6.0 +- Upgrade PyMySQL to 0.9.3 +- Upgrade Psutil to 5.6.3 ### v3.9.7 - 2019-08-02 diff --git a/install b/install index 17c7243..c346832 100755 --- a/install +++ b/install @@ -406,9 +406,9 @@ wo_install_acme_sh() { wo_install() { { rm -f /etc/bash_completion.d/wo_auto.rc - rm -rf /tmp/WordOps - git clone -b "$wo_branch" --depth=50 https://github.com/WordOps/WordOps.git /tmp/WordOps - cd /tmp/WordOps || exit 1 + rm -rf /var/lib/wo/tmp/WordOps-* + curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp + cd /var/lib/wo/tmp/WordOps-${wo_branch} || exit 1 } \ >> "$wo_install_log" 2>&1 diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 20726ba..e432df6 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -227,6 +227,14 @@ def post_pref(self, apt_packages, packages): out=wo_nginx) wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/cloudflare.conf') + wo_nginx = open('/etc/nginx/conf.d/cloudflare.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'cloudflare.mustache', + out=wo_nginx) + wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/' 'map-wp-fastcgi-cache.conf') diff --git a/wo/cli/templates/cloudflare.mustache b/wo/cli/templates/cloudflare.mustache new file mode 100644 index 0000000..38355fe --- /dev/null +++ b/wo/cli/templates/cloudflare.mustache @@ -0,0 +1,23 @@ +# WordOps (wo) set visitors real ip with Cloudflare +set_real_ip_from 173.245.48.0/20; +set_real_ip_from 103.21.244.0/22; +set_real_ip_from 103.22.200.0/22; +set_real_ip_from 103.31.4.0/22; +set_real_ip_from 141.101.64.0/18; +set_real_ip_from 108.162.192.0/18; +set_real_ip_from 190.93.240.0/20; +set_real_ip_from 188.114.96.0/20; +set_real_ip_from 197.234.240.0/22; +set_real_ip_from 198.41.128.0/17; +set_real_ip_from 162.158.0.0/15; +set_real_ip_from 104.16.0.0/12; +set_real_ip_from 172.64.0.0/13; +set_real_ip_from 131.0.72.0/22; +set_real_ip_from 2400:cb00::/32; +set_real_ip_from 2606:4700::/32; +set_real_ip_from 2803:f800::/32; +set_real_ip_from 2405:b500::/32; +set_real_ip_from 2405:8100::/32; +set_real_ip_from 2a06:98c0::/29; +set_real_ip_from 2c0f:f248::/32; +real_ip_header CF-Connecting-IP; From c2641d02cf83dd190cf7d1d76bb99ef3ccafd200 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 7 Aug 2019 15:39:43 +0200 Subject: [PATCH 36/41] Testing cement 2.8.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 9cacc2a..6a4b1a5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -cement>=2.6.0 +cement>=2.8.0 From d1f51f345d73d27276b42ccacba3ff4c6c7377eb Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 8 Aug 2019 08:40:03 +0200 Subject: [PATCH 37/41] Update templates --- install | 2 -- wo/cli/templates/fastcgi.mustache | 8 ++--- wo/cli/templates/locations.mustache | 50 ++++++++++++++++++++++++++++- wo/cli/templates/redis.mustache | 2 +- wo/cli/templates/sysctl.mustache | 12 +++---- wo/cli/templates/wpcommon.mustache | 14 ++++++++ wo/cli/templates/wprocket.mustache | 16 ++++----- 7 files changed, 80 insertions(+), 24 deletions(-) diff --git a/install b/install index c346832..62cc83d 100755 --- a/install +++ b/install @@ -667,8 +667,6 @@ wo_tweak_kernel() { fi # apply sysctl tweaks sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf - else - sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf fi fi if [ ! -x /opt/wo-kernel.sh ]; then diff --git a/wo/cli/templates/fastcgi.mustache b/wo/cli/templates/fastcgi.mustache index 271e751..c5a68e2 100644 --- a/wo/cli/templates/fastcgi.mustache +++ b/wo/cli/templates/fastcgi.mustache @@ -1,5 +1,5 @@ # FastCGI cache settings -fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; +fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=6h max_size=256M; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; fastcgi_cache_lock on; @@ -7,11 +7,11 @@ fastcgi_cache_lock_age 5s; fastcgi_cache_lock_timeout 5s; fastcgi_cache_methods GET HEAD; fastcgi_cache_background_update on; -fastcgi_cache_valid 200 1h; +fastcgi_cache_valid 200 24h; fastcgi_cache_valid 301 302 30m; fastcgi_cache_valid 499 502 503 1m; -fastcgi_cache_valid 404 15m; -fastcgi_cache_valid any 15m; +fastcgi_cache_valid 404 1h; +fastcgi_cache_valid any 1h; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; fastcgi_param SERVER_NAME $http_host; diff --git a/wo/cli/templates/locations.mustache b/wo/cli/templates/locations.mustache index 26e8230..f944a40 100644 --- a/wo/cli/templates/locations.mustache +++ b/wo/cli/templates/locations.mustache @@ -7,11 +7,35 @@ location = /favicon.ico { expires max; } # Cache static files -location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ { +location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json)$ { add_header "Access-Control-Allow-Origin" "*"; access_log off; log_not_found off; expires max; + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types + application/atom+xml + application/javascript + application/json + application/rss+xml + application/vnd.ms-fontobject + application/x-font-ttf + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/opentype + image/svg+xml + image/x-icon + text/css + text/plain + text/x-component + text/xml + text/javascript; } # Cache css & js files location ~* \.(?:css(\.map)?|js(\.map)?)$ { @@ -19,6 +43,30 @@ location ~* \.(?:css(\.map)?|js(\.map)?)$ { access_log off; log_not_found off; expires 30d; + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types + application/atom+xml + application/javascript + application/json + application/rss+xml + application/vnd.ms-fontobject + application/x-font-ttf + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/opentype + image/svg+xml + image/x-icon + text/css + text/plain + text/x-component + text/xml + text/javascript; } # Security settings for better privacy # Deny hidden files diff --git a/wo/cli/templates/redis.mustache b/wo/cli/templates/redis.mustache index 88a49e0..7864dd9 100644 --- a/wo/cli/templates/redis.mustache +++ b/wo/cli/templates/redis.mustache @@ -17,7 +17,7 @@ location /redis-store { set_unescape_uri $key $arg_key ; redis2_query set $key $echo_request_body; redis2_query expire $key 14400; - redis2_pass redis; + redis2_pass redis; } diff --git a/wo/cli/templates/sysctl.mustache b/wo/cli/templates/sysctl.mustache index cc2c332..271298c 100644 --- a/wo/cli/templates/sysctl.mustache +++ b/wo/cli/templates/sysctl.mustache @@ -1,10 +1,10 @@ # Kernel sysctl configuration file for Linux # -# Version 1.16 - 2019-10-25 +# Version 1.18 - 2019-08-07 # Michiel Klaver - IT Professional -# Modified by VirtuBox +# Modified by VirtuBox (https://github.com/VirtuBox) +# For WordOps (https://github.com/WordOps/WordOps) # -# Instructions available on https://github.com/VirtuBox/ubuntu-nginx-web-server # # Sources : # https://klaver.it/linux/sysctl.conf @@ -27,10 +27,6 @@ # http://lartc.org/howto/lartc.kernel.obscure.html # http://en.wikipedia.org/wiki/Sysctl # -# Usage -# wget -O /etc/sysctl.d/60-ubuntu-nginx-web-server.conf https://virtubox.github.io/ubuntu-nginx-web-server/files/etc/sysctl.d/60-ubuntu-nginx-web-server.conf -# -# sysctl -e -p /etc/sysctl.d/60-ubuntu-nginx-web-server.conf # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details. # @@ -200,6 +196,8 @@ net.core.somaxconn = 32768 # Increase number of incoming connections backlog net.core.netdev_max_backlog = 16384 net.core.dev_weight = 64 +net.core.netdev_budget = 600 +net.core.netdev_budget_usecs = 4000 # Increase the maximum amount of option memory buffers net.core.optmem_max = 65535 diff --git a/wo/cli/templates/wpcommon.mustache b/wo/cli/templates/wpcommon.mustache index f646cd6..33a9e4a 100644 --- a/wo/cli/templates/wpcommon.mustache +++ b/wo/cli/templates/wpcommon.mustache @@ -56,6 +56,20 @@ location /wp-content/plugins/ewww-image-optimizer/images { deny all; } } +# enable gzip on static assets - php files are forbidden +location /wp-content/cache { +# Cache css & js files + location ~* \.(?:css(\.map)?|js(\.map)?|.html)$ { + add_header "Access-Control-Allow-Origin" "*"; + access_log off; + log_not_found off; + expires 30d; + } + location ~ \.php$ { +#Prevent Direct Access Of PHP Files From Web Browsers + deny all; + } +} # Deny access to any files with a .php extension in the uploads directory # Works in sub-directory installs and also in multisite network # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) diff --git a/wo/cli/templates/wprocket.mustache b/wo/cli/templates/wprocket.mustache index e73f859..14e3600 100644 --- a/wo/cli/templates/wprocket.mustache +++ b/wo/cli/templates/wprocket.mustache @@ -1,21 +1,19 @@ # WPSC NGINX CONFIGURATION - WO v3.9.7 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf - # Use cached or actual file if they exists, Otherwise pass request to WordPress location / { - try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args; + try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args; } location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; + try_files $uri =404; + include fastcgi_params; fastcgi_pass {{upstream}}; } - location ~* /cache/wp-rocket/\.html$ { - etag on; - add_header Vary "Accept-Encoding, Cookie"; + etag on; + add_header Vary "Accept-Encoding, Cookie"; access_log off; log_not_found off; - expire 10h; -} \ No newline at end of file + expires 10h; +} From ad6e1bcb3a321419f744d6db6d435466efca053e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 8 Aug 2019 20:30:15 +0200 Subject: [PATCH 38/41] testing cement 2.10.12 --- requirements.txt | 2 +- setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 6a4b1a5..29f8528 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -cement>=2.8.0 +cement>=2.10.12 diff --git a/setup.py b/setup.py index 6081aa4..4ba23dd 100644 --- a/setup.py +++ b/setup.py @@ -77,7 +77,7 @@ setup(name='wo', "nose", "coverage", # Required to function - 'cement == 2.6', + 'cement == 2.10.12', 'pystache', 'python-apt', 'pynginxconfig', From ca043e177d7b0320cf57ee1add5b56e5d8387578 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 8 Aug 2019 20:36:03 +0200 Subject: [PATCH 39/41] testing again with cement 2.8.0 --- requirements.txt | 2 +- setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 29f8528..6a4b1a5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -cement>=2.10.12 +cement>=2.8.0 diff --git a/setup.py b/setup.py index 4ba23dd..57b98bc 100644 --- a/setup.py +++ b/setup.py @@ -77,7 +77,7 @@ setup(name='wo', "nose", "coverage", # Required to function - 'cement == 2.10.12', + 'cement == 2.8.0', 'pystache', 'python-apt', 'pynginxconfig', From c9a55760717e54053f4ca5c7018f9d7c93daaa01 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 8 Aug 2019 21:16:19 +0200 Subject: [PATCH 40/41] Fix redis install --- wo/cli/plugins/stack_pref.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index e432df6..92bb787 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -1225,6 +1225,8 @@ def post_pref(self, apt_packages, packages): "noeviction", "maxmemory-policy " "allkeys-lru") + WOFileUtils.chown(self, '/etc/redis/redis.conf', + redis, redis) WOService.restart_service(self, 'redis-server') if (packages): From 5682b96e64845c2fe4e82e160220c4cdcd2386a4 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 8 Aug 2019 21:42:26 +0200 Subject: [PATCH 41/41] Fix redis --- .travis.yml | 2 +- wo/cli/plugins/stack_pref.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index f484bef..2200856 100644 --- a/.travis.yml +++ b/.travis.yml @@ -29,7 +29,7 @@ script: - unset LANG - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt python3-pip ccze tree + - sudo apt-get install --assume-yes git python3-setuptools python3-dev python3-apt python3-pip ccze tree --quiet - sudo bash install --travis - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 92bb787..1d08dfe 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -1226,7 +1226,7 @@ def post_pref(self, apt_packages, packages): "maxmemory-policy " "allkeys-lru") WOFileUtils.chown(self, '/etc/redis/redis.conf', - redis, redis) + 'redis', 'redis', recursive=False) WOService.restart_service(self, 'redis-server') if (packages):