Add allowpassword

2019-09-26 15:45:38 +02:00
parent ec1de94bc9
commit a2854e73dd
4 changed files with 16 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

 ### v3.9.x - [Unreleased]

+### v3.9.9.1 - 2019-09-26
+
 #### Added

 - [SECURE] Allow new ssh port with UFW when running `wo secure --sshport`
@@ -15,12 +17,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - [CORE] apt-mirror-updater to select the fastest debian/ubuntu mirror with automatic switching between mirrors if the current mirror is being updated
 - [SITE] add `--force` to force Let's Encrypt certificate issuance even if DNS check fail
 - [STACK] check if another mta is installed before installing sendmail
+- [SECURE] `--allowpassword` to allow password when using `--ssh` with `wo secure`

 #### Changed

 - [SECURITY] Improved sshd_config template according to Mozilla Infosec guidelines
 - [STACK] Always add stack configuration into Git before making changes to make rollback easier
 - [STACK] Render php-fpm pools configuration from template
+- [STACK] Adminer updated to v4.7.3

 #### Fixed

--- a/setup.py
+++ b/setup.py
@@ -25,7 +25,7 @@ if not os.path.exists('/var/lib/wo/'):
    os.makedirs('/var/lib/wo/')

 setup(name='wo',
-      version='3.9.9',
+      version='3.9.9.1',
      description=long_description,
      long_description=long_description,
      classifiers=[],
--- a/wo/cli/plugins/secure.py
+++ b/wo/cli/plugins/secure.py
@@ -38,6 +38,9 @@ class WOSecureController(CementBaseController):
                help='set custom ssh port', action='store_true')),
            (['--ssh'], dict(
                help='harden ssh security', action='store_true')),
+            (['--allowpassword'], dict(
+                help='allow password authentification '
+                'when hardening ssh security', action='store_true')),
            (['--force'],
                dict(help='force execution without being prompt',
                     action='store_true')),
@@ -157,7 +160,7 @@ class WOSecureController(CementBaseController):
    def secure_ssh(self):
        """Harden ssh security"""
        pargs = self.app.pargs
-        if not pargs.force:
+        if not pargs.force and not pargs.allowpassword:
            start_secure = input('Are you sure you to want to'
                                 ' harden SSH security ?'
                                 '\nSSH login with password will not '
@@ -181,7 +184,11 @@ class WOSecureController(CementBaseController):
                sudo_user = os.getenv('SUDO_USER')
            else:
                sudo_user = ''
-            data = dict(sshport=current_ssh_port, allowpass='no',
+            if pargs.allowpassword:
+                wo_allowpassword = 'yes'
+            else:
+                wo_allowpassword = 'no'
+            data = dict(sshport=current_ssh_port, allowpass=wo_allowpassword,
                        user=sudo_user)
            WOTemplate.deploy(self, '/etc/ssh/sshd_config',
                              'sshd.mustache', data)
--- a/wo/core/variables.py
+++ b/wo/core/variables.py
@@ -11,10 +11,10 @@ class WOVariables():
    """Intialization of core variables"""

    # WordOps version
-    wo_version = "3.9.9"
+    wo_version = "3.9.9.1"
    # WordOps packages versions
    wo_wp_cli = "2.3.0"
-    wo_adminer = "4.7.2"
+    wo_adminer = "4.7.3"
    wo_phpmyadmin = "4.9.1"
    wo_extplorer = "2.1.13"
    wo_dashboard = "1.2"