From 914f049852971a4f5129811259eb8528695efe5f Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Tue, 5 Nov 2019 16:11:43 +0100
Subject: [PATCH] Fix acme certificate on domain

---
 CHANGELOG.md                    |  5 +++++
 README.md                       |  2 +-
 install                         | 10 +++++++---
 wo/cli/plugins/stack.py         | 17 +++++++----------
 wo/cli/plugins/stack_pref.py    | 19 ++++++-------------
 wo/cli/plugins/stack_upgrade.py |  2 +-
 wo/core/acme.py                 |  2 +-
 wo/core/variables.py            |  5 +++++
 8 files changed, 33 insertions(+), 29 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e17b9d2..72f0751 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ### v3.9.x - [Unreleased]
 
+#### Fixed
+
+- Import rtCamp:EasyEngine GPG key to avoid issues with previous nginx repository
+- Unable to issue certificate for a domain if a subdomain certificate exist
+
 ### v3.10.1 - 2019-10-30
 
 #### Fixed
diff --git a/README.md b/README.md
index fd9d101..9b687ca 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@
 <img src="https://img.shields.io/github/license/wordops/wordops.svg?cacheSeconds=86400" alt="MIT">
 <img src="https://img.shields.io/github/last-commit/wordops/wordops.svg?cacheSeconds=86400" alt="Commits">
 <img alt="GitHub release" src="https://img.shields.io/github/release/WordOps/WordOps.svg">
-<br><a href="https://pypi.org/project/wordops/" target="_blank"><img alt="PyPI - Downloads" src="https://img.shields.io/pypi/dd/wordops.svg?cacheSeconds=86400"></a>
+<br><a href="https://pypi.org/project/wordops/" target="_blank"><img alt="PyPI - Downloads" src="https://img.shields.io/pypi/dw/wordops.svg?cacheSeconds=86400"></a>
 <a href="https://www.codacy.com/app/VirtuBox/WordOps?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=WordOps/WordOps&amp;utm_campaign=Badge_Grade"><img src="https://api.codacy.com/project/badge/Grade/fe9100fd2c634de7882ecec17f00a11a" alt="codacy"/></a>
 <a href="https://twitter.com/WordOps_" target="_blank"><img src="https://img.shields.io/badge/twitter-%40WordOps__-blue.svg?style=flat&logo=twitter&cacheSeconds=86400" alt="Badge Twitter" /></a>
 <a href="https://chat.wordops.net" target="_blank"><img src="https://img.shields.io/badge/Rocket.Chat-WordOps-DB2323.svg?style=flat&cacheSeconds=86400&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsIAAA7CARUoSoAAAAVOSURBVFhH7ZZbaJRHFIDP/P/uupsYkzQkrWIS3Wh0E280fciDUiyC2hdrQxUUBLFqaauoVFFoevGh6IOCWIQqfSiFVqIPrVSlIrYStPqQKhJz0e5v3GwuBk2q3WQv/2V6ztnZWxIrtXlq+8Hyzznz75wzcy7zw38eoZ7MTwCu4oqK8nyfb6pp2040Hg+d6e7u/xTAUa9MOOxA6/TpL7g9noMawCoQopRnFGg5JKVssh3n89qurvtKPWGgTYDacHgIDUdGGyfwhQpdiA88ut7WWVX1vlT/mSjSIaCF71ZVnUbFaqUaF3zvW/zdxlOpBClLhBDon4jiCfVrmmZYjnMzGou1vNLXN6L+8pfk5MBNv78sT4gOVBYr1XOBDo6ggxcdIb6cGwyexfVsNTWGHAcIPAXMOfgoKT0d4XKB8HpB6DpI0wQnFsOEGZur6EinLeXuwL17P5CY1GYY40DbjBmvunX9ZyWm0fLyIG/JEvAtXgzeRYvAXVEBwuPBFXAJNCyjUYjfuQOxlhYYuXwZYjdugLQs/i9alejJ195E4p2KcDjKSsUYB9pnzmxwadppJYJeXAzFW7fClLVrQSsoUNpnY4bD8Pvx4/CkqSntCDrRHPd6X5/X1hZJKkY50FFdPVOz7RZUcg7kL1sGZQcOgF5UxPPPQ7y9HR7s2AGJYJBlDMl3sw3jTbTB4UiXFEpCs6xjKeNT1qyBqceO/SPjxKRAAKbjKdCTwIp54+6sWetZQNIOdPj9dTi5gsaTamuhdP9+nJ2YktcKC+El3AwlLeM4ez9WttMWNCHeUkMo2bWLszwNJln0+nU+zmys3l5OOEkVoJCJBIw0N4PZ1aU0Sdzl5VC4bh2PcaO1DZWV1TTOhEDKl+lJ2e6rr2ddikeHD0PP+vXQvWoVDF+6xDozFILQ8uXQu2kT9G3ZQguwfmDPHujduBFCK1dC/PZt1qXIX7pUjdAhTaujZ8YBITj2wudLllcW0atXkwM6iWvXeEiLO1h6ROzWLe4FBO2eIJlKMhu9pESNADxudyE9MyGQsoeeTiQCzvAw61IUbd7MJeiaNo2Tk8ijfrBgAce1cMOGtNPF27bxJjyzZ8NkPIVs6NRSJEzzgRomwSTci11Q0u/xyZMYkVwc05TSxp6WjeNIJ5FQQgZ+F+dG07d9O69/x++32svLp5HdTAhs+yTGkc9x8MgRsIeGWJ+Ck3J0VWAXFG63EjLwu9Qhs6Akjpw/z2PMluZAd3cvjdMrBu7f78LL4wSNrYEBTizn8WOe+6dQ9fRjaNRdYaMDH/IEkrMlx+Xai5OtNKZe/vDgQdY/L3iq8OTUKejBvLEHB1mHLnw21zCusIDkOBDo7PwDP8XeUyJY/f1q9PegvhA5exbCq1fDwL59XC24MYkZdPSbYPAT9RqTGyiko6pqhQ7AwSrAun/x0CHWE8MXLkDk4kXwLlzItyF1uNR1bD98CAnD4NKjeFM1pcD8i+AHwe6AYXxBYlKbZIwDnX7/CeyKb9O4DEMwpaGBVuCjHGhsxAg+9dtiDGgphv9tSgA0zjOMTA1mkeMAXsXzXUL8ihnsomu4EtsstdvBo0chcu4cO/Is8I0o7vgmPs84lvVVTSjUp6bGJe1A+5w5BbplXUHFfJL10lLQsMnQvZ42LCUV/c64prVPknKGJWURdlAXfhSOCCkfYf50QH7+b9n3/bNgB1praiZ74vHvUXiNteOALrTiZ8WWmmDwF6WaEDDfAN7F3eqmiV1FUFehHq2hMyb2sgdo+Ef8NVYbxs6yoaFx4zihoDHRU1eXF6qv96GYDtH//EsB+BOmU3nrC4LJegAAAABJRU5ErkJggg==" alt="Badge Rocket.chat" /></a>
diff --git a/install b/install
index 27f6969..9861ff1 100755
--- a/install
+++ b/install
@@ -220,7 +220,6 @@ wo_install_dep() {
         # add nginx repository gpg key
         curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_10/Release.key | apt-key add -
     fi
-
     locale-gen en
     # enable unattended upgades
     if [ ! -f /etc/apt/apt.conf.d/20auto-upgrades ]; then
@@ -631,6 +630,8 @@ wo_init() {
     ###
 
     if [ -z "$wo_travis" ]; then
+        # import easyengine opensusebuildservice gpg key to avoid issues with packages update
+        apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys 3050ac3cd2ae6f03
         if ! {
             apt-get update --allow-releaseinfo-change -qq >/dev/null 2>&1
         }; then
@@ -673,8 +674,11 @@ wo_init
 wo_init_variables
 # remove old repositories
 _run wo_clean_repo
-# check distribution support
-wo_check_distro
+
+if [ -z "$wo_force_install" ]; then
+    # check distribution support
+    wo_check_distro
+fi
 
 # wo uninstall script
 if [ "$wo_purge" = "y" ]; then
diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py
index b3ec745..762e429 100644
--- a/wo/cli/plugins/stack.py
+++ b/wo/cli/plugins/stack.py
@@ -473,26 +473,22 @@ class WOStackController(CementBaseController):
                     "https://raw.githubusercontent.com"
                     "/rtCamp/eeadmin/master/cache/nginx/"
                     "clean.php",
-                    "{0}22222/htdocs/cache/"
-                    "nginx/clean.php"
+                    "{0}22222/htdocs/cache/nginx/clean.php"
                     .format(WOVar.wo_webroot),
                     "clean.php"],
                     ["https://raw.github.com/rlerdorf/"
                      "opcache-status/master/opcache.php",
-                     "{0}22222/htdocs/cache/"
-                     "opcache/opcache.php"
+                     "{0}22222/htdocs/cache/opcache/opcache.php"
                      .format(WOVar.wo_webroot),
                      "opcache.php"],
                     ["https://raw.github.com/amnuts/"
                      "opcache-gui/master/index.php",
-                     "{0}22222/htdocs/"
-                     "cache/opcache/opgui.php"
+                     "{0}22222/htdocs/cache/opcache/opgui.php"
                      .format(WOVar.wo_webroot),
                      "Opgui"],
                     ["https://raw.githubusercontent.com/"
                      "mlazarov/ocp/master/ocp.php",
-                     "{0}22222/htdocs/cache/"
-                     "opcache/ocp.php"
+                     "{0}22222/htdocs/cache/opcache/ocp.php"
                      .format(WOVar.wo_webroot),
                      "OCP.php"],
                     ["https://github.com/jokkedk/webgrind/"
@@ -795,12 +791,13 @@ class WOStackController(CementBaseController):
                     WOShellExec.cmd_exec(
                         self, "bash /usr/"
                         "libexec/netdata/"
-                        "netdata-uninstaller.sh -y -f")
+                        "netdata-uninstaller.sh -y -f",
+                        errormsg='', log=False)
                 else:
                     WOShellExec.cmd_exec(
                         self, "bash /opt/netdata/usr/"
                         "libexec/netdata/"
-                        "netdata-uninstaller.sh - y - f",
+                        "netdata-uninstaller.sh -y -f",
                         errormsg='', log=False)
 
             if (packages):
diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py
index b03f225..c1bf59b 100644
--- a/wo/cli/plugins/stack_pref.py
+++ b/wo/cli/plugins/stack_pref.py
@@ -44,25 +44,18 @@ def pre_pref(self, apt_packages):
         # generate random 24 characters root password
         chars = ''.join(random.sample(string.ascii_letters, 24))
 
-        # configure MySQL non-interactive install
-        if ((WOVar.wo_distro == 'raspbian') and
-                (WOVar.wo_platform_codename == 'stretch')):
-            mariadb_ver = '10.1'
-        else:
-            mariadb_ver = '10.3'
-
         Log.debug(self, "Pre-seeding MySQL")
         Log.debug(self, "echo \"mariadb-server-{0} "
                   "mysql-server/root_password "
                   "password \" | "
                   "debconf-set-selections"
-                  .format(mariadb_ver))
+                  .format(WOVar.mariadb_ver))
         try:
             WOShellExec.cmd_exec(self, "echo \"mariadb-server-{0} "
                                  "mysql-server/root_password "
                                  "password {chars}\" | "
                                  "debconf-set-selections"
-                                 .format(mariadb_ver, chars=chars),
+                                 .format(WOVar.mariadb_ver, chars=chars),
                                  log=False)
         except CommandExecutionError as e:
             Log.debug(self, "{0}".format(e))
@@ -72,13 +65,13 @@ def pre_pref(self, apt_packages):
                   "mysql-server/root_password_again "
                   "password \" | "
                   "debconf-set-selections"
-                  .format(mariadb_ver))
+                  .format(WOVar.mariadb_ver))
         try:
             WOShellExec.cmd_exec(self, "echo \"mariadb-server-{0} "
                                  "mysql-server/root_password_again "
                                  "password {chars}\" | "
                                  "debconf-set-selections"
-                                 .format(mariadb_ver, chars=chars),
+                                 .format(WOVar.mariadb_ver, chars=chars),
                                  log=False)
         except CommandExecutionError as e:
             Log.debug(self, "{0}".format(e))
@@ -112,7 +105,7 @@ def pre_pref(self, apt_packages):
         else:
             if not WOFileUtils.grepcheck(
                     self, '/etc/apt/sources.list/wo-repo.list',
-                    'download.opensuse.org'):
+                    'WordOps'):
                 Log.info(self, "Adding repository for NGINX, please wait...")
                 Log.debug(self, 'Adding repository for Nginx')
                 WORepo.add(self, repo_url=WOVar.wo_nginx_repo)
@@ -160,7 +153,7 @@ def pre_pref(self, apt_packages):
         else:
             if not WOFileUtils.grepcheck(
                     self, '/etc/apt/sources.list/wo-repo.list',
-                    'download.opensuse.org'):
+                    'WordOps'):
                 Log.info(self, "Adding repository for Redis, please wait...")
                 WORepo.add(self, repo_url=WOVar.wo_nginx_repo)
             WORepo.add_key(self, WOVar.wo_nginx_key)
diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py
index 64e75e1..c25a0e7 100644
--- a/wo/cli/plugins/stack_upgrade.py
+++ b/wo/cli/plugins/stack_upgrade.py
@@ -200,7 +200,7 @@ class WOStackUpgradeController(CementBaseController):
 
         # ngxblocker
         if pargs.ngxblocker:
-            if os.path.exists('/usr/local/sbin/update-ngxblocker'):
+            if os.path.exists('/usr/local/sbin/install-ngxblocker'):
                 packages = packages + [[
                     'https://raw.githubusercontent.com/mitchellkrogza/'
                     'nginx-ultimate-bad-bot-blocker/master/update-ngxblocker',
diff --git a/wo/core/acme.py b/wo/core/acme.py
index 8196238..883559b 100644
--- a/wo/core/acme.py
+++ b/wo/core/acme.py
@@ -172,7 +172,7 @@ class WOAcme:
         reader = csv.reader(certfile, 'acmeconf')
         for row in reader:
             # check if domain exist
-            if wo_domain_name in row[0]:
+            if wo_domain_name == row[0]:
                 # check if cert expiration exist
                 if not row[3] == '':
                     return True
diff --git a/wo/core/variables.py b/wo/core/variables.py
index 14cd999..d0a72a1 100644
--- a/wo/core/variables.py
+++ b/wo/core/variables.py
@@ -149,7 +149,12 @@ class WOVar():
     wo_mysql = ["mariadb-server", "percona-toolkit"]
     if wo_distro == 'raspbian':
         wo_mysql = wo_mysql + ["python3-mysqldb"]
+        if wo_platform_codename == 'stretch':
+            mariadb_ver = '10.1'
+        else:
+            mariadb_ver = '10.3'
     else:
+        mariadb_ver = '10.3'
         if wo_platform_codename == 'jessie':
             wo_mysql = wo_mysql + ["python3-mysql.connector"]
         else: