Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #140 from WordOps/updating-configuration

Browse Source 
SSL certificates expiration
This commit is contained in:
VirtuBox
2019-09-04 00:35:16 +02:00
committed by GitHub
parent 394e6807de ebdac21cab
commit 1a245ceb04
9 changed files with 110 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.travis.yml
View File

@@ -38,8 +38,8 @@ script:
- sed -i 's/# "nose"/"nose"/g' setup.py - sed -i 's/# "nose"/"nose"/g' setup.py
- sed -i 's/# "coverage"/"coverage"/g' setup.py - sed -i 's/# "coverage"/"coverage"/g' setup.py
- sed -i 's/# "Sphinx >= 1.0"/"Sphinx >= 1.0"/g' setup.py - sed -i 's/# "Sphinx >= 1.0"/"Sphinx >= 1.0"/g' setup.py
- sudo bash install --travis -b "$TRAVIS_BRANCH" - sudo time bash install --travis -b "$TRAVIS_BRANCH"
- sudo bash tests/travis.sh - sudo time bash tests/travis.sh
- sudo wo update --travis - sudo wo update --travis
- sudo wo stack status - sudo wo stack status

6
CHANGELOG.md
View File

@@ -8,6 +8,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### v3.9.x - [Unreleased] ### v3.9.x - [Unreleased]
#### Fixed
- Fix cheat.sh install [PR #139](https://github.com/WordOps/WordOps/pull/139)
- sslutils error when trying to display SSL certificate expiration
- Fix cheat.sh symbolink link check before creation
### v3.9.8.9 - 2019-09-03 ### v3.9.8.9 - 2019-09-03
#### Added #### Added

7
README.md
View File

@@ -71,6 +71,7 @@
## Getting Started ## Getting Started
```bash ```bash
wget -qO wo wops.cc && sudo bash wo # Install WordOps wget -qO wo wops.cc && sudo bash wo # Install WordOps
sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com
@@ -128,10 +129,10 @@ wo site create example.com --proxy=127.0.0.1:3000 # create example.com with ngi
### Sites secured with Let's Encrypt ### Sites secured with Let's Encrypt
```bash ```bash
wo site create example.com --wp --letsencrypt # wordpress & letsencrypt wo site create example.com --wp -le # wordpress & letsencrypt
wo site create sub.example.com --wp --letsencrypt=subdomain # wordpress & letsencrypt subdomain wo site create sub.example.com --wp -le # wordpress & letsencrypt subdomain
wo site create site.tld --wp --letsencrypt --hsts # wordpress & letsencrypt with HSTS wo site create site.tld --wp --letsencrypt --hsts # wordpress & letsencrypt with HSTS
wo site create site.tld --wp --letsencrypt=wildcard --dns=dns_cf # wordpress & wildcard SSL certificate with Cloudflare DNS API wo site create site.tld --wp -le=wildcard --dns=dns_cf # wordpress & wildcard SSL certificate with Cloudflare DNS API
``` ```
## Update WordOps ## Update WordOps

2
install
View File

@@ -798,7 +798,9 @@ wo_ufw_setup() {
wo_cheat_install() { wo_cheat_install() {
curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh
chmod +x /usr/local/bin/cht.sh chmod +x /usr/local/bin/cht.sh
[ ! -h /usr/local/bin/cheat ] && {
ln -s /usr/local/bin/cht.sh /usr/local/bin/cheat ln -s /usr/local/bin/cht.sh /usr/local/bin/cheat
}
curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh
} }

56
tests/travis.sh
View File

@@ -91,6 +91,46 @@ for site in $wp_site_types; do
fi fi
done done
echo -e "${CGREEN}#############################################${CEND}"
echo -e ' wo site create wpsubdir '
echo -e "${CGREEN}#############################################${CEND}"
wp_site_types='wpfc wpsc wpce wprocket wpredis'
for site in $wp_site_types; do
echo -ne " Creating wpsubdir $site [..]\r"
if {
wo site create wpsubdir"$site".io --wpsubdir --${site}
} >> /var/log/wo/test.log; then
echo -ne " Creating wpsubdir $site [${CGREEN}OK${CEND}]\\r"
echo -ne '\n'
else
echo -e " Creating wpsubdir $site [${CRED}FAIL${CEND}]"
echo -ne '\n'
exit_script
fi
done
echo -e "${CGREEN}#############################################${CEND}"
echo -e ' wo site create wpsubdomain '
echo -e "${CGREEN}#############################################${CEND}"
wp_site_types='wpfc wpsc wpce wprocket wpredis'
for site in $wp_site_types; do
echo -ne " Creating wpsubdomain $site [..]\r"
if {
wo site create wpsubdomain"$site".io --wpsubdomain --${site}
} >> /var/log/wo/test.log; then
echo -ne " Creating wpsubdomain $site [${CGREEN}OK${CEND}]\\r"
echo -ne '\n'
else
echo -e " Creating wpsubdomain $site [${CRED}FAIL${CEND}]"
echo -ne '\n'
exit_script
fi
done
echo -e "${CGREEN}#############################################${CEND}" echo -e "${CGREEN}#############################################${CEND}"
echo -e ' wo stack upgrade ' echo -e ' wo stack upgrade '
echo -e "${CGREEN}#############################################${CEND}" echo -e "${CGREEN}#############################################${CEND}"
@@ -110,22 +150,6 @@ for stack in $stack_upgrade; do
fi fi
done done
if ! {
echo -e "${CGREEN}#############################################${CEND}"
echo -e ' Multi-site create '
echo -e "${CGREEN}#############################################${CEND}"
wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && wo site create wpsubdirwpsc2.com --wpsubdir --wpfc && wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73
wo site create wpsubdomain1.com --wpsubdomain && wo site create wpsubdomain1-php73.com --wpsubdomain --php73 && wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain
echo -e "${CGREEN}#############################################${CEND}"
echo -e ' wo site update '
echo -e "${CGREEN}#############################################${CEND}"
wo site create 1.com --html && wo site create 2.com --php && wo site create 3.com --mysql
wo site update 1.com --wp && wo site update 2.com --php73 && wo site update 3.com --php73
wo site update 1.com --wp && wo site update 1.com --wpfc && wo site update 1.com --wpsc && wo site update 1.com --wpredis && wo site update 1.com --wpce && wo site update 1.com --wprocket && wo site update 1.com --php73=off
}; then
exit_script
fi
echo -e "${CGREEN}#############################################${CEND}" echo -e "${CGREEN}#############################################${CEND}"
echo -e ' various informations ' echo -e ' various informations '
echo -e "${CGREEN}#############################################${CEND}" echo -e "${CGREEN}#############################################${CEND}"

83
wo/cli/plugins/site.py
View File

@@ -628,55 +628,33 @@ class WOSiteCreateController(CementBaseController):
# Setup WordPress if Wordpress site # Setup WordPress if Wordpress site
if data['wp']: if data['wp']:
if not pargs.vhostonly: if pargs.vhostonly:
try: vhostonly = True
wo_wp_creds = setupwordpress(self, data)
# Add database information for site into database
updateSiteInfo(self, wo_domain,
db_name=data['wo_db_name'],
db_user=data['wo_db_user'],
db_password=data['wo_db_pass'],
db_host=data['wo_db_host'])
except SiteError as e:
# call cleanup actions on failure
Log.debug(self, str(e))
Log.info(self, Log.FAIL +
"There was a serious error encountered...")
Log.info(self, Log.FAIL + "Cleaning up afterwards...")
doCleanupAction(self, domain=wo_domain,
webroot=data['webroot'],
dbname=data['wo_db_name'],
dbuser=data['wo_db_user'],
dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` "
"and please try again")
else: else:
try: vhostonly = False
wo_wp_creds = setupwordpress( try:
self, data, vhostonly=True) wo_wp_creds = setupwordpress(self, data, vhostonly)
# Add database information for site into database # Add database information for site into database
updateSiteInfo(self, wo_domain, updateSiteInfo(self, wo_domain,
db_name=data['wo_db_name'], db_name=data['wo_db_name'],
db_user=data['wo_db_user'], db_user=data['wo_db_user'],
db_password=data['wo_db_pass'], db_password=data['wo_db_pass'],
db_host=data['wo_db_host']) db_host=data['wo_db_host'])
except SiteError as e: except SiteError as e:
# call cleanup actions on failure # call cleanup actions on failure
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + Log.info(self, Log.FAIL +
"There was a serious error encountered...") "There was a serious error encountered...")
Log.info(self, Log.FAIL + "Cleaning up afterwards...") Log.info(self, Log.FAIL + "Cleaning up afterwards...")
doCleanupAction(self, domain=wo_domain, doCleanupAction(self, domain=wo_domain,
webroot=data['webroot'], webroot=data['webroot'],
dbname=data['wo_db_name'], dbname=data['wo_db_name'],
dbuser=data['wo_db_user'], dbuser=data['wo_db_user'],
dbhost=data['wo_mysql_grant_host']) dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` " "`tail /var/log/wo/wordops.log` "
"and please try again") "and please try again")
# Service Nginx Reload call cleanup if failed to reload nginx # Service Nginx Reload call cleanup if failed to reload nginx
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
@@ -1375,7 +1353,7 @@ class WOSiteUpdateController(CementBaseController):
if wo_subdomain: if wo_subdomain:
# check if a wildcard cert for the root domain exist # check if a wildcard cert for the root domain exist
Log.debug(self, "checkWildcardExist on *.{0}" Log.debug(self, "checkWildcardExist on *.{0}"
.format(wo_root_domain)) .format(wo_root_domain))
isWildcard = checkWildcardExist(self, wo_root_domain) isWildcard = checkWildcardExist(self, wo_root_domain)
Log.debug(self, "isWildcard = {0}".format(isWildcard)) Log.debug(self, "isWildcard = {0}".format(isWildcard))
if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"): if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"):
@@ -1422,9 +1400,10 @@ class WOSiteUpdateController(CementBaseController):
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
if wo_subdomain and isWildcard: if wo_subdomain and isWildcard:
if (SSL.getExpirationDays(self, wo_root_domain) > 0): if (SSL.getExpirationDays(self, wo_root_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(
str(SSL.getExpirationDays(self, wo_root_domain)) + self, "Your cert will expire within " +
" days.") str(SSL.getExpirationDays(self, wo_root_domain)) +
" days.")
else: else:
Log.warn( Log.warn(
self, "Your cert already EXPIRED ! " self, "Your cert already EXPIRED ! "

13
wo/cli/plugins/stack_upgrade.py
View File

@@ -62,7 +62,6 @@ class WOStackUpgradeController(CementBaseController):
apt_packages = [] apt_packages = []
packages = [] packages = []
nginx_packages = [] nginx_packages = []
empty_packages = []
self.msg = [] self.msg = []
pargs = self.app.pargs pargs = self.app.pargs
@@ -96,7 +95,6 @@ class WOStackUpgradeController(CementBaseController):
if pargs.nginx: if pargs.nginx:
if WOAptGet.is_installed(self, 'nginx-custom'): if WOAptGet.is_installed(self, 'nginx-custom'):
apt_packages = apt_packages + WOVariables.wo_nginx
nginx_packages = nginx_packages + WOVariables.wo_nginx nginx_packages = nginx_packages + WOVariables.wo_nginx
else: else:
Log.info(self, "Nginx Stable is not already installed") Log.info(self, "Nginx Stable is not already installed")
@@ -191,8 +189,8 @@ class WOStackUpgradeController(CementBaseController):
if start_upgrade != "Y" and start_upgrade != "y": if start_upgrade != "Y" and start_upgrade != "y":
Log.error(self, "Not starting package update") Log.error(self, "Not starting package update")
Log.info(self, "Updating APT packages, please wait...") Log.info(self, "Updating APT packages, please wait...")
if set(WOVariables.wo_nginx).issubset(set(apt_packages)):
pre_pref(self, ["nginx-custom", "nginx-wo"]) pre_pref(self, nginx_packages)
# apt-get update # apt-get update
WOAptGet.update(self) WOAptGet.update(self)
if set(WOVariables.wo_php).issubset(set(apt_packages)): if set(WOVariables.wo_php).issubset(set(apt_packages)):
@@ -202,8 +200,13 @@ class WOStackUpgradeController(CementBaseController):
WOAptGet.remove(self, ['php7.3-fpm'], WOAptGet.remove(self, ['php7.3-fpm'],
auto=False, purge=True) auto=False, purge=True)
# Update packages # Update packages
if not os.path.isfile(
'/etc/apt/preferences.d/nginx-block'):
WOAptGet.install(self, nginx_packages)
WOAptGet.install(self, apt_packages) WOAptGet.install(self, apt_packages)
post_pref(self, apt_packages, empty_packages, True) post_pref(self, nginx_packages, [], True)
post_pref(self, apt_packages, [], True)
# Post Actions after package updates # Post Actions after package updates
if len(packages): if len(packages):

5
wo/core/shellexec.py
View File

@@ -54,9 +54,8 @@ class WOShellExec():
def cmd_exec_stdout(self, command, errormsg='', log=True): def cmd_exec_stdout(self, command, errormsg='', log=True):
"""Run shell command from Python""" """Run shell command from Python"""
try: try:
log and Log.debug(self, "Running command: command -v {0}".format(command)) log and Log.debug(self, "Running command: {0}".format(command))
check_command = 'command -v' + command with subprocess.Popen([command], stdout=subprocess.PIPE,
with subprocess.Popen([check_command], stdout=subprocess.PIPE,
stderr=subprocess.PIPE, shell=True) as proc: stderr=subprocess.PIPE, shell=True) as proc:
(cmd_stdout_bytes, cmd_stderr_bytes) = proc.communicate() (cmd_stdout_bytes, cmd_stderr_bytes) = proc.communicate()
(cmd_stdout, cmd_stderr) = (cmd_stdout_bytes.decode('utf-8', (cmd_stdout, cmd_stderr) = (cmd_stdout_bytes.decode('utf-8',

32
wo/core/sslutils.py
View File

@@ -1,6 +1,7 @@
import os import os
from wo.core.shellexec import WOShellExec
from wo.core.logging import Log from wo.core.logging import Log
from wo.core.shellexec import WOShellExec
class SSL: class SSL:
@@ -18,15 +19,12 @@ class SSL:
"`tail /var/log/wo/wordops.log` and please try again...") "`tail /var/log/wo/wordops.log` and please try again...")
current_date = WOShellExec.cmd_exec_stdout(self, "date -d \"now\" +%s") current_date = WOShellExec.cmd_exec_stdout(self, "date -d \"now\" +%s")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \"" expiration_date = WOShellExec.cmd_exec_stdout(
"`/usr/bin/openssl " self, "date -d \""
"x509 -in " "$(openssl x509 -in /etc/letsencrypt/live/"
"/etc/letsencrypt/live/" "{0}/cert.pem -text -noout | grep \"Not After\" "
"{0}/cert.pem" "| cut -c 25-)\" +%s"
" -text -noout|grep " .format(domain))
"\"Not After\"|"
"cut -c 25-`\" "
"+%s".format(domain))
days_left = int((int(expiration_date) - int(current_date)) / 86400) days_left = int((int(expiration_date) - int(current_date)) / 86400)
if (days_left > 0): if (days_left > 0):
@@ -45,13 +43,9 @@ class SSL:
Log.error(self, "Check the WordOps log for more details " Log.error(self, "Check the WordOps log for more details "
"`tail /var/log/wo/wordops.log` and please try again...") "`tail /var/log/wo/wordops.log` and please try again...")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d " expiration_date = WOShellExec.cmd_exec_stdout(
"\"`/usr/bin/openssl " self, "date -d \"$(/usr/bin/openssl x509 -in "
"x509 -in " "/etc/letsencrypt/live/{0}/cert.pem -text -noout | grep "
"/etc/letsencrypt/live/" "\"Not After\" | cut -c 25-)\" "
"{0}/cert.pem" .format(domain))
" -text -noout|grep "
"\"Not After\"|"
"cut -c 25-`\" "
.format(domain))
return expiration_date return expiration_date