diff --git a/.travis.yml b/.travis.yml index 3356f34..b630e9c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,9 +30,9 @@ script: - unset LANG - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - - sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree + - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt ccze tree - sudo bash install -b $TRAVIS_BRANCH --travis - - sudo wo --help && sudo wo stack install + - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - sudo wo stack upgrade --netdata --no-prompt - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc @@ -48,5 +48,6 @@ script: - sudo wp --allow-root --info - sudo wo info - sudo tree -L 2 /etc/nginx + - sudo cat /var/www/wp1.com/wp-config.php - sudo wo update --travis - sudo wo stack status \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 49ca4ab..bf93a33 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,27 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] ---- +### v3.9.6 - 2019-07-20 + +#### Added + +- New Nginx package on Ubuntu with Cloudflare HTTP/2 HPACK and Dynamic TLS records +- phpMyAdmin upgrade with `wo stack upgrade --phpmyadmin` +- Wildcard SSL Certificates support with DNS validation +- Let's Encrypt DNS API support (Cloudflare, DigitalOcean, etc ..) on domain, subdomain, and wildcard +- Flag `--letsencrypt=clean` to purge a previous SSL configuration +- Support for Debian 10 buster (testing - not ready for production) +- Fail2ban with custom jails to secure WordPress & SSH +- Variable `keylength` in /etc/wo/wo.conf to define letsencrypt certificate keylenght +- ProFTPd stack with UFW & Fail2ban configurationz +- Beta branch and command `wo update --beta` for beta releases +- Extra directives in wp-config.php (limit posts revisions, set max_memory, enable auto-update for minor-releases) + +#### Fixed + +- Nginx was not reloaded after enabling HSTS +- Netdata, Composer & Fail2Ban stack remove and purge +- WordPress not installed by `wo site update` with basic php73 sites ### v3.9.5.4 - 2019-07-13 @@ -20,14 +40,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), #### Changed -- phpRedisAdmin is now installed with the stack "--admin" +- phpRedisAdmin is now installed with the stack `--admin` - Remove memcached - not required anymore #### Fixed - phpRedisAdmin installation - Duplicated locations /robots.txt after upgrade to v3.9.5.3 -- Let's Encrypt stack "wo site update --letsencrypt/--letsencrypt=off" +- Let's Encrypt stack `wo site update --letsencrypt/--letsencrypt=off` - pt-query-advisor dead link - Netdata persistant configuration @@ -76,7 +96,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Install script handle migration from EEv3 - load-balancing on unix socket for php-fpm - stub_status vhost for metrics -- "--letsencrypt=subdomain" option +- `--letsencrypt=subdomain` option - opcache optimization for php-fpm - EasyEngine configuration backup before migration - EasyEngine configuration cleanup after migration diff --git a/README.md b/README.md index 9a9f7d1..11433b9 100644 --- a/README.md +++ b/README.md @@ -42,11 +42,12 @@ - **Easy to install** : One step automated installer with migration from EasyEngine v3 support - **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation -- **Up-to-date** : Nginx 1.16.0 with TLS v1.3 & Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 +- **Custom Nginx build** : Nginx 1.16.0 - TLS v1.3 Cloudflare HTTP/2 HPACK & Brotli support +- **Up-to-date** : PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Secured** : Hardened WordPress security with strict Nginx location directives - **Powerful** : Optimized Nginx configurations with multiple cache backends support -- **SSL** : Let's Encrypt SSL certificates handled by acme.sh -- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite, modern TLS protocols and HSTS support +- **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates handled by acme.sh +- **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on ssllabs) - **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata ## Requirements @@ -58,6 +59,7 @@ - Ubuntu 19.04 (Disco) - Debian 8 (Jessie) - Debian 9 (Stretch) +- Debian 10 (Buster) - Not ready for production - Raspbian 9 (Stretch) ### Ports requirements @@ -76,20 +78,7 @@ sudo wo site create example.com --wp # Install required packages & setup Wor ## Must read -WordOps made some fundamental changes: - -- We've deprecated the mail stack. As an alternative, you can take a look at [Mail-in-a-Box](https://github.com/mail-in-a-box/mailinabox), [iRedMail](https://www.iredmail.org/) or [Caesonia](https://github.com/vedetta-com/caesonia). As Roundcube alternative, there is [Rainloop](https://www.rainloop.net/) or [Afterlogic WebMail](https://github.com/afterlogic/webmail-lite-8) -- Support for w3tc is dropped as a security precaution. -- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3. -- Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.16.0 with Brotli support) -- HHVM stack has been removed -- Let's Encrypt stack isn't based on letsencrypt-auto anymore, we use acme.sh to handle SSL certificates - -If you are going to migrate from EasyEngine v3, here some important informations : - -- Previous php upstreams in Nginx will not be overwritted -- php5.6 and php7.0 will not be removed or uninstalled -- previous Nginx common configurations will not be overwritted +[From EasyEngine to WordOps](https://docs.wordops.net/about/from-easyengine-to-wordops/) ## Usage @@ -133,9 +122,10 @@ wo site create example.com --proxy=127.0.0.1:3000 # create example.com with ngi ### Sites secured with Let's Encrypt ```bash -wo site create example.com --wp --letsencrypt # install wordpress & secure site with letsencrypt -wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt +wo site create example.com --wp --letsencrypt # wordpress secured with letsencrypt +wo site create sub.example.com --wp --letsencrypt=subdomain # wordpress + letsencrypt subdomain wo site create site.tld --wp --letsencrypt --hsts # install wordpress & secure site with letsencrypt with HSTS +wo site create site.tld --wp --letsencrypt=wildcard --dns=dns_cf # install wordpress & issue a wildcard SSL certificate with Cloudflare DNS API ``` ## Update WordOps @@ -167,12 +157,11 @@ Apps & Tools shipped with WordOps : - [Composer](https://github.com/composer/composer) - [Adminer](https://www.adminer.org/) - [phpRedisAdmin](https://github.com/erikdubbelboer/phpRedisAdmin) -- [PHPMemcachedAdmin](https://github.com/elijaa/phpmemcachedadmin) - [opcacheGUI](https://github.com/amnuts/opcache-gui) - [eXtplorer](https://github.com/soerennb/extplorer) - [MySQLTuner](https://github.com/major/MySQLTuner-perl/) - [Webgrind](https://github.com/jokkedk/webgrind) - +- [MySQLTuner](https://github.com/major/MySQLTuner-perl) ## License diff --git a/config/bash_completion.d/wo_auto.rc b/config/bash_completion.d/wo_auto.rc index ead7ffc..ec38270 100644 --- a/config/bash_completion.d/wo_auto.rc +++ b/config/bash_completion.d/wo_auto.rc @@ -22,7 +22,7 @@ _wo_complete() # HANDLE EVERYTHING AFTER THE SECOND LEVEL NAMESPACE "clean") COMPREPLY=( $(compgen \ - -W "--memcache --opcache --fastcgi --redis --all" \ + -W "--opcache --fastcgi --redis --all" \ -- $cur) ) ;; @@ -74,17 +74,17 @@ _wo_complete() # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE "install" | "purge" | "remove" ) COMPREPLY=( $(compgen \ - -W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban --dashboard" \ + -W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban --dashboard --proftpd" \ -- $cur) ) ;; "upgrade" ) COMPREPLY=( $(compgen \ - -W "--web --nginx --php --php73 --mysql --all --php56 --no-prompt --wpcli" \ + -W "--web --nginx --php --php73 --mysql --all --netdata --composer --phpmyadmin --no-prompt --wpcli" \ -- $cur) ) ;; "start" | "stop" | "reload" | "restart" | "status") COMPREPLY=( $(compgen \ - -W "--nginx --php --php73 --mysql --memcache --redis --fail2ban --netdata" \ + -W "--nginx --php --php73 --mysql --redis --fail2ban --netdata -proftpd" \ -- $cur) ) ;; "migrate") @@ -159,13 +159,13 @@ _wo_complete() "create") COMPREPLY=( $(compgen \ - -W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain -le" \ + -W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \ -- $cur) ) ;; "update") COMPREPLY=( $(compgen \ - -W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" \ + -W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \ -- $cur) ) ;; "delete") @@ -211,9 +211,9 @@ _wo_complete() "--wp") if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then - retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73" + retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt -le --letsencrypt=subdomain --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do --php73" elif [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --le --le=subdomain --le=off " + retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew -le -le=off -le=wildcard --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -230,9 +230,9 @@ _wo_complete() "--wpsubdir" | "--wpsubdomain") if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then - retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --php73" + retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --php73 --dns --dns=dns_cf --dns=dns_do" elif [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" + retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew -le --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -248,7 +248,7 @@ _wo_complete() "--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") if [ ${COMP_WORDS[2]} == "create" ]; then - retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain" + retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -261,7 +261,7 @@ _wo_complete() "--wpredis" | "--wpfc") if [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" + retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew -le --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -272,11 +272,11 @@ _wo_complete() -- $cur) ) ;; - "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcached" | "--redis | --phpredisadmin") + "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--fail2ban" | "--redis | --phpredisadmin | --netdata") if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then - retlist="--web --admin --nginx --php --php73 --mysql--wpcli --phpmyadmin --adminer --utils --memcache --redis --phpredisadmin" + retlist="--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --fail2ban --phpredisadmin --netdata" elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then - retlist="--nginx --php --php73 --mysql --memcache --redis" + retlist="--nginx --php --php73 --mysql --redis --netdata" elif [[ ${COMP_WORDS[1]} == "debug" ]]; then retlist="--start --nginx --php --php73 --fpm --fpm7 --mysql -i --interactive -stop --import-slow-log --import-slow-log-interval= -" if [[ $prev == '--mysql' ]]; then @@ -310,7 +310,7 @@ _wo_complete() "--all") if [ ${COMP_WORDS[1]} == "clean" ]; then - retlist="--memcache --opcache --fastcgi --redis" + retlist="--opcache --fastcgi --redis" elif [ ${COMP_WORDS[2]} == "delete" ]; then retlist="--db --files --force" elif [ ${COMP_WORDS[2]} == "update" ]; then @@ -324,8 +324,8 @@ _wo_complete() -- $cur) ) ;; - "--memcached" | "--opcache" | "--fastcgi" | "--all" | "--redis") - retlist="--memcached --opcache --fastcgi --redis --all" + "--opcache" | "--fastcgi" | "--all" | "--redis") + retlist="--opcache --fastcgi --redis --all" ret="${retlist[@]/$prev}" COMPREPLY=( $(compgen \ -W "$(echo $ret)" \ @@ -363,7 +363,7 @@ _wo_complete() case "$mprev" in "--user" | "--email" | "--pass") if [ ${COMP_WORDS[2]} == "create" ]; then - retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain" + retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do" fi ret="${retlist[@]/$prev}" COMPREPLY=( $(compgen \ diff --git a/config/wo.conf b/config/wo.conf index 4390e4d..8d4a3ad 100644 --- a/config/wo.conf +++ b/config/wo.conf @@ -68,6 +68,10 @@ password = ### EMail for WordPress sites email = +[letsencrypt] + +keylength = "ec-384" + [update] ### If enabled, load a plugin named `update` either from the Python module diff --git a/docs/wo.8 b/docs/wo.8 index f0d2891..97e48b8 100644 --- a/docs/wo.8 +++ b/docs/wo.8 @@ -1,314 +1,314 @@ -.TH wo 8 "WordOps (wo) version: 3.3.8" "Sep 10,2015" "WordOps" -.SH NAME -.B WordOps (wo) -\- Manage Nginx Based Websites. -.SH SYNOPSIS -wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance] -.TP -wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata ] -.TP -wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcached | --redis] -.TP -wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ] -.TP -wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain]] -.TP -wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [--letsencrypt=on/off/subdomain/renew]] -.TP -wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ] -.TP -wo debug [ -i | --all=on/off |--nginx=on/off | --rewrite=on/off | --php=on/off | --fpm=on/off | --mysql=on/off ] -.TP -wo debug example.com [ -i | --all=on/off | --nginx=on/off | --rewrite=on/off | --wp=on/off ] -.TP -wo secure [ --auth | --port | --ip ] -.SH DESCRIPTION -WordOps aka wo is the opensource project developed with the purpose to automate web-server configuration. -.br -WordOps is the collection of python script that provides automation for the web-server -.br -installation, site creation, services debugging & monitoring. -.SH OPTIONS -.TP -.B --version -.br -Display WordOps (wo) version information. -.TP -.B info -.br -wo info - Display Nginx, PHP, MySQL and wo common location information -.br -wo site info - Diplay given website details like enable, disable. weboot and log files. -.TP -.B --help -.br -Display WordOps (wo) help. -.TP -.B stack -.TP -.B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] -.br -Install Nginx PHP5 MySQL Postfix stack Packages if not used with -.br -any options.Installs specific package if used with option. -.TP -.B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] -.br -Remove Nginx PHP5 MySQL Postfix stack Packages if not used with -.br -any options. Remove specific package if used with option. -.TP -.B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] -.br -Purge Nginx PHP5 MySQL Postfix stack Packages if not used with any -.br -options.Purge specific package if used with option. -.TP -.B status -.br -Display status of NGINX, PHP7.2-FPM, MySQL, Redis-Server services. -.TP -.B start -.br -Start services NGINX, PHP7.2-FPM, MySQL, Redis-Server. -.TP -.B stop -.br -Stop services NGINX, PHP7.2-FPM, MySQL, Redis-Server. -.TP -.B reload -.br -Reload services NGINX, PHP7.2-FPM, MySQL, Redis-Server. -.TP -.B restart -.br -Restart services NGINX, PHP7.2-FPM, MySQL, Redis-Server. -.TP -.B site -.br -.TP -.B cd [ example.com ] -.br -Change directory to webroot of specified site in subshell. -.TP -.B log [ example.com ] -.br -monitor access and error logs for site specified. -.TP -.B list [ --enabled | --disabled ] -.br -Lists all available sites from /etc/nginx/sites-enabled/ -.br -by default & enable argument. Display sites list from -.br -/etc/nginx/sites-available/ if used with available option. -.TP -.B info [ example.com ] -.br -prints information about site such as access log, error log -.br -location and type of site. -.TP -.B show [ example.com ] -.br -Display NGINX configuration of site. -.TP -.B enable [ example.com ] -.br -Enable site by creating softlink with site file in -.br -/etc/nginx/sites-available to /etc/nginx/sites-enabled/. -.TP -.B disable [ example.com ] -.br -Disable site by Destroying softlink with site file in -.br -/etc/nginx/sites-available to /etc/nginx/sites-enabled/. -.TP -.B edit [ example.com ] -.br -Edit NGINX configuration of site. -.TP -.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]] -.br -Create new site according to given options. If no options provided -.br -create static site with html only. -.TP -.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]] -.br -Update site configuration according to specified options. -.TP -.B delete [ example.com ] [--no-prompt ] [--force/-f] [ --db | --files | --all ] -.br -Delete site i.e webroot, database, ad configuration permanently. -.TP -.B debug [ -i | --nginx=on/off | --php=on/off | --php73=on/off | --mysql=on/off | --rewrite=on/off | --fpm=on/off | --fpm7=on/off ] -.br -Starts server level debugging. If this is used without arguments it will start debugging -.br -all services.Else it will debug only service provided with argument.This will Stop -.br -Debugging if used with --all=off argument. -.TP -.B debug example.com [ -i | --nginx=on/off | --rewrite=on/off | --wp=on/off | --all=on/off ] -.br -Starts site level debugging. If this is used without arguments it will start debugging all -.br -services.Else it will debug only service provided with argument.This will Stop Debugging -.br -if used with --all=off argument. -.TP -.B secure [ --auth | --port | --ip ] -.br -Update security settings. -.TP -.B clean [ --fastcgi | --opcache | --memcached | --redis | --all ] -.br -Clean NGINX fastCGI cache, Opcache, memcached, Redis cache. -.br -Clean NGINX fastCGI cache if no option specified. -.SH ARGUMENTS -.TP -.B -i -.br -setup intractive mode while used with debug. -.TP -.B --nginx=on/off -.br -used with wo debug command. used to start or stop nginx debugging. -.TP -.B --php=on/off -.br -used with wo debug command. used to start or stop php debugging. -.TP -.B --php73=on/off -.br -used with wo debug command. used to start or stop php72 debugging. -.TP -.B --mysql=on/off -.br -used with wo debug command. used to start or stop mysql debugging. -.TP -.B --rewrite=on/off -.br -used with wo debug command. used to start or stop nginx rewrite rules debugging. -.TP -.B --fpm=on/off -.br -used with wo debug command. used to start or stop fpm debugging. -.TP -.B --wp=on/off -.br -used with wo debug command. used to start or stop wordpress site debugging. -.TP -.B --all=on/off -.br -used with wo debug command. used to stop debugging. -.TP -.B --all=off -.br -used with wo debug command. used to stop debugging. -.TP -.B --html -.br -Create a HTML website. -.TP -.B --php -.br -Create a PHP website. -.TP -.B --mysql -.br -Create a PHP+MySQL website. -.TP -.B --wp -.br -Create a WordPress Website. -.TP -.B --wpsubdir -.br -Create a Wordpress Multisite with Sub Directories Setup. -.TP -.B --wpsubdomain -.br -Create a Wordpress Multisite with Sub Domains Setup. -.br -.TP -.B --db -.br -Delete website database. -.br -.TP -.B --files -.br -Delete website webroot. -.br -.TP -.B --no-prompt -.br -Does not prompt for confirmation when delete command used. -.br -.TP -.B --force/-f -.br -Delete website webroot and database forcefully.Remove nginx configuration for site. -.br -.TP -.B --auth -.br -used with wo secure command. Update credential of HTTP authentication -.TP -.B --port -.br -used with wo secure command. Change WordOps admin port 22222. -.TP -.B --ip -.br -used with wo secure command. Update whitelist IP address -.SH WORDPRESS CACHING OPTIONS -.TP -.B --wpsc -.br -Install and activate Nginx-helper and WP Super Cache plugin. -.TP -.B --wpfc -.br -Install and activate Nginx-helper plugin with -.br -Nginx FastCGI cache. -.TP -.B --wpredis -.br -Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching. -.SH FILES -.br -/etc/wo/wo.conf -.SH BUGS -Report bugs at -.SH AUTHOR -.br -.B rtCamp Team -.I \ -.br -.B Mitesh Shah -.I \ -.br -.B Manish -.I \ -.br -.B Gaurav -.I \ -.br -.B Harshad -.I \ -.br -.B Prabuddha -.I \ -.br -.B Shital -.I \ -.br -.B Rajdeep Sharma -.I \ -.br +.TH wo 8 "WordOps (wo) version: 3.3.8" "Sep 10,2015" "WordOps" +.SH NAME +.B WordOps (wo) +\- Manage Nginx Based Websites. +.SH SYNOPSIS +wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance ] +.TP +wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata ] +.TP +wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --redis] +.TP +wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ] +.TP +wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain/wildcard][--dns=dns_cf/dns_do]] +.TP +wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [-le/--letsencrypt=on/off/subdomain/renew/wildcard] [--dns=dns_cf/dns_do]] +.TP +wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ] +.TP +wo debug [ -i | --all=on/off |--nginx=on/off | --rewrite=on/off | --php=on/off | --fpm=on/off | --mysql=on/off ] +.TP +wo debug example.com [ -i | --all=on/off | --nginx=on/off | --rewrite=on/off | --wp=on/off ] +.TP +wo secure [ --auth | --port | --ip ] +.SH DESCRIPTION +WordOps aka wo is the opensource project developed with the purpose to automate web-server configuration. +.br +WordOps is the collection of python script that provides automation for the web-server +.br +installation, site creation, services debugging & monitoring. +.SH OPTIONS +.TP +.B --version +.br +Display WordOps (wo) version information. +.TP +.B info +.br +wo info - Display Nginx, PHP, MySQL and wo common location information +.br +wo site info - Diplay given website details like enable, disable. weboot and log files. +.TP +.B --help +.br +Display WordOps (wo) help. +.TP +.B stack +.TP +.B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.br +Install Nginx PHP5 MySQL Postfix stack Packages if not used with +.br +any options.Installs specific package if used with option. +.TP +.B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.br +Remove Nginx PHP5 MySQL Postfix stack Packages if not used with +.br +any options. Remove specific package if used with option. +.TP +.B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.br +Purge Nginx PHP5 MySQL Postfix stack Packages if not used with any +.br +options.Purge specific package if used with option. +.TP +.B status +.br +Display status of NGINX, PHP7.2-FPM, MySQL, Redis-Server services. +.TP +.B start +.br +Start services NGINX, PHP7.2-FPM, MySQL, Redis-Server. +.TP +.B stop +.br +Stop services NGINX, PHP7.2-FPM, MySQL, Redis-Server. +.TP +.B reload +.br +Reload services NGINX, PHP7.2-FPM, MySQL, Redis-Server. +.TP +.B restart +.br +Restart services NGINX, PHP7.2-FPM, MySQL, Redis-Server. +.TP +.B site +.br +.TP +.B cd [ example.com ] +.br +Change directory to webroot of specified site in subshell. +.TP +.B log [ example.com ] +.br +monitor access and error logs for site specified. +.TP +.B list [ --enabled | --disabled ] +.br +Lists all available sites from /etc/nginx/sites-enabled/ +.br +by default & enable argument. Display sites list from +.br +/etc/nginx/sites-available/ if used with available option. +.TP +.B info [ example.com ] +.br +prints information about site such as access log, error log +.br +location and type of site. +.TP +.B show [ example.com ] +.br +Display NGINX configuration of site. +.TP +.B enable [ example.com ] +.br +Enable site by creating softlink with site file in +.br +/etc/nginx/sites-available to /etc/nginx/sites-enabled/. +.TP +.B disable [ example.com ] +.br +Disable site by Destroying softlink with site file in +.br +/etc/nginx/sites-available to /etc/nginx/sites-enabled/. +.TP +.B edit [ example.com ] +.br +Edit NGINX configuration of site. +.TP +.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]] +.br +Create new site according to given options. If no options provided +.br +create static site with html only. +.TP +.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]] +.br +Update site configuration according to specified options. +.TP +.B delete [ example.com ] [--no-prompt ] [--force/-f] [ --db | --files | --all ] +.br +Delete site i.e webroot, database, ad configuration permanently. +.TP +.B debug [ -i | --nginx=on/off | --php=on/off | --php73=on/off | --mysql=on/off | --rewrite=on/off | --fpm=on/off | --fpm7=on/off ] +.br +Starts server level debugging. If this is used without arguments it will start debugging +.br +all services.Else it will debug only service provided with argument.This will Stop +.br +Debugging if used with --all=off argument. +.TP +.B debug example.com [ -i | --nginx=on/off | --rewrite=on/off | --wp=on/off | --all=on/off ] +.br +Starts site level debugging. If this is used without arguments it will start debugging all +.br +services.Else it will debug only service provided with argument.This will Stop Debugging +.br +if used with --all=off argument. +.TP +.B secure [ --auth | --port | --ip ] +.br +Update security settings. +.TP +.B clean [ --fastcgi | --opcache | --redis | --all ] +.br +Clean NGINX fastCGI cache, Opcache, memcached, Redis cache. +.br +Clean NGINX fastCGI cache if no option specified. +.SH ARGUMENTS +.TP +.B -i +.br +setup intractive mode while used with debug. +.TP +.B --nginx=on/off +.br +used with wo debug command. used to start or stop nginx debugging. +.TP +.B --php=on/off +.br +used with wo debug command. used to start or stop php debugging. +.TP +.B --php73=on/off +.br +used with wo debug command. used to start or stop php72 debugging. +.TP +.B --mysql=on/off +.br +used with wo debug command. used to start or stop mysql debugging. +.TP +.B --rewrite=on/off +.br +used with wo debug command. used to start or stop nginx rewrite rules debugging. +.TP +.B --fpm=on/off +.br +used with wo debug command. used to start or stop fpm debugging. +.TP +.B --wp=on/off +.br +used with wo debug command. used to start or stop wordpress site debugging. +.TP +.B --all=on/off +.br +used with wo debug command. used to stop debugging. +.TP +.B --all=off +.br +used with wo debug command. used to stop debugging. +.TP +.B --html +.br +Create a HTML website. +.TP +.B --php +.br +Create a PHP website. +.TP +.B --mysql +.br +Create a PHP+MySQL website. +.TP +.B --wp +.br +Create a WordPress Website. +.TP +.B --wpsubdir +.br +Create a Wordpress Multisite with Sub Directories Setup. +.TP +.B --wpsubdomain +.br +Create a Wordpress Multisite with Sub Domains Setup. +.br +.TP +.B --db +.br +Delete website database. +.br +.TP +.B --files +.br +Delete website webroot. +.br +.TP +.B --no-prompt +.br +Does not prompt for confirmation when delete command used. +.br +.TP +.B --force/-f +.br +Delete website webroot and database forcefully.Remove nginx configuration for site. +.br +.TP +.B --auth +.br +used with wo secure command. Update credential of HTTP authentication +.TP +.B --port +.br +used with wo secure command. Change WordOps admin port 22222. +.TP +.B --ip +.br +used with wo secure command. Update whitelist IP address +.SH WORDPRESS CACHING OPTIONS +.TP +.B --wpsc +.br +Install and activate Nginx-helper and WP Super Cache plugin. +.TP +.B --wpfc +.br +Install and activate Nginx-helper plugin with +.br +Nginx FastCGI cache. +.TP +.B --wpredis +.br +Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching. +.SH FILES +.br +/etc/wo/wo.conf +.SH BUGS +Report bugs at +.SH AUTHOR +.br +.B rtCamp Team +.I \ +.br +.B Mitesh Shah +.I \ +.br +.B Manish +.I \ +.br +.B Gaurav +.I \ +.br +.B Harshad +.I \ +.br +.B Prabuddha +.I \ +.br +.B Shital +.I \ +.br +.B Rajdeep Sharma +.I \ +.br diff --git a/install b/install index 842d006..813473d 100755 --- a/install +++ b/install @@ -7,10 +7,10 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.5.4 - 2019-07-09 +# Version 3.9.6 - 2019-07-20 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" -readonly wo_version_new="3.9.5.4" +readonly wo_version_new="3.9.6" # CONTENTS # --- # 1. VARIABLES AND DECLARATIONS @@ -144,9 +144,9 @@ if [ -z "$wo_force_install" ]; then wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." exit 100 else - check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch") + check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch|buster") if [ -z "$check_wo_linux_distro" ]; then - wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x, Debian 9.x and Raspbian 9.x" + wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x/9.x/10.x and Raspbian 9.x" exit 100 fi fi @@ -185,9 +185,9 @@ wo_install_dep() { wget https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key -O Release.key apt-key add - < Release.key rm -f Release.key - [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } # install dependencies DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 + [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } fi locale-gen en @@ -250,8 +250,8 @@ wo_sync_db() { wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}') - if [ -n "$(echo $wo_site_current_type | grep php)" ]; then - if [ "$(echo $wo_site_current_type | grep php7)" ]; then + if echo "$wo_site_current_type" | grep -q "php"; then + if echo "$wo_site_current_type" | grep -q "php7"; then wo_php_version="7.0" else wo_php_version="5.6" @@ -260,31 +260,31 @@ wo_sync_db() { wo_php_version="" fi - if [ "$(echo $wo_site_current_type | grep redis)" ]; then + if echo "$wo_site_current_type" | grep -q "redis"; then wo_site_current_cache="wpredis" - elif [ -z "$(echo $wo_site_current_type | grep wpsc)" ]; then + elif echo "$wo_site_current_type" | grep -q wpsc; then wo_site_current_cache="wpsc" - elif [ -z "$(echo $wo_site_current_type | grep wpfc)" ]; then + elif echo "$wo_site_current_type" | grep -q wpfc; then wo_site_current_cache="wpfc" else wo_site_current_cache="basic" fi - if [ "$(echo $wo_site_current_type | grep wp)" ]; then - if [ -z "$(echo $wo_site_current_type | grep wpsubdir)" ]; then + if echo "$wo_site_current_type" | grep -q wp; then + if echo "$wo_site_current_type" | grep -q wpsubdir; then wo_site_current="wpsubdir" - elif [ -z "$(echo $wo_site_current_type | grep wpsudomain)" ]; then + elif echo "$wo_site_current_type" | grep -q wpsudomain; then wo_site_current="wpsubdomain" else wo_site_current="wp" fi else - if [ -z "$(echo $wo_site_current_type | grep location)" ]; then + if echo "$wo_site_current_type" | grep -q location; then wo_site_current="proxy" - elif [ -z "$(echo $wo_site_current_type | grep php)" ]; then + elif echo "$wo_site_current_type" | grep -q php; then wo_site_current="html" else - if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then + if [ -f "/var/www/${site}/ee-config.php" ] || [ -f "/var/www/${site}/wo-config.php" ]; then wo_site_current="mysql" else wo_site_current="php" @@ -401,17 +401,19 @@ wo_install_acme_sh() { # Clone Github repository if it doesn't exist wo_install() { { + rm -f /etc/bash_completion.d/wo_auto.rc rm -rf /tmp/WordOps git clone https://github.com/WordOps/WordOps.git /tmp/WordOps -b "$wo_branch" cd /tmp/WordOps || exit 1 - } >> "$wo_install_log" 2>&1 + } \ + >> "$wo_install_log" 2>&1 - if [ -f $HOME/.gitconfig ]; then + if [ -f "$HOME/.gitconfig" ]; then python3 setup.py install >> $wo_install_log 2>&1 else if [ "$wo_force_install" = "y" ]; then - [ ! -f $HOME/.gitconfig ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME" > $HOME/.gitconfig'; } + [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME" > $HOME/.gitconfig'; } fi python3 setup.py install fi @@ -548,8 +550,8 @@ wo_update_latest() { mkdir -p /etc/mysql/conf.d chmod 755 /etc/mysql/conf.d } - if [ -f $HOME/.my.cnf ]; then - cp -f $HOME/.my.cnf /etc/mysql/conf.d/my.cnf + if [ -f "$HOME/.my.cnf" ]; then + cp -f "$HOME/.my.cnf" /etc/mysql/conf.d/my.cnf chmod 600 /etc/mysql/conf.d/my.cnf elif [ -f /root/.my.cnf ]; then @@ -633,7 +635,7 @@ wo_tweak_kernel() { if [ "$WO_ARCH" = "x86_64" ]; then rm -f /etc/sysctl.d/60-ubuntu-nginx-web-server.conf wget -qO /etc/sysctl.d/60-wo-tweaks.conf https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/sysctl.mustache - if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ]; then + if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ] || [ "$wo_distro_version" = "buster" ]; then modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf echo -e '\nnet.ipv4.tcp_congestion_control = bbr\nnet.ipv4.tcp_notsent_lowat = 16384' >> /etc/sysctl.d/60-wo-tweaks.conf else @@ -679,8 +681,10 @@ if [ -x /usr/local/bin/wo ]; then fi if [ -z "$wo_preserve_config" ]; then if [ -n "$(command -v nginx)" ]; then - wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log - wo_upgrade_nginx | tee -ai $wo_install_log + if ! grep -q "v3.9.5." /etc/nginx/common/release; then + wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log + wo_upgrade_nginx | tee -ai $wo_install_log + fi fi fi wo_update_latest | tee -ai $wo_install_log diff --git a/setup.py b/setup.py index 1f098e4..2198da8 100644 --- a/setup.py +++ b/setup.py @@ -57,7 +57,7 @@ if not os.path.isfile('/root/.gitconfig'): shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') setup(name='wo', - version='3.9.5.4', + version='3.9.6', description=long_description, long_description=long_description, classifiers=[], diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 9e071d7..f478ccb 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -1,293 +1,293 @@ -"""WOInfo Plugin for WordOps""" - -from cement.core.controller import CementBaseController, expose -from cement.core import handler, hook -from wo.core.variables import WOVariables -from pynginxconfig import NginxConfig -from wo.core.aptget import WOAptGet -from wo.core.shellexec import WOShellExec -from wo.core.logging import Log -import os -import configparser - - -def wo_info_hook(app): - pass - - -class WOInfoController(CementBaseController): - class Meta: - label = 'info' - stacked_on = 'base' - stacked_type = 'nested' - description = ('Display configuration information related to Nginx,' - ' PHP and MySQL') - arguments = [ - (['--mysql'], - dict(help='Get MySQL configuration information', - action='store_true')), - (['--php'], - dict(help='Get PHP 7.2 configuration information', - action='store_true')), - (['--php73'], - dict(help='Get PHP 7.3 configuration information', - action='store_true')), - (['--nginx'], - dict(help='Get Nginx configuration information', - action='store_true')), - ] - usage = "wo info [options]" - - @expose(hide=True) - def info_nginx(self): - """Display Nginx information""" - version = os.popen("/usr/sbin/nginx -v 2>&1 | " - "awk -F '/' '{print $2}' | " - "awk -F ' ' '{print $1}' | tr '\n' ' '").read() - allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " - "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() - nc = NginxConfig() - nc.loadf('/etc/nginx/nginx.conf') - user = nc.get('user')[1] - worker_processes = nc.get('worker_processes')[1] - worker_connections = nc.get([('events',), 'worker_connections'])[1] - keepalive_timeout = nc.get([('http',), 'keepalive_timeout'])[1] - fastcgi_read_timeout = nc.get([('http',), - 'fastcgi_read_timeout'])[1] - client_max_body_size = nc.get([('http',), - 'client_max_body_size'])[1] - data = dict(version=version, allow=allow, user=user, - worker_processes=worker_processes, - keepalive_timeout=keepalive_timeout, - worker_connections=worker_connections, - fastcgi_read_timeout=fastcgi_read_timeout, - client_max_body_size=client_max_body_size) - self.app.render((data), 'info_nginx.mustache') - - @expose(hide=True) - def info_php(self): - """Display PHP information""" - version = os.popen("/usr/bin/php7.2 -v 2>/dev/null | " - "head -n1 | cut -d' ' -f2 |" - " cut -d'+' -f1 | tr -d '\n'").read - config = configparser.ConfigParser() - config.read('/etc/{0}/fpm/php.ini'.format("php/7.2")) - expose_php = config['PHP']['expose_php'] - memory_limit = config['PHP']['memory_limit'] - post_max_size = config['PHP']['post_max_size'] - upload_max_filesize = config['PHP']['upload_max_filesize'] - max_execution_time = config['PHP']['max_execution_time'] - - config.read('/etc/{0}/fpm/pool.d/www.conf'.format("php/7.2")) - www_listen = config['www']['listen'] - www_ping_path = config['www']['ping.path'] - www_pm_status_path = config['www']['pm.status_path'] - www_pm = config['www']['pm'] - www_pm_max_requests = config['www']['pm.max_requests'] - www_pm_max_children = config['www']['pm.max_children'] - www_pm_start_servers = config['www']['pm.start_servers'] - www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] - www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] - www_request_terminate_time = (config['www'] - ['request_terminate_timeout']) - try: - www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' - '_trigger]']) - except Exception as e: - www_xdebug = 'off' - - config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2")) - debug_listen = config['debug']['listen'] - debug_ping_path = config['debug']['ping.path'] - debug_pm_status_path = config['debug']['pm.status_path'] - debug_pm = config['debug']['pm'] - debug_pm_max_requests = config['debug']['pm.max_requests'] - debug_pm_max_children = config['debug']['pm.max_children'] - debug_pm_start_servers = config['debug']['pm.start_servers'] - debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] - debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] - debug_request_terminate = (config['debug'] - ['request_terminate_timeout']) - try: - debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' - 'enable_trigger]']) - except Exception as e: - debug_xdebug = 'off' - - data = dict(version=version, expose_php=expose_php, - memory_limit=memory_limit, post_max_size=post_max_size, - upload_max_filesize=upload_max_filesize, - max_execution_time=max_execution_time, - www_listen=www_listen, www_ping_path=www_ping_path, - www_pm_status_path=www_pm_status_path, www_pm=www_pm, - www_pm_max_requests=www_pm_max_requests, - www_pm_max_children=www_pm_max_children, - www_pm_start_servers=www_pm_start_servers, - www_pm_min_spare_servers=www_pm_min_spare_servers, - www_pm_max_spare_servers=www_pm_max_spare_servers, - www_request_terminate_timeout=www_request_terminate_time, - www_xdebug_profiler_enable_trigger=www_xdebug, - debug_listen=debug_listen, debug_ping_path=debug_ping_path, - debug_pm_status_path=debug_pm_status_path, - debug_pm=debug_pm, - debug_pm_max_requests=debug_pm_max_requests, - debug_pm_max_children=debug_pm_max_children, - debug_pm_start_servers=debug_pm_start_servers, - debug_pm_min_spare_servers=debug_pm_min_spare_servers, - debug_pm_max_spare_servers=debug_pm_max_spare_servers, - debug_request_terminate_timeout=debug_request_terminate, - debug_xdebug_profiler_enable_trigger=debug_xdebug) - self.app.render((data), 'info_php.mustache') - - @expose(hide=True) - def info_php73(self): - """Display PHP information""" - version = os.popen("/usr/bin/php7.3 -v 2>/dev/null | " - "head -n1 | cut -d' ' -f2 |" - " cut -d'+' -f1 | tr -d '\n'").read - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/php.ini') - expose_php = config['PHP']['expose_php'] - memory_limit = config['PHP']['memory_limit'] - post_max_size = config['PHP']['post_max_size'] - upload_max_filesize = config['PHP']['upload_max_filesize'] - max_execution_time = config['PHP']['max_execution_time'] - - config.read('/etc/php/7.3/fpm/pool.d/www.conf') - www_listen = config['www']['listen'] - www_ping_path = config['www']['ping.path'] - www_pm_status_path = config['www']['pm.status_path'] - www_pm = config['www']['pm'] - www_pm_max_requests = config['www']['pm.max_requests'] - www_pm_max_children = config['www']['pm.max_children'] - www_pm_start_servers = config['www']['pm.start_servers'] - www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] - www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] - www_request_terminate_time = (config['www'] - ['request_terminate_timeout']) - try: - www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' - '_trigger]']) - except Exception as e: - www_xdebug = 'off' - - config.read('/etc/php/7.3/fpm/pool.d/debug.conf') - debug_listen = config['debug']['listen'] - debug_ping_path = config['debug']['ping.path'] - debug_pm_status_path = config['debug']['pm.status_path'] - debug_pm = config['debug']['pm'] - debug_pm_max_requests = config['debug']['pm.max_requests'] - debug_pm_max_children = config['debug']['pm.max_children'] - debug_pm_start_servers = config['debug']['pm.start_servers'] - debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] - debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] - debug_request_terminate = (config['debug'] - ['request_terminate_timeout']) - try: - debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' - 'enable_trigger]']) - except Exception as e: - debug_xdebug = 'off' - - data = dict(version=version, expose_php=expose_php, - memory_limit=memory_limit, post_max_size=post_max_size, - upload_max_filesize=upload_max_filesize, - max_execution_time=max_execution_time, - www_listen=www_listen, www_ping_path=www_ping_path, - www_pm_status_path=www_pm_status_path, www_pm=www_pm, - www_pm_max_requests=www_pm_max_requests, - www_pm_max_children=www_pm_max_children, - www_pm_start_servers=www_pm_start_servers, - www_pm_min_spare_servers=www_pm_min_spare_servers, - www_pm_max_spare_servers=www_pm_max_spare_servers, - www_request_terminate_timeout=www_request_terminate_time, - www_xdebug_profiler_enable_trigger=www_xdebug, - debug_listen=debug_listen, debug_ping_path=debug_ping_path, - debug_pm_status_path=debug_pm_status_path, - debug_pm=debug_pm, - debug_pm_max_requests=debug_pm_max_requests, - debug_pm_max_children=debug_pm_max_children, - debug_pm_start_servers=debug_pm_start_servers, - debug_pm_min_spare_servers=debug_pm_min_spare_servers, - debug_pm_max_spare_servers=debug_pm_max_spare_servers, - debug_request_terminate_timeout=debug_request_terminate, - debug_xdebug_profiler_enable_trigger=debug_xdebug) - self.app.render((data), 'info_php.mustache') - - @expose(hide=True) - def info_mysql(self): - """Display MySQL information""" - version = os.popen("/usr/bin/mysql -V | awk '{print($5)}' | " - "cut -d ',' " - "-f1 | tr -d '\n'").read() - host = "localhost" - port = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep ^port | awk " - "'{print($2)}' | tr -d '\n'").read() - wait_timeout = os.popen("/usr/bin/mysql -e \"show variables\" | grep " - "^wait_timeout | awk '{print($2)}' | " - "tr -d '\n'").read() - interactive_timeout = os.popen("/usr/bin/mysql -e " - "\"show variables\" | grep " - "^interactive_timeout | awk " - "'{print($2)}' | tr -d '\n'").read() - max_used_connections = os.popen("/usr/bin/mysql -e " - "\"show global status\" | " - "grep Max_used_connections | awk " - "'{print($2)}' | tr -d '\n'").read() - datadir = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep datadir | awk" - " '{print($2)}' | tr -d '\n'").read() - socket = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep \"^socket\" | " - "awk '{print($2)}' | tr -d '\n'").read() - data = dict(version=version, host=host, port=port, - wait_timeout=wait_timeout, - interactive_timeout=interactive_timeout, - max_used_connections=max_used_connections, - datadir=datadir, socket=socket) - self.app.render((data), 'info_mysql.mustache') - - @expose(hide=True) - def default(self): - """default function for info""" - if (not self.app.pargs.nginx and not self.app.pargs.php and - not self.app.pargs.mysql and not self.app.pargs.php73): - self.app.pargs.nginx = True - self.app.pargs.php = True - self.app.pargs.mysql = True - if WOAptGet.is_installed(self, 'php7.3-fpm'): - self.app.pargs.php73 = True - - if self.app.pargs.nginx: - if (WOAptGet.is_installed(self, 'nginx-custom') or - WOAptGet.is_installed(self, 'nginx-wo')): - self.info_nginx() - else: - Log.error(self, "Nginx is not installed") - - if self.app.pargs.php: - if WOAptGet.is_installed(self, 'php7.2-fpm'): - self.info_php() - else: - Log.error(self, "PHP 7.2 is not installed") - - if self.app.pargs.php73: - if WOAptGet.is_installed(self, 'php7.3-fpm'): - self.info_php73() - else: - Log.error(self, "PHP 7.3 is not installed") - - if self.app.pargs.mysql: - if WOShellExec.cmd_exec(self, "mysqladmin ping"): - self.info_mysql() - else: - Log.error(self, "MySQL is not installed") - - -def load(app): - # register the plugin class.. this only happens if the plugin is enabled - handler.register(WOInfoController) - - # register a hook (function) to run after arguments are parsed. - hook.register('post_argument_parsing', wo_info_hook) +"""WOInfo Plugin for WordOps""" + +from cement.core.controller import CementBaseController, expose +from cement.core import handler, hook +from wo.core.variables import WOVariables +from pynginxconfig import NginxConfig +from wo.core.aptget import WOAptGet +from wo.core.shellexec import WOShellExec +from wo.core.logging import Log +import os +import configparser + + +def wo_info_hook(app): + pass + + +class WOInfoController(CementBaseController): + class Meta: + label = 'info' + stacked_on = 'base' + stacked_type = 'nested' + description = ('Display configuration information related to Nginx,' + ' PHP and MySQL') + arguments = [ + (['--mysql'], + dict(help='Get MySQL configuration information', + action='store_true')), + (['--php'], + dict(help='Get PHP 7.2 configuration information', + action='store_true')), + (['--php73'], + dict(help='Get PHP 7.3 configuration information', + action='store_true')), + (['--nginx'], + dict(help='Get Nginx configuration information', + action='store_true')), + ] + usage = "wo info [options]" + + @expose(hide=True) + def info_nginx(self): + """Display Nginx information""" + version = os.popen("/usr/sbin/nginx -v 2>&1 | " + "awk -F '/' '{print $2}' | " + "awk -F ' ' '{print $1}' | tr '\n' ' '").read() + allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " + "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() + nc = NginxConfig() + nc.loadf('/etc/nginx/nginx.conf') + user = nc.get('user')[1] + worker_processes = nc.get('worker_processes')[1] + worker_connections = nc.get([('events',), 'worker_connections'])[1] + keepalive_timeout = nc.get([('http',), 'keepalive_timeout'])[1] + fastcgi_read_timeout = nc.get([('http',), + 'fastcgi_read_timeout'])[1] + client_max_body_size = nc.get([('http',), + 'client_max_body_size'])[1] + data = dict(version=version, allow=allow, user=user, + worker_processes=worker_processes, + keepalive_timeout=keepalive_timeout, + worker_connections=worker_connections, + fastcgi_read_timeout=fastcgi_read_timeout, + client_max_body_size=client_max_body_size) + self.app.render((data), 'info_nginx.mustache') + + @expose(hide=True) + def info_php(self): + """Display PHP information""" + version = os.popen("/usr/bin/php7.2 -v 2>/dev/null | " + "head -n1 | cut -d' ' -f2 |" + " cut -d'+' -f1 | tr -d '\n'").read + config = configparser.ConfigParser() + config.read('/etc/{0}/fpm/php.ini'.format("php/7.2")) + expose_php = config['PHP']['expose_php'] + memory_limit = config['PHP']['memory_limit'] + post_max_size = config['PHP']['post_max_size'] + upload_max_filesize = config['PHP']['upload_max_filesize'] + max_execution_time = config['PHP']['max_execution_time'] + + config.read('/etc/{0}/fpm/pool.d/www.conf'.format("php/7.2")) + www_listen = config['www']['listen'] + www_ping_path = config['www']['ping.path'] + www_pm_status_path = config['www']['pm.status_path'] + www_pm = config['www']['pm'] + www_pm_max_requests = config['www']['pm.max_requests'] + www_pm_max_children = config['www']['pm.max_children'] + www_pm_start_servers = config['www']['pm.start_servers'] + www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] + www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] + www_request_terminate_time = (config['www'] + ['request_terminate_timeout']) + try: + www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' + '_trigger]']) + except Exception as e: + www_xdebug = 'off' + + config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2")) + debug_listen = config['debug']['listen'] + debug_ping_path = config['debug']['ping.path'] + debug_pm_status_path = config['debug']['pm.status_path'] + debug_pm = config['debug']['pm'] + debug_pm_max_requests = config['debug']['pm.max_requests'] + debug_pm_max_children = config['debug']['pm.max_children'] + debug_pm_start_servers = config['debug']['pm.start_servers'] + debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] + debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] + debug_request_terminate = (config['debug'] + ['request_terminate_timeout']) + try: + debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' + 'enable_trigger]']) + except Exception as e: + debug_xdebug = 'off' + + data = dict(version=version, expose_php=expose_php, + memory_limit=memory_limit, post_max_size=post_max_size, + upload_max_filesize=upload_max_filesize, + max_execution_time=max_execution_time, + www_listen=www_listen, www_ping_path=www_ping_path, + www_pm_status_path=www_pm_status_path, www_pm=www_pm, + www_pm_max_requests=www_pm_max_requests, + www_pm_max_children=www_pm_max_children, + www_pm_start_servers=www_pm_start_servers, + www_pm_min_spare_servers=www_pm_min_spare_servers, + www_pm_max_spare_servers=www_pm_max_spare_servers, + www_request_terminate_timeout=www_request_terminate_time, + www_xdebug_profiler_enable_trigger=www_xdebug, + debug_listen=debug_listen, debug_ping_path=debug_ping_path, + debug_pm_status_path=debug_pm_status_path, + debug_pm=debug_pm, + debug_pm_max_requests=debug_pm_max_requests, + debug_pm_max_children=debug_pm_max_children, + debug_pm_start_servers=debug_pm_start_servers, + debug_pm_min_spare_servers=debug_pm_min_spare_servers, + debug_pm_max_spare_servers=debug_pm_max_spare_servers, + debug_request_terminate_timeout=debug_request_terminate, + debug_xdebug_profiler_enable_trigger=debug_xdebug) + self.app.render((data), 'info_php.mustache') + + @expose(hide=True) + def info_php73(self): + """Display PHP information""" + version = os.popen("/usr/bin/php7.3 -v 2>/dev/null | " + "head -n1 | cut -d' ' -f2 |" + " cut -d'+' -f1 | tr -d '\n'").read + config = configparser.ConfigParser() + config.read('/etc/php/7.3/fpm/php.ini') + expose_php = config['PHP']['expose_php'] + memory_limit = config['PHP']['memory_limit'] + post_max_size = config['PHP']['post_max_size'] + upload_max_filesize = config['PHP']['upload_max_filesize'] + max_execution_time = config['PHP']['max_execution_time'] + + config.read('/etc/php/7.3/fpm/pool.d/www.conf') + www_listen = config['www']['listen'] + www_ping_path = config['www']['ping.path'] + www_pm_status_path = config['www']['pm.status_path'] + www_pm = config['www']['pm'] + www_pm_max_requests = config['www']['pm.max_requests'] + www_pm_max_children = config['www']['pm.max_children'] + www_pm_start_servers = config['www']['pm.start_servers'] + www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] + www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] + www_request_terminate_time = (config['www'] + ['request_terminate_timeout']) + try: + www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' + '_trigger]']) + except Exception as e: + www_xdebug = 'off' + + config.read('/etc/php/7.3/fpm/pool.d/debug.conf') + debug_listen = config['debug']['listen'] + debug_ping_path = config['debug']['ping.path'] + debug_pm_status_path = config['debug']['pm.status_path'] + debug_pm = config['debug']['pm'] + debug_pm_max_requests = config['debug']['pm.max_requests'] + debug_pm_max_children = config['debug']['pm.max_children'] + debug_pm_start_servers = config['debug']['pm.start_servers'] + debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] + debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] + debug_request_terminate = (config['debug'] + ['request_terminate_timeout']) + try: + debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' + 'enable_trigger]']) + except Exception as e: + debug_xdebug = 'off' + + data = dict(version=version, expose_php=expose_php, + memory_limit=memory_limit, post_max_size=post_max_size, + upload_max_filesize=upload_max_filesize, + max_execution_time=max_execution_time, + www_listen=www_listen, www_ping_path=www_ping_path, + www_pm_status_path=www_pm_status_path, www_pm=www_pm, + www_pm_max_requests=www_pm_max_requests, + www_pm_max_children=www_pm_max_children, + www_pm_start_servers=www_pm_start_servers, + www_pm_min_spare_servers=www_pm_min_spare_servers, + www_pm_max_spare_servers=www_pm_max_spare_servers, + www_request_terminate_timeout=www_request_terminate_time, + www_xdebug_profiler_enable_trigger=www_xdebug, + debug_listen=debug_listen, debug_ping_path=debug_ping_path, + debug_pm_status_path=debug_pm_status_path, + debug_pm=debug_pm, + debug_pm_max_requests=debug_pm_max_requests, + debug_pm_max_children=debug_pm_max_children, + debug_pm_start_servers=debug_pm_start_servers, + debug_pm_min_spare_servers=debug_pm_min_spare_servers, + debug_pm_max_spare_servers=debug_pm_max_spare_servers, + debug_request_terminate_timeout=debug_request_terminate, + debug_xdebug_profiler_enable_trigger=debug_xdebug) + self.app.render((data), 'info_php.mustache') + + @expose(hide=True) + def info_mysql(self): + """Display MySQL information""" + version = os.popen("/usr/bin/mysql -V | awk '{print($5)}' | " + "cut -d ',' " + "-f1 | tr -d '\n'").read() + host = "localhost" + port = os.popen("/usr/bin/mysql -e \"show variables\" | " + "grep ^port | awk " + "'{print($2)}' | tr -d '\n'").read() + wait_timeout = os.popen("/usr/bin/mysql -e \"show variables\" | grep " + "^wait_timeout | awk '{print($2)}' | " + "tr -d '\n'").read() + interactive_timeout = os.popen("/usr/bin/mysql -e " + "\"show variables\" | grep " + "^interactive_timeout | awk " + "'{print($2)}' | tr -d '\n'").read() + max_used_connections = os.popen("/usr/bin/mysql -e " + "\"show global status\" | " + "grep Max_used_connections | awk " + "'{print($2)}' | tr -d '\n'").read() + datadir = os.popen("/usr/bin/mysql -e \"show variables\" | " + "grep datadir | awk" + " '{print($2)}' | tr -d '\n'").read() + socket = os.popen("/usr/bin/mysql -e \"show variables\" | " + "grep \"^socket\" | " + "awk '{print($2)}' | tr -d '\n'").read() + data = dict(version=version, host=host, port=port, + wait_timeout=wait_timeout, + interactive_timeout=interactive_timeout, + max_used_connections=max_used_connections, + datadir=datadir, socket=socket) + self.app.render((data), 'info_mysql.mustache') + + @expose(hide=True) + def default(self): + """default function for info""" + if (not self.app.pargs.nginx and not self.app.pargs.php and + not self.app.pargs.mysql and not self.app.pargs.php73): + self.app.pargs.nginx = True + self.app.pargs.php = True + self.app.pargs.mysql = True + if WOAptGet.is_installed(self, 'php7.3-fpm'): + self.app.pargs.php73 = True + + if self.app.pargs.nginx: + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-wo')): + self.info_nginx() + else: + Log.error(self, "Nginx is not installed") + + if self.app.pargs.php: + if WOAptGet.is_installed(self, 'php7.2-fpm'): + self.info_php() + else: + Log.error(self, "PHP 7.2 is not installed") + + if self.app.pargs.php73: + if WOAptGet.is_installed(self, 'php7.3-fpm'): + self.info_php73() + else: + Log.error(self, "PHP 7.3 is not installed") + + if self.app.pargs.mysql: + if WOShellExec.cmd_exec(self, "mysqladmin ping"): + self.info_mysql() + else: + Log.error(self, "MySQL is not installed") + + +def load(app): + # register the plugin class.. this only happens if the plugin is enabled + handler.register(WOInfoController) + + # register a hook (function) to run after arguments are parsed. + hook.register('post_argument_parsing', wo_info_hook) diff --git a/wo/cli/plugins/maintenance.py b/wo/cli/plugins/maintenance.py index adf945c..c787ef2 100644 --- a/wo/cli/plugins/maintenance.py +++ b/wo/cli/plugins/maintenance.py @@ -10,7 +10,6 @@ from wo.core.services import WOService from wo.core.shellexec import WOShellExec - def wo_maintenance_hook(app): pass diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 7f1597c..5fd383d 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -319,7 +319,8 @@ class WOSiteCreateController(CementBaseController): dict(help="create WordPress multisite with subdomain setup", action='store_true')), (['--wpfc'], - dict(help="create WordPress single/multi site with wpfc cache", + dict(help="create WordPress single/multi site with " + "Nginx fastcgi_cache", action='store_true')), (['--wpsc'], dict(help="create WordPress single/multi site with wpsc cache", @@ -333,6 +334,10 @@ class WOSiteCreateController(CementBaseController): action='store' or 'store_const', choices=('on', 'subdomain', 'wildcard'), const='on', nargs='?')), + (['--dns'], + dict(help="choose dns provider api for letsencrypt", + action='store' or 'store_const', + const='dns_cf', nargs='?')), (['--hsts'], dict(help="enable HSTS for site secured with letsencrypt", action='store_true')), @@ -355,6 +360,7 @@ class WOSiteCreateController(CementBaseController): @expose(hide=True) def default(self): + pargs = self.app.pargs # self.app.render((data), 'default.mustache') # Check domain name validation data = dict() @@ -726,42 +732,30 @@ class WOSiteCreateController(CementBaseController): Log.error(self, "Check the log for details: " "`tail /var/log/wo/wordops.log` and please try again") - if self.app.pargs.letsencrypt == "on": + if self.app.pargs.letsencrypt: data['letsencrypt'] = True letsencrypt = True - + if self.app.pargs.dns: + wo_acme_dns = pargs.dns if data['letsencrypt'] is True: - setupLetsEncrypt(self, wo_domain) - httpsRedirect(self, wo_domain) - - if self.app.pargs.hsts: - setupHsts(self, wo_domain) - - if not WOService.reload_service(self, 'nginx'): - Log.error(self, "service nginx reload failed. " - "check issues with `nginx -t` command") - - Log.info(self, "Congratulations! Successfully Configured " - "SSl for Site " - " https://{0}".format(wo_domain)) - - # Add nginx conf folder into GIT - WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)], - msg="Adding letsencrypts config of site: {0}" - .format(wo_domain)) - updateSiteInfo(self, wo_domain, ssl=letsencrypt) - - elif data['letsencrypt'] is False: - Log.info(self, "Not using Let\'s encrypt for Site " - " http://{0}".format(wo_domain)) - - if self.app.pargs.letsencrypt == "subdomain": - data['letsencrypt'] = True - letsencrypt = True - - if data['letsencrypt'] is True: - setupLetsEncryptSubdomain(self, wo_domain) - httpsRedirect(self, wo_domain) + if self.app.pargs.letsencrypt == "subdomain": + if self.app.pargs.dns: + setupLetsEncrypt(self, wo_domain, True, False, + True, wo_acme_dns) + else: + setupLetsEncrypt(self, wo_domain, True) + httpsRedirect(self, wo_domain) + elif self.app.pargs.letsencrypt == "wildcard": + setupLetsEncrypt(self, wo_domain, False, True, + True, wo_acme_dns) + httpsRedirect(self, wo_domain, True, True) + else: + if self.app.pargs.dns: + setupLetsEncrypt(self, wo_domain, False, + False, True, wo_acme_dns) + else: + setupLetsEncrypt(self, wo_domain) + httpsRedirect(self, wo_domain) if self.app.pargs.hsts: setupHsts(self, wo_domain) @@ -825,8 +819,13 @@ class WOSiteUpdateController(CementBaseController): (['-le', '--letsencrypt'], dict(help="configure letsencrypt ssl for the site", action='store' or 'store_const', - choices=('on', 'off', 'renew', 'subdomain', 'wildcard'), + choices=('on', 'off', 'renew', 'subdomain', + 'wildcard', 'clean'), const='on', nargs='?')), + (['--dns'], + dict(help="choose dns provider api for letsencrypt", + action='store' or 'store_const', + const='dns_cf', nargs='?')), (['--hsts'], dict(help="configure hsts for the site", action='store' or 'store_const', @@ -834,9 +833,6 @@ class WOSiteUpdateController(CementBaseController): const='on', nargs='?')), (['--proxy'], dict(help="update to proxy site", nargs='+')), - (['--experimental'], - dict(help="Enable Experimenal packages without prompt", - action='store_true')), (['--all'], dict(help="update all sites", action='store_true')), (['--force'], @@ -858,7 +854,8 @@ class WOSiteUpdateController(CementBaseController): if not (pargs.php or pargs.php73 or pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or - pargs.wpredis or pargs.letsencrypt or pargs.hsts): + pargs.wpredis or pargs.letsencrypt or pargs.hsts or + pargs.dns or pargs.force): Log.error(self, "Please provide options to update sites.") if pargs.all: @@ -954,6 +951,11 @@ class WOSiteUpdateController(CementBaseController): except SiteError as e: Log.debug(self, str(e)) Log.info(self, "\nFail to enable HSTS") + if not WOService.reload_service(self, 'nginx'): + Log.error(self, "service nginx reload failed. " + "check issues with `nginx -t` command") + Log.info(self, "HSTS is enabled for " + "https://{0}".format(wo_domain)) return 0 if ((stype == 'php' and @@ -965,7 +967,7 @@ class WOSiteUpdateController(CementBaseController): (stype == 'wpsubdir' and oldsitetype in ['wpsubdomain']) or (stype == 'wpsubdomain' and oldsitetype in ['wpsubdir']) or (stype == oldsitetype and cache == oldcachetype) and not - (pargs.php73 or pargs.hsts or pargs.letsencrypt)): + pargs.php73): Log.info(self, Log.FAIL + "can not update {0} {1} to {2} {3}". format(oldsitetype, oldcachetype, stype, cache)) return 1 @@ -1181,6 +1183,9 @@ class WOSiteUpdateController(CementBaseController): elif pargs.letsencrypt == 'off': data['letsencrypt'] = False letsencrypt = False + elif pargs.letsencrypt == 'clean': + data['letsencrypt'] = False + letsencrypt = False if letsencrypt is check_ssl: if letsencrypt is False: @@ -1203,12 +1208,15 @@ class WOSiteUpdateController(CementBaseController): if pargs.php73 == "on": data['php73'] = True php73 = True + else: + data['php73'] = False + php73 = False if pargs.letsencrypt == "on": if oldsitetype in ['wpsubdomain']: data['letsencrypt'] = True letsencrypt = True - wildcard = True + pargs.letsencrypt == 'wildcard' else: data['letsencrypt'] = True letsencrypt = True @@ -1273,22 +1281,36 @@ class WOSiteUpdateController(CementBaseController): " http://{0}".format(wo_domain)) return 0 - if pargs.letsencrypt: + if self.app.pargs.letsencrypt: + if self.app.pargs.dns: + wo_acme_dns = pargs.dns if data['letsencrypt'] is True: if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled" .format(wo_site_webroot)): - if not pargs.letsencrypt == "subdomain": - setupLetsEncrypt(self, wo_domain) - else: - setupLetsEncryptSubdomain(self, wo_domain) + if self.app.pargs.letsencrypt == "on": + if self.app.pargs.dns: + setupLetsEncrypt(self, wo_domain, False, + False, True, wo_acme_dns) + else: + setupLetsEncrypt(self, wo_domain) + httpsRedirect(self, wo_domain) + elif self.app.pargs.letsencrypt == "subdomain": + if self.app.pargs.dns: + setupLetsEncrypt(self, wo_domain, True, False, + True, wo_acme_dns) + else: + setupLetsEncrypt(self, wo_domain, True) + httpsRedirect(self, wo_domain) + elif self.app.pargs.letsencrypt == "wildcard": + setupLetsEncrypt(self, wo_domain, False, True, + True, wo_acme_dns) + httpsRedirect(self, wo_domain, True, True) else: WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled" .format(wo_site_webroot), '{0}/conf/nginx/ssl.conf' .format(wo_site_webroot)) - httpsRedirect(self, wo_domain) - if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") @@ -1307,23 +1329,35 @@ class WOSiteUpdateController(CementBaseController): ".PLEASE renew soon . ") elif data['letsencrypt'] is False: - if os.path.isfile("{0}/conf/nginx/ssl.conf" - .format(wo_site_webroot)): - Log.info(self, 'Setting Nginx configuration') - WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf" - .format(wo_site_webroot), - '{0}/conf/nginx/ssl.conf.disabled' - .format(wo_site_webroot)) - httpsRedirect(self, wo_domain, False) - if os.path.isfile("{0}/conf/nginx/hsts.conf" + if self.app.pargs.letsencrypt == "off": + if os.path.isfile("{0}/conf/nginx/ssl.conf" .format(wo_site_webroot)): - WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf" + Log.info(self, 'Setting Nginx configuration') + WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf" .format(wo_site_webroot), - '{0}/conf/nginx/hsts.conf.disabled' + '{0}/conf/nginx/ssl.conf.disabled' .format(wo_site_webroot)) - if not WOService.reload_service(self, 'nginx'): - Log.error(self, "service nginx reload failed. " - "check issues with `nginx -t` command") + httpsRedirect(self, wo_domain, False) + if os.path.isfile("{0}/conf/nginx/hsts.conf" + .format(wo_site_webroot)): + WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf" + .format(wo_site_webroot), + '{0}/conf/nginx/' + 'hsts.conf.disabled' + .format(wo_site_webroot)) + if self.app.pargs.letsencrypt == "clean": + if os.path.isfile("{0}/conf/nginx/ssl.conf" + .format(wo_site_webroot)): + WOFileUtils.remove(self, "{0}/conf/nginx/ssl.conf" + .format(wo_site_webroot)) + WOFileUtils.remove(self, "/etc/letsencrypt/live" + "/{0}".format(wo_domain)) + WOFileUtils.remove(self, "/etc/nginx/conf.d/" + "force-ssl-{0}.conf" + .format(wo_domain_name)) + if not WOService.reload_service(self, 'nginx'): + Log.error(self, "service nginx reload failed. " + "check issues with `nginx -t` command") # Log.info(self,"Removing Cron Job set for cert # auto-renewal") WOCron.remove_cron(self,'wo site # update {0} --le=renew --min_expiry_limit 30 @@ -1415,7 +1449,8 @@ class WOSiteUpdateController(CementBaseController): return 1 # Setup WordPress if old sites are html/php/mysql sites - if data['wp'] and oldsitetype in ['html', 'proxy', 'php', 'mysql']: + if data['wp'] and oldsitetype in ['html', 'proxy', 'php', + 'mysql', 'php73']: try: wo_wp_creds = setupwordpress(self, data) except SiteError as e: diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 9d35048..525f273 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -327,11 +327,44 @@ def setupwordpress(self, data): raise SiteError("generate wp-config failed for wp single site") except CommandExecutionError as e: raise SiteError("generate wp-config failed for wp single site") + try: - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_CACHE_KEY_SALT " - "\'{0}:\'\"".format(wo_domain_name)) + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_CACHE_KEY_SALT " + "\'{0}:\'\"".format(wo_domain_name)) + + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_MEMORY_LIMIT " + "\'128M\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_MAX_MEMORY_LIMIT " + "\'256M\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set CONCATENATE_SCRIPTS " + "false\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_POST_REVISIONS " + "\'10\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set MEDIA_TRASH " + "true\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set EMPTY_TRASH_DAYS " + "\'15\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_AUTO_UPDATE_CORE " + "minor\"") + + except CommandExecutionError as e: + Log.error(self, "Unable to define extra variable in wp-config.php") else: Log.debug(self, "Generating wp-config for WordPress multisite") @@ -339,7 +372,8 @@ def setupwordpress(self, data): .format(WOVariables.wo_wpcli_path) + "config create " + "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' " - .format(data['wo_db_name'], wo_wp_prefix, data['wo_db_host']) + + .format(data['wo_db_name'], + wo_wp_prefix, data['wo_db_host']) + "--dbuser=\'{0}\' --dbpass=\'{1}\' " "--extra-php<