Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update install script

Browse Source 
* add acme.sh setup
* add nginx upgrade from nginx-ee
This commit is contained in:
VirtuBox
2019-03-14 12:40:52 +01:00
parent 0342614c82
commit 0c8aca3dd8
3 changed files with 149 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

300
install
View File

@@ -7,10 +7,10 @@
# Copyright (c) 2019 - WordOps # Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T # This script is licensed under M.I.T
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.3 - 2019-03-11 # Version 3.9.3 - 2019-03-14
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.3.1" readonly wo_version_new="3.9.4"
# CONTENTS # CONTENTS
# --- # ---
# 1. VARIABLES AND DECLARATIONS # 1. VARIABLES AND DECLARATIONS
@@ -85,11 +85,17 @@ fi
# 1 - Define variables for later use # 1 - Define variables for later use
### ###
wo_branch="$1" wo_branch="$1"
migration=0
readonly wo_log_dir=/var/log/wo/ readonly wo_log_dir=/var/log/wo/
readonly wo_install_log=/var/log/wo/install.log readonly wo_install_log=/var/log/wo/install.log
readonly wo_linux_distro=$(lsb_release -i | awk '{print $3}') readonly wo_linux_distro=$(lsb_release -is)
readonly wo_distro_version=$(lsb_release -sc) readonly wo_distro_version=$(lsb_release -sc)
readonly wo_distro_id=$(lsb_release -rs)
if [ -x /usr/loca/bin/ee ]; then
migration=1
else
migration=0
fi
### ###
# 1 - Checking linux distro # 1 - Checking linux distro
@@ -125,16 +131,16 @@ fi
#### ####
wo_install_dep() wo_install_dep()
{ {
{ {
if [ "$wo_linux_distro" == "Ubuntu" ]; then if [ "$wo_linux_distro" == "Ubuntu" ]; then
apt-get -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1 apt-get -y -qq install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1
else else
apt-get -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1 apt-get -y -qq install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1
fi fi
locale-gen en locale-gen en
} >> /var/log/wo/install.log 2>&1 } >> /var/log/wo/install.log 2>&1
# Support PFS # Support PFS
if [ -f /etc/nginx/nginx.conf ]; then if [ -f /etc/nginx/nginx.conf ]; then
# Replace previous ciphers # Replace previous ciphers
@@ -205,7 +211,8 @@ wo_sync_db()
fi fi
# Check site is enable/live or disable # Check site is enable/live or disable
for site in $(ls /etc/nginx/sites-available/ | grep -v default); cd /etc/nginx/sites-available || exit 1
for site in $(echo \* | grep -v default);
do do
if [ -f "/etc/nginx/sites-enabled/$site" ]; then if [ -f "/etc/nginx/sites-enabled/$site" ]; then
wo_site_status='1' wo_site_status='1'
@@ -214,7 +221,7 @@ wo_sync_db()
fi fi
# Acquire information about the current nginx configuration # Acquire information about the current nginx configuration
wo_site_current_type=$(head -n1 /etc/nginx/sites-available/$site | grep "NGINX CONFIGURATION" | rev | cut -d' ' -f3,4,5,6,7 | rev | cut -d ' ' -f2,3,4,5) wo_site_current_type=$(head -n1 "/etc/nginx/sites-available/$site" | grep "NGINX CONFIGURATION" | rev | cut -d' ' -f3,4,5,6,7 | rev | cut -d ' ' -f2,3,4,5)
# Sniff out the vhost type and cache configuration # Sniff out the vhost type and cache configuration
if [ "$wo_site_current_type" = "HTML" ]; then if [ "$wo_site_current_type" = "HTML" ]; then
@@ -282,29 +289,6 @@ wo_sync_db()
echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db
echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db
###
# ee-acme-sh by VirtuBox, https://virtubox.net/
###
if [ ! -f ~/.acme.sh/acme.sh ]; then
wget -O - https://get.acme.sh | sh
BASHRC_EE_ACME_FIRST_RELEASE=$(grep "ee-acme" $HOME/.bashrc)
BASHRC_EE_ACME_LAST_RELEASE=$(grep "ee-acme.sh" $HOME/.bashrc)
if [ -f $HOME/.ee-acme/ee-acme ] && [ -z "$BASHRC_EE_ACME_LAST_RELEASE" ]; then
rm -rf $HOME/.ee-acme/*
echo 'alias ee-acme="/root/.ee-acme/ee-acme.sh"' >> $HOME/.ee-acme/ee-acme
wget -qO $HOME/.ee-acme/ee-acme.sh https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh
chmod +x $HOME/.ee-acme/ee-acme.sh
elif [ -x $HOME/.ee-acme/ee-acme.sh ]; then
rm $HOME/.ee-acme/ee-acme.sh
wget -qO $HOME/.ee-acme/ee-acme.sh https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh
chmod +x $HOME/.ee-acme/ee-acme.sh
elif [ ! -d $HOME/.ee-acme ]; then
mkdir -p $HOME/.ee-acme
wget -qO /usr/local/bin/wo-acme https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh
chmod +x /usr/local/bin/wo-acme
fi
fi
} }
# Once again, set the proper ACL on the WordOps configuration directory # Once again, set the proper ACL on the WordOps configuration directory
@@ -322,26 +306,61 @@ secure_wo_db()
wo_update_wp_cli() wo_update_wp_cli()
{ {
{ {
WP_CLI_PATH=$(command -v wp) WP_CLI_PATH=$(command -v wp)
if [ "$WP_CLI_PATH" != "/usr/local/bin/wp" ]; then if [ -n "$WP_CLI_PATH" ]; then
rm -rf "$WP_CLI_PATH" rm -rf "$WP_CLI_PATH"
# Update WP-CLI to the most recent version # Update WP-CLI to the most recent version
wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x /usr/local/bin/wp chmod +x /usr/local/bin/wp
else else
wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x /usr/local/bin/wp chmod +x /usr/local/bin/wp
fi fi
[ ! -x /usr/bin/wp ] && { [ ! -h /usr/bin/wp ] && {
ln -s /usr/local/bin/wp /usr/bin/ ln -s /usr/local/bin/wp /usr/bin/
} }
[ -d /etc/bash_completion.d ] && { [ ! -f /etc/bash_completion.d/wp-completion.bash ] && {
wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash
} }
wp --allow-root cli update wp --allow-root cli update
} >> /var/log/wo/install.log 2>&1 } >> /var/log/wo/install.log 2>&1
} }
wo_install_acme_sh() {
# check if acme.sh is already installed
if [ ! -d /opt/acme.sh ]; then
{
# clone the git repository
git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q
cd /opt/acme.sh || exit 1
# create conf directories
[ ! -d /etc/letsencrypt/config ] && {
mkdir -p /etc/letsencrypt/config
}
[ ! -d /etc/letsencrypt/live ] && {
mkdir -p /etc/letsencrypt/live
}
[ ! -d /etc/letsencrypt/renewal ] && {
mkdir -p /etc/letsencrypt/renewal
}
# install acme.sh
./acme.sh --install \
--home /etc/letsencrypt \
--config-home /etc/letsencrypt/config \
--cert-home /etc/letsencrypt/renewal
# enable auto-upgrade
/etc/letsencrypt/acme.sh --upgrade --auto-upgrade
# Let's Encrypt .well-known folder setup
if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
mkdir -p /var/www/html/.well-known/acme-challenge
chown -R www-data:www-data /var/www/html /var/www/html/.well-known
fi
} >> /var/log/wo/install.log
fi
}
# Now, finally, let's install WordOps # Now, finally, let's install WordOps
wo_install() wo_install()
{ {
@@ -357,9 +376,63 @@ wo_install()
cd /tmp/wordops || exit 1 cd /tmp/wordops || exit 1
} >> /var/log/wo/install.log 2>&1; } >> /var/log/wo/install.log 2>&1;
python3 setup.py install python3 setup.py install
}
wo_upgrade_nginx()
{
# chec if the package nginx-ee is installed
CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
if [ -n "$CHECK_NGINX_EE" ]; then
{
# add new Nginx repository
if [ "$wo_linux_distro" = "Ubuntu" ]; then
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/xUbuntu_${wo_distro_id}/ /" >> /etc/apt/sources.list.d/wo-repo.list
wget -qO /tmp/nginx-wo.key "https://download.opensuse.org/repositories/home:virtubox:WordOps/xUbuntu_${wo_distro_id}/Release.key"
else
if [ "$wo_distro_version" == "jessie" ]; then
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_8.0/ /" > /etc/apt/sources.list.d/wo-repo.list
wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key
else
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_9.0/ /" > /etc/apt/sources.list.d/wo-repo.list
wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key
fi
fi
# prevent apt preference to block install
[ -f /etc/apt/preferences.d/nginx-block ] && {
mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block"
}
# import the respository key for updates
apt-key add - < /tmp/nginx-wo.key
rm -f /tmp/nginx-wo.key
sudo apt-get update
# stop nginx
service nginx stop
# remove previous package
apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom
# install new nginx package
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confnew" -y install nginx-custom nginx-wo
# set back apt preference
[ -f "$HOME/nginx-block" ] && {
mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block
}
# update nginx headers and ssl_ciphers
if [ -f /etc/nginx/nginx.conf ]; then
sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/nginx.conf &>> /dev/null
new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
fi
# update redis.conf headers
if [ -f /etc/nginx/common/redis.conf ]; then
sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
fi
systemctl enable nginx
systemctl restart nginx
} >> /var/log/wo/install.log 2>&1
fi
} }
wo_update_latest() wo_update_latest()
@@ -410,77 +483,6 @@ wo_update_latest()
fi fi
fi fi
if [ -f /etc/nginx/nginx.conf ]; then
wo_lib_echo "Updating Nginx configuration, please wait..."
elif [ "$wo_distro_version" == "trusty" ]; then
grep -Hr 'http://download.opensuse.org/repositories/home:/virtubox:/WordOps/xUbuntu_14.04/ /' /etc/apt/sources.list.d/ &>> /dev/null
if [[ $? -ne 0 ]]; then
if [ -f /etc/apt/sources.list.d/rtcamp-nginx-trusty.list ]; then
rm -rf /etc/apt/sources.list.d/rtcamp-nginx-trusty.list
fi
echo -e "\ndeb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/xUbuntu_14.04/ /" >> /etc/apt/sources.list.d/wo-repo.list
gpg --keyserver "hkp://pgp.mit.edu" --recv-keys '188C9FB063F0247A'
gpg -a --export --armor '188C9FB063F0247A' | apt-key add -
if [ -f /etc/nginx/conf.d/ee-nginx.conf ]; then
mv /etc/nginx/conf.d/ee-nginx.conf /etc/nginx/conf.d/wo-nginx.conf.old &>> /dev/null
fi
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old &>> /dev/null
apt-get update
service nginx stop &>> /dev/null
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install nginx-custom nginx-wo
service nginx restart &>> /dev/null
fi
CHECK_NGINX_COMMON=$(dpkg --get-selections | grep -v deinstall | grep nginx-common)
if [ -n "$CHECK_NGINX_COMMON" ]; then
apt-get update
CHECK_NGINX_MAILINE=$(dpkg --get-selections | grep -v deinstall | grep nginx-mainline)
if [ -n "$CHECK_NGINX_MAILINE" ]; then
apt-get remove -y nginx-mainline
fi
service nginx stop &>> /dev/null
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y --allow-unauthenticated install nginx-wo nginx-custom
service nginx restart &>> /dev/null
fi
elif [ "$wo_linux_distro" == "Debian" ]; then
grep -Hr 'http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_8.0/ /' /etc/apt/sources.list.d/ &>> /dev/null
if [[ $? -ne 0 ]]; then
echo -e "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_8.0/ /" >> /etc/apt/sources.list.d/wo-repo.list
gpg --keyserver "hkp://pgp.mit.edu" --recv-keys '188C9FB063F0247A'
gpg -a --export --armor '188C9FB063F0247A' | apt-key add -
if [ -f /etc/nginx/conf.d/ee-nginx.conf ]; then
mv /etc/nginx/conf.d/ee-nginx.conf /etc/nginx/conf.d/ee-nginx.conf.old &>> /dev/null
fi
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old &>> /dev/null
mv /etc/nginx/fastcgi_params /etc/nginx/fastcgi_params.old &>> /dev/null
apt-get update
systemctl stop nginx &>> /dev/null
apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install nginx-custom
systemctl restart nginx &>> /dev/null
fi
CHECK_NGINX_COMMON=$(dpkg --get-selections | grep -v deinstall | grep nginx-common)
if [ -n "$CHECK_NGINX_COMMON" ]; then
apt-get update
CHECK_NGINX_MAILINE=$(dpkg --get-selections | grep -v deinstall | grep nginx-mainline)
if [ -n "$CHECK_NGINX_MAILINE" ]; then
apt-get remove -y nginx-mainline
fi
systemctl stop nginx &>> /dev/null
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y --allow-unauthenticated install nginx-wo nginx-custom
systemctl restart nginx &>> /dev/null
fi
fi
if [ -f /etc/nginx/nginx.conf ]; then
sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/nginx.conf &>> /dev/null
fi
if [ -f /etc/nginx/conf.d/wo-plus.conf ]; then
sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/conf.d/wo-plus.conf &>> /dev/null
fi
# Fix WordPress example.html issue # Fix WordPress example.html issue
# Ref: http://wptavern.com/xss-vulnerability-in-jetpack-and-the-twenty-fifteen-default-theme-affects-millions-of-wordpress-users # Ref: http://wptavern.com/xss-vulnerability-in-jetpack-and-the-twenty-fifteen-default-theme-affects-millions-of-wordpress-users
dpkg --get-selections | grep -v deinstall | grep nginx &>> /dev/null dpkg --get-selections | grep -v deinstall | grep nginx &>> /dev/null
@@ -488,12 +490,6 @@ wo_update_latest()
cp /usr/lib/wo/templates/locations.mustache /etc/nginx/common/locations.conf &>> /dev/null cp /usr/lib/wo/templates/locations.mustache /etc/nginx/common/locations.conf &>> /dev/null
fi fi
if [ -f /etc/nginx/common/redis.conf ]; then
sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
fi
# Fix Redis-server security issue # Fix Redis-server security issue
# http://redis.io/topics/security # http://redis.io/topics/security
if [ -f /etc/redis/redis.conf ]; then if [ -f /etc/redis/redis.conf ]; then
@@ -507,7 +503,7 @@ wo_update_latest()
# Let's Encrypt .well-known folder setup # Let's Encrypt .well-known folder setup
if [ ! -d /var/www/html/.well-known/acme-challenge ]; then if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
mkdir -p /var/www/html/.well-known/acme-challenge mkdir -p /var/www/html/.well-known/acme-challenge
chown -R www-data:www-data /var/www/html/.well-known chown -R www-data:www-data /var/www/html /var/www/html/.well-known
fi fi
@@ -533,22 +529,6 @@ wo_update_latest()
fi fi
fi fi
# Support PFS
if [ -f /etc/nginx/nginx.conf ]; then
# Replace the default ciphers
sed -i 's/HIGH:!aNULL:!MD5:!kEDH;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf
# Replace the EasyEngine ciphers
sed -i 's/ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf
# Change the TLS protocols
if [ "$wo_distro_version" == "bionic" ]; then
# Bionic supports TLSv1.3, so let's enable that
sed -i 's/TLSv1 TLSv1.1 TLSv1.2;/TLSv1.2 TLSv1.3;/g' /etc/nginx/nginx.conf
else
# If != Bionic then enable only TLSv1.2
sed -i 's/TLSv1 TLSv1.1 TLSv1.2;/TLSv1.2;/g' /etc/nginx/nginx.conf
fi
fi
# Fix for SSL cert --all # Fix for SSL cert --all
crontab -l | grep -q '\-\-min_expiry_limit' crontab -l | grep -q '\-\-min_expiry_limit'
if [[ $? -eq 0 ]]; then if [[ $? -eq 0 ]]; then
@@ -568,16 +548,16 @@ wo_git_init()
git init git init
fi fi
git add -A . git add -A .
git commit -am "Updated Nginx" git commit -am "Updated Nginx"
} >> /var/log/wo/install.log 2>&1 } >> /var/log/wo/install.log 2>&1
# WordOps under git version control # WordOps under git version control
[ -d /etc/wo ] && { [ -d /etc/wo ] && {
cd /etc/wo || exit 1 cd /etc/wo || exit 1
[ ! -d /etc/wo/.git ] && { [ ! -d /etc/wo/.git ] && {
git init git init
} }
git add -A . git add -A .
git commit -am "Installed/Updated to WordOps" git commit -am "Installed/Updated to WordOps"
} >> /var/log/wo/install.log 2>&1 } >> /var/log/wo/install.log 2>&1
# PHP under git version control # PHP under git version control
[ -d /etc/php ] && { [ -d /etc/php ] && {
@@ -603,12 +583,11 @@ if [ -x /usr/local/bin/wo ]; then
wo_install_dep | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log
wo_sync_db >> $EE_INSTALL_LOG 2>&1 wo_sync_db >> $EE_INSTALL_LOG 2>&1
secure_wo_db | tee -ai $EE_INSTALL_LOG secure_wo_db | tee -ai $EE_INSTALL_LOG
wo_upgrade_php | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
service nginx reload &>> /dev/null
service php7.2-fpm restart &>> /dev/null
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
else else
wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1
@@ -626,12 +605,12 @@ else
wo_install_dep | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log
wo_sync_db >> $EE_INSTALL_LOG 2>&1 wo_sync_db >> $EE_INSTALL_LOG 2>&1
secure_wo_db | tee -ai $EE_INSTALL_LOG secure_wo_db | tee -ai $EE_INSTALL_LOG
wo_upgrade_php | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
service nginx reload &>> /dev/null service nginx reload &>> /dev/null
service php7.2-fpm restart &>> /dev/null
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
else else
wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1
@@ -648,6 +627,7 @@ else
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
fi fi
fi fi

9
wo/cli/templates/fastcgi.mustache
View File

@@ -2,9 +2,16 @@
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M;
fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
fastcgi_cache_lock on;
fastcgi_cache_lock_age 5s;
fastcgi_cache_lock_timeout 5s;
fastcgi_cache_methods GET HEAD; fastcgi_cache_methods GET HEAD;
fastcgi_cache_background_update on; fastcgi_cache_background_update on;
fastcgi_cache_valid 200 301 302 404 1h; fastcgi_cache_valid 200 1h;
fastcgi_cache_valid 301 302 30m;
fastcgi_cache_valid 499 502 503 1m;
fastcgi_cache_valid 404 15m;
fastcgi_cache_valid any 15m;
fastcgi_buffers 16 16k; fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k; fastcgi_buffer_size 32k;
fastcgi_param SERVER_NAME $http_host; fastcgi_param SERVER_NAME $http_host;

2
wo/core/variables.py
View File

@@ -12,7 +12,7 @@ class WOVariables():
"""Intialization of core variables""" """Intialization of core variables"""
# WordOps version # WordOps version
wo_version = "3.9.3" wo_version = "3.9.4"
# WordOps packages versions # WordOps packages versions
wo_wp_cli = "2.1.0" wo_wp_cli = "2.1.0"
wo_adminer = "4.7.1" wo_adminer = "4.7.1"