Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #645 from WordOps/updating-configuration

Browse Source 
Fix CVE-2024-34528 and add support for Ubuntu 24.04
This commit is contained in:
VirtuBox
2024-05-18 01:39:22 +02:00
committed by GitHub
parent f7f0aa9cde 01c875cffb
commit 347c5a6f7c
5 changed files with 50 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/main.yml vendored
View File

@@ -19,10 +19,10 @@ jobs:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-20.04, ubuntu-22.04]
os: [ubuntu-20.04, ubuntu-22.04, ubuntu-latest]
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Prepare VM
run: |
unset LANG

89
install
View File

@@ -9,7 +9,7 @@
# -------------------------------------------------------------------------
# wget -qO wo wops.cc && sudo -E bash wo
# -------------------------------------------------------------------------
# Version 3.20.0 - 2024-04-21
# Version 3.21.0 - 2024-05-03
# -------------------------------------------------------------------------
# CONTENTS
@@ -139,7 +139,8 @@ wo_init_variables() {
fi
readonly wo_install_log=/var/log/wo/install.log
readonly TIME_FORMAT='%d-%b-%Y-%H%M%S'
readonly TIME=$(date +"$TIME_FORMAT")
TIME=$(date +"$TIME_FORMAT")
readonly TIME
readonly NGINX_BACKUP_FILE="/var/lib/wo-backup/nginx-backup.$TIME.tar.zst"
readonly EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.zst"
readonly WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.zst"
@@ -167,9 +168,9 @@ wo_check_distro() {
wo_lib_echo_fail "Feel free to open a pull-request if you want to add support for another Linux distributions"
exit 100
else
check_wo_linux_distro=$(lsb_release -sc | grep -E "buster|focal|jammy|bullseye|bookworm")
check_wo_linux_distro=$(lsb_release -sc | grep -E "buster|focal|jammy|bullseye|bookworm|noble")
if [ -z "$check_wo_linux_distro" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 20.04/22.04 LTS, Debian 10.x/11.x/12.x and Raspbian 10x./11.x \n
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 20.04/22.04/24.04 LTS, Debian 10.x/11.x/12.x and Raspbian 10x./11.x/12.x \n
You can bypass this warning by adding the flag --force to the install command"
exit 100
fi
@@ -233,7 +234,7 @@ wo_install_dep() {
wo_timesync() {
# set default ntp pools
if [ "$wo_distro_codename" != "bookworm" ]; then
if [ "$wo_distro_codename" != "bookworm" ] && [ "$wo_distro_codename" != "noble" ]; then
if [ -f /etc/systemd/timesyncd.conf ]; then
if ! grep -q "time.cloudflare.com" /etc/systemd/timesyncd.conf; then
sed -e 's/^#NTP=/NTP=time.cloudflare.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org/' -i /etc/systemd/timesyncd.conf
@@ -439,52 +440,50 @@ wo_install() {
cd /usr/local/lib/python3."$python_ver"/dist-packages || exit 1
fi
if [ "$wo_distro_codename" != "bookworm" ]; then
python3 -m pip uninstall -yq wo wordops ee
/opt/wo/bin/pip uninstall -yq wo wordops ee
fi
cd || exit 1
if [ -d /opt/wo/lib/python3."$python_ver"/site-packages/apt ]; then
source /opt/wo/bin/activate
python3 -m pip uninstall setuptools -y
python3 -m pip install -I setuptools==57.5.0
python3 -m pip install -U pip wheel
python3 -m pip uninstall psutil -y
python3 -m pip uninstall SQLAlchemy -y
/opt/wo/bin/pip install -U setuptools
/opt/wo/bin/pip install -U pip wheel
/opt/wo/bin/pip uninstall psutil -y
/opt/wo/bin/pip uninstall SQLAlchemy -y
else
rm -rf /opt/wo
python3 -m venv /opt/wo
source /opt/wo/bin/activate
python3 -m pip uninstall setuptools -y
python3 -m pip install -I setuptools==57.5.0
python3 -m pip install -U pip wheel
python3 -m pip install -U distro
/opt/wo/bin/pip install -U setuptools
/opt/wo/bin/pip install -U pip wheel
/opt/wo/bin/pip install -U distro
if [ "$wo_linux_distro" = "Debian" ] || [ "$wo_linux_distro" = "Raspbian" ]; then
if [ "$wo_distro_codename" = "stretch" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.4.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.4.y#egg=python-apt
elif [ "$wo_distro_codename" = "bullseye" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
elif [ "$wo_distro_codename" = "bookworm" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.5.3#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.5.3#egg=python-apt
else
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.8.4.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.8.4.y#egg=python-apt
fi
else
if [ "$wo_distro_codename" = "focal" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.0.0#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.0.0#egg=python-apt
elif [ "$wo_distro_codename" = "bionic" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.6.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.6.y#egg=python-apt
elif [ "$wo_distro_codename" = "jammy" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
else
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.1.y-xenial#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.8.y#egg=python-apt
fi
fi
fi
if [ "$wo_branch" = "master" ]; then
python3 -m pip install -U wordops
/opt/wo/bin/pip install -U wordops
else
python3 -m pip install -I "git+https://github.com/WordOps/WordOps.git@$wo_branch#egg=wordops"
/opt/wo/bin/pip install -I "git+https://github.com/WordOps/WordOps.git@$wo_branch#egg=wordops"
fi
local python_venv
python_venv=$(python3 -c "import sys; print(sys.version_info[1])")
@@ -513,43 +512,41 @@ wo_travis_install() {
if [ -f ./setup.py ]; then
if [ -d /opt/wo/lib/python3."$python_ver"/site-packages/apt ]; then
source /opt/wo/bin/activate
python3 -m pip uninstall setuptools -y
python3 -m pip install -I setuptools==57.5.0
python3 -m pip install -U pip wheel
python3 -m pip uninstall psutil -y
python3 -m pip uninstall SQLAlchemy -y
/opt/wo/bin/pip install -U setuptool
/opt/wo/bin/pip install -U pip wheel
/opt/wo/bin/pip uninstall psutil -y
/opt/wo/bin/pip uninstall SQLAlchemy -y
else
rm -rf /opt/wo
python3 -m venv /opt/wo
source /opt/wo/bin/activate
python3 -m pip uninstall setuptools -y
python3 -m pip install -I setuptools==57.5.0
python3 -m pip install -U pip wheel
/opt/wo/bin/pip install -U setuptools
/opt/wo/bin/pip install -U pip wheel
if [ "$wo_linux_distro" = "Debian" ] || [ "$wo_linux_distro" = "Raspbian" ]; then
if [ "$wo_distro_codename" = "stretch" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.4.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.4.y#egg=python-apt
elif [ "$wo_distro_codename" = "bullseye" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
elif [ "$wo_distro_codename" = "bookworm" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.5.3#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.5.3#egg=python-apt
else
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.8.4.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.8.4.y#egg=python-apt
fi
else
if [ "$wo_distro_codename" = "focal" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.0.0#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.0.0#egg=python-apt
elif [ "$wo_distro_codename" = "bionic" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.6.y#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.6.y#egg=python-apt
elif [ "$wo_distro_codename" = "jammy" ]; then
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.2.1#egg=python-apt
else
python3 -m pip install git+https://salsa.debian.org/apt-team/python-apt.git@1.1.y-xenial#egg=python-apt
/opt/wo/bin/pip install git+https://salsa.debian.org/apt-team/python-apt.git@2.8.y#egg=python-apt
fi
fi
fi
python3 -m pip install -U .
/opt/wo/bin/pip install -U .
else
python3 -m pip install -U "git+https://github.com/WordOps/WordOps.git@$wo_branch#egg=wordops"
/opt/wo/bin/pip install -U "git+https://github.com/WordOps/WordOps.git@$wo_branch#egg=wordops"
fi
cp -rf /opt/wo/lib/python3."$python_ver"/site-packages/usr/* /usr/
cp -rn /opt/wo/lib/python3."$python_ver"/site-packages/etc/* /etc/
@@ -706,8 +703,8 @@ wo_clean() {
wo_uninstall() {
local python_ver
python_ver=$(python3 -c "import sys; print(sys.version_info[1])")
if { python3 -m pip list | grep -q "wordops" >/dev/null 2>&1; }; then
python3 -m pip uninstall wordops -y
if { /opt/wo/bin/pip list | grep -q "wordops" >/dev/null 2>&1; }; then
/opt/wo/bin/pip uninstall wordops -y
fi
rm -rf /usr/local/lib/python3."$python_ver"/dist-packages/{pystache-*,cement-2.*,wo-*,wordops-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates /opt/wo
}
@@ -739,7 +736,7 @@ wo_woconf() {
echo -e '\n[letsencrypt]\n\nkeylength = "ec-384"' >>/etc/wo/wo.conf
fi
if ! grep -q "php" /etc/wo/wo.conf; then
echo -e '\n[php]\n\nversion = 8.0' >>/etc/wo/wo.conf
echo -e '\n[php]\n\nversion = 8.2' >>/etc/wo/wo.conf
fi
fi
}

2
setup.py
View File

@@ -27,7 +27,7 @@ if os.geteuid() == 0:
os.makedirs('/var/lib/wo/tmp/')
setup(name='wordops',
version='3.20.0',
version='3.21.0',
description='An essential toolset that eases server administration',
long_description=LONG,
long_description_content_type='text/markdown',

9
wo/cli/plugins/stack_pref.py
View File

@@ -30,7 +30,7 @@ def pre_pref(self, apt_packages):
if ("mariadb-server" in apt_packages or "mariadb-client" in apt_packages):
# add mariadb repository excepted on raspbian and ubuntu 19.04
if not (WOVar.wo_distro == 'raspbian'):
if not (WOVar.wo_distro == 'raspbian') and not (WOVar.wo_platform_codename == 'noble'):
Log.info(self, "Adding repository for MySQL, please wait...")
mysql_pref = (
"Package: *\nPin: origin mariadb.mirrors.ovh.net"
@@ -71,11 +71,8 @@ def pre_pref(self, apt_packages):
Log.debug(self, 'Writting configuration into MySQL file')
conf_path = "/etc/mysql/conf.d/my.cnf.tmp"
os.makedirs(os.path.dirname(conf_path), exist_ok=True)
with open(conf_path, encoding='utf-8',
mode='w') as configfile:
with os.fdopen(os.open(conf_path, os.O_WRONLY | os.O_CREAT, 0o600), 'w', encoding='utf-8') as configfile:
config.write(configfile)
Log.debug(self, 'Setting my.cnf permission')
WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf.tmp", 0o600)
# add nginx repository
if set(WOVar.wo_nginx).issubset(set(apt_packages)):
@@ -127,7 +124,7 @@ def pre_pref(self, apt_packages):
if set(WOVar.wo_redis).issubset(set(apt_packages)):
if not WOFileUtils.grepcheck(
self, '/etc/apt/sources.list/wo-repo.list',
'redis.io'):
'redis.io') and not (WOVar.wo_platform_codename == 'noble'):
Log.info(self, "Adding repository for Redis, please wait...")
WORepo.add(self, repo_url=WOVar.wo_redis_repo)
WORepo.download_key(self, WOVar.wo_redis_key_url)

3
wo/core/variables.py
View File

@@ -15,7 +15,7 @@ class WOVar():
"""Intialization of core variables"""
# WordOps version
wo_version = "3.20.0"
wo_version = "3.21.0"
# WordOps packages versions
wo_wp_cli = "2.10.0"
wo_adminer = "4.8.1"
@@ -198,7 +198,6 @@ class WOVar():
wo_fail2ban = ["fail2ban"]
wo_clamav = ["clamav", "clamav-freshclam"]
wo_ubuntu_backports = 'ppa:jonathonf/backports'
# APT repositories
wo_mysql_repo = ("deb [arch=amd64,arm64,ppc64el] "