Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #28 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-03-08 12:39:29 +01:00
committed by GitHub
parent cec1185ac8 17b69ae306
commit bfb84b62fc
5 changed files with 347 additions and 304 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -10,6 +10,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
-
#### Fixed
- Fix Nginx ssl_ciphers
### v3.9.3 - 2019-03-07
#### Changed

36
install
View File

@@ -10,7 +10,7 @@
# Version 3.9.3 - 2019-03-05
# -------------------------------------------------------------------------
readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.3"
readonly wo_version_new="3.9.3.1"
# CONTENTS
# ---
# 1. VARIABLES AND DECLARATIONS
@@ -125,29 +125,23 @@ fi
####
wo_install_dep()
{
echo -ne "${TPUT_ECHO}Installing dependencies ${TPUT_RESET}[..]\r"
if {
{
if [ "$wo_linux_distro" == "Ubuntu" ]; then
apt-get -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 > /dev/null 2>&1
else
apt-get -y install build-essential curl gzip dirmngr python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 > /dev/null 2>&1
fi
}; then echo -ne "${TPUT_ECHO}Installing dependencies ${TPUT_RESET}[OK]\r"
echo -ne '\n'
else
echo -e "${TPUT_FAIL}Installing dependencies ${TPUT_RESET}[FAIL]"
echo -ne '\n'
fi
locale-gen en &>> /dev/null
locale-gen en
} >> /var/log/wo/install.log 2>&1
# Support PFS
if [ -f /etc/nginx/nginx.conf ]; then
# Replace the default ciphers
sed -i 's/HIGH:!aNULL:!MD5:!kEDH;/EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;/' /etc/nginx/nginx.conf
# Replace the EasyEngine ciphers
sed -i 's/ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;/EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;/' /etc/nginx/nginx.conf
# Replace previous ciphers
new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
# Change the TLS protocols
sed -i 's/TLSv1 TLSv1.1 TLSv1.2;/TLSv1.2;/g' /etc/nginx/nginx.conf
sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf
fi
# Let's Encrypt .well-known folder setup
@@ -349,7 +343,6 @@ wo_update_wp_cli()
# Now, finally, let's install WordOps
wo_install()
{
echo -ne "${TPUT_ECHO}Installing Wordops $wo_branch ${TPUT_RESET}[..]\r"
{
rm -rf /tmp/easyengine
rm -rf /tmp/wordops
@@ -361,10 +354,9 @@ wo_install()
git clone -b "$wo_branch" https://github.com/WordOps/WordOps.git /tmp/wordops --quiet
cd /tmp/wordops || exit 1
python3 setup.py install
} >> /var/log/wo/install.log 2>&1;
echo -ne "${TPUT_ECHO}Installing Wordops $wo_branch ${TPUT_RESET}[OK]\r"
echo -ne '\n'
python3 setup.py install
}
@@ -689,14 +681,14 @@ else
fi
else
# 3 - Fresh WO setup
wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log
wo_install_dep | tee -ai $wo_install_log
wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log
wo_install | tee -ai $wo_install_log
echo -ne "${TPUT_ECHO}Running post-install steps ${TPUT_RESET}[..]\r"
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
secure_wo_db | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log
echo -ne "${TPUT_ECHO}Running post-install steps ${TPUT_RESET}[OK]\r"
echo -ne '\n'
fi
fi

62
wo/cli/plugins/site.py
View File

@@ -335,6 +335,8 @@ class WOSiteCreateController(CementBaseController):
dict(help="create HHVM site", action='store_true')),
(['-le', '--letsencrypt'],
dict(help="configure letsencrypt ssl for the site", action='store_true')),
(['--subdomain'],
dict(help="specify the site is a subdomain for letsencrypt", action='store_true')),
(['--user'],
dict(help="provide user for wordpress site")),
(['--email'],
@@ -711,34 +713,16 @@ class WOSiteCreateController(CementBaseController):
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
if self.app.pargs.letsencrypt:
if (self.app.pargs.experimental):
if stype in ['wpsubdomain']:
Log.warn(
self, "Wildcard domains are not supported in Lets Encrypt.\nWP SUBDOMAIN site will get SSL for primary site only.")
Log.info(self, "Letsencrypt is currently in beta phase."
" \nDo you wish"
" to enable SSl now for {0}?".format(wo_domain))
# Check prompt
check_prompt = input("Type \"y\" to continue [n]:")
if check_prompt != "Y" and check_prompt != "y":
data['letsencrypt'] = False
letsencrypt = False
else:
data['letsencrypt'] = True
letsencrypt = True
else:
data['letsencrypt'] = True
letsencrypt = True
if self.app.pargs.letsencrypt and (not self.app.pargs.subdomain):
if stype in ['wpsubdomain']:
Log.warn(
self, "Wildcard domains are not supported in Lets Encrypt.\nWP SUBDOMAIN site will get SSL for primary site only.")
data['letsencrypt'] = True
letsencrypt = True
if data['letsencrypt'] is True:
setupLetsEncrypt(self, wo_domain)
httpsRedirect(self, wo_domain)
Log.info(self, "Creating Cron Job for cert auto-renewal")
WOCron.setcron_weekly(self, 'wo site update --le=renew --all 2> /dev/null'.format(wo_domain), 'Renew all'
' letsencrypt SSL cert. Set by WordOps')
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
@@ -747,12 +731,30 @@ class WOSiteCreateController(CementBaseController):
Log.info(self, "Congratulations! Successfully Configured SSl for Site "
" https://{0}".format(wo_domain))
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.")
else:
Log.warn(
self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
# Add nginx conf folder into GIT
WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)],
msg="Adding letsencrypts config of site: {0}"
.format(wo_domain))
updateSiteInfo(self, wo_domain, ssl=letsencrypt)
elif data['letsencrypt'] is False:
Log.info(self, "Not using Let\'s encrypt for Site "
" http://{0}".format(wo_domain))
if self.app.pargs.letsencrypt and self.app.pargs.subdomain:
data['letsencrypt'] = True
letsencrypt = True
if data['letsencrypt'] is True:
setupLetsEncryptSubdomain(self, wo_domain)
httpsRedirect(self, wo_domain)
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site "
" https://{0}".format(wo_domain))
# Add nginx conf folder into GIT
WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)],

406
wo/cli/plugins/site_functions.py
View File

@@ -24,6 +24,7 @@ import platform
class SiteError(Exception):
"""Custom Exception Occured when setting up site"""
def __init__(self, message):
self.message = message
@@ -74,10 +75,10 @@ def setupdomain(self, data):
mode='w')
if not data['php73']:
self.app.render((data), 'virtualconf.mustache',
out=wo_site_nginx_conf)
out=wo_site_nginx_conf)
else:
self.app.render((data), 'virtualconf-php7.mustache',
out=wo_site_nginx_conf)
out=wo_site_nginx_conf)
wo_site_nginx_conf.close()
except IOError as e:
Log.debug(self, "{0}".format(e))
@@ -133,7 +134,7 @@ def setupdomain(self, data):
finally:
# TODO Check if directories are setup
if (os.path.exists('{0}/htdocs'.format(wo_site_webroot)) and
os.path.exists('{0}/logs'.format(wo_site_webroot))):
os.path.exists('{0}/logs'.format(wo_site_webroot))):
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
else:
Log.info(self, "[" + Log.ENDC + "Fail" + Log.OKBLUE + "]")
@@ -143,7 +144,7 @@ def setupdomain(self, data):
def setupdatabase(self, data):
wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15)))
string.ascii_lowercase + string.digits, 15)))
wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -244,7 +245,7 @@ def setupwordpress(self, data):
wo_wp_email = self.app.config.get('wordpress', 'email')
# Random characters
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15)))
string.ascii_lowercase + string.digits, 15)))
wo_wp_prefix = ''
# wo_wp_user = ''
# wo_wp_pass = ''
@@ -260,10 +261,11 @@ def setupwordpress(self, data):
WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot))
try:
if WOShellExec.cmd_exec(self, "wp --allow-root core"
" download"):
" download"):
pass
else:
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]")
Log.info(self, "[" + Log.ENDC + Log.FAIL +
"Fail" + Log.OKBLUE + "]")
raise SiteError("download WordPress core failed")
except CommandExecutionError as e:
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]")
@@ -312,8 +314,8 @@ def setupwordpress(self, data):
+ "--dbname=\'{0}\' --dbprefix=\'{1}\' "
"--dbuser=\'{2}\' --dbhost=\'{3}\' "
.format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_user'], data['wo_db_host']
)
data['wo_db_user'], data['wo_db_host']
)
+ "--dbpass=\'{0}\' "
"--extra-php<<PHP \n {1} {redissalt}\nPHP\""
.format(data['wo_db_pass'],
@@ -321,13 +323,13 @@ def setupwordpress(self, data):
redissalt="\n\ndefine( \'WP_CACHE_KEY_SALT\', \'{0}:\' );"
.format(wo_domain_name) if data['wpredis']
else ''),
log=False
):
log=False
):
pass
else:
raise SiteError("generate wp-config failed for wp single site")
except CommandExecutionError as e:
raise SiteError("generate wp-config failed for wp single site")
raise SiteError("generate wp-config failed for wp single site")
else:
Log.debug(self, "Generating wp-config for WordPress multisite")
Log.debug(self, "bash -c \"php {0} --allow-root "
@@ -365,7 +367,7 @@ def setupwordpress(self, data):
else:
raise SiteError("generate wp-config failed for wp multi site")
except CommandExecutionError as e:
raise SiteError("generate wp-config failed for wp multi site")
raise SiteError("generate wp-config failed for wp multi site")
# WOFileUtils.mvfile(self, os.getcwd()+'/wp-config.php',
# os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
@@ -373,11 +375,13 @@ def setupwordpress(self, data):
try:
import shutil
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))))
shutil.move(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd(
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))))
shutil.move(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
except Exception as e:
Log.error(self, 'Unable to move file from {0} to {1}'
.format(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))), False)
.format(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))), False)
raise SiteError("Unable to move wp-config.php")
if not wo_wp_user:
@@ -425,17 +429,18 @@ def setupwordpress(self, data):
.format(wo_wp_pass, wo_wp_email))
try:
if WOShellExec.cmd_exec(self, "php {0} --allow-root core "
.format(WOVariables.wo_wpcli_path)
+ "install --url=\'{0}\' --title=\'{0}\' "
"--admin_name=\'{1}\' "
.format(data['www_domain'], wo_wp_user)
+ "--admin_password=\'{0}\' "
"--admin_email=\'{1}\'"
.format(wo_wp_pass, wo_wp_email),
log=False):
.format(WOVariables.wo_wpcli_path)
+ "install --url=\'{0}\' --title=\'{0}\' "
"--admin_name=\'{1}\' "
.format(data['www_domain'], wo_wp_user)
+ "--admin_password=\'{0}\' "
"--admin_email=\'{1}\'"
.format(wo_wp_pass, wo_wp_email),
log=False):
pass
else:
raise SiteError("setup WordPress tables failed for single site")
raise SiteError(
"setup WordPress tables failed for single site")
except CommandExecutionError as e:
raise SiteError("setup WordPress tables failed for single site")
else:
@@ -452,21 +457,22 @@ def setupwordpress(self, data):
if not data['wpsubdir'] else ''))
try:
if WOShellExec.cmd_exec(self, "php {0} --allow-root "
.format(WOVariables.wo_wpcli_path)
+ "core multisite-install "
"--url=\'{0}\' --title=\'{0}\' "
"--admin_name=\'{1}\' "
.format(data['www_domain'], wo_wp_user)
+ "--admin_password=\'{0}\' "
"--admin_email=\'{1}\' "
"{subdomains}"
.format(wo_wp_pass, wo_wp_email,
subdomains='--subdomains'
if not data['wpsubdir'] else ''),
log=False):
.format(WOVariables.wo_wpcli_path)
+ "core multisite-install "
"--url=\'{0}\' --title=\'{0}\' "
"--admin_name=\'{1}\' "
.format(data['www_domain'], wo_wp_user)
+ "--admin_password=\'{0}\' "
"--admin_email=\'{1}\' "
"{subdomains}"
.format(wo_wp_pass, wo_wp_email,
subdomains='--subdomains'
if not data['wpsubdir'] else ''),
log=False):
pass
else:
raise SiteError("setup WordPress tables failed for wp multi site")
raise SiteError(
"setup WordPress tables failed for wp multi site")
except CommandExecutionError as e:
raise SiteError("setup WordPress tables failed for wp multi site")
@@ -483,10 +489,12 @@ def setupwordpress(self, data):
installwp_plugin(self, 'nginx-helper', data)
if data['wpfc']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data)
setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
elif data['wpredis']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data)
setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
"""Install Wp Super Cache"""
if data['wpsc']:
@@ -508,13 +516,14 @@ def setupwordpressnetwork(self, data):
Log.info(self, "Setting up WordPress Network \t", end='')
try:
if WOShellExec.cmd_exec(self, 'wp --allow-root core multisite-convert'
' --title=\'{0}\' {subdomains}'
.format(data['www_domain'],
subdomains='--subdomains'
if not data['wpsubdir'] else '')):
' --title=\'{0}\' {subdomains}'
.format(data['www_domain'],
subdomains='--subdomains'
if not data['wpsubdir'] else '')):
pass
else:
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]")
Log.info(self, "[" + Log.ENDC + Log.FAIL +
"Fail" + Log.OKBLUE + "]")
raise SiteError("setup WordPress network failed")
except CommandExecutionError as e:
@@ -591,7 +600,7 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data):
WOShellExec.cmd_exec(self, "php {0} "
.format(WOVariables.wo_wpcli_path)
+ "--allow-root network meta update 1 "
"{0} \'{1}\' --format=json"
"{0} \'{1}\' --format=json"
.format(plugin_option, plugin_data
))
except CommandExecutionError as e:
@@ -620,7 +629,8 @@ def sitebackup(self, data):
if data['currsitetype'] in ['html', 'php', 'proxy', 'mysql']:
if data['php73'] is True and not data['wp']:
Log.info(self, "Backing up Webroot \t\t", end='')
WOFileUtils.copyfiles(self, wo_site_webroot + '/htdocs', backup_path + '/htdocs')
WOFileUtils.copyfiles(self, wo_site_webroot +
'/htdocs', backup_path + '/htdocs')
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
else:
Log.info(self, "Backing up Webroot \t\t", end='')
@@ -631,12 +641,12 @@ def sitebackup(self, data):
if not configfiles:
# search for wp-config.php inside htdocs/
Log.debug(self, "Config files not found in {0}/ "
.format(wo_site_webroot))
.format(wo_site_webroot))
if data['currsitetype'] in ['mysql']:
pass
else:
Log.debug(self, "Searching wp-config.php in {0}/htdocs/ "
.format(wo_site_webroot))
.format(wo_site_webroot))
configfiles = glob.glob(wo_site_webroot + '/htdocs/wp-config.php')
# if configfiles and WOFileUtils.isexist(self, configfiles[0]):
@@ -687,8 +697,8 @@ def site_package_check(self, stype):
stack.post_pref(apt, packages)
elif WOAptGet.is_installed(self, 'nginx'):
Log.info(self, "WordOps detected a previously installed Nginx package. "
"It may or may not have required modules. "
"\nIf you need help, please create an issue at https://github.com/WordOps/WordOps/issues/ \n")
"It may or may not have required modules. "
"\nIf you need help, please create an issue at https://github.com/WordOps/WordOps/issues/ \n")
apt = ["nginx"] + WOVariables.wo_nginx
# apt_packages = apt_packages + WOVariables.wo_nginx
stack.post_pref(apt, packages)
@@ -704,7 +714,8 @@ def site_package_check(self, stype):
'\t$request_filename;\n')
if self.app.pargs.php and self.app.pargs.php73:
Log.error(self, "Error: two different PHP versions cannot be combined within the same WordOps site")
Log.error(
self, "Error: two different PHP versions cannot be combined within the same WordOps site")
if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir', 'wpsubdomain']:
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
@@ -714,13 +725,13 @@ def site_package_check(self, stype):
else:
Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php
apt_packages = apt_packages + WOVariables.wo_php
if self.app.pargs.php73 and stype in ['mysql', 'wp', 'wpsubdir', 'wpsubdomain']:
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
@@ -749,7 +760,7 @@ def site_package_check(self, stype):
apt_packages = apt_packages + WOVariables.wo_redis
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-php72.conf")):
os.path.isfile("/etc/nginx/common/redis-php72.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -761,7 +772,7 @@ def site_package_check(self, stype):
wo_nginx.close()
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -783,7 +794,7 @@ def site_package_check(self, stype):
" keepalive 10;\n}")
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/conf.d/redis.conf")):
os.path.isfile("/etc/nginx/conf.d/redis.conf")):
with open("/etc/nginx/conf.d/redis.conf", "a") as redis_file:
redis_file.write("# Log format Settings\n"
"log_format rt_cache_redis '$remote_addr $upstream_response_time $srcache_fetch_status [$time_local] '\n"
@@ -798,7 +809,7 @@ def site_package_check(self, stype):
apt_packages = apt_packages + WOVariables.wo_hhvm
if os.path.isdir("/etc/nginx/common") and (not
os.path.isfile("/etc/nginx/common/php-hhvm.conf")):
os.path.isfile("/etc/nginx/common/php-hhvm.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php-hhvm.conf')
@@ -835,19 +846,19 @@ def site_package_check(self, stype):
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73
if os.path.isdir("/etc/nginx/common") and (not
os.path.isfile("/etc/nginx/common/php73.conf")):
os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w')
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
@@ -861,9 +872,9 @@ def site_package_check(self, stype):
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/wpcommon-php73.conf')
'file /etc/nginx/common/wpcommon-php73.conf')
wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf',
encoding='utf-8', mode='w')
encoding='utf-8', mode='w')
self.app.render((data), 'wpcommon-php7.mustache',
out=wo_nginx)
wo_nginx.close()
@@ -885,10 +896,10 @@ def site_package_check(self, stype):
wo_nginx.close()
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-php73.conf")):
os.path.isfile("/etc/nginx/common/redis-php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/redis-php73.conf')
'file /etc/nginx/common/redis-php73.conf')
wo_nginx = open('/etc/nginx/common/redis-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'redis-php7.mustache',
@@ -900,7 +911,7 @@ def site_package_check(self, stype):
"php73"):
with open("/etc/nginx/conf.d/upstream.conf", "a") as php_file:
php_file.write("upstream php73 {\nserver unix:/var/run/php/php73-fpm.sock;\n}\n"
"upstream debug73 {\nserver 127.0.0.1:9173;\n}\n")
"upstream debug73 {\nserver 127.0.0.1:9173;\n}\n")
return(stack.install(apt_packages=apt_packages, packages=packages,
disp_msg=False))
@@ -999,6 +1010,7 @@ def display_cache_settings(self, data):
"page=redis-cache".format(data['site_name']))
Log.info(self, "Object Cache:\t\tEnable")
def logwatch(self, logfiles):
import zlib
import base64
@@ -1035,81 +1047,82 @@ def detSitePar(opts):
cachelist = list()
for key, val in opts.items():
if val and key in ['html', 'php', 'mysql', 'wp',
'wpsubdir', 'wpsubdomain','php73']:
'wpsubdir', 'wpsubdomain', 'php73']:
typelist.append(key)
elif val and key in ['wpfc', 'wpsc', 'wpredis']:
cachelist.append(key)
if len(typelist) > 1 or len(cachelist) > 1:
if len(cachelist) > 1:
raise RuntimeError("Could not determine cache type.Multiple cache parameter entered")
elif False not in [x in ('php','mysql','html') for x in typelist]:
raise RuntimeError(
"Could not determine cache type.Multiple cache parameter entered")
elif False not in [x in ('php', 'mysql', 'html') for x in typelist]:
sitetype = 'mysql'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('php73','mysql','html') for x in typelist]:
elif False not in [x in ('php73', 'mysql', 'html') for x in typelist]:
sitetype = 'mysql'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('php','mysql') for x in typelist]:
elif False not in [x in ('php', 'mysql') for x in typelist]:
sitetype = 'mysql'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('php73','mysql') for x in typelist]:
elif False not in [x in ('php73', 'mysql') for x in typelist]:
sitetype = 'mysql'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('html','mysql') for x in typelist]:
elif False not in [x in ('html', 'mysql') for x in typelist]:
sitetype = 'mysql'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('php','html') for x in typelist]:
elif False not in [x in ('php', 'html') for x in typelist]:
sitetype = 'php'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('php73','html') for x in typelist]:
elif False not in [x in ('php73', 'html') for x in typelist]:
sitetype = 'php73'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('wp','wpsubdir') for x in typelist]:
elif False not in [x in ('wp', 'wpsubdir') for x in typelist]:
sitetype = 'wpsubdir'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('wp','wpsubdomain') for x in typelist]:
elif False not in [x in ('wp', 'wpsubdomain') for x in typelist]:
sitetype = 'wpsubdomain'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('wp','php73') for x in typelist]:
elif False not in [x in ('wp', 'php73') for x in typelist]:
sitetype = 'wp'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('wpsubdir','php73') for x in typelist]:
elif False not in [x in ('wpsubdir', 'php73') for x in typelist]:
sitetype = 'wpsubdir'
if not cachelist:
cachetype = 'basic'
else:
cachetype = cachelist[0]
elif False not in [x in ('wpsubdomain','php73') for x in typelist]:
elif False not in [x in ('wpsubdomain', 'php73') for x in typelist]:
sitetype = 'wpsubdomain'
if not cachelist:
cachetype = 'basic'
@@ -1136,7 +1149,7 @@ def detSitePar(opts):
def generate_random():
wo_random10 = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 10)))
string.ascii_lowercase + string.digits, 10)))
return wo_random10
@@ -1180,7 +1193,7 @@ def deleteWebRoot(self, webroot):
# do some preprocessing before proceeding
webroot = webroot.strip()
if (webroot == "/var/www/" or webroot == "/var/www"
or webroot == "/var/www/.." or webroot == "/var/www/."):
or webroot == "/var/www/.." or webroot == "/var/www/."):
Log.debug(self, "Tried to remove {0}, but didn't remove it"
.format(webroot))
return False
@@ -1197,15 +1210,15 @@ def deleteWebRoot(self, webroot):
def removeNginxConf(self, domain):
if os.path.isfile('/etc/nginx/sites-available/{0}'
.format(domain)):
Log.debug(self, "Removing Nginx configuration")
WOFileUtils.rm(self, '/etc/nginx/sites-enabled/{0}'
.format(domain))
WOFileUtils.rm(self, '/etc/nginx/sites-available/{0}'
.format(domain))
WOService.reload_service(self, 'nginx')
WOGit.add(self, ["/etc/nginx"],
msg="Deleted {0} "
.format(domain))
Log.debug(self, "Removing Nginx configuration")
WOFileUtils.rm(self, '/etc/nginx/sites-enabled/{0}'
.format(domain))
WOFileUtils.rm(self, '/etc/nginx/sites-available/{0}'
.format(domain))
WOService.reload_service(self, 'nginx')
WOGit.add(self, ["/etc/nginx"],
msg="Deleted {0} "
.format(domain))
def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
@@ -1229,50 +1242,100 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
raise SiteError("dbhost not provided")
deleteDB(self, dbname, dbuser, dbhost)
def setupLetsEncrypt(self, wo_domain_name):
wo_wp_email = WOVariables.wo_email
if os.path.isfile("/etc/letsencrypt/renewal/{0}.conf".format(wo_domain_name)):
if os.path.isfile("/root/.acme.sh/{0}_ecc/{0}.conf".format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}"
.format(wo_domain_name))
ssl= archivedCertificateHandle(self,wo_domain_name,wo_wp_email)
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name, wo_wp_email)
else:
Log.warn(self,"Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.")
ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone "
.format(wo_domain_name))
Log.warn(self, "Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.")
ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -d {0} -d www.{0} --standalone"
.format(wo_domain_name))
if ssl:
Log.info(self, "The HTTPS setup for your website is successfully completed!")
Log.info(self, "Your certificate and chain have been saved in "
"/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name))
"/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name))
Log.info(self, "Configuring nginx HTTPS configuration")
try:
Log.info(self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name))
Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name))
sslconf = open("/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
.format(wo_domain_name),
encoding='utf-8', mode='w')
sslconf.write("listen 443 ssl http2;\n"
"ssl on;\n"
"ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n"
"ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n"
.format(wo_domain_name))
"listen [::]:443 ssl http2;\n"
"ssl on;\n"
"ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n"
"ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n"
.format(wo_domain_name))
sslconf.close()
# updateSiteInfo(self, wo_domain_name, ssl=True)
WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder")
msg="Adding letsencrypt folder")
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"ssl.conf")
"ssl.conf")
else:
Log.error(self, "Unable to setup, Let\'s Encrypt", False)
Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.")
def setupLetsEncryptSubdomain(self, wo_domain_name):
wo_wp_email = WOVariables.wo_email
if os.path.isfile("/root/.acme.sh/{0}_ecc/{0}.conf".format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}"
.format(wo_domain_name))
else:
Log.warn(self, "Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.")
ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone"
.format(wo_domain_name))
if ssl:
Log.info(self, "The HTTPS setup for your website is successfully completed!")
Log.info(self, "Your certificate and chain have been saved in "
"/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name))
Log.info(self, "Configuring nginx HTTPS configuration")
try:
Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name))
sslconf = open("/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
sslconf.write("listen 443 ssl http2;\n"
"listen [::]:443 ssl http2;\n"
"ssl on;\n"
"ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n"
"ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n"
.format(wo_domain_name))
sslconf.close()
# updateSiteInfo(self, wo_domain_name, ssl=True)
WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder")
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"ssl.conf")
else:
Log.error(self, "Unable to setup, Let\'s Encrypt", False)
Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.")
def renewLetsEncrypt(self, wo_domain_name):
wo_wp_email = WOVariables.wo_email
@@ -1285,108 +1348,117 @@ def renewLetsEncrypt(self, wo_domain_name):
Log.info(self, "Renewing SSl cert for https://{0}".format(wo_domain_name))
ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone".format(wo_domain_name))
ssl = WOShellExec.cmd_exec(
self, "/usr/local/bin/wo-acme -s {0} --standalone".format(wo_domain_name))
mail_list = ''
if not ssl:
Log.error(self,"ERROR : Let's Encrypt certificate renewal FAILED!",False)
if (SSL.getExpirationDays(self,wo_domain_name)>0):
Log.error(self, "Your current certificate will expire within " + str(SSL.getExpirationDays(self,wo_domain_name)) + " days.",False)
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False)
if (SSL.getExpirationDays(self, wo_domain_name) > 0):
Log.error(self, "Your current certificate will expire within " +
str(SSL.getExpirationDays(self, wo_domain_name)) + " days.", False)
else:
Log.error(self, "Your current certificate already expired!",False)
Log.error(self, "Your current certificate already expired!", False)
WOSendMail("wordops@{0}".format(wo_domain_name), wo_wp_email, "[FAIL] HTTPS cert renewal {0}".format(wo_domain_name),
"Hi,\n\nHTTPS certificate renewal for https://{0} was unsuccessful.".format(wo_domain_name) +
"\nPlease check the WordOps log for reason. The current expiry date is : " +
str(SSL.getExpirationDate(self,wo_domain_name)) +
"\n\nFor support visit https://wordops.org/support .\n\nBest regards,\nYour WordOps Worker",files=mail_list,
port=25, isTls=False)
"Hi,\n\nHTTPS certificate renewal for https://{0} was unsuccessful.".format(wo_domain_name) +
"\nPlease check the WordOps log for reason. The current expiry date is : " +
str(SSL.getExpirationDate(self, wo_domain_name)) +
"\n\nFor support visit https://wordops.org/support .\n\nBest regards,\nYour WordOps Worker", files=mail_list,
port=25, isTls=False)
Log.error(self, "Check the WO log for more details "
"`tail /var/log/wo/wordops.log`")
"`tail /var/log/wo/wordops.log`")
WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder")
WOSendMail("wordops@{0}".format(wo_domain_name), wo_wp_email, "[SUCCESS] Let's Encrypt certificate renewal {0}".format(wo_domain_name),
"Hi,\n\nYour Let's Encrypt certificate has been renewed for https://{0} .".format(wo_domain_name) +
"\nYour new certificate will expire on : " +
str(SSL.getExpirationDate(self,wo_domain_name)) +
"\n\nBest regards,\nYour WordOps Worker",files=mail_list,
port=25, isTls=False)
"Hi,\n\nYour Let's Encrypt certificate has been renewed for https://{0} .".format(wo_domain_name) +
"\nYour new certificate will expire on : " +
str(SSL.getExpirationDate(self, wo_domain_name)) +
"\n\nBest regards,\nYour WordOps Worker", files=mail_list,
port=25, isTls=False)
#redirect= False to disable https redirection
def httpsRedirect(self,wo_domain_name,redirect=True):
# redirect= False to disable https redirection
def httpsRedirect(self, wo_domain_name, redirect=True):
if redirect:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name)):
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
else:
try:
Log.info(self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
Log.info(
self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
.format(wo_domain_name),
encoding='utf-8', mode='w')
sslconf.write("server {\n"
"\tlisten 80;\n" +
"\tserver_name www.{0} {0};\n".format(wo_domain_name) +
"\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}" )
"\tlisten 80;\n" +
"\tlisten [::]:80;\n" +
"\tserver_name www.{0} {0};\n".format(wo_domain_name) +
"\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}")
sslconf.close()
# Nginx Configation into GIT
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
Log.info(self, "Added HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name))
" http://{0}".format(wo_domain_name))
WOGit.add(self,
["/etc/nginx"], msg="Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
else:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)):
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name))
Log.info(self, "Disabled HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name))
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name))
Log.info(self, "Disabled HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name))
def archivedCertificateHandle(self,domain,wo_wp_email):
Log.warn(self,"You already have an existing certificate for the domain requested.\n"
"(ref: /etc/letsencrypt/renewal/{0}.conf)".format(domain) +
"\nPlease select an option from below?"
"\n\t1: Reinstall existing certificate"
"\n\t2: Keep the existing certificate for now"
"\n\t3: Renew & replace the certificate (limit ~5 per 7 days)"
"")
check_prompt = input("\nType the appropriate number [1-3] or any other key to cancel: ")
def archivedCertificateHandle(self, domain, wo_wp_email):
Log.warn(self, "You already have an existing certificate for the domain requested.\n"
"(ref: /etc/letsencrypt/renewal/{0}.conf)".format(domain) +
"\nPlease select an option from below?"
"\n\t1: Reinstall existing certificate"
"\n\t2: Keep the existing certificate for now"
"\n\t3: Renew & replace the certificate (limit ~5 per 7 days)"
"")
check_prompt = input(
"\nType the appropriate number [1-3] or any other key to cancel: ")
if not os.path.isfile("/etc/letsencrypt/live/{0}/cert.pem".format(domain)):
Log.error(self,"/etc/letsencrypt/live/{0}/cert.pem file is missing.".format(domain))
Log.error(
self, "/etc/letsencrypt/live/{0}/cert.pem file is missing.".format(domain))
if check_prompt == "1":
Log.info(self,"Please wait while we reinstall the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.")
Log.info(self, "Please wait while we reinstall the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.")
ssl = WOShellExec.cmd_exec(self, "./letsencrypt-auto certonly --rsa-key-size 4096 --reinstall --webroot -w /var/www/{0}/htdocs/ -d {0} -d www.{0} "
.format(domain)
+ "--email {0} --text --agree-tos".format(wo_wp_email))
elif check_prompt == "2" :
Log.info(self,"Using Existing Certificate files")
.format(domain)
+ "--email {0} --text --agree-tos".format(wo_wp_email))
elif check_prompt == "2":
Log.info(self, "Using Existing Certificate files")
if not (os.path.isfile("/etc/letsencrypt/live/{0}/fullchain.pem".format(domain)) or
os.path.isfile("/etc/letsencrypt/live/{0}/key.pem".format(domain))):
Log.error(self,"Certificate files not found. Skipping.\n"
"Please check if following file exist\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t"
"/etc/letsencrypt/live/{0}/key.pem".format(domain))
os.path.isfile("/etc/letsencrypt/live/{0}/key.pem".format(domain))):
Log.error(self, "Certificate files not found. Skipping.\n"
"Please check if following file exist\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t"
"/etc/letsencrypt/live/{0}/key.pem".format(domain))
ssl = True
elif check_prompt == "3":
Log.info(self,"Please wait while we renew the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.")
Log.info(self, "Please wait while we renew the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.")
ssl = WOShellExec.cmd_exec(self, "./letsencrypt-auto --renew-by-default --rsa-key-size 4096 certonly --webroot -w /var/www/{0}/htdocs/ -d {0} -d www.{0} "
.format(domain)
+ "--email {0} --text --agree-tos".format(wo_wp_email))
.format(domain)
+ "--email {0} --text --agree-tos".format(wo_wp_email))
else:
Log.error(self,"Operation cancelled by user.")
Log.error(self, "Operation cancelled by user.")
if os.path.isfile("{0}/conf/nginx/ssl.conf"
.format(domain)):
.format(domain)):
Log.info(self, "Existing ssl.conf . Backing it up ..")
WOFileUtils.mvfile(self, "/var/www/{0}/conf/nginx/ssl.conf"
.format(domain),
'/var/www/{0}/conf/nginx/ssl.conf.bak'
.format(domain))
.format(domain),
'/var/www/{0}/conf/nginx/ssl.conf.bak'
.format(domain))
return ssl

143
wo/cli/plugins/stack.py
View File

@@ -153,7 +153,7 @@ class WOStackController(CementBaseController):
Log.debug(self, 'Adding ppa of Nginx')
WORepo.add_key(self, WOVariables.wo_nginx_key)
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
if set(WOVariables.wo_php73).issubset(set(apt_packages)) \
or set(WOVariables.wo_php).issubset(set(apt_packages)):
Log.info(self, "Adding repository for PHP, please wait...")
@@ -173,7 +173,7 @@ class WOStackController(CementBaseController):
Log.debug(self, 'Adding ppa for PHP')
WORepo.add(self, ppa=WOVariables.wo_php_repo)
if WOVariables.wo_platform_codename == 'jessie':
if WOVariables.wo_platform_distro == 'debian':
if set(WOVariables.wo_php73).issubset(set(apt_packages)):
Log.debug(self, 'Adding repo_url of php 7.3 for debian')
WORepo.add(self, repo_url=WOVariables.wo_php_repo)
@@ -227,7 +227,7 @@ class WOStackController(CementBaseController):
WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf",
"\"EasyEngine\"",
"\"WordOps{0}\""
"\"WordOps v{0}\""
.format(WOVariables.wo_version))
WOFileUtils.searchreplace(self, '/etc/nginx/nginx.conf',
'ECDHE-RSA-AES128-GCM'
@@ -372,8 +372,9 @@ class WOStackController(CementBaseController):
wo_nginx.close()
# php7 conf
if (WOVariables.wo_platform_codename == 'stretch' or WOVariables.wo_platform_codename == 'jessie' or WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') and (not
os.path.isfile("/etc/nginx/common/php7.conf")):
if (WOVariables.wo_platform_distro == 'debian' or
WOVariables.wo_platform_distro == 'ubuntu') and (not
os.path.isfile("/etc/nginx/common/php73.conf")):
# data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
@@ -571,8 +572,7 @@ class WOStackController(CementBaseController):
WOService.restart_service(self, 'nginx')
if WOAptGet.is_installed(self, 'redis-server'):
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis.conf")):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php72.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -583,8 +583,7 @@ class WOStackController(CementBaseController):
out=wo_nginx)
wo_nginx.close()
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -594,8 +593,7 @@ class WOStackController(CementBaseController):
self.app.render((data), 'redis-hhvm.mustache',
out=wo_nginx)
wo_nginx.close()
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -624,8 +622,7 @@ class WOStackController(CementBaseController):
"'\"$http_referer\" \"$http_user_agent\"';\n")
# setup nginx common folder for php7
if self.app.pargs.php73:
if os.path.isdir("/etc/nginx/common") and (not
os.path.isfile("/etc/nginx/common/php73.conf")):
if os.path.isdir("/etc/nginx/common") and (not os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
@@ -729,8 +726,7 @@ class WOStackController(CementBaseController):
WOGit.add(self, ["/etc/hhvm"], msg="Adding HHVM into Git")
WOService.restart_service(self, 'hhvm')
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/php-hhvm.conf")):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/php-hhvm.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -762,8 +758,7 @@ class WOStackController(CementBaseController):
"output of `nginx -t`")
if set(WOVariables.wo_redis).issubset(set(apt_packages)):
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-php72.conf")):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php72.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -774,8 +769,7 @@ class WOStackController(CementBaseController):
out=wo_nginx)
wo_nginx.close()
if os.path.isfile("/etc/nginx/nginx.conf") and (not
os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-hhvm.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
@@ -803,7 +797,7 @@ class WOStackController(CementBaseController):
"'$http_host \"$request\" $status $body_bytes_sent '\n"
"'\"$http_referer\" \"$http_user_agent\"';\n")
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
# Create log directories
if not os.path.exists('/var/log/php/7.2/'):
Log.debug(self, 'Creating directory /var/log/php/7.2/')
@@ -928,7 +922,7 @@ class WOStackController(CementBaseController):
WOService.restart_service(self, 'php7.2-fpm')
# PHP7.3 configuration for debian
if (WOVariables.wo_platform_codename == 'jessie') and set(WOVariables.wo_php73).issubset(set(apt_packages)):
if (WOVariables.wo_platform_distro == 'debian') and set(WOVariables.wo_php73).issubset(set(apt_packages)):
# Create log directories
if not os.path.exists('/var/log/php/7.3/'):
Log.debug(self, 'Creating directory /var/log/php/7.3/')
@@ -1053,7 +1047,7 @@ class WOStackController(CementBaseController):
WOService.restart_service(self, 'php7.3-fpm')
# preconfiguration for php7.3
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') and set(WOVariables.wo_php73).issubset(set(apt_packages)):
if (WOVariables.wo_platform_distro == 'ubuntu') and set(WOVariables.wo_php73).issubset(set(apt_packages)):
# Create log directories
if not os.path.exists('/var/log/php/7.3/'):
Log.debug(self, 'Creating directory /var/log/php/7.3/')
@@ -1401,9 +1395,11 @@ class WOStackController(CementBaseController):
if ((not self.app.pargs.web) and (not self.app.pargs.admin) and
(not self.app.pargs.nginx) and (not self.app.pargs.php) and
(not self.app.pargs.mysql) and (not self.app.pargs.wpcli) and
(not self.app.pargs.phpmyadmin) and (not self.app.pargs.hhvm) and
(not self.app.pargs.phpmyadmin) and
(not self.app.pargs.hhvm) and
(not self.app.pargs.adminer) and (not self.app.pargs.utils) and
(not self.app.pargs.redis) and (not self.app.pargs.phpredisadmin) and
(not self.app.pargs.redis) and
(not self.app.pargs.phpredisadmin) and
(not self.app.pargs.php73)):
self.app.pargs.web = True
self.app.pargs.admin = True
@@ -1437,7 +1433,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Setting apt_packages variable for Nginx")
if not (WOAptGet.is_installed(self, 'nginx-custom')):
if not (WOAptGet.is_installed(self, 'nginx-plus') or WOAptGet.is_installed(self, 'nginx')):
if not (WOAptGet.is_installed(self, 'nginx-plus') or
WOAptGet.is_installed(self, 'nginx')):
apt_packages = apt_packages + WOVariables.wo_nginx
else:
if WOAptGet.is_installed(self, 'nginx-plus'):
@@ -1454,47 +1451,33 @@ class WOStackController(CementBaseController):
if self.app.pargs.php:
Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not (WOAptGet.is_installed(self, 'php7.2-fpm') or WOAptGet.is_installed(self, 'php7.2-fpm')):
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
Log.debug(self, "PHP 7.2 already installed")
Log.info(self, "PHP 7.2 already installed")
# PHP 7.3 for Debian (jessie+)
if self.app.pargs.php73 and WOVariables.wo_platform_distro == 'debian':
if (WOVariables.wo_platform_codename == 'jessie'):
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.debug(self, "PHP 7.3 already installed")
Log.info(self, "PHP 7.3 already installed")
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.debug(
self, "PHP 7.3 Not Available for your Distribution")
Log.info(self, "PHP 7.3 Not Available for your Distribution")
Log.debug(self, "PHP 7.3 already installed")
Log.info(self, "PHP 7.3 already installed")
# PHP 7.3 for Ubuntu
if self.app.pargs.php73 and WOVariables.wo_platform_distro == 'ubuntu':
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
Log.debug(self, "PHP 7.3 already installed")
Log.info(self, "PHP 7.3 already installed")
if self.app.pargs.php73 and (WOVariables.wo_platform_distro == 'ubuntu'):
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
Log.debug(
self, "Unfortunately PHP 7.3 is not available for your Ubuntu or Debian version.")
Log.info(
self, "Unfortunately PHP 7.3 is not available for your Ubuntu or Debian version.")
Log.debug(self, "PHP 7.3 already installed")
Log.info(self, "PHP 7.3 already installed")
if self.app.pargs.hhvm:
Log.debug(self, "Setting apt packages variable for HHVM")
@@ -1666,14 +1649,15 @@ class WOStackController(CementBaseController):
(not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and
(not self.app.pargs.hhvm) and (not self.app.pargs.adminer) and
(not self.app.pargs.utils) and (not self.app.pargs.all) and
(not self.app.pargs.redis) and (not self.app.pargs.phpredisadmin)):
(not self.app.pargs.redis) and
(not self.app.pargs.phpredisadmin)):
self.app.pargs.web = True
self.app.pargs.admin = True
if self.app.pargs.all:
self.app.pargs.web = True
self.app.pargs.admin = True
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
self.app.pargs.php73 = True
if self.app.pargs.web:
@@ -1696,29 +1680,21 @@ class WOStackController(CementBaseController):
if self.app.pargs.php:
Log.debug(self, "Removing apt_packages variable of PHP")
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
# PHP7.3 for debian(jessie+)
# PHP7.3
if self.app.pargs.php73:
if (WOVariables.wo_platform_codename == 'jessie'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
apt_packages = apt_packages + WOVariables.wo_php73
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
Log.info(self, "PHP 7.3 not supported.")
if self.app.pargs.php73:
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else:
Log.info(self, "PHP 7.3 not supported.")
apt_packages = apt_packages + WOVariables.wo_php73
if self.app.pargs.hhvm:
if WOAptGet.is_installed(self, 'hhvm'):
@@ -1821,7 +1797,7 @@ class WOStackController(CementBaseController):
if self.app.pargs.all:
self.app.pargs.web = True
self.app.pargs.admin = True
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
self.app.pargs.php73 = True
if self.app.pargs.web:
@@ -1843,30 +1819,27 @@ class WOStackController(CementBaseController):
Log.error(self, "Cannot Purge! Nginx Stable version not found.")
if self.app.pargs.php:
Log.debug(self, "Purge apt_packages variable PHP")
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php73
else:
apt_packages = apt_packages + WOVariables.wo_php
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73
# For debian --php73
if self.app.pargs.php73:
if (WOVariables.wo_platform_codename == 'jessie'):
if (WOVariables.wo_platform_distro == 'ubuntu'):
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php
else:
apt_packages = apt_packages + WOVariables.wo_php73
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php_extra
else:
Log.info(self, "PHP 7.3 not supported.")
apt_packages = apt_packages + WOVariables.wo_php
if self.app.pargs.php73:
if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'):
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else:
Log.info(self, "PHP 7.3 not supported.")
if self.app.pargs.hhvm:
if WOAptGet.is_installed(self, 'hhvm'):
Log.debug(self, "Purge apt_packages varible of HHVM")