Merge pull request #462 from WordOps/updating-configuration
Maintenance Release v3.15.2
This commit is contained in:
VirtuBox
16
CHANGELOG.md
16
CHANGELOG.md
@@ -6,7 +6,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
||||
|
||||
## Releases
|
||||
|
||||
### v3.15.2 - [Unreleased]
|
||||
### v3.16.0 - [Unreleased]
|
||||
|
||||
### v3.15.2 - 2022-09-23
|
||||
|
||||
#### Added
|
||||
|
||||
- Add support for Chrome Privacy Preserving Prefetch Proxy [Issue 440](https://github.com/WordOps/WordOps/issues/440)
|
||||
|
||||
#### Changed
|
||||
|
||||
- Cloudflare IP script for Nginx now fetch Cloudflare IPs using the API
|
||||
|
||||
#### Fixed
|
||||
|
||||
- wo secure --auth on Ubuntu 22.04
|
||||
|
||||
### v3.15.1 - 2022-09-09
|
||||
|
||||
|
||||
@@ -49,6 +49,7 @@
|
||||
- **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on [ssllabs](https://www.ssllabs.com/ssltest/analyze.html?d=demo.wordops.eu&latest))
|
||||
- **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata
|
||||
- **User Friendly** : WordOps dashboard with server status/monitoring and tools ([demo](https://demo.wordops.eu))
|
||||
- **Release cycle** : WordOps stable releases are published in June and December.
|
||||
|
||||
---
|
||||
|
||||
@@ -165,6 +166,7 @@ For any other questions about WordOps or if you need support, please use the [Co
|
||||
|
||||
If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome.
|
||||
There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribute by helping us to improve [WordOps documentation](https://github.com/WordOps/docs.wordops.net).
|
||||
Otherwise, you can still contribute to the project by making a donation on [Ko-Fi](https://ko-fi.com/wordops).
|
||||
|
||||
## Credits
|
||||
|
||||
|
||||
2
install
2
install
@@ -9,7 +9,7 @@
|
||||
# -------------------------------------------------------------------------
|
||||
# wget -qO wo wops.cc && sudo -E bash wo
|
||||
# -------------------------------------------------------------------------
|
||||
# Version 3.15.1 - 2022-09-09
|
||||
# Version 3.15.2 - 2022-09-23
|
||||
# -------------------------------------------------------------------------
|
||||
|
||||
# CONTENTS
|
||||
|
||||
2
setup.py
2
setup.py
@@ -27,7 +27,7 @@ if os.geteuid() == 0:
|
||||
os.makedirs('/var/lib/wo/tmp/')
|
||||
|
||||
setup(name='wordops',
|
||||
version='3.15.1',
|
||||
version='3.15.2',
|
||||
description='An essential toolset that eases server administration',
|
||||
long_description=LONG,
|
||||
long_description_content_type='text/markdown',
|
||||
|
||||
@@ -83,11 +83,11 @@ class WOSecureController(CementBaseController):
|
||||
if password == "":
|
||||
pargs.user_pass = passwd
|
||||
Log.debug(self, "printf username:"
|
||||
"$(openssl passwd -crypt "
|
||||
"$(openssl passwd --apr1 "
|
||||
"password 2> /dev/null)\n\""
|
||||
"> /etc/nginx/htpasswd-wo 2>/dev/null")
|
||||
WOShellExec.cmd_exec(self, "printf \"{username}:"
|
||||
"$(openssl passwd -crypt "
|
||||
"$(openssl passwd -apr1 "
|
||||
"{password} 2> /dev/null)\n\""
|
||||
"> /etc/nginx/htpasswd-wo 2>/dev/null"
|
||||
.format(username=pargs.user_input,
|
||||
|
||||
@@ -194,11 +194,6 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
WOTemplate.deploy(
|
||||
self, '{0}/avif.conf'.format(ngxcnf),
|
||||
'avif.mustache', data, overwrite=False)
|
||||
|
||||
WOTemplate.deploy(
|
||||
self, '{0}/cloudflare.conf'.format(ngxcnf),
|
||||
'cloudflare.mustache', data)
|
||||
|
||||
WOTemplate.deploy(
|
||||
self,
|
||||
'{0}/map-wp-fastcgi-cache.conf'.format(ngxcnf),
|
||||
@@ -220,6 +215,11 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
'{0}/locations-wo.conf'
|
||||
.format(ngxcom),
|
||||
'locations.mustache', data)
|
||||
# traffic advice file
|
||||
WOTemplate.deploy(self,
|
||||
'/var/www/html/'
|
||||
'.well-known/traffic-advice',
|
||||
'traffic-advice.mustache', data)
|
||||
|
||||
WOTemplate.deploy(self,
|
||||
'{0}/wpsubdir.conf'
|
||||
@@ -324,7 +324,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
try:
|
||||
WOShellExec.cmd_exec(
|
||||
self, "printf \"WordOps:"
|
||||
"$(openssl passwd -crypt "
|
||||
"$(openssl passwd -apr1 "
|
||||
"{password} 2> /dev/null)\n\""
|
||||
"> /etc/nginx/htpasswd-wo "
|
||||
"2>/dev/null"
|
||||
@@ -417,12 +417,13 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
.format(server_ip.text,
|
||||
WOVar.wo_fqdn)])
|
||||
|
||||
if not os.path.isfile("/opt/cf-update.sh"):
|
||||
data = dict(release=WOVar.wo_version)
|
||||
WOTemplate.deploy(self, '/opt/cf-update.sh',
|
||||
'cf-update.mustache',
|
||||
data, overwrite=False)
|
||||
data, overwrite=True)
|
||||
WOFileUtils.chmod(self, "/opt/cf-update.sh", 0o775)
|
||||
Log.debug(self, 'Creating Cloudflare.conf')
|
||||
WOShellExec.cmd_exec(self, '/opt/cf-update.sh')
|
||||
WOCron.setcron_weekly(self, '/opt/cf-update.sh '
|
||||
'> /dev/null 2>&1',
|
||||
comment='Cloudflare IP refresh cronjob '
|
||||
@@ -1266,7 +1267,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
self,
|
||||
'mysql -e "SET PASSWORD = '
|
||||
'PASSWORD(\'{0}\'); flush privileges;"'
|
||||
.format(chars))
|
||||
.format(chars), log=False)
|
||||
WOFileUtils.mvfile(
|
||||
self, '/etc/mysql/conf.d/my.cnf.tmp',
|
||||
'/etc/mysql/conf.d/my.cnf')
|
||||
@@ -1290,7 +1291,7 @@ def post_pref(self, apt_packages, packages, upgrade=False):
|
||||
'IDENTIFIED VIA unix_socket OR '
|
||||
'mysql_native_password; '
|
||||
'SET PASSWORD = PASSWORD(\'{0}\'); '
|
||||
'flush privileges;"'.format(chars))
|
||||
'flush privileges;"'.format(chars), log=False)
|
||||
WOFileUtils.textappend(
|
||||
self, '/etc/mysql/conf.d/my.cnf',
|
||||
'socket = /run/mysqld/mysqld.sock')
|
||||
|
||||
@@ -202,12 +202,8 @@ class WOStackUpgradeController(CementBaseController):
|
||||
# netdata
|
||||
if pargs.netdata:
|
||||
# detect static binaries install
|
||||
if os.path.isdir('/opt/netdata'):
|
||||
packages = packages + [[
|
||||
'https://my-netdata.io/kickstart.sh',
|
||||
'/var/lib/wo/tmp/kickstart.sh', 'Netdata']]
|
||||
# detect install from source
|
||||
elif os.path.isdir('/etc/netdata'):
|
||||
if (os.path.isdir('/opt/netdata') or
|
||||
os.path.isdir('/etc/netdata')):
|
||||
packages = packages + [[
|
||||
'https://my-netdata.io/kickstart.sh',
|
||||
'/var/lib/wo/tmp/kickstart.sh', 'Netdata']]
|
||||
@@ -295,11 +291,11 @@ class WOStackUpgradeController(CementBaseController):
|
||||
'ngxblocker'
|
||||
]]
|
||||
|
||||
if ((not (apt_packages)) and (not(packages))):
|
||||
if not apt_packages and not packages:
|
||||
self.app.args.print_help()
|
||||
else:
|
||||
pre_stack(self)
|
||||
if (apt_packages):
|
||||
if apt_packages:
|
||||
if not ("php7.2-fpm" in apt_packages or
|
||||
"php7.3-fpm" in apt_packages or
|
||||
"php7.4-fpm" in apt_packages or
|
||||
@@ -340,7 +336,7 @@ class WOStackUpgradeController(CementBaseController):
|
||||
Log.valide(self, "Configuring APT Packages")
|
||||
# Post Actions after package updates
|
||||
|
||||
if (packages):
|
||||
if packages:
|
||||
if WOAptGet.is_selected(self, 'WP-CLI', packages):
|
||||
WOFileUtils.rm(self, '/usr/local/bin/wp')
|
||||
|
||||
@@ -385,7 +381,7 @@ class WOStackUpgradeController(CementBaseController):
|
||||
WOShellExec.cmd_exec(
|
||||
self,
|
||||
"bash /var/lib/wo/tmp/kickstart.sh "
|
||||
"--dont-wait --no-updates",
|
||||
"--dont-wait --no-updates --stable-channel",
|
||||
errormsg='', log=False)
|
||||
Log.valide(self, "Upgrading Netdata")
|
||||
|
||||
|
||||
@@ -28,14 +28,13 @@ IFS=$'\n\t'
|
||||
trap 's=$?; echo "$0: Error on line "$LINENO": $BASH_COMMAND"; tput cnorm ; exit $s' ERR
|
||||
|
||||
declare -r CURL_BIN=$(command -v curl)
|
||||
declare -r cfIPv4="https://www.cloudflare.com/ips-v4"
|
||||
declare -r cfIPv6="https://www.cloudflare.com/ips-v6"
|
||||
declare -r cfIP="https://api.cloudflare.com/client/v4/ips"
|
||||
declare -r cfConf='/etc/nginx/conf.d/cloudflare.conf'
|
||||
declare allOK='true'
|
||||
declare ips4 ips6 ip
|
||||
|
||||
ips4=$( ${CURL_BIN} -sL "${cfIPv4}" )
|
||||
ips6=$( ${CURL_BIN} -sL "${cfIPv6}" )
|
||||
ips4=$( ${CURL_BIN} -sL "${cfIP}" | jq -r '.result.ipv4_cidrs[]' )
|
||||
ips6=$( ${CURL_BIN} -sL "${cfIP}" | jq -r '.result.ipv6_cidrs[]' )
|
||||
|
||||
|
||||
if [ -d /etc/nginx/conf.d ]; then
|
||||
@@ -75,4 +74,3 @@ else
|
||||
fi
|
||||
echo "Cloudflare IPs updated"
|
||||
echo ""
|
||||
|
||||
|
||||
@@ -37,6 +37,13 @@ location /.well-known/acme-challenge/ {
|
||||
allow all;
|
||||
auth_basic off;
|
||||
}
|
||||
# Private Prefetch Proxy
|
||||
# https://developer.chrome.com/blog/private-prefetch-proxy/
|
||||
location /.well-known/traffic-advice {
|
||||
types { } default_type "application/trafficadvice+json; charset=utf-8";
|
||||
alias /var/www/html/.well-known/traffic-advice;
|
||||
allow all;
|
||||
}
|
||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
||||
location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
|
||||
deny all;
|
||||
|
||||
6
wo/cli/templates/traffic-advice.mustache
Normal file
6
wo/cli/templates/traffic-advice.mustache
Normal file
@@ -0,0 +1,6 @@
|
||||
[{
|
||||
"user_agent": "prefetch-proxy",
|
||||
"google_prefetch_proxy_eap": {
|
||||
"fraction": 1.0
|
||||
}
|
||||
}]
|
||||
@@ -15,7 +15,7 @@ class WOVar():
|
||||
"""Intialization of core variables"""
|
||||
|
||||
# WordOps version
|
||||
wo_version = "3.15.1"
|
||||
wo_version = "3.15.2"
|
||||
# WordOps packages versions
|
||||
wo_wp_cli = "2.6.0"
|
||||
wo_adminer = "4.8.1"
|
||||
|
||||
Reference in New Issue
Block a user