Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: admpass.sh hang, OLS httpd_config structure, listener maps
Some checks failed
CI / test WordOps (ubuntu-22.04) (push) Has been cancelled
Details
CI / test WordOps (ubuntu-24.04) (push) Has been cancelled
Details

Browse Source 
Three fixes:

1. Replace admpass.sh calls with direct htpasswd writes — the script
   is interactive-only (no --password flag) and hangs forever in
   automation. Write admin htpasswd directly with openssl passwd.

2. Fix httpd_config.conf template — OLS requires virtualHost {} blocks
   with vhRoot/configFile, not bare include of vhconf.conf files.
   Add proper _backend virtualHost block, map it to Backend listener,
   use self-signed cert for Secure listener until real certs exist.

3. Fix addOLSListenerMap to only add maps to Default and Secure
   listeners (not Backend which is reserved for the admin panel).

4. Fix default PHP detection to read from wo.conf config instead
   of picking first installed version (which would prefer php74).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Malin
2026-02-09 13:08:03 +01:00
parent eaa5a95168
commit 22227c2849
4 changed files with 73 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
wo/cli/plugins/secure.py
View File

@@ -93,13 +93,27 @@ class WOSecureController(CementBaseController):
pargs.user_pass = password pargs.user_pass = password
if password == "": if password == "":
pargs.user_pass = passwd pargs.user_pass = passwd
# Set OLS admin password using admpass.sh # Set OLS admin + backend password directly
# (admpass.sh is interactive-only and hangs in automation)
WOShellExec.cmd_exec( WOShellExec.cmd_exec(
self, "/usr/local/lsws/admin/misc/admpass.sh " self, "printf \"{username}:"
"{username} {password}" "$(openssl passwd -apr1 '{password}' "
"2>/dev/null)\n\" "
"> /usr/local/lsws/admin/conf/htpasswd "
"2>/dev/null"
.format(username=pargs.user_input, .format(username=pargs.user_input,
password=pargs.user_pass), password=pargs.user_pass),
log=False) log=False)
WOShellExec.cmd_exec(
self, "printf \"{username}:"
"$(openssl passwd -apr1 '{password}' "
"2>/dev/null)\n\" "
"> {conf}/htpasswd-wo "
"2>/dev/null"
.format(username=pargs.user_input,
password=pargs.user_pass,
conf=WOVar.wo_ols_conf_dir),
log=False)
WOGit.add(self, [WOVar.wo_ols_conf_dir], WOGit.add(self, [WOVar.wo_ols_conf_dir],
msg="Adding changed secure auth into Git") msg="Adding changed secure auth into Git")

13
wo/cli/plugins/site_functions.py
View File

@@ -80,22 +80,25 @@ def addOLSVhost(self, domain, webroot):
def addOLSListenerMap(self, domain): def addOLSListenerMap(self, domain):
"""Add map entries for domain to listener blocks in httpd_config.conf""" """Add map entries for domain to Default+Secure listeners in httpd_config.conf"""
httpd_conf = '{0}/httpd_config.conf'.format(WOVar.wo_ols_conf_dir) httpd_conf = '{0}/httpd_config.conf'.format(WOVar.wo_ols_conf_dir)
map_line = ' map {0} {0}\n'.format(domain) map_line = ' map {0} {0}\n'.format(domain)
with open(httpd_conf, 'r') as f: with open(httpd_conf, 'r') as f:
lines = f.readlines() lines = f.readlines()
new_lines = [] new_lines = []
in_listener = False in_listener = False
listener_name = ''
for line in lines: for line in lines:
if line.strip().startswith('listener '): if line.strip().startswith('listener '):
in_listener = True in_listener = True
listener_name = line.strip().split()[1]
if in_listener and line.strip() == '}': if in_listener and line.strip() == '}':
# Check if map for this domain already exists # Only add maps to Default and Secure listeners (not Backend)
if not any(domain in l and 'map' in l for l in new_lines): if listener_name in ('Default', 'Secure'):
new_lines.append(map_line) if not any(domain in l and 'map' in l for l in new_lines):
new_lines.append(map_line)
in_listener = False in_listener = False
new_lines.append(line) new_lines.append(line)

48
wo/cli/plugins/stack_pref.py
View File

@@ -109,13 +109,24 @@ def post_pref(self, apt_packages, packages, upgrade=False):
if not os.path.exists(ols_vhost): if not os.path.exists(ols_vhost):
os.makedirs(ols_vhost) os.makedirs(ols_vhost)
# Determine default PHP version # Determine default PHP version from config
default_php_short = '84' try:
for ver_key, ver_num in WOVar.wo_php_versions.items(): config_php = self.app.config.get('php', 'version')
short = ver_num.replace('.', '') default_php_short = config_php.replace('.', '')
if os.path.exists('/usr/local/lsws/lsphp{0}/bin/lsphp'.format(short)): except Exception:
default_php_short = short default_php_short = '85'
break # Fallback: if configured LSPHP binary doesn't exist, find one
if not os.path.exists(
'/usr/local/lsws/lsphp{0}/bin/lsphp'
.format(default_php_short)):
for ver_num in reversed(
list(WOVar.wo_php_versions.values())):
short = ver_num.replace('.', '')
if os.path.exists(
'/usr/local/lsws/lsphp{0}/bin/lsphp'
.format(short)):
default_php_short = short
break
# Deploy main httpd_config.conf # Deploy main httpd_config.conf
data = dict( data = dict(
@@ -181,15 +192,20 @@ def post_pref(self, apt_packages, packages, upgrade=False):
.format(ngxroot))): .format(ngxroot))):
SSL.selfsignedcert(self, proftpd=False, backend=True) SSL.selfsignedcert(self, proftpd=False, backend=True)
# Deploy OLS admin password via admpass.sh # Set OLS WebAdmin password directly
if os.path.isfile('/usr/local/lsws/admin/misc/admpass.sh'): # (admpass.sh is interactive-only and hangs in automation)
try: admin_htpasswd = '/usr/local/lsws/admin/conf/htpasswd'
WOShellExec.cmd_exec( try:
self, WOShellExec.cmd_exec(
'/usr/local/lsws/admin/misc/admpass.sh ' self, "printf \"admin:"
'--password "{0}"'.format(passwd)) "$(openssl passwd -apr1 "
except CommandExecutionError as e: "{password} 2> /dev/null)\n\""
Log.debug(self, "{0}".format(e)) "> {htpasswd} "
"2>/dev/null"
.format(password=passwd,
htpasswd=admin_htpasswd))
except CommandExecutionError as e:
Log.debug(self, "{0}".format(e))
# traffic advice file # traffic advice file
data = dict(release=WOVar.wo_version) data = dict(release=WOVar.wo_version)

23
wo/cli/templates/ols-httpd.mustache
View File

@@ -176,6 +176,18 @@ module cache {
privateExpireInSeconds 3600 privateExpireInSeconds 3600
} }
# Include LSPHP external app definitions
include /usr/local/lsws/conf/lsphp*.conf
# Backend virtual host (port 22222 admin panel)
virtualHost _backend {
vhRoot /var/www/22222/
configFile /usr/local/lsws/conf/vhosts/_backend/vhconf.conf
allowSymbolLink 1
enableScript 1
restrained 0
}
# Listener for HTTP on port 80 # Listener for HTTP on port 80
listener Default { listener Default {
address *:80 address *:80
@@ -186,8 +198,8 @@ listener Default {
listener Secure { listener Secure {
address *:443 address *:443
secure 1 secure 1
keyFile /usr/local/lsws/conf/example.key keyFile /var/www/22222/cert/22222.key
certFile /usr/local/lsws/conf/example.crt certFile /var/www/22222/cert/22222.crt
sslProtocol 24 sslProtocol 24
enableQuic 1 enableQuic 1
} }
@@ -199,10 +211,7 @@ listener Backend {
keyFile /var/www/22222/cert/22222.key keyFile /var/www/22222/cert/22222.key
certFile /var/www/22222/cert/22222.crt certFile /var/www/22222/cert/22222.crt
sslProtocol 24 sslProtocol 24
map _backend *
} }
# Include external app definitions # WordOps managed vhost mappings below (do not edit this line)
include /usr/local/lsws/conf/lsphp*.conf
# Include virtual host mappings
include /usr/local/lsws/conf/vhosts/*/vhconf.conf