Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add site_url_https to change site url with le

Browse Source
This commit is contained in:
VirtuBox
2019-07-25 23:30:33 +02:00
parent 7142d19c5c
commit 71ee3c68d8
2 changed files with 61 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
install
View File

@@ -7,10 +7,10 @@
# Copyright (c) 2019 - WordOps # Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T # This script is licensed under M.I.T
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.6 - 2019-07-24 # Version 3.9.6.3 - 2019-07-25
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.6.2" readonly wo_version_new="3.9.6.3"
# CONTENTS # CONTENTS
# --- # ---
# 1. VARIABLES AND DECLARATIONS # 1. VARIABLES AND DECLARATIONS
@@ -653,12 +653,14 @@ wo_tweak_kernel() {
# apply sysctl tweaks # apply sysctl tweaks
sysctl -e -p /etc/sysctl.d/60-wo-tweaks.conf sysctl -e -p /etc/sysctl.d/60-wo-tweaks.conf
if [ ! -x /opt/wo-kernel.sh ]; then if [ ! -x /opt/wo-kernel.sh ]; then
{
# download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup
wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache
chmod +x /opt/wo-kernel.sh chmod +x /opt/wo-kernel.sh
wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache
systemctl enable wo-kernel.service systemctl enable wo-kernel.service
systemctl start wo-kernel.service systemctl start wo-kernel.service
} >> /var/log/wo/install.log 2>&1
fi fi
fi fi

94
wo/cli/plugins/site_functions.py
View File

@@ -676,6 +676,31 @@ def installwp_plugin(self, plugin_name, data):
return 1 return 1
def site_url_https(self, site_webroot='', wo_domain=''):
Log.info(self, "Checking if site url already use https, please wait...")
WOFileUtils.chdir(self, '{0}/htdocs/'.format(site_webroot))
test_site_url = WOShellExec.cmd_exec(self, "php {0} option get siteurl "
.format(WOVariables.wo_wpcli_path) +
"--allow-root --quiet").split(":")
if not test_site_url[0] == "https":
try:
WOShellExec.cmd_exec(self, "php {0} option update siteurl "
"\"https://{1}\" --allow-root".format(
WOVariables.wo_wpcli_path, wo_domain))
WOShellExec.cmd_exec(self, "php {0} option update home "
"\"https://{1}\" --allow-root".format(
WOVariables.wo_wpcli_path, wo_domain))
except CommandExecutionError as e:
Log.debug(self, "{0}".format(e))
raise SiteError("plugin activation failed")
Log.info(
self, "Site address updated "
"successfully to https://{0}".format(wo_domain))
else:
Log.info(
self, "Site address was already using https")
def uninstallwp_plugin(self, plugin_name, data): def uninstallwp_plugin(self, plugin_name, data):
wo_site_webroot = data['webroot'] wo_site_webroot = data['webroot']
Log.debug(self, "Uninstalling plugin {0}, please wait..." Log.debug(self, "Uninstalling plugin {0}, please wait..."
@@ -1331,7 +1356,6 @@ def removeAcmeConf(self, domain):
WOFileUtils.rm(self, '/etc/nginx/conf.d/force-ssl-{0}.conf.disabled' WOFileUtils.rm(self, '/etc/nginx/conf.d/force-ssl-{0}.conf.disabled'
.format(domain)) .format(domain))
WOGit.add(self, ["/etc/letsencrypt"], WOGit.add(self, ["/etc/letsencrypt"],
msg="Deleted {0} " msg="Deleted {0} "
.format(domain)) .format(domain))
@@ -1380,10 +1404,13 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
'keylength')) 'keylength'))
if wo_dns: if wo_dns:
acme_mode = "--dns {0}".format(wo_acme_dns) acme_mode = "--dns {0}".format(wo_acme_dns)
Log.debug(
self, "Validation : DNS mode with {0}".format(wo_acme_dns))
else: else:
acme_mode = "-w /var/www/html" acme_mode = "-w /var/www/html"
Log.info(self, "Issuing SSL cert with acme.sh") Log.debug(self, "Validation : Webroot mode")
if subdomain: if subdomain:
Log.info(self, "Issuing subdomain SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
@@ -1394,6 +1421,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
acme_mode, acme_mode,
keylenght)) keylenght))
elif wildcard: elif wildcard:
Log.info(self, "Issuing Wildcard SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
@@ -1404,6 +1432,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
wo_acme_dns, wo_acme_dns,
keylenght)) keylenght))
else: else:
Log.info(self, "Issuing domain SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
@@ -1413,25 +1442,26 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
.format(wo_domain_name, .format(wo_domain_name,
acme_mode, keylenght)) acme_mode, keylenght))
if ssl: if ssl:
Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
try: try:
Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Cert deployment for domain: {0}" WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
.format(wo_domain_name)) "/etc/letsencrypt/acme.sh "
sslsetup = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " "--config-home "
"/etc/letsencrypt/acme.sh " "'/etc/letsencrypt/config' "
"--config-home " "--install-cert -d {1} --ecc "
"'/etc/letsencrypt/config' " "--cert-file {0}/{1}/cert.pem "
"--install-cert -d {1} --ecc " "--key-file {0}/{1}/key.pem "
"--cert-file {0}/{1}/cert.pem " "--fullchain-file "
"--key-file {0}/{1}/key.pem " "{0}/{1}/fullchain.pem "
"--fullchain-file " "--ca-file {0}/{1}/ca.pem "
"{0}/{1}/fullchain.pem " "--reloadcmd "
"--ca-file {0}/{1}/ca.pem " "\"nginx -t && "
"--reloadcmd " "service nginx restart\" "
"\"nginx -t && " .format(WOVariables.wo_ssl_live,
"service nginx restart\" " wo_domain_name))
.format(WOVariables.wo_ssl_live,
wo_domain_name))
Log.info( Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf" self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name)) .format(wo_domain_name))
@@ -1447,7 +1477,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False,
"ssl_stapling_verify on;\n" "ssl_stapling_verify on;\n"
.format(WOVariables.wo_ssl_live, wo_domain_name)) .format(WOVariables.wo_ssl_live, wo_domain_name))
sslconf.close() sslconf.close()
#updateSiteInfo(self, wo_domain_name, ssl=True) # updateSiteInfo(self, wo_domain_name, ssl=True)
WOGit.add(self, ["/etc/letsencrypt"], WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder") msg="Adding letsencrypt folder")
@@ -1475,7 +1505,7 @@ def renewLetsEncrypt(self, wo_domain_name):
"--renew -d {0} --ecc --force" "--renew -d {0} --ecc --force"
.format(wo_domain_name)) .format(wo_domain_name))
mail_list = '' # mail_list = ''
if not ssl: if not ssl:
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!",
False) False)
@@ -1609,11 +1639,10 @@ def archivedCertificateHandle(self, domain):
"{1}_ecc/{1}.conf)".format(WOVariables.wo_ssl_archive, domain) + "{1}_ecc/{1}.conf)".format(WOVariables.wo_ssl_archive, domain) +
"\nPlease select an option from below?" "\nPlease select an option from below?"
"\n\t1: Reinstall existing certificate" "\n\t1: Reinstall existing certificate"
"\n\t2: Keep the existing certificate for now" "\n\t2: Renew & replace the certificate (limit ~5 per 7 days)"
"\n\t3: Renew & replace the certificate (limit ~5 per 7 days)"
"") "")
check_prompt = input( check_prompt = input(
"\nType the appropriate number [1-3] or any other key to cancel: ") "\nType the appropriate number [1-2] or any other key to cancel: ")
if not os.path.isfile("{0}/{1}/fullchain.pem" if not os.path.isfile("{0}/{1}/fullchain.pem"
.format(WOVariables.wo_ssl_live, domain)): .format(WOVariables.wo_ssl_live, domain)):
Log.error( Log.error(
@@ -1621,7 +1650,7 @@ def archivedCertificateHandle(self, domain):
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
if check_prompt == "1": if check_prompt == "1":
Log.info(self, "Issuing SSL cert with acme.sh") Log.info(self, "Reinstalling SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh " "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
@@ -1633,7 +1662,7 @@ def archivedCertificateHandle(self, domain):
"{0}/{1}/fullchain.pem " "{0}/{1}/fullchain.pem "
"--ca-file {0}/{1}/ca.pem " "--ca-file {0}/{1}/ca.pem "
"--reloadcmd " "--reloadcmd "
"\"service nginx restart\" " "\"nginx -t && service nginx restart\" "
.format(WOVariables.wo_ssl_live, .format(WOVariables.wo_ssl_live,
domain)) domain))
if ssl: if ssl:
@@ -1665,15 +1694,6 @@ def archivedCertificateHandle(self, domain):
"ssl.conf") "ssl.conf")
elif (check_prompt == "2"): elif (check_prompt == "2"):
Log.info(self, "Using Existing Certificate files")
if not os.path.isfile("{0}/{1}/fullchain.pem"
.format(WOVariables.wo_ssl_live, domain)):
Log.error(self, "Certificate files not found. Skipping.\n"
"Please check if following file exist"
"\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t"
"/etc/letsencrypt/live/{0}/key.pem".format(domain))
elif (check_prompt == "3"):
Log.info(self, "Issuing SSL cert with acme.sh") Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
@@ -1698,7 +1718,7 @@ def archivedCertificateHandle(self, domain):
"ssl_trusted_certificate " "ssl_trusted_certificate "
"{0}/{1}/ca.pem;\n" "{0}/{1}/ca.pem;\n"
"--reloadcmd " "--reloadcmd "
"\"service nginx restart\" " "\"nginx -t && service nginx restart\" "
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
except IOError as e: except IOError as e: