From 573b1a0665d8078c6a2205aa3d1b5c6555ed8116 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Apr 2019 18:44:35 +0200 Subject: [PATCH] Several fix and improvements * fix acme.sh migration with previous install * add support for raspbian (testing) * fix memcache folder in WordOps dashboard * improve install code quality --- install | 54 ++++++++++++++++++++++++++++------------- wo/cli/plugins/stack.py | 34 +++++++++++++++++--------- 2 files changed, 59 insertions(+), 29 deletions(-) diff --git a/install b/install index 37bfa17..a534f34 100755 --- a/install +++ b/install @@ -133,15 +133,15 @@ fi # 1 - Checking linux distro ### if [ -z "$wo_force_install" ]; then - if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment." + if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ] && [ "$wo_linux_distro" != "Raspbian" ]; then + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu, Debian & Raspbian at the moment." wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support" wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." exit 100 else check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch") if [ -z "$check_wo_linux_distro" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x and Debian 9.x" + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x, Debian 9.x and Raspbian 9.x" exit 100 fi fi @@ -357,7 +357,11 @@ wo_install_acme_sh() { if [ ! -x /etc/letsencrypt/acme.sh ]; then { # clone the git repository - git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q + if [ -d /opt/acme.sh/.git ]; then + git -C /opt/acme.sh pull origin master + else + git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q + fi cd /opt/acme.sh || exit 1 # create conf directories [ ! -d /etc/letsencrypt/config ] && { @@ -379,8 +383,11 @@ wo_install_acme_sh() { } >> "$wo_install_log" 2>&1 fi - if [ -d "$HOME/.acme.sh" ]; then + if [ -x "$HOME/.acme.sh/acme.sh" ]; then { + # backup acme.sh folder + /bin/tar -I pigz -cf /var/lib/wo-backup/acme.sh.tar.gz "$HOME/.acme.sh" + # rsync previous certificates to new acme.sh location /usr/bin/rsync -rltgoDpz --exclude="account.conf" \ --exclude="acme.sh" \ --exclude="acme.sh.env" \ @@ -390,6 +397,11 @@ wo_install_acme_sh() { --exclude="ca" \ "$HOME/.acme.sh/" \ /etc/letsencrypt/renewal/ + # remove previous acme.sh folder + rm -rf "$HOME/.acme.sh" + # create acme.sh.env file inlcuded in .bashrc to avoid error when logging in + mkdir -p "$HOME/.acme.sh" + echo '' > "$HOME/.acme.sh/acme.sh.env" } >> "$wo_install_log" 2>&1 fi @@ -546,7 +558,7 @@ wo_update_latest() { if [ -f /etc/ImageMagick/policy.xml ]; then if [ ! -f /etc/ImageMagick/patch.txt ]; then - echo -e "\t\n\t\n\t\n\t\n\t" >> /etc/ImageMagick/patch.txt + echo -e "\t\n\t\n\t\n\t\n\t" >> /etc/ImageMagick/patch.txt sed -i '//r /etc/ImageMagick/patch.txt' /etc/ImageMagick/policy.xml fi fi @@ -576,10 +588,10 @@ wo_update_latest() { # Fix Redis-server security issue # http://redis.io/topics/security if [ -f /etc/redis/redis.conf ]; then - grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1 + CHECK_REDIS_BIND=$(grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1) - if [ "$?" -ne 0 ]; then - sed -i '$ a bind 127.0.0.1' /etc/redis/redis.conf & + if [ -z "$CHECK_REDIS_BIND" ]; then + echo 'bind 127.0.0.1 ::1' >> /etc/redis/redis.conf service redis-server restart > /dev/null 2>&1 @@ -593,9 +605,9 @@ wo_git_init() { # Nginx under git version control [ -d /etc/nginx ] && { cd /etc/nginx || exit 1 - if [ ! -d /etc/nginx/.git ]; then + [ ! -d /etc/nginx/.git ] && { git init - fi + } git add -A . git commit -am "Updated Nginx" } >> /var/log/wo/install.log 2>&1 @@ -611,20 +623,20 @@ wo_git_init() { # PHP under git version control [ -d /etc/php ] && { cd /etc/php || exit 1 - if [ ! -d /etc/php/.git ]; then + [ ! -d /etc/php/.git ] && { git init - fi + } git add -A . git commit -am "Updated PHP" } >> /var/log/wo/install.log 2>&1 } wo_backup_ee() { - tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1 + /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1 } wo_backup_wo() { - tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 + /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 } wo_clean_ee() { @@ -655,7 +667,11 @@ if [ -x /usr/local/bin/wo ]; then wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install >> wo_install_log 2>&1 + if [ -f "$HOME/.gitconfig" ]; then + wo_install >> wo_install_log 2>&1 + else + wo_install | tee -ai $wo_install_log + fi if [ -x "$(command -v nginx)" ]; then wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log @@ -685,7 +701,11 @@ else wo_sync_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install >> wo_install_log 2>&1 + if [ -f "$HOME/.gitconfig" ]; then + wo_install >> wo_install_log 2>&1 + else + wo_install | tee -ai $wo_install_log + fi if [ -x "$(command -v nginx)" ]; then wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 1cd236a..f14a24a 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -92,7 +92,9 @@ class WOStackController(CementBaseController): """Pre settings to do before installation packages""" if set(WOVariables.wo_mysql).issubset(set(apt_packages)): - if (WOVariables.wo_platform_codename != 'disco'): + # add mariadb repository excepted on raspbian and ubuntu 19.04 + if (not WOVariables.wo_platform_codename == 'disco') and + (not WOVariables.wo_platform_distro == 'raspbian'): Log.info(self, "Adding repository for MySQL, please wait...") mysql_pref = ("Package: *\nPin: origin " "sfo1.mirrors.digitalocean.com" @@ -107,7 +109,9 @@ class WOStackController(CementBaseController): keyserver="keyserver.ubuntu.com") WORepo.add_key(self, '0xF1656F24C74CD1D8', keyserver="keyserver.ubuntu.com") + # generate random 24 characters root password chars = ''.join(random.sample(string.ascii_letters, 24)) + # configure MySQL non-interactive install Log.debug(self, "Pre-seeding MySQL") Log.debug(self, "echo \"mariadb-server-10.3 " "mysql-server/root_password " @@ -136,7 +140,7 @@ class WOStackController(CementBaseController): log=False) except CommandExecutionError as e: Log.error("Failed to initialize MySQL package") - + # generate my.cnf root credentials mysql_config = """ [client] user = root @@ -153,12 +157,14 @@ class WOStackController(CementBaseController): Log.debug(self, 'Setting my.cnf permission') WOFileUtils.chmod(self, "/etc/mysql/conf.d/my.cnf", 0o600) + # add nginx repository if set(WOVariables.wo_nginx).issubset(set(apt_packages)): Log.info(self, "Adding repository for NGINX, please wait...") WORepo.add(self, repo_url=WOVariables.wo_nginx_repo) Log.debug(self, 'Adding repository for Nginx') WORepo.add_key(self, WOVariables.wo_nginx_key) + # add php repository if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or set(WOVariables.wo_php).issubset(set(apt_packages))): if (WOVariables.wo_platform_distro == 'ubuntu'): @@ -172,7 +178,7 @@ class WOStackController(CementBaseController): WORepo.add(self, repo_url=WOVariables.wo_php_repo) Log.debug(self, 'Adding deb.sury GPG key') WORepo.add_key(self, WOVariables.wo_php_key) - + # add redis repository if set(WOVariables.wo_redis).issubset(set(apt_packages)): Log.info(self, "Adding repository for Redis, please wait...") if WOVariables.wo_platform_distro == 'ubuntu': @@ -644,7 +650,7 @@ class WOStackController(CementBaseController): "/var/run/php/php73-fpm.sock;\n}\n" "upstream debug73 {\nserver " "127.0.0.1:9173;\n}\n") - + # create nginx configuration for redis if set(WOVariables.wo_redis).issubset(set(apt_packages)): if (os.path.isfile("/etc/nginx/nginx.conf") and not os.path.isfile("/etc/nginx/common/" @@ -994,6 +1000,7 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") WOService.restart_service(self, 'php7.3-fpm') + # create mysql config if it doesn't exist if set(WOVariables.wo_mysql).issubset(set(apt_packages)): if not os.path.isfile("/etc/mysql/my.cnf"): config = ("[mysqld]\nwait_timeout = 30\n" @@ -1019,6 +1026,7 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") WOService.reload_service(self, 'mysql') + # create fail2ban configuration files if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): data = dict() @@ -1197,13 +1205,13 @@ class WOStackController(CementBaseController): if any('/tmp/memcached.tar.gz' == x[1] for x in packages): Log.debug(self, "Extracting memcached.tar.gz to location" - " {0}22222/htdocs/cache/memcached " + " {0}22222/htdocs/cache/memcache " .format(WOVariables.wo_webroot)) WOExtract.extract(self, '/tmp/memcached.tar.gz', - '{0}22222/htdocs/cache/memcached/' + '{0}22222/htdocs/cache/memcache/' .format(WOVariables.wo_webroot)) Log.debug(self, "Setting Privileges to " - "{0}22222/htdocs/cache/memcached file" + "{0}22222/htdocs/cache/memcache file" .format(WOVariables.wo_webroot)) WOFileUtils.chown(self, '{0}22222' .format(WOVariables.wo_webroot), @@ -1309,7 +1317,7 @@ class WOStackController(CementBaseController): if any('/usr/bin/pt-query-advisor' == x[1] for x in packages): WOFileUtils.chmod(self, "/usr/bin/pt-query-advisor", 0o775) - # ph + # phpredisadmin if any('/tmp/pra.tar.gz' == x[1] for x in packages): if not os.path.exists('{0}22222/htdocs/cache/redis' @@ -1479,8 +1487,10 @@ class WOStackController(CementBaseController): packages = packages + [["https://github.com/phpmyadmin/" "phpmyadmin/archive/STABLE.tar.gz", "/tmp/pma.tar.gz", "phpMyAdmin"], - ["https://getcomposer.org/installer", - "/tmp/composer-install", "Composer"]] + ["https://getcomposer.org/" + "installer", + "/tmp/composer-install", + "Composer"]] else: packages = packages + [["https://github.com/phpmyadmin/" "phpmyadmin/archive/STABLE.tar.gz", @@ -1759,7 +1769,7 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot), '{0}22222/htdocs/cache/nginx/' 'clean.php'.format(WOVariables.wo_webroot), - '{0}22222/htdocs/cache/memcached' + '{0}22222/htdocs/cache/memcache' .format(WOVariables.wo_webroot), '/usr/bin/pt-query-advisor', '{0}22222/htdocs/db/anemometer' @@ -1891,7 +1901,7 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot), '{0}22222/htdocs/cache/nginx/' 'clean.php'.format(WOVariables.wo_webroot), - '{0}22222/htdocs/cache/memcached' + '{0}22222/htdocs/cache/memcache' .format(WOVariables.wo_webroot), '/usr/bin/pt-query-advisor', '{0}22222/htdocs/db/anemometer'