Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #38 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-03-22 08:22:38 +01:00
committed by GitHub
parent 610c945407 019d07fc85
commit af348c9d36
17 changed files with 711 additions and 530 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.travis.yml
View File

@@ -30,6 +30,7 @@ script:
- sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log - sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log
@@ -60,4 +61,4 @@ script:
- sudo wp --allow-root --info - sudo wp --allow-root --info
- sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log - sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo' - sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo'
- sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.sh/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down" - sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down"

10
CHANGELOG.md
View File

@@ -14,12 +14,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- IPv6 support with HTTPS - IPv6 support with HTTPS
- Brotli support in Nginx - Brotli support in Nginx
- Let's Encrypt support with --proxy
- Install script handle migration from EEv3
- load-balancing on unix socket for php-fpm
- stub_status vhost for metrics
- opcache optimization for php-fpm
#### Changed #### Changed
- letsencrypt stack refactored with acme.sh - letsencrypt stack refactored with acme.sh
- letsencrypt validation with webroot folder
- "--letsencrypt=subdomain" option - "--letsencrypt=subdomain" option
- hardened nginx ssl_ecdh_curve - hardened nginx ssl_ecdh_curve
- Update phpredisadmin
#### Fixed #### Fixed
@@ -27,6 +34,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- acme.sh installation - acme.sh installation
- acme.sh alias with config home variable - acme.sh alias with config home variable
- deb.sury.org repository gpg key - deb.sury.org repository gpg key
- Nginx upgrade from previous WordOps release
- Force new Nginx templates during update
- Error message about missing my.cnf file during upgrade
### v3.9.4 - 2019-03-15 ### v3.9.4 - 2019-03-15

407
install
View File

@@ -10,7 +10,7 @@
# Version 3.9.4 - 2019-03-15 # Version 3.9.4 - 2019-03-15
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.1" readonly wo_version_new="3.9.4.2"
# CONTENTS # CONTENTS
# --- # ---
# 1. VARIABLES AND DECLARATIONS # 1. VARIABLES AND DECLARATIONS
@@ -27,9 +27,10 @@ TPUT_FAIL=$(tput setaf 1)
TPUT_INFO=$(tput setaf 7) TPUT_INFO=$(tput setaf 7)
TPUT_ECHO=$(tput setaf 4) TPUT_ECHO=$(tput setaf 4)
wo_lib_echo () { wo_lib_echo () {
echo "${*}${TPUT_RESET}" echo "${TPUT_ECHO}${*}${TPUT_RESET}"
} }
wo_lib_echo_info() wo_lib_echo_info()
@@ -71,7 +72,7 @@ echo ""
# 1- Update the apt sewers with fresh info # 1- Update the apt sewers with fresh info
### ###
wo_lib_echo "Updating apt-get repository info" wo_lib_echo "Updating apt-get repository info"
apt-get update &>> /dev/null apt-get update -qq &>> /dev/null
### ###
# 1- Check whether lsb_release is installed, and if not, install it # 1- Check whether lsb_release is installed, and if not, install it
@@ -91,7 +92,7 @@ readonly wo_linux_distro=$(lsb_release -is)
readonly wo_distro_version=$(lsb_release -sc) readonly wo_distro_version=$(lsb_release -sc)
readonly wo_distro_id=$(lsb_release -rs) readonly wo_distro_id=$(lsb_release -rs)
if [ -x /usr/loca/bin/ee ]; then if [ -x /usr/local/bin/ee ]; then
migration=1 migration=1
else else
migration=0 migration=0
@@ -116,10 +117,10 @@ fi
### ###
# 1 - To prevent errors or unexpected behaviour, create the log and ACL it # 1 - To prevent errors or unexpected behaviour, create the log and ACL it
### ###
if [ ! -d $wo_log_dir ]; then if [ ! -d "$wo_log_dir" ]; then
wo_lib_echo "Creating WordOps log directory, just a second..." wo_lib_echo "Creating WordOps log directory, just a second..."
mkdir -p $wo_log_dir || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $? mkdir -p "$wo_log_dir" || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $?
touch /var/log/wo/{wordops.log,install.log} touch /var/log/wo/{wordops.log,install.log}
@@ -134,10 +135,10 @@ wo_install_dep()
{ {
if [ "$wo_linux_distro" == "Ubuntu" ]; then if [ "$wo_linux_distro" == "Ubuntu" ]; then
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban cron ccze > /dev/null 2>&1 DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban cron ccze rsync tree > /dev/null 2>&1
else else
wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 fail2ban cron ccze > /dev/null 2>&1 DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 fail2ban cron ccze rsync tree > /dev/null 2>&1
fi fi
locale-gen en locale-gen en
@@ -166,28 +167,27 @@ wo_sync_db()
### ###
# Switching from EE -> WO # Switching from EE -> WO
### ###
if [ -f /var/lib/ee/ee.db ]; then if [ ! -f /var/lib/wo/dbase.db ]; then
# Create the WordOps folder # Create the WordOps folder
mkdir -p /var/lib/wo mkdir -p /var/lib/wo
# Backup the nginx directory if [ -f /var/lib/ee/ee.db ]; then
tar -cvf - /etc/nginx /etc/ee /var/lib/ee | pigz -9 > /var/lib/wo/ee-backup.tgz # Copy the EasyEngine database
cp /var/lib/ee/ee.db /var/lib/wo/dbase-ee.db
# Copy the EasyEngine database # Set the migration variable for the closing text
cp /var/lib/ee/ee.db /var/lib/wo/dbase-ee.db migration=1
# Set the migration variable for the closing text ###
migration=1 # Clean WO installation
###
### cp /var/lib/ee/ee.db /var/lib/wo/dbase.db
# Clean WO installation rm -rf /var/lib/ee
### else
elif [ ! -d /var/lib/wo ]; then
# Create the directory holding the WordOps database
mkdir -p /var/lib/wo
# Create an empty database for WordOps # Create an empty database for WordOps
echo "CREATE TABLE sites ( echo "CREATE TABLE sites (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
sitename UNIQUE, sitename UNIQUE,
site_type CHAR, site_type CHAR,
@@ -204,92 +204,86 @@ wo_sync_db()
db_host VARCHAR, db_host VARCHAR,
is_hhvm INT INT DEFAULT '0', is_hhvm INT INT DEFAULT '0',
php_version VARCHAR php_version VARCHAR
);" | sqlite3 /var/lib/wo/dbase.db );" | sqlite3 /var/lib/wo/dbase.db
if [ -f /var/lib/wo/dbase-ee.db ]; then # Check site is enable/live or disable
# Copy the main EasyEngine database over since we are migrating AV_SITES="$(basename -a /etc/nginx/sites-available/* | grep -v default)"
cp /var/lib/wo/dbase-ee.db /var/lib/wo/dbase.db for site in $AV_SITES;
fi do
if [ -h "/etc/nginx/sites-enabled/$site" ]; then
wo_site_status='1'
else
wo_site_status='0'
fi
# Check site is enable/live or disable # Acquire information about the current nginx configuration
cd /etc/nginx/sites-available || exit 1
for site in $(echo \* | grep -v default);
do
if [ -f "/etc/nginx/sites-enabled/$site" ]; then
wo_site_status='1'
else
wo_site_status='0'
fi
# Acquire information about the current nginx configuration wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}')
wo_site_current_type=$(head -n1 "/etc/nginx/sites-available/$site" | grep "NGINX CONFIGURATION" | rev | cut -d' ' -f3,4,5,6,7 | rev | cut -d ' ' -f2,3,4,5)
# Sniff out the vhost type and cache configuration if [ "$(echo "$wo_site_current_type" | grep php)" ]; then
if [ "$wo_site_current_type" = "HTML" ]; then if [ "$(echo "$wo_site_current_type" | grep php7)" ]; then
wo_site_current="html" wo_php_version="7.0"
wo_site_current_cache="basic" else
elif [ "$wo_site_current_type" = "PHP" ]; then wo_php_version="5.6"
wo_site_current="php" fi
wo_site_current_cache="basic" else
elif [ "$wo_site_current_type" = "MYSQL" ]; then wo_php_version=""
wo_site_current="mysql" fi
wo_site_current_cache="basic"
# Caching types on a single WordPress installation if [ "$(echo "$wo_site_current_type" | grep redis)" ]; then
elif [ "$wo_site_current_type" = "WPSINGLE BASIC" ]; then wo_site_current_cache="wpredis"
wo_site_current="wp" elif [ -z "$(echo "$wo_site_current_type" | grep wpsc)" ]; then
wo_site_current_cache="basic" wo_site_current_cache="wpsc"
elif [ "$wo_site_current_type" = "WPSINGLE WP SUPER CACHE" ]; then elif [ -z "$(echo "$wo_site_current_type" | grep wpfc)" ]; then
wo_site_current="wp" wo_site_current_cache="wpfc"
wo_site_current_cache="wpsc" else
elif [ "$wo_site_current_type" = "WPSINGLE FAST CGI" ] || [ "$wo_site_current_type" = "WPSINGLE FASTCGI" ]; then wo_site_current_cache="basic"
wo_site_current="wp" fi
wo_site_current_cache="wpfc"
# Caching types on a single, subdirectory WordPress installation if [ "$(echo "$wo_site_current_type" | grep wp)" ]; then
elif [ "$wo_site_current_type" = "WPSUBDIR BASIC" ]; then if [ -z "$(echo "$wo_site_current_type" | grep wpsubdir)" ]; then
wo_site_current="wpsubdir" wo_site_current="wpsubdir"
wo_site_current_cache="basic" elif [ -z "$(echo "$wo_site_current_type" | grep wpsudomain)" ]; then
elif [ "$wo_site_current_type" = "WPSUBDIR WP SUPER CACHE" ]; then wo_site_current="wpsubdomain"
wo_site_current="wpsubdir" else
wo_site_current_cache="wpsc" wo_site_current="wp"
elif [ "$wo_site_current_type" = "WPSUBDIR FAST CGI" ] || [ "$wo_site_current_type" = "WPSUBDIR FASTCGI" ]; then fi
wo_site_current="wpsubdir" else
wo_site_current_cache="wpfc" if [ -z "$(echo "$wo_site_current_type" | grep location)" ]; then
wo_site_current="proxy"
elif [ -z "$(echo "$wo_site_current_type" | grep php)" ]; then
wo_site_current="html"
else
if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then
wo_site_current="mysql"
else
wo_site_current="php"
fi
fi
fi
# Caching types on a single, subdomain WordPress installation done
elif [ "$wo_site_current_type" = "WPSUBDOMAIN BASIC" ]; then
wo_site_current="wpsubdomain"
wo_site_current_cache="basic"
elif [ "$wo_site_current_type" = "WPSUBDOMAIN WP SUPER CACHE" ]; then
wo_site_current="wpsubdomain"
wo_site_current_cache="wpsc"
elif [ "$wo_site_current_type" = "WPSUBDOMAIN FAST CGI" ] || [ "$wo_site_current_type" = "WPSUBDOMAIN FASTCGI" ]; then
wo_site_current="wpsubdomain"
wo_site_current_cache="wpfc"
fi
wo_webroot="/var/www/$site" wo_webroot="/var/www/$site"
# Import the configuration into the WordOps SQLite database # Import the configuration into the WordOps SQLite database
echo "INSERT INTO sites (sitename, site_type, cache_type, site_path, is_enabled, is_ssl, storage_fs, storage_db) echo "INSERT INTO sites (sitename, site_type, cache_type, site_path, is_enabled, is_ssl, storage_fs, storage_db)
VALUES (\"$site\", \"$wo_site_current\", \"$wo_site_current_cache\", \"$wo_webroot\", \"$wo_site_status\", 0, 'ext4', 'mysql');" | sqlite3 /var/lib/wo/dbase.db VALUES (\"$site\", \"$wo_site_current\", \"$wo_site_current_cache\", \"$wo_webroot\", \"$wo_site_status\", 0, 'ext4', 'mysql');" | sqlite3 /var/lib/wo/dbase.db
done
else
wo_php_version="7.2" wo_lib_echo "Updating WordOps Database"
wo_lib_echo "Updating WordOps Database" echo "ALTER TABLE sites ADD COLUMN db_name varchar;" | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN db_name varchar;" | sqlite3 /var/lib/wo/dbase.db echo "ALTER TABLE sites ADD COLUMN db_user varchar; " | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN db_user varchar; " | sqlite3 /var/lib/wo/dbase.db echo "ALTER TABLE sites ADD COLUMN db_password varchar;" | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN db_password varchar;" | sqlite3 /var/lib/wo/dbase.db echo "ALTER TABLE sites ADD COLUMN db_host varchar;" | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN db_host varchar;" | sqlite3 /var/lib/wo/dbase.db echo "ALTER TABLE sites ADD COLUMN is_hhvm INT DEFAULT '0';" | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN is_hhvm INT DEFAULT '0';" | sqlite3 /var/lib/wo/dbase.db echo "ALTER TABLE sites ADD COLUMN php_version varchar DEFAULT \"$wo_php_version\";" | sqlite3 /var/lib/wo/dbase.db
echo "ALTER TABLE sites ADD COLUMN php_version varchar DEFAULT \"$wo_php_version\";" | sqlite3 /var/lib/wo/dbase.db fi
# echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db
# echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db
fi fi
echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db
echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db
} }
# Once again, set the proper ACL on the WordOps configuration directory # Once again, set the proper ACL on the WordOps configuration directory
@@ -383,63 +377,101 @@ wo_install()
wo_upgrade_nginx() wo_upgrade_nginx()
{ {
# chec if the package nginx-ee is installed
CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee) {
if [ -n "$CHECK_NGINX_EE" ]; then
{
# add new Nginx repository # chec if the package nginx-ee is installed
if [ "$wo_linux_distro" = "Ubuntu" ]; then CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/xUbuntu_${wo_distro_id}/ /" >> /etc/apt/sources.list.d/wo-repo.list CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo)
wget -qO /tmp/nginx-wo.key "https://download.opensuse.org/repositories/home:virtubox:WordOps/xUbuntu_${wo_distro_id}/Release.key" CHECK_PHP72=$(dpkg --list | grep php7.2-fpm)
CHECK_PHP73=$(dpkg --list | grep php7.3-fpm)
# add new Nginx repository
if [ "$wo_linux_distro" = "Ubuntu" ]; then
wget -qO /tmp/nginx-wo.key "https://download.opensuse.org/repositories/home:virtubox:WordOps/xUbuntu_${wo_distro_id}/Release.key"
else
if [ "$wo_distro_version" == "jessie" ]; then
wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key
else else
if [ "$wo_distro_version" == "jessie" ]; then wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_8.0/ /" >> /etc/apt/sources.list.d/wo-repo.list fi
wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key fi
else # import the respository key for updates
echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_9.0/ /" >> /etc/apt/sources.list.d/wo-repo.list apt-key add - < /tmp/nginx-wo.key
wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key rm -f /tmp/nginx-wo.key
sudo apt-get update
if [ -x /usr/sbin/nginx ] ; then
CHECK_BROTLI="$(nginx -V 2>&1 | grep brotli)"
if [ -z "$CHECK_BROTLI" ]; then
# stop nginx
service nginx stop
# prevent apt preference to block install
[ -f /etc/apt/preferences.d/nginx-block ] && {
mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block"
}
if [ -n "$CHECK_NGINX_EE" ]; then
# remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom --purge
elif [ -n "$CHECK_NGINX_WO" ]; then
apt-mark unhold nginx-wo nginx-common nginx-custom
apt-get -y -qq autoremove nginx-wo nginx-common nginx-custom --purge
fi fi
# install new nginx package
if [ -x /usr/local/bin/wo ]; then
# remove previous php-fpm pool configuration
if [ -n "$CHECK_PHP72" ]; then
apt-get remove php7.2-fpm -y -qq --purge
rm -f /etc/php/7.2/fpm/pool.d/*
fi
/usr/local/bin/wo stack install --nginx --php
if [ -n "$CHECK_PHP73" ]; then
apt-get remove php7.3-fpm -y -qq --purge
rm -f /etc/php/7.3/fpm/pool.d/*
/usr/local/bin/wo stack install --php73
fi
fi
# restore sites and configuration
/usr/bin/rsync -auz /var/lib/wo/backup/nginx/ /etc/nginx/
# update redis.conf headers
if [ -f /etc/nginx/common/redis.conf ]; then
sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
fi
VERIFY_NGINX_CONFIG=$(nginx -t 2>&1 | grep failed)
# check if nginx -t do not return errors
if [ -z "$VERIFY_NGINX_CONFIG" ]; then
systemctl stop nginx
systemctl start nginx
else
VERIFY_NGINX_BUCKET=$(nginx -t 2>&1 | grep "server_names_hash_bucket_size")
if [ -n "$VERIFY_NGINX_BUCKET" ]; then
sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g" /etc/nginx/nginx.conf
fi
systemctl stop nginx
systemctl start nginx
fi
# set back apt preference
[ -f "$HOME/nginx-block" ] && {
mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block
}
fi fi
# prevent apt preference to block install fi
[ -f /etc/apt/preferences.d/nginx-block ] && { } >> /var/log/wo/install.log 2>&1
mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block"
}
# import the respository key for updates
apt-key add - < /tmp/nginx-wo.key
rm -f /tmp/nginx-wo.key
sudo apt-get update
# stop nginx
service nginx stop
# remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom
# install new nginx package
if [ -x /usr/local/bin/wo ]; then
rm -f /etc/nginx/conf.d/{upstream.conf,redis.conf,fastcgi.conf}
rm -f /etc/nginx/*.default
/usr/local/bin/wo stack install
else
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confnew" -y install nginx-custom nginx-wo
fi
# set back apt preference
[ -f "$HOME/nginx-block" ] && {
mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block
}
# update nginx headers and ssl_ciphers
if [ -f /etc/nginx/nginx.conf ]; then
sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/nginx.conf &>> /dev/null
new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
fi
# update redis.conf headers
if [ -f /etc/nginx/common/redis.conf ]; then
sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null
fi
systemctl enable nginx
systemctl restart nginx
} >> /var/log/wo/install.log 2>&1
fi
} }
wo_update_latest() wo_update_latest()
@@ -465,28 +497,24 @@ wo_update_latest()
fi fi
# Move ~/.my.cnf to /etc/mysql/conf.d/my.cnf # Move ~/.my.cnf to /etc/mysql/conf.d/my.cnf
if [ ! -f /etc/mysql/conf.d/my.cnf ] if [ ! -f /etc/mysql/conf.d/my.cnf ]; then
then
# create conf.d folder if not exist # create conf.d folder if not exist
if [ ! -d /etc/mysql/conf.d ]; then [ ! -d /etc/mysql/conf.d ] && {
mkdir -p /etc/mysql/conf.d mkdir -p /etc/mysql/conf.d
chmod 755 /etc/mysql/conf.d chmod 755 /etc/mysql/conf.d
}
if [ -f $HOME/.my.cnf ]; then
cp -f $HOME/.my.cnf /etc/mysql/conf.d/my.cnf
chmod 600 /etc/mysql/conf.d/my.cnf
elif [ -f /root/.my.cnf ]; then
cp -f /root/.my.cnf /etc/mysql/conf.d/my.cnf
chmod 600 /etc/mysql/conf.d/my.cnf
fi fi
if [ -d /etc/mysql/conf.d ] else
then if [ ! -f /root/.my.cnf ]; then
if [ -f ~/.my.cnf ] cp /etc/mysql/conf.d/my.cnf /root/.my.cnf
then chmod 600 /root/.my.cnf
cp ~/.my.cnf /etc/mysql/conf.d/my.cnf &>> /dev/null
chmod 600 /etc/mysql/conf.d/my.cnf
else
if [ -f /root/.my.cnf ]
then
cp /root/.my.cnf /etc/mysql/conf.d/my.cnf &>> /dev/null
chmod 600 /etc/mysql/conf.d/my.cnf
else
wo_lib_echo_fail ".my.cnf cannot be located in your current user or root folder..."
fi
fi
fi fi
fi fi
@@ -551,13 +579,19 @@ if [ -x /usr/local/bin/wo ]; then
if [[ $? -ne 0 ]];then if [[ $? -ne 0 ]];then
read -p "Update WordOps to $wo_version_new (y/n): " wo_ans read -p "Update WordOps to $wo_version_new (y/n): " wo_ans
if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then
wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
wo_install_dep | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log
wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
wo_sync_db >> $wo_install_log 2>&1 wo_sync_db >> $wo_install_log 2>&1
secure_wo_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
else else
@@ -569,25 +603,25 @@ if [ -x /usr/local/bin/wo ]; then
else else
# 2 - Migration from EEv3 # 2 - Migration from EEv3
if [ -x /usr/local/bin/ee ]; then if [ -x /usr/local/bin/ee ]; then
ee -v 2>&1 | grep $wo_version_new &>> /dev/null read -p "Migrate from EasyEngine to WordOps (y/n): " wo_ans
if [[ $? -ne 0 ]];then if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then
read -p "Update WordOps to $wo_version_new (y/n): " wo_ans wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then wo_install_dep | tee -ai $wo_install_log
wo_install_dep | tee -ai $wo_install_log wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log
wo_sync_db >> $wo_install_log 2>&1 wo_sync_db >> $wo_install_log 2>&1
secure_wo_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_upgrade_nginx | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
wo_update_latest | tee -ai $wo_install_log wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
service nginx reload &>> /dev/null wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_install_acme_sh | tee -ai $wo_install_log
else wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 wo_git_init | tee -ai $wo_install_log
fi wo_update_wp_cli | tee -ai $wo_install_log
else else
wo_lib_error "You already have WordOps $wo_version_new, exit status = " 1 wo_lib_error "Not installing WordOps, exit status = " 1
fi fi
else else
# 3 - Fresh WO setup # 3 - Fresh WO setup
@@ -595,10 +629,11 @@ else
wo_install_dep | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
fi fi
fi fi

19
wo/cli/plugins/clean.py
View File

@@ -19,7 +19,8 @@ class WOCleanController(CementBaseController):
label = 'clean' label = 'clean'
stacked_on = 'base' stacked_on = 'base'
stacked_type = 'nested' stacked_type = 'nested'
description = ('Clean NGINX FastCGI cache, Opcache, Memcached, Redis Cache') description = (
'Clean NGINX FastCGI cache, Opcache, Memcached, Redis Cache')
arguments = [ arguments = [
(['--all'], (['--all'],
dict(help='Clean all cache', action='store_true')), dict(help='Clean all cache', action='store_true')),
@@ -31,7 +32,7 @@ class WOCleanController(CementBaseController):
dict(help='Clean OpCache', action='store_true')), dict(help='Clean OpCache', action='store_true')),
(['--redis'], (['--redis'],
dict(help='Clean Redis Cache', action='store_true')), dict(help='Clean Redis Cache', action='store_true')),
] ]
usage = "wo clean [options]" usage = "wo clean [options]"
@expose(hide=True) @expose(hide=True)
@@ -90,13 +91,13 @@ class WOCleanController(CementBaseController):
wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache" wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache"
"/opcache/opgui.php?page=reset").read() "/opcache/opgui.php?page=reset").read()
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.debug(self, "Unable hit url, " Log.debug(self, "Unable hit url, "
" https://127.0.0.1:22222/cache/opcache/opgui.php?page=reset," " https://127.0.0.1:22222/cache/opcache/opgui.php?page=reset,"
" please check you have admin tools installed") " please check you have admin tools installed")
Log.debug(self, "please check you have admin tools installed," Log.debug(self, "please check you have admin tools installed,"
" or install them with `wo stack install --admin`") " or install them with `wo stack install --admin`")
Log.error(self, "Unable to clean opcache", False) Log.error(self, "Unable to clean opcache", False)
def load(app): def load(app):

13
wo/cli/plugins/info.py
View File

@@ -41,9 +41,9 @@ class WOInfoController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def info_nginx(self): def info_nginx(self):
"""Display Nginx information""" """Display Nginx information"""
version = os.popen("nginx -v 2>&1 | cut -d':' -f2 | cut -d' ' -f2 | " version = os.popen("nginx -v 2 > &1 | awk - F '/' '{print $2}' | '"
"cut -d'/' -f2 | tr -d '\n'").read() "awk -F ' ' '{print $1}'").read()
allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " allow = os.popen("grep allow /etc/nginx/common/acl.conf | "
"cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read()
nc = NginxConfig() nc = NginxConfig()
nc.loadf('/etc/nginx/nginx.conf') nc.loadf('/etc/nginx/nginx.conf')
@@ -242,8 +242,8 @@ class WOInfoController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
"""default function for info""" """default function for info"""
if (not self.app.pargs.nginx and not self.app.pargs.php if (not self.app.pargs.nginx and not self.app.pargs.php and
and not self.app.pargs.mysql and not self.app.pargs.php73): not self.app.pargs.mysql and not self.app.pargs.php73):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.php = True self.app.pargs.php = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
@@ -251,7 +251,8 @@ class WOInfoController(CementBaseController):
self.app.pargs.php73 = True self.app.pargs.php73 = True
if self.app.pargs.nginx: if self.app.pargs.nginx:
if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-common'): if (WOAptGet.is_installed(self, 'nginx-custom') or
WOAptGet.is_installed(self, 'nginx-common')):
self.info_nginx() self.info_nginx()
else: else:
Log.error(self, "Nginx is not installed") Log.error(self, "Nginx is not installed")

60
wo/cli/plugins/log.py
View File

@@ -57,7 +57,7 @@ class WOLogShowController(CementBaseController):
action='store_true')), action='store_true')),
(['site_name'], (['site_name'],
dict(help='Website Name', nargs='?', default=None)) dict(help='Website Name', nargs='?', default=None))
] ]
usage = "wo log show [<site_name>] [options]" usage = "wo log show [<site_name>] [options]"
@expose(hide=True) @expose(hide=True)
@@ -68,17 +68,17 @@ class WOLogShowController(CementBaseController):
if self.app.pargs.php: if self.app.pargs.php:
self.app.pargs.nginx = True self.app.pargs.nginx = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (not self.app.pargs.site_name)): (not self.app.pargs.wp) and (not self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.fpm = True self.app.pargs.fpm = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
self.app.pargs.access = True self.app.pargs.access = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (self.app.pargs.site_name)): (not self.app.pargs.wp) and (self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.wp = True self.app.pargs.wp = True
self.app.pargs.access = True self.app.pargs.access = True
@@ -185,7 +185,7 @@ class WOLogResetController(CementBaseController):
action='store_true')), action='store_true')),
(['site_name'], (['site_name'],
dict(help='Website Name', nargs='?', default=None)) dict(help='Website Name', nargs='?', default=None))
] ]
usage = "wo log reset [<site_name>] [options]" usage = "wo log reset [<site_name>] [options]"
@expose(hide=True) @expose(hide=True)
@@ -196,20 +196,20 @@ class WOLogResetController(CementBaseController):
if self.app.pargs.php: if self.app.pargs.php:
self.app.pargs.nginx = True self.app.pargs.nginx = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (not self.app.pargs.site_name) (not self.app.pargs.wp) and (not self.app.pargs.site_name) and
and (not self.app.pargs.slow_log_db)): (not self.app.pargs.slow_log_db)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.fpm = True self.app.pargs.fpm = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
self.app.pargs.access = True self.app.pargs.access = True
self.app.pargs.slow_log_db = True self.app.pargs.slow_log_db = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (self.app.pargs.site_name) (not self.app.pargs.wp) and (self.app.pargs.site_name) and
and (not self.app.pargs.slow-log-db)): (not self.app.pargs.slow-log-db)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.wp = True self.app.pargs.wp = True
self.app.pargs.access = True self.app.pargs.access = True
@@ -324,7 +324,7 @@ class WOLogGzipController(CementBaseController):
action='store_true')), action='store_true')),
(['site_name'], (['site_name'],
dict(help='Website Name', nargs='?', default=None)) dict(help='Website Name', nargs='?', default=None))
] ]
usage = "wo log gzip [<site_name>] [options]" usage = "wo log gzip [<site_name>] [options]"
@expose(hide=True) @expose(hide=True)
@@ -335,17 +335,17 @@ class WOLogGzipController(CementBaseController):
if self.app.pargs.php: if self.app.pargs.php:
self.app.pargs.nginx = True self.app.pargs.nginx = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (not self.app.pargs.site_name)): (not self.app.pargs.wp) and (not self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.fpm = True self.app.pargs.fpm = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
self.app.pargs.access = True self.app.pargs.access = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (self.app.pargs.site_name)): (not self.app.pargs.wp) and (self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.wp = True self.app.pargs.wp = True
self.app.pargs.access = True self.app.pargs.access = True
@@ -461,7 +461,7 @@ class WOLogMailController(CementBaseController):
(['--to'], (['--to'],
dict(help='Email addresses to send log files', action='append', dict(help='Email addresses to send log files', action='append',
dest='to', nargs=1, required=True)), dest='to', nargs=1, required=True)),
] ]
usage = "wo log mail [<site_name>] [options]" usage = "wo log mail [<site_name>] [options]"
@expose(hide=True) @expose(hide=True)
@@ -472,17 +472,17 @@ class WOLogMailController(CementBaseController):
if self.app.pargs.php: if self.app.pargs.php:
self.app.pargs.nginx = True self.app.pargs.nginx = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (not self.app.pargs.site_name)): (not self.app.pargs.wp) and (not self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.fpm = True self.app.pargs.fpm = True
self.app.pargs.mysql = True self.app.pargs.mysql = True
self.app.pargs.access = True self.app.pargs.access = True
if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) if ((not self.app.pargs.nginx) and (not self.app.pargs.fpm) and
and (not self.app.pargs.mysql) and (not self.app.pargs.access) (not self.app.pargs.mysql) and (not self.app.pargs.access) and
and (not self.app.pargs.wp) and (self.app.pargs.site_name)): (not self.app.pargs.wp) and (self.app.pargs.site_name)):
self.app.pargs.nginx = True self.app.pargs.nginx = True
self.app.pargs.wp = True self.app.pargs.wp = True
self.app.pargs.access = True self.app.pargs.access = True

18
wo/cli/plugins/secure.py
View File

@@ -38,19 +38,19 @@ class WOSecureController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
if self.app.pargs.auth: if self.app.pargs.auth:
self.secure_auth() self.secure_auth()
if self.app.pargs.port: if self.app.pargs.port:
self.secure_port() self.secure_port()
if self.app.pargs.ip: if self.app.pargs.ip:
self.secure_ip() self.secure_ip()
@expose(hide=True) @expose(hide=True)
def secure_auth(self): def secure_auth(self):
"""This function secures authentication""" """This function secures authentication"""
passwd = ''.join([random.choice passwd = ''.join([random.choice
(string.ascii_letters + string.digits) (string.ascii_letters + string.digits)
for n in range(6)]) for n in range(6)])
if not self.app.pargs.user_input: if not self.app.pargs.user_input:
username = input("Provide HTTP authentication user " username = input("Provide HTTP authentication user "
"name [{0}] :".format(WOVariables.wo_user)) "name [{0}] :".format(WOVariables.wo_user))
@@ -125,7 +125,7 @@ class WOSecureController(CementBaseController):
user_ip = ['127.0.0.1'] user_ip = ['127.0.0.1']
for ip_addr in user_ip: for ip_addr in user_ip:
if not ("exist_ip_address "+ip_addr in open('/etc/nginx/common/' if not ("exist_ip_address "+ip_addr in open('/etc/nginx/common/'
'acl.conf').read()): 'acl.conf').read()):
WOShellExec.cmd_exec(self, "sed -i " WOShellExec.cmd_exec(self, "sed -i "
"\"/deny/i allow {whitelist_address}\;\"" "\"/deny/i allow {whitelist_address}\;\""
" /etc/nginx/common/acl.conf" " /etc/nginx/common/acl.conf"

20
wo/cli/plugins/site.py
View File

@@ -326,7 +326,8 @@ class WOSiteCreateController(CementBaseController):
dict(help="create WordPress single/multi site with wpsc cache", dict(help="create WordPress single/multi site with wpsc cache",
action='store_true')), action='store_true')),
(['--wpredis'], (['--wpredis'],
dict(help="create WordPress single/multi site with redis cache", dict(help="create WordPress single/multi site "
"with redis cache",
action='store_true')), action='store_true')),
(['-le', '--letsencrypt'], (['-le', '--letsencrypt'],
dict(help="configure letsencrypt ssl for the site", dict(help="configure letsencrypt ssl for the site",
@@ -342,8 +343,9 @@ class WOSiteCreateController(CementBaseController):
dest='wppass')), dest='wppass')),
(['--proxy'], (['--proxy'],
dict(help="create proxy for site", nargs='+')), dict(help="create proxy for site", nargs='+')),
(['--vhostonly'], (['--vhostonly'], dict(help="only create vhost and database "
dict(help="only create vhost and database without installing WordPress", nargs='+')), "without installing WordPress",
action='store_true')),
(['--experimental'], (['--experimental'],
dict(help="Enable Experimental packages without prompt", dict(help="Enable Experimental packages without prompt",
action='store_true')), action='store_true')),
@@ -406,7 +408,7 @@ class WOSiteCreateController(CementBaseController):
data['proxy'] = True data['proxy'] = True
data['host'] = host data['host'] = host
data['port'] = port data['port'] = port
wo_site_webroot = "" wo_site_webroot = WOVariables.wo_webroot + wo_domain
if self.app.pargs.php73: if self.app.pargs.php73:
data = dict(site_name=wo_domain, www_domain=wo_www_domain, data = dict(site_name=wo_domain, www_domain=wo_www_domain,
@@ -461,10 +463,10 @@ class WOSiteCreateController(CementBaseController):
data['basic'] = True data['basic'] = True
if (cache == 'wpredis'): if (cache == 'wpredis'):
cache = 'wpredis' cache = 'wpredis'
data['wpredis'] = True data['wpredis'] = True
data['basic'] = False data['basic'] = False
self.app.pargs.wpredis = True self.app.pargs.wpredis = True
# Check rerequired packages are installed or not # Check rerequired packages are installed or not
wo_auth = site_package_check(self, stype) wo_auth = site_package_check(self, stype)
@@ -1097,7 +1099,7 @@ class WOSiteUpdateController(CementBaseController):
else: else:
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
wildcard = True wildcard = False
if pargs.wpredis and data['currcachetype'] != 'wpredis': if pargs.wpredis and data['currcachetype'] != 'wpredis':
data['wpredis'] = True data['wpredis'] = True

173
wo/cli/plugins/site_functions.py
View File

@@ -107,9 +107,6 @@ def setupdomain(self, data):
'/etc/nginx/sites-enabled/{0}' '/etc/nginx/sites-enabled/{0}'
.format(wo_domain_name)]) .format(wo_domain_name)])
if 'proxy' in data.keys() and data['proxy']:
return
# Creating htdocs & logs directory # Creating htdocs & logs directory
Log.info(self, "Setting up webroot \t\t", end='') Log.info(self, "Setting up webroot \t\t", end='')
try: try:
@@ -297,17 +294,15 @@ def setupwordpress(self, data):
if not data['multisite']: if not data['multisite']:
Log.debug(self, "Generating wp-config for WordPress Single site") Log.debug(self, "Generating wp-config for WordPress Single site")
Log.debug(self, "bash -c \"php {0} --allow-root " Log.debug(self, "bash -c \"php {0} --allow-root "
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ "core config " "core config " +
+ "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbuser=\'{2}\' " "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbuser=\'{2}\' "
"--dbhost=\'{3}\' " "--dbhost=\'{3}\' "
.format(data['wo_db_name'], wo_wp_prefix, .format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_user'], data['wo_db_host']) data['wo_db_user'], data['wo_db_host']) +
+ "--dbpass=\'{0}\' " "--dbpass=\'{0}\' "
"--extra-php<<PHP \n {1}\nPHP\"" "--extra-php<<PHP \n {1}\nPHP\""
.format(data['wo_db_pass'], .format(data['wo_db_pass'],
"\ndefine(\'CONCATENATE_SCRIPTS\',"
" false);",
"\n\ndefine(\'WP_DEBUG\', false);")) "\n\ndefine(\'WP_DEBUG\', false);"))
try: try:
if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root" if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root"
@@ -340,7 +335,7 @@ def setupwordpress(self, data):
+ "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' " + "--dbname=\'{0}\' --dbprefix=\'{1}\' --dbhost=\'{2}\' "
.format(data['wo_db_name'], wo_wp_prefix, data['wo_db_host']) .format(data['wo_db_name'], wo_wp_prefix, data['wo_db_host'])
+ "--dbuser=\'{0}\' --dbpass=\'{1}\' " + "--dbuser=\'{0}\' --dbpass=\'{1}\' "
"--extra-php<<PHP \n {2} {3} \nPHP\"" "--extra-php<<PHP \n {2} {3} {4} \nPHP\""
.format(data['wo_db_user'], data['wo_db_pass'], .format(data['wo_db_user'], data['wo_db_pass'],
"\ndefine(\'WPMU_ACCEL_REDIRECT\'," "\ndefine(\'WPMU_ACCEL_REDIRECT\',"
" true);", " true);",
@@ -1197,9 +1192,8 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
raise SiteError("dbhost not provided") raise SiteError("dbhost not provided")
deleteDB(self, dbname, dbuser, dbhost) deleteDB(self, dbname, dbuser, dbhost)
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name): def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf" if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
@@ -1208,36 +1202,34 @@ def setupLetsEncrypt(self, wo_domain_name):
.format(wo_domain_name)) .format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name) ssl = archivedCertificateHandle(self, wo_domain_name)
else: else:
Log.warn(self, "Please wait while we fetch the new HTTPS certificate" Log.info(self, "Issuing SSL cert with acme.sh")
" for your site.\nIt may take a few minutes" ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
" depending on the network.") "--config-home "
sslissue = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "'/etc/letsencrypt/config' "
"--config-home " "--issue "
"'/etc/letsencrypt/config' " "-d {0} -d www.{0} -w /var/www/html "
"--issue " "-k ec-384"
"-d {0} -d www.{0} -w /var/www/html " .format(wo_domain_name))
"-k ec-384"
.format(wo_domain_name))
if sslissue:
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
if ssl: if ssl:
try: try:
Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
sslsetup = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
Log.info( Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf" self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name)) .format(wo_domain_name))
@@ -1260,19 +1252,18 @@ def setupLetsEncrypt(self, wo_domain_name):
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"ssl.conf") "ssl.conf")
else: else:
Log.error(self, "Unable to install certificate", False) Log.error(self, "Unable to install certificate", False)
Log.error(self, "Please make sure that your site is pointed to \n" Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which " "same server on which "
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# setup letsencrypt for a subdomain # setup letsencrypt for a subdomain
def setupLetsEncryptSubdomain(self, wo_domain_name): def setupLetsEncryptSubdomain(self, wo_domain_name):
wo_wp_email = WOVariables.wo_email
if os.path.isfile("{0}/{1}_ecc/{1}.conf" if os.path.isfile("{0}/{1}_ecc/{1}.conf"
.format(WOVariables.wo_ssl_archive, wo_domain_name)): .format(WOVariables.wo_ssl_archive, wo_domain_name)):
@@ -1280,36 +1271,34 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
.format(wo_domain_name)) .format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name) ssl = archivedCertificateHandle(self, wo_domain_name)
else: else:
Log.warn(self, "Please wait while we fetch the new HTTPS certificate" Log.info(self, "Issuing SSL cert with acme.sh")
" for your site.\nIt may take a few minutes" ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
" depending on the network.") "--config-home "
sslissue = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "'/etc/letsencrypt/config' "
"--config-home " "--issue "
"'/etc/letsencrypt/config' " "-d {0} -w /var/www/html "
"--issue " "-k ec-384"
"-d {0} -w /var/www/html " .format(wo_domain_name))
"-k ec-384"
.format(wo_domain_name))
if sslissue:
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
if ssl: if ssl:
try: try:
Log.info(self, "Deploying SSL cert with acme.sh")
Log.debug(self, "Deploying cert for domain: {0}"
.format(wo_domain_name))
sslsetup = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
Log.info( Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf" self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name)) .format(wo_domain_name))
@@ -1332,13 +1321,13 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"ssl.conf") "ssl.conf")
else: else:
Log.error(self, "Unable to install certificate", False) Log.error(self, "Unable to create ssl.conf", False)
Log.error(self, "Please make sure that your site is pointed to \n" Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which " "same server on which "
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# letsencrypt cert renewal # letsencrypt cert renewal
@@ -1449,20 +1438,18 @@ def archivedCertificateHandle(self, domain):
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
if check_prompt == "1": if check_prompt == "1":
Log.info(self, "Please wait while we reinstall the Let's Encrypt " Log.info(self, "Issuing SSL cert with acme.sh")
"certificate for your site.\nIt may take a "
"few minutes depending on your network.")
ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh " "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--install-cert -d {1} --ecc " "--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem " "--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem " "--key-file {0}/{1}/key.pem "
"--fullchain-file " "--fullchain-file "
"{0}/{1}/fullchain.pem " "{0}/{1}/fullchain.pem "
"--reloadcmd " "--reloadcmd "
"\"service nginx restart\" " "\"service nginx restart\" "
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
if ssl: if ssl:
@@ -1504,9 +1491,7 @@ def archivedCertificateHandle(self, domain):
updateSiteInfo(self, domain, ssl=True) updateSiteInfo(self, domain, ssl=True)
elif (check_prompt == "3"): elif (check_prompt == "3"):
Log.info(self, "Please wait while we renew the Let's Encrypt" Log.info(self, "Issuing SSL cert with acme.sh")
"certificate for your site.\nIt may take a few "
"minutes depending on your network.")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
@@ -1514,7 +1499,7 @@ def archivedCertificateHandle(self, domain):
"--force" "--force"
.format(domain)) .format(domain))
if issuessl: if ssl:
try: try:
@@ -1547,4 +1532,4 @@ def archivedCertificateHandle(self, domain):
'/var/www/{0}/conf/nginx/ssl.conf.bak' '/var/www/{0}/conf/nginx/ssl.conf.bak'
.format(domain)) .format(domain))
return ssl return ssl

335
wo/cli/plugins/stack.py
View File

@@ -201,50 +201,68 @@ class WOStackController(CementBaseController):
'file /etc/nginx/conf.d/blockips.conf') 'file /etc/nginx/conf.d/blockips.conf')
wo_nginx = open('/etc/nginx/conf.d/blockips.conf', wo_nginx = open('/etc/nginx/conf.d/blockips.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'blockips.mustache', out=wo_nginx) self.app.render(
(data), 'blockips.mustache', out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/fastcgi.conf') 'file /etc/nginx/conf.d/fastcgi.conf')
wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'fastcgi.mustache', out=wo_nginx) self.app.render(
(data), 'fastcgi.mustache', out=wo_nginx)
wo_nginx.close() wo_nginx.close()
data = dict(php="9000", debug="9001", data = dict(php="9000", debug="9001",
php7="9070", debug7="9170", php7="9070", debug7="9170",
php7conf=True php7conf=True
if WOAptGet.is_installed(self, 'php7.0-fpm') if WOAptGet.is_installed(self, 'php7.0-fpm')
else False) else False)
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/upstream.conf') 'file /etc/nginx/conf.d/upstream.conf')
wo_nginx = open('/etc/nginx/conf.d/upstream.conf', wo_nginx = open('/etc/nginx/conf.d/upstream.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'upstream.mustache', out=wo_nginx) self.app.render(
(data), 'upstream.mustache', out=wo_nginx)
wo_nginx.close()
if not (os.path.isfile('/etc/nginx/conf.d/stub_status.conf')):
data = dict(phpconf=True if
WOAptGet.is_installed(self, 'php7.2-fpm')
else False)
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/stub_status.conf')
wo_nginx = open('/etc/nginx/conf.d/stub_status.conf',
encoding='utf-8', mode='w')
self.app.render(
(data), 'stub_status.mustache', out=wo_nginx)
wo_nginx.close()
if not (os.path.isfile('/etc/nginx/conf.d/webp.conf')):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/webp.conf')
wo_nginx = open('/etc/nginx/conf.d/webp.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'webp.mustache',
out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/map-wp.conf') 'file /etc/nginx/conf.d/'
wo_nginx = open('/etc/nginx/conf.d/map-wp.conf', 'map-wp-fastcgi-cache.conf')
wo_nginx = open('/etc/nginx/conf.d/'
'map-wp-fastcgi-cache.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'map-wp.mustache', self.app.render((data), 'map-wp.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
if not (os.path.isfile('/etc/nginx/conf.d/webp.conf')):
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/conf.d/webp.conf')
wo_nginx = open('/etc/nginx/conf.d/webp.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'webp.mustache',
out=wo_nginx)
wo_nginx.close()
# Setup Nginx common directory # Setup Nginx common directory
if not os.path.exists('/etc/nginx/common'): if not os.path.exists('/etc/nginx/common'):
Log.debug(self, 'Creating directory' Log.debug(self, 'Creating directory'
'/etc/nginx/common') '/etc/nginx/common')
os.makedirs('/etc/nginx/common') os.makedirs('/etc/nginx/common')
data = dict(webroot=WOVariables.wo_webroot) data = dict(webroot=WOVariables.wo_webroot)
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
@@ -303,75 +321,75 @@ class WOStackController(CementBaseController):
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
# php7 conf # php73 conf
if not os.path.isfile("/etc/nginx/common/php73.conf"): if not os.path.isfile("/etc/nginx/common/php73.conf"):
# data = dict() # data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf') 'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf', wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache', self.app.render((data), 'locations-php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf') 'file /etc/nginx/common/php73.conf')
wo_nginx = open('/etc/nginx/common/php73.conf', wo_nginx = open('/etc/nginx/common/php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'php7.mustache', self.app.render((data), 'php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpcommon-php73.conf') 'file /etc/nginx/common/wpcommon-php73.conf')
wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'wpcommon-php7.mustache', self.app.render((data), 'wpcommon-php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpfc-php73.conf') 'file /etc/nginx/common/wpfc-php73.conf')
wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', wo_nginx = open('/etc/nginx/common/wpfc-php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'wpfc-php7.mustache', self.app.render((data), 'wpfc-php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpsc-php73.conf') 'file /etc/nginx/common/wpsc-php73.conf')
wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', wo_nginx = open('/etc/nginx/common/wpsc-php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'wpsc-php7.mustache', self.app.render((data), 'wpsc-php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php73.conf') 'file /etc/nginx/common/redis-php73.conf')
wo_nginx = open('/etc/nginx/common/redis-php73.conf', wo_nginx = open('/etc/nginx/common/redis-php73.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'redis-php7.mustache', self.app.render((data), 'redis-php7.mustache',
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
# Nginx-Plus does not have nginx # Nginx-Plus does not have nginx
# package structure like this # package structure like this
# So creating directories # So creating directories
if (set(["nginx-plus"]).issubset(set(apt_packages)) or if (set(["nginx"]).issubset(set(apt_packages))):
set(["nginx"]).issubset(set(apt_packages))): Log.info(self,
Log.info(self, "Installing WordOpsConfigurations for" "NGINX")
"Installing WordOpsConfigurations for" "NGINX") if not os.path.exists('/etc/nginx/sites-available'):
if not os.path.exists('/etc/nginx/sites-available'): Log.debug(self, 'Creating directory'
Log.debug(self, 'Creating directory' '/etc/nginx/sites-available')
'/etc/nginx/sites-available') os.makedirs('/etc/nginx/sites-available')
os.makedirs('/etc/nginx/sites-available')
if not os.path.exists('/etc/nginx/sites-enabled'): if not os.path.exists('/etc/nginx/sites-enabled'):
Log.debug(self, 'Creating directory' Log.debug(self, 'Creating directory'
'/etc/nginx/sites-available') '/etc/nginx/sites-available')
os.makedirs('/etc/nginx/sites-enabled') os.makedirs('/etc/nginx/sites-enabled')
# 22222 port settings # 22222 port settings
data = dict(webroot=WOVariables.wo_webroot)
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/sites-available/' 'file /etc/nginx/sites-available/'
'22222') '22222')
@@ -470,8 +488,7 @@ class WOStackController(CementBaseController):
WOGit.add(self, WOGit.add(self,
["/etc/nginx"], msg="Adding Nginx into Git") ["/etc/nginx"], msg="Adding Nginx into Git")
WOService.reload_service(self, 'nginx') WOService.reload_service(self, 'nginx')
if (set(["nginx-plus"]).issubset(set(apt_packages)) or if set(["nginx"]).issubset(set(apt_packages)):
set(["nginx"]).issubset(set(apt_packages))):
WOShellExec.cmd_exec(self, "sed -i -e 's/^user/#user/'" WOShellExec.cmd_exec(self, "sed -i -e 's/^user/#user/'"
" -e '/^#user/a user" " -e '/^#user/a user"
"\ www-data\;'" "\ www-data\;'"
@@ -485,28 +502,20 @@ class WOStackController(CementBaseController):
"\ \/etc\/nginx\/sites-enabled" "\ \/etc\/nginx\/sites-enabled"
"\/*;' /etc/nginx/nginx.conf") "\/*;' /etc/nginx/nginx.conf")
# WordOpsconfig for NGINX plus print("HTTP Auth User Name: WordOps" +
data['version'] = WOVariables.wo_version "\nHTTP Auth Password : {0}".format(passwd))
Log.debug(self, 'Writting for nginx plus configuration'
' to file /etc/nginx/conf.d/wo-plus.conf')
wo_nginx = open('/etc/nginx/conf.d/wo-plus.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'wo-plus.mustache',
out=wo_nginx)
wo_nginx.close()
print("HTTP Auth User Name: WordOps"
+ "\nHTTP Auth Password : {0}".format(passwd))
WOService.reload_service(self, 'nginx') WOService.reload_service(self, 'nginx')
else: else:
self.msg = (self.msg + ["HTTP Auth User Name: WordOps"] self.msg = (self.msg + ["HTTP Auth User "
+ ["HTTP Auth Password : {0}".format(passwd)]) "Name: WordOps"] +
["HTTP Auth Password : {0}".format(passwd)])
else: else:
WOService.restart_service(self, 'nginx') WOService.restart_service(self, 'nginx')
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/redis-php72.conf")): not os.path.isfile("/etc/nginx/common/"
"redis-php72.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
@@ -518,7 +527,8 @@ class WOStackController(CementBaseController):
wo_nginx.close() wo_nginx.close()
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/redis-php73.conf")): not os.path.isfile("/etc/nginx/common/"
"redis-php73.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php73.conf') 'file /etc/nginx/common/redis-php73.conf')
@@ -540,11 +550,18 @@ class WOStackController(CementBaseController):
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/conf.d/redis.conf")): not os.path.isfile("/etc/nginx/conf.d/redis.conf")):
with open("/etc/nginx/conf.d/redis.conf", "a") as redis_file: with open("/etc/nginx/conf.d/"
"redis.conf", "a") as redis_file:
redis_file.write("# Log format Settings\n" redis_file.write("# Log format Settings\n"
"log_format rt_cache_redis '$remote_addr $upstream_response_time $srcache_fetch_status [$time_local] '\n" "log_format rt_cache_redis "
"'$http_host \"$request\" $status $body_bytes_sent '\n" "'$remote_addr "
"'\"$http_referer\" \"$http_user_agent\"';\n") "$upstream_response_time "
"$srcache_fetch_status "
"[$time_local] '\n"
"'$http_host \"$request\" $status"
" $body_bytes_sent '\n"
"'\"$http_referer\" "
"\"$http_user_agent\"';\n")
# setup nginx common folder for php7 # setup nginx common folder for php7
if self.app.pargs.php73: if self.app.pargs.php73:
if (os.path.isdir("/etc/nginx/common") and if (os.path.isdir("/etc/nginx/common") and
@@ -591,7 +608,8 @@ class WOStackController(CementBaseController):
wo_nginx.close() wo_nginx.close()
if (os.path.isdir("/etc/nginx/common") and if (os.path.isdir("/etc/nginx/common") and
not os.path.isfile("/etc/nginx/common/redis-php73.conf")): not os.path.isfile("/etc/nginx/common/"
"redis-php73.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php73.conf') 'file /etc/nginx/common/redis-php73.conf')
@@ -602,15 +620,20 @@ class WOStackController(CementBaseController):
wo_nginx.close() wo_nginx.close()
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/upstream.conf", if not WOFileUtils.grep(self, "/etc/nginx/conf.d/"
"upstream.conf",
"php73"): "php73"):
with open("/etc/nginx/conf.d/upstream.conf", "a") as php_file: with open("/etc/nginx/conf.d/"
php_file.write("upstream php73 {\nserver unix:/var/run/php/php73-fpm.sock;\n}\n" "upstream.conf", "a") as php_file:
"upstream debug73 {\nserver 127.0.0.1:9173;\n}\n") php_file.write("upstream php73 {\nserver unix:"
"/var/run/php/php73-fpm.sock;\n}\n"
"upstream debug73 {\nserver "
"127.0.0.1:9173;\n}\n")
if set(WOVariables.wo_redis).issubset(set(apt_packages)): if set(WOVariables.wo_redis).issubset(set(apt_packages)):
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/redis-php72.conf")): not os.path.isfile("/etc/nginx/common/"
"redis-php72.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
@@ -655,13 +678,22 @@ class WOStackController(CementBaseController):
# Parse etc/php/7.2/fpm/php.ini # Parse etc/php/7.2/fpm/php.ini
config = configparser.ConfigParser() config = configparser.ConfigParser()
Log.debug(self, "configuring php file /etc/php/7.2/fpm/php.ini") Log.debug(self, "configuring php file "
"/etc/php/7.2/fpm/php.ini")
config.read('/etc/php/7.2/fpm/php.ini') config.read('/etc/php/7.2/fpm/php.ini')
config['PHP']['expose_php'] = 'Off' config['PHP']['expose_php'] = 'Off'
config['PHP']['post_max_size'] = '100M' config['PHP']['post_max_size'] = '100M'
config['PHP']['upload_max_filesize'] = '100M' config['PHP']['upload_max_filesize'] = '100M'
config['PHP']['max_execution_time'] = '300' config['PHP']['max_execution_time'] = '300'
config['PHP']['date.timezone'] = WOVariables.wo_timezone config['PHP']['max_input_vars'] = '20000'
config['Date']['date.timezone'] = WOVariables.wo_timezone
config['opcache']['opcache.enable'] = '1'
config['opcache']['opcache.interned_strings_buffer'] = '8'
config['opcache']['opcache.max_accelerated_files'] = '10000'
config['opcache']['opcache.memory_consumption'] = '256'
config['opcache']['opcache.save_comments'] = '1'
config['opcache']['opcache.revalidate_freq'] = '2'
config['opcache']['opcache.validate_timestamps'] = '1'
with open('/etc/php/7.2/fpm/php.ini', with open('/etc/php/7.2/fpm/php.ini',
encoding='utf-8', mode='w') as configfile: encoding='utf-8', mode='w') as configfile:
Log.debug(self, "Writting php configuration into " Log.debug(self, "Writting php configuration into "
@@ -681,27 +713,44 @@ class WOStackController(CementBaseController):
# Parse /etc/php/7.2/fpm/pool.d/www.conf # Parse /etc/php/7.2/fpm/pool.d/www.conf
config = configparser.ConfigParser() config = configparser.ConfigParser()
config.read_file(codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', config.read_file(codecs.open('/etc/php/7.2/fpm/'
'pool.d/www.conf',
"r", "utf8")) "r", "utf8"))
config['www']['ping.path'] = '/ping' config['www']['ping.path'] = '/ping'
config['www']['pm.status_path'] = '/status' config['www']['pm.status_path'] = '/status'
config['www']['pm.max_requests'] = '100' config['www']['pm.max_requests'] = '1500'
config['www']['pm.max_children'] = '25' config['www']['pm.max_children'] = '50'
config['www']['pm.start_servers'] = '5' config['www']['pm.start_servers'] = '10'
config['www']['pm.min_spare_servers'] = '2' config['www']['pm.min_spare_servers'] = '5'
config['www']['pm.max_spare_servers'] = '5' config['www']['pm.max_spare_servers'] = '15'
config['www']['request_terminate_timeout'] = '100' config['www']['request_terminate_timeout'] = '300'
config['www']['pm'] = 'ondemand' config['www']['pm'] = 'ondemand'
config['www']['chdir'] = '/' config['www']['chdir'] = '/'
config['www']['prefix'] = '/var/run/php' config['www']['prefix'] = '/var/run/php'
config['www']['listen'] = 'php72-fpm.sock' config['www']['listen'] = 'php72-fpm.sock'
config['www']['listen.mode'] = '0660'
config['www']['listen.backlog'] = '32768' config['www']['listen.backlog'] = '32768'
config['www']['catch_workers_output'] = 'yes'
with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf', with codecs.open('/etc/php/7.2/fpm/pool.d/www.conf',
encoding='utf-8', mode='w') as configfile: encoding='utf-8', mode='w') as configfile:
Log.debug(self, "Writing PHP 7.2 configuration into " Log.debug(self, "Writing PHP 7.2 configuration into "
"/etc/php/7.2/fpm/pool.d/www.conf") "/etc/php/7.2/fpm/pool.d/www.conf")
config.write(configfile) config.write(configfile)
# Generate /etc/php/7.2/fpm/pool.d/www-two.conf
WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf",
"/etc/php/7.2/fpm/pool.d/www-two.conf")
WOFileUtils.searchreplace(self, "/etc/php/7.2/fpm/pool.d/"
"www-two.conf", "[www]", "[www-two]")
config = configparser.ConfigParser()
config.read('/etc/php/7.2/fpm/pool.d/www-two.conf')
config['www-two']['listen'] = 'php72-two-fpm.sock'
with open('/etc/php/7.2/fpm/pool.d/www-two.conf',
encoding='utf-8', mode='w') as confifile:
Log.debug(self, "writting PHP7.2 configuration into "
"/etc/php/7.2/fpm/pool.d/www-two.conf")
config.write(confifile)
# Generate /etc/php/7.2/fpm/pool.d/debug.conf # Generate /etc/php/7.2/fpm/pool.d/debug.conf
WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf",
"/etc/php/7.2/fpm/pool.d/debug.conf") "/etc/php/7.2/fpm/pool.d/debug.conf")
@@ -729,8 +778,11 @@ class WOStackController(CementBaseController):
"profiler_enable] = off\n") "profiler_enable] = off\n")
# Disable xdebug # Disable xdebug
if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\' /etc/php/7.2/mods-available/xdebug.ini"): if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'"
WOFileUtils.searchreplace(self, "/etc/php/7.2/mods-available/" " /etc/php/7.2/mods-available/"
"xdebug.ini"):
WOFileUtils.searchreplace(self, "/etc/php/7.2/"
"mods-available/"
"xdebug.ini", "xdebug.ini",
"zend_extension", "zend_extension",
";zend_extension") ";zend_extension")
@@ -781,13 +833,22 @@ class WOStackController(CementBaseController):
# Parse etc/php/7.3/fpm/php.ini # Parse etc/php/7.3/fpm/php.ini
config = configparser.ConfigParser() config = configparser.ConfigParser()
Log.debug(self, "configuring php file /etc/php/7.3/fpm/php.ini") Log.debug(self, "configuring php file /etc/php/7.3/"
"fpm/php.ini")
config.read('/etc/php/7.3/fpm/php.ini') config.read('/etc/php/7.3/fpm/php.ini')
config['PHP']['expose_php'] = 'Off' config['PHP']['expose_php'] = 'Off'
config['PHP']['post_max_size'] = '100M' config['PHP']['post_max_size'] = '100M'
config['PHP']['upload_max_filesize'] = '100M' config['PHP']['upload_max_filesize'] = '100M'
config['PHP']['max_execution_time'] = '300' config['PHP']['max_execution_time'] = '300'
config['PHP']['date.timezone'] = WOVariables.wo_timezone config['PHP']['max_input_vars'] = '20000'
config['Date']['date.timezone'] = WOVariables.wo_timezone
config['opcache']['opcache.enable'] = '1'
config['opcache']['opcache.interned_strings_buffer'] = '8'
config['opcache']['opcache.max_accelerated_files'] = '10000'
config['opcache']['opcache.memory_consumption'] = '256'
config['opcache']['opcache.save_comments'] = '1'
config['opcache']['opcache.revalidate_freq'] = '2'
config['opcache']['opcache.validate_timestamps'] = '1'
with open('/etc/php/7.3/fpm/php.ini', with open('/etc/php/7.3/fpm/php.ini',
encoding='utf-8', mode='w') as configfile: encoding='utf-8', mode='w') as configfile:
Log.debug(self, "Writting php configuration into " Log.debug(self, "Writting php configuration into "
@@ -806,27 +867,44 @@ class WOStackController(CementBaseController):
# Parse /etc/php/7.3/fpm/pool.d/www.conf # Parse /etc/php/7.3/fpm/pool.d/www.conf
config = configparser.ConfigParser() config = configparser.ConfigParser()
config.read_file(codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', config.read_file(codecs.open('/etc/php/7.3/fpm/'
'pool.d/www.conf',
"r", "utf8")) "r", "utf8"))
config['www']['ping.path'] = '/ping' config['www']['ping.path'] = '/ping'
config['www']['pm.status_path'] = '/status' config['www']['pm.status_path'] = '/status'
config['www']['pm.max_requests'] = '500' config['www']['pm.max_requests'] = '1500'
config['www']['pm.max_children'] = '100' config['www']['pm.max_children'] = '50'
config['www']['pm.start_servers'] = '20' config['www']['pm.start_servers'] = '10'
config['www']['pm.min_spare_servers'] = '10' config['www']['pm.min_spare_servers'] = '5'
config['www']['pm.max_spare_servers'] = '30' config['www']['pm.max_spare_servers'] = '15'
config['www']['request_terminate_timeout'] = '300' config['www']['request_terminate_timeout'] = '300'
config['www']['pm'] = 'ondemand' config['www']['pm'] = 'ondemand'
config['www']['chdir'] = '/' config['www']['chdir'] = '/'
config['www']['prefix'] = '/var/run/php' config['www']['prefix'] = '/var/run/php'
config['www']['listen'] = 'php73-fpm.sock' config['www']['listen'] = 'php73-fpm.sock'
config['www']['listen.mode'] = '0660'
config['www']['listen.backlog'] = '32768' config['www']['listen.backlog'] = '32768'
config['www']['catch_workers_output'] = 'yes'
with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf',
encoding='utf-8', mode='w') as configfile: encoding='utf-8', mode='w') as configfile:
Log.debug(self, "writting PHP 7.3 configuration into " Log.debug(self, "writting PHP 7.3 configuration into "
"/etc/php/7.3/fpm/pool.d/www.conf") "/etc/php/7.3/fpm/pool.d/www.conf")
config.write(configfile) config.write(configfile)
# Generate /etc/php/7.3/fpm/pool.d/www-two.conf
WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf",
"/etc/php/7.3/fpm/pool.d/www-two.conf")
WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/"
"www-two.conf", "[www]", "[www-two]")
config = configparser.ConfigParser()
config.read('/etc/php/7.3/fpm/pool.d/www-two.conf')
config['www-two']['listen'] = 'php73-two-fpm.sock'
with open('/etc/php/7.3/fpm/pool.d/www-two.conf',
encoding='utf-8', mode='w') as confifile:
Log.debug(self, "writting PHP7.3 configuration into "
"/etc/php/7.3/fpm/pool.d/www-two.conf")
config.write(confifile)
# Generate /etc/php/7.3/fpm/pool.d/debug.conf # Generate /etc/php/7.3/fpm/pool.d/debug.conf
WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf",
"/etc/php/7.3/fpm/pool.d/debug.conf") "/etc/php/7.3/fpm/pool.d/debug.conf")
@@ -854,8 +932,11 @@ class WOStackController(CementBaseController):
"profiler_enable] = off\n") "profiler_enable] = off\n")
# Disable xdebug # Disable xdebug
if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\' /etc/php/7.3/mods-available/xdebug.ini"): if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'"
WOFileUtils.searchreplace(self, "/etc/php/7.3/mods-available/" " /etc/php/7.3/mods-available"
"/xdebug.ini"):
WOFileUtils.searchreplace(self, "/etc/php/7.3/"
"mods-available/"
"xdebug.ini", "xdebug.ini",
"zend_extension", "zend_extension",
";zend_extension") ";zend_extension")

7
wo/cli/plugins/stack_migrate.py
View File

@@ -21,7 +21,7 @@ class WOStackMigrateController(CementBaseController):
(['--mariadb'], (['--mariadb'],
dict(help="Migrate database to MariaDB", dict(help="Migrate database to MariaDB",
action='store_true')), action='store_true')),
] ]
@expose(hide=True) @expose(hide=True)
def migrate_mariadb(self): def migrate_mariadb(self):
@@ -97,10 +97,11 @@ class WOStackMigrateController(CementBaseController):
self.app.args.print_help() self.app.args.print_help()
if self.app.pargs.mariadb: if self.app.pargs.mariadb:
if WOVariables.wo_mysql_host is not "localhost": if WOVariables.wo_mysql_host is not "localhost":
Log.error(self, "Remote MySQL server in use, skipping local install") Log.error(
self, "Remote MySQL server in use, skipping local install")
if WOShellExec.cmd_exec(self, "mysqladmin ping") and (not if WOShellExec.cmd_exec(self, "mysqladmin ping") and (not
WOAptGet.is_installed(self, 'mariadb-server')): WOAptGet.is_installed(self, 'mariadb-server')):
Log.info(self, "If your database size is big, " Log.info(self, "If your database size is big, "
"migration may take some time.") "migration may take some time.")

11
wo/cli/plugins/stack_upgrade.py
View File

@@ -41,7 +41,7 @@ class WOStackUpgradeController(CementBaseController):
(['--no-prompt'], (['--no-prompt'],
dict(help="Upgrade Packages without any prompt", dict(help="Upgrade Packages without any prompt",
action='store_true')), action='store_true')),
] ]
@expose(hide=True) @expose(hide=True)
def upgrade_php56(self): def upgrade_php56(self):
@@ -72,7 +72,8 @@ class WOStackUpgradeController(CementBaseController):
WOAptGet.update(self) WOAptGet.update(self)
Log.info(self, "Installing packages, please wait ...") Log.info(self, "Installing packages, please wait ...")
if (WOVariables.wo_platform_distro == 'ubuntu'): if (WOVariables.wo_platform_distro == 'ubuntu'):
WOAptGet.install(self, WOVariables.wo_php + WOVariables.wo_php_extra) WOAptGet.install(self, WOVariables.wo_php +
WOVariables.wo_php_extra)
else: else:
WOAptGet.install(self, WOVariables.wo_php) WOAptGet.install(self, WOVariables.wo_php)
@@ -86,9 +87,9 @@ class WOStackUpgradeController(CementBaseController):
packages = [] packages = []
if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and
(not self.app.pargs.php) and (not self.app.pargs.mysql) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and
(not self.app.pargs.all) and (not self.app.pargs.wpcli) and (not self.app.pargs.all) and (not self.app.pargs.wpcli) and
(not self.app.pargs.redis) and (not self.app.pargs.nginxmainline)): (not self.app.pargs.redis) and (not self.app.pargs.nginxmainline)):
self.app.pargs.web = True self.app.pargs.web = True
if self.app.pargs.all: if self.app.pargs.all:

13
wo/cli/plugins/sync.py
View File

@@ -44,21 +44,22 @@ class WOSyncController(CementBaseController):
if site.site_type != 'mysql': if site.site_type != 'mysql':
Log.debug(self, "Searching wp-config.php in {0}/htdocs/ " Log.debug(self, "Searching wp-config.php in {0}/htdocs/ "
.format(wo_site_webroot)) .format(wo_site_webroot))
configfiles = glob.glob(wo_site_webroot + '/htdocs/wp-config.php') configfiles = glob.glob(
wo_site_webroot + '/htdocs/wp-config.php')
if configfiles: if configfiles:
if WOFileUtils.isexist(self, configfiles[0]): if WOFileUtils.isexist(self, configfiles[0]):
wo_db_name = (WOFileUtils.grep(self, configfiles[0], wo_db_name = (WOFileUtils.grep(self, configfiles[0],
'DB_NAME').split(',')[1] 'DB_NAME').split(',')[1]
.split(')')[0].strip().replace('\'', '')) .split(')')[0].strip().replace('\'', ''))
wo_db_user = (WOFileUtils.grep(self, configfiles[0], wo_db_user = (WOFileUtils.grep(self, configfiles[0],
'DB_USER').split(',')[1] 'DB_USER').split(',')[1]
.split(')')[0].strip().replace('\'', '')) .split(')')[0].strip().replace('\'', ''))
wo_db_pass = (WOFileUtils.grep(self, configfiles[0], wo_db_pass = (WOFileUtils.grep(self, configfiles[0],
'DB_PASSWORD').split(',')[1] 'DB_PASSWORD').split(',')[1]
.split(')')[0].strip().replace('\'', '')) .split(')')[0].strip().replace('\'', ''))
wo_db_host = (WOFileUtils.grep(self, configfiles[0], wo_db_host = (WOFileUtils.grep(self, configfiles[0],
'DB_HOST').split(',')[1] 'DB_HOST').split(',')[1]
.split(')')[0].strip().replace('\'', '')) .split(')')[0].strip().replace('\'', ''))
# Check if database really exist # Check if database really exist
@@ -84,7 +85,7 @@ class WOSyncController(CementBaseController):
db_host=wo_db_host) db_host=wo_db_host)
else: else:
Log.debug(self, "Config files not found for {0} " Log.debug(self, "Config files not found for {0} "
.format(site.sitename)) .format(site.sitename))
def load(app): def load(app):

31
wo/cli/templates/stub_status.mustache Normal file
View File

@@ -0,0 +1,31 @@
# Stub status NGINX CONFIGURATION
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
{{#phpconf}}
upstream phpstatus {
server unix:/run/php/php7.2-fpm.sock;
}
{{/phpconf}}
server {
listen 127.0.0.1:80;
server_name 127.0.0.1 localhost;
access_log off;
log_not_found off;
root /var/www/html;
location ~ /(stub_status|nginx_status) {
stub_status on;
allow 127.0.0.1;
deny all;
access_log off;
log_not_found off;
}
{{#phpconf}}
location ~ /(status|ping) {
include fastcgi_params;
allow 127.0.0.1;
deny all;
fastcgi_pass phpstatus;
access_log off;
log_not_found off;
}
{{/phpconf}}
}

11
wo/cli/templates/upstream.mustache
View File

@@ -30,7 +30,12 @@ server 127.0.0.1:{{debug7}};
# PHP 7.2 upstream with load-balancing on two unix sockets # PHP 7.2 upstream with load-balancing on two unix sockets
upstream php72 { upstream php72 {
least_conn;
server unix:/var/run/php/php72-fpm.sock; server unix:/var/run/php/php72-fpm.sock;
server unix:/var/run/php/php72-two-fpm.sock;
keepalive 5;
} }
# PHP 7.2 debug # PHP 7.2 debug
@@ -45,7 +50,12 @@ server 127.0.0.1:9172;
# PHP 7.3 upstream with load-balancing on two unix sockets # PHP 7.3 upstream with load-balancing on two unix sockets
upstream php73 { upstream php73 {
least_conn;
server unix:/var/run/php/php73-fpm.sock; server unix:/var/run/php/php73-fpm.sock;
server unix:/var/run/php/php73-two-fpm.sock;
keepalive 5;
} }
# PHP 7.3 debug # PHP 7.3 debug
@@ -63,4 +73,3 @@ upstream netdata {
server 127.0.0.1:19999; server 127.0.0.1:19999;
keepalive 64; keepalive 64;
} }

17
wo/cli/templates/virtualconf-php7.mustache
View File

@@ -25,12 +25,23 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
} }
# Security settings for better privacy
# Deny hidden files
location ~ /\.(?!well-known\/) {
deny all;
}
# letsencrypt validation
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
allow all;
}
{{/proxy}} {{/proxy}}
{{^proxy}} {{^proxy}}
root {{webroot}}/htdocs; root {{webroot}}/htdocs;
{{^proxy}}index {{^static}}index.php{{/static}} index.html index.htm;{{/proxy}} index {{^static}}index.php{{/static}} index.html index.htm;
{{#static}} {{#static}}
location / { location / {
@@ -41,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php73.conf;{{/wp}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}}
{{^proxy}}include common/locations-php73.conf;{{/proxy}} include common/locations-php73.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf; include {{webroot}}/conf/nginx/*.conf;
{{/proxy}}
} }

17
wo/cli/templates/virtualconf.mustache
View File

@@ -25,12 +25,23 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
} }
# Security settings for better privacy
# Deny hidden files
location ~ /\.(?!well-known\/) {
deny all;
}
# letsencrypt validation
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
allow all;
}
{{/proxy}} {{/proxy}}
{{^proxy}} {{^proxy}}
root {{webroot}}/htdocs; root {{webroot}}/htdocs;
{{^proxy}}index {{^static}}index.php{{/static}} index.html index.htm;{{/proxy}} index {{^static}}index.php{{/static}} index.html index.htm;
{{#static}} {{#static}}
location / { location / {
@@ -41,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php72.conf;{{/wp}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}}
{{^proxy}}include common/locations-php72.conf;{{/proxy}} include common/locations-php72.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf; include {{webroot}}/conf/nginx/*.conf;
{{/proxy}}
} }