Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #137 from WordOps/updating-configuration

Browse Source 
Updating configurationcd
This commit is contained in:
VirtuBox
2019-09-03 12:47:08 +02:00
committed by GitHub
parent c180985e6e 1fa0cf38f8
commit 0a1eb63938
26 changed files with 366 additions and 197 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.travis.yml
View File

@@ -26,9 +26,9 @@ before_script:
after_script: after_script:
- sudo cat /etc/nginx/nginx.conf | ccze -A - sudo cat /etc/nginx/nginx.conf | ccze -A
- sudo cat /var/log/wo/wordops.log | ccze -A
- sudo cat /etc/mysql/my.cnf | ccze -A - sudo cat /etc/mysql/my.cnf | ccze -A
- sudo bash install --purge - sudo bash install --purge
- sudo curl --progress-bar --upload-file /var/log/wo/wordops.log https://transfer.vtbox.net/"$(basename wordops.log)" && echo "" | sudo tee -a $HOME/.transfer.log && echo ""
script: script:

15
CHANGELOG.md
View File

@@ -8,6 +8,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### v3.9.x - [Unreleased] ### v3.9.x - [Unreleased]
#### Added
- Rate limiter on wp-cron.php and xmlrpc.php
- mime.types template to handle missing extension ttf
- try_files directive for favicon
- additional settings for fail2ban
- asynchronous installer to decrease install/update duration
#### Fixed
- Several typo or syntax errors
- `wo site` errors due to broken symlinks for access.log or error.log
- `wo clean` error due to unused memcached flag
- MySQL database and user variables overwrited in `wo site`
### v3.9.8.8 - 2019-09-02 ### v3.9.8.8 - 2019-09-02
#### Added #### Added

149
install
View File

@@ -9,7 +9,7 @@
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# wget -qO wo wops.cc && sudo bash wo # wget -qO wo wops.cc && sudo bash wo
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.8.5 - 2019-08-28 # Version 3.9.8.9 - 2019-09-03
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# CONTENTS # CONTENTS
@@ -107,16 +107,16 @@ unset LANG
export LANG='en_US.UTF-8' export LANG='en_US.UTF-8'
export LC_ALL='C.UTF-8' export LC_ALL='C.UTF-8'
[ -z "$wo_travis" ] && {
apt-get update -qq
}
command_exists() { command_exists() {
command -v "$@" > /dev/null 2>&1 command -v "$@" > /dev/null 2>&1
} }
if ! command_exists curl; then if [ -z "$wo_travis" ]; then
apt-get -y install curl -qq if command_exists curl; then
apt-get update -qq &
else
apt-get update -qq && apt-get -y install curl -qq > /dev/null 2>&1
fi
fi fi
if [ -f ./setup.py ]; then if [ -f ./setup.py ]; then
@@ -133,7 +133,7 @@ echo ""
# 1- Check whether lsb_release is installed, and if not, install it # 1- Check whether lsb_release is installed, and if not, install it
### ###
if ! command_exists lsb_release; then if ! command_exists lsb_release; then
wo_lib_echo "Installing lsb-release, please wait..." wo_lib_echo "Installing lsb-release, please /bin/bash --init-file <(echo 'source /etc/bash_completion.d/wo_auto.rc')..."
apt-get install lsb-release -qq apt-get install lsb-release -qq
fi fi
@@ -179,7 +179,7 @@ if [ -z "$wo_force_install" ]; then
else else
check_wo_linux_distro=$(lsb_release -sc | grep -E "xenial|bionic|disco|jessie|stretch|buster") check_wo_linux_distro=$(lsb_release -sc | grep -E "xenial|bionic|disco|jessie|stretch|buster")
if [ -z "$check_wo_linux_distro" ]; then if [ -z "$check_wo_linux_distro" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 16.04/18.04/19.04 LTS, Debian 9.x/10.x and Raspbian 9.x" wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 16.04/18.04/19.04 LTS, Debian 9.x/10.x and Raspbian 9.x/10x"
exit 100 exit 100
fi fi
fi fi
@@ -190,7 +190,7 @@ fi
### ###
if [ ! -d "$wo_log_dir" ] || [ ! -d "$wo_backup_dir" ] || [ ! -d "$wo_tmp_dir" ]; then if [ ! -d "$wo_log_dir" ] || [ ! -d "$wo_backup_dir" ] || [ ! -d "$wo_tmp_dir" ]; then
wo_lib_echo "Creating WordOps backup, tmp & log directory, just a second..." wo_lib_echo "Creating WordOps directory"
mkdir -p "$wo_backup_dir" "$wo_log_dir" "$wo_tmp_dir" || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $? mkdir -p "$wo_backup_dir" "$wo_log_dir" "$wo_tmp_dir" || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $?
# create wordops log files # create wordops log files
@@ -217,7 +217,7 @@ wo_install_dep() {
apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \ build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \
gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
add-apt-repository ppa:wordops/nginx-wo -yu add-apt-repository ppa:wordops/nginx-wo -yn
else else
# install dependencies # install dependencies
apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
@@ -806,13 +806,14 @@ wo_cheat_install() {
### ###
# 4 - WO MAIN SETUP # 4 - WO MAIN SETUP
### ###
wait
if [ "$wo_purge" = "y" ]; then if [ "$wo_purge" = "y" ]; then
wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log
wo_backup_wo | tee -ai $wo_install_log wo_backup_wo | tee -ai $wo_install_log
wo_lib_echo "Uninstalling WordOps" | tee -ai $wo_install_log wo_lib_echo "Uninstalling WordOps" | tee -ai $wo_install_log
wo_uninstall | tee -ai $wo_install_log wo_uninstall | tee -ai $wo_install_log
wo_lib_echo "The WordOps backup files can be found in $WO_BACKUP_FILE" wo_lib_echo "The WordOps backup files can be found in $WO_BACKUP_FILE"
exit 0
else else
# 1 - WO already installed # 1 - WO already installed
if [ -x /usr/local/bin/wo ]; then if [ -x /usr/local/bin/wo ]; then
@@ -822,43 +823,45 @@ else
fi fi
fi fi
wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
wo_install_dep | tee -ai $wo_install_log wo_install_dep &
wo_timesync | tee -ai $wo_install_log wo_timesync &
wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log
wo_backup_wo | tee -ai $wo_install_log wo_backup_wo &
secure_wo_db | tee -ai $wo_install_log secure_wo_db &
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_clean | tee -ai $wo_install_log wo_clean &
wait
if [ "$wo_travis" = "y" ]; then if [ "$wo_travis" = "y" ]; then
wo_install_travis | tee -ai $wo_install_log wo_install_travis &
else else
if [ -f "$HOME/.gitconfig" ]; then if [ -f "$HOME/.gitconfig" ]; then
wo_install >> $wo_install_log 2>&1 wo_install >> $wo_install_log 2>&1 &
else else
wo_install | tee -ai $wo_install_log wo_install
fi fi
fi fi
wo_update_latest | tee -ai $wo_install_log wo_update_latest &
if [ ! -d /opt/acme/.sh ]; then if [ ! -d /opt/acme/.sh ]; then
wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log wo_install_acme_sh &
fi fi
wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log
wo_tweak_kernel | tee -ai $wo_install_log wo_tweak_kernel &
if [ ! -f /opt/wo-kernel.sh ]; then if [ ! -f /opt/wo-kernel.sh ]; then
wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log
wo_systemd_tweak | tee -ai $wo_install_log wo_systemd_tweak &
fi fi
if [ -x /usr/sbin/nginx ]; then if [ -x /usr/sbin/nginx ]; then
wo_nginx_tweak | tee -ai $wo_install_log wo_nginx_tweak &
fi fi
if [ -d /etc/systemd/system/mariadb.service.d ]; then if [ -d /etc/systemd/system/mariadb.service.d ]; then
wo_mariadb_tweak | tee -ai $wo_install_log wo_mariadb_tweak &
fi fi
wo_cheat_install | tee -ai $wo_install_log wo_cheat_install &
wo_domain_suffix | tee -ai $wo_install_log wo_domain_suffix &
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli &
wait
else else
# 2 - Migration from EEv3 # 2 - Migration from EEv3
if [ -x /usr/local/bin/ee ]; then if [ -x /usr/local/bin/ee ]; then
@@ -869,83 +872,92 @@ else
fi fi
fi fi
wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
wo_install_dep | tee -ai $wo_install_log wo_install_dep >> $wo_install_log 2>&1 &
wo_timesync | tee -ai $wo_install_log wo_timesync >> $wo_install_log 2>&1 &
wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log
wo_backup_ee | tee -ai $wo_install_log wo_backup_ee >> $wo_install_log 2>&1 &
wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log
wo_remove_ee_cron | tee -ai $wo_install_log wo_remove_ee_cron >> $wo_install_log 2>&1 &
wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
wo_sync_db | tee -ai $wo_install_log wo_sync_db >> $wo_install_log 2>&1 &
secure_wo_db | tee -ai $wo_install_log secure_wo_db >> $wo_install_log 2>&1 &
wait
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
if [ -f "$HOME/.gitconfig" ]; then if [ -f "$HOME/.gitconfig" ]; then
wo_install >> $wo_install_log 2>&1 wo_install >> $wo_install_log 2>&1 &
else else
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
fi fi
if command_exists nginx; then if command_exists nginx; then
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log wo_upgrade_nginx >> $wo_install_log 2>&1 &
fi fi
wo_update_latest | tee -ai $wo_install_log wait
wo_update_latest >> $wo_install_log 2>&1 &
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log wo_install_acme_sh >> $wo_install_log 2>&1 &
wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log
wo_tweak_kernel | tee -ai $wo_install_log wo_tweak_kernel >> $wo_install_log 2>&1 &
if [ ! -f /opt/wo-kernel.sh ]; then if [ ! -f /opt/wo-kernel.sh ]; then
wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log
wo_systemd_tweak | tee -ai $wo_install_log wo_systemd_tweak &
fi fi
if command_exists nginx; then if command_exists nginx; then
wo_nginx_tweak | tee -ai $wo_install_log wo_nginx_tweak &
fi fi
if [ -d /etc/systemd/system/mariadb.service.d ]; then if [ -d /etc/systemd/system/mariadb.service.d ]; then
wo_mariadb_tweak | tee -ai $wo_install_log wo_mariadb_tweak &
fi fi
wo_domain_suffix | tee -ai $wo_install_log wo_domain_suffix >> $wo_install_log &
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log {
wo_update_wp_cli | tee -ai $wo_install_log wo_git_init &
wo_cheat_install | tee -ai $wo_install_log wo_update_wp_cli &
wo_cheat_install &
} >> $wo_install_log
wait
wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log
wo_clean_ee | tee -ai $wo_install_log wo_clean_ee >> $wo_install_log
else else
# 3 - Fresh WO setup # 3 - Fresh WO setup
wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
[ -z "$wo_travis" ] && { [ -z "$wo_travis" ] && {
wo_dist_upgrade | tee -ai $wo_install_log wo_dist_upgrade >> $wo_install_log
} }
wo_install_dep | tee -ai $wo_install_log wo_install_dep >> $wo_install_log &
wo_timesync | tee -ai $wo_install_log wo_timesync >> $wo_install_log &
wait
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
if [ "$wo_travis" = "y" ]; then if [ "$wo_travis" = "y" ]; then
wo_install_travis | tee -ai $wo_install_log wo_install_travis | tee -ai $wo_install_log &
else else
if [ -f "$HOME/.gitconfig" ]; then if [ -f "$HOME/.gitconfig" ]; then
wo_install >> $wo_install_log 2>&1 wo_install >> $wo_install_log 2>&1 &
else else
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
fi fi
fi fi
if [ "$ufw" = "y" ]; then if [ "$ufw" = "y" ]; then
wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log
wo_ufw_setup | tee -ai $wo_install_log wo_ufw_setup &
fi fi
wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log
wo_tweak_kernel | tee -ai $wo_install_log wo_tweak_kernel >> $wo_install_log 2>&1 &
if [ ! -f /opt/wo-kernel.sh ]; then if [ ! -f /opt/wo-kernel.sh ]; then
wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log
wo_systemd_tweak | tee -ai $wo_install_log wo_systemd_tweak >> $wo_install_log 2>&1 &
fi fi
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log {
wo_cheat_install | tee -ai $wo_install_log wo_install_acme_sh &
wo_domain_suffix | tee -ai $wo_install_log secure_wo_db &
wo_git_init | tee -ai $wo_install_log wo_cheat_install &
wo_update_wp_cli | tee -ai $wo_install_log wo_domain_suffix &
wo_git_init &
wo_update_wp_cli &
} >> $wo_install_log
wait
fi fi
fi fi
@@ -967,11 +979,14 @@ else
else else
wo_lib_echo "WordOps (wo) installed successfully" wo_lib_echo "WordOps (wo) installed successfully"
echo echo
wo_lib_echo "For autocompletion, run the following command:" wo_lib_echo "To enable bash-completion, just use the command:"
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc" wo_lib_echo_info "bash"
echo echo
wo_lib_echo "To install WordOps main stacks, use the command:" wo_lib_echo "To install WordOps recommended stacks, you can use the command:"
wo_lib_echo_info "wo stack install" wo_lib_echo_info "wo stack install"
echo
wo_lib_echo "To create a first WordPress site, you can use the command:"
wo_lib_echo_info "wo site create site.tld --wp"
fi fi
echo echo
wo_lib_echo "WordOps Documentation : https://docs.wordops.net" wo_lib_echo "WordOps Documentation : https://docs.wordops.net"
@@ -979,5 +994,7 @@ else
echo echo
wo_lib_echo "Give WordOps a GitHub star : https://github.com/WordOps/WordOps/" wo_lib_echo "Give WordOps a GitHub star : https://github.com/WordOps/WordOps/"
echo echo
fi fi
# if [ -z "$wo_travis" ]; then
# /bin/bash --init-file "/var/lib/wo/tmp/WordOps-$wo_branch/tests/init-file"
# fi

3
tests/init-file Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash --init-file
source /etc/bash_completion.d/wo_auto.rc
source ~/.bashrc

3
tests/travis.sh
View File

@@ -10,8 +10,7 @@ CGREEN="${CSI}1;32m"
CEND="${CSI}0m" CEND="${CSI}0m"
exit_script() { exit_script() {
tar -I pigz -cf wordops.tar.gz /var/log/wo curl --progress-bar --upload-file /var/log/wo/wordops.log https://transfer.vtbox.net/"$(basename wordops.log)" && echo "" | sudo tee -a $HOME/.transfer.log && echo ""
curl --progress-bar --upload-file wordops.tar.gz https://transfer.vtbox.net/"$(basename wordops.tar.gz)" && echo "" | sudo tee -a $HOME/.transfer.log && echo ""
exit 1 exit 1
} }

4
wo/cli/plugins/clean.py
View File

@@ -36,8 +36,8 @@ class WOCleanController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
pargs = self.app.pargs pargs = self.app.pargs
if (not (pargs.all or pargs.fastcgi or if (not (pargs.all or pargs.fastcgi
pargs.memcached or pargs.opcache or or pargs.opcache or
pargs.redis)): pargs.redis)):
self.clean_fastcgi() self.clean_fastcgi()
if pargs.all: if pargs.all:

1
wo/cli/plugins/debug.py
View File

@@ -15,7 +15,6 @@ import os
import configparser import configparser
import glob import glob
import signal import signal
import subprocess
def wo_debug_hook(app): def wo_debug_hook(app):

21
wo/cli/plugins/log.py
View File

@@ -1,17 +1,18 @@
"""Logfile Plugin for WordOps""" """Logfile Plugin for WordOps"""
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.logging import Log
from wo.cli.plugins.site_functions import logwatch
from wo.core.variables import WOVariables
from wo.core.fileutils import WOFileUtils
from wo.core.shellexec import WOShellExec
from wo.core.sendmail import WOSendMail
from wo.core.mysql import WOMysql
import os
import glob import glob
import gzip import gzip
import os
from cement.core import handler, hook
from cement.core.controller import CementBaseController, expose
from wo.cli.plugins.site_functions import logwatch
from wo.core.fileutils import WOFileUtils
from wo.core.logging import Log
from wo.core.mysql import WOMysql
from wo.core.sendmail import WOSendMail
from wo.core.shellexec import WOShellExec
from wo.core.variables import WOVariables
def wo_log_hook(app): def wo_log_hook(app):

4
wo/cli/plugins/maintenance.py
View File

@@ -1,9 +1,9 @@
"""Maintenance Plugin for WordOps""" """Maintenance Plugin for WordOps"""
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook from cement.core import handler, hook
from wo.core.logging import Log from cement.core.controller import CementBaseController, expose
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
from wo.core.logging import Log
def wo_maintenance_hook(app): def wo_maintenance_hook(app):

41
wo/cli/plugins/site.py
View File

@@ -1,23 +1,24 @@
# """WordOps site controller.""" # """WordOps site controller."""
from cement.core.controller import CementBaseController, expose import glob
import json
import os
import subprocess
from subprocess import Popen
from cement.core import handler, hook from cement.core import handler, hook
from wo.core.sslutils import SSL from cement.core.controller import CementBaseController, expose
from wo.core.variables import WOVariables
from wo.core.shellexec import WOShellExec
from wo.core.domainvalidate import ValidateDomain, GetDomainlevel
from wo.core.fileutils import WOFileUtils
from wo.cli.plugins.site_functions import * from wo.cli.plugins.site_functions import *
from wo.core.services import WOService from wo.cli.plugins.sitedb import (addNewSite, deleteSiteInfo, getAllsites,
from wo.cli.plugins.sitedb import (addNewSite, getSiteInfo, getSiteInfo, updateSiteInfo)
updateSiteInfo, deleteSiteInfo, getAllsites) from wo.core.domainvalidate import GetDomainlevel, ValidateDomain
from wo.core.fileutils import WOFileUtils
from wo.core.git import WOGit from wo.core.git import WOGit
from wo.core.logging import Log from wo.core.logging import Log
from subprocess import Popen
from wo.core.nginxhashbucket import hashbucket from wo.core.nginxhashbucket import hashbucket
import os from wo.core.services import WOService
import glob from wo.core.shellexec import WOShellExec
import subprocess from wo.core.sslutils import SSL
import json from wo.core.variables import WOVariables
def wo_site_hook(app): def wo_site_hook(app):
@@ -31,7 +32,6 @@ class WOSiteController(CementBaseController):
label = 'site' label = 'site'
stacked_on = 'base' stacked_on = 'base'
stacked_type = 'nested' stacked_type = 'nested'
exit_on_close = True
description = ('Performs website specific operations') description = ('Performs website specific operations')
arguments = [ arguments = [
(['site_name'], (['site_name'],
@@ -79,8 +79,7 @@ class WOSiteController(CementBaseController):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
else: else:
Log.error(self, "nginx configuration file does not exist" Log.error(self, "nginx configuration file does not exist")
.format(wo_domain))
@expose(help="Disable site example.com") @expose(help="Disable site example.com")
def disable(self): def disable(self):
@@ -121,8 +120,7 @@ class WOSiteController(CementBaseController):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
else: else:
Log.error(self, "nginx configuration file does not exist" Log.error(self, "nginx configuration file does not exist")
.format(wo_domain))
@expose(help="Get example.com information") @expose(help="Get example.com information")
def info(self): def info(self):
@@ -182,8 +180,7 @@ class WOSiteController(CementBaseController):
"disabled")) "disabled"))
self.app.render((data), 'siteinfo.mustache') self.app.render((data), 'siteinfo.mustache')
else: else:
Log.error(self, "nginx configuration file does not exist" Log.error(self, "nginx configuration file does not exist")
.format(wo_domain))
@expose(help="Monitor example.com logs") @expose(help="Monitor example.com logs")
def log(self): def log(self):
@@ -430,7 +427,7 @@ class WOSiteCreateController(CementBaseController):
pargs.site_name = pargs.site_name.strip() pargs.site_name = pargs.site_name.strip()
(wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name) (wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name)
if not wo_domain.strip(): if not wo_domain.strip():
Log.error("Invalid domain name, " Log.error(self, "Invalid domain name, "
"Provide valid domain name") "Provide valid domain name")
wo_site_webroot = WOVariables.wo_webroot + wo_domain wo_site_webroot = WOVariables.wo_webroot + wo_domain

30
wo/cli/plugins/site_functions.py
View File

@@ -81,10 +81,10 @@ def setupdomain(self, data):
out=wo_site_nginx_conf) out=wo_site_nginx_conf)
wo_site_nginx_conf.close() wo_site_nginx_conf.close()
except IOError as e: except IOError as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, str(e))
raise SiteError("create nginx configuration failed for site") raise SiteError("create nginx configuration failed for site")
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, str(e))
raise SiteError("create nginx configuration failed for site") raise SiteError("create nginx configuration failed for site")
finally: finally:
# Check nginx -t and return status over it # Check nginx -t and return status over it
@@ -126,7 +126,7 @@ def setupdomain(self, data):
'{0}/logs/error.log' '{0}/logs/error.log'
.format(wo_site_webroot)]) .format(wo_site_webroot)])
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, str(e))
raise SiteError("setup webroot failed for site") raise SiteError("setup webroot failed for site")
finally: finally:
# TODO Check if directories are setup # TODO Check if directories are setup
@@ -160,6 +160,7 @@ def setupdatabase(self, data):
if not wo_db_name: if not wo_db_name:
wo_db_name = wo_replace_dot wo_db_name = wo_replace_dot
wo_db_name = (wo_db_name[0:8] + generate_random())
if prompt_dbuser == 'True' or prompt_dbuser == 'true': if prompt_dbuser == 'True' or prompt_dbuser == 'true':
try: try:
@@ -173,12 +174,10 @@ def setupdatabase(self, data):
if not wo_db_username: if not wo_db_username:
wo_db_username = wo_replace_dot wo_db_username = wo_replace_dot
wo_db_username = (wo_db_name[0:8] + generate_random())
if not wo_db_password: if not wo_db_password:
wo_db_password = wo_random_pass wo_db_password = wo_random_pass
wo_db_username = (wo_db_name[0:8] + generate_random())
wo_db_name = (wo_db_name[0:8] + generate_random())
# create MySQL database # create MySQL database
Log.info(self, "Setting up database\t\t", end='') Log.info(self, "Setting up database\t\t", end='')
Log.debug(self, "Creating database {0}".format(wo_db_name)) Log.debug(self, "Creating database {0}".format(wo_db_name))
@@ -241,9 +240,6 @@ def setupwordpress(self, data, vhostonly=False):
wo_random_pass = (''.join(random.sample(string.ascii_uppercase + wo_random_pass = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.ascii_lowercase +
string.digits, 24))) string.digits, 24)))
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase +
string.digits, 8)))
wo_wp_prefix = '' wo_wp_prefix = ''
# wo_wp_user = '' # wo_wp_user = ''
# wo_wp_pass = '' # wo_wp_pass = ''
@@ -267,7 +263,7 @@ def setupwordpress(self, data, vhostonly=False):
raise SiteError("download WordPress core failed") raise SiteError("download WordPress core failed")
except CommandExecutionError: except CommandExecutionError:
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]")
raise SiteError(self, "download WordPress core failed") raise SiteError("download WordPress core failed")
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
@@ -730,6 +726,7 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data):
def setwebrootpermissions(self, webroot): def setwebrootpermissions(self, webroot):
Log.debug(self, "Setting up permissions") Log.debug(self, "Setting up permissions")
try: try:
WOFileUtils.findBrokenSymlink(self, '/var/www/')
WOFileUtils.chown(self, webroot, WOVariables.wo_php_user, WOFileUtils.chown(self, webroot, WOVariables.wo_php_user,
WOVariables.wo_php_user, recursive=True) WOVariables.wo_php_user, recursive=True)
except Exception as e: except Exception as e:
@@ -917,7 +914,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot):
try: try:
wo_wp_user = input("Provide WordPress user name [admin]: ") wo_wp_user = input("Provide WordPress user name [admin]: ")
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, str(e))
Log.error(self, "\nCould not update password") Log.error(self, "\nCould not update password")
if wo_wp_user == "?": if wo_wp_user == "?":
@@ -951,7 +948,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot):
"{0} user: " "{0} user: "
.format(wo_wp_user)) .format(wo_wp_user))
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, str(e))
raise SiteError("failed to read password input ") raise SiteError("failed to read password input ")
try: try:
@@ -1345,15 +1342,15 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
if dbname: if dbname:
if not dbuser: if not dbuser:
raise SiteError("dbuser not provided") raise SiteError("dbuser not provided")
if not dbhost: if not dbhost:
raise SiteError("dbhost not provided") raise SiteError("dbhost not provided")
deleteDB(self, dbname, dbuser, dbhost) deleteDB(self, dbname, dbuser, dbhost)
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
wo_dns=False, wo_acme_dns='dns_cf'): wo_dns=False, wo_acme_dns='dns_cf', backend=False):
if os.path.isfile("/etc/letsencrypt/" if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/" "renewal/{0}_ecc/"
@@ -1446,8 +1443,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
'/etc/letsencrypt'): '/etc/letsencrypt'):
Log.info(self, "Securing WordOps backend with {0} certificate" Log.info(self, "Securing WordOps backend with {0} certificate"
.format(wo_domain_name)) .format(wo_domain_name))
sslconf = open("/var/www/22222/conf/nginx/ssl.conf" sslconf = open("/var/www/22222/conf/nginx/ssl.conf",
.format(wo_domain_name),
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
sslconf.write("ssl_certificate {0}/{1}/fullchain.pem;\n" sslconf.write("ssl_certificate {0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n" "ssl_certificate_key {0}/{1}/key.pem;\n"

29
wo/cli/plugins/stack.py
View File

@@ -1,27 +1,25 @@
"""Stack Plugin for WordOps""" """Stack Plugin for WordOps"""
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
import codecs import codecs
import configparser import configparser
import os import os
import pwd import pwd
import random import random
import re
import shutil import shutil
import string import string
import re
import requests import requests
import psutil import psutil
from cement.core import handler, hook
# from pynginxconfig import NginxConfig from cement.core.controller import CementBaseController, expose
from wo.cli.plugins.site_functions import * from wo.cli.plugins.site_functions import *
from wo.cli.plugins.sitedb import * from wo.cli.plugins.sitedb import *
from wo.cli.plugins.stack_migrate import WOStackMigrateController from wo.cli.plugins.stack_migrate import WOStackMigrateController
from wo.cli.plugins.stack_pref import post_pref, pre_pref
from wo.cli.plugins.stack_services import WOStackStatusController from wo.cli.plugins.stack_services import WOStackStatusController
from wo.cli.plugins.stack_upgrade import WOStackUpgradeController from wo.cli.plugins.stack_upgrade import WOStackUpgradeController
from wo.cli.plugins.stack_pref import pre_pref, post_pref
from wo.core.apt_repo import WORepo from wo.core.apt_repo import WORepo
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
from wo.core.cron import WOCron from wo.core.cron import WOCron
@@ -33,8 +31,8 @@ from wo.core.logging import Log
from wo.core.mysql import WOMysql from wo.core.mysql import WOMysql
from wo.core.services import WOService from wo.core.services import WOService
from wo.core.shellexec import CommandExecutionError, WOShellExec from wo.core.shellexec import CommandExecutionError, WOShellExec
from wo.core.variables import WOVariables
from wo.core.template import WOTemplate from wo.core.template import WOTemplate
from wo.core.variables import WOVariables
def wo_stack_hook(app): def wo_stack_hook(app):
@@ -202,8 +200,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Setting apt_packages variable for PHP 7.2") Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
if not (WOAptGet.is_installed(self, 'php7.3-fpm')): if not (WOAptGet.is_installed(self, 'php7.3-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + \ apt_packages = (apt_packages + WOVariables.wo_php +
WOVariables.wo_php_extra WOVariables.wo_php_extra)
else: else:
apt_packages = apt_packages + WOVariables.wo_php apt_packages = apt_packages + WOVariables.wo_php
else: else:
@@ -215,8 +213,9 @@ class WOStackController(CementBaseController):
Log.debug(self, "Setting apt_packages variable for PHP 7.3") Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + \ apt_packages = (apt_packages + WOVariables.wo_php +
WOVariables.wo_php73 + WOVariables.wo_php_extra WOVariables.wo_php73 +
WOVariables.wo_php_extra)
else: else:
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
else: else:
@@ -706,7 +705,8 @@ class WOStackController(CementBaseController):
else: else:
WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/"
"libexec/netdata/" "libexec/netdata/"
"netdata-uninstaller.sh -y -f") "netdata-uninstaller.sh - y - f",
errormsg='', log=False)
if (packages): if (packages):
Log.info(self, "Removing packages, please wait...") Log.info(self, "Removing packages, please wait...")
@@ -926,7 +926,8 @@ class WOStackController(CementBaseController):
if WOVariables.wo_distro == 'Raspbian': if WOVariables.wo_distro == 'Raspbian':
WOShellExec.cmd_exec(self, "bash /usr/" WOShellExec.cmd_exec(self, "bash /usr/"
"libexec/netdata/netdata-" "libexec/netdata/netdata-"
"uninstaller.sh -y -f") "uninstaller.sh -y -f",
errormsg='', log=False)
else: else:
WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/" WOShellExec.cmd_exec(self, "bash /opt/netdata/usr/"
"libexec/netdata/netdata-" "libexec/netdata/netdata-"

17
wo/cli/plugins/stack_migrate.py
View File

@@ -1,14 +1,15 @@
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.mysql import WOMysql
from wo.core.logging import Log
from wo.core.variables import WOVariables
from wo.core.aptget import WOAptGet
from wo.core.shellexec import WOShellExec
from wo.core.apt_repo import WORepo
import configparser import configparser
import os import os
from cement.core import handler, hook
from cement.core.controller import CementBaseController, expose
from wo.core.apt_repo import WORepo
from wo.core.aptget import WOAptGet
from wo.core.logging import Log
from wo.core.mysql import WOMysql
from wo.core.shellexec import WOShellExec
from wo.core.variables import WOVariables
class WOStackMigrateController(CementBaseController): class WOStackMigrateController(CementBaseController):
class Meta: class Meta:

40
wo/cli/plugins/stack_pref.py
View File

@@ -4,6 +4,7 @@ import os
import random import random
import shutil import shutil
import string import string
import psutil import psutil
import requests import requests
@@ -11,15 +12,17 @@ from wo.cli.plugins.site_functions import *
from wo.cli.plugins.stack_services import WOStackStatusController from wo.cli.plugins.stack_services import WOStackStatusController
from wo.core.apt_repo import WORepo from wo.core.apt_repo import WORepo
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
from wo.core.checkfqdn import check_fqdn_ip
from wo.core.cron import WOCron from wo.core.cron import WOCron
from wo.core.domainvalidate import GetDomainlevel
from wo.core.extract import WOExtract from wo.core.extract import WOExtract
from wo.core.fileutils import WOFileUtils from wo.core.fileutils import WOFileUtils
from wo.core.git import WOGit from wo.core.git import WOGit
from wo.core.template import WOTemplate
from wo.core.logging import Log from wo.core.logging import Log
from wo.core.mysql import WOMysql from wo.core.mysql import WOMysql
from wo.core.services import WOService from wo.core.services import WOService
from wo.core.shellexec import CommandExecutionError, WOShellExec from wo.core.shellexec import CommandExecutionError, WOShellExec
from wo.core.template import WOTemplate
from wo.core.variables import WOVariables from wo.core.variables import WOVariables
@@ -70,7 +73,7 @@ def pre_pref(self, apt_packages):
log=False) log=False)
except CommandExecutionError as e: except CommandExecutionError as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.error("Failed to initialize MySQL package") Log.error(self, "Failed to initialize MySQL package")
Log.debug(self, "echo \"mariadb-server-{0} " Log.debug(self, "echo \"mariadb-server-{0} "
"mysql-server/root_password_again " "mysql-server/root_password_again "
@@ -86,7 +89,7 @@ def pre_pref(self, apt_packages):
log=False) log=False)
except CommandExecutionError as e: except CommandExecutionError as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.error("Failed to initialize MySQL package") Log.error(self, "Failed to initialize MySQL package")
# generate my.cnf root credentials # generate my.cnf root credentials
mysql_config = """ mysql_config = """
[client] [client]
@@ -359,16 +362,16 @@ def post_pref(self, apt_packages, packages, upgrade=False):
'/etc/nginx/sites-available') '/etc/nginx/sites-available')
os.makedirs('/etc/nginx/sites-enabled') os.makedirs('/etc/nginx/sites-enabled')
# 22222 port settings # 22222 port settings
if not os.path.isfile('/etc/nginx/sites-available/22222'): data = dict(webroot=ngxroot)
data = dict(webroot=ngxroot) WOTemplate.render(
WOTemplate.render( self,
self, '/etc/nginx/sites-available/22222',
'/etc/nginx/sites-available/22222', '22222.mustache', data, overwrite=False)
'22222.mustache', data, overwrite=False) passwd = ''.join([random.choice
passwd = ''.join([random.choice (string.ascii_letters + string.digits)
(string.ascii_letters + string.digits) for n in range(24)])
for n in range(24)]) if not os.path.isfile('/etc/nginx/htpasswd-wo'):
try: try:
WOShellExec.cmd_exec( WOShellExec.cmd_exec(
self, "printf \"WordOps:" self, "printf \"WordOps:"
@@ -380,8 +383,8 @@ def post_pref(self, apt_packages, packages, upgrade=False):
except CommandExecutionError as e: except CommandExecutionError as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.error(self, "Failed to save HTTP Auth") Log.error(self, "Failed to save HTTP Auth")
if not os.path.islink('/etc/nginx/sites-enabled/22222'):
# Create Symbolic link for 22222 # Create Symbolic link for 22222
WOFileUtils.create_symlink( WOFileUtils.create_symlink(
self, ['/etc/nginx/' self, ['/etc/nginx/'
'sites-available/' 'sites-available/'
@@ -1280,7 +1283,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
self, "/usr/local/bin/composer update " self, "/usr/local/bin/composer update "
"--no-plugins --no-scripts " "--no-plugins --no-scripts "
"-n --no-dev -d " "-n --no-dev -d "
"/var/www/22222/htdocs/db/pma/") "/var/www/22222/htdocs/db/pma/ &")
WOFileUtils.chown( WOFileUtils.chown(
self, '{0}22222/htdocs/db/pma' self, '{0}22222/htdocs/db/pma'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
@@ -1302,7 +1305,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
"--no-scripts -n -s dev " "--no-scripts -n -s dev "
"erik-dubbelboer/php-redis-admin " "erik-dubbelboer/php-redis-admin "
"/var/www/22222/htdocs/cache" "/var/www/22222/htdocs/cache"
"/redis/phpRedisAdmin ") "/redis/phpRedisAdmin &")
WOFileUtils.chown(self, '{0}22222/htdocs' WOFileUtils.chown(self, '{0}22222/htdocs'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
'www-data', 'www-data',
@@ -1321,7 +1324,8 @@ def post_pref(self, apt_packages, packages, upgrade=False):
Log.info(self, "Installing Netdata, please wait...") Log.info(self, "Installing Netdata, please wait...")
WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/" WOShellExec.cmd_exec(self, "bash /var/lib/wo/tmp/"
"kickstart.sh " "kickstart.sh "
"--dont-wait") "--dont-wait",
errormsg='', log=False)
if os.path.isdir('/etc/netdata'): if os.path.isdir('/etc/netdata'):
wo_netdata = "/" wo_netdata = "/"
elif os.path.isdir('/opt/netdata'): elif os.path.isdir('/opt/netdata'):

13
wo/cli/plugins/stack_services.py
View File

@@ -1,11 +1,12 @@
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.services import WOService
from wo.core.logging import Log
from wo.core.variables import WOVariables
from wo.core.aptget import WOAptGet
import os import os
from cement.core import handler, hook
from cement.core.controller import CementBaseController, expose
from wo.core.aptget import WOAptGet
from wo.core.logging import Log
from wo.core.services import WOService
from wo.core.variables import WOVariables
class WOStackStatusController(CementBaseController): class WOStackStatusController(CementBaseController):
class Meta: class Meta:

4
wo/cli/plugins/stack_upgrade.py
View File

@@ -1,8 +1,9 @@
import os import os
import shutil import shutil
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook from cement.core import handler, hook
from cement.core.controller import CementBaseController, expose
from wo.cli.plugins.stack_pref import post_pref, pre_pref
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
from wo.core.download import WODownload from wo.core.download import WODownload
from wo.core.extract import WOExtract from wo.core.extract import WOExtract
@@ -11,7 +12,6 @@ from wo.core.logging import Log
from wo.core.services import WOService from wo.core.services import WOService
from wo.core.shellexec import WOShellExec from wo.core.shellexec import WOShellExec
from wo.core.variables import WOVariables from wo.core.variables import WOVariables
from wo.cli.plugins.stack_pref import pre_pref, post_pref
class WOStackUpgradeController(CementBaseController): class WOStackUpgradeController(CementBaseController):

13
wo/cli/plugins/sync.py
View File

@@ -1,11 +1,12 @@
from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook
from wo.core.fileutils import WOFileUtils
from wo.cli.plugins.sitedb import updateSiteInfo, getAllsites
from wo.core.mysql import WOMysql, StatementExcecutionError
from wo.core.logging import Log
import glob import glob
from cement.core import handler, hook
from cement.core.controller import CementBaseController, expose
from wo.cli.plugins.sitedb import getAllsites, updateSiteInfo
from wo.core.fileutils import WOFileUtils
from wo.core.logging import Log
from wo.core.mysql import StatementExcecutionError, WOMysql
def wo_sync_hook(app): def wo_sync_hook(app):
pass pass

1
wo/cli/templates/acl.mustache
View File

@@ -5,4 +5,5 @@ auth_basic "Restricted Area";
auth_basic_user_file htpasswd-wo; auth_basic_user_file htpasswd-wo;
# Allowed IP Address List # Allowed IP Address List
allow 127.0.0.1; allow 127.0.0.1;
allow ::1;
deny all; deny all;

6
wo/cli/templates/fail2ban.mustache
View File

@@ -1,3 +1,6 @@
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1
[recidive] [recidive]
enabled = true enabled = true
@@ -19,6 +22,3 @@ enabled = true
filter = nginx-forbidden filter = nginx-forbidden
action = iptables-multiport[name="wo-wordpress", port="http,https"] action = iptables-multiport[name="wo-wordpress", port="http,https"]
logpath = /var/log/nginx/*error*.log logpath = /var/log/nginx/*error*.log
findtime = 60
bantime = 6000
maxretry = 5

16
wo/cli/templates/locations.mustache
View File

@@ -2,20 +2,26 @@
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files # Basic locations files
location = /favicon.ico { location = /favicon.ico {
access_log off; try_files /wp-content/uploads/fbrfg/favicon.ico $uri $uri/ /index.php?$args @empty_gif;
log_not_found off; access_log off;
expires max; log_not_found off;
expires max;
}
location @empty_gif {
empty_gif;
} }
# Cache static files # Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json|webmanifest)$ { location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json|webmanifest)$ {
add_header "Access-Control-Allow-Origin" "*"; more_set_headers 'Access-Control-Allow-Origin : "*"';
more_set_headers "Cache-Control : public, no-transform";
access_log off; access_log off;
log_not_found off; log_not_found off;
expires max; expires max;
} }
# Cache css & js files # Cache css & js files
location ~* \.(?:css(\.map)?|js(\.map)?)$ { location ~* \.(?:css(\.map)?|js(\.map)?)$ {
add_header "Access-Control-Allow-Origin" "*"; more_set_headers 'Access-Control-Allow-Origin : "*"';
more_set_headers "Cache-Control : public, no-transform";
access_log off; access_log off;
log_not_found off; log_not_found off;
expires 30d; expires 30d;

98
wo/cli/templates/mime.mustache Normal file
View File

@@ -0,0 +1,98 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
font/ttf ttf;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

1
wo/cli/templates/nginx-core.mustache
View File

@@ -32,6 +32,7 @@ http {
# Limit Request # Limit Request
limit_req_status 403; limit_req_status 403;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=two:10m rate=10r/s;
# Proxy Settings # Proxy Settings
# set_real_ip_from proxy-server-ip; # set_real_ip_from proxy-server-ip;

12
wo/cli/templates/wpcommon.mustache
View File

@@ -6,6 +6,18 @@ location = /wp-login.php {
include fastcgi_params; include fastcgi_params;
fastcgi_pass {{upstream}}; fastcgi_pass {{upstream}};
} }
# Prevent DoS attacks on wp-cron
location = /wp-cron.php {
limit_req zone=two burst=1 nodelay;
include fastcgi_params;
fastcgi_pass {{upstream}};
}
# Prevent Dos attacks with xmlrpc.php
location = /xmlrpc.php {
limit_req zone=two burst=1 nodelay;
include fastcgi_params;
fastcgi_pass {{upstream}};
}
# Disable wp-config.txt # Disable wp-config.txt
location = /wp-config.txt { location = /wp-config.txt {
deny all; deny all;

16
wo/core/checkfqdn.py
View File

@@ -1,5 +1,6 @@
from wo.core.shellexec import WOShellExec from wo.core.shellexec import WOShellExec
from wo.core.variables import WOVariables from wo.core.variables import WOVariables
import requests
def check_fqdn(self, wo_host): def check_fqdn(self, wo_host):
@@ -20,3 +21,18 @@ def check_fqdn(self, wo_host):
else: else:
wo_host = input("Enter hostname [fqdn]:") wo_host = input("Enter hostname [fqdn]:")
check_fqdn(self, wo_host) check_fqdn(self, wo_host)
def check_fqdn_ip(self):
"""Check if server hostname resolved server IP"""
x = requests.get('http://v4.wordops.eu')
ip = (x.text).strip()
wo_fqdn = WOVariables.wo_fqdn
y = requests.get('http://v4.wordops.eu/dns/{0}/'.format(wo_fqdn))
ip_fqdn = (y.text).strip()
if ip == ip_fqdn:
return True
else:
return False

6
wo/core/logwatch.py
View File

@@ -49,9 +49,9 @@ class LogWatcher(object):
# assert (os.path.isdir(self.folder), "%s does not exists" # assert (os.path.isdir(self.folder), "%s does not exists"
# % self.folder) # % self.folder)
for file in self.filelist: for file in self.filelist:
assert (os.path.isfile(file)) if not os.path.isfile(file):
assert callable(callback) if not callable(callback):
self.update_files() self.update_files()
# The first time we run the script we move all file markers at EOF. # The first time we run the script we move all file markers at EOF.
# In case of files created afterwards we don't do this. # In case of files created afterwards we don't do this.
for id, file in list(iter(self.files_map.items())): for id, file in list(iter(self.files_map.items())):

18
wo/core/shellexec.py
View File

@@ -48,15 +48,15 @@ class WOShellExec():
try: try:
subprocess.call(['sensible-editor', filepath]) subprocess.call(['sensible-editor', filepath])
except OSError as e: except OSError as e:
Log.debug(self, "{0}{1}".format(e.errno, e.strerror)) Log.debug(self, "{0}{1}".format(e.errno, e.strerror))
raise CommandExecutionError raise CommandExecutionError
def cmd_exec_stdout(self, command, errormsg='', log=True): def cmd_exec_stdout(self, command, errormsg='', log=True):
"""Run shell command from Python""" """Run shell command from Python"""
try: try:
log and Log.debug(self, "Running command: {0}".format(command)) log and Log.debug(self, "Running command: command -v {0}".format(command))
check_command = 'command -v' + command
with subprocess.Popen([command], stdout=subprocess.PIPE, with subprocess.Popen([check_command], stdout=subprocess.PIPE,
stderr=subprocess.PIPE, shell=True) as proc: stderr=subprocess.PIPE, shell=True) as proc:
(cmd_stdout_bytes, cmd_stderr_bytes) = proc.communicate() (cmd_stdout_bytes, cmd_stderr_bytes) = proc.communicate()
(cmd_stdout, cmd_stderr) = (cmd_stdout_bytes.decode('utf-8', (cmd_stdout, cmd_stderr) = (cmd_stdout_bytes.decode('utf-8',
@@ -73,8 +73,8 @@ class WOShellExec():
.format(cmd_stdout, cmd_stderr)) .format(cmd_stdout, cmd_stderr))
return cmd_stdout return cmd_stdout
except OSError as e: except OSError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
raise CommandExecutionError raise CommandExecutionError
except Exception as e: except Exception as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
raise CommandExecutionError raise CommandExecutionError