diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..d52fc3e --- /dev/null +++ b/.gitattributes @@ -0,0 +1,39 @@ +# Auto detect text files and perform LF normalization +* text=auto + +# Documents +*.md text +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text +*.tab text +*.tsv text +*.txt text +*.sql text + +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.sh text eol=lf + +# Source files +# ============ +*.pxd text diff=python +*.py text diff=python +*.py3 text diff=python +*.pyc text diff=python +*.pyd text diff=python +*.pyo text diff=python +*.pyw text diff=python +*.pyx text diff=python +*.pyz text diff=python + + +# +# Exclude files from exporting +# + +.gitattributes export-ignore +.gitignore export-ignore \ No newline at end of file diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index 53ae6b1..0000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: CI - -on: [push] - -jobs: - build: - - runs-on: ubuntu-18.04 - - steps: - - uses: actions/checkout@v1 - - name: Prepare VM - run: | - unset LANG - sudo apt update -qq - sudo LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/php -y - sudo apt-get -qq purge graphviz* redis* - sudo apt-get install -qq git python3-setuptools python3-dev python3-apt ccze tree - sudo apt-get -qq autoremove --purge - sudo mkdir -p /etc/mysql/conf.d - echo -e '[client]\nuser = root\npassword = root\n' | sudo tee /etc/mysql/conf.d/my.cnf - - name: Install WordOps - run: sudo timeout 1800 bash install --travis - - name: Run tests - run: sudo timeout 1800 bash tests/travis.sh --actions diff --git a/.travis.yml b/.travis.yml index 64c9c5f..7880919 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,10 +1,9 @@ sudo: required -dist: xenial +dist: bionic language: bash notifications: - slack: wordops:MyZBNbI7JfhbAi3YyFckMdaa webhooks: secure: "JiGtzYplTyFg/L6Rsi7ptEQIV29O5qCWU2Zf5pLITsQrBrQO4cIXXp9G4Z+cenXjfIiqbqIgU0US3zXeIAl4g14xdfzmMYeMMwuKBpI8afMYv8MD6ldoP0MTFHQfROE6OXxKLVUvZn1R0oLLU1fzVSI0qGjNkt20cf/Lrt/reH/zS5hAI92kWI3u2zPu7Zn/g/a8MO/Y3Iv7v1PSQaVkVJVqtOK3U2GJqhIv2G1AVcaPb7Nh/V2zm2dDYBVT0UotBnlBUcUXbEMP77D9pjtWXd1/0rWuJIHixMjwUybpZqY75UMee5INynU6OZRsv029LRHAIMkWhfBkdVN/U5jhQJzui14+vRQrb5nfUMG8Cd8INojDlu6dk/ps2GzTCCXBITeMQKAouUoHD2LEbsNp17xi1K4ZlKb3+0lrOAiS4JYFE6wOo4yMlLTYoquYSqk7AuxuUS8A5OD5MYxhk9uafiTSxKFOo39KYWTSaACsPD8q1swaTSjoYm9skyZvIkIFq5bHBCYEGFe6X/NY9l5tz3hSe+TJOerCHsg+dXVuQl+pIp5nw2as9TH9ox5Vgqc9Zh4GbTDQVvdAmUpmlsZ/SKoOMCkmkB1aRNFq/7RnERIJyAEGJbauHWmjtOM4cCxesl0L0b2Eab89zQpSn7pzE8JTiJgpzCUc22p653PTaqM=" @@ -22,15 +21,15 @@ before_script: - sudo rm -rf /etc/mysql - sudo bash -c 'echo example.com > /etc/hostname' - unset LANG + - sudo apt-get update --allow-releaseinfo-change -qq - sudo apt-get -qq purge mysql* graphviz* redis* - sudo apt-get install -qq git python3-setuptools python3-dev python3-apt ccze tree - sudo apt-get -qq autoremove --purge after_script: - - sudo cat /var/log/wo/test.log | ccze -A -p syslog + - sudo cat /var/log/wo/install.log | ccze -A -p syslog - sudo bash install --purge - - sudo curl --progress-bar --upload-file /var/log/wo/wordops.log https://transfer.vtbox.net/"$(basename wordops.log)" && echo "" | sudo tee -a $HOME/.transfer.log && echo "" script: diff --git a/CHANGELOG.md b/CHANGELOG.md index 852f9c7..42adbe5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,25 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +### v3.9.9.3 - [Unreleased] + +#### Added + +- [STACK] Add Nginx TLS 1.3 0-RTT configuration + +#### Changed + +- [STACK] New Nginx package built with OpenSSL_1.1.1d and the latest ngx_brotli module + +#### Fixed + +- `wo stack upgrade` when using nginx-ee +- `wo secure --auth` +- `wo secure --sshport` not working with default ssh config +- Issues after APT repositories informations changed +- `www` was added to WordPress site url with subdomains [Issue #178](https://github.com/WordOps/WordOps/issues/178) +- Issuing certificate with acme.sh for sub.sub-domains not working + ### v3.9.9.2 - 2019-10-04 #### Added diff --git a/gitconfig.py b/gitconfig.py index 65ef8e2..f335b14 100644 --- a/gitconfig.py +++ b/gitconfig.py @@ -1,3 +1,5 @@ +#!/usr/bin/env python3 + import configparser import os import re diff --git a/install b/install index 4378362..9ed4b8c 100755 --- a/install +++ b/install @@ -9,7 +9,7 @@ # ------------------------------------------------------------------------- # wget -qO wo wops.cc && sudo bash wo # ------------------------------------------------------------------------- -# Version 3.9.9.1 - 2019-09-27 +# Version 3.9.9.3 - 2019-10-14 # ------------------------------------------------------------------------- # CONTENTS @@ -62,8 +62,9 @@ while [ "$#" -gt 0 ]; do wo_branch="$2" shift ;; - -p | --preserve) - wo_preserve_config="y" + -v | --version) + wo_version="$2" + shift ;; --force) wo_force_install="y" @@ -78,10 +79,6 @@ while [ "$#" -gt 0 ]; do --purge | --uninstall) wo_purge="y" ;; - -v | --version) - wo_version="$2" - shift - ;; *) # positional args ;; esac @@ -97,14 +94,15 @@ if [[ $EUID -ne 0 ]]; then exit 100 fi -### -# 1- Update the apt sewers with fresh info -### export DEBIAN_FRONTEND=noninteractive unset LANG export LANG='en_US.UTF-8' export LC_ALL='C.UTF-8' +### +# 1- Main functions +### + # check if a command exist command_exists() { command -v "$@" > /dev/null 2>&1 @@ -121,19 +119,18 @@ _run() { } -check_path() { - if [ -d "$1" ]; then - return 0 - else - return 1 - fi -} +### +# 1- Update the apt sewers with fresh info +### if [ -z "$wo_travis" ]; then - if command_exists curl; then - apt-get update -qq - else - apt-get update -qq && apt-get -y install curl -qq > /dev/null 2>&1 + if ! { + apt-get update --allow-releaseinfo-change -qq > /dev/null 2>&1 + }; then + apt-get update -qq > /dev/null 2>&1 + fi + if ! command_exists curl; then + apt-get -y install curl -qq > /dev/null 2>&1 fi fi @@ -167,7 +164,6 @@ readonly wo_tmp_dir=/var/lib/wo/tmp readonly wo_install_log=/var/log/wo/install.log readonly wo_linux_distro=$(lsb_release -is) readonly wo_distro_version=$(lsb_release -sc) -readonly wo_distro_id=$(lsb_release -rs) readonly TIME_FORMAT='%d-%b-%Y-%H%M%S' readonly TIME=$(date +"$TIME_FORMAT") readonly NGINX_BACKUP_FILE="/var/lib/wo-backup/nginx-backup.$TIME.tar.gz" @@ -179,13 +175,8 @@ WO_ARCH="$(uname -m)" if [ -x /usr/local/bin/ee ]; then ee_migration=1 - ufw="n" elif [ -x /usr/local/bin/wo ]; then wo_upgrade=1 - ufw="n" -fi -if [ -z "$ufw" ]; then - ufw="y" fi ### # 1 - Checking linux distro @@ -232,13 +223,13 @@ wo_install_dep() { if [ "$wo_linux_distro" == "Ubuntu" ]; then # install dependencies apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ - build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz \ - gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 + build-essential curl gzip python3-pip python3-wheel python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz \ + gnupg2 cron ccze rsync apt-transport-https tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 add-apt-repository ppa:wordops/nginx-wo -yn else # install dependencies apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ - build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar \ + build-essential curl gzip dirmngr sudo python3-pip python3-wheel python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar \ software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 # add php repository gpg key [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } @@ -318,16 +309,6 @@ wo_sync_db() { wo_site_current_type=$(grep "common/" "/etc/nginx/sites-available/$site" | awk -F "/" '{print $2}') - if echo "$wo_site_current_type" | grep -q "php"; then - if echo "$wo_site_current_type" | grep -q "php7"; then - wo_php_version="7.0" - else - wo_php_version="5.6" - fi - else - wo_php_version="" - fi - if echo "$wo_site_current_type" | grep -q "redis"; then wo_site_current_cache="wpredis" elif echo "$wo_site_current_type" | grep -q wpsc; then @@ -458,6 +439,18 @@ wo_install_acme_sh() { fi } +wo_git_config() { + + if [ "$wo_force_install" = "y" ]; then + [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } + fi + + # .gitconfig inital setup + cd /var/lib/wo/tmp/WordOps-install || exit 1 + python3 gitconfig.py + +} + # Download WordOps wo_download() { rm -f /etc/bash_completion.d/wo_auto.rc @@ -471,18 +464,6 @@ wo_download() { fi } -wo_git_config() { - - if [ "$wo_force_install" = "y" ]; then - [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } - fi - - # .gitconfig inital setup - cd /var/lib/wo/tmp/WordOps-install || exit 1 - python3 gitconfig.py - -} - # WordOps install wo_install() { @@ -492,7 +473,7 @@ wo_install() { } # Clone Github repository if it doesn't exist -wo_install_travis() { +wo_travis_install() { if [ "$wo_force_install" = "y" ]; then [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } @@ -610,32 +591,20 @@ wo_update_latest() { chmod 600 /root/.my.cnf fi fi - - # Fix Redis-server security issue - # http://redis.io/topics/security - if [ -f /etc/redis/redis.conf ]; then - CHECK_REDIS_BIND=$(grep -0 -v "#" /etc/redis/redis.conf | grep 'bind' >> /dev/null 2>&1) - - if [ -z "$CHECK_REDIS_BIND" ]; then - echo 'bind 127.0.0.1 ::1' >> /etc/redis/redis.conf - - service redis-server restart - - fi - fi - } wo_backup_ee() { local BACKUP_EE="" [ -d /etc/nginx ] && { BACKUP_EE="$BACKUP_EE /etc/nginx"; } [ -d /etc/letsencrypt ] && { BACKUP_EE="$BACKUP_EE /etc/letsencrypt"; } - /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee "$BACKUP_EE" + /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /usr/local/bin/ee /usr/lib/ee/templates /etc/ee /var/lib/ee "$BACKUP_EE" return 0 } wo_backup_wo() { - /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /etc/wo /var/lib/wo "$WO_LE" + if [ -d /etc/nginx ] && [ -d /etc/wo ] && [ -d /var/lib/wo ]; then + /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /etc/wo /var/lib/wo + fi return 0 } @@ -686,7 +655,7 @@ wo_systemd_tweak() { } wo_domain_suffix() { - curl -sL https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat | sed '/^\/\//d' | sed '/^$/d' | sed 's/^\s+//g' > /var/lib/wo/public_suffix_list.dat + curl -m 10 --retry 3 -sL https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat | sed '/^\/\//d' | sed '/^$/d' | sed 's/^\s+//g' > /var/lib/wo/public_suffix_list.dat } wo_mariadb_tweak() { @@ -715,69 +684,10 @@ wo_clean() { } wo_uninstall() { + python3 -m pip uninstall wordops -y rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates } -wo_ufw_setup() { - if ! grep -q "ENABLED=yes" /etc/ufw/ufw.conf; then - # get custom ssh port - if [ -f /etc/ssh/sshd_config ]; then - CURRENT_SSH_PORT=$(grep "Port" /etc/ssh/sshd_config | awk -F " " '{print $2}') - fi - # define firewall rules - if ! grep -q "LOGLEVEL=low" /etc/ufw/ufw.conf; then - ufw logging low - fi - if ! grep -q 'DEFAULT_OUTPUT_POLICY="ACCEPT"' /etc/default/ufw; then - ufw default allow outgoing - fi - if ! grep -q 'DEFAULT_INPUT_POLICY="DROP"' /etc/default/ufw; then - ufw default deny incoming - fi - if ! grep -q "\-\-dport 22 -j" /etc/ufw/user.rules; then - # default ssh port - ufw limit 22 - fi - - # custom ssh port - if [ "$CURRENT_SSH_PORT" != "22" ]; then - if ! grep -q "\-\-dport $CURRENT_SSH_PORT -j" /etc/ufw/user.rules; then - ufw limit "$CURRENT_SSH_PORT" - fi - fi - - # nginx - if ! grep -q "\-\-dport 80 -j" /etc/ufw/user.rules; then - # http - ufw allow http - fi - if ! grep -q "\-\-dport 443 -j" /etc/ufw/user.rules; then - # https - ufw allow https - fi - - # ntp - if ! grep -q "\-\-dport 123 -j" /etc/ufw/user.rules; then - ufw allow 123 - fi - - if ! grep -q "\-\-dport 22222 -j" /etc/ufw/user.rules; then - # wordops backend - ufw limit 22222 - fi - # enable ufw - if [ -n "$CURRENT_SSH_PORT" ]; then - ufw --force enable - fi - - # remove ufw from syslog - if [ -f /etc/rsyslog.d/20-ufw.conf ]; then - sed -i 's/\#\& stop/\& stop/' /etc/rsyslog.d/20-ufw.conf - service rsyslog restart - fi - fi -} - wo_cheat_install() { curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh chmod +x /usr/local/bin/cht.sh @@ -822,17 +732,14 @@ else fi _run wo_install_dep "Installing wo dependencies" _run wo_timesync - #if [ "$ufw" = "y" ]; then - # _run wo_ufw_setup "Configuring UFW" - #fi # skip steps if travis if [ -z "$wo_travis" ]; then - _run wo_download "Downloading WordOps" _run wo_dist_upgrade + _run wo_download "Downloading WordOps" wo_git_config _run wo_install "Installing WordOps" else - _run wo_install_travis "Installing WordOps" + _run wo_travis_install "Installing WordOps" fi if [ -x /usr/local/bin/ee ]; then _run wo_upgrade_nginx "Upgrading Nginx" @@ -889,6 +796,3 @@ else wo_lib_echo "Give WordOps a GitHub star : https://github.com/WordOps/WordOps/" echo fi -# if [ -z "$wo_travis" ]; then -# /bin/bash --init-file "/var/lib/wo/tmp/WordOps-$wo_branch/tests/init-file" -# fi diff --git a/requirements.txt b/requirements.txt index c396386..e3ca0dd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,5 +6,4 @@ psutil>=5.6.3 sh>=1.12.14 SQLAlchemy>=1.3.8 requests>=2.22.0 -distro>=1.4.0 -apt-mirror-updater>=6.1 \ No newline at end of file +distro>=1.4.0 \ No newline at end of file diff --git a/setup.cfg b/setup.cfg index 0e6f9dd..4ee5196 100644 --- a/setup.cfg +++ b/setup.cfg @@ -9,4 +9,7 @@ cover-inclusive=1 cover-erase=1 cover-html=1 cover-html-dir=coverage_report/ -where=tests/ \ No newline at end of file +where=tests/ + +[metadata] +license-file = LICENSE \ No newline at end of file diff --git a/setup.py b/setup.py index 160ee85..269b8a9 100644 --- a/setup.py +++ b/setup.py @@ -4,8 +4,8 @@ import os from setuptools import find_packages, setup -with open("README.md", "r") as fh: - long_description = fh.read() +with open("README.md", "r", encoding="utf-8") as fh: + LONG = fh.read() conf = [] templates = [] @@ -24,10 +24,9 @@ if os.geteuid() == 0: os.makedirs('/var/lib/wo/tmp/') setup(name='wordops', - version='3.9.9.2', + version='3.9.9.3', description='WordPress & server administration toolset', - long_description=long_description, - long_description_content_type='text/markdown', + long_description=LONG, classifiers=[ "Programming Language :: Python :: 3", "License :: OSI Approved :: MIT License", @@ -61,7 +60,6 @@ setup(name='wordops', 'SQLAlchemy >= 1.3.8', 'requests >= 2.22.0', 'distro >= 1.4.0', - 'apt-mirror-updater >= 6.1', ], extras_require={ # Optional 'testing': ['nose', 'coverage'], diff --git a/tests/issue.sh b/tests/issue.sh index 61bf57e..72f0556 100644 --- a/tests/issue.sh +++ b/tests/issue.sh @@ -14,13 +14,9 @@ if [ -f /var/log/wo/wordops.log ]; then cd /var/log/wo/ || exit 1 - if { - tar -I pigz -cf wordops.tar.gz wordops.log - }; then - wo_link=$(curl -sL --upload-file wordops.tar.gz https://transfer.sh/wordops.tar.gz) - echo - echo "Here the link to provide in your github issue : $wo_link" - echo - fi + wo_link=$(curl -sL --upload-file wordops.log https://transfer.vtbox.net/wordops.txt) + echo + echo "Here the link to provide in your github issue : $wo_link" + echo cd || exit 1 fi diff --git a/tests/travis.sh b/tests/travis.sh index be1e8a3..0bf6a32 100644 --- a/tests/travis.sh +++ b/tests/travis.sh @@ -21,7 +21,7 @@ if [ -z "$1" ]; then fi exit_script() { - curl --progress-bar --upload-file /var/log/wo/wordops.log https://transfer.vtbox.net/"$(basename wordops.log)" && echo "" + curl --progress-bar --upload-file /var/log/wo/wordops.log https://transfer.vtbox.net/"$(basename wordops.txt)" && echo "" exit 1 } @@ -47,7 +47,7 @@ done echo -e "${CGREEN}#############################################${CEND}" echo -e ' Simple site create ' echo -e "${CGREEN}#############################################${CEND}" -site_types='html php php73 mysql wp wpfc wpsc wpredis wpce wprocket wpsubdomain wpsubdir' +site_types='html php php73 mysql wp wpfc wpsc wpredis wpce wprocket wpsubdomain wpsubdir ngxblocker' for site in $site_types; do echo -ne " Creating $site [..]\r" if { @@ -65,7 +65,7 @@ done echo -e "${CGREEN}#############################################${CEND}" echo -e ' wo site update --php73 ' echo -e "${CGREEN}#############################################${CEND}" -other_site_types='html mysql wp wpfc wpsc wpredis wpce wprocket wpsubdomain wpsubdir' +other_site_types='html mysql wp wpfc wpsc wpredis wpce wprocket wpsubdomain wpsubdir ngxblocker' for site in $other_site_types; do echo -ne " Updating site to $site php73 [..]\r" if { @@ -180,6 +180,46 @@ for stack in $stack_clean; do fi done +echo -e "${CGREEN}#############################################${CEND}" +echo -e ' wo secure ' +echo -e "${CGREEN}#############################################${CEND}" +echo -ne " wo secure --auth [..]\r" +if { + wo secure --auth wordops mypassword +} >> /var/log/wo/test.log; then + echo -ne " wo secure --auth [${CGREEN}OK${CEND}]\\r" + echo -ne '\n' +else + echo -e " wo secure --auth [${CRED}FAIL${CEND}]" + echo -ne '\n' + exit_script + +fi +echo -ne " wo secure --sshport [..]\r" +if { + wo secure --sshport 2022 +} >> /var/log/wo/test.log; then + echo -ne " wo secure --sshport [${CGREEN}OK${CEND}]\\r" + echo -ne '\n' +else + echo -e " wo secure --sshport [${CRED}FAIL${CEND}]" + echo -ne '\n' + exit_script + +fi +echo -ne " wo secure --ssh [..]\r" +if { + wo secure --ssh --force +} >> /var/log/wo/test.log; then + echo -ne " wo secure --ssh [${CGREEN}OK${CEND}]\\r" + echo -ne '\n' +else + echo -e " wo secure --ssh [${CRED}FAIL${CEND}]" + echo -ne '\n' + exit_script + +fi + echo -e "${CGREEN}#############################################${CEND}" echo -e ' various informations ' echo -e "${CGREEN}#############################################${CEND}" diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index 889f765..719e0b5 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -3,7 +3,6 @@ import os from cement.core import handler, hook from cement.core.controller import CementBaseController, expose - from wo.core.fileutils import WOFileUtils from wo.core.git import WOGit from wo.core.logging import Log @@ -70,7 +69,7 @@ class WOSecureController(CementBaseController): WOGit.add(self, ["/etc/nginx"], msg="Add Nginx to into Git") pargs = self.app.pargs - passwd = RANDOM.gen(self, length='24') + passwd = RANDOM.long(self) if not pargs.user_input: username = input("Provide HTTP authentication user " "name [{0}] :".format(WOVar.wo_user)) @@ -109,11 +108,12 @@ class WOSecureController(CementBaseController): Log.info(self, "Please enter a valid port number ") pargs.user_input = input("WordOps " "admin port [22222]:") - if not pargs.user_input: + else: port = input("WordOps admin port [22222]:") if port == "": port = 22222 - while (not port.isdigit()) and (port != "") and (not port < 65536): + while ((not port.isdigit()) and (not port != "") and + (not port < 65536)): Log.info(self, "Please Enter valid port number :") port = input("WordOps admin port [22222]:") pargs.user_input = port @@ -220,9 +220,14 @@ class WOSecureController(CementBaseController): Log.info(self, "Please Enter valid port number :") port = input("Server SSH port [22]:") pargs.user_input = port - WOShellExec.cmd_exec(self, "sed -i \"s/Port.*/Port " - "{port}/\" /etc/ssh/sshd_config" - .format(port=pargs.user_input)) + if WOFileUtils.grepcheck(self, '/etc/ssh/sshd_config', '#Port'): + WOShellExec.cmd_exec(self, "sed -i \"s/#Port.*/Port " + "{port}/\" /etc/ssh/sshd_config" + .format(port=pargs.user_input)) + else: + WOShellExec.cmd_exec(self, "sed -i \"s/Port.*/Port " + "{port}/\" /etc/ssh/sshd_config" + .format(port=pargs.user_input)) # allow new ssh port if ufw is enabled if os.path.isfile('/etc/ufw/ufw.conf'): # add rule for proftpd with UFW diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index e9b0454..4251c7a 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -301,10 +301,9 @@ def setupwordpress(self, data, vhostonly=False): "--dbhost=\'{3}\' " .format(data['wo_db_name'], wo_wp_prefix, data['wo_db_user'], data['wo_db_host']) + - "--dbpass=\'{0}\' " - "--extra-php<