Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #130 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-08-30 21:29:51 +02:00
committed by GitHub
parent 73662bbc36 87fbef74ab
commit 447d02258c
11 changed files with 404 additions and 242 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
CHANGELOG.md
View File

@@ -8,6 +8,28 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### v3.9.x - [Unreleased] ### v3.9.x - [Unreleased]
### v3.9.8.6 - 2019-08-30
#### Added
- Subdomains are automatically secured with an existant Wildcard LetsEncrypt SSL certificate.
(If a wildcard certificate exist, WordOps will use this certificate for subdomains instead of issuing new certificates)
- MySQL & Redis stack to `wo stack remove/purge`
#### Changed
- Date format in backup name : /backup/30Aug2019035932 -> /backup/30Aug2019-03-59-32
- Cleanup and update bash_completion
- cheat.sh is installed with WordOps install script, not as a stack because it wasn't downloaded at all by WordOps (unknown reason yet)
#### Fixed
- cache-enabler plugin not installed and configured with `wo site update site.tld --wpce`
- possible issue with domain variable in `--letsencrypt=wildcard`
- python3-mysqldb not available on Debian 8 (Jessie)
- Fix mysql variable skip-name-resolved
- Fix typo in redis tuning directives
### v3.9.8.5 - 2019-08-30 ### v3.9.8.5 - 2019-08-30
#### Changed #### Changed

29
config/bash_completion.d/wo_auto.rc
View File

@@ -35,7 +35,7 @@ _wo_complete()
"stack") "stack")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "upgrade install purge reload remove restart start status stop migrate" \ -W "upgrade install purge reload remove restart start status stop" \
-- $cur) ) -- $cur) )
;; ;;
@@ -74,12 +74,12 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE
"install" | "purge" | "remove" ) "install" | "purge" | "remove" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban --dashboard --proftpd" \ -W "--recommended --web --admin --security --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --phpredisadmin --composer --netdata --fail2ban --dashboard --proftpd --clamav --mysqlclient --mysqltuner --extplorer --all" \
-- $cur) ) -- $cur) )
;; ;;
"upgrade" ) "upgrade" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --nginx --php --php73 --mysql --all --netdata --composer --phpmyadmin --dashboard --no-prompt --wpcli" \ -W "--web --admin --utils --nginx --php --php73 --mysql --all --netdata --composer --phpmyadmin --dashboard --no-prompt --mysqtuner --wpcli" \
-- $cur) ) -- $cur) )
;; ;;
"start" | "stop" | "reload" | "restart" | "status") "start" | "stop" | "reload" | "restart" | "status")
@@ -87,11 +87,6 @@ _wo_complete()
-W "--nginx --php --php73 --mysql --redis --fail2ban --netdata -proftpd" \ -W "--nginx --php --php73 --mysql --redis --fail2ban --netdata -proftpd" \
-- $cur) ) -- $cur) )
;; ;;
"migrate")
COMPREPLY=( $(compgen \
-W "--mariadb" \
-- $cur) )
;;
"list") "list")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--enabled --disabled" \ -W "--enabled --disabled" \
@@ -159,13 +154,13 @@ _wo_complete()
"create") "create")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=wildcard -le=wildcard --dns --dns=dns_cf --dns=dns_do" \ -W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=wildcard -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-- $cur) ) -- $cur) )
;; ;;
"update") "update")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=off --letsencrypt=clean -le=wildcard --dns --dns=dns_cf --dns=dns_do" \ -W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off --letsencrypt --letsencrypt=off --letsencrypt=clean -le=wildcard -le=clean --dns --dns=dns_cf --dns=dns_do" \
-- $cur) ) -- $cur) )
;; ;;
"delete") "delete")
@@ -230,9 +225,9 @@ _wo_complete()
"--wpsubdir" | "--wpsubdomain") "--wpsubdir" | "--wpsubdomain")
if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wpsc --wpfc --user --email --pass --wpredis --wprocket --wpce --letsencrypt --letsencrypt=wildcard -le --php73 --dns --dns=dns_cf --dns=dns_do" retlist="--wpsc --wpfc --user --email --pass --wpredis --wprocket --wpce -le -le=wildcard --letsencrypt --letsencrypt=wildcard --php73 --dns --dns=dns_cf --dns=dns_do"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=wildcard --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do" retlist="--wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le -le=off -le=wildcard --letsencrypt --letsencrypt=wildcard --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -248,7 +243,7 @@ _wo_complete()
"--wpredis --wprocket --wpce" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") "--wpredis --wprocket --wpce" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --php73 -le --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do" retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --php73 -le -le=off -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -261,7 +256,7 @@ _wo_complete()
"--wpredis --wprocket --wpce" | "--wpfc") "--wpredis --wprocket --wpce" | "--wpfc")
if [ ${COMP_WORDS[2]} == "update" ]; then if [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do" retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off --letsencrypt --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -274,7 +269,7 @@ _wo_complete()
"--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--fail2ban" | "--redis | --phpredisadmin | --netdata") "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--fail2ban" | "--redis | --phpredisadmin | --netdata")
if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then
retlist="--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --fail2ban --phpredisadmin --netdata" retlist="--web --admin --security --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --fail2ban --phpredisadmin --netdata -f --force"
elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then
retlist="--nginx --php --php73 --mysql --redis --netdata" retlist="--nginx --php --php73 --mysql --redis --netdata"
elif [[ ${COMP_WORDS[1]} == "debug" ]]; then elif [[ ${COMP_WORDS[1]} == "debug" ]]; then
@@ -314,7 +309,7 @@ _wo_complete()
elif [ ${COMP_WORDS[2]} == "delete" ]; then elif [ ${COMP_WORDS[2]} == "delete" ]; then
retlist="--db --files --force" retlist="--db --files --force"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --letsencrypt --letsencrypt=off " retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off -le=wildcard --letsencrypt --letsencrypt=off "
else else
retlist="" retlist=""
fi fi
@@ -363,7 +358,7 @@ _wo_complete()
case "$mprev" in case "$mprev" in
"--user" | "--email" | "--pass") "--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --letsencrypt --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do" retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do"
fi fi
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \

33
install
View File

@@ -80,6 +80,10 @@ while [ "$#" -gt 0 ]; do
-w | --wufw | --without-ufw) -w | --wufw | --without-ufw)
ufw="n" ufw="n"
;; ;;
-v | --version)
wo_version="$2"
shift
;;
*) # positional args *) # positional args
;; ;;
esac esac
@@ -438,8 +442,13 @@ wo_install() {
{ {
rm -f /etc/bash_completion.d/wo_auto.rc rm -f /etc/bash_completion.d/wo_auto.rc
rm -rf /var/lib/wo/tmp/WordOps-* rm -rf /var/lib/wo/tmp/WordOps-*
curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp if [ -z "$wo_version" ]; then
cd /var/lib/wo/tmp/WordOps-${wo_branch} || exit 1 curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp
cd "/var/lib/wo/tmp/WordOps-$wo_branch" || exit 1
else
curl -sL https://github.com/WordOps/WordOps/archive/v${wo_version}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp
cd "/var/lib/wo/tmp/WordOps-$wo_version" || exit 1
fi
} \ } \
>> "$wo_install_log" 2>&1 >> "$wo_install_log" 2>&1
@@ -716,12 +725,6 @@ wo_uninstall() {
rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1 rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1
} }
wo_cheat_alias() {
if ! grep -q "cheat" "$HOME/.bashrc"; then
echo "alias cheat='/usr/local/bin/cht.sh'" >> "$HOME/.bashrc"
fi
}
wo_ufw_setup() { wo_ufw_setup() {
# get custom ssh port # get custom ssh port
@@ -787,6 +790,14 @@ wo_ufw_setup() {
} \ } \
>> $wo_install_log >> $wo_install_log
wo_cheat_install() {
curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh
curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh
if ! grep -q "cheat" $HOME/.bashrc; then
echo "alias cheat='/usr/local/bin/cht.sh'" >> "$HOME/.bashrc"
fi
}
### ###
# 4 - WO MAIN SETUP # 4 - WO MAIN SETUP
### ###
@@ -840,7 +851,7 @@ else
if [ -d /etc/systemd/system/mariadb.service.d ]; then if [ -d /etc/systemd/system/mariadb.service.d ]; then
wo_mariadb_tweak | tee -ai $wo_install_log wo_mariadb_tweak | tee -ai $wo_install_log
fi fi
wo_cheat_alias | tee -ai $wo_install_log wo_cheat_install | tee -ai $wo_install_log
wo_domain_suffix | tee -ai $wo_install_log wo_domain_suffix | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
@@ -893,7 +904,7 @@ else
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
wo_cheat_alias | tee -ai $wo_install_log wo_cheat_install | tee -ai $wo_install_log
wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log
wo_clean_ee | tee -ai $wo_install_log wo_clean_ee | tee -ai $wo_install_log
else else
@@ -928,7 +939,7 @@ else
wo_install_acme_sh | tee -ai $wo_install_log wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log
wo_cheat_alias | tee -ai $wo_install_log wo_cheat_install | tee -ai $wo_install_log
wo_domain_suffix | tee -ai $wo_install_log wo_domain_suffix | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log

2
setup.py
View File

@@ -57,7 +57,7 @@ if not os.path.isfile('/root/.gitconfig'):
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
setup(name='wo', setup(name='wo',
version='3.9.8.5', version='3.9.8.6',
description=long_description, description=long_description,
long_description=long_description, long_description=long_description,
classifiers=[], classifiers=[],

340
wo/cli/plugins/site.py
View File

@@ -137,7 +137,7 @@ class WOSiteController(CementBaseController):
Log.error(self, 'could not input site name') Log.error(self, 'could not input site name')
pargs.site_name = pargs.site_name.strip() pargs.site_name = pargs.site_name.strip()
(wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name) (wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name)
wo_domain_type, wo_root_domain = GetDomainlevel(wo_domain) (wo_domain_type, wo_root_domain) = GetDomainlevel(wo_domain)
wo_db_name = '' wo_db_name = ''
wo_db_user = '' wo_db_user = ''
wo_db_pass = '' wo_db_pass = ''
@@ -162,7 +162,12 @@ class WOSiteController(CementBaseController):
ssl = ("enabled" if siteinfo.is_ssl else "disabled") ssl = ("enabled" if siteinfo.is_ssl else "disabled")
if (ssl == "enabled"): if (ssl == "enabled"):
sslprovider = "Lets Encrypt" sslprovider = "Lets Encrypt"
sslexpiry = str(SSL.getExpirationDate(self, wo_domain)) if os.path.islink("{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot)):
sslexpiry = str(
SSL.getExpirationDate(self, wo_root_domain))
else:
sslexpiry = str(SSL.getExpirationDate(self, wo_domain))
else: else:
sslprovider = '' sslprovider = ''
sslexpiry = '' sslexpiry = ''
@@ -424,7 +429,7 @@ class WOSiteCreateController(CementBaseController):
pargs.site_name = pargs.site_name.strip() pargs.site_name = pargs.site_name.strip()
(wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name) (wo_domain, wo_www_domain) = ValidateDomain(pargs.site_name)
wo_domain_type, wo_root_domain = GetDomainlevel(wo_domain) (wo_domain_type, wo_root_domain) = GetDomainlevel(wo_domain)
if not wo_domain.strip(): if not wo_domain.strip():
Log.error("Invalid domain name, " Log.error("Invalid domain name, "
"Provide valid domain name") "Provide valid domain name")
@@ -626,84 +631,56 @@ class WOSiteCreateController(CementBaseController):
"and please try again") "and please try again")
# Setup WordPress if Wordpress site # Setup WordPress if Wordpress site
if (data['wp'] and (not pargs.vhostonly)): if data['wp']:
try: if not pargs.vhostonly:
wo_wp_creds = setupwordpress(self, data) try:
# Add database information for site into database wo_wp_creds = setupwordpress(self, data)
updateSiteInfo(self, wo_domain, # Add database information for site into database
db_name=data['wo_db_name'], updateSiteInfo(self, wo_domain,
db_user=data['wo_db_user'], db_name=data['wo_db_name'],
db_password=data['wo_db_pass'], db_user=data['wo_db_user'],
db_host=data['wo_db_host']) db_password=data['wo_db_pass'],
except SiteError as e: db_host=data['wo_db_host'])
# call cleanup actions on failure except SiteError as e:
Log.debug(self, str(e)) # call cleanup actions on failure
Log.info(self, Log.FAIL + Log.debug(self, str(e))
"There was a serious error encountered...") Log.info(self, Log.FAIL +
Log.info(self, Log.FAIL + "Cleaning up afterwards...") "There was a serious error encountered...")
doCleanupAction(self, domain=wo_domain, Log.info(self, Log.FAIL + "Cleaning up afterwards...")
webroot=data['webroot'], doCleanupAction(self, domain=wo_domain,
dbname=data['wo_db_name'], webroot=data['webroot'],
dbuser=data['wo_db_user'], dbname=data['wo_db_name'],
dbhost=data['wo_mysql_grant_host']) dbuser=data['wo_db_user'],
deleteSiteInfo(self, wo_domain) dbhost=data['wo_mysql_grant_host'])
Log.error(self, "Check the log for details: " deleteSiteInfo(self, wo_domain)
"`tail /var/log/wo/wordops.log` " Log.error(self, "Check the log for details: "
"and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
if (data['wp'] and (pargs.vhostonly)): else:
try: try:
wo_wp_creds = setupwordpress(self, data) wo_wp_creds = setupwordpress(
# Add database information for site into database self, data, vhostonly=True)
updateSiteInfo(self, wo_domain, db_name=data['wo_db_name'], # Add database information for site into database
db_user=data['wo_db_user'], updateSiteInfo(self, wo_domain,
db_password=data['wo_db_pass'], db_name=data['wo_db_name'],
db_host=data['wo_db_host']) db_user=data['wo_db_user'],
except SiteError as e: db_password=data['wo_db_pass'],
# call cleanup actions on failure db_host=data['wo_db_host'])
Log.debug(self, str(e)) except SiteError as e:
Log.info(self, Log.FAIL + # call cleanup actions on failure
"There was a serious error encountered...") Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Cleaning up afterwards...") Log.info(self, Log.FAIL +
doCleanupAction(self, domain=wo_domain, "There was a serious error encountered...")
webroot=data['webroot'], Log.info(self, Log.FAIL + "Cleaning up afterwards...")
dbname=data['wo_db_name'], doCleanupAction(self, domain=wo_domain,
dbuser=data['wo_db_user'], webroot=data['webroot'],
dbhost=data['wo_db_host']) dbname=data['wo_db_name'],
deleteSiteInfo(self, wo_domain) dbuser=data['wo_db_user'],
Log.error(self, "Check the log for details: " dbhost=data['wo_mysql_grant_host'])
"`tail /var/log/wo/wordops.log` " deleteSiteInfo(self, wo_domain)
"and please try again") Log.error(self, "Check the log for details: "
try: "`tail /var/log/wo/wordops.log` "
wodbconfig = open("{0}/wo-config.php" "and please try again")
.format(wo_site_webroot),
encoding='utf-8', mode='w')
wodbconfig.write("<?php \ndefine('DB_NAME', '{0}');"
"\ndefine('DB_USER', '{1}'); "
"\ndefine('DB_PASSWORD', '{2}');"
"\ndefine('DB_HOST', '{3}');\n?>"
.format(data['wo_db_name'],
data['wo_db_user'],
data['wo_db_pass'],
data['wo_db_host']))
wodbconfig.close()
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"wo-config.php")
Log.info(self, Log.FAIL +
"There was a serious error encountered...")
Log.info(self, Log.FAIL + "Cleaning up afterwards...")
doCleanupAction(self, domain=wo_domain,
webroot=data['webroot'],
dbname=data['wo_db_name'],
dbuser=data['wo_db_user'],
dbhost=data['wo_db_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` "
"and please try again")
# Service Nginx Reload call cleanup if failed to reload nginx # Service Nginx Reload call cleanup if failed to reload nginx
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
@@ -785,12 +762,33 @@ class WOSiteCreateController(CementBaseController):
else: else:
wo_wildcard = False wo_wildcard = False
wo_subdomain = False wo_subdomain = False
Log.debug(self, "Domain type = {0}"
.format(wo_domain_type))
if ((wo_domain_type == 'subdomain') and if ((wo_domain_type == 'subdomain') and
(not pargs.letsencrypt == 'wildcard')): (not pargs.letsencrypt == 'wildcard')):
wo_subdomain = True wo_subdomain = True
# check if a wildcard cert for the root domain exist
setupLetsEncrypt(self, wo_domain, wo_subdomain, wo_wildcard, Log.debug(self, "checkWildcardExist on *.{0}"
wo_dns, wo_acme_dns) .format(wo_root_domain))
isWildcard = checkWildcardExist(self, wo_root_domain)
Log.debug(self, "isWildcard = {0}".format(isWildcard))
if isWildcard:
Log.info(self, "Using existing Wildcard SSL "
"certificate from {0} to secure {1}"
.format(wo_root_domain, wo_domain))
Log.debug(self, "symlink wildcard "
"cert between {0} & {1}"
.format(wo_domain, wo_root_domain))
# copy the cert from the root domain
copyWildcardCert(self, wo_domain, wo_root_domain)
else:
Log.debug(self, "Setup Cert with acme.sh for {0}"
.format(wo_domain))
setupLetsEncrypt(self, wo_domain, wo_subdomain,
wo_wildcard, wo_dns, wo_acme_dns)
else:
setupLetsEncrypt(self, wo_domain, wo_subdomain,
wo_wildcard, wo_dns, wo_acme_dns)
httpsRedirect(self, wo_domain, True, wo_wildcard) httpsRedirect(self, wo_domain, True, wo_wildcard)
if pargs.hsts: if pargs.hsts:
@@ -855,7 +853,8 @@ class WOSiteUpdateController(CementBaseController):
(['--wprocket'], (['--wprocket'],
dict(help="update to WP-Rocket cache", action='store_true')), dict(help="update to WP-Rocket cache", action='store_true')),
(['--wpce'], (['--wpce'],
dict(help="update to Cache-Enabler cache", action='store_true')), dict(help="update to Cache-Enabler cache",
action='store_true')),
(['--wpredis'], (['--wpredis'],
dict(help="update to redis cache", action='store_true')), dict(help="update to redis cache", action='store_true')),
(['-le', '--letsencrypt'], (['-le', '--letsencrypt'],
@@ -1240,12 +1239,6 @@ class WOSiteUpdateController(CementBaseController):
return 0 return 0
if pargs.letsencrypt: if pargs.letsencrypt:
if ((wo_domain_type == 'subdomain') and
(not pargs.letsencrypt == 'wildcard') and
(not pargs.letsencrypt == 'off') and
(not pargs.letsencrypt == 'clean') and
(not pargs.letsencrypt == 'purge')):
pargs.letsencrypt == 'subdomain'
if pargs.letsencrypt == 'on': if pargs.letsencrypt == 'on':
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
@@ -1281,14 +1274,15 @@ class WOSiteUpdateController(CementBaseController):
wo_subdomain = False wo_subdomain = False
wo_wildcard = False wo_wildcard = False
if letsencrypt is check_ssl: if not wo_subdomain:
if letsencrypt is False: if letsencrypt is check_ssl:
Log.error(self, "SSl is not configured for given " if letsencrypt is False:
"site") Log.error(self, "SSl is not configured for given "
elif letsencrypt is True: "site")
Log.error(self, "SSl is already configured for given " elif letsencrypt is True:
"site") Log.error(self, "SSl is already configured for given "
pargs.letsencrypt = False "site")
pargs.letsencrypt = False
if data and (not pargs.php73): if data and (not pargs.php73):
if old_php73 is True: if old_php73 is True:
@@ -1382,9 +1376,30 @@ class WOSiteUpdateController(CementBaseController):
wo_acme_dns = '' wo_acme_dns = ''
wo_dns = False wo_dns = False
if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"): if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"):
setupLetsEncrypt(self, wo_domain, wo_subdomain, if wo_subdomain:
wo_wildcard, # check if a wildcard cert for the root domain exist
wo_dns, wo_acme_dns) Log.debug(self, "checkWildcardExist on *.{0}"
.format(wo_root_domain))
isWildcard = checkWildcardExist(self, wo_root_domain)
Log.debug(self, "isWildcard = {0}".format(isWildcard))
if isWildcard:
Log.info(self, "Using existing Wildcard SSL "
"certificate from {0} to secure {1}"
.format(wo_root_domain, wo_domain))
Log.debug(self, "symlink wildcard "
"cert between {0} & {1}"
.format(wo_domain, wo_root_domain))
# copy the cert from the root domain
copyWildcardCert(self, wo_domain, wo_root_domain)
else:
Log.debug(self, "Setup Cert with acme.sh for {0}"
.format(wo_domain))
setupLetsEncrypt(self, wo_domain, wo_subdomain,
wo_wildcard, wo_dns, wo_acme_dns)
else:
setupLetsEncrypt(self, wo_domain, wo_subdomain,
wo_wildcard, wo_dns, wo_acme_dns)
httpsRedirect(self, wo_domain, True, wo_wildcard) httpsRedirect(self, wo_domain, True, wo_wildcard)
site_url_https(self, wo_domain) site_url_https(self, wo_domain)
else: else:
@@ -1405,22 +1420,36 @@ class WOSiteUpdateController(CementBaseController):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully " Log.info(self, "Congratulations! Successfully "
"Configured SSl for Site " "Configured SSL for Site "
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
if wo_subdomain:
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_root_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + str(SSL.getExpirationDays(self, wo_root_domain)) +
" days.") " days.")
else:
Log.warn(
self, "Your cert already EXPIRED ! "
".PLEASE renew soon . ")
else: else:
Log.warn( if (SSL.getExpirationDays(self, wo_domain) > 0):
self, "Your cert already EXPIRED ! " Log.info(self, "Your cert will expire within " +
".PLEASE renew soon . ") str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
else:
Log.warn(
self, "Your cert already EXPIRED ! "
".PLEASE renew soon . ")
elif data['letsencrypt'] is False: elif data['letsencrypt'] is False:
if pargs.letsencrypt == "off": if pargs.letsencrypt == "off":
if os.path.isfile("{0}/conf/nginx/ssl.conf" if os.path.islink("{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot)): .format(wo_site_webroot)):
WOFileUtils.remove_symlink(self,
"{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot))
elif os.path.isfile("{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot)):
Log.info(self, 'Setting Nginx configuration') Log.info(self, 'Setting Nginx configuration')
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf" WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot), .format(wo_site_webroot),
@@ -1434,6 +1463,10 @@ class WOSiteUpdateController(CementBaseController):
'{0}/conf/nginx/' '{0}/conf/nginx/'
'hsts.conf.disabled' 'hsts.conf.disabled'
.format(wo_site_webroot)) .format(wo_site_webroot))
# find all broken symlinks
sympath = "/var/www"
WOFileUtils.findBrokenSymlink(self, sympath)
elif (pargs.letsencrypt == "clean" or elif (pargs.letsencrypt == "clean" or
pargs.letsencrypt == "purge"): pargs.letsencrypt == "purge"):
removeAcmeConf(self, wo_domain) removeAcmeConf(self, wo_domain)
@@ -1557,7 +1590,8 @@ class WOSiteUpdateController(CementBaseController):
"and please try again") "and please try again")
return 1 return 1
if ((oldcachetype in ['wpsc', 'basic', 'wpredis', 'wprocket', 'wpce'] and if ((oldcachetype in ['wpsc', 'basic', 'wpredis', 'wprocket',
'wpce'] and
(data['wpfc'])) or (oldsitetype == 'wp' and (data['wpfc'])) or (oldsitetype == 'wp' and
data['multisite'] and data['wpfc'])): data['multisite'] and data['wpfc'])):
try: try:
@@ -1566,7 +1600,7 @@ class WOSiteUpdateController(CementBaseController):
"enable_purge": 1, "enable_purge": 1,
"enable_map": "0", "enable_map": "0",
"enable_log": 0, "enable_log": 0,
"enable_stamp": 0, "enable_stamp": 1,
"purge_homepage_on_new": 1, "purge_homepage_on_new": 1,
"purge_homepage_on_edit": 1, "purge_homepage_on_edit": 1,
"purge_homepage_on_del": 1, "purge_homepage_on_del": 1,
@@ -1584,9 +1618,9 @@ class WOSiteUpdateController(CementBaseController):
"redis_port": "6379", "redis_port": "6379",
"redis_prefix": "nginx-cache:"} "redis_prefix": "nginx-cache:"}
plugin_data = json.dumps(plugin_data_object) plugin_data = json.dumps(plugin_data_object)
setupwp_plugin( setupwp_plugin(self, 'nginx-helper',
self, 'nginx-helper', 'rt_wp_nginx_helper_options',
'rt_wp_nginx_helper_options', plugin_data, data) plugin_data, data)
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper " Log.info(self, Log.FAIL + "Update nginx-helper "
@@ -1596,7 +1630,8 @@ class WOSiteUpdateController(CementBaseController):
"and please try again") "and please try again")
return 1 return 1
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc', 'wprocket', 'wpce'] and elif ((oldcachetype in ['wpsc', 'basic', 'wpfc',
'wprocket', 'wpce'] and
(data['wpredis'])) or (oldsitetype == 'wp' and (data['wpredis'])) or (oldsitetype == 'wp' and
data['multisite'] and data['multisite'] and
data['wpredis'])): data['wpredis'])):
@@ -1606,7 +1641,7 @@ class WOSiteUpdateController(CementBaseController):
"enable_purge": 1, "enable_purge": 1,
"enable_map": "0", "enable_map": "0",
"enable_log": 0, "enable_log": 0,
"enable_stamp": 0, "enable_stamp": 1,
"purge_homepage_on_new": 1, "purge_homepage_on_new": 1,
"purge_homepage_on_edit": 1, "purge_homepage_on_edit": 1,
"purge_homepage_on_del": 1, "purge_homepage_on_del": 1,
@@ -1624,9 +1659,9 @@ class WOSiteUpdateController(CementBaseController):
"redis_port": "6379", "redis_port": "6379",
"redis_prefix": "nginx-cache:"} "redis_prefix": "nginx-cache:"}
plugin_data = json.dumps(plugin_data_object) plugin_data = json.dumps(plugin_data_object)
setupwp_plugin( setupwp_plugin(self, 'nginx-helper',
self, 'nginx-helper', 'rt_wp_nginx_helper_options',
'rt_wp_nginx_helper_options', plugin_data, data) plugin_data, data)
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper " Log.info(self, Log.FAIL + "Update nginx-helper "
@@ -1635,37 +1670,9 @@ class WOSiteUpdateController(CementBaseController):
" `tail /var/log/wo/wordops.log` " " `tail /var/log/wo/wordops.log` "
"and please try again") "and please try again")
return 1 return 1
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc', 'wprocket', 'wpredis'] and
(data['wpce'])) or (oldsitetype == 'wp' and
data['multisite'] and
data['wpce'])):
try:
plugin_data_object = {"expires": 24,
"new_post": 1,
"new_comment": 0,
"webp": 0,
"clear_on_upgrade": 1,
"compress": 0,
"excl_ids": "",
"excl_regexp": "",
"excl_cookies": "",
"incl_attributes": "",
"minify_html": 1}
plugin_data = json.dumps(plugin_data_object)
setupwp_plugin(
self, 'cache-enabler',
'cache-enabler', plugin_data, data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update cache-enabler "
"settings failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
else: else:
try: try:
# disable nginx-helper
plugin_data_object = {"log_level": "INFO", plugin_data_object = {"log_level": "INFO",
"log_filesize": 5, "log_filesize": 5,
"enable_purge": 0, "enable_purge": 0,
@@ -1701,6 +1708,36 @@ class WOSiteUpdateController(CementBaseController):
"and please try again") "and please try again")
return 1 return 1
if ((oldcachetype in ['wpsc', 'basic', 'wpfc', 'wprocket', 'wpredis'] and
(data['wpce'])) or (oldsitetype == 'wp' and
data['multisite'] and
data['wpce'])):
try:
installwp_plugin(self, 'cache-enabler', data)
# setup cache-enabler
plugin_data_object = {"expires": 24,
"new_post": 1,
"new_comment": 0,
"webp": 0,
"clear_on_upgrade": 1,
"compress": 0,
"excl_ids": "",
"excl_regexp": "",
"excl_cookies": "",
"incl_attributes": "",
"minify_html": 1}
plugin_data = json.dumps(plugin_data_object)
setupwp_plugin(self, 'cache-enabler',
'cache-enabler', plugin_data, data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update cache-enabler "
"settings failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
if oldcachetype == 'wpsc' and not data['wpsc']: if oldcachetype == 'wpsc' and not data['wpsc']:
try: try:
uninstallwp_plugin(self, 'wp-super-cache', data) uninstallwp_plugin(self, 'wp-super-cache', data)
@@ -1832,6 +1869,7 @@ class WOSiteDeleteController(CementBaseController):
pargs.site_name = (input('Enter site name : ') pargs.site_name = (input('Enter site name : ')
.strip()) .strip())
except IOError as e: except IOError as e:
Log.debug(self, str(e))
Log.error(self, 'could not input site name') Log.error(self, 'could not input site name')
pargs.site_name = pargs.site_name.strip() pargs.site_name = pargs.site_name.strip()

136
wo/cli/plugins/site_functions.py
View File

@@ -6,6 +6,7 @@ import json
import re import re
import string import string
import subprocess import subprocess
import csv
from subprocess import CalledProcessError from subprocess import CalledProcessError
from wo.cli.plugins.sitedb import getSiteInfo from wo.cli.plugins.sitedb import getSiteInfo
@@ -229,7 +230,7 @@ def setupdatabase(self, data):
return(data) return(data)
def setupwordpress(self, data): def setupwordpress(self, data, vhostonly=False):
wo_domain_name = data['site_name'] wo_domain_name = data['site_name']
wo_site_webroot = data['webroot'] wo_site_webroot = data['webroot']
prompt_wpprefix = self.app.config.get('wordpress', 'prefix') prompt_wpprefix = self.app.config.get('wordpress', 'prefix')
@@ -531,13 +532,13 @@ def setupwordpress(self, data):
"enable_purge": 1, "enable_purge": 1,
"enable_map": "0", "enable_map": "0",
"enable_log": 0, "enable_log": 0,
"enable_stamp": 0, "enable_stamp": 1,
"purge_homepage_on_new": 1, "purge_homepage_on_new": 1,
"purge_homepage_on_edit": 1, "purge_homepage_on_edit": 1,
"purge_homepage_on_del": 1, "purge_homepage_on_del": 1,
"purge_archive_on_new": 1, "purge_archive_on_new": 1,
"purge_archive_on_edit": 0, "purge_archive_on_edit": 1,
"purge_archive_on_del": 0, "purge_archive_on_del": 1,
"purge_archive_on_new_comment": 0, "purge_archive_on_new_comment": 0,
"purge_archive_on_deleted_comment": 0, "purge_archive_on_deleted_comment": 0,
"purge_page_on_mod": 1, "purge_page_on_mod": 1,
@@ -557,13 +558,13 @@ def setupwordpress(self, data):
"enable_purge": 1, "enable_purge": 1,
"enable_map": "0", "enable_map": "0",
"enable_log": 0, "enable_log": 0,
"enable_stamp": 0, "enable_stamp": 1,
"purge_homepage_on_new": 1, "purge_homepage_on_new": 1,
"purge_homepage_on_edit": 1, "purge_homepage_on_edit": 1,
"purge_homepage_on_del": 1, "purge_homepage_on_del": 1,
"purge_archive_on_new": 1, "purge_archive_on_new": 1,
"purge_archive_on_edit": 0, "purge_archive_on_edit": 1,
"purge_archive_on_del": 0, "purge_archive_on_del": 1,
"purge_archive_on_new_comment": 0, "purge_archive_on_new_comment": 0,
"purge_archive_on_deleted_comment": 0, "purge_archive_on_deleted_comment": 0,
"purge_page_on_mod": 1, "purge_page_on_mod": 1,
@@ -588,6 +589,7 @@ def setupwordpress(self, data):
"""Install Cache-Enabler""" """Install Cache-Enabler"""
if data['wpce']: if data['wpce']:
installwp_plugin(self, 'cache-enabler', data)
plugin_data_object = {"expires": 24, plugin_data_object = {"expires": 24,
"new_post": 1, "new_post": 1,
"new_comment": 0, "new_comment": 0,
@@ -603,6 +605,15 @@ def setupwordpress(self, data):
setupwp_plugin(self, 'cache-enabler', 'cache-enabler', setupwp_plugin(self, 'cache-enabler', 'cache-enabler',
plugin_data, data) plugin_data, data)
if vhostonly:
try:
WOShellExec.cmd_exec(self, "/bin/bash -c \"{0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"db clean --yes\"")
WOFileUtils.rm(self, "{0}/htdocs/*".format(wo_site_webroot))
except CommandExecutionError:
raise SiteError("Cleaning WordPress install failed")
wp_creds = dict(wp_user=wo_wp_user, wp_pass=wo_wp_pass, wp_creds = dict(wp_user=wo_wp_user, wp_pass=wo_wp_pass,
wp_email=wo_wp_email) wp_email=wo_wp_email)
@@ -988,6 +999,16 @@ def display_cache_settings(self, data):
"\thttp://{0}/wp-admin/options-general.php?" "\thttp://{0}/wp-admin/options-general.php?"
"page=nginx".format(data['site_name'])) "page=nginx".format(data['site_name']))
if data['wpce']:
if data['multisite']:
Log.info(self, "Nginx-Helper configuration :"
"\thttp://{0}/wp-admin/network/settings.php?"
"page=cache-enabler".format(data['site_name']))
else:
Log.info(self, "Nginx-Helper configuration :"
"\thttp://{0}/wp-admin/options-general.php?"
"page=cache-enabler".format(data['site_name']))
def logwatch(self, logfiles): def logwatch(self, logfiles):
import zlib import zlib
@@ -1214,6 +1235,10 @@ def removeNginxConf(self, domain):
def removeAcmeConf(self, domain): def removeAcmeConf(self, domain):
sslconf = ("/var/www/{0}/conf/nginx/ssl.conf"
.format(domain))
sslforce = ("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(domain))
if os.path.isdir('/etc/letsencrypt/renewal/{0}_ecc' if os.path.isdir('/etc/letsencrypt/renewal/{0}_ecc'
.format(domain)): .format(domain)):
Log.info(self, "Removing Acme configuration") Log.info(self, "Removing Acme configuration")
@@ -1229,18 +1254,27 @@ def removeAcmeConf(self, domain):
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.error(self, "Cert removal failed") Log.error(self, "Cert removal failed")
WOFileUtils.rm(self, '/etc/letsencrypt/renewal/{0}_ecc' WOFileUtils.rm(self, '{0}/{1}_ecc'
.format(domain)) .format(WOVariables.wo_ssl_archive, domain))
WOFileUtils.rm(self, '/etc/letsencrypt/live/{0}' WOFileUtils.rm(self, '{0}/{1}'
.format(domain)) .format(WOVariables.wo_ssl_live, domain))
WOFileUtils.rm(self, '/var/www/{0}/conf/nginx/ssl.conf' WOFileUtils.rm(self, '{0}'.format(sslconf))
.format(domain)) WOFileUtils.rm(self, '{0}.disabled'.format(sslconf))
WOFileUtils.rm(self, '/var/www/{0}/conf/nginx/ssl.conf.disabled' WOFileUtils.rm(self, '{0}'.format(sslforce))
.format(domain)) WOFileUtils.rm(self, '{0}.disabled'
WOFileUtils.rm(self, '/etc/nginx/conf.d/force-ssl-{0}.conf' .format(sslforce))
.format(domain)) WOFileUtils.rm(self, '/etc/letsencrypt/shared/{0}.conf'
WOFileUtils.rm(self, '/etc/nginx/conf.d/force-ssl-{0}.conf.disabled'
.format(domain)) .format(domain))
# find all broken symlinks
sympath = "/var/www"
WOFileUtils.findBrokenSymlink(self, sympath)
else:
if os.path.islink("{0}".format(sslconf)):
WOFileUtils.remove_symlink(self, "{0}".format(sslconf))
WOFileUtils.rm(self, '{0}'.format(sslforce))
if WOFileUtils.grepcheck(self, '/var/www/22222/conf/nginx/ssl.conf', if WOFileUtils.grepcheck(self, '/var/www/22222/conf/nginx/ssl.conf',
'{0}'.format(domain)): '{0}'.format(domain)):
Log.info(self, "Setting back default certificate for WordOps backend") Log.info(self, "Setting back default certificate for WordOps backend")
@@ -1339,7 +1373,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
self, "Validation : DNS mode with {0}".format(wo_acme_dns)) self, "Validation : DNS mode with {0}".format(wo_acme_dns))
else: else:
acme_mode = "-w /var/www/html" acme_mode = "-w /var/www/html"
validation_mode = "Webroot challenge" validation_mode = "Subdomain Webroot challenge"
Log.debug(self, "Validation : Webroot mode") Log.debug(self, "Validation : Webroot mode")
if subdomain: if subdomain:
Log.info(self, "Issuing subdomain SSL cert with acme.sh") Log.info(self, "Issuing subdomain SSL cert with acme.sh")
@@ -1356,7 +1390,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
Log.info(self, "Validation mode : {0}".format(validation_mode)) Log.info(self, "Validation mode : {0}".format(validation_mode))
ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) + ssl = WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) +
"--issue " "--issue "
"-d {0} -d *.{0} --dns {1} " "-d {0} -d '*.{0}' --dns {1} "
"-k {2} -f" "-k {2} -f"
.format(wo_domain_name, .format(wo_domain_name,
wo_acme_dns, wo_acme_dns,
@@ -1435,6 +1469,61 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# check if a wildcard exist to secure a new subdomain
def checkWildcardExist(self, wo_domain_name):
wo_acme_exec = ("/etc/letsencrypt/acme.sh --config-home "
"'/etc/letsencrypt/config'")
# export certificates list from acme.sh
WOShellExec.cmd_exec(self, "{0} ".format(wo_acme_exec) +
"--list --listraw > /var/lib/wo/cert.csv")
# define new csv dialect
csv.register_dialect('acmeconf', delimiter='|')
# open file
certfile = open('/var/lib/wo/cert.csv', 'rt')
reader = csv.reader(certfile, 'acmeconf')
wo_wildcard_domain = ("*.{0}".format(wo_domain_name))
for row in reader:
if wo_wildcard_domain in row[2]:
isWildcard = True
break
else:
isWildcard = False
certfile.close()
return isWildcard
# copy wildcard certificate to a subdomain
def copyWildcardCert(self, wo_domain_name, wo_root_domain):
if os.path.isfile("/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_root_domain)):
try:
if not os.path.isdir("/etc/letsencrypt/shared"):
WOFileUtils.mkdir(self, "/etc/letsencrypt/shared")
if not os.path.isfile("/etc/letsencrypt/shared/{0}.conf"
.format(wo_root_domain)):
WOFileUtils.copyfile(self, "/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_root_domain),
"/etc/letsencrypt/shared/{0}.conf"
.format(wo_root_domain))
WOFileUtils.create_symlink(self, ["/etc/letsencrypt/shared/"
"{0}.conf"
.format(wo_root_domain),
'/var/www/{0}/conf/nginx/'
'ssl.conf'
.format(wo_domain_name)])
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while "
"creating symlink for ssl cert")
# letsencrypt cert renewal # letsencrypt cert renewal
@@ -1514,9 +1603,6 @@ def httpsRedirect(self, wo_domain_name, redirect=True, wildcard=False):
else: else:
if wildcard: if wildcard:
try: try:
Log.info(
self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf" sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name), .format(wo_domain_name),
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
@@ -1536,10 +1622,6 @@ def httpsRedirect(self, wo_domain_name, redirect=True, wildcard=False):
else: else:
try: try:
Log.info(
self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf" sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name), .format(wo_domain_name),
encoding='utf-8', mode='w') encoding='utf-8', mode='w')

25
wo/cli/plugins/stack.py
View File

@@ -45,7 +45,6 @@ class WOStackController(CementBaseController):
label = 'stack' label = 'stack'
stacked_on = 'base' stacked_on = 'base'
stacked_type = 'nested' stacked_type = 'nested'
exit_on_close = True
description = 'Stack command manages stack operations' description = 'Stack command manages stack operations'
arguments = [ arguments = [
(['--all'], (['--all'],
@@ -91,8 +90,6 @@ class WOStackController(CementBaseController):
dict(help='Install ClamAV stack', action='store_true')), dict(help='Install ClamAV stack', action='store_true')),
(['--utils'], (['--utils'],
dict(help='Install Utils stack', action='store_true')), dict(help='Install Utils stack', action='store_true')),
(['--cheat'],
dict(help='Install cheat.sh stack', action='store_true')),
(['--redis'], (['--redis'],
dict(help='Install Redis', action='store_true')), dict(help='Install Redis', action='store_true')),
(['--phpredisadmin'], (['--phpredisadmin'],
@@ -128,8 +125,7 @@ class WOStackController(CementBaseController):
(not pargs.mysqlclient) and (not pargs.mysqltuner) and (not pargs.mysqlclient) and (not pargs.mysqltuner) and
(not pargs.adminer) and (not pargs.utils) and (not pargs.adminer) and (not pargs.utils) and
(not pargs.redis) and (not pargs.proftpd) and (not pargs.redis) and (not pargs.proftpd) and
(not pargs.extplorer) and (not pargs.extplorer) and (not pargs.clamav) and
(not pargs.cheat) and (not pargs.clamav) and
(not pargs.phpredisadmin) and (not pargs.phpredisadmin) and
(not pargs.php73)): (not pargs.php73)):
pargs.web = True pargs.web = True
@@ -159,7 +155,6 @@ class WOStackController(CementBaseController):
pargs.dashboard = True pargs.dashboard = True
pargs.phpredisadmin = True pargs.phpredisadmin = True
pargs.extplorer = True pargs.extplorer = True
pargs.cheat = True
if pargs.security: if pargs.security:
pargs.fail2ban = True pargs.fail2ban = True
@@ -418,17 +413,6 @@ class WOStackController(CementBaseController):
Log.debug(self, "eXtplorer is already installed") Log.debug(self, "eXtplorer is already installed")
Log.info(self, "eXtplorer is already installed") Log.info(self, "eXtplorer is already installed")
# cheat.sh
if pargs.cheat:
if not os.path.isfile('/usr/local/bin/cht.sh'):
Log.debug(self, "Setting packages variable for cht.sh")
packages = packages + [["https://cht.sh/:cht.sh",
"/usr/local/bin/cht.sh",
"cheat.sh"]]
else:
Log.debug(self, "cheat.sh is already installed")
Log.info(self, "cheat.sh is already installed")
# UTILS # UTILS
if pargs.utils: if pargs.utils:
Log.debug(self, "Setting packages variable for utils") Log.debug(self, "Setting packages variable for utils")
@@ -517,8 +501,7 @@ class WOStackController(CementBaseController):
(not pargs.mysqlclient) and (not pargs.mysqltuner) and (not pargs.mysqlclient) and (not pargs.mysqltuner) and
(not pargs.adminer) and (not pargs.utils) and (not pargs.adminer) and (not pargs.utils) and
(not pargs.redis) and (not pargs.proftpd) and (not pargs.redis) and (not pargs.proftpd) and
(not pargs.extplorer) and (not pargs.extplorer) and (not pargs.clamav) and
(not pargs.cheat) and (not pargs.clamav) and
(not pargs.phpredisadmin) and (not pargs.phpredisadmin) and
(not pargs.php73)): (not pargs.php73)):
pargs.web = True pargs.web = True
@@ -724,8 +707,7 @@ class WOStackController(CementBaseController):
(not pargs.mysqlclient) and (not pargs.mysqltuner) and (not pargs.mysqlclient) and (not pargs.mysqltuner) and
(not pargs.adminer) and (not pargs.utils) and (not pargs.adminer) and (not pargs.utils) and
(not pargs.redis) and (not pargs.proftpd) and (not pargs.redis) and (not pargs.proftpd) and
(not pargs.extplorer) and (not pargs.extplorer) and (not pargs.clamav) and
(not pargs.cheat) and (not pargs.clamav) and
(not pargs.phpredisadmin) and (not pargs.phpredisadmin) and
(not pargs.php73)): (not pargs.php73)):
pargs.web = True pargs.web = True
@@ -753,7 +735,6 @@ class WOStackController(CementBaseController):
pargs.composer = True pargs.composer = True
pargs.netdata = True pargs.netdata = True
pargs.mysqltuner = True pargs.mysqltuner = True
pargs.cheat = True
if pargs.security: if pargs.security:
pargs.fail2ban = True pargs.fail2ban = True

14
wo/cli/plugins/stack_pref.py
View File

@@ -907,7 +907,8 @@ def post_pref(self, apt_packages, packages, upgrade=False):
"wait_timeout " "wait_timeout "
"= 600", "= 600",
"wait_timeout " "wait_timeout "
"= 120") "= 120\n"
"skip-name-resolve = 1\n")
# disabling mariadb binlog # disabling mariadb binlog
WOFileUtils.searchreplace(self, WOFileUtils.searchreplace(self,
"/etc/mysql/my.cnf", "/etc/mysql/my.cnf",
@@ -957,8 +958,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
"table_open_cache = 16000") "table_open_cache = 16000")
WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf",
"max_allowed_packet = 16M", "max_allowed_packet = 16M",
"max_allowed_packet = 64M\n" "max_allowed_packet = 64M\n")
"skip-name-resolve=1\n")
WOService.stop_service(self, 'mysql') WOService.stop_service(self, 'mysql')
WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0', WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0',
@@ -1114,7 +1114,8 @@ def post_pref(self, apt_packages, packages, upgrade=False):
Log.debug(self, "Enabling redis systemd service") Log.debug(self, "Enabling redis systemd service")
WOShellExec.cmd_exec(self, "systemctl enable redis-server") WOShellExec.cmd_exec(self, "systemctl enable redis-server")
if (os.path.isfile("/etc/redis/redis.conf") and if (os.path.isfile("/etc/redis/redis.conf") and
not WOFileUtils.grep(self, "/etc/mysql/my.cnf", "WordOps")): not WOFileUtils.grep(self, "/etc/redis/redis.conf",
"WordOps")):
Log.info(self, "Tuning Redis configuration") Log.info(self, "Tuning Redis configuration")
with open("/etc/redis/redis.conf", with open("/etc/redis/redis.conf",
"a") as redis_file: "a") as redis_file:
@@ -1481,11 +1482,6 @@ def post_pref(self, apt_packages, packages, upgrade=False):
for x in packages): for x in packages):
WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775)
# cht.sh
if any('/usr/local/bin/cht.sh' == x[1]
for x in packages):
WOFileUtils.chmod(self, "/usr/local/bin/cht.sh", 0o775)
# phpredisadmin # phpredisadmin
if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] if any('/var/lib/wo/tmp/pra.tar.gz' == x[1]
for x in packages): for x in packages):

4
wo/core/domainvalidate.py
View File

@@ -40,11 +40,11 @@ def GetDomainlevel(domain):
for domain_suffix in Suffix_file: for domain_suffix in Suffix_file:
if (str(domain_suffix).strip()) == ('.'.join(domain_name[1:])): if (str(domain_suffix).strip()) == ('.'.join(domain_name[1:])):
domain_type = 'domain' domain_type = 'domain'
root_domain = domain_name[0:] root_domain = ('.'.join(domain_name[0:]))
break break
elif (str(domain_suffix).strip()) == ('.'.join(domain_name[2:])): elif (str(domain_suffix).strip()) == ('.'.join(domain_name[2:])):
domain_type = 'subdomain' domain_type = 'subdomain'
root_domain = domain_name[1:] root_domain = ('.'.join(domain_name[1:]))
break break
else: else:
domain_type = 'other' domain_type = 'other'

30
wo/core/fileutils.py
View File

@@ -279,3 +279,33 @@ class WOFileUtils():
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to remove file : {0} " Log.error(self, "Unable to remove file : {0} "
.format(path)) .format(path))
def findBrokenSymlink(self, sympath):
"""
Find symlinks
"""
links = []
broken = []
for root, dirs, files in os.walk(sympath):
if root.startswith('./.git'):
# Ignore the .git directory.
continue
for filename in files:
path = os.path.join(root, filename)
if os.path.islink(path):
target_path = os.readlink(path)
# Resolve relative symlinks
if not os.path.isabs(target_path):
target_path = os.path.join(os.path.dirname(path),
target_path)
if not os.path.exists(target_path):
links.append(path)
broken.append(path)
os.remove(path)
else:
links.append(path)
else:
# If it's not a symlink we're not interested.
continue
return True

11
wo/core/variables.py
View File

@@ -10,7 +10,7 @@ class WOVariables():
"""Intialization of core variables""" """Intialization of core variables"""
# WordOps version # WordOps version
wo_version = "3.9.8.5" wo_version = "3.9.8.6"
# WordOps packages versions # WordOps packages versions
wo_wp_cli = "2.2.0" wo_wp_cli = "2.2.0"
wo_adminer = "4.7.2" wo_adminer = "4.7.2"
@@ -147,11 +147,18 @@ class WOVariables():
if wo_distro == 'raspbian': if wo_distro == 'raspbian':
wo_mysql = ["mariadb-server", "percona-toolkit", wo_mysql = ["mariadb-server", "percona-toolkit",
"python3-mysqldb"] "python3-mysqldb"]
elif wo_distro == 'debian':
if wo_platform_codename == 'jessie':
wo_mysql = ["mariadb-server", "percona-toolkit",
"python3-mysql.connector"]
else: else:
wo_mysql = ["mariadb-server", "percona-toolkit", wo_mysql = ["mariadb-server", "percona-toolkit",
"python3-mysqldb", "mariadb-backup"] "python3-mysqldb", "mariadb-backup"]
wo_mysql_client = ["mariadb-client", "python3-mysqldb"] if wo_platform_codename == 'jessie':
wo_mysql_client = ["mariadb-client", "python3-mysqldb"]
else:
wo_mysql_client = ["mariadb-client", "python3-mysql.connector"]
wo_fail2ban = ["fail2ban"] wo_fail2ban = ["fail2ban"]