Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Several fix and improvements

Browse Source 
* fix acme.sh migration with previous install
* add support for raspbian (testing)
* fix memcache folder in WordOps dashboard
* improve install code quality
This commit is contained in:
VirtuBox
2019-04-30 18:44:35 +02:00
parent 98cd8f349d
commit 573b1a0665
2 changed files with 59 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
install
View File

@@ -133,15 +133,15 @@ fi
# 1 - Checking linux distro
###
if [ -z "$wo_force_install" ]; then
if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment."
if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ] && [ "$wo_linux_distro" != "Raspbian" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu, Debian & Raspbian at the moment."
wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support"
wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives."
exit 100
else
check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch")
if [ -z "$check_wo_linux_distro" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x and Debian 9.x"
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x, Debian 9.x and Raspbian 9.x"
exit 100
fi
fi
@@ -357,7 +357,11 @@ wo_install_acme_sh() {
if [ ! -x /etc/letsencrypt/acme.sh ]; then
{
# clone the git repository
git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q
if [ -d /opt/acme.sh/.git ]; then
git -C /opt/acme.sh pull origin master
else
git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q
fi
cd /opt/acme.sh || exit 1
# create conf directories
[ ! -d /etc/letsencrypt/config ] && {
@@ -379,8 +383,11 @@ wo_install_acme_sh() {
} >> "$wo_install_log" 2>&1
fi
if [ -d "$HOME/.acme.sh" ]; then
if [ -x "$HOME/.acme.sh/acme.sh" ]; then
{
# backup acme.sh folder
/bin/tar -I pigz -cf /var/lib/wo-backup/acme.sh.tar.gz "$HOME/.acme.sh"
# rsync previous certificates to new acme.sh location
/usr/bin/rsync -rltgoDpz --exclude="account.conf" \
--exclude="acme.sh" \
--exclude="acme.sh.env" \
@@ -390,6 +397,11 @@ wo_install_acme_sh() {
--exclude="ca" \
"$HOME/.acme.sh/" \
/etc/letsencrypt/renewal/
# remove previous acme.sh folder
rm -rf "$HOME/.acme.sh"
# create acme.sh.env file inlcuded in .bashrc to avoid error when logging in
mkdir -p "$HOME/.acme.sh"
echo '' > "$HOME/.acme.sh/acme.sh.env"
} >> "$wo_install_log" 2>&1
fi
@@ -546,7 +558,7 @@ wo_update_latest() {
if [ -f /etc/ImageMagick/policy.xml ]; then
if [ ! -f /etc/ImageMagick/patch.txt ]; then
echo -e "\t<policy domain="coder" rights="none" pattern="EPHEMERAL" />\n\t<policy domain="coder" rights="none" pattern="URL" />\n\t<policy domain="coder" rights="none" pattern="HTTPS" />\n\t<policy domain="coder" rights="none" pattern="MVG" />\n\t<policy domain="coder" rights="none" pattern="MSL" />" >> /etc/ImageMagick/patch.txt
echo -e "\t<policy domain=\"coder\" rights=\"none\" pattern=\"EPHEMERAL\" />\n\t<policy domain=\"coder\" rights=\"none\" pattern=\"URL\" />\n\t<policy domain=\"coder\" rights=\"none\" pattern=\"HTTPS\" />\n\t<policy domain=\"coder\" rights=\"none\" pattern=\"MVG\" />\n\t<policy domain=\"coder\" rights=\"none\" pattern=\"MSL\" />" >> /etc/ImageMagick/patch.txt
sed -i '/<policymap>/r /etc/ImageMagick/patch.txt' /etc/ImageMagick/policy.xml
fi
fi
@@ -576,10 +588,10 @@ wo_update_latest() {
# Fix Redis-server security issue
# http://redis.io/topics/security
if [ -f /etc/redis/redis.conf ]; then
grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1
CHECK_REDIS_BIND=$(grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1)
if [ "$?" -ne 0 ]; then
sed -i '$ a bind 127.0.0.1' /etc/redis/redis.conf &
if [ -z "$CHECK_REDIS_BIND" ]; then
echo 'bind 127.0.0.1 ::1' >> /etc/redis/redis.conf
service redis-server restart > /dev/null 2>&1
@@ -593,9 +605,9 @@ wo_git_init() {
# Nginx under git version control
[ -d /etc/nginx ] && {
cd /etc/nginx || exit 1
if [ ! -d /etc/nginx/.git ]; then
[ ! -d /etc/nginx/.git ] && {
git init
fi
}
git add -A .
git commit -am "Updated Nginx"
} >> /var/log/wo/install.log 2>&1
@@ -611,20 +623,20 @@ wo_git_init() {
# PHP under git version control
[ -d /etc/php ] && {
cd /etc/php || exit 1
if [ ! -d /etc/php/.git ]; then
[ ! -d /etc/php/.git ] && {
git init
fi
}
git add -A .
git commit -am "Updated PHP"
} >> /var/log/wo/install.log 2>&1
}
wo_backup_ee() {
tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1
/bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1
}
wo_backup_wo() {
tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1
/bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1
}
wo_clean_ee() {
@@ -655,7 +667,11 @@ if [ -x /usr/local/bin/wo ]; then
wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_install >> wo_install_log 2>&1
if [ -f "$HOME/.gitconfig" ]; then
wo_install >> wo_install_log 2>&1
else
wo_install | tee -ai $wo_install_log
fi
if [ -x "$(command -v nginx)" ]; then
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log
@@ -685,7 +701,11 @@ else
wo_sync_db | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_install >> wo_install_log 2>&1
if [ -f "$HOME/.gitconfig" ]; then
wo_install >> wo_install_log 2>&1
else
wo_install | tee -ai $wo_install_log
fi
if [ -x "$(command -v nginx)" ]; then
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log

34
wo/cli/plugins/stack.py
View File

@@ -92,7 +92,9 @@ class WOStackController(CementBaseController):
"""Pre settings to do before installation packages"""
if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
if (WOVariables.wo_platform_codename != 'disco'):
# add mariadb repository excepted on raspbian and ubuntu 19.04
if (not WOVariables.wo_platform_codename == 'disco') and
(not WOVariables.wo_platform_distro == 'raspbian'):
Log.info(self, "Adding repository for MySQL, please wait...")
mysql_pref = ("Package: *\nPin: origin "
"sfo1.mirrors.digitalocean.com"
@@ -107,7 +109,9 @@ class WOStackController(CementBaseController):
keyserver="keyserver.ubuntu.com")
WORepo.add_key(self, '0xF1656F24C74CD1D8',
keyserver="keyserver.ubuntu.com")
# generate random 24 characters root password
chars = ''.join(random.sample(string.ascii_letters, 24))
# configure MySQL non-interactive install
Log.debug(self, "Pre-seeding MySQL")
Log.debug(self, "echo \"mariadb-server-10.3 "
"mysql-server/root_password "
@@ -136,7 +140,7 @@ class WOStackController(CementBaseController):
log=False)
except CommandExecutionError as e:
Log.error("Failed to initialize MySQL package")
# generate my.cnf root credentials
mysql_config = """
[client]
user = root
@@ -153,12 +157,14 @@ class WOStackController(CementBaseController):
Log.debug(self, 'Setting my.cnf permission')
WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf", 0o600)
# add nginx repository
if set(WOVariables.wo_nginx).issubset(set(apt_packages)):
Log.info(self, "Adding repository for NGINX, please wait...")
WORepo.add(self, repo_url=WOVariables.wo_nginx_repo)
Log.debug(self, 'Adding repository for Nginx')
WORepo.add_key(self, WOVariables.wo_nginx_key)
# add php repository
if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or
set(WOVariables.wo_php).issubset(set(apt_packages))):
if (WOVariables.wo_platform_distro == 'ubuntu'):
@@ -172,7 +178,7 @@ class WOStackController(CementBaseController):
WORepo.add(self, repo_url=WOVariables.wo_php_repo)
Log.debug(self, 'Adding deb.sury GPG key')
WORepo.add_key(self, WOVariables.wo_php_key)
# add redis repository
if set(WOVariables.wo_redis).issubset(set(apt_packages)):
Log.info(self, "Adding repository for Redis, please wait...")
if WOVariables.wo_platform_distro == 'ubuntu':
@@ -644,7 +650,7 @@ class WOStackController(CementBaseController):
"/var/run/php/php73-fpm.sock;\n}\n"
"upstream debug73 {\nserver "
"127.0.0.1:9173;\n}\n")
# create nginx configuration for redis
if set(WOVariables.wo_redis).issubset(set(apt_packages)):
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/"
@@ -994,6 +1000,7 @@ class WOStackController(CementBaseController):
WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git")
WOService.restart_service(self, 'php7.3-fpm')
# create mysql config if it doesn't exist
if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
if not os.path.isfile("/etc/mysql/my.cnf"):
config = ("[mysqld]\nwait_timeout = 30\n"
@@ -1019,6 +1026,7 @@ class WOStackController(CementBaseController):
WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git")
WOService.reload_service(self, 'mysql')
# create fail2ban configuration files
if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)):
if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"):
data = dict()
@@ -1197,13 +1205,13 @@ class WOStackController(CementBaseController):
if any('/tmp/memcached.tar.gz' == x[1]
for x in packages):
Log.debug(self, "Extracting memcached.tar.gz to location"
" {0}22222/htdocs/cache/memcached "
" {0}22222/htdocs/cache/memcache "
.format(WOVariables.wo_webroot))
WOExtract.extract(self, '/tmp/memcached.tar.gz',
'{0}22222/htdocs/cache/memcached/'
'{0}22222/htdocs/cache/memcache/'
.format(WOVariables.wo_webroot))
Log.debug(self, "Setting Privileges to "
"{0}22222/htdocs/cache/memcached file"
"{0}22222/htdocs/cache/memcache file"
.format(WOVariables.wo_webroot))
WOFileUtils.chown(self, '{0}22222'
.format(WOVariables.wo_webroot),
@@ -1309,7 +1317,7 @@ class WOStackController(CementBaseController):
if any('/usr/bin/pt-query-advisor' == x[1]
for x in packages):
WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775)
# ph
# phpredisadmin
if any('/tmp/pra.tar.gz' == x[1]
for x in packages):
if not os.path.exists('{0}22222/htdocs/cache/redis'
@@ -1479,8 +1487,10 @@ class WOStackController(CementBaseController):
packages = packages + [["https://github.com/phpmyadmin/"
"phpmyadmin/archive/STABLE.tar.gz",
"/tmp/pma.tar.gz", "phpMyAdmin"],
["https://getcomposer.org/installer",
"/tmp/composer-install", "Composer"]]
["https://getcomposer.org/"
"installer",
"/tmp/composer-install",
"Composer"]]
else:
packages = packages + [["https://github.com/phpmyadmin/"
"phpmyadmin/archive/STABLE.tar.gz",
@@ -1759,7 +1769,7 @@ class WOStackController(CementBaseController):
.format(WOVariables.wo_webroot),
'{0}22222/htdocs/cache/nginx/'
'clean.php'.format(WOVariables.wo_webroot),
'{0}22222/htdocs/cache/memcached'
'{0}22222/htdocs/cache/memcache'
.format(WOVariables.wo_webroot),
'/usr/bin/pt-query-advisor',
'{0}22222/htdocs/db/anemometer'
@@ -1891,7 +1901,7 @@ class WOStackController(CementBaseController):
.format(WOVariables.wo_webroot),
'{0}22222/htdocs/cache/nginx/'
'clean.php'.format(WOVariables.wo_webroot),
'{0}22222/htdocs/cache/memcached'
'{0}22222/htdocs/cache/memcache'
.format(WOVariables.wo_webroot),
'/usr/bin/pt-query-advisor',
'{0}22222/htdocs/db/anemometer'