diff --git a/CHANGELOG.md b/CHANGELOG.md index 85cc359..c0ae5a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,18 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +### v3.11.1 - 2019-12-04 + +#### Added + +- `--fail2ban` in wo stack upgrade + +#### Fixed + +- error with `wo maintenance` +- php-igbinary missing for php74 (run `wo stack upgrade` to install it) +- opcache reset with `wo clean` + ### v3.11.0 - 2019-12-03 #### Added diff --git a/install b/install index 6c6e4a6..16642d2 100755 --- a/install +++ b/install @@ -9,7 +9,7 @@ # ------------------------------------------------------------------------- # wget -qO wo wops.cc && sudo bash wo # ------------------------------------------------------------------------- -# Version 3.11.0 - 2019-12-03 +# Version 3.11.1 - 2019-12-04 # ------------------------------------------------------------------------- # CONTENTS diff --git a/setup.py b/setup.py index 6af933c..602f4aa 100644 --- a/setup.py +++ b/setup.py @@ -27,7 +27,7 @@ if os.geteuid() == 0: os.makedirs('/var/lib/wo/tmp/') setup(name='wordops', - version='3.11.0', + version='3.11.1', description='An essential toolset that eases server administration', long_description=LONG, long_description_content_type='text/markdown', diff --git a/tests/travis.sh b/tests/travis.sh index b0754fb..0cb9586 100644 --- a/tests/travis.sh +++ b/tests/travis.sh @@ -203,7 +203,7 @@ if [ -z "$1" ]; then echo -e "${CGREEN}#############################################${CEND}" echo -e ' wo stack upgrade ' echo -e "${CGREEN}#############################################${CEND}" - stack_upgrade='nginx php php72 php73 php74 mysql redis netdata dashboard phpmyadmin composer ngxblocker mysqltuner' + stack_upgrade='nginx php php72 php73 php74 mysql redis netdata dashboard phpmyadmin adminer fail2ban composer ngxblocker mysqltuner' for stack in $stack_upgrade; do echo -ne " Upgrading $stack [..]\r" if { diff --git a/wo/cli/plugins/clean.py b/wo/cli/plugins/clean.py index a0b8338..fd3917e 100644 --- a/wo/cli/plugins/clean.py +++ b/wo/cli/plugins/clean.py @@ -74,18 +74,18 @@ class WOCleanController(CementBaseController): def clean_opcache(self): if (os.path.exists('/usr/sbin/nginx') and os.path.exists( - '/var/www/22222/htdocs/cache/opcache/opgui.php')): + '/var/www/22222/htdocs/cache/opcache/php72.php')): try: Log.info(self, "Cleaning opcache") opgui = requests.get( - "https://127.0.0.1:22222/cache/opcache/opgui.php?reset=1") - if opgui.status_code != '200': + "http://127.0.0.1/cache/opcache/php72.php") + if opgui.status_code != '200' or opgui.status_code != '302': Log.warn(self, 'Cleaning opcache failed') except Exception as e: Log.debug(self, "{0}".format(e)) Log.debug(self, "Unable hit url, " - " https://127.0.0.1:22222/cache/opcache/" - "opgui.php?reset=1," + " http://127.0.0.1/cache/opcache/" + "php72.php," " please check you have admin tools installed") Log.debug(self, "please check you have admin tools installed," " or install them with `wo stack install --admin`") diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 46a2643..17f8d63 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -184,10 +184,8 @@ class WOStackController(CementBaseController): if pargs.php72: Log.debug(self, "Setting apt_packages variable for PHP 7.2") if not (WOAptGet.is_installed(self, 'php7.2-fpm')): - apt_packages = apt_packages + WOVar.wo_php72 - if not (WOAptGet.is_installed(self, 'php7.3-fpm') or - WOAptGet.is_installed(self, 'php7.4-fpm')): - apt_packages = apt_packages + WOVar.wo_php_extra + apt_packages = (apt_packages + WOVar.wo_php72 + + WOVar.wo_php_extra) else: Log.debug(self, "PHP 7.2 already installed") Log.info(self, "PHP 7.2 already installed") @@ -196,10 +194,8 @@ class WOStackController(CementBaseController): if pargs.php73: Log.debug(self, "Setting apt_packages variable for PHP 7.3") if not WOAptGet.is_installed(self, 'php7.3-fpm'): - apt_packages = apt_packages + WOVar.wo_php73 - if not (WOAptGet.is_installed(self, 'php7.2-fpm') or - WOAptGet.is_installed(self, 'php7.4-fpm')): - apt_packages = apt_packages + WOVar.wo_php_extra + apt_packages = (apt_packages + WOVar.wo_php73 + + WOVar.wo_php_extra) else: Log.debug(self, "PHP 7.3 already installed") Log.info(self, "PHP 7.3 already installed") @@ -208,10 +204,8 @@ class WOStackController(CementBaseController): if pargs.php74: Log.debug(self, "Setting apt_packages variable for PHP 7.4") if not WOAptGet.is_installed(self, 'php7.4-fpm'): - apt_packages = apt_packages + WOVar.wo_php74 - if not (WOAptGet.is_installed(self, 'php7.3-fpm') or - WOAptGet.is_installed(self, 'php7.2-fpm')): - apt_packages = apt_packages + WOVar.wo_php_extra + apt_packages = (apt_packages + WOVar.wo_php74 + + WOVar.wo_php_extra) else: Log.debug(self, "PHP 7.4 already installed") Log.info(self, "PHP 7.4 already installed") diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index d3d2151..f6a29d7 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -97,12 +97,9 @@ def pre_pref(self, apt_packages): # add nginx repository if set(WOVar.wo_nginx).issubset(set(apt_packages)): if (WOVar.wo_distro == 'ubuntu'): - if not os.path.isfile( - 'wordops-ubuntu-nginx-wo-{0}.list' - .format(WOVar.wo_platform_codename)): - Log.info(self, "Adding repository for NGINX, please wait...") - WORepo.add(self, ppa=WOVar.wo_nginx_repo) - Log.debug(self, 'Adding ppa for Nginx') + Log.info(self, "Adding repository for NGINX, please wait...") + WORepo.add(self, ppa=WOVar.wo_nginx_repo) + Log.debug(self, 'Adding ppa for Nginx') else: if not WOFileUtils.grepcheck( self, '/etc/apt/sources.list/wo-repo.list', @@ -117,11 +114,8 @@ def pre_pref(self, apt_packages): ('php7.2-fpm' in apt_packages) or ('php7.4-fpm' in apt_packages)): if (WOVar.wo_distro == 'ubuntu'): Log.debug(self, 'Adding ppa for PHP') - if not os.path.isfile( - '/etc/apt/sources.list.d/ondrej-ubuntu-php-{0}.list' - .format(WOVar.wo_platform_codename)): - Log.info(self, "Adding repository for PHP, please wait...") - WORepo.add(self, ppa=WOVar.wo_php_repo) + Log.info(self, "Adding repository for PHP, please wait...") + WORepo.add(self, ppa=WOVar.wo_php_repo) else: # Add repository for php if (WOVar.wo_platform_codename == 'buster'): @@ -144,13 +138,9 @@ def pre_pref(self, apt_packages): # add redis repository if set(WOVar.wo_redis).issubset(set(apt_packages)): if WOVar.wo_distro == 'ubuntu': - if not os.path.isfile( - '/etc/apt/sources.list.d/' - 'chris-lea-ubuntu-redis-server-{0}.list' - .format(WOVar.wo_platform_codename)): - Log.info(self, "Adding repository for Redis, please wait...") - Log.debug(self, 'Adding ppa for redis') - WORepo.add(self, ppa=WOVar.wo_redis_repo) + Log.info(self, "Adding repository for Redis, please wait...") + Log.debug(self, 'Adding ppa for redis') + WORepo.add(self, ppa=WOVar.wo_redis_repo) else: if not WOFileUtils.grepcheck( self, '/etc/apt/sources.list/wo-repo.list', @@ -164,12 +154,8 @@ def pre_pref(self, apt_packages): if WOVar.wo_distro == 'ubuntu': if (WOVar.wo_platform_codename == 'bionic' or WOVar.wo_platform_codename == 'xenial'): - if not os.path.exists( - '/etc/apt/sources.list.d/' - 'jonathonf-ubuntu-backports-{0}.list' - .format(WOVar.wo_platform_codename)): - Log.debug(self, 'Adding ppa for nano') - WORepo.add(self, ppa=WOVar.wo_ubuntu_backports) + Log.debug(self, 'Adding ppa for nano') + WORepo.add(self, ppa=WOVar.wo_ubuntu_backports) def post_pref(self, apt_packages, packages, upgrade=False): @@ -620,6 +606,16 @@ def post_pref(self, apt_packages, packages, upgrade=False): encoding='utf-8', mode='w') as myfile: myfile.write("") + # write opcache clean for php72 + if not os.path.exists('{0}22222/htdocs/cache/opcache' + .format(ngxroot)): + os.makedirs('{0}22222/htdocs/cache/opcache' + .format(ngxroot)) + WOFileUtils.textwrite( + self, '{0}22222/htdocs/cache/opcache/php72.php' + .format(ngxroot), + '') + WOFileUtils.chown(self, "{0}22222/htdocs" .format(ngxroot), 'www-data', @@ -757,6 +753,16 @@ def post_pref(self, apt_packages, packages, upgrade=False): encoding='utf-8', mode='w') as myfile: myfile.write("") + # write opcache clean for php73 + if not os.path.exists('{0}22222/htdocs/cache/opcache' + .format(ngxroot)): + os.makedirs('{0}22222/htdocs/cache/opcache' + .format(ngxroot)) + WOFileUtils.textwrite( + self, '{0}22222/htdocs/cache/opcache/php73.php' + .format(ngxroot), + '') + WOFileUtils.chown(self, "{0}22222/htdocs" .format(ngxroot), 'www-data', @@ -893,6 +899,16 @@ def post_pref(self, apt_packages, packages, upgrade=False): self, "{0}22222/htdocs/php/info.php" .format(ngxroot), "") + # write opcache clean for php74 + if not os.path.exists('{0}22222/htdocs/cache/opcache' + .format(ngxroot)): + os.makedirs('{0}22222/htdocs/cache/opcache' + .format(ngxroot)) + WOFileUtils.textwrite( + self, '{0}22222/htdocs/cache/opcache/php74.php' + .format(ngxroot), + '') + WOFileUtils.chown(self, "{0}22222/htdocs" .format(ngxroot), 'www-data', @@ -997,35 +1013,34 @@ def post_pref(self, apt_packages, packages, upgrade=False): WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") # create fail2ban configuration files - if set(WOVar.wo_fail2ban).issubset(set(apt_packages)): + if "fail2ban" in apt_packages: WOService.restart_service(self, 'fail2ban') WOGit.add(self, ["/etc/fail2ban"], msg="Adding Fail2ban into Git") - if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): - Log.info(self, "Configuring Fail2Ban") - data = dict(release=WOVar.wo_version) - WOTemplate.deploy( - self, - '/etc/fail2ban/jail.d/custom.conf', - 'fail2ban.mustache', - data, overwrite=False) - WOTemplate.deploy( - self, - '/etc/fail2ban/filter.d/wo-wordpress.conf', - 'fail2ban-wp.mustache', - data, overwrite=False) - WOTemplate.deploy( - self, - '/etc/fail2ban/filter.d/nginx-forbidden.conf', - 'fail2ban-forbidden.mustache', - data, overwrite=False) + Log.info(self, "Configuring Fail2Ban") + data = dict(release=WOVar.wo_version) + WOTemplate.deploy( + self, + '/etc/fail2ban/jail.d/custom.conf', + 'fail2ban.mustache', + data, overwrite=False) + WOTemplate.deploy( + self, + '/etc/fail2ban/filter.d/wo-wordpress.conf', + 'fail2ban-wp.mustache', + data, overwrite=False) + WOTemplate.deploy( + self, + '/etc/fail2ban/filter.d/nginx-forbidden.conf', + 'fail2ban-forbidden.mustache', + data, overwrite=False) - if not WOService.reload_service(self, 'fail2ban'): - WOGit.rollback( - self, ['/etc/fail2ban'], msg="Rollback f2b config") - else: - WOGit.add(self, ["/etc/fail2ban"], - msg="Adding Fail2ban into Git") + if not WOService.reload_service(self, 'fail2ban'): + WOGit.rollback( + self, ['/etc/fail2ban'], msg="Rollback f2b config") + else: + WOGit.add(self, ["/etc/fail2ban"], + msg="Adding Fail2ban into Git") # Proftpd configuration if "proftpd-basic" in apt_packages: diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 7df87fe..2d8592c 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -26,6 +26,8 @@ class WOStackUpgradeController(CementBaseController): dict(help='Upgrade web stack', action='store_true')), (['--admin'], dict(help='Upgrade admin tools stack', action='store_true')), + (['--security'], + dict(help='Upgrade security stack', action='store_true')), (['--nginx'], dict(help='Upgrade Nginx stack', action='store_true')), (['--php'], @@ -44,6 +46,8 @@ class WOStackUpgradeController(CementBaseController): dict(help='Upgrade Redis', action='store_true')), (['--netdata'], dict(help='Upgrade Netdata', action='store_true')), + (['--fail2ban'], + dict(help='Upgrade Fail2Ban', action='store_true')), (['--dashboard'], dict(help='Upgrade WordOps Dashboard', action='store_true')), (['--composer'], @@ -71,18 +75,15 @@ class WOStackUpgradeController(CementBaseController): packages = [] self.msg = [] pargs = self.app.pargs - if ((not pargs.web) and (not pargs.nginx) and - (not pargs.php) and - (not pargs.php72) and (not pargs.php73) and - (not pargs.php74) and - (not pargs.mysql) and (not pargs.ngxblocker) and - (not pargs.all) and (not pargs.wpcli) and - (not pargs.netdata) and (not pargs.composer) and - (not pargs.phpmyadmin) and (not pargs.adminer) and - (not pargs.dashboard) and (not pargs.mysqltuner) and - (not pargs.redis)): + if not (pargs.web or pargs.nginx or pargs.php or + pargs.php72 or pargs.php73 or pargs.php74 or pargs.mysql or + pargs.ngxblocker or pargs.all or pargs.netdata or + pargs.wpcli or pargs.composer or pargs.phpmyadmin or + pargs.adminer or pargs.dashboard or pargs.mysqltuner or + pargs.redis or pargs.fail2ban or pargs.security): pargs.web = True pargs.admin = True + pargs.security = True if pargs.php: pargs.php72 = True @@ -90,8 +91,8 @@ class WOStackUpgradeController(CementBaseController): if pargs.all: pargs.web = True pargs.admin = True + pargs.security = True pargs.redis = True - pargs.ngxblocker = True if pargs.web: pargs.nginx = True @@ -110,6 +111,10 @@ class WOStackUpgradeController(CementBaseController): pargs.adminer = True pargs.mysqltuner = True + if pargs.security: + pargs.ngxblocker = True + pargs.fail2ban = True + # nginx if pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): @@ -149,6 +154,11 @@ class WOStackUpgradeController(CementBaseController): if WOAptGet.is_installed(self, 'redis-server'): apt_packages = apt_packages + ['redis-server'] + # fail2ban + if pargs.fail2ban: + if WOAptGet.is_installed(self, 'fail2ban'): + apt_packages = apt_packages + ['fail2ban'] + # wp-cli if pargs.wpcli: if os.path.isfile('/usr/local/bin/wp'): @@ -267,26 +277,26 @@ class WOStackUpgradeController(CementBaseController): else: pre_stack(self) if (apt_packages): - if (("php7.2-fpm" not in apt_packages) and - ("php7.3-fpm" not in apt_packages) and - ("php7.4-fpm" not in apt_packages) and - ("redis-server" not in apt_packages) and - ("nginx-custom" not in apt_packages) and - ("mariadb-server" not in apt_packages)): + if not ("php7.2-fpm" in apt_packages or + "php7.3-fpm" in apt_packages or + "php7.4-fpm" in apt_packages or + "redis-server" in apt_packages or + "nginx-custom" in apt_packages or + "mariadb-server" in apt_packages): pass else: - Log.info( + Log.warn( self, "Your sites may be down for few seconds if " "you are upgrading Nginx, PHP-FPM, MariaDB or Redis") # Check prompt - if ((not pargs.no_prompt) and (not pargs.force)): + if not (pargs.no_prompt or pargs.force): start_upgrade = input("Do you want to continue:[y/N]") if start_upgrade != "Y" and start_upgrade != "y": Log.error(self, "Not starting package update") - Log.wait(self, "Updating APT packages") + Log.wait(self, "Updating APT cache") # apt-get update WOAptGet.update(self) - Log.valide(self, "Updating APT packages") + Log.valide(self, "Updating APT cache") # additional pre_pref if "nginx-custom" in apt_packages: diff --git a/wo/cli/templates/stub_status.mustache b/wo/cli/templates/stub_status.mustache index 82bbde7..ccbc255 100644 --- a/wo/cli/templates/stub_status.mustache +++ b/wo/cli/templates/stub_status.mustache @@ -10,7 +10,9 @@ server { server_name 127.0.0.1 localhost; access_log off; log_not_found off; - root /var/www/html; + root /var/www/22222/htdocs; + allow 127.0.0.1; + deny all; location ~ /(stub_status|nginx_status) { stub_status on; allow 127.0.0.1; @@ -21,11 +23,33 @@ server { {{#phpconf}} location ~ /(status|ping) { include fastcgi_params; - allow 127.0.0.1; - deny all; fastcgi_pass phpstatus; access_log off; log_not_found off; } + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + location /cache/opcache/php72.php { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php72; + access_log off; + log_not_found off; + } + location /cache/opcache/php73.php { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php73; + access_log off; + log_not_found off; + } + location /cache/opcache/php74.php { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php74; + access_log off; + log_not_found off; + } {{/phpconf}} } diff --git a/wo/core/apt_repo.py b/wo/core/apt_repo.py index 470ac4e..e260e4f 100644 --- a/wo/core/apt_repo.py +++ b/wo/core/apt_repo.py @@ -48,9 +48,21 @@ class WORepo(): Log.debug(self, "{0}".format(e)) Log.error(self, "Unable to add repo") if ppa is not None: + ppa_split = ppa.split(':')[1] + ppa_author = ppa_split.split('/')[0] + Log.debug(self, "ppa_author = {0}".format(ppa_author)) + ppa_package = ppa_split.split('/')[1] + Log.debug(self, "ppa_package = {0}".format(ppa_package)) + if os.path.exists( + '/etc/apt/sources.list.d/{0}-ubuntu-{1}-{2}.list' + .format(ppa_author, + ppa_package, WOVar.wo_platform_codename)): + Log.debug(self, "ppa already added") + return True if WOShellExec.cmd_exec( self, "LC_ALL=C.UTF-8 add-apt-repository -y '{ppa_name}'" .format(ppa_name=ppa)): + Log.debug(self, "Added PPA {0}".format(ppa)) return True return False diff --git a/wo/core/aptget.py b/wo/core/aptget.py index 6a7ce3e..2fc6277 100644 --- a/wo/core/aptget.py +++ b/wo/core/aptget.py @@ -189,7 +189,7 @@ class WOAptGet(): """ try: orig_out = sys.stdout - sys.stdout = open(self.app.config.get('log.logging', 'file'), + sys.stdout = open(self.app.config.get('log.colorlog', 'file'), encoding='utf-8', mode='a') apt_get.autoclean("-y") sys.stdout = orig_out diff --git a/wo/core/logging.py b/wo/core/logging.py index bb6cbda..46a7f61 100644 --- a/wo/core/logging.py +++ b/wo/core/logging.py @@ -38,13 +38,13 @@ class Log: Logs warning into log file """ print(Log.WARNING + msg + Log.ENDC) - self.app.log.warn(Log.BOLD + msg + Log.ENDC) + self.app.log.warning(Log.BOLD + msg + Log.ENDC) def debug(self, msg): """ Logs debug messages into log file """ - self.app.log.debug(Log.HEADER + msg + Log.ENDC) + self.app.log.debug(Log.HEADER + msg + Log.ENDC, __name__) def wait(self, msg, end='\r', log=True): """ diff --git a/wo/core/logwatch.py b/wo/core/logwatch.py index 0d51440..a42af54 100644 --- a/wo/core/logwatch.py +++ b/wo/core/logwatch.py @@ -65,7 +65,7 @@ class LogWatcher(object): def __del__(self): self.close() - def loop(self, interval=0.1, async=False): + def loop(self, interval=0.1, req_async=False): """Start the loop. If async is True make one loop then return. """ @@ -73,7 +73,7 @@ class LogWatcher(object): self.update_files() for fid, file in list(iter(self.files_map.items())): self.readfile(file) - if async: + if req_async: return time.sleep(interval) diff --git a/wo/core/variables.py b/wo/core/variables.py index d3d773a..afc8dad 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -14,7 +14,7 @@ class WOVar(): """Intialization of core variables""" # WordOps version - wo_version = "3.11.0" + wo_version = "3.11.1" # WordOps packages versions wo_wp_cli = "2.4.0" wo_adminer = "4.7.5" @@ -150,7 +150,7 @@ class WOVar(): for module in wo_module: wo_php74 = wo_php74 + ["php7.4-{0}".format(module)] - wo_php_extra = ["php-memcached", "php-imagick", + wo_php_extra = ["php-memcached", "php-imagick", "php-igbinary", "graphviz", "php-xdebug", "php-msgpack", "php-redis"] wo_mysql = ["mariadb-server", "percona-toolkit"]