Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #98 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-07-20 01:41:23 +02:00
committed by GitHub
parent f7360687f3 0b74622c19
commit 5cd7b2d189
20 changed files with 1577 additions and 1217 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.travis.yml
View File

@@ -30,9 +30,9 @@ script:
- unset LANG - unset LANG
- sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig'
- sudo echo "Travis Banch = $TRAVIS_BRANCH" - sudo echo "Travis Banch = $TRAVIS_BRANCH"
- sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt ccze tree
- sudo bash install -b $TRAVIS_BRANCH --travis - sudo bash install -b $TRAVIS_BRANCH --travis
- sudo wo --help && sudo wo stack install - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd
- sudo wo stack upgrade --netdata --no-prompt - sudo wo stack upgrade --netdata --no-prompt
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000
- sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc
@@ -48,5 +48,6 @@ script:
- sudo wp --allow-root --info - sudo wp --allow-root --info
- sudo wo info - sudo wo info
- sudo tree -L 2 /etc/nginx - sudo tree -L 2 /etc/nginx
- sudo cat /var/www/wp1.com/wp-config.php
- sudo wo update --travis - sudo wo update --travis
- sudo wo stack status - sudo wo stack status

28
CHANGELOG.md
View File

@@ -8,7 +8,27 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### v3.9.x - [Unreleased] ### v3.9.x - [Unreleased]
--- ### v3.9.6 - 2019-07-20
#### Added
- New Nginx package on Ubuntu with Cloudflare HTTP/2 HPACK and Dynamic TLS records
- phpMyAdmin upgrade with `wo stack upgrade --phpmyadmin`
- Wildcard SSL Certificates support with DNS validation
- Let's Encrypt DNS API support (Cloudflare, DigitalOcean, etc ..) on domain, subdomain, and wildcard
- Flag `--letsencrypt=clean` to purge a previous SSL configuration
- Support for Debian 10 buster (testing - not ready for production)
- Fail2ban with custom jails to secure WordPress & SSH
- Variable `keylength` in /etc/wo/wo.conf to define letsencrypt certificate keylenght
- ProFTPd stack with UFW & Fail2ban configurationz
- Beta branch and command `wo update --beta` for beta releases
- Extra directives in wp-config.php (limit posts revisions, set max_memory, enable auto-update for minor-releases)
#### Fixed
- Nginx was not reloaded after enabling HSTS
- Netdata, Composer & Fail2Ban stack remove and purge
- WordPress not installed by `wo site update` with basic php73 sites
### v3.9.5.4 - 2019-07-13 ### v3.9.5.4 - 2019-07-13
@@ -20,14 +40,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
#### Changed #### Changed
- phpRedisAdmin is now installed with the stack "--admin" - phpRedisAdmin is now installed with the stack `--admin`
- Remove memcached - not required anymore - Remove memcached - not required anymore
#### Fixed #### Fixed
- phpRedisAdmin installation - phpRedisAdmin installation
- Duplicated locations /robots.txt after upgrade to v3.9.5.3 - Duplicated locations /robots.txt after upgrade to v3.9.5.3
- Let's Encrypt stack "wo site update --letsencrypt/--letsencrypt=off" - Let's Encrypt stack `wo site update --letsencrypt/--letsencrypt=off`
- pt-query-advisor dead link - pt-query-advisor dead link
- Netdata persistant configuration - Netdata persistant configuration
@@ -76,7 +96,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Install script handle migration from EEv3 - Install script handle migration from EEv3
- load-balancing on unix socket for php-fpm - load-balancing on unix socket for php-fpm
- stub_status vhost for metrics - stub_status vhost for metrics
- "--letsencrypt=subdomain" option - `--letsencrypt=subdomain` option
- opcache optimization for php-fpm - opcache optimization for php-fpm
- EasyEngine configuration backup before migration - EasyEngine configuration backup before migration
- EasyEngine configuration cleanup after migration - EasyEngine configuration cleanup after migration

31
README.md
View File

@@ -42,11 +42,12 @@
- **Easy to install** : One step automated installer with migration from EasyEngine v3 support - **Easy to install** : One step automated installer with migration from EasyEngine v3 support
- **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation - **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation
- **Up-to-date** : Nginx 1.16.0 with TLS v1.3 & Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Custom Nginx build** : Nginx 1.16.0 - TLS v1.3 Cloudflare HTTP/2 HPACK & Brotli support
- **Up-to-date** : PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- **Secured** : Hardened WordPress security with strict Nginx location directives - **Secured** : Hardened WordPress security with strict Nginx location directives
- **Powerful** : Optimized Nginx configurations with multiple cache backends support - **Powerful** : Optimized Nginx configurations with multiple cache backends support
- **SSL** : Let's Encrypt SSL certificates handled by acme.sh - **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates handled by acme.sh
- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite, modern TLS protocols and HSTS support - **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on ssllabs)
- **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata - **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata
## Requirements ## Requirements
@@ -58,6 +59,7 @@
- Ubuntu 19.04 (Disco) - Ubuntu 19.04 (Disco)
- Debian 8 (Jessie) - Debian 8 (Jessie)
- Debian 9 (Stretch) - Debian 9 (Stretch)
- Debian 10 (Buster) - Not ready for production
- Raspbian 9 (Stretch) - Raspbian 9 (Stretch)
### Ports requirements ### Ports requirements
@@ -76,20 +78,7 @@ sudo wo site create example.com --wp # Install required packages & setup Wor
## Must read ## Must read
WordOps made some fundamental changes: [From EasyEngine to WordOps](https://docs.wordops.net/about/from-easyengine-to-wordops/)
- We've deprecated the mail stack. As an alternative, you can take a look at [Mail-in-a-Box](https://github.com/mail-in-a-box/mailinabox), [iRedMail](https://www.iredmail.org/) or [Caesonia](https://github.com/vedetta-com/caesonia). As Roundcube alternative, there is [Rainloop](https://www.rainloop.net/) or [Afterlogic WebMail](https://github.com/afterlogic/webmail-lite-8)
- Support for w3tc is dropped as a security precaution.
- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3.
- Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.16.0 with Brotli support)
- HHVM stack has been removed
- Let's Encrypt stack isn't based on letsencrypt-auto anymore, we use acme.sh to handle SSL certificates
If you are going to migrate from EasyEngine v3, here some important informations :
- Previous php upstreams in Nginx will not be overwritted
- php5.6 and php7.0 will not be removed or uninstalled
- previous Nginx common configurations will not be overwritted
## Usage ## Usage
@@ -133,9 +122,10 @@ wo site create example.com --proxy=127.0.0.1:3000 # create example.com with ngi
### Sites secured with Let's Encrypt ### Sites secured with Let's Encrypt
```bash ```bash
wo site create example.com --wp --letsencrypt # install wordpress & secure site with letsencrypt wo site create example.com --wp --letsencrypt # wordpress secured with letsencrypt
wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt wo site create sub.example.com --wp --letsencrypt=subdomain # wordpress + letsencrypt subdomain
wo site create site.tld --wp --letsencrypt --hsts # install wordpress & secure site with letsencrypt with HSTS wo site create site.tld --wp --letsencrypt --hsts # install wordpress & secure site with letsencrypt with HSTS
wo site create site.tld --wp --letsencrypt=wildcard --dns=dns_cf # install wordpress & issue a wildcard SSL certificate with Cloudflare DNS API
``` ```
## Update WordOps ## Update WordOps
@@ -167,12 +157,11 @@ Apps & Tools shipped with WordOps :
- [Composer](https://github.com/composer/composer) - [Composer](https://github.com/composer/composer)
- [Adminer](https://www.adminer.org/) - [Adminer](https://www.adminer.org/)
- [phpRedisAdmin](https://github.com/erikdubbelboer/phpRedisAdmin) - [phpRedisAdmin](https://github.com/erikdubbelboer/phpRedisAdmin)
- [PHPMemcachedAdmin](https://github.com/elijaa/phpmemcachedadmin)
- [opcacheGUI](https://github.com/amnuts/opcache-gui) - [opcacheGUI](https://github.com/amnuts/opcache-gui)
- [eXtplorer](https://github.com/soerennb/extplorer) - [eXtplorer](https://github.com/soerennb/extplorer)
- [MySQLTuner](https://github.com/major/MySQLTuner-perl/) - [MySQLTuner](https://github.com/major/MySQLTuner-perl/)
- [Webgrind](https://github.com/jokkedk/webgrind) - [Webgrind](https://github.com/jokkedk/webgrind)
- [MySQLTuner](https://github.com/major/MySQLTuner-perl)
## License ## License

38
config/bash_completion.d/wo_auto.rc
View File

@@ -22,7 +22,7 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE SECOND LEVEL NAMESPACE # HANDLE EVERYTHING AFTER THE SECOND LEVEL NAMESPACE
"clean") "clean")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--memcache --opcache --fastcgi --redis --all" \ -W "--opcache --fastcgi --redis --all" \
-- $cur) ) -- $cur) )
;; ;;
@@ -74,17 +74,17 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE
"install" | "purge" | "remove" ) "install" | "purge" | "remove" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban --dashboard" \ -W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban --dashboard --proftpd" \
-- $cur) ) -- $cur) )
;; ;;
"upgrade" ) "upgrade" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --nginx --php --php73 --mysql --all --php56 --no-prompt --wpcli" \ -W "--web --nginx --php --php73 --mysql --all --netdata --composer --phpmyadmin --no-prompt --wpcli" \
-- $cur) ) -- $cur) )
;; ;;
"start" | "stop" | "reload" | "restart" | "status") "start" | "stop" | "reload" | "restart" | "status")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--nginx --php --php73 --mysql --memcache --redis --fail2ban --netdata" \ -W "--nginx --php --php73 --mysql --redis --fail2ban --netdata -proftpd" \
-- $cur) ) -- $cur) )
;; ;;
"migrate") "migrate")
@@ -159,13 +159,13 @@ _wo_complete()
"create") "create")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain -le" \ -W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-- $cur) ) -- $cur) )
;; ;;
"update") "update")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" \ -W "--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew -le -le=subdomain -le=wildcard --dns --dns=dns_cf --dns=dns_do" \
-- $cur) ) -- $cur) )
;; ;;
"delete") "delete")
@@ -211,9 +211,9 @@ _wo_complete()
"--wp") "--wp")
if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73" retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt -le --letsencrypt=subdomain --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --le --le=subdomain --le=off " retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew -le -le=off -le=wildcard --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -230,9 +230,9 @@ _wo_complete()
"--wpsubdir" | "--wpsubdomain") "--wpsubdir" | "--wpsubdomain")
if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --php73" retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --php73 --dns --dns=dns_cf --dns=dns_do"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard --letsencrypt=off --letsencrypt=renew -le --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -248,7 +248,7 @@ _wo_complete()
"--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") "--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain" retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -261,7 +261,7 @@ _wo_complete()
"--wpredis" | "--wpfc") "--wpredis" | "--wpfc")
if [ ${COMP_WORDS[2]} == "update" ]; then if [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew -le --dns --dns=dns_cf --dns=dns_do"
else else
retlist="" retlist=""
fi fi
@@ -272,11 +272,11 @@ _wo_complete()
-- $cur) ) -- $cur) )
;; ;;
"--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcached" | "--redis | --phpredisadmin") "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--fail2ban" | "--redis | --phpredisadmin | --netdata")
if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then
retlist="--web --admin --nginx --php --php73 --mysql--wpcli --phpmyadmin --adminer --utils --memcache --redis --phpredisadmin" retlist="--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --fail2ban --phpredisadmin --netdata"
elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then
retlist="--nginx --php --php73 --mysql --memcache --redis" retlist="--nginx --php --php73 --mysql --redis --netdata"
elif [[ ${COMP_WORDS[1]} == "debug" ]]; then elif [[ ${COMP_WORDS[1]} == "debug" ]]; then
retlist="--start --nginx --php --php73 --fpm --fpm7 --mysql -i --interactive -stop --import-slow-log --import-slow-log-interval= -" retlist="--start --nginx --php --php73 --fpm --fpm7 --mysql -i --interactive -stop --import-slow-log --import-slow-log-interval= -"
if [[ $prev == '--mysql' ]]; then if [[ $prev == '--mysql' ]]; then
@@ -310,7 +310,7 @@ _wo_complete()
"--all") "--all")
if [ ${COMP_WORDS[1]} == "clean" ]; then if [ ${COMP_WORDS[1]} == "clean" ]; then
retlist="--memcache --opcache --fastcgi --redis" retlist="--opcache --fastcgi --redis"
elif [ ${COMP_WORDS[2]} == "delete" ]; then elif [ ${COMP_WORDS[2]} == "delete" ]; then
retlist="--db --files --force" retlist="--db --files --force"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
@@ -324,8 +324,8 @@ _wo_complete()
-- $cur) ) -- $cur) )
;; ;;
"--memcached" | "--opcache" | "--fastcgi" | "--all" | "--redis") "--opcache" | "--fastcgi" | "--all" | "--redis")
retlist="--memcached --opcache --fastcgi --redis --all" retlist="--opcache --fastcgi --redis --all"
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "$(echo $ret)" \ -W "$(echo $ret)" \
@@ -363,7 +363,7 @@ _wo_complete()
case "$mprev" in case "$mprev" in
"--user" | "--email" | "--pass") "--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain" retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=wildcard -le --dns --dns=dns_cf --dns=dns_do"
fi fi
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \

4
config/wo.conf
View File

@@ -68,6 +68,10 @@ password =
### EMail for WordPress sites ### EMail for WordPress sites
email = email =
[letsencrypt]
keylength = "ec-384"
[update] [update]
### If enabled, load a plugin named `update` either from the Python module ### If enabled, load a plugin named `update` either from the Python module

628
docs/wo.8
View File

@@ -1,314 +1,314 @@
.TH wo 8 "WordOps (wo) version: 3.3.8" "Sep 10,2015" "WordOps" .TH wo 8 "WordOps (wo) version: 3.3.8" "Sep 10,2015" "WordOps"
.SH NAME .SH NAME
.B WordOps (wo) .B WordOps (wo)
\- Manage Nginx Based Websites. \- Manage Nginx Based Websites.
.SH SYNOPSIS .SH SYNOPSIS
wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance] wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance ]
.TP .TP
wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata ] wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata ]
.TP .TP
wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcached | --redis] wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --redis]
.TP .TP
wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ] wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ]
.TP .TP
wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain]] wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain/wildcard][--dns=dns_cf/dns_do]]
.TP .TP
wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [--letsencrypt=on/off/subdomain/renew]] wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [-le/--letsencrypt=on/off/subdomain/renew/wildcard] [--dns=dns_cf/dns_do]]
.TP .TP
wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ] wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ]
.TP .TP
wo debug [ -i | --all=on/off |--nginx=on/off | --rewrite=on/off | --php=on/off | --fpm=on/off | --mysql=on/off ] wo debug [ -i | --all=on/off |--nginx=on/off | --rewrite=on/off | --php=on/off | --fpm=on/off | --mysql=on/off ]
.TP .TP
wo debug example.com [ -i | --all=on/off | --nginx=on/off | --rewrite=on/off | --wp=on/off ] wo debug example.com [ -i | --all=on/off | --nginx=on/off | --rewrite=on/off | --wp=on/off ]
.TP .TP
wo secure [ --auth | --port | --ip ] wo secure [ --auth | --port | --ip ]
.SH DESCRIPTION .SH DESCRIPTION
WordOps aka wo is the opensource project developed with the purpose to automate web-server configuration. WordOps aka wo is the opensource project developed with the purpose to automate web-server configuration.
.br .br
WordOps is the collection of python script that provides automation for the web-server WordOps is the collection of python script that provides automation for the web-server
.br .br
installation, site creation, services debugging & monitoring. installation, site creation, services debugging & monitoring.
.SH OPTIONS .SH OPTIONS
.TP .TP
.B --version .B --version
.br .br
Display WordOps (wo) version information. Display WordOps (wo) version information.
.TP .TP
.B info .B info
.br .br
wo info - Display Nginx, PHP, MySQL and wo common location information wo info - Display Nginx, PHP, MySQL and wo common location information
.br .br
wo site info - Diplay given website details like enable, disable. weboot and log files. wo site info - Diplay given website details like enable, disable. weboot and log files.
.TP .TP
.B --help .B --help
.br .br
Display WordOps (wo) help. Display WordOps (wo) help.
.TP .TP
.B stack .B stack
.TP .TP
.B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] .B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ]
.br .br
Install Nginx PHP5 MySQL Postfix stack Packages if not used with Install Nginx PHP5 MySQL Postfix stack Packages if not used with
.br .br
any options.Installs specific package if used with option. any options.Installs specific package if used with option.
.TP .TP
.B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] .B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ]
.br .br
Remove Nginx PHP5 MySQL Postfix stack Packages if not used with Remove Nginx PHP5 MySQL Postfix stack Packages if not used with
.br .br
any options. Remove specific package if used with option. any options. Remove specific package if used with option.
.TP .TP
.B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils ] .B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ]
.br .br
Purge Nginx PHP5 MySQL Postfix stack Packages if not used with any Purge Nginx PHP5 MySQL Postfix stack Packages if not used with any
.br .br
options.Purge specific package if used with option. options.Purge specific package if used with option.
.TP .TP
.B status .B status
.br .br
Display status of NGINX, PHP7.2-FPM, MySQL, Redis-Server services. Display status of NGINX, PHP7.2-FPM, MySQL, Redis-Server services.
.TP .TP
.B start .B start
.br .br
Start services NGINX, PHP7.2-FPM, MySQL, Redis-Server. Start services NGINX, PHP7.2-FPM, MySQL, Redis-Server.
.TP .TP
.B stop .B stop
.br .br
Stop services NGINX, PHP7.2-FPM, MySQL, Redis-Server. Stop services NGINX, PHP7.2-FPM, MySQL, Redis-Server.
.TP .TP
.B reload .B reload
.br .br
Reload services NGINX, PHP7.2-FPM, MySQL, Redis-Server. Reload services NGINX, PHP7.2-FPM, MySQL, Redis-Server.
.TP .TP
.B restart .B restart
.br .br
Restart services NGINX, PHP7.2-FPM, MySQL, Redis-Server. Restart services NGINX, PHP7.2-FPM, MySQL, Redis-Server.
.TP .TP
.B site .B site
.br .br
.TP .TP
.B cd [ example.com ] .B cd [ example.com ]
.br .br
Change directory to webroot of specified site in subshell. Change directory to webroot of specified site in subshell.
.TP .TP
.B log [ example.com ] .B log [ example.com ]
.br .br
monitor access and error logs for site specified. monitor access and error logs for site specified.
.TP .TP
.B list [ --enabled | --disabled ] .B list [ --enabled | --disabled ]
.br .br
Lists all available sites from /etc/nginx/sites-enabled/ Lists all available sites from /etc/nginx/sites-enabled/
.br .br
by default & enable argument. Display sites list from by default & enable argument. Display sites list from
.br .br
/etc/nginx/sites-available/ if used with available option. /etc/nginx/sites-available/ if used with available option.
.TP .TP
.B info [ example.com ] .B info [ example.com ]
.br .br
prints information about site such as access log, error log prints information about site such as access log, error log
.br .br
location and type of site. location and type of site.
.TP .TP
.B show [ example.com ] .B show [ example.com ]
.br .br
Display NGINX configuration of site. Display NGINX configuration of site.
.TP .TP
.B enable [ example.com ] .B enable [ example.com ]
.br .br
Enable site by creating softlink with site file in Enable site by creating softlink with site file in
.br .br
/etc/nginx/sites-available to /etc/nginx/sites-enabled/. /etc/nginx/sites-available to /etc/nginx/sites-enabled/.
.TP .TP
.B disable [ example.com ] .B disable [ example.com ]
.br .br
Disable site by Destroying softlink with site file in Disable site by Destroying softlink with site file in
.br .br
/etc/nginx/sites-available to /etc/nginx/sites-enabled/. /etc/nginx/sites-available to /etc/nginx/sites-enabled/.
.TP .TP
.B edit [ example.com ] .B edit [ example.com ]
.br .br
Edit NGINX configuration of site. Edit NGINX configuration of site.
.TP .TP
.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]] .B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]]
.br .br
Create new site according to given options. If no options provided Create new site according to given options. If no options provided
.br .br
create static site with html only. create static site with html only.
.TP .TP
.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]] .B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]]
.br .br
Update site configuration according to specified options. Update site configuration according to specified options.
.TP .TP
.B delete [ example.com ] [--no-prompt ] [--force/-f] [ --db | --files | --all ] .B delete [ example.com ] [--no-prompt ] [--force/-f] [ --db | --files | --all ]
.br .br
Delete site i.e webroot, database, ad configuration permanently. Delete site i.e webroot, database, ad configuration permanently.
.TP .TP
.B debug [ -i | --nginx=on/off | --php=on/off | --php73=on/off | --mysql=on/off | --rewrite=on/off | --fpm=on/off | --fpm7=on/off ] .B debug [ -i | --nginx=on/off | --php=on/off | --php73=on/off | --mysql=on/off | --rewrite=on/off | --fpm=on/off | --fpm7=on/off ]
.br .br
Starts server level debugging. If this is used without arguments it will start debugging Starts server level debugging. If this is used without arguments it will start debugging
.br .br
all services.Else it will debug only service provided with argument.This will Stop all services.Else it will debug only service provided with argument.This will Stop
.br .br
Debugging if used with --all=off argument. Debugging if used with --all=off argument.
.TP .TP
.B debug example.com [ -i | --nginx=on/off | --rewrite=on/off | --wp=on/off | --all=on/off ] .B debug example.com [ -i | --nginx=on/off | --rewrite=on/off | --wp=on/off | --all=on/off ]
.br .br
Starts site level debugging. If this is used without arguments it will start debugging all Starts site level debugging. If this is used without arguments it will start debugging all
.br .br
services.Else it will debug only service provided with argument.This will Stop Debugging services.Else it will debug only service provided with argument.This will Stop Debugging
.br .br
if used with --all=off argument. if used with --all=off argument.
.TP .TP
.B secure [ --auth | --port | --ip ] .B secure [ --auth | --port | --ip ]
.br .br
Update security settings. Update security settings.
.TP .TP
.B clean [ --fastcgi | --opcache | --memcached | --redis | --all ] .B clean [ --fastcgi | --opcache | --redis | --all ]
.br .br
Clean NGINX fastCGI cache, Opcache, memcached, Redis cache. Clean NGINX fastCGI cache, Opcache, memcached, Redis cache.
.br .br
Clean NGINX fastCGI cache if no option specified. Clean NGINX fastCGI cache if no option specified.
.SH ARGUMENTS .SH ARGUMENTS
.TP .TP
.B -i .B -i
.br .br
setup intractive mode while used with debug. setup intractive mode while used with debug.
.TP .TP
.B --nginx=on/off .B --nginx=on/off
.br .br
used with wo debug command. used to start or stop nginx debugging. used with wo debug command. used to start or stop nginx debugging.
.TP .TP
.B --php=on/off .B --php=on/off
.br .br
used with wo debug command. used to start or stop php debugging. used with wo debug command. used to start or stop php debugging.
.TP .TP
.B --php73=on/off .B --php73=on/off
.br .br
used with wo debug command. used to start or stop php72 debugging. used with wo debug command. used to start or stop php72 debugging.
.TP .TP
.B --mysql=on/off .B --mysql=on/off
.br .br
used with wo debug command. used to start or stop mysql debugging. used with wo debug command. used to start or stop mysql debugging.
.TP .TP
.B --rewrite=on/off .B --rewrite=on/off
.br .br
used with wo debug command. used to start or stop nginx rewrite rules debugging. used with wo debug command. used to start or stop nginx rewrite rules debugging.
.TP .TP
.B --fpm=on/off .B --fpm=on/off
.br .br
used with wo debug command. used to start or stop fpm debugging. used with wo debug command. used to start or stop fpm debugging.
.TP .TP
.B --wp=on/off .B --wp=on/off
.br .br
used with wo debug command. used to start or stop wordpress site debugging. used with wo debug command. used to start or stop wordpress site debugging.
.TP .TP
.B --all=on/off .B --all=on/off
.br .br
used with wo debug command. used to stop debugging. used with wo debug command. used to stop debugging.
.TP .TP
.B --all=off .B --all=off
.br .br
used with wo debug command. used to stop debugging. used with wo debug command. used to stop debugging.
.TP .TP
.B --html .B --html
.br .br
Create a HTML website. Create a HTML website.
.TP .TP
.B --php .B --php
.br .br
Create a PHP website. Create a PHP website.
.TP .TP
.B --mysql .B --mysql
.br .br
Create a PHP+MySQL website. Create a PHP+MySQL website.
.TP .TP
.B --wp .B --wp
.br .br
Create a WordPress Website. Create a WordPress Website.
.TP .TP
.B --wpsubdir .B --wpsubdir
.br .br
Create a Wordpress Multisite with Sub Directories Setup. Create a Wordpress Multisite with Sub Directories Setup.
.TP .TP
.B --wpsubdomain .B --wpsubdomain
.br .br
Create a Wordpress Multisite with Sub Domains Setup. Create a Wordpress Multisite with Sub Domains Setup.
.br .br
.TP .TP
.B --db .B --db
.br .br
Delete website database. Delete website database.
.br .br
.TP .TP
.B --files .B --files
.br .br
Delete website webroot. Delete website webroot.
.br .br
.TP .TP
.B --no-prompt .B --no-prompt
.br .br
Does not prompt for confirmation when delete command used. Does not prompt for confirmation when delete command used.
.br .br
.TP .TP
.B --force/-f .B --force/-f
.br .br
Delete website webroot and database forcefully.Remove nginx configuration for site. Delete website webroot and database forcefully.Remove nginx configuration for site.
.br .br
.TP .TP
.B --auth .B --auth
.br .br
used with wo secure command. Update credential of HTTP authentication used with wo secure command. Update credential of HTTP authentication
.TP .TP
.B --port .B --port
.br .br
used with wo secure command. Change WordOps admin port 22222. used with wo secure command. Change WordOps admin port 22222.
.TP .TP
.B --ip .B --ip
.br .br
used with wo secure command. Update whitelist IP address used with wo secure command. Update whitelist IP address
.SH WORDPRESS CACHING OPTIONS .SH WORDPRESS CACHING OPTIONS
.TP .TP
.B --wpsc .B --wpsc
.br .br
Install and activate Nginx-helper and WP Super Cache plugin. Install and activate Nginx-helper and WP Super Cache plugin.
.TP .TP
.B --wpfc .B --wpfc
.br .br
Install and activate Nginx-helper plugin with Install and activate Nginx-helper plugin with
.br .br
Nginx FastCGI cache. Nginx FastCGI cache.
.TP .TP
.B --wpredis .B --wpredis
.br .br
Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching. Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching.
.SH FILES .SH FILES
.br .br
/etc/wo/wo.conf /etc/wo/wo.conf
.SH BUGS .SH BUGS
Report bugs at <http://github.com/WordOps/WordOps/issues/> Report bugs at <http://github.com/WordOps/WordOps/issues/>
.SH AUTHOR .SH AUTHOR
.br .br
.B rtCamp Team .B rtCamp Team
.I \<admin@rtcamp.com\> .I \<admin@rtcamp.com\>
.br .br
.B Mitesh Shah .B Mitesh Shah
.I \<Mitesh.Shah@rtcamp.com\> .I \<Mitesh.Shah@rtcamp.com\>
.br .br
.B Manish .B Manish
.I \<Manish.Songirkar@rtcamp.com\> .I \<Manish.Songirkar@rtcamp.com\>
.br .br
.B Gaurav .B Gaurav
.I \<Gaurav.Astikar@rtcamp.com\> .I \<Gaurav.Astikar@rtcamp.com\>
.br .br
.B Harshad .B Harshad
.I \<harshad.yeola@rtcamp.com> .I \<harshad.yeola@rtcamp.com>
.br .br
.B Prabuddha .B Prabuddha
.I \<prabuddha.chakraborty@rtcamp.com\> .I \<prabuddha.chakraborty@rtcamp.com\>
.br .br
.B Shital .B Shital
.I \<shital.patil@rtcamp.com\> .I \<shital.patil@rtcamp.com\>
.br .br
.B Rajdeep Sharma .B Rajdeep Sharma
.I \<rajdeep.sharma@rtcamp.com\> .I \<rajdeep.sharma@rtcamp.com\>
.br .br

52
install
View File

@@ -7,10 +7,10 @@
# Copyright (c) 2019 - WordOps # Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T # This script is licensed under M.I.T
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.5.4 - 2019-07-09 # Version 3.9.6 - 2019-07-20
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.5.4" readonly wo_version_new="3.9.6"
# CONTENTS # CONTENTS
# --- # ---
# 1. VARIABLES AND DECLARATIONS # 1. VARIABLES AND DECLARATIONS
@@ -144,9 +144,9 @@ if [ -z "$wo_force_install" ]; then
wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives." wo_lib_echo_fail "other Linux distributions and perhaps even Unix deratives."
exit 100 exit 100
else else
check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch") check_wo_linux_distro=$(lsb_release -sc | grep -E "trusty|xenial|bionic|disco|jessie|stretch|buster")
if [ -z "$check_wo_linux_distro" ]; then if [ -z "$check_wo_linux_distro" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x, Debian 9.x and Raspbian 9.x" wo_lib_echo_fail "WordOps (wo) only supports Ubuntu 14.04/16.04/18.04/19.04 LTS, Debian 8.x/9.x/10.x and Raspbian 9.x"
exit 100 exit 100
fi fi
fi fi
@@ -185,9 +185,9 @@ wo_install_dep() {
wget https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key -O Release.key wget https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key -O Release.key
apt-key add - < Release.key apt-key add - < Release.key
rm -f Release.key rm -f Release.key
[ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; }
# install dependencies # install dependencies
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1
[ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; }
fi fi
locale-gen en locale-gen en
@@ -250,8 +250,8 @@ wo_sync_db() {
wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}') wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}')
if [ -n "$(echo $wo_site_current_type | grep php)" ]; then if echo "$wo_site_current_type" | grep -q "php"; then
if [ "$(echo $wo_site_current_type | grep php7)" ]; then if echo "$wo_site_current_type" | grep -q "php7"; then
wo_php_version="7.0" wo_php_version="7.0"
else else
wo_php_version="5.6" wo_php_version="5.6"
@@ -260,31 +260,31 @@ wo_sync_db() {
wo_php_version="" wo_php_version=""
fi fi
if [ "$(echo $wo_site_current_type | grep redis)" ]; then if echo "$wo_site_current_type" | grep -q "redis"; then
wo_site_current_cache="wpredis" wo_site_current_cache="wpredis"
elif [ -z "$(echo $wo_site_current_type | grep wpsc)" ]; then elif echo "$wo_site_current_type" | grep -q wpsc; then
wo_site_current_cache="wpsc" wo_site_current_cache="wpsc"
elif [ -z "$(echo $wo_site_current_type | grep wpfc)" ]; then elif echo "$wo_site_current_type" | grep -q wpfc; then
wo_site_current_cache="wpfc" wo_site_current_cache="wpfc"
else else
wo_site_current_cache="basic" wo_site_current_cache="basic"
fi fi
if [ "$(echo $wo_site_current_type | grep wp)" ]; then if echo "$wo_site_current_type" | grep -q wp; then
if [ -z "$(echo $wo_site_current_type | grep wpsubdir)" ]; then if echo "$wo_site_current_type" | grep -q wpsubdir; then
wo_site_current="wpsubdir" wo_site_current="wpsubdir"
elif [ -z "$(echo $wo_site_current_type | grep wpsudomain)" ]; then elif echo "$wo_site_current_type" | grep -q wpsudomain; then
wo_site_current="wpsubdomain" wo_site_current="wpsubdomain"
else else
wo_site_current="wp" wo_site_current="wp"
fi fi
else else
if [ -z "$(echo $wo_site_current_type | grep location)" ]; then if echo "$wo_site_current_type" | grep -q location; then
wo_site_current="proxy" wo_site_current="proxy"
elif [ -z "$(echo $wo_site_current_type | grep php)" ]; then elif echo "$wo_site_current_type" | grep -q php; then
wo_site_current="html" wo_site_current="html"
else else
if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then if [ -f "/var/www/${site}/ee-config.php" ] || [ -f "/var/www/${site}/wo-config.php" ]; then
wo_site_current="mysql" wo_site_current="mysql"
else else
wo_site_current="php" wo_site_current="php"
@@ -401,17 +401,19 @@ wo_install_acme_sh() {
# Clone Github repository if it doesn't exist # Clone Github repository if it doesn't exist
wo_install() { wo_install() {
{ {
rm -f /etc/bash_completion.d/wo_auto.rc
rm -rf /tmp/WordOps rm -rf /tmp/WordOps
git clone https://github.com/WordOps/WordOps.git /tmp/WordOps -b "$wo_branch" git clone https://github.com/WordOps/WordOps.git /tmp/WordOps -b "$wo_branch"
cd /tmp/WordOps || exit 1 cd /tmp/WordOps || exit 1
} >> "$wo_install_log" 2>&1 } \
>> "$wo_install_log" 2>&1
if [ -f $HOME/.gitconfig ]; then if [ -f "$HOME/.gitconfig" ]; then
python3 setup.py install >> $wo_install_log 2>&1 python3 setup.py install >> $wo_install_log 2>&1
else else
if [ "$wo_force_install" = "y" ]; then if [ "$wo_force_install" = "y" ]; then
[ ! -f $HOME/.gitconfig ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME" > $HOME/.gitconfig'; } [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME" > $HOME/.gitconfig'; }
fi fi
python3 setup.py install python3 setup.py install
fi fi
@@ -548,8 +550,8 @@ wo_update_latest() {
mkdir -p /etc/mysql/conf.d mkdir -p /etc/mysql/conf.d
chmod 755 /etc/mysql/conf.d chmod 755 /etc/mysql/conf.d
} }
if [ -f $HOME/.my.cnf ]; then if [ -f "$HOME/.my.cnf" ]; then
cp -f $HOME/.my.cnf /etc/mysql/conf.d/my.cnf cp -f "$HOME/.my.cnf" /etc/mysql/conf.d/my.cnf
chmod 600 /etc/mysql/conf.d/my.cnf chmod 600 /etc/mysql/conf.d/my.cnf
elif [ -f /root/.my.cnf ]; then elif [ -f /root/.my.cnf ]; then
@@ -633,7 +635,7 @@ wo_tweak_kernel() {
if [ "$WO_ARCH" = "x86_64" ]; then if [ "$WO_ARCH" = "x86_64" ]; then
rm -f /etc/sysctl.d/60-ubuntu-nginx-web-server.conf rm -f /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
wget -qO /etc/sysctl.d/60-wo-tweaks.conf https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/sysctl.mustache wget -qO /etc/sysctl.d/60-wo-tweaks.conf https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/sysctl.mustache
if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ]; then if [ "$wo_distro_version" = "bionic" ] || [ "$wo_distro_version" = "disco" ] || [ "$wo_distro_version" = "buster" ]; then
modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf modprobe tcp_bbr && echo 'tcp_bbr' >> /etc/modules-load.d/bbr.conf
echo -e '\nnet.ipv4.tcp_congestion_control = bbr\nnet.ipv4.tcp_notsent_lowat = 16384' >> /etc/sysctl.d/60-wo-tweaks.conf echo -e '\nnet.ipv4.tcp_congestion_control = bbr\nnet.ipv4.tcp_notsent_lowat = 16384' >> /etc/sysctl.d/60-wo-tweaks.conf
else else
@@ -679,8 +681,10 @@ if [ -x /usr/local/bin/wo ]; then
fi fi
if [ -z "$wo_preserve_config" ]; then if [ -z "$wo_preserve_config" ]; then
if [ -n "$(command -v nginx)" ]; then if [ -n "$(command -v nginx)" ]; then
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log if ! grep -q "v3.9.5." /etc/nginx/common/release; then
wo_upgrade_nginx | tee -ai $wo_install_log wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log
fi
fi fi
fi fi
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log

2
setup.py
View File

@@ -57,7 +57,7 @@ if not os.path.isfile('/root/.gitconfig'):
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
setup(name='wo', setup(name='wo',
version='3.9.5.4', version='3.9.6',
description=long_description, description=long_description,
long_description=long_description, long_description=long_description,
classifiers=[], classifiers=[],

586
wo/cli/plugins/info.py
View File

@@ -1,293 +1,293 @@
"""WOInfo Plugin for WordOps""" """WOInfo Plugin for WordOps"""
from cement.core.controller import CementBaseController, expose from cement.core.controller import CementBaseController, expose
from cement.core import handler, hook from cement.core import handler, hook
from wo.core.variables import WOVariables from wo.core.variables import WOVariables
from pynginxconfig import NginxConfig from pynginxconfig import NginxConfig
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
from wo.core.shellexec import WOShellExec from wo.core.shellexec import WOShellExec
from wo.core.logging import Log from wo.core.logging import Log
import os import os
import configparser import configparser
def wo_info_hook(app): def wo_info_hook(app):
pass pass
class WOInfoController(CementBaseController): class WOInfoController(CementBaseController):
class Meta: class Meta:
label = 'info' label = 'info'
stacked_on = 'base' stacked_on = 'base'
stacked_type = 'nested' stacked_type = 'nested'
description = ('Display configuration information related to Nginx,' description = ('Display configuration information related to Nginx,'
' PHP and MySQL') ' PHP and MySQL')
arguments = [ arguments = [
(['--mysql'], (['--mysql'],
dict(help='Get MySQL configuration information', dict(help='Get MySQL configuration information',
action='store_true')), action='store_true')),
(['--php'], (['--php'],
dict(help='Get PHP 7.2 configuration information', dict(help='Get PHP 7.2 configuration information',
action='store_true')), action='store_true')),
(['--php73'], (['--php73'],
dict(help='Get PHP 7.3 configuration information', dict(help='Get PHP 7.3 configuration information',
action='store_true')), action='store_true')),
(['--nginx'], (['--nginx'],
dict(help='Get Nginx configuration information', dict(help='Get Nginx configuration information',
action='store_true')), action='store_true')),
] ]
usage = "wo info [options]" usage = "wo info [options]"
@expose(hide=True) @expose(hide=True)
def info_nginx(self): def info_nginx(self):
"""Display Nginx information""" """Display Nginx information"""
version = os.popen("/usr/sbin/nginx -v 2>&1 | " version = os.popen("/usr/sbin/nginx -v 2>&1 | "
"awk -F '/' '{print $2}' | " "awk -F '/' '{print $2}' | "
"awk -F ' ' '{print $1}' | tr '\n' ' '").read() "awk -F ' ' '{print $1}' | tr '\n' ' '").read()
allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | "
"cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read()
nc = NginxConfig() nc = NginxConfig()
nc.loadf('/etc/nginx/nginx.conf') nc.loadf('/etc/nginx/nginx.conf')
user = nc.get('user')[1] user = nc.get('user')[1]
worker_processes = nc.get('worker_processes')[1] worker_processes = nc.get('worker_processes')[1]
worker_connections = nc.get([('events',), 'worker_connections'])[1] worker_connections = nc.get([('events',), 'worker_connections'])[1]
keepalive_timeout = nc.get([('http',), 'keepalive_timeout'])[1] keepalive_timeout = nc.get([('http',), 'keepalive_timeout'])[1]
fastcgi_read_timeout = nc.get([('http',), fastcgi_read_timeout = nc.get([('http',),
'fastcgi_read_timeout'])[1] 'fastcgi_read_timeout'])[1]
client_max_body_size = nc.get([('http',), client_max_body_size = nc.get([('http',),
'client_max_body_size'])[1] 'client_max_body_size'])[1]
data = dict(version=version, allow=allow, user=user, data = dict(version=version, allow=allow, user=user,
worker_processes=worker_processes, worker_processes=worker_processes,
keepalive_timeout=keepalive_timeout, keepalive_timeout=keepalive_timeout,
worker_connections=worker_connections, worker_connections=worker_connections,
fastcgi_read_timeout=fastcgi_read_timeout, fastcgi_read_timeout=fastcgi_read_timeout,
client_max_body_size=client_max_body_size) client_max_body_size=client_max_body_size)
self.app.render((data), 'info_nginx.mustache') self.app.render((data), 'info_nginx.mustache')
@expose(hide=True) @expose(hide=True)
def info_php(self): def info_php(self):
"""Display PHP information""" """Display PHP information"""
version = os.popen("/usr/bin/php7.2 -v 2>/dev/null | " version = os.popen("/usr/bin/php7.2 -v 2>/dev/null | "
"head -n1 | cut -d' ' -f2 |" "head -n1 | cut -d' ' -f2 |"
" cut -d'+' -f1 | tr -d '\n'").read " cut -d'+' -f1 | tr -d '\n'").read
config = configparser.ConfigParser() config = configparser.ConfigParser()
config.read('/etc/{0}/fpm/php.ini'.format("php/7.2")) config.read('/etc/{0}/fpm/php.ini'.format("php/7.2"))
expose_php = config['PHP']['expose_php'] expose_php = config['PHP']['expose_php']
memory_limit = config['PHP']['memory_limit'] memory_limit = config['PHP']['memory_limit']
post_max_size = config['PHP']['post_max_size'] post_max_size = config['PHP']['post_max_size']
upload_max_filesize = config['PHP']['upload_max_filesize'] upload_max_filesize = config['PHP']['upload_max_filesize']
max_execution_time = config['PHP']['max_execution_time'] max_execution_time = config['PHP']['max_execution_time']
config.read('/etc/{0}/fpm/pool.d/www.conf'.format("php/7.2")) config.read('/etc/{0}/fpm/pool.d/www.conf'.format("php/7.2"))
www_listen = config['www']['listen'] www_listen = config['www']['listen']
www_ping_path = config['www']['ping.path'] www_ping_path = config['www']['ping.path']
www_pm_status_path = config['www']['pm.status_path'] www_pm_status_path = config['www']['pm.status_path']
www_pm = config['www']['pm'] www_pm = config['www']['pm']
www_pm_max_requests = config['www']['pm.max_requests'] www_pm_max_requests = config['www']['pm.max_requests']
www_pm_max_children = config['www']['pm.max_children'] www_pm_max_children = config['www']['pm.max_children']
www_pm_start_servers = config['www']['pm.start_servers'] www_pm_start_servers = config['www']['pm.start_servers']
www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] www_pm_min_spare_servers = config['www']['pm.min_spare_servers']
www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] www_pm_max_spare_servers = config['www']['pm.max_spare_servers']
www_request_terminate_time = (config['www'] www_request_terminate_time = (config['www']
['request_terminate_timeout']) ['request_terminate_timeout'])
try: try:
www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable'
'_trigger]']) '_trigger]'])
except Exception as e: except Exception as e:
www_xdebug = 'off' www_xdebug = 'off'
config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2")) config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2"))
debug_listen = config['debug']['listen'] debug_listen = config['debug']['listen']
debug_ping_path = config['debug']['ping.path'] debug_ping_path = config['debug']['ping.path']
debug_pm_status_path = config['debug']['pm.status_path'] debug_pm_status_path = config['debug']['pm.status_path']
debug_pm = config['debug']['pm'] debug_pm = config['debug']['pm']
debug_pm_max_requests = config['debug']['pm.max_requests'] debug_pm_max_requests = config['debug']['pm.max_requests']
debug_pm_max_children = config['debug']['pm.max_children'] debug_pm_max_children = config['debug']['pm.max_children']
debug_pm_start_servers = config['debug']['pm.start_servers'] debug_pm_start_servers = config['debug']['pm.start_servers']
debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers']
debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers']
debug_request_terminate = (config['debug'] debug_request_terminate = (config['debug']
['request_terminate_timeout']) ['request_terminate_timeout'])
try: try:
debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_'
'enable_trigger]']) 'enable_trigger]'])
except Exception as e: except Exception as e:
debug_xdebug = 'off' debug_xdebug = 'off'
data = dict(version=version, expose_php=expose_php, data = dict(version=version, expose_php=expose_php,
memory_limit=memory_limit, post_max_size=post_max_size, memory_limit=memory_limit, post_max_size=post_max_size,
upload_max_filesize=upload_max_filesize, upload_max_filesize=upload_max_filesize,
max_execution_time=max_execution_time, max_execution_time=max_execution_time,
www_listen=www_listen, www_ping_path=www_ping_path, www_listen=www_listen, www_ping_path=www_ping_path,
www_pm_status_path=www_pm_status_path, www_pm=www_pm, www_pm_status_path=www_pm_status_path, www_pm=www_pm,
www_pm_max_requests=www_pm_max_requests, www_pm_max_requests=www_pm_max_requests,
www_pm_max_children=www_pm_max_children, www_pm_max_children=www_pm_max_children,
www_pm_start_servers=www_pm_start_servers, www_pm_start_servers=www_pm_start_servers,
www_pm_min_spare_servers=www_pm_min_spare_servers, www_pm_min_spare_servers=www_pm_min_spare_servers,
www_pm_max_spare_servers=www_pm_max_spare_servers, www_pm_max_spare_servers=www_pm_max_spare_servers,
www_request_terminate_timeout=www_request_terminate_time, www_request_terminate_timeout=www_request_terminate_time,
www_xdebug_profiler_enable_trigger=www_xdebug, www_xdebug_profiler_enable_trigger=www_xdebug,
debug_listen=debug_listen, debug_ping_path=debug_ping_path, debug_listen=debug_listen, debug_ping_path=debug_ping_path,
debug_pm_status_path=debug_pm_status_path, debug_pm_status_path=debug_pm_status_path,
debug_pm=debug_pm, debug_pm=debug_pm,
debug_pm_max_requests=debug_pm_max_requests, debug_pm_max_requests=debug_pm_max_requests,
debug_pm_max_children=debug_pm_max_children, debug_pm_max_children=debug_pm_max_children,
debug_pm_start_servers=debug_pm_start_servers, debug_pm_start_servers=debug_pm_start_servers,
debug_pm_min_spare_servers=debug_pm_min_spare_servers, debug_pm_min_spare_servers=debug_pm_min_spare_servers,
debug_pm_max_spare_servers=debug_pm_max_spare_servers, debug_pm_max_spare_servers=debug_pm_max_spare_servers,
debug_request_terminate_timeout=debug_request_terminate, debug_request_terminate_timeout=debug_request_terminate,
debug_xdebug_profiler_enable_trigger=debug_xdebug) debug_xdebug_profiler_enable_trigger=debug_xdebug)
self.app.render((data), 'info_php.mustache') self.app.render((data), 'info_php.mustache')
@expose(hide=True) @expose(hide=True)
def info_php73(self): def info_php73(self):
"""Display PHP information""" """Display PHP information"""
version = os.popen("/usr/bin/php7.3 -v 2>/dev/null | " version = os.popen("/usr/bin/php7.3 -v 2>/dev/null | "
"head -n1 | cut -d' ' -f2 |" "head -n1 | cut -d' ' -f2 |"
" cut -d'+' -f1 | tr -d '\n'").read " cut -d'+' -f1 | tr -d '\n'").read
config = configparser.ConfigParser() config = configparser.ConfigParser()
config.read('/etc/php/7.3/fpm/php.ini') config.read('/etc/php/7.3/fpm/php.ini')
expose_php = config['PHP']['expose_php'] expose_php = config['PHP']['expose_php']
memory_limit = config['PHP']['memory_limit'] memory_limit = config['PHP']['memory_limit']
post_max_size = config['PHP']['post_max_size'] post_max_size = config['PHP']['post_max_size']
upload_max_filesize = config['PHP']['upload_max_filesize'] upload_max_filesize = config['PHP']['upload_max_filesize']
max_execution_time = config['PHP']['max_execution_time'] max_execution_time = config['PHP']['max_execution_time']
config.read('/etc/php/7.3/fpm/pool.d/www.conf') config.read('/etc/php/7.3/fpm/pool.d/www.conf')
www_listen = config['www']['listen'] www_listen = config['www']['listen']
www_ping_path = config['www']['ping.path'] www_ping_path = config['www']['ping.path']
www_pm_status_path = config['www']['pm.status_path'] www_pm_status_path = config['www']['pm.status_path']
www_pm = config['www']['pm'] www_pm = config['www']['pm']
www_pm_max_requests = config['www']['pm.max_requests'] www_pm_max_requests = config['www']['pm.max_requests']
www_pm_max_children = config['www']['pm.max_children'] www_pm_max_children = config['www']['pm.max_children']
www_pm_start_servers = config['www']['pm.start_servers'] www_pm_start_servers = config['www']['pm.start_servers']
www_pm_min_spare_servers = config['www']['pm.min_spare_servers'] www_pm_min_spare_servers = config['www']['pm.min_spare_servers']
www_pm_max_spare_servers = config['www']['pm.max_spare_servers'] www_pm_max_spare_servers = config['www']['pm.max_spare_servers']
www_request_terminate_time = (config['www'] www_request_terminate_time = (config['www']
['request_terminate_timeout']) ['request_terminate_timeout'])
try: try:
www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable'
'_trigger]']) '_trigger]'])
except Exception as e: except Exception as e:
www_xdebug = 'off' www_xdebug = 'off'
config.read('/etc/php/7.3/fpm/pool.d/debug.conf') config.read('/etc/php/7.3/fpm/pool.d/debug.conf')
debug_listen = config['debug']['listen'] debug_listen = config['debug']['listen']
debug_ping_path = config['debug']['ping.path'] debug_ping_path = config['debug']['ping.path']
debug_pm_status_path = config['debug']['pm.status_path'] debug_pm_status_path = config['debug']['pm.status_path']
debug_pm = config['debug']['pm'] debug_pm = config['debug']['pm']
debug_pm_max_requests = config['debug']['pm.max_requests'] debug_pm_max_requests = config['debug']['pm.max_requests']
debug_pm_max_children = config['debug']['pm.max_children'] debug_pm_max_children = config['debug']['pm.max_children']
debug_pm_start_servers = config['debug']['pm.start_servers'] debug_pm_start_servers = config['debug']['pm.start_servers']
debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers'] debug_pm_min_spare_servers = config['debug']['pm.min_spare_servers']
debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers'] debug_pm_max_spare_servers = config['debug']['pm.max_spare_servers']
debug_request_terminate = (config['debug'] debug_request_terminate = (config['debug']
['request_terminate_timeout']) ['request_terminate_timeout'])
try: try:
debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_'
'enable_trigger]']) 'enable_trigger]'])
except Exception as e: except Exception as e:
debug_xdebug = 'off' debug_xdebug = 'off'
data = dict(version=version, expose_php=expose_php, data = dict(version=version, expose_php=expose_php,
memory_limit=memory_limit, post_max_size=post_max_size, memory_limit=memory_limit, post_max_size=post_max_size,
upload_max_filesize=upload_max_filesize, upload_max_filesize=upload_max_filesize,
max_execution_time=max_execution_time, max_execution_time=max_execution_time,
www_listen=www_listen, www_ping_path=www_ping_path, www_listen=www_listen, www_ping_path=www_ping_path,
www_pm_status_path=www_pm_status_path, www_pm=www_pm, www_pm_status_path=www_pm_status_path, www_pm=www_pm,
www_pm_max_requests=www_pm_max_requests, www_pm_max_requests=www_pm_max_requests,
www_pm_max_children=www_pm_max_children, www_pm_max_children=www_pm_max_children,
www_pm_start_servers=www_pm_start_servers, www_pm_start_servers=www_pm_start_servers,
www_pm_min_spare_servers=www_pm_min_spare_servers, www_pm_min_spare_servers=www_pm_min_spare_servers,
www_pm_max_spare_servers=www_pm_max_spare_servers, www_pm_max_spare_servers=www_pm_max_spare_servers,
www_request_terminate_timeout=www_request_terminate_time, www_request_terminate_timeout=www_request_terminate_time,
www_xdebug_profiler_enable_trigger=www_xdebug, www_xdebug_profiler_enable_trigger=www_xdebug,
debug_listen=debug_listen, debug_ping_path=debug_ping_path, debug_listen=debug_listen, debug_ping_path=debug_ping_path,
debug_pm_status_path=debug_pm_status_path, debug_pm_status_path=debug_pm_status_path,
debug_pm=debug_pm, debug_pm=debug_pm,
debug_pm_max_requests=debug_pm_max_requests, debug_pm_max_requests=debug_pm_max_requests,
debug_pm_max_children=debug_pm_max_children, debug_pm_max_children=debug_pm_max_children,
debug_pm_start_servers=debug_pm_start_servers, debug_pm_start_servers=debug_pm_start_servers,
debug_pm_min_spare_servers=debug_pm_min_spare_servers, debug_pm_min_spare_servers=debug_pm_min_spare_servers,
debug_pm_max_spare_servers=debug_pm_max_spare_servers, debug_pm_max_spare_servers=debug_pm_max_spare_servers,
debug_request_terminate_timeout=debug_request_terminate, debug_request_terminate_timeout=debug_request_terminate,
debug_xdebug_profiler_enable_trigger=debug_xdebug) debug_xdebug_profiler_enable_trigger=debug_xdebug)
self.app.render((data), 'info_php.mustache') self.app.render((data), 'info_php.mustache')
@expose(hide=True) @expose(hide=True)
def info_mysql(self): def info_mysql(self):
"""Display MySQL information""" """Display MySQL information"""
version = os.popen("/usr/bin/mysql -V | awk '{print($5)}' | " version = os.popen("/usr/bin/mysql -V | awk '{print($5)}' | "
"cut -d ',' " "cut -d ',' "
"-f1 | tr -d '\n'").read() "-f1 | tr -d '\n'").read()
host = "localhost" host = "localhost"
port = os.popen("/usr/bin/mysql -e \"show variables\" | " port = os.popen("/usr/bin/mysql -e \"show variables\" | "
"grep ^port | awk " "grep ^port | awk "
"'{print($2)}' | tr -d '\n'").read() "'{print($2)}' | tr -d '\n'").read()
wait_timeout = os.popen("/usr/bin/mysql -e \"show variables\" | grep " wait_timeout = os.popen("/usr/bin/mysql -e \"show variables\" | grep "
"^wait_timeout | awk '{print($2)}' | " "^wait_timeout | awk '{print($2)}' | "
"tr -d '\n'").read() "tr -d '\n'").read()
interactive_timeout = os.popen("/usr/bin/mysql -e " interactive_timeout = os.popen("/usr/bin/mysql -e "
"\"show variables\" | grep " "\"show variables\" | grep "
"^interactive_timeout | awk " "^interactive_timeout | awk "
"'{print($2)}' | tr -d '\n'").read() "'{print($2)}' | tr -d '\n'").read()
max_used_connections = os.popen("/usr/bin/mysql -e " max_used_connections = os.popen("/usr/bin/mysql -e "
"\"show global status\" | " "\"show global status\" | "
"grep Max_used_connections | awk " "grep Max_used_connections | awk "
"'{print($2)}' | tr -d '\n'").read() "'{print($2)}' | tr -d '\n'").read()
datadir = os.popen("/usr/bin/mysql -e \"show variables\" | " datadir = os.popen("/usr/bin/mysql -e \"show variables\" | "
"grep datadir | awk" "grep datadir | awk"
" '{print($2)}' | tr -d '\n'").read() " '{print($2)}' | tr -d '\n'").read()
socket = os.popen("/usr/bin/mysql -e \"show variables\" | " socket = os.popen("/usr/bin/mysql -e \"show variables\" | "
"grep \"^socket\" | " "grep \"^socket\" | "
"awk '{print($2)}' | tr -d '\n'").read() "awk '{print($2)}' | tr -d '\n'").read()
data = dict(version=version, host=host, port=port, data = dict(version=version, host=host, port=port,
wait_timeout=wait_timeout, wait_timeout=wait_timeout,
interactive_timeout=interactive_timeout, interactive_timeout=interactive_timeout,
max_used_connections=max_used_connections, max_used_connections=max_used_connections,
datadir=datadir, socket=socket) datadir=datadir, socket=socket)
self.app.render((data), 'info_mysql.mustache') self.app.render((data), 'info_mysql.mustache')
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
"""default function for info""" """default function for info"""
if (not self.app.pargs.nginx and not self.app.pargs.php and if (not self.app.pargs.nginx and not self.app.pargs.php and
not self.app.pargs.mysql and not self.app.pargs.php73): not self.app.pargs.mysql and not self.app.pargs.php73):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.php = True self.app.pargs.php = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
if WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
self.app.pargs.php73 = True self.app.pargs.php73 = True
if self.app.pargs.nginx: if self.app.pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom') or if (WOAptGet.is_installed(self, 'nginx-custom') or
WOAptGet.is_installed(self, 'nginx-wo')): WOAptGet.is_installed(self, 'nginx-wo')):
self.info_nginx() self.info_nginx()
else: else:
Log.error(self, "Nginx is not installed") Log.error(self, "Nginx is not installed")
if self.app.pargs.php: if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
self.info_php() self.info_php()
else: else:
Log.error(self, "PHP 7.2 is not installed") Log.error(self, "PHP 7.2 is not installed")
if self.app.pargs.php73: if self.app.pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
self.info_php73() self.info_php73()
else: else:
Log.error(self, "PHP 7.3 is not installed") Log.error(self, "PHP 7.3 is not installed")
if self.app.pargs.mysql: if self.app.pargs.mysql:
if WOShellExec.cmd_exec(self, "mysqladmin ping"): if WOShellExec.cmd_exec(self, "mysqladmin ping"):
self.info_mysql() self.info_mysql()
else: else:
Log.error(self, "MySQL is not installed") Log.error(self, "MySQL is not installed")
def load(app): def load(app):
# register the plugin class.. this only happens if the plugin is enabled # register the plugin class.. this only happens if the plugin is enabled
handler.register(WOInfoController) handler.register(WOInfoController)
# register a hook (function) to run after arguments are parsed. # register a hook (function) to run after arguments are parsed.
hook.register('post_argument_parsing', wo_info_hook) hook.register('post_argument_parsing', wo_info_hook)

1
wo/cli/plugins/maintenance.py
View File

@@ -10,7 +10,6 @@ from wo.core.services import WOService
from wo.core.shellexec import WOShellExec from wo.core.shellexec import WOShellExec
def wo_maintenance_hook(app): def wo_maintenance_hook(app):
pass pass

161
wo/cli/plugins/site.py
View File

@@ -319,7 +319,8 @@ class WOSiteCreateController(CementBaseController):
dict(help="create WordPress multisite with subdomain setup", dict(help="create WordPress multisite with subdomain setup",
action='store_true')), action='store_true')),
(['--wpfc'], (['--wpfc'],
dict(help="create WordPress single/multi site with wpfc cache", dict(help="create WordPress single/multi site with "
"Nginx fastcgi_cache",
action='store_true')), action='store_true')),
(['--wpsc'], (['--wpsc'],
dict(help="create WordPress single/multi site with wpsc cache", dict(help="create WordPress single/multi site with wpsc cache",
@@ -333,6 +334,10 @@ class WOSiteCreateController(CementBaseController):
action='store' or 'store_const', action='store' or 'store_const',
choices=('on', 'subdomain', 'wildcard'), choices=('on', 'subdomain', 'wildcard'),
const='on', nargs='?')), const='on', nargs='?')),
(['--dns'],
dict(help="choose dns provider api for letsencrypt",
action='store' or 'store_const',
const='dns_cf', nargs='?')),
(['--hsts'], (['--hsts'],
dict(help="enable HSTS for site secured with letsencrypt", dict(help="enable HSTS for site secured with letsencrypt",
action='store_true')), action='store_true')),
@@ -355,6 +360,7 @@ class WOSiteCreateController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
pargs = self.app.pargs
# self.app.render((data), 'default.mustache') # self.app.render((data), 'default.mustache')
# Check domain name validation # Check domain name validation
data = dict() data = dict()
@@ -726,42 +732,30 @@ class WOSiteCreateController(CementBaseController):
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` and please try again")
if self.app.pargs.letsencrypt == "on": if self.app.pargs.letsencrypt:
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
if self.app.pargs.dns:
wo_acme_dns = pargs.dns
if data['letsencrypt'] is True: if data['letsencrypt'] is True:
setupLetsEncrypt(self, wo_domain) if self.app.pargs.letsencrypt == "subdomain":
httpsRedirect(self, wo_domain) if self.app.pargs.dns:
setupLetsEncrypt(self, wo_domain, True, False,
if self.app.pargs.hsts: True, wo_acme_dns)
setupHsts(self, wo_domain) else:
setupLetsEncrypt(self, wo_domain, True)
if not WOService.reload_service(self, 'nginx'): httpsRedirect(self, wo_domain)
Log.error(self, "service nginx reload failed. " elif self.app.pargs.letsencrypt == "wildcard":
"check issues with `nginx -t` command") setupLetsEncrypt(self, wo_domain, False, True,
True, wo_acme_dns)
Log.info(self, "Congratulations! Successfully Configured " httpsRedirect(self, wo_domain, True, True)
"SSl for Site " else:
" https://{0}".format(wo_domain)) if self.app.pargs.dns:
setupLetsEncrypt(self, wo_domain, False,
# Add nginx conf folder into GIT False, True, wo_acme_dns)
WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)], else:
msg="Adding letsencrypts config of site: {0}" setupLetsEncrypt(self, wo_domain)
.format(wo_domain)) httpsRedirect(self, wo_domain)
updateSiteInfo(self, wo_domain, ssl=letsencrypt)
elif data['letsencrypt'] is False:
Log.info(self, "Not using Let\'s encrypt for Site "
" http://{0}".format(wo_domain))
if self.app.pargs.letsencrypt == "subdomain":
data['letsencrypt'] = True
letsencrypt = True
if data['letsencrypt'] is True:
setupLetsEncryptSubdomain(self, wo_domain)
httpsRedirect(self, wo_domain)
if self.app.pargs.hsts: if self.app.pargs.hsts:
setupHsts(self, wo_domain) setupHsts(self, wo_domain)
@@ -825,8 +819,13 @@ class WOSiteUpdateController(CementBaseController):
(['-le', '--letsencrypt'], (['-le', '--letsencrypt'],
dict(help="configure letsencrypt ssl for the site", dict(help="configure letsencrypt ssl for the site",
action='store' or 'store_const', action='store' or 'store_const',
choices=('on', 'off', 'renew', 'subdomain', 'wildcard'), choices=('on', 'off', 'renew', 'subdomain',
'wildcard', 'clean'),
const='on', nargs='?')), const='on', nargs='?')),
(['--dns'],
dict(help="choose dns provider api for letsencrypt",
action='store' or 'store_const',
const='dns_cf', nargs='?')),
(['--hsts'], (['--hsts'],
dict(help="configure hsts for the site", dict(help="configure hsts for the site",
action='store' or 'store_const', action='store' or 'store_const',
@@ -834,9 +833,6 @@ class WOSiteUpdateController(CementBaseController):
const='on', nargs='?')), const='on', nargs='?')),
(['--proxy'], (['--proxy'],
dict(help="update to proxy site", nargs='+')), dict(help="update to proxy site", nargs='+')),
(['--experimental'],
dict(help="Enable Experimenal packages without prompt",
action='store_true')),
(['--all'], (['--all'],
dict(help="update all sites", action='store_true')), dict(help="update all sites", action='store_true')),
(['--force'], (['--force'],
@@ -858,7 +854,8 @@ class WOSiteUpdateController(CementBaseController):
if not (pargs.php or pargs.php73 or if not (pargs.php or pargs.php73 or
pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.mysql or pargs.wp or pargs.wpsubdir or
pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or
pargs.wpredis or pargs.letsencrypt or pargs.hsts): pargs.wpredis or pargs.letsencrypt or pargs.hsts or
pargs.dns or pargs.force):
Log.error(self, "Please provide options to update sites.") Log.error(self, "Please provide options to update sites.")
if pargs.all: if pargs.all:
@@ -954,6 +951,11 @@ class WOSiteUpdateController(CementBaseController):
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, "\nFail to enable HSTS") Log.info(self, "\nFail to enable HSTS")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "HSTS is enabled for "
"https://{0}".format(wo_domain))
return 0 return 0
if ((stype == 'php' and if ((stype == 'php' and
@@ -965,7 +967,7 @@ class WOSiteUpdateController(CementBaseController):
(stype == 'wpsubdir' and oldsitetype in ['wpsubdomain']) or (stype == 'wpsubdir' and oldsitetype in ['wpsubdomain']) or
(stype == 'wpsubdomain' and oldsitetype in ['wpsubdir']) or (stype == 'wpsubdomain' and oldsitetype in ['wpsubdir']) or
(stype == oldsitetype and cache == oldcachetype) and not (stype == oldsitetype and cache == oldcachetype) and not
(pargs.php73 or pargs.hsts or pargs.letsencrypt)): pargs.php73):
Log.info(self, Log.FAIL + "can not update {0} {1} to {2} {3}". Log.info(self, Log.FAIL + "can not update {0} {1} to {2} {3}".
format(oldsitetype, oldcachetype, stype, cache)) format(oldsitetype, oldcachetype, stype, cache))
return 1 return 1
@@ -1181,6 +1183,9 @@ class WOSiteUpdateController(CementBaseController):
elif pargs.letsencrypt == 'off': elif pargs.letsencrypt == 'off':
data['letsencrypt'] = False data['letsencrypt'] = False
letsencrypt = False letsencrypt = False
elif pargs.letsencrypt == 'clean':
data['letsencrypt'] = False
letsencrypt = False
if letsencrypt is check_ssl: if letsencrypt is check_ssl:
if letsencrypt is False: if letsencrypt is False:
@@ -1203,12 +1208,15 @@ class WOSiteUpdateController(CementBaseController):
if pargs.php73 == "on": if pargs.php73 == "on":
data['php73'] = True data['php73'] = True
php73 = True php73 = True
else:
data['php73'] = False
php73 = False
if pargs.letsencrypt == "on": if pargs.letsencrypt == "on":
if oldsitetype in ['wpsubdomain']: if oldsitetype in ['wpsubdomain']:
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
wildcard = True pargs.letsencrypt == 'wildcard'
else: else:
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
@@ -1273,22 +1281,36 @@ class WOSiteUpdateController(CementBaseController):
" http://{0}".format(wo_domain)) " http://{0}".format(wo_domain))
return 0 return 0
if pargs.letsencrypt: if self.app.pargs.letsencrypt:
if self.app.pargs.dns:
wo_acme_dns = pargs.dns
if data['letsencrypt'] is True: if data['letsencrypt'] is True:
if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled" if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"
.format(wo_site_webroot)): .format(wo_site_webroot)):
if not pargs.letsencrypt == "subdomain": if self.app.pargs.letsencrypt == "on":
setupLetsEncrypt(self, wo_domain) if self.app.pargs.dns:
else: setupLetsEncrypt(self, wo_domain, False,
setupLetsEncryptSubdomain(self, wo_domain) False, True, wo_acme_dns)
else:
setupLetsEncrypt(self, wo_domain)
httpsRedirect(self, wo_domain)
elif self.app.pargs.letsencrypt == "subdomain":
if self.app.pargs.dns:
setupLetsEncrypt(self, wo_domain, True, False,
True, wo_acme_dns)
else:
setupLetsEncrypt(self, wo_domain, True)
httpsRedirect(self, wo_domain)
elif self.app.pargs.letsencrypt == "wildcard":
setupLetsEncrypt(self, wo_domain, False, True,
True, wo_acme_dns)
httpsRedirect(self, wo_domain, True, True)
else: else:
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled" WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled"
.format(wo_site_webroot), .format(wo_site_webroot),
'{0}/conf/nginx/ssl.conf' '{0}/conf/nginx/ssl.conf'
.format(wo_site_webroot)) .format(wo_site_webroot))
httpsRedirect(self, wo_domain)
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
@@ -1307,23 +1329,35 @@ class WOSiteUpdateController(CementBaseController):
".PLEASE renew soon . ") ".PLEASE renew soon . ")
elif data['letsencrypt'] is False: elif data['letsencrypt'] is False:
if os.path.isfile("{0}/conf/nginx/ssl.conf" if self.app.pargs.letsencrypt == "off":
.format(wo_site_webroot)): if os.path.isfile("{0}/conf/nginx/ssl.conf"
Log.info(self, 'Setting Nginx configuration')
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot))
httpsRedirect(self, wo_domain, False)
if os.path.isfile("{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot)): .format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf" Log.info(self, 'Setting Nginx configuration')
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot), .format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled' '{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot)) .format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'): httpsRedirect(self, wo_domain, False)
Log.error(self, "service nginx reload failed. " if os.path.isfile("{0}/conf/nginx/hsts.conf"
"check issues with `nginx -t` command") .format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/'
'hsts.conf.disabled'
.format(wo_site_webroot))
if self.app.pargs.letsencrypt == "clean":
if os.path.isfile("{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot)):
WOFileUtils.remove(self, "{0}/conf/nginx/ssl.conf"
.format(wo_site_webroot))
WOFileUtils.remove(self, "/etc/letsencrypt/live"
"/{0}".format(wo_domain))
WOFileUtils.remove(self, "/etc/nginx/conf.d/"
"force-ssl-{0}.conf"
.format(wo_domain_name))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
# Log.info(self,"Removing Cron Job set for cert # Log.info(self,"Removing Cron Job set for cert
# auto-renewal") WOCron.remove_cron(self,'wo site # auto-renewal") WOCron.remove_cron(self,'wo site
# update {0} --le=renew --min_expiry_limit 30 # update {0} --le=renew --min_expiry_limit 30
@@ -1415,7 +1449,8 @@ class WOSiteUpdateController(CementBaseController):
return 1 return 1
# Setup WordPress if old sites are html/php/mysql sites # Setup WordPress if old sites are html/php/mysql sites
if data['wp'] and oldsitetype in ['html', 'proxy', 'php', 'mysql']: if data['wp'] and oldsitetype in ['html', 'proxy', 'php',
'mysql', 'php73']:
try: try:
wo_wp_creds = setupwordpress(self, data) wo_wp_creds = setupwordpress(self, data)
except SiteError as e: except SiteError as e:

321
wo/cli/plugins/site_functions.py
View File

@@ -327,11 +327,44 @@ def setupwordpress(self, data):
raise SiteError("generate wp-config failed for wp single site") raise SiteError("generate wp-config failed for wp single site")
except CommandExecutionError as e: except CommandExecutionError as e:
raise SiteError("generate wp-config failed for wp single site") raise SiteError("generate wp-config failed for wp single site")
try:
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) + .format(WOVariables.wo_wpcli_path) +
"config set WP_CACHE_KEY_SALT " "config set WP_CACHE_KEY_SALT "
"\'{0}:\'\"".format(wo_domain_name)) "\'{0}:\'\"".format(wo_domain_name))
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MEMORY_LIMIT "
"\'128M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MAX_MEMORY_LIMIT "
"\'256M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set CONCATENATE_SCRIPTS "
"false\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_POST_REVISIONS "
"\'10\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set MEDIA_TRASH "
"true\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set EMPTY_TRASH_DAYS "
"\'15\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_AUTO_UPDATE_CORE "
"minor\"")
except CommandExecutionError as e:
Log.error(self, "Unable to define extra variable in wp-config.php")
else: else:
Log.debug(self, "Generating wp-config for WordPress multisite") Log.debug(self, "Generating wp-config for WordPress multisite")
@@ -339,7 +372,8 @@ def setupwordpress(self, data):
.format(WOVariables.wo_wpcli_path) + .format(WOVariables.wo_wpcli_path) +
"config create " + "config create " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' " "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' "
.format(data['wo_db_name'], wo_wp_prefix, data['wo_db_host']) + .format(data['wo_db_name'],
wo_wp_prefix, data['wo_db_host']) +
"--dbuser=\'{0}\' --dbpass=\'{1}\' " "--dbuser=\'{0}\' --dbpass=\'{1}\' "
"--extra-php<<PHP \n {2} {3} {4} \nPHP\"" "--extra-php<<PHP \n {2} {3} {4} \nPHP\""
.format(data['wo_db_user'], data['wo_db_pass'], .format(data['wo_db_user'], data['wo_db_pass'],
@@ -372,10 +406,44 @@ def setupwordpress(self, data):
except CommandExecutionError as e: except CommandExecutionError as e:
raise SiteError("generate wp-config failed for wp multi site") raise SiteError("generate wp-config failed for wp multi site")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " try:
.format(WOVariables.wo_wpcli_path) +
"config set WP_CACHE_KEY_SALT " WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
"\'{0}:\'\"".format(wo_domain_name)) .format(WOVariables.wo_wpcli_path) +
"config set WP_CACHE_KEY_SALT "
"\'{0}:\'\"".format(wo_domain_name))
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MEMORY_LIMIT "
"\'128M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_MAX_MEMORY_LIMIT "
"\'256M\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set CONCATENATE_SCRIPTS "
"false\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_POST_REVISIONS "
"\'10\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set MEDIA_TRASH "
"true\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set EMPTY_TRASH_DAYS "
"\'15\'\"")
WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) +
"config set WP_AUTO_UPDATE_CORE "
"minor\"")
except CommandExecutionError as e:
Log.error(self, "Unable to define extra variable in wp-config.php")
# WOFileUtils.mvfile(self, os.getcwd()+'/wp-config.php', # WOFileUtils.mvfile(self, os.getcwd()+'/wp-config.php',
# os.path.abspath(os.path.join(os.getcwd(), os.pardir))) # os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
@@ -856,7 +924,7 @@ def site_package_check(self, stype):
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
if (os.path.isdir("/etc/nginx/common") and if (os.path.isdir("/etc/nginx/common") and
not os.path.isfile("/etc/nginx/common/php73.conf")): not os.path.isfile("/etc/nginx/common/locations-wo.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-wo.conf') 'file /etc/nginx/common/locations-wo.conf')
@@ -1231,9 +1299,18 @@ def removeAcmeConf(self, domain):
if os.path.isdir('/etc/letsencrypt/renewal/{0}_ecc' if os.path.isdir('/etc/letsencrypt/renewal/{0}_ecc'
.format(domain)): .format(domain)):
Log.debug(self, "Removing Acme configuration") Log.debug(self, "Removing Acme configuration")
WOFileUtils.rm(self, '/etc/letsencrypt/renewal/{0}_ecc' try:
WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--remove "
"-d {0} --ecc"
.format(domain))
except CommandExecutionError as e:
Log.error(self, "Cert removal failed")
WOFileUtils.remove(self, '/etc/letsencrypt/renewal/{0}_ecc'
.format(domain)) .format(domain))
WOFileUtils.rm(self, '/etc/letsencrypt/live/{0}' WOFileUtils.remove(self, '/etc/letsencrypt/live/{0}'
.format(domain)) .format(domain))
WOGit.add(self, ["/etc/letsencrypt"], WOGit.add(self, ["/etc/letsencrypt"],
msg="Deleted {0} " msg="Deleted {0} "
@@ -1265,40 +1342,57 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
raise SiteError("dbhost not provided") raise SiteError("dbhost not provided")
deleteDB(self, dbname, dbuser, dbhost) deleteDB(self, dbname, dbuser, dbhost)
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)): def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
if os.path.isfile("/etc/letsencrypt/" wo_dns=False, wo_acme_dns='dns_cf'):
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)): if os.path.isfile("/etc/letsencrypt/"
Log.debug(self, "Let's Encrypt certificate " "renewal/{0}_ecc/"
"found for the domain: {0}" "fullchain.cer".format(wo_domain_name)):
.format(wo_domain_name)) Log.debug(self, "Let's Encrypt certificate "
ssl = archivedCertificateHandle(self, wo_domain_name) "found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
keylenght = "{0}".format(self.app.config.get('letsencrypt',
'keylength'))
if wo_dns:
acme_mode = "--dns {0}".format(wo_acme_dns)
else: else:
Log.info(self, "Issuing SSL cert with acme.sh") acme_mode = "-w /var/www/html"
Log.info(self, "Issuing SSL cert with acme.sh")
if subdomain:
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--issue " "--issue "
"-d {0} -d www.{0} -w /var/www/html " "-d {0} {1}"
"-k ec-384 -f" "-k {3} -f"
.format(wo_domain_name)) .format(wo_domain_name,
else: acme_mode,
Log.info(self, "Issuing SSL cert with acme.sh") keylenght))
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " elif wildcard:
"--config-home " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"'/etc/letsencrypt/config' " "--config-home "
"--issue " "'/etc/letsencrypt/config' "
"-d {0} -d www.{0} -w /var/www/html " "--issue "
"-k ec-384 -f" "-d {0} -d *.{0} --dns {1} "
.format(wo_domain_name)) "-k {2} -f"
.format(wo_domain_name,
wo_acme_dns,
keylenght))
else:
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -d www.{0} {1} "
"-k {2} -f"
.format(wo_domain_name,
acme_mode, keylenght))
if ssl: if ssl:
try: try:
Log.info(self, "Deploying SSL cert with acme.sh") Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Cert deployment for domain: {0}" Log.debug(self, "Cert deployment for domain: {0}"
@@ -1349,90 +1443,6 @@ def setupLetsEncrypt(self, wo_domain_name):
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# setup letsencrypt for a subdomain
def setupLetsEncryptSubdomain(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate "
"found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -w /var/www/html "
"-k ec-384 -f"
.format(wo_domain_name))
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -w /var/www/html "
"-k ec-384 -f"
.format(wo_domain_name))
if ssl:
try:
Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Deploying cert for domain: {0}"
.format(wo_domain_name))
sslsetup = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--ca-file {0}/{1}/ca.pem "
"--reloadcmd "
"\"nginx -t && service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name))
sslconf = open("/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
sslconf.write("listen 443 ssl http2;\n"
"listen [::]:443 ssl http2;\n"
"ssl_certificate {0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n"
"ssl_trusted_certificate {0}/{1}/ca.pem;\n"
"ssl_stapling_verify on;\n"
.format(WOVariables.wo_ssl_live, wo_domain_name))
sslconf.close()
updateSiteInfo(self, wo_domain_name, ssl=True)
WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder")
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"ssl.conf")
else:
Log.error(self, "Unable to create ssl.conf", False)
Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which "
"you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.")
# letsencrypt cert renewal # letsencrypt cert renewal
@@ -1500,7 +1510,7 @@ def setupHsts(self, wo_domain_name):
return 0 return 0
def httpsRedirect(self, wo_domain_name, redirect=True): def httpsRedirect(self, wo_domain_name, redirect=True, wildcard=False):
if redirect: if redirect:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled" if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled"
.format(wo_domain_name)): .format(wo_domain_name)):
@@ -1510,31 +1520,54 @@ def httpsRedirect(self, wo_domain_name, redirect=True):
"/etc/nginx/conf.d/force-ssl-{0}.conf" "/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name)) .format(wo_domain_name))
else: else:
try: if wildcard:
Log.info( try:
self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf" Log.info(
.format(wo_domain_name)) self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
sslconf.write("server {\n"
"\tlisten 80;\n" +
"\tlisten [::]:80;\n" +
"\tserver_name *.{0} {0};\n"
.format(wo_domain_name) +
"\treturn 301 https://$host"
"$request_uri;\n}")
sslconf.close()
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
else:
try:
Log.info(
self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf" sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name), .format(wo_domain_name),
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
sslconf.write("server {\n" sslconf.write("server {\n"
"\tlisten 80;\n" + "\tlisten 80;\n" +
"\tlisten [::]:80;\n" + "\tlisten [::]:80;\n" +
"\tserver_name www.{0} {0};\n" "\tserver_name www.{0} {0};\n"
.format(wo_domain_name) + .format(wo_domain_name) +
"\treturn 301 https://{0}" "\treturn 301 https://{0}"
.format(wo_domain_name)+"$request_uri;\n}") .format(wo_domain_name)+"$request_uri;\n}")
sslconf.close() sslconf.close()
# Nginx Configation into GIT
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf" "/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name)) .format(wo_domain_name))
Log.info(self, "Added HTTPS Force Redirection for Site " Log.info(self, "Added HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name)) " http://{0}".format(wo_domain_name))
# Nginx Configation into GIT
WOGit.add(self, WOGit.add(self,
["/etc/nginx"], msg="Adding /etc/nginx/conf.d/" ["/etc/nginx"], msg="Adding /etc/nginx/conf.d/"
"force-ssl-{0}.conf".format(wo_domain_name)) "force-ssl-{0}.conf".format(wo_domain_name))

255
wo/cli/plugins/stack.py
View File

@@ -50,6 +50,8 @@ class WOStackController(CementBaseController):
dict(help='Install web stack', action='store_true')), dict(help='Install web stack', action='store_true')),
(['--admin'], (['--admin'],
dict(help='Install admin tools stack', action='store_true')), dict(help='Install admin tools stack', action='store_true')),
(['--security'],
dict(help='Install security tools stack', action='store_true')),
(['--nginx'], (['--nginx'],
dict(help='Install Nginx stack', action='store_true')), dict(help='Install Nginx stack', action='store_true')),
(['--php'], (['--php'],
@@ -79,6 +81,8 @@ class WOStackController(CementBaseController):
dict(help='Install Redis', action='store_true')), dict(help='Install Redis', action='store_true')),
(['--phpredisadmin'], (['--phpredisadmin'],
dict(help='Install phpRedisAdmin', action='store_true')), dict(help='Install phpRedisAdmin', action='store_true')),
(['--proftpd'],
dict(help='Install ProFTPd', action='store_true')),
] ]
usage = "wo stack (command) [options]" usage = "wo stack (command) [options]"
@@ -93,8 +97,7 @@ class WOStackController(CementBaseController):
if set(WOVariables.wo_mysql).issubset(set(apt_packages)): if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
# add mariadb repository excepted on raspbian and ubuntu 19.04 # add mariadb repository excepted on raspbian and ubuntu 19.04
if ((not WOVariables.wo_platform_codename == 'disco') and if (not WOVariables.wo_platform_distro == 'raspbian'):
(not WOVariables.wo_platform_distro == 'raspbian')):
Log.info(self, "Adding repository for MySQL, please wait...") Log.info(self, "Adding repository for MySQL, please wait...")
mysql_pref = ("Package: *\nPin: origin " mysql_pref = ("Package: *\nPin: origin "
"sfo1.mirrors.digitalocean.com" "sfo1.mirrors.digitalocean.com"
@@ -194,6 +197,7 @@ class WOStackController(CementBaseController):
WORepo.add(self, ppa=WOVariables.wo_nginx_repo) WORepo.add(self, ppa=WOVariables.wo_nginx_repo)
Log.debug(self, 'Adding ppa for Nginx') Log.debug(self, 'Adding ppa for Nginx')
else: else:
Log.info(self, "Adding repository for NGINX, please wait...")
WORepo.add(self, repo_url=WOVariables.wo_nginx_repo) WORepo.add(self, repo_url=WOVariables.wo_nginx_repo)
Log.debug(self, 'Adding repository for Nginx') Log.debug(self, 'Adding repository for Nginx')
WORepo.add_key(self, WOVariables.wo_nginx_key) WORepo.add_key(self, WOVariables.wo_nginx_key)
@@ -208,6 +212,13 @@ class WOStackController(CementBaseController):
else: else:
Log.info(self, "Adding repository for PHP, please wait...") Log.info(self, "Adding repository for PHP, please wait...")
# Add repository for php # Add repository for php
if (WOVariables.wo_platform_codename == 'buster'):
php_pref = ("Package: *\nPin: origin "
"packages.sury.org"
"\nPin-Priority: 1000\n")
with open('/etc/apt/preferences.d/'
'PHP.pref', 'w') as php_pref_file:
php_pref_file.write(php_pref)
Log.debug(self, 'Adding repo_url of php for debian') Log.debug(self, 'Adding repo_url of php for debian')
WORepo.add(self, repo_url=WOVariables.wo_php_repo) WORepo.add(self, repo_url=WOVariables.wo_php_repo)
Log.debug(self, 'Adding deb.sury GPG key') Log.debug(self, 'Adding deb.sury GPG key')
@@ -370,7 +381,7 @@ class WOStackController(CementBaseController):
# php73 conf # php73 conf
if not os.path.isfile("/etc/nginx/common/php73.conf"): if not os.path.isfile("/etc/nginx/common/php73.conf"):
# data = dict() # data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf') 'file /etc/nginx/common/php73.conf')
wo_nginx = open('/etc/nginx/common/php73.conf', wo_nginx = open('/etc/nginx/common/php73.conf',
@@ -1075,21 +1086,69 @@ class WOStackController(CementBaseController):
# create fail2ban configuration files # create fail2ban configuration files
if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)):
if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"):
data = dict()
Log.debug(self, "Setting up fail2ban jails configuration") Log.debug(self, "Setting up fail2ban jails configuration")
wo_fail2ban = open('/etc/fail2ban/jail.d/custom.conf', fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'fail2ban.mustache', self.app.render((data), 'fail2ban.mustache',
out=wo_fail2ban) out=fail2ban_config)
wo_fail2ban.close() fail2ban_config.close()
Log.debug(self, "Setting up fail2ban wp filter") Log.debug(self, "Setting up fail2ban wp filter")
wo_fail2ban = open('/etc/fail2ban/filter.d/' fail2ban_config = open('/etc/fail2ban/filter.d/'
'wo-wordpress.conf', 'wo-wordpress.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'fail2ban-wp.mustache', self.app.render((data), 'fail2ban-wp.mustache',
out=wo_fail2ban) out=fail2ban_config)
wo_fail2ban.close() fail2ban_config.close()
Log.debug(self, "Setting up fail2ban wp filter")
fail2ban_config = open('/etc/fail2ban/filter.d/'
'nginx-forbidden.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'fail2ban-forbidden.mustache',
out=fail2ban_config)
fail2ban_config.close()
WOGit.add(self, ["/etc/fail2ban"],
msg="Adding Fail2ban into Git")
WOService.reload_service(self, 'fail2ban')
# Proftpd configuration
if set(["proftpd-basic"]).issubset(set(apt_packages)):
if os.path.isfile("/etc/proftpd/proftpd.conf"):
Log.debug(self, "Setting up Proftpd configuration")
WOFileUtils.searchreplace(self, "/etc/proftpd/"
"proftpd.conf",
"# DefaultRoot",
"DefaultRoot")
WOFileUtils.searchreplace(self, "/etc/proftpd/"
"proftpd.conf",
"# RequireValidShell",
"RequireValidShell")
WOFileUtils.searchreplace(self, "/etc/proftpd/"
"proftpd.conf",
"# PassivePorts "
" "
"49152 65534",
"PassivePorts "
" "
" 49000 50000")
# add rule for proftpd with UFW
if WOAptGet.is_installed(self, 'ufw'):
try:
WOShellExec.cmd_exec(self, "ufw allow "
"49000:50000/tcp")
except CommandExecutionError as e:
Log.error(self, "Unable to add UFW rule")
if os.path.isfile("/etc/fail2ban/jail.d/custom.conf"):
with open("/etc/fail2ban/jail.d/custom.conf",
encoding='utf-8', mode='a') as f2bproftpd:
f2bproftpd.write("\n\n[proftpd]\nenabled = true\n")
WOService.reload_service(self, 'fail2ban')
WOGit.add(self, ["/etc/proftpd"],
msg="Adding ProFTPd into Git")
WOService.reload_service(self, 'proftpd')
if (packages): if (packages):
if any('/usr/local/bin/wp' == x[1] for x in packages): if any('/usr/local/bin/wp' == x[1] for x in packages):
@@ -1407,17 +1466,22 @@ class WOStackController(CementBaseController):
(not self.app.pargs.composer) and (not self.app.pargs.composer) and
(not self.app.pargs.netdata) and (not self.app.pargs.netdata) and
(not self.app.pargs.dashboard) and (not self.app.pargs.dashboard) and
(not self.app.pargs.fail2ban) and
(not self.app.pargs.security) and
(not self.app.pargs.adminer) and (not self.app.pargs.utils) and (not self.app.pargs.adminer) and (not self.app.pargs.utils) and
(not self.app.pargs.redis) and (not self.app.pargs.redis) and (not self.app.pargs.proftpd) and
(not self.app.pargs.phpredisadmin) and (not self.app.pargs.phpredisadmin) and
(not self.app.pargs.php73)): (not self.app.pargs.php73)):
self.app.pargs.web = True self.app.pargs.web = True
self.app.pargs.admin = True self.app.pargs.admin = True
self.app.pargs.security = True
if self.app.pargs.all: if self.app.pargs.all:
self.app.pargs.web = True self.app.pargs.web = True
self.app.pargs.admin = True self.app.pargs.admin = True
self.app.pargs.php73 = True self.app.pargs.php73 = True
self.app.pargs.redis = True
self.app.pargs.proftpd = True
if self.app.pargs.web: if self.app.pargs.web:
self.app.pargs.nginx = True self.app.pargs.nginx = True
@@ -1437,6 +1501,9 @@ class WOStackController(CementBaseController):
self.app.pargs.dashboard = True self.app.pargs.dashboard = True
self.app.pargs.phpredisadmin = True self.app.pargs.phpredisadmin = True
if self.app.pargs.security:
self.app.pargs.fail2ban = True
# Redis # Redis
if self.app.pargs.redis: if self.app.pargs.redis:
if not WOAptGet.is_installed(self, 'redis-server'): if not WOAptGet.is_installed(self, 'redis-server'):
@@ -1505,7 +1572,6 @@ class WOStackController(CementBaseController):
"/master/mysqltuner.pl", "/master/mysqltuner.pl",
"/usr/bin/mysqltuner", "/usr/bin/mysqltuner",
"MySQLTuner"]] "MySQLTuner"]]
else: else:
Log.debug(self, "MySQL connection is already alive") Log.debug(self, "MySQL connection is already alive")
Log.info(self, "MySQL connection is already alive") Log.info(self, "MySQL connection is already alive")
@@ -1533,37 +1599,64 @@ class WOStackController(CementBaseController):
Log.debug(self, "Fail2ban already installed") Log.debug(self, "Fail2ban already installed")
Log.info(self, "Fail2ban already installed") Log.info(self, "Fail2ban already installed")
# proftpd
if self.app.pargs.proftpd:
Log.debug(self, "Setting apt_packages variable for ProFTPd")
if not WOAptGet.is_installed(self, 'proftpd-basic'):
apt_packages = apt_packages + ["proftpd-basic"]
else:
Log.debug(self, "ProFTPd already installed")
Log.info(self, "ProFTPd already installed")
# PHPMYADMIN # PHPMYADMIN
if self.app.pargs.phpmyadmin: if self.app.pargs.phpmyadmin:
Log.debug(self, "Setting packages variable for phpMyAdmin ") if not os.path.isdir('/var/www/22222/htdocs/db/pma'):
self.app.pargs.composer = True Log.debug(self, "Setting packages variable "
packages = packages + [["https://github.com/phpmyadmin/" "for phpMyAdmin ")
"phpmyadmin/archive/STABLE.tar.gz", self.app.pargs.composer = True
"/var/lib/wo/tmp/pma.tar.gz", packages = packages + [["https://github.com/phpmyadmin/"
"phpMyAdmin"]] "phpmyadmin/archive/STABLE.tar.gz",
"/var/lib/wo/tmp/pma.tar.gz",
"phpMyAdmin"]]
else:
Log.debug(self, "phpMyAdmin already installed")
Log.info(self, "phpMyAdmin already installed")
# Composer # Composer
if self.app.pargs.composer: if self.app.pargs.composer:
Log.debug(self, "Setting packages variable for Composer ") if not os.path.isfile('/usr/local/bin/composer'):
packages = packages + [["https://getcomposer.org/installer", Log.debug(self, "Setting packages variable for Composer ")
"/var/lib/wo/tmp/composer-install", packages = packages + [["https://getcomposer.org/"
"Composer"]] "installer",
"/var/lib/wo/tmp/composer-install",
"Composer"]]
else:
Log.debug(self, "Composer already installed")
Log.info(self, "Composer already installed")
# PHPREDISADMIN # PHPREDISADMIN
if self.app.pargs.phpredisadmin: if self.app.pargs.phpredisadmin:
Log.debug(self, "Setting packages variable for phpRedisAdmin") if not os.path.isdir('/var/www/22222/htdocs/cache/redis'):
self.app.pargs.composer = True Log.debug(
packages = packages + [["https://github.com/erikdubbelboer/" self, "Setting packages variable for phpRedisAdmin")
"phpRedisAdmin/archive/v1.11.3.tar.gz", self.app.pargs.composer = True
"/var/lib/wo/tmp/pra.tar.gz", packages = packages + [["https://github.com/"
"phpRedisAdmin"], "erikdubbelboer/"
["https://github.com/nrk/predis/" "phpRedisAdmin/archive"
"archive/v1.1.1.tar.gz", "/v1.11.3.tar.gz",
"/var/lib/wo/tmp/predis.tar.gz", "/var/lib/wo/tmp/pra.tar.gz",
"Predis"]] "phpRedisAdmin"]]
else:
Log.debug(self, "phpRedisAdmin already installed")
Log.info(self, "phpRedisAdmin already installed")
# ADMINER # ADMINER
if self.app.pargs.adminer: if self.app.pargs.adminer:
Log.debug(self, "Setting packages variable for Adminer ") if not os.path.isdir('{0}22222/htdocs/db/adminer'
packages = packages + [["https://github.com/vrana/adminer/" .format(WOVariables.wo_webroot)):
"releases/download/v{0}" Log.debug(self, "Setting packages variable for Adminer ")
packages = packages + [["https://github.com/vrana/adminer/"
"releases/download/v{0}"
"/adminer-{0}.php" "/adminer-{0}.php"
.format(WOVariables.wo_adminer), .format(WOVariables.wo_adminer),
"{0}22222/" "{0}22222/"
@@ -1574,9 +1667,12 @@ class WOStackController(CementBaseController):
"/vrana/adminer/master/designs/" "/vrana/adminer/master/designs/"
"pepa-linha/adminer.css", "pepa-linha/adminer.css",
"{0}22222/" "{0}22222/"
"htdocs/db/adminer/adminer.css" "htdocs/db/adminer/adminer.css"
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
"Adminer theme"]] "Adminer theme"]]
else:
Log.debug(self, "Adminer already installed")
Log.info(self, "Adminer already installed")
# Netdata # Netdata
if self.app.pargs.netdata: if self.app.pargs.netdata:
@@ -1586,20 +1682,28 @@ class WOStackController(CementBaseController):
'kickstart-static64.sh', 'kickstart-static64.sh',
'/var/lib/wo/tmp/kickstart.sh', '/var/lib/wo/tmp/kickstart.sh',
'Netdata']] 'Netdata']]
else:
Log.debug(self, "Netdata already installed")
Log.info(self, "Netdata already installed")
# WordOps Dashboard # WordOps Dashboard
if self.app.pargs.dashboard: if self.app.pargs.dashboard:
Log.debug(self, "Setting packages variable for WO-Dashboard") if not os.path.isfile('/var/www/22222/htdocs/index.php'):
packages = packages + \ Log.debug(
[["https://github.com/WordOps/" self, "Setting packages variable for WO-Dashboard")
"wordops-dashboard/releases/" packages = packages + \
"download/v1.0/wo-dashboard.tar.gz", [["https://github.com/WordOps/"
"/var/lib/wo/tmp/wo-dashboard.tar.gz", "wordops-dashboard/releases/"
"WordOps Dashboard"], "download/v1.0/wo-dashboard.tar.gz",
["https://github.com/soerennb/" "/var/lib/wo/tmp/wo-dashboard.tar.gz",
"extplorer/archive/v2.1.11.tar.gz", "WordOps Dashboard"],
"/var/lib/wo/tmp/extplorer.tar.gz", ["https://github.com/soerennb/"
"eXtplorer"]] "extplorer/archive/v2.1.11.tar.gz",
"/var/lib/wo/tmp/extplorer.tar.gz",
"eXtplorer"]]
else:
Log.debug(self, "WordOps dashboard already installed")
Log.info(self, "WordOps dashboard already installed")
# UTILS # UTILS
if self.app.pargs.utils: if self.app.pargs.utils:
@@ -1723,10 +1827,13 @@ class WOStackController(CementBaseController):
(not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and
(not self.app.pargs.adminer) and (not self.app.pargs.utils) and (not self.app.pargs.adminer) and (not self.app.pargs.utils) and
(not self.app.pargs.composer) and (not self.app.pargs.netdata) and (not self.app.pargs.composer) and (not self.app.pargs.netdata) and
(not self.app.pargs.fail2ban) and (not self.app.pargs.proftpd) and
(not self.app.pargs.security) and
(not self.app.pargs.all) and (not self.app.pargs.redis) and (not self.app.pargs.all) and (not self.app.pargs.redis) and
(not self.app.pargs.phpredisadmin)): (not self.app.pargs.phpredisadmin)):
self.app.pargs.web = True self.app.pargs.web = True
self.app.pargs.admin = True self.app.pargs.admin = True
self.app.pargs.security = True
if self.app.pargs.all: if self.app.pargs.all:
self.app.pargs.web = True self.app.pargs.web = True
@@ -1748,6 +1855,9 @@ class WOStackController(CementBaseController):
self.app.pargs.dashboard = True self.app.pargs.dashboard = True
self.app.pargs.phpredisadmin = True self.app.pargs.phpredisadmin = True
if self.app.pargs.security:
self.app.pargs.fail2ban = True
# NGINX # NGINX
if self.app.pargs.nginx: if self.app.pargs.nginx:
if WOAptGet.is_installed(self, 'nginx-custom'): if WOAptGet.is_installed(self, 'nginx-custom'):
@@ -1790,6 +1900,23 @@ class WOStackController(CementBaseController):
Log.debug(self, "Removing apt_packages variable of MySQL") Log.debug(self, "Removing apt_packages variable of MySQL")
apt_packages = apt_packages + WOVariables.wo_mysql apt_packages = apt_packages + WOVariables.wo_mysql
packages = packages + ['/usr/bin/mysqltuner'] packages = packages + ['/usr/bin/mysqltuner']
# fail2ban
if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
Log.debug(self, "Remove apt_packages variable of Fail2ban")
apt_packages = apt_packages + WOVariables.wo_fail2ban
else:
Log.error(self, "Fail2ban not found")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
Log.debug(self, "Remove apt_packages variable for ProFTPd")
apt_packages = apt_packages + ["proftpd-basic"]
else:
Log.error(self, "ProFTPd not found")
# WPCLI # WPCLI
if self.app.pargs.wpcli: if self.app.pargs.wpcli:
Log.debug(self, "Removing package variable of WPCLI ") Log.debug(self, "Removing package variable of WPCLI ")
@@ -1894,10 +2021,13 @@ class WOStackController(CementBaseController):
(not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and
(not self.app.pargs.adminer) and (not self.app.pargs.utils) and (not self.app.pargs.adminer) and (not self.app.pargs.utils) and
(not self.app.pargs.composer) and (not self.app.pargs.netdata) and (not self.app.pargs.composer) and (not self.app.pargs.netdata) and
(not self.app.pargs.fail2ban) and (not self.app.pargs.proftpd) and
(not self.app.pargs.security) and
(not self.app.pargs.all) and (not self.app.pargs.redis) and (not self.app.pargs.all) and (not self.app.pargs.redis) and
(not self.app.pargs.phpredisadmin)): (not self.app.pargs.phpredisadmin)):
self.app.pargs.web = True self.app.pargs.web = True
self.app.pargs.admin = True self.app.pargs.admin = True
self.app.pargs.security = True
if self.app.pargs.all: if self.app.pargs.all:
self.app.pargs.web = True self.app.pargs.web = True
@@ -1919,6 +2049,8 @@ class WOStackController(CementBaseController):
self.app.pargs.dashboard = True self.app.pargs.dashboard = True
self.app.pargs.phpredisadmin = True self.app.pargs.phpredisadmin = True
if self.app.pargs.security:
self.app.pargs.fail2ban = True
# NGINX # NGINX
if self.app.pargs.nginx: if self.app.pargs.nginx:
if WOAptGet.is_installed(self, 'nginx-custom'): if WOAptGet.is_installed(self, 'nginx-custom'):
@@ -1952,6 +2084,22 @@ class WOStackController(CementBaseController):
else: else:
Log.error(self, "Cannot Purge PHP 7.3. not found.") Log.error(self, "Cannot Purge PHP 7.3. not found.")
# fail2ban
if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'):
Log.debug(self, "Purge apt_packages variable of Fail2ban")
apt_packages = apt_packages + WOVariables.wo_fail2ban
else:
Log.error(self, "Fail2ban not found")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
Log.debug(self, "Purge apt_packages variable for ProFTPd")
apt_packages = apt_packages + ["proftpd-basic"]
else:
Log.error(self, "ProFTPd not found")
# WP-CLI # WP-CLI
if self.app.pargs.wpcli: if self.app.pargs.wpcli:
Log.debug(self, "Purge package variable WPCLI") Log.debug(self, "Purge package variable WPCLI")
@@ -2034,6 +2182,9 @@ class WOStackController(CementBaseController):
"libexec/netdata-" "libexec/netdata-"
"uninstaller.sh -y -f") "uninstaller.sh -y -f")
if (set(["fail2ban"]).issubset(set(apt_packages))):
WOService.stop_service(self, 'fail2ban')
if (apt_packages): if (apt_packages):
Log.info(self, "Purging packages, please wait...") Log.info(self, "Purging packages, please wait...")
WOAptGet.remove(self, apt_packages, purge=True) WOAptGet.remove(self, apt_packages, purge=True)

137
wo/cli/plugins/stack_services.py
View File

@@ -4,6 +4,7 @@ from wo.core.services import WOService
from wo.core.logging import Log from wo.core.logging import Log
from wo.core.variables import WOVariables from wo.core.variables import WOVariables
from wo.core.aptget import WOAptGet from wo.core.aptget import WOAptGet
import os
class WOStackStatusController(CementBaseController): class WOStackStatusController(CementBaseController):
@@ -12,11 +13,6 @@ class WOStackStatusController(CementBaseController):
stacked_on = 'stack' stacked_on = 'stack'
stacked_type = 'embedded' stacked_type = 'embedded'
description = 'Check the stack status' description = 'Check the stack status'
arguments = [
(['--memcached'],
dict(help='start/stop/restart memcached',
action='store_true')),
]
@expose(help="Start stack services") @expose(help="Start stack services")
def start(self): def start(self):
@@ -25,9 +21,9 @@ class WOStackStatusController(CementBaseController):
if not (self.app.pargs.nginx or self.app.pargs.php or if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or self.app.pargs.php73 or
self.app.pargs.mysql or self.app.pargs.mysql or
self.app.pargs.memcached or
self.app.pargs.redis or self.app.pargs.redis or
self.app.pargs.fail2ban or self.app.pargs.fail2ban or
self.app.pargs.proftpd or
self.app.pargs.netdata): self.app.pargs.netdata):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.php = True self.app.pargs.php = True
@@ -68,12 +64,6 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, " Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status") "Unable to check MySQL service status")
if self.app.pargs.memcached:
if WOAptGet.is_installed(self, 'memcached'):
services = services + ['memcached']
else:
Log.info(self, "Memcached is not installed")
if self.app.pargs.redis: if self.app.pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server'] services = services + ['redis-server']
@@ -82,10 +72,24 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
Log.info(self, "Netdata is not installed")
for service in services: for service in services:
Log.debug(self, "Starting service: {0}".format(service)) Log.debug(self, "Starting service: {0}".format(service))
WOService.start_service(self, service) WOService.start_service(self, service)
@@ -97,18 +101,22 @@ class WOStackStatusController(CementBaseController):
if not (self.app.pargs.nginx or self.app.pargs.php or if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or self.app.pargs.php73 or
self.app.pargs.mysql or self.app.pargs.mysql or
self.app.pargs.memcached or self.app.pargs.fail2ban or
self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis): self.app.pargs.redis):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.php = True self.app.pargs.php = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
# nginx
if self.app.pargs.nginx: if self.app.pargs.nginx:
if (WOAptGet.is_installed(self, 'nginx-custom')): if (WOAptGet.is_installed(self, 'nginx-custom')):
services = services + ['nginx'] services = services + ['nginx']
else: else:
Log.info(self, "Nginx is not installed") Log.info(self, "Nginx is not installed")
# php7.2
if self.app.pargs.php: if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
services = services + ['php7.2-fpm'] services = services + ['php7.2-fpm']
@@ -120,12 +128,14 @@ class WOStackStatusController(CementBaseController):
else: else:
Log.info(self, "PHP7.3-FPM is not installed") Log.info(self, "PHP7.3-FPM is not installed")
# php7.3
if self.app.pargs.php73: if self.app.pargs.php73:
if WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
services = services + ['php7.3-fpm'] services = services + ['php7.3-fpm']
else: else:
Log.info(self, "PHP7.3-FPM is not installed") Log.info(self, "PHP7.3-FPM is not installed")
# mysql
if self.app.pargs.mysql: if self.app.pargs.mysql:
if ((WOVariables.wo_mysql_host is "localhost") or if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")): (WOVariables.wo_mysql_host is "127.0.0.1")):
@@ -139,24 +149,34 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, " Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status") "Unable to check MySQL service status")
if self.app.pargs.memcached: # redis
if WOAptGet.is_installed(self, 'memcached'):
services = services + ['memcached']
else:
Log.info(self, "Memcached is not installed")
if self.app.pargs.redis: if self.app.pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server'] services = services + ['redis-server']
else: else:
Log.info(self, "Redis server is not installed") Log.info(self, "Redis server is not installed")
# fail2ban
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
Log.info(self, "Netdata is not installed")
for service in services: for service in services:
Log.debug(self, "Stopping service: {0}".format(service)) Log.debug(self, "Stopping service: {0}".format(service))
WOService.stop_service(self, service) WOService.stop_service(self, service)
@@ -168,7 +188,8 @@ class WOStackStatusController(CementBaseController):
if not (self.app.pargs.nginx or self.app.pargs.php or if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or self.app.pargs.php73 or
self.app.pargs.mysql or self.app.pargs.mysql or
self.app.pargs.memcached or self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or self.app.pargs.redis or
self.app.pargs.fail2ban): self.app.pargs.fail2ban):
self.app.pargs.nginx = True self.app.pargs.nginx = True
@@ -212,12 +233,6 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, " Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status") "Unable to check MySQL service status")
if self.app.pargs.memcached:
if WOAptGet.is_installed(self, 'memcached'):
services = services + ['memcached']
else:
Log.info(self, "Memcached is not installed")
if self.app.pargs.redis: if self.app.pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server'] services = services + ['redis-server']
@@ -226,10 +241,24 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
Log.info(self, "Netdata is not installed")
for service in services: for service in services:
Log.debug(self, "Restarting service: {0}".format(service)) Log.debug(self, "Restarting service: {0}".format(service))
WOService.restart_service(self, service) WOService.restart_service(self, service)
@@ -241,7 +270,8 @@ class WOStackStatusController(CementBaseController):
if not (self.app.pargs.nginx or self.app.pargs.php or if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or self.app.pargs.php73 or
self.app.pargs.mysql or self.app.pargs.mysql or
self.app.pargs.memcached or self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or self.app.pargs.redis or
self.app.pargs.fail2ban): self.app.pargs.fail2ban):
self.app.pargs.nginx = True self.app.pargs.nginx = True
@@ -284,12 +314,6 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, " Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status") "Unable to check MySQL service status")
if self.app.pargs.memcached:
if WOAptGet.is_installed(self, 'memcached'):
services = services + ['memcached']
else:
Log.info(self, "Memcached is not installed")
if self.app.pargs.redis: if self.app.pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server'] services = services + ['redis-server']
@@ -298,10 +322,24 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
Log.info(self, "Netdata is not installed")
for service in services: for service in services:
if WOService.get_service_status(self, service): if WOService.get_service_status(self, service):
Log.info(self, "{0:10}: {1}".format(service, "Running")) Log.info(self, "{0:10}: {1}".format(service, "Running"))
@@ -313,7 +351,8 @@ class WOStackStatusController(CementBaseController):
if not (self.app.pargs.nginx or self.app.pargs.php or if not (self.app.pargs.nginx or self.app.pargs.php or
self.app.pargs.php73 or self.app.pargs.php73 or
self.app.pargs.mysql or self.app.pargs.mysql or
self.app.pargs.memcached or self.app.pargs.netdata or
self.app.pargs.proftpd or
self.app.pargs.redis or self.app.pargs.redis or
self.app.pargs.fail2ban): self.app.pargs.fail2ban):
self.app.pargs.nginx = True self.app.pargs.nginx = True
@@ -357,12 +396,6 @@ class WOStackStatusController(CementBaseController):
Log.warn(self, "Remote MySQL found, " Log.warn(self, "Remote MySQL found, "
"Unable to check MySQL service status") "Unable to check MySQL service status")
if self.app.pargs.memcached:
if WOAptGet.is_installed(self, 'memcached'):
services = services + ['memcached']
else:
Log.info(self, "Memcached is not installed")
if self.app.pargs.redis: if self.app.pargs.redis:
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
services = services + ['redis-server'] services = services + ['redis-server']
@@ -371,10 +404,24 @@ class WOStackStatusController(CementBaseController):
if self.app.pargs.fail2ban: if self.app.pargs.fail2ban:
if WOAptGet.is_installed(self, 'fail2ban'): if WOAptGet.is_installed(self, 'fail2ban'):
services = services + ['fail2ban-client'] services = services + ['fail2ban']
else: else:
Log.info(self, "fail2ban is not installed") Log.info(self, "fail2ban is not installed")
# proftpd
if self.app.pargs.proftpd:
if WOAptGet.is_installed(self, 'proftpd-basic'):
services = services + ['proftpd']
else:
Log.info(self, "ProFTPd is not installed")
# netdata
if self.app.pargs.netdata:
if os.path.isdir("/opt/netdata"):
services = services + ['netdata']
else:
Log.info(self, "Netdata is not installed")
for service in services: for service in services:
Log.debug(self, "Reloading service: {0}".format(service)) Log.debug(self, "Reloading service: {0}".format(service))
WOService.reload_service(self, service) WOService.reload_service(self, service)

56
wo/cli/plugins/stack_upgrade.py
View File

@@ -38,6 +38,10 @@ class WOStackUpgradeController(CementBaseController):
dict(help='Upgrade Redis', action='store_true')), dict(help='Upgrade Redis', action='store_true')),
(['--netdata'], (['--netdata'],
dict(help='Upgrade Netdata', action='store_true')), dict(help='Upgrade Netdata', action='store_true')),
(['--composer'],
dict(help='Upgrade Composer', action='store_true')),
(['--phpmyadmin'],
dict(help='Upgrade phpMyAdmin', action='store_true')),
(['--no-prompt'], (['--no-prompt'],
dict(help="Upgrade Packages without any prompt", dict(help="Upgrade Packages without any prompt",
action='store_true')), action='store_true')),
@@ -83,7 +87,9 @@ class WOStackUpgradeController(CementBaseController):
if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and
(not self.app.pargs.php) and (not self.app.pargs.mysql) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and
(not self.app.pargs.all) and (not self.app.pargs.wpcli) and (not self.app.pargs.all) and (not self.app.pargs.wpcli) and
(not self.app.pargs.netdata) and (not self.app.pargs.redis)): (not self.app.pargs.netdata) and (not self.app.pargs.composer) and
(not self.app.pargs.phpmyadmin) and
(not self.app.pargs.redis)):
self.app.pargs.web = True self.app.pargs.web = True
if self.app.pargs.all: if self.app.pargs.all:
@@ -144,6 +150,26 @@ class WOStackUpgradeController(CementBaseController):
'kickstart-static64.sh', 'kickstart-static64.sh',
'/var/lib/wo/tmp/kickstart.sh', '/var/lib/wo/tmp/kickstart.sh',
'Netdata']] 'Netdata']]
if self.app.pargs.phpmyadmin:
if os.path.isdir('/var/www/22222/htdocs/db/pma'):
packages = packages + \
[["https://files.phpmyadmin.net"
"/phpMyAdmin/{0}/"
"phpMyAdmin-{0}-"
"all-languages"
".zip".format(WOVariables.wo_phpmyadmin),
"/var/lib/wo/tmp/pma.tar.gz",
"PHPMyAdmin"]]
else:
Log.error(self, "phpMyAdmin isn't installed")
if self.app.pargs.composer:
if os.path.isfile('/usr/local/bin/composer'):
packages = packages + [["https://getcomposer.org/installer",
"/var/lib/wo/tmp/composer-install",
"Composer"]]
else:
Log.error(self, "Composer isn't installed")
if len(packages) or len(apt_packages): if len(packages) or len(apt_packages):
@@ -191,6 +217,34 @@ class WOStackUpgradeController(CementBaseController):
"kickstart.sh " "kickstart.sh "
"--dont-wait") "--dont-wait")
if self.app.pargs.composer:
Log.info(self, "Upgrading Composer, please wait...")
WOShellExec.cmd_exec(self, "php -q /var/lib/wo"
"/tmp/composer-install "
"--install-dir=/var/lib/wo/tmp/")
shutil.copyfile('/var/lib/wo/tmp/composer.phar',
'/usr/local/bin/composer')
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
if self.app.pargs.phpmyadmin:
Log.info(self, "Upgrading phpMyAdmin, please wait...")
WOExtract.extract(
self, '/var/lib/wo/tmp/pma.tar.gz', '/var/lib/wo/tmp/')
shutil.copyfile('{0}22222/htdocs/db/pma'
'/config.inc.php'
.format(WOVariables.wo_webroot),
'/var/lib/wo/tmp/phpMyAdmin-{0}'
'-all-languages/config.inc.php'
.format(WOVariables.wo_phpmyadmin)
)
WOFileUtils.remove(self, '{0}22222/htdocs/db/pma'
.format(WOVariables.wo_webroot))
shutil.move('/var/lib/wo/tmp/phpMyAdmin-{0}'
'-all-languages/'
.format(WOVariables.wo_phpmyadmin),
'{0}22222/htdocs/db/pma/'
.format(WOVariables.wo_webroot))
Log.info(self, "Successfully updated packages") Log.info(self, "Successfully updated packages")
else: else:
self.app.args.print_help() self.app.args.print_help()

73
wo/cli/plugins/update.py
View File

@@ -25,6 +25,9 @@ class WOUpdateController(CementBaseController):
(['--preserve'], (['--preserve'],
dict(help='Preserve current Nginx configuration', dict(help='Preserve current Nginx configuration',
action='store_true')), action='store_true')),
(['--beta'],
dict(help='Update WordOps to latest beta release',
action='store_true')),
(['--travis'], (['--travis'],
dict(help='Argument used only for WordOps development', dict(help='Argument used only for WordOps development',
action='store_true')), action='store_true')),
@@ -36,51 +39,33 @@ class WOUpdateController(CementBaseController):
filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S") filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S")
if self.app.pargs.travis: if self.app.pargs.travis:
WODownload.download(self, [["https://raw.githubusercontent.com/" wo_branch = "updating-configuration"
"WordOps/WordOps/updating-configuration/install", install_args = "--travis --force "
"/tmp/{0}".format(filename), elif self.app.pargs.beta:
"update script"]]) wo_branch = "beta"
try: install_args = ""
Log.info(self, "updating WordOps, please wait...")
os.system("bash /tmp/{0} --travis --force".format(filename))
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
else: else:
WODownload.download(self, [["https://raw.githubusercontent.com/" wo_branch = "master "
"WordOps/WordOps/master/install", install_args = ""
"/tmp/{0}".format(filename), if self.app.pargs.force:
"update script"]]) install_args = install_args + "--force "
if self.app.pargs.force: if self.app.pargs.preserve:
try: install_args = install_args + "--preserve "
Log.info(self, "updating WordOps, please wait...")
os.system("bash /tmp/{0} --force".format(filename)) WODownload.download(self, [["https://raw.githubusercontent.com/"
except OSError as e: "WordOps/WordOps/{0}/install"
Log.debug(self, str(e)) .format(wo_branch),
Log.error(self, "WordOps update failed !") "/var/lib/wo/tmp/{0}".format(filename),
except Exception as e: "update script"]])
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !") try:
elif self.app.pargs.preserve: Log.info(self, "updating WordOps, please wait...")
try: os.system("/bin/bash /var/lib/wo/tmp/{0} "
Log.info(self, "updating WordOps, please wait...") "-b {1} {2}".format(filename,
os.system("bash /tmp/{0} --preserve".format(filename)) wo_branch, install_args))
except OSError as e: except OSError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.error(self, "WordOps update failed !") Log.error(self, "WordOps update failed !")
except Exception as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
else:
try:
Log.info(self, "updating WordOps, please wait...")
os.system("bash /tmp/{0}".format(filename))
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
except Exception as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
def load(app): def load(app):

2
wo/cli/templates/fail2ban.mustache
View File

@@ -17,7 +17,7 @@ maxretry = 5
[nginx-forbidden] [nginx-forbidden]
enabled = true enabled = true
filter = nginx-forbidden filter = nginx-forbidden
port = http,https action = iptables-multiport[name="wo-wordpress", port="http,https"]
logpath = /var/log/nginx/*error*.log logpath = /var/log/nginx/*error*.log
findtime = 60 findtime = 60
bantime = 6000 bantime = 6000

16
wo/cli/templates/wpcommon-php7.mustache
View File

@@ -40,6 +40,22 @@ location /wp-content/uploads {
deny all; deny all;
} }
} }
# webp rewrite rules for EWWW testing image
location /wp-content/plugins/ewww-image-optimizer/images {
location ~ \.(png|jpe?g)$ {
add_header Vary "Accept-Encoding";
add_header "Access-Control-Allow-Origin" "*";
add_header Cache-Control "public, no-transform";
access_log off;
log_not_found off;
expires max;
try_files $uri$webp_suffix $uri =404;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Deny access to any files with a .php extension in the uploads directory # Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network # Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)

20
wo/cli/templates/wpcommon.mustache
View File

@@ -21,7 +21,7 @@ location = /robots.txt {
} }
# fallback for robots.txt with default wordpress rules # fallback for robots.txt with default wordpress rules
location @robots { location @robots {
return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n"; return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n";
} }
# webp rewrite rules for jpg and png images # webp rewrite rules for jpg and png images
# try to load alternative image.png.webp before image.png # try to load alternative image.png.webp before image.png
@@ -36,7 +36,23 @@ location /wp-content/uploads {
try_files $uri$webp_suffix $uri =404; try_files $uri$webp_suffix $uri =404;
} }
location ~ \.php$ { location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers #Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# webp rewrite rules for EWWW testing image
location /wp-content/plugins/ewww-image-optimizer/images {
location ~ \.(png|jpe?g)$ {
add_header Vary "Accept-Encoding";
add_header "Access-Control-Allow-Origin" "*";
add_header Cache-Control "public, no-transform";
access_log off;
log_not_found off;
expires max;
try_files $uri$webp_suffix $uri =404;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all; deny all;
} }
} }

378
wo/core/variables.py
View File

@@ -1,186 +1,192 @@
"""WordOps core variable module""" """WordOps core variable module"""
import platform import platform
import socket import socket
import configparser import configparser
import os import os
import psutil import psutil
import datetime import datetime
class WOVariables(): class WOVariables():
"""Intialization of core variables""" """Intialization of core variables"""
# WordOps version # WordOps version
wo_version = "3.9.5.4" wo_version = "3.9.6"
# WordOps packages versions # WordOps packages versions
wo_wp_cli = "2.2.0" wo_wp_cli = "2.2.0"
wo_adminer = "4.7.1" wo_adminer = "4.7.1"
wo_phpmyadmin = "4.9.0.1"
# Get WPCLI path
wo_wpcli_path = os.popen('command -v wp | tr "\n" " "').read() # Get WPCLI path
if wo_wpcli_path == '': wo_wpcli_path = os.popen('command -v wp | tr "\n" " "').read()
wo_wpcli_path = '/usr/local/bin/wp ' if wo_wpcli_path == '':
wo_wpcli_path = '/usr/local/bin/wp '
# get wan network interface name
wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " # get wan network interface name
"grep -oP \"dev [^[:space:]]+ \" " wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | "
"| cut -d ' ' -f 2").read() "grep -oP \"dev [^[:space:]]+ \" "
if wo_wan == '': "| cut -d ' ' -f 2").read()
wo_wan = 'eth0' if wo_wan == '':
wo_wan = 'eth0'
# Current date and time of System
wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S') # Current date and time of System
wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S')
# WordOps core variables
wo_platform_distro = os.popen("lsb_release -si " # WordOps core variables
"| tr -d \'\\n\'").read().lower() wo_platform_distro = os.popen("lsb_release -si "
wo_platform_version = platform.linux_distribution()[1] "| tr -d \'\\n\'").read().lower()
wo_platform_codename = os.popen("lsb_release -sc | tr -d \'\\n\'").read() wo_platform_version = platform.linux_distribution()[1]
wo_platform_codename = os.popen("lsb_release -sc | tr -d \'\\n\'").read()
# Get timezone of system
if os.path.isfile('/etc/timezone'): # Get timezone of system
with open("/etc/timezone", "r") as tzfile: if os.path.isfile('/etc/timezone'):
wo_timezone = tzfile.read().replace('\n', '') with open("/etc/timezone", "r") as tzfile:
if wo_timezone == "Etc/UTC": wo_timezone = tzfile.read().replace('\n', '')
wo_timezone = "UTC" if wo_timezone == "Etc/UTC":
else: wo_timezone = "UTC"
wo_timezone = "Europe/Amsterdam" else:
wo_timezone = "Europe/Amsterdam"
# Get FQDN of system
wo_fqdn = socket.getfqdn() # Get FQDN of system
wo_fqdn = socket.getfqdn()
# WordOps default webroot path
wo_webroot = '/var/www/' # WordOps default webroot path
wo_webroot = '/var/www/'
# WordOps default renewal SSL certificates path
wo_ssl_archive = '/etc/letsencrypt/renewal' # WordOps default renewal SSL certificates path
wo_ssl_archive = '/etc/letsencrypt/renewal'
# WordOps default live SSL certificates path
wo_ssl_live = '/etc/letsencrypt/live' # WordOps default live SSL certificates path
wo_ssl_live = '/etc/letsencrypt/live'
# PHP user
wo_php_user = 'www-data' # PHP user
wo_php_user = 'www-data'
# Get git user name and EMail
config = configparser.ConfigParser() # Get git user name and EMail
config.read(os.path.expanduser("~")+'/.gitconfig') config = configparser.ConfigParser()
try: config.read(os.path.expanduser("~")+'/.gitconfig')
wo_user = config['user']['name'] try:
wo_email = config['user']['email'] wo_user = config['user']['name']
except Exception as e: wo_email = config['user']['email']
wo_user = input("Enter your name: ") except Exception as e:
wo_email = input("Enter your email: ") wo_user = input("Enter your name: ")
os.system("/usr/bin/git config --global user.name {0}".format(wo_user)) wo_email = input("Enter your email: ")
os.system( os.system("/usr/bin/git config --global user.name {0}".format(wo_user))
"/usr/bin/git config --global user.email {0}".format(wo_email)) os.system(
"/usr/bin/git config --global user.email {0}".format(wo_email))
# MySQL hostname
wo_mysql_host = "" # MySQL hostname
config = configparser.RawConfigParser() wo_mysql_host = ""
if os.path.exists('/etc/mysql/conf.d/my.cnf'): config = configparser.RawConfigParser()
cnfpath = "/etc/mysql/conf.d/my.cnf" if os.path.exists('/etc/mysql/conf.d/my.cnf'):
else: cnfpath = "/etc/mysql/conf.d/my.cnf"
cnfpath = os.path.expanduser("~")+"/.my.cnf" else:
if [cnfpath] == config.read(cnfpath): cnfpath = os.path.expanduser("~")+"/.my.cnf"
try: if [cnfpath] == config.read(cnfpath):
wo_mysql_host = config.get('client', 'host') try:
except configparser.NoOptionError as e: wo_mysql_host = config.get('client', 'host')
wo_mysql_host = "localhost" except configparser.NoOptionError as e:
else: wo_mysql_host = "localhost"
wo_mysql_host = "localhost" else:
wo_mysql_host = "localhost"
# WordOps stack installation variables
# Nginx repo and packages # WordOps stack installation variables
if wo_platform_distro == 'ubuntu': # Nginx repo and packages
if wo_platform_codename == 'trusty': if wo_platform_distro == 'ubuntu':
wo_nginx_repo = ("deb http://download.opensuse.org" if wo_platform_codename == 'trusty':
"/repositories/home:" wo_nginx_repo = ("deb http://download.opensuse.org"
"/virtubox:/WordOps/xUbuntu_14.04/ /") "/repositories/home:"
else: "/virtubox:/WordOps/xUbuntu_14.04/ /")
wo_nginx_repo = "ppa:wordops/nginx-wo" else:
elif wo_platform_distro == 'debian': wo_nginx_repo = "ppa:wordops/nginx-wo"
if wo_platform_codename == 'jessie': elif wo_platform_distro == 'debian':
wo_nginx_repo = ("deb http://download.opensuse.org" if wo_platform_codename == 'jessie':
"/repositories/home:" wo_nginx_repo = ("deb http://download.opensuse.org"
"/virtubox:/WordOps/Debian_8.0/ /") "/repositories/home:"
elif wo_platform_codename == 'stretch': "/virtubox:/WordOps/Debian_8.0/ /")
wo_nginx_repo = ("deb http://download.opensuse.org" elif wo_platform_codename == 'stretch':
"/repositories/home:" wo_nginx_repo = ("deb http://download.opensuse.org"
"/virtubox:/WordOps/Debian_9.0/ /") "/repositories/home:"
else: "/virtubox:/WordOps/Debian_9.0/ /")
wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" elif wo_platform_codename == 'buster':
"/virtubox:/WordOps/Raspbian_9.0/ /") wo_nginx_repo = ("deb http://download.opensuse.org"
"/repositories/home:"
wo_nginx = ["nginx-custom", "nginx-wo"] "/virtubox:/WordOps/Debian_10/ /")
wo_nginx_key = '188C9FB063F0247A' else:
wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:"
# PHP repo and packages "/virtubox:/WordOps/Raspbian_9.0/ /")
if wo_platform_distro == 'ubuntu':
wo_php_repo = "ppa:ondrej/php" wo_nginx = ["nginx-custom", "nginx-wo"]
wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", wo_nginx_key = '188C9FB063F0247A'
"php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.2-cli", "php7.2-mbstring", # PHP repo and packages
"php7.2-bcmath", "php7.2-mysql", "php7.2-opcache", if wo_platform_distro == 'ubuntu':
"php7.2-zip", "php7.2-xml", "php7.2-soap"] wo_php_repo = "ppa:ondrej/php"
wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap", wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap",
"php7.3-readline", "php7.3-common", "php7.3-recode", "php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.3-cli", "php7.3-mbstring", "php7.2-cli", "php7.2-mbstring",
"php7.3-bcmath", "php7.3-mysql", "php7.3-opcache", "php7.2-bcmath", "php7.2-mysql", "php7.2-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"] "php7.2-zip", "php7.2-xml", "php7.2-soap"]
wo_php_extra = ["php-memcached", "php-imagick", wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap",
"graphviz", "php-xdebug", "php-msgpack", "php-redis"] "php7.3-readline", "php7.3-common", "php7.3-recode",
wo_php_key = '' "php7.3-cli", "php7.3-mbstring",
else: "php7.3-bcmath", "php7.3-mysql", "php7.3-opcache",
wo_php_repo = ( "php7.3-zip", "php7.3-xml", "php7.3-soap"]
"deb https://packages.sury.org/php/ {codename} main" wo_php_extra = ["php-memcached", "php-imagick",
.format(codename=wo_platform_codename)) "graphviz", "php-xdebug", "php-msgpack", "php-redis"]
wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", wo_php_key = ''
"php7.2-readline", "php7.2-common", "php7.2-recode", else:
"php7.2-cli", "php7.2-mbstring", wo_php_repo = (
"php7.2-bcmath", "php7.2-mysql", "php7.2-opcache", "deb https://packages.sury.org/php/ {codename} main"
"php7.2-zip", "php7.2-xml", "php7.2-soap"] .format(codename=wo_platform_codename))
wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap", wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap",
"php7.3-readline", "php7.3-common", "php7.3-recode", "php7.2-readline", "php7.2-common", "php7.2-recode",
"php7.3-cli", "php7.3-mbstring", "php7.2-cli", "php7.2-mbstring",
"php7.3-bcmath", "php7.3-mysql", "php7.3-opcache", "php7.2-bcmath", "php7.2-mysql", "php7.2-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"] "php7.2-zip", "php7.2-xml", "php7.2-soap"]
wo_php_extra = ["php-memcached", "php-imagick", wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap",
"graphviz", "php-xdebug", "php-msgpack", "php-redis"] "php7.3-readline", "php7.3-common", "php7.3-recode",
"php7.3-cli", "php7.3-mbstring",
wo_php_key = 'AC0E47584A7A714D' "php7.3-bcmath", "php7.3-mysql", "php7.3-opcache",
"php7.3-zip", "php7.3-xml", "php7.3-soap"]
# MySQL repo and packages wo_php_extra = ["php-memcached", "php-imagick",
if wo_platform_distro == 'ubuntu': "graphviz", "php-xdebug", "php-msgpack",
wo_mysql_repo = ("deb [arch=amd64,ppc64el] " "php-redis", "php-mysql"]
"http://sfo1.mirrors.digitalocean.com/mariadb/repo/"
"10.3/ubuntu {codename} main" wo_php_key = 'AC0E47584A7A714D'
.format(codename=wo_platform_codename))
else: # MySQL repo and packages
wo_mysql_repo = ("deb [arch=amd64,ppc64el] " if wo_platform_distro == 'ubuntu':
"http://sfo1.mirrors.digitalocean.com/mariadb/repo/" wo_mysql_repo = ("deb [arch=amd64,ppc64el] "
"10.3/debian {codename} main" "http://sfo1.mirrors.digitalocean.com/mariadb/repo/"
.format(codename=wo_platform_codename)) "10.3/ubuntu {codename} main"
wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] .format(codename=wo_platform_codename))
else:
wo_fail2ban = "fail2ban" wo_mysql_repo = ("deb [arch=amd64,ppc64el] "
"http://sfo1.mirrors.digitalocean.com/mariadb/repo/"
# Redis repo details "10.3/debian {codename} main"
if wo_platform_distro == 'ubuntu': .format(codename=wo_platform_codename))
wo_redis_repo = ("ppa:chris-lea/redis-server") wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"]
else: wo_fail2ban = ["fail2ban", "python3-pyinotify"]
wo_redis_repo = ("deb https://packages.sury.org/php/ {codename} all"
.format(codename=wo_platform_codename)) # Redis repo details
if wo_platform_distro == 'ubuntu':
wo_redis = ['redis-server', 'php-redis'] wo_redis_repo = ("ppa:chris-lea/redis-server")
# Repo path else:
wo_repo_file = "wo-repo.list" wo_redis_repo = ("deb https://packages.sury.org/php/ {codename} all"
wo_repo_file_path = ("/etc/apt/sources.list.d/" + wo_repo_file) .format(codename=wo_platform_codename))
# Application dabase file path wo_redis = ['redis-server', 'php-redis']
basedir = os.path.abspath(os.path.dirname('/var/lib/wo/'))
wo_db_uri = 'sqlite:///' + os.path.join(basedir, 'dbase.db') # Repo path
wo_repo_file = "wo-repo.list"
def __init__(self): wo_repo_file_path = ("/etc/apt/sources.list.d/" + wo_repo_file)
pass
# Application dabase file path
basedir = os.path.abspath(os.path.dirname('/var/lib/wo/'))
wo_db_uri = 'sqlite:///' + os.path.join(basedir, 'dbase.db')
def __init__(self):
pass