Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #54 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-04-16 11:50:55 +02:00
committed by GitHub
parent 180eaf5ce5 f85d2073dc
commit c2a19048ef
20 changed files with 648 additions and 299 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.travis.yml
View File

@@ -13,7 +13,12 @@ before_script:
- sudo bash -c 'echo example.com > /etc/hostname'
- sudo apt-get -qq purge mysql* graphviz*
- sudo apt-get -qq autoremove --purge
- sudo apt-get update
addons:
apt:
update: true
git:
quiet: true
script:
- lsb_release -a
@@ -21,13 +26,8 @@ script:
- sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig'
- sudo echo "Travis Banch = $TRAVIS_BRANCH"
- sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree
- sudo bash install $TRAVIS_BRANCH
- sudo wo --help
- sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash install -b $TRAVIS_BRANCH
- sudo wo --help && sudo wo stack install && sudo wo stack install --admin
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log
@@ -60,7 +60,4 @@ script:
- sudo ls /var/www/
- sudo wp --allow-root --info
- sudo wo info || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo'
- sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down"
- sudo tree -L 2 /etc/nginx

5
CHANGELOG.md
View File

@@ -27,6 +27,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- "wo maintenance" command to perform server package update & cleanup
- Support for Netdata on backend : https://server.hostname:22222/netdata/
- New Stacks : composer and netdata
- additional argument for letsencrypt : --hsts
- Theme for adminer
- Credits for tools shipped with WordOps
#### Changed
@@ -37,6 +40,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Increase MySQL root password size to 16 characters
- Increase MySQL users password size to 16 characters
- Nginx locations template is the same for php7.2 & 7.3
- refactor install script
- backend SSL configuration now stored in /var/www/22222/conf/nginx/ssl.conf
#### Fixed

43
README.md
View File

@@ -1,7 +1,7 @@
<h1 align="center" style="font-size:54px;"><a href="https://wordops.net">
WordOps</a>
<p align="center"><img src="https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/logo.png" width="400" alt="Wordops" /><a href="https://wordops.net">
<br>
</h1>
</p>
<h2 align="center">An essential toolset that eases WordPress site and server administration</h2>
@@ -19,7 +19,6 @@
<p align="center">
<a href="#key-features">Key Features</a> •
<a href="#getting-started">Getting Started</a> •
<a href="#usage">Usage</a> •
<a href="https://github.com/WordOps/WordOps/projects">RoadMap</a> •
<a href="https://github.com/WordOps/WordOps/blob/master/CHANGELOG.md">Changelog</a> •
@@ -28,8 +27,10 @@
</p>
<p align="center">
<a href="https://wordops.net"> WordOps site</a> •
<a href="https://docs.wordops.net">Documentation</a> •
<a href="https://community.wordops.net">Community forum</a> •
<a href="https://docs.wordops.net">Documentation</a>
<a href="https://community.wordops.io/slack">Slack</a>
</p>
---
@@ -41,8 +42,9 @@
- **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- **Secured** : Hardened WordPress security with strict Nginx location directives
- **Powerful** : Optimized Nginx configurations with multiple cache backends support
- **SSL** : Let's Encrypt SSL certificates handled by Acme.sh
- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols
- **SSL** : Let's Encrypt SSL certificates handled by acme.sh
- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite, modern TLS protocols and HSTS support
- **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata
## Requirements
@@ -63,7 +65,7 @@
## Getting Started
```bash
wget -qO wo wops.cc && sudo bash wo # Install WordOps
curl -sL wops.cc | sudo bash # Install WordOps
sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com
```
@@ -75,6 +77,7 @@ WordOps made some fundamental changes:
- Support for w3tc is dropped as a security precaution.
- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3.
- Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.14.2 with Brolti support)
- HHVM stack has been removed
- Let's Encrypt stack isn't based on letsencrypt-auto anymore, we use acme.sh to handle SSL certificates
If you are going to migrate from EasyEngine v3, here some important informations :
@@ -129,15 +132,6 @@ wo site create example.com --wp --letsencrypt # install wordpress & secure site
wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt
```
## Cheatsheet
| | single site | multisite w/ subdir | multisite w/ subdom |
|--------------------|---------------|-----------------------|--------------------------|
| **NO Cache** | --wp | --wpsubdir | --wpsubdomain |
| **WP Super Cache** | --wpsc | -wpsubdir --wpsc | --wpsubdomain --wpsc |
| **Nginx fastcgi_cache** | --wpfc | --wpsubdir --wpfc | --wpsubdomain --wpfc |
| **Redis cache** | --wpredis | --wpsubdir --wpredis | --wpsubdomain --wpredis |
## Update WordOps
```bash
@@ -146,8 +140,8 @@ wo update
## Support
If you feel there is a bug directly related to WordOps, feel free to open an issue.
For any other questions/suggestions about WordOps or if you need support, please use the [WordOps Community Forum](https://community.wordops.net/).
If you feel there is a bug directly related to WordOps, or if you want to suggest new features for WordOps, feel free to open an issue.
For any other questions about WordOps or if you need support, please use the [Community Forum](https://community.wordops.net/).
# Contributing
@@ -156,9 +150,18 @@ There is no need to be a developer or a system administrator to contribute to Wo
## Credits
- Main source : [EasyEngine](https://github.com/easyengine/easyengine)
- Source : [EasyEngine](https://github.com/easyengine/easyengine)
Shipped with WordOps
- Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh)
- WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli)
- Monitoring : [Netdata](https://github.com/netdata/netdata)
- [phpMyAdmin](https://www.phpmyadmin.net/)
- [Adminer](https://www.adminer.org/)
- [phpRedisAdmin](https://github.com/erikdubbelboer/phpRedisAdmin)
- [PHPMemcachedAdmin](https://github.com/elijaa/phpmemcachedadmin)
- [opcacheGUI](https://github.com/amnuts/opcache-gui)
## License

20
config/bash_completion.d/wo_auto.rc
View File

@@ -74,7 +74,7 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE
"install" | "purge" | "remove" )
COMPREPLY=( $(compgen \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin" \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban" \
-- $cur) )
;;
"upgrade" )
@@ -84,7 +84,7 @@ _wo_complete()
;;
"start" | "stop" | "reload" | "restart" | "status")
COMPREPLY=( $(compgen \
-W "--nginx --php --php73 --mysql --memcache --redis" \
-W "--nginx --php --php73 --mysql --memcache --redis --fail2ban --netdata" \
-- $cur) )
;;
"migrate")
@@ -159,7 +159,7 @@ _wo_complete()
"create")
COMPREPLY=( $(compgen \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt -le" \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain -le" \
-- $cur) )
;;
@@ -213,7 +213,7 @@ _wo_complete()
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew"
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --le --le=subdomain --le=off "
else
retlist=""
fi
@@ -230,7 +230,7 @@ _wo_complete()
"--wpsubdir" | "--wpsubdomain")
if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73"
retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew"
else
@@ -248,7 +248,7 @@ _wo_complete()
"--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt "
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain"
else
retlist=""
fi
@@ -272,7 +272,7 @@ _wo_complete()
-- $cur) )
;;
"--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcache" | "--redis | --phpredisadmin")
"--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcached" | "--redis | --phpredisadmin")
if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then
retlist="--web --admin --nginx --php --php73 --mysql--wpcli --phpmyadmin --adminer --utils --memcache --redis --phpredisadmin"
elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then
@@ -324,8 +324,8 @@ _wo_complete()
-- $cur) )
;;
"--memcache" | "--opcache" | "--fastcgi" | "--all" | "--redis")
retlist="--memcache --opcache --fastcgi --redis --all"
"--memcached" | "--opcache" | "--fastcgi" | "--all" | "--redis")
retlist="--memcached --opcache --fastcgi --redis --all"
ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \
-W "$(echo $ret)" \
@@ -363,7 +363,7 @@ _wo_complete()
case "$mprev" in
"--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt"
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain"
fi
ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \

24
docs/wo.8
View File

@@ -3,17 +3,17 @@
.B WordOps (wo)
\- Manage Nginx Based Websites.
.SH SYNOPSIS
wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync]
wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance]
.TP
wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --hhvm | --phpmyadmin | --phpredisadmin | --wpcli | --utils ]
wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils ]
.TP
wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcache | --redis]
wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcached | --redis]
.TP
wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ]
.TP
wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm | --letsencrypt/-le]]
wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain]]
.TP
wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm ] [--password] [--letsencrypt=on/off/renew]]
wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [--letsencrypt=on/off/subdomain/renew]]
.TP
wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ]
.TP
@@ -129,13 +129,13 @@ Disable site by Destroying softlink with site file in
.br
Edit NGINX configuration of site.
.TP
.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm ]]
.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]]
.br
Create new site according to given options. If no options provided
.br
create static site with html only.
.TP
.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis | --hhvm ] [--password]]
.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]]
.br
Update site configuration according to specified options.
.TP
@@ -163,9 +163,9 @@ if used with --all=off argument.
.br
Update security settings.
.TP
.B clean [ --fastcgi | --opcache | --memcache | --redis | --all ]
.B clean [ --fastcgi | --opcache | --memcached | --redis | --all ]
.br
Clean NGINX fastCGI cache, Opcache, Memcache, Redis cache.
Clean NGINX fastCGI cache, Opcache, memcached, Redis cache.
.br
Clean NGINX fastCGI cache if no option specified.
.SH ARGUMENTS
@@ -274,17 +274,13 @@ Install and activate Nginx-helper and WP Super Cache plugin.
.TP
.B --wpfc
.br
Install and activate Nginx-helper and W3 Total Cache plugin with
Install and activate Nginx-helper plugin with
.br
Nginx FastCGI cache.
.TP
.B --wpredis
.br
Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching.
.TP
.B --hhvm
.br
Install, activate Nginx-helper and configure NGINX for HHVM.
.SH FILES
.br
/etc/wo/wo.conf

169
install
View File

@@ -7,10 +7,10 @@
# Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T
# -------------------------------------------------------------------------
# Version 3.9.5 - 2019-03-27
# Version 3.9.5 - 2019-04-14
# -------------------------------------------------------------------------
readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.3"
readonly wo_version_new="3.9.4.5"
# CONTENTS
# ---
# 1. VARIABLES AND DECLARATIONS
@@ -56,7 +56,7 @@ wo_lib_error() {
###
if [[ $EUID -ne 0 ]]; then
wo_lib_echo_fail "Sudo privilege required..."
wo_lib_echo_fail "Use: wget -qO wo wordops.se/tup && sudo bash wo"
wo_lib_echo_fail "Use: curl -sL wops.cc | sudo bash"
exit 100
fi
@@ -78,10 +78,30 @@ if [ -z "$(command -v lsb_release)" ]; then
apt-get -y install lsb-release -qq
fi
while [ "$#" -gt 0 ]; do
case "$1" in
-b | --branch)
wo_branch="$2"
shift
;;
-p | --preserve)
wo_preserve_config="y"
;;
--force)
wo_force_install="y"
;;
*) # positional args
;;
esac
shift
done
###
# 1 - Define variables for later use
###
wo_branch="$1"
if [ -z "$wo_branch" ]; then
wo_branch=master
fi
readonly wo_log_dir=/var/log/wo/
readonly wo_backup_dir=/var/lib/wo-backup/
readonly wo_install_log=/var/log/wo/install.log
@@ -95,14 +115,15 @@ EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.gz"
WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz"
if [ -x /usr/local/bin/ee ]; then
migration=1
else
migration=0
ee_migration=1
elif [ -x /usr/local/bin/wo ]; then
wo_upgrade=1
fi
###
# 1 - Checking linux distro
###
if [ -z "$wo_force_install" ]; then
if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment."
wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support"
@@ -115,6 +136,7 @@ else
exit 100
fi
fi
fi
###
# 1 - To prevent errors or unexpected behaviour, create the log and ACL it
@@ -154,20 +176,20 @@ wo_install_dep() {
locale-gen en
} >> "$wo_install_log" 2>&1
# Support PFS
if [ -f /etc/nginx/nginx.conf ]; then
# Replace previous ciphers
new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
# Change the TLS protocols
sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf
fi
# if [ -f /etc/nginx/nginx.conf ]; then
# # Replace previous ciphers
# new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
# sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
# # Change the TLS protocols
# sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf
# fi
# Let's Encrypt .well-known folder setup
if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
mkdir -p /var/www/html/.well-known/acme-challenge
chown -R www-data:www-data /var/www/html /var/www/html/.well-known
chmod 750 /var/www/html /var/www/html/.well-known
fi
# # Let's Encrypt .well-known folder setup
# if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
# mkdir -p /var/www/html/.well-known/acme-challenge
# chown -R www-data:www-data /var/www/html /var/www/html/.well-known
# chmod 750 /var/www/html /var/www/html/.well-known
# fi
}
###
@@ -228,8 +250,8 @@ wo_sync_db() {
wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}')
if [ "$(echo "$wo_site_current_type" | grep php)" ]; then
if [ "$(echo "$wo_site_current_type" | grep php7)" ]; then
if [ "$(echo $wo_site_current_type | grep php)" ]; then
if [ "$(echo $wo_site_current_type | grep php7)" ]; then
wo_php_version="7.0"
else
wo_php_version="5.6"
@@ -238,28 +260,28 @@ wo_sync_db() {
wo_php_version=""
fi
if [ "$(echo "$wo_site_current_type" | grep redis)" ]; then
if [ "$(echo $wo_site_current_type | grep redis)" ]; then
wo_site_current_cache="wpredis"
elif [ -z "$(echo "$wo_site_current_type" | grep wpsc)" ]; then
elif [ -z "$(echo $wo_site_current_type | grep wpsc)" ]; then
wo_site_current_cache="wpsc"
elif [ -z "$(echo "$wo_site_current_type" | grep wpfc)" ]; then
elif [ -z "$(echo $wo_site_current_type | grep wpfc)" ]; then
wo_site_current_cache="wpfc"
else
wo_site_current_cache="basic"
fi
if [ "$(echo "$wo_site_current_type" | grep wp)" ]; then
if [ -z "$(echo "$wo_site_current_type" | grep wpsubdir)" ]; then
if [ "$(echo $wo_site_current_type | grep wp)" ]; then
if [ -z "$(echo $wo_site_current_type | grep wpsubdir)" ]; then
wo_site_current="wpsubdir"
elif [ -z "$(echo "$wo_site_current_type" | grep wpsudomain)" ]; then
elif [ -z "$(echo $wo_site_current_type | grep wpsudomain)" ]; then
wo_site_current="wpsubdomain"
else
wo_site_current="wp"
fi
else
if [ -z "$(echo "$wo_site_current_type" | grep location)" ]; then
if [ -z "$(echo $wo_site_current_type | grep location)" ]; then
wo_site_current="proxy"
elif [ -z "$(echo "$wo_site_current_type" | grep php)" ]; then
elif [ -z "$(echo $wo_site_current_type | grep php)" ]; then
wo_site_current="html"
else
if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then
@@ -360,37 +382,35 @@ wo_install_acme_sh() {
} >> "$wo_install_log" 2>&1
fi
if [ -d "$HOME/.acme/.sh" ]; then
if [ -d "$HOME/.acme.sh" ]; then
{
rsync -az --exclude="account.conf" \
/usr/bin/rsync -rltgoDpz --exclude="account.conf" \
--exclude="acme.sh" \
--exclude="acme.sh.env" \
--exclude="deploy" \
--exclude="dnsapi" \
--exclude="http.header" \
--exclude="ca" \
--del \
"$HOME/.acme.sh/" \
/etc/letsencrypt/renewal/
} >> "$wo_install_log" 2>&1
fi
}
# Now, finally, let's install WordOps
# Clone Github repository if it doesn't exist
wo_install() {
{
rm -rf /tmp/easyengine
rm -rf /tmp/wordops
[ -z "$wo_branch" ] && {
wo_branch=master
}
git clone -b "$wo_branch" https://github.com/WordOps/WordOps.git /tmp/wordops --quiet
cd /tmp/wordops || exit 1
if [ ! -d /tmp/WordOps/.git ]; then
rm -rf /tmp/WordOps
git clone https://github.com/WordOps/WordOps.git /tmp/WordOps -b "$wo_branch"
else
git -C /tmp/WordOps pull origin "$wo_branch"
fi
cd /tmp/WordOps || exit 1
} >> "$wo_install_log" 2>&1
python3 setup.py install
}
wo_upgrade_nginx() {
@@ -402,13 +422,17 @@ wo_upgrade_nginx() {
rm -rf /var/lib/wo-backup/nginx
fi
# backup nginx conf
/usr/bin/rsync -az /etc/nginx/ /var/lib/wo-backup/nginx/
if [ -d /etc/nginx ]; then
/usr/bin/rsync -az /etc/nginx/ /var/lib/wo-backup/nginx/
fi
if [ -d /etc/php ]; then
/usr/bin/rsync -az /etc/php/ /var/lib/wo-backup/php/
fi
# chec if the package nginx-ee is installed
CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo)
CHECK_PHP72=$(dpkg --list | grep php7.2-fpm)
CHECK_PHP73=$(dpkg --list | grep php7.3-fpm)
CHECK_PHP72=$(command -v php-fpm7.2)
CHECK_PHP73=$(command -v php-fpm7.3)
# add new Nginx repository
if [ "$wo_linux_distro" = "Ubuntu" ]; then
@@ -447,25 +471,28 @@ wo_upgrade_nginx() {
# remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom --purge
rm -rf /etc/nginx
elif [ -n "$CHECK_NGINX_WO" ]; then
apt-mark unhold nginx-wo nginx-common nginx-custom
apt-get -y -qq autoremove nginx-wo nginx-common nginx-custom --purge
fi
if [ -d /etc/nginx ]; then
rm -rf /etc/nginx
fi
# remove previous php-fpm pool configuration
if [ -n "$CHECK_PHP72" ]; then
apt-get remove php7.2-fpm -y -qq --purge
rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
fi
/usr/local/bin/wo stack install --nginx --php
echo "$wo_version_new" > /etc/nginx/common/release
if [ -n "$CHECK_PHP73" ]; then
WO_STACK_INSTALL_ARGS="--php73"
apt-get remove php7.3-fpm -y -qq --purge
rm -f /etc/php/7.3/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
/usr/local/bin/wo stack install --php73
else
WO WO_STACK_INSTALL_ARGS=""
fi
/usr/local/bin/wo stack install --nginx --php $WO_STACK_INSTALL_ARGS
echo "$wo_version_new" > /etc/nginx/common/release
rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf}
fi
@@ -593,7 +620,7 @@ wo_backup_ee() {
}
wo_backup_wo() {
tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo >> /var/log/wo/install.log 2>&1
tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo >> /var/log/wo/install.log 2>&1
}
wo_clean_ee() {
@@ -623,10 +650,8 @@ if [ -x /usr/local/bin/wo ]; then
wo_upgrade_nginx | tee -ai $wo_install_log
fi
wo_update_latest | tee -ai $wo_install_log
if [ ! -d /opt/acme.sh ]; then
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
fi
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log
@@ -655,10 +680,8 @@ else
wo_upgrade_nginx | tee -ai $wo_install_log
fi
wo_update_latest | tee -ai $wo_install_log
if [ ! -d /opt/acme.sh ]; then
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
fi
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log
@@ -684,21 +707,19 @@ fi
wo sync | tee -ai $wo_install_log
if [ "$migration" -eq "1" ]; then
if [ "$ee_migration" = "1" ]; then
echo
wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!"
wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz"
echo
wo_lib_echo_info "For autocompletion, run the following command:"
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
echo
wo_lib_echo "WordOps (wo) help: https://docs.wordops.net"
elif [ "$wo_upgrade" = "1" ]; then
wo_lib_echo "WordOps (wo) upgrade to $wo_version_new was succesfull!"
else
echo
wo_lib_echo "For WordOps (wo) auto completion, run the following command"
echo
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
echo
wo_lib_echo "Yay! WordOps (wo) installed/updated successfully"
wo_lib_echo "WordOps (wo) help: https://docs.wordops.net"
wo_lib_echo "WordOps (wo) installed successfully"
fi
wo_lib_echo_info "For autocompletion, run the following command:"
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
echo
wo_lib_echo "WordOps Documentation : https://docs.wordops.net"
wo_lib_echo "WordOps Community Forum : https://community.wordops.net"
echo

BIN
logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

12
setup.py
View File

@@ -33,11 +33,9 @@ try:
wo_user = config['user']['name']
wo_email = config['user']['email']
except Exception as e:
print("WordOps (wo) required your name & email address to track"
" changes you made under the Git version control")
print("WordOps (wo) will be able to send you daily reports & alerts in "
"upcoming version")
print("WordOps (wo) will NEVER share your information with other parties")
print("WordOps (wo) require an username & and an email "
"address to configure Git (used to save server configurations)")
print("Your informations will ONLY be stored locally")
wo_user = input("Enter your name: ")
while wo_user is "":
@@ -55,7 +53,7 @@ except Exception as e:
os.system("git config --global user.email {0}".format(wo_email))
if not os.path.isfile('/root/.gitconfig'):
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
setup(name='wo',
version='3.9.4',
@@ -87,7 +85,7 @@ setup(name='wo',
'psutil == 3.1.1',
'sh',
'SQLAlchemy',
],
],
data_files=[('/etc/wo', ['config/wo.conf']),
('/etc/wo/plugins.d', conf),
('/usr/lib/wo/templates', templates),

7
wo/cli/controllers/base.py
View File

@@ -13,12 +13,11 @@ Copyright (c) 2019 WordOps.
class WOBaseController(CementBaseController):
class Meta:
label = 'base'
description = ("WordOps is the commandline tool to manage your"
" websites based on WordPress and Nginx with easy to"
" use commands")
description = ("An essential toolset that eases WordPress "
"site and server administration with Nginx")
arguments = [
(['-v', '--version'], dict(action='version', version=BANNER)),
]
]
@expose(hide=True)
def default(self):

5
wo/cli/plugins/clean.py
View File

@@ -89,11 +89,12 @@ class WOCleanController(CementBaseController):
try:
Log.info(self, "Cleaning opcache")
wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache"
"/opcache/opgui.php?page=reset").read()
"/opcache/opgui.php?reset=1").read()
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.debug(self, "Unable hit url, "
" https://127.0.0.1:22222/cache/opcache/opgui.php?page=reset,"
" https://127.0.0.1:22222/cache/opcache/"
"opgui.php?reset=1,"
" please check you have admin tools installed")
Log.debug(self, "please check you have admin tools installed,"
" or install them with `wo stack install --admin`")

269
wo/cli/plugins/site.py
View File

@@ -163,7 +163,8 @@ class WOSiteController(CementBaseController):
sslexpiry = ''
data = dict(domain=wo_domain, webroot=wo_site_webroot,
accesslog=access_log, errorlog=error_log,
dbname=wo_db_name, dbuser=wo_db_user, php_version=php_version,
dbname=wo_db_name, dbuser=wo_db_user,
php_version=php_version,
dbpass=wo_db_pass,
ssl=ssl, sslprovider=sslprovider, sslexpiry=sslexpiry,
type=sitetype + " " + cachetype + " ({0})"
@@ -279,7 +280,8 @@ class WOSiteEditController(CementBaseController):
except CommandExecutionError as e:
Log.error(self, "Failed invoke editor")
if (WOGit.checkfilestatus(self, "/etc/nginx",
'/etc/nginx/sites-available/{0}'.format(wo_domain))):
'/etc/nginx/sites-available/{0}'
.format(wo_domain))):
WOGit.add(self, ["/etc/nginx"], msg="Edit website: {0}"
.format(wo_domain))
# Reload NGINX
@@ -334,6 +336,9 @@ class WOSiteCreateController(CementBaseController):
action='store' or 'store_const',
choices=('on', 'subdomain', 'wildcard'),
const='on', nargs='?')),
(['--hsts'],
dict(help="enable HSTS for site secured with letsencrypt",
action='store_true')),
(['--user'],
dict(help="provide user for WordPress site")),
(['--email'],
@@ -493,7 +498,8 @@ class WOSiteCreateController(CementBaseController):
webroot=data['webroot'])
Log.debug(self, str(e))
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
if 'proxy' in data.keys() and data['proxy']:
addNewSite(self, wo_domain, stype, cache, wo_site_webroot)
@@ -507,7 +513,8 @@ class WOSiteCreateController(CementBaseController):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
if wo_auth and len(wo_auth):
for msg in wo_auth:
Log.info(self, Log.ENDC + msg, log=False)
@@ -545,7 +552,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_db_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
try:
wodbconfig = open("{0}/wo-config.php"
@@ -575,7 +583,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_db_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
# Setup WordPress if Wordpress site
if data['wp']:
@@ -599,7 +608,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
# Service Nginx Reload call cleanup if failed to reload nginx
if not WOService.reload_service(self, 'nginx'):
@@ -617,7 +627,8 @@ class WOSiteCreateController(CementBaseController):
Log.info(self, Log.FAIL + "service nginx reload failed."
" check issues with `nginx -t` command.")
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` "
"and please try again")
WOGit.add(self, ["/etc/nginx"],
msg="{0} created with {1} {2}"
@@ -640,7 +651,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again")
"`tail /var/log/wo/wordops.log` and "
"please try again")
if wo_auth and len(wo_auth):
for msg in wo_auth:
@@ -661,18 +673,30 @@ class WOSiteCreateController(CementBaseController):
"`tail /var/log/wo/wordops.log` and please try again")
if self.app.pargs.letsencrypt == "on":
data['letsencrypt'] = True
letsencrypt = True
if self.app.pargs.hsts:
data['letsencrypt'] = True
letsencrypt = True
data['hsts'] = True
hsts = True
else:
data['letsencrypt'] = True
letsencrypt = True
data['hsts'] = False
hsts = False
if data['letsencrypt'] is True:
setupLetsEncrypt(self, wo_domain)
httpsRedirect(self, wo_domain)
if data['hsts'] is True:
setupHsts(self, wo_domain)
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site "
Log.info(self, "Congratulations! Successfully Configured "
"SSl for Site "
" https://{0}".format(wo_domain))
# Add nginx conf folder into GIT
@@ -689,15 +713,23 @@ class WOSiteCreateController(CementBaseController):
data['letsencrypt'] = True
letsencrypt = True
if self.app.pargs.hsts == 'on':
data['hsts'] = True
hsts = True
if data['letsencrypt'] is True:
setupLetsEncryptSubdomain(self, wo_domain)
httpsRedirect(self, wo_domain)
if data['hsts'] is True:
setupHsts(self, wo_domain)
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site "
Log.info(self, "Congratulations! Successfully Configured "
"SSl for Site "
" https://{0}".format(wo_domain))
# Add nginx conf folder into GIT
@@ -753,6 +785,11 @@ class WOSiteUpdateController(CementBaseController):
action='store' or 'store_const',
choices=('on', 'off', 'renew', 'subdomain', 'wildcard'),
const='on', nargs='?')),
(['--hsts'],
dict(help="configure hsts for the site",
action='store' or 'store_const',
choices=('on', 'off'),
const='on', nargs='?')),
(['--proxy'],
dict(help="update to proxy site", nargs='+')),
(['--experimental'],
@@ -776,7 +813,7 @@ class WOSiteUpdateController(CementBaseController):
if not (pargs.php or pargs.php73 or
pargs.mysql or pargs.wp or pargs.wpsubdir or
pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or
pargs.wpredis or pargs.letsencrypt):
pargs.wpredis or pargs.letsencrypt or pargs.hsts):
Log.error(self, "Please provide options to update sites.")
if pargs.all:
@@ -853,7 +890,8 @@ class WOSiteUpdateController(CementBaseController):
if (pargs.password and not (pargs.html or
pargs.php or pargs.php73 or pargs.mysql or
pargs.wp or pargs.wpfc or pargs.wpsc or
pargs.wpsubdir or pargs.wpsubdomain)):
pargs.wpsubdir or pargs.wpsubdomain or
pargs.hsts)):
try:
updatewpuserpassword(self, wo_domain, wo_site_webroot)
except SiteError as e:
@@ -1009,7 +1047,8 @@ class WOSiteUpdateController(CementBaseController):
" https://{0}".format(wo_domain))
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.")
str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
Log.info(self, "Expiration date: " +
str(SSL.getExpirationDate(self, wo_domain)))
@@ -1040,12 +1079,14 @@ class WOSiteUpdateController(CementBaseController):
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.")
str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
Log.info(self, "Expiration date: \n\n" +
str(SSL.getExpirationDate(self, wo_domain)))
return 0
# else:
# Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
# Log.warn(self, "Your cert already EXPIRED !
# .PLEASE renew soon . ")
else:
Log.info(
self, "SSL not configured for "
@@ -1115,6 +1156,14 @@ class WOSiteUpdateController(CementBaseController):
cache == oldcachetype):
return 1
if pargs.hsts:
if pargs.hsts == "on":
data['hsts'] = True
hsts = True
elif pargs.hsts == "off":
data['hsts'] = False
hsts = False
if not data:
Log.error(self, "Cannot update {0}, Invalid Options"
.format(wo_domain))
@@ -1125,7 +1174,7 @@ class WOSiteUpdateController(CementBaseController):
data['wo_db_pass'] = check_site.db_password
data['wo_db_host'] = check_site.db_host
if not pargs.letsencrypt:
if not (pargs.letsencrypt or pargs.hsts):
try:
pre_run_checks(self)
except SiteError as e:
@@ -1175,15 +1224,18 @@ class WOSiteUpdateController(CementBaseController):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site "
Log.info(self, "Congratulations! Successfully "
"Configured SSl for Site "
" https://{0}".format(wo_domain))
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.")
str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
else:
Log.warn(
self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
self, "Your cert already EXPIRED ! "
".PLEASE renew soon . ")
elif data['letsencrypt'] is False:
if os.path.isfile("{0}/conf/nginx/ssl.conf"
@@ -1194,6 +1246,12 @@ class WOSiteUpdateController(CementBaseController):
'{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot))
httpsRedirect(self, wo_domain, False)
if os.path.isfile("{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
@@ -1228,7 +1286,8 @@ class WOSiteUpdateController(CementBaseController):
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.")
str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
else:
Log.warn(
self, "Your cert already EXPIRED !"
@@ -1243,6 +1302,14 @@ class WOSiteUpdateController(CementBaseController):
'{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot))
httpsRedirect(self, wo_domain, False)
if os.path.isfile(("{0}/conf/nginx/hsts.conf")
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/"
"hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
@@ -1261,6 +1328,39 @@ class WOSiteUpdateController(CementBaseController):
updateSiteInfo(self, wo_domain, ssl=letsencrypt)
return 0
if pargs.hsts:
if data['hsts'] is True:
if os.path.isfile(("{0}/conf/nginx/ssl.conf")
.format(wo_site_webroot)):
if not os.path.isfile("{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot)):
setupHsts(self, wo_domain)
else:
Log.error(self, "HSTS is already configured for given "
"site")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
else:
Log.error(self, "HTTPS is not configured for given "
"site")
return 0
elif data['hsts'] is False:
if os.path.isfile(("{0}/conf/nginx/hsts.conf")
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
else:
Log.error(self, "HSTS is not configured for given "
"site")
return 0
if stype == oldsitetype and cache == oldcachetype:
# Service Nginx Reload
@@ -1269,7 +1369,8 @@ class WOSiteUpdateController(CementBaseController):
"check issues with `nginx -t` command")
updateSiteInfo(self, wo_domain, stype=stype, cache=cache,
ssl=True if check_site.is_ssl else False, php_version=check_php_version)
ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
Log.info(self, "Successfully updated site"
" http://{0}".format(wo_domain))
@@ -1327,44 +1428,98 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
if ((oldcachetype in ['wpsc', 'basic', 'wpredis'] and
(data['wpfc'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpfc'])):
(data['wpfc'])) or (oldsitetype == 'wp' and
data['multisite'] and data['wpfc'])):
try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_fastcgi",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1","redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data)
self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. "
Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc'] and
(data['wpredis'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpredis'])):
(data['wpredis'])) or (oldsitetype == 'wp' and
data['multisite'] and
data['wpredis'])):
try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1","redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data)
self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. "
Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
else:
try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":0,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":0,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379","redis_prefix":"nginx-cache:"}'
setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data)
self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. "
Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
if oldcachetype == 'wpsc' and not data['wpsc']:
@@ -1374,7 +1529,8 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
if oldcachetype == 'wpredis' and not data['wpredis']:
@@ -1384,7 +1540,8 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again")
" `tail /var/log/wo/wordops.log` "
"and please try again")
return 1
if oldcachetype != 'wpsc' and data['wpsc']:
@@ -1401,10 +1558,12 @@ class WOSiteUpdateController(CementBaseController):
try:
if installwp_plugin(self, 'redis-cache', data):
# search for wp-config.php
if WOFileUtils.isexist(self, "{0}/wp-config.php".format(wo_site_webroot)):
if WOFileUtils.isexist(self, "{0}/wp-config.php"
.format(wo_site_webroot)):
config_path = '{0}/wp-config.php'.format(
wo_site_webroot)
elif WOFileUtils.isexist(self, "{0}/htdocs/wp-config.php".format(wo_site_webroot)):
elif WOFileUtils.isexist(self, "{0}/htdocs/wp-config.php"
.format(wo_site_webroot)):
config_path = '{0}/htdocs/wp-config.php'.format(
wo_site_webroot)
else:
@@ -1415,22 +1574,24 @@ class WOSiteUpdateController(CementBaseController):
self, "wp-config.php could not be located !!")
raise SiteError
if WOShellExec.cmd_exec(self, "grep -q \"WP_CACHE_KEY_SALT\" {0}"
if WOShellExec.cmd_exec(self, "grep -q "
"\"WP_CACHE_KEY_SALT\" {0}"
.format(config_path)):
pass
else:
try:
wpconfig = open("{0}".format(config_path),
encoding='utf-8', mode='a')
wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\', \'{0}:\' );"
.format(wo_domain))
wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\',"
" \'{0}:\' );".format(wo_domain))
wpconfig.close()
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Updating wp-config.php failed.")
Log.warn(self, "Updating wp-config.php failed. "
"Could not append:"
"\ndefine( \'WP_CACHE_KEY_SALT\', \'{0}:\' );".format(wo_domain) +
"Could not append:"
"\ndefine( \'WP_CACHE_KEY_SALT\', "
"\'{0}:\' );".format(wo_domain) +
"\nPlease add manually")
except SiteError as e:
Log.debug(self, str(e))
@@ -1473,10 +1634,12 @@ class WOSiteUpdateController(CementBaseController):
db_user=data['wo_db_user'],
db_password=data['wo_db_pass'],
db_host=data['wo_db_host'],
ssl=True if check_site.is_ssl else False, php_version=check_php_version)
ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
else:
updateSiteInfo(self, wo_domain, stype=stype, cache=cache,
ssl=True if check_site.is_ssl else False, php_version=check_php_version)
ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
Log.info(self, "Successfully updated site"
" http://{0}".format(wo_domain))
return 0
@@ -1608,9 +1771,11 @@ class WOSiteDeleteController(CementBaseController):
deleteSiteInfo(self, wo_domain)
Log.info(self, "Deleted site {0}".format(wo_domain))
# else:
# Log.error(self, " site {0} does not exists".format(wo_domain))
# Log.error(self, " site {0} does
# not exists".format(wo_domain))
else:
if (mark_db_delete_prompt or mark_webroot_delete_prompt or (mark_webroot_deleted and mark_db_deleted)):
if (mark_db_delete_prompt or mark_webroot_delete_prompt or
(mark_webroot_deleted and mark_db_deleted)):
# TODO Delete nginx conf
removeNginxConf(self, wo_domain)
deleteSiteInfo(self, wo_domain)

162
wo/cli/plugins/site_functions.py
View File

@@ -96,8 +96,8 @@ def setupdomain(self, data):
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
except CalledProcessError as e:
Log.debug(self, "{0}".format(str(e)))
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail"
+ Log.OKBLUE + "]")
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" +
Log.OKBLUE + "]")
raise SiteError("created nginx configuration failed for site."
" check with `nginx -t`")
@@ -141,7 +141,8 @@ def setupdomain(self, data):
def setupdatabase(self, data):
wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 24)))
string.ascii_lowercase +
string.digits, 24)))
wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -242,7 +243,8 @@ def setupwordpress(self, data):
wo_wp_email = self.app.config.get('wordpress', 'email')
# Random characters
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15)))
string.ascii_lowercase +
string.digits, 15)))
wo_wp_prefix = ''
# wo_wp_user = ''
# wo_wp_pass = ''
@@ -312,8 +314,8 @@ def setupwordpress(self, data):
"--dbuser=\'{2}\' --dbhost=\'{3}\' "
.format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_user'], data['wo_db_host']
)
+ "--dbpass=\'{0}\' "
) +
"--dbpass=\'{0}\' "
"--extra-php<<PHP \n {1} {redissalt}\nPHP\""
.format(data['wo_db_pass'],
"\n\ndefine(\'WP_DEBUG\', false);",
@@ -344,13 +346,13 @@ def setupwordpress(self, data):
"\n\ndefine(\'WP_DEBUG\', false);"))
try:
if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root"
.format(WOVariables.wo_wpcli_path)
+ " core config "
+ "--dbname=\'{0}\' --dbprefix=\'{1}\' "
.format(WOVariables.wo_wpcli_path) +
" core config " +
"--dbname=\'{0}\' --dbprefix=\'{1}\' "
"--dbhost=\'{2}\' "
.format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_host'])
+ "--dbuser=\'{0}\' --dbpass=\'{1}\' "
data['wo_db_host']) +
"--dbuser=\'{0}\' --dbpass=\'{1}\' "
"--extra-php<<PHP \n {2} {3} {redissalt}\nPHP\""
.format(data['wo_db_user'],
data['wo_db_pass'],
@@ -375,13 +377,15 @@ def setupwordpress(self, data):
import shutil
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd(
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))))
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(),
os.pardir))))
shutil.move(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
except Exception as e:
Log.error(self, 'Unable to move file from {0} to {1}'
.format(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir))), False)
os.path.abspath(os.path.join(os.getcwd(),
os.pardir))), False)
raise SiteError("Unable to move wp-config.php")
if not wo_wp_user:
@@ -488,11 +492,47 @@ def setupwordpress(self, data):
"""Install nginx-helper plugin """
installwp_plugin(self, 'nginx-helper', data)
if data['wpfc']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_fastcgi",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
elif data['wpredis']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}'
plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
@@ -569,13 +609,13 @@ def uninstallwp_plugin(self, plugin_name, data):
.format(plugin_name))
try:
WOShellExec.cmd_exec(self, "php {0} plugin "
.format(WOVariables.wo_wpcli_path)
+ "--allow-root deactivate "
.format(WOVariables.wo_wpcli_path) +
"--allow-root deactivate "
"{0}".format(plugin_name))
WOShellExec.cmd_exec(self, "php {0} plugin "
.format(WOVariables.wo_wpcli_path)
+ "--allow-root uninstall "
.format(WOVariables.wo_wpcli_path) +
"--allow-root uninstall "
"{0}".format(plugin_name))
except CommandExecutionError as e:
raise SiteError("plugin uninstall failed")
@@ -590,16 +630,17 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data):
if not data['multisite']:
try:
WOShellExec.cmd_exec(self, "php {0} "
.format(WOVariables.wo_wpcli_path)
+ "--allow-root option update "
"{0} \'{1}\' --format=json".format(plugin_option, plugin_data))
.format(WOVariables.wo_wpcli_path) +
"--allow-root option update "
"{0} \'{1}\' --format=json"
.format(plugin_option, plugin_data))
except CommandExecutionError as e:
raise SiteError("plugin setup failed")
else:
try:
WOShellExec.cmd_exec(self, "php {0} "
.format(WOVariables.wo_wpcli_path)
+ "--allow-root network meta update 1 "
.format(WOVariables.wo_wpcli_path) +
"--allow-root network meta update 1 "
"{0} \'{1}\' --format=json"
.format(plugin_option, plugin_data
))
@@ -721,7 +762,8 @@ def site_package_check(self, stype):
self, "Error: two different PHP versions cannot be "
"combined within the same WordOps site")
if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir', 'wpsubdomain']:
if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir',
'wpsubdomain']:
Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
@@ -730,7 +772,8 @@ def site_package_check(self, stype):
else:
apt_packages = apt_packages + WOVariables.wo_php
if self.app.pargs.php73 and stype in ['mysql', 'wp', 'wpsubdir', 'wpsubdomain']:
if self.app.pargs.php73 and stype in ['mysql', 'wp',
'wpsubdir', 'wpsubdomain']:
Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
@@ -799,7 +842,7 @@ def site_package_check(self, stype):
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + \
WOVariables.wo_php73 + WOVariables.wo_php_extra
WOVariables.wo_php73 + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php73
@@ -1103,7 +1146,8 @@ def detSitePar(opts):
def generate_random():
wo_random10 = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 16)))
string.ascii_lowercase +
string.digits, 16)))
return wo_random10
@@ -1146,8 +1190,8 @@ def deleteDB(self, dbname, dbuser, dbhost, exit=True):
def deleteWebRoot(self, webroot):
# do some preprocessing before proceeding
webroot = webroot.strip()
if (webroot == "/var/www/" or webroot == "/var/www"
or webroot == "/var/www/.." or webroot == "/var/www/."):
if (webroot == "/var/www/" or webroot == "/var/www" or
webroot == "/var/www/.." or webroot == "/var/www/."):
Log.debug(self, "Tried to remove {0}, but didn't remove it"
.format(webroot))
return False
@@ -1200,7 +1244,8 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
# setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)):
@@ -1281,7 +1326,8 @@ def setupLetsEncrypt(self, wo_domain_name):
def setupLetsEncryptSubdomain(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)):
@@ -1371,10 +1417,12 @@ def renewLetsEncrypt(self, wo_domain_name):
mail_list = ''
if not ssl:
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False)
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!",
False)
if (SSL.getExpirationDays(self, wo_domain_name) > 0):
Log.error(self, "Your current certificate will expire within " +
str(SSL.getExpirationDays(self, wo_domain_name)) + " days.", False)
str(SSL.getExpirationDays(self, wo_domain_name)) +
" days.", False)
else:
Log.error(self, "Your current certificate already expired!", False)
@@ -1405,6 +1453,23 @@ def renewLetsEncrypt(self, wo_domain_name):
# redirect= False to disable https redirection
def setupHsts(self, wo_domain_name):
Log.info(
self, "Adding /var/www/{0}/conf/nginx/hsts.conf"
.format(wo_domain_name))
hstsconf = open("/var/www/{0}/conf/nginx/hsts.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
hstsconf.write("more_set_headers "
"\"Strict-Transport-Security: "
"max-age=31536000; "
"'includeSubDomains; "
"preload\";")
hstsconf.close()
return 0
def httpsRedirect(self, wo_domain_name, redirect=True):
if redirect:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled"
@@ -1426,23 +1491,30 @@ def httpsRedirect(self, wo_domain_name, redirect=True):
sslconf.write("server {\n"
"\tlisten 80;\n" +
"\tlisten [::]:80;\n" +
"\tserver_name www.{0} {0};\n".format(wo_domain_name) +
"\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}")
"\tserver_name www.{0} {0};\n"
.format(wo_domain_name) +
"\treturn 301 https://{0}"
.format(wo_domain_name)+"$request_uri;\n}")
sslconf.close()
# Nginx Configation into GIT
except IOError as e:
Log.debug(self, str(e))
Log.debug(self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
"/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
Log.info(self, "Added HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name))
WOGit.add(self,
["/etc/nginx"], msg="Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name))
["/etc/nginx"], msg="Adding /etc/nginx/conf.d/"
"force-ssl-{0}.conf".format(wo_domain_name))
else:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)):
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name))
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name)):
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled"
.format(wo_domain_name))
Log.info(self, "Disabled HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name))
@@ -1478,7 +1550,8 @@ def archivedCertificateHandle(self, domain):
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live, domain))
.format(WOVariables.wo_ssl_live,
domain))
if ssl:
try:
@@ -1495,7 +1568,8 @@ def archivedCertificateHandle(self, domain):
sslconf.write("listen 443 ssl http2;\n"
"listen [::]:443 ssl http2;\n"
"ssl on;\n"
"ssl_certificate {0}/{1}/fullchain.pem;\n"
"ssl_certificate "
"{0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n"
.format(WOVariables.wo_ssl_live, domain))
sslconf.close()
@@ -1525,7 +1599,7 @@ def archivedCertificateHandle(self, domain):
"'/etc/letsencrypt/config' "
"--renew -d {0} --ecc "
"--force"
.format(domain))
.format(domain))
if ssl:

140
wo/cli/plugins/stack.py
View File

@@ -90,7 +90,8 @@ class WOStackController(CementBaseController):
if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
Log.info(self, "Adding repository for MySQL, please wait...")
mysql_pref = ("Package: *\nPin: origin sfo1.mirrors.digitalocean.com"
mysql_pref = ("Package: *\nPin: origin "
"sfo1.mirrors.digitalocean.com"
"\nPin-Priority: 1000\n")
with open('/etc/apt/preferences.d/'
'MariaDB.pref', 'w') as mysql_pref_file:
@@ -441,6 +442,14 @@ class WOStackController(CementBaseController):
os.makedirs('{0}22222/cert'
.format(WOVariables.wo_webroot))
if not os.path.exists('{0}22222/conf/nginx'
.format(WOVariables.wo_webroot)):
Log.debug(self, "Creating directory "
"{0}22222/conf/nginx"
.format(WOVariables.wo_webroot))
os.makedirs('{0}22222/conf/nginx'
.format(WOVariables.wo_webroot))
WOFileUtils.create_symlink(self, ['/var/log/nginx/'
'22222.access.log',
'{0}22222/'
@@ -487,7 +496,17 @@ class WOStackController(CementBaseController):
except CommandExecutionError as e:
Log.error(
self, "Failed to generate HTTPS certificate for 22222")
self, "Failed to generate HTTPS "
"certificate for 22222")
if not os.path.isfile('{0}22222/conf/nginx/ssl.conf'
.format(WOVariables.wo_webroot)):
with open("/etc/nginx/conf.d/"
"upstream.conf", "a") as php_file:
php_file.write("ssl_certificate "
"/var/www/22222/cert/22222.crt;\n"
"ssl_certificate_key "
"/var/www/22222/cert/22222.key;\n")
# Nginx Configation into GIT
WOGit.add(self,
@@ -504,6 +523,7 @@ class WOStackController(CementBaseController):
else:
WOService.restart_service(self, 'nginx')
# create redis conf is redis is installed
if WOAptGet.is_installed(self, 'redis-server'):
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/"
@@ -530,6 +550,7 @@ class WOStackController(CementBaseController):
out=wo_nginx)
wo_nginx.close()
# add redis upstream if not available in upstream.conf
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/"
"upstream.conf",
@@ -540,8 +561,10 @@ class WOStackController(CementBaseController):
" server 127.0.0.1:6379;\n"
" keepalive 10;\n}\n")
# add redis cache format if not already done
if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/conf.d/redis.conf")):
not os.path.isfile("/etc/nginx/conf.d"
"/redis.conf")):
with open("/etc/nginx/conf.d/"
"redis.conf", "a") as redis_file:
redis_file.write("# Log format Settings\n"
@@ -841,7 +864,8 @@ class WOStackController(CementBaseController):
config.write(configfile)
# Parse /etc/php/7.3/fpm/php-fpm.conf
data = dict(pid="/run/php/php7.3-fpm.pid", error_log="/var/log/php7.3-fpm.log",
data = dict(pid="/run/php/php7.3-fpm.pid",
error_log="/var/log/php7.3-fpm.log",
include="/etc/php/7.3/fpm/pool.d/*.conf")
Log.debug(self, "writting php 7.3 configuration into "
"/etc/php/7.3/fpm/php-fpm.conf")
@@ -1011,28 +1035,38 @@ class WOStackController(CementBaseController):
shutil.move('/tmp/phpmyadmin-STABLE/',
'{0}22222/htdocs/db/pma/'
.format(WOVariables.wo_webroot))
shutil.copyfile('{0}22222/htdocs/db/pma/config.sample.inc.php'
shutil.copyfile('{0}22222/htdocs/db/pma'
'/config.sample.inc.php'
.format(WOVariables.wo_webroot),
'{0}22222/htdocs/db/pma/config.inc.php'
.format(WOVariables.wo_webroot))
Log.debug(self, 'Setting Blowfish Secret Key FOR COOKIE AUTH to '
Log.debug(self, 'Setting Blowfish Secret Key '
'FOR COOKIE AUTH to '
'{0}22222/htdocs/db/pma/config.inc.php file '
.format(WOVariables.wo_webroot))
blowfish_key = ''.join([random.choice
(string.ascii_letters + string.digits)
(string.ascii_letters +
string.digits)
for n in range(25)])
WOFileUtils.searchreplace(self,
'{0}22222/htdocs/db/pma/config.inc.php'
'{0}22222/htdocs/db/pma'
'/config.inc.php'
.format(WOVariables.wo_webroot),
"$cfg[\'blowfish_secret\'] = \'\';", "$cfg[\'blowfish_secret\'] = \'{0}\';"
"$cfg[\'blowfish_secret\']"
" = \'\';",
"$cfg[\'blowfish_secret\']"
" = \'{0}\';"
.format(blowfish_key))
Log.debug(self, 'Setting HOST Server For Mysql to '
'{0}22222/htdocs/db/pma/config.inc.php file '
.format(WOVariables.wo_webroot))
WOFileUtils.searchreplace(self,
'{0}22222/htdocs/db/pma/config.inc.php'
'{0}22222/htdocs/db/pma'
'/config.inc.php'
.format(WOVariables.wo_webroot),
"$cfg[\'Servers\'][$i][\'host\'] = \'localhost\';", "$cfg[\'Servers\'][$i][\'host\'] = \'{0}\';"
"$cfg[\'Servers\'][$i][\'host\']"
" = \'localhost\';", "$cfg"
"[\'Servers\'][$i][\'host\'] = \'{0}\';"
.format(WOVariables.wo_mysql_host))
Log.debug(self, 'Setting Privileges of webroot permission to '
'{0}22222/htdocs/db/pma file '
@@ -1045,18 +1079,21 @@ class WOStackController(CementBaseController):
# composer install and phpmyadmin update
if any('/tmp/composer-install' == x[1]
for x in packages):
Log.info(self, "Installing composer, please wait...")
WOShellExec.cmd_exec(self, "php -q /tmp/composer-install "
"--install-dir=/tmp/")
shutil.copyfile('/tmp/composer.phar',
'/usr/local/bin/composer')
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
Log.info(self, "Updating phpMyAdmin, please wait...")
WOShellExec.cmd_exec(self, "sudo -u www-data -H composer "
"update --no-dev -d "
"update -n --no-dev -d "
"/var/www/22222/htdocs/db/pma/")
# netdata install
if any('/tmp/kickstart.sh' == x[1]
for x in packages):
if not os.path.exists('/etc/netdata'):
Log.info(self, "Installing Netdata, please wait...")
WOShellExec.cmd_exec(self, "bash /tmp/kickstart.sh "
"--dont-wait --no-updates")
WOFileUtils.searchreplace(self, "/usr/lib/netdata/conf.d/"
@@ -1160,7 +1197,8 @@ class WOStackController(CementBaseController):
' BY \'{1}\''.format(self.app.config.get(
'mysql', 'grant-host'),
chars),
errormsg="cannot grant priviledges", log=False)
errormsg="cannot grant priviledges",
log=False)
# Custom Anemometer configuration
Log.debug(self, "configration Anemometer")
@@ -1180,9 +1218,6 @@ class WOStackController(CementBaseController):
if any('/tmp/pra.tar.gz' == x[1]
for x in packages):
Log.debug(self, 'Extracting file /tmp/pra.tar.gz to '
'loaction /tmp/')
WOExtract.extract(self, '/tmp/pra.tar.gz', '/tmp/')
if not os.path.exists('{0}22222/htdocs/cache/redis'
.format(WOVariables.wo_webroot)):
Log.debug(self, "Creating new directory "
@@ -1190,23 +1225,15 @@ class WOStackController(CementBaseController):
.format(WOVariables.wo_webroot))
os.makedirs('{0}22222/htdocs/cache/redis'
.format(WOVariables.wo_webroot))
if not os.path.exists('{0}22222/htdocs/cache/'
'redis/phpRedisAdmin'
.format(WOVariables.wo_webroot)):
shutil.move('/tmp/phpRedisAdmin-master/',
'{0}22222/htdocs/cache/redis/phpRedisAdmin'
.format(WOVariables.wo_webroot))
Log.debug(self, 'Extracting file /tmp/predis.tar.gz to '
'loaction /tmp/')
WOExtract.extract(self, '/tmp/predis.tar.gz', '/tmp/')
shutil.move('/tmp/predis-1.0.1/',
'{0}22222/htdocs/cache/redis/'
'phpRedisAdmin/vendor'
.format(WOVariables.wo_webroot))
if os.path.isfile("/usr/local/bin/composer"):
WOShellExec.cmd_exec(self, "sudo -u www-data -H "
"composer "
"create-project -n -s dev "
"erik-dubbelboer/php-redis-admin "
"/var/www/22222/htdocs/cache"
"/redis/phpRedisAdmin/ ")
Log.debug(self, 'Setting Privileges of webroot permission to '
'{0}22222/htdocs/cache/ file '
'{0}22222/htdocs/cache/file '
.format(WOVariables.wo_webroot))
WOFileUtils.chown(self, '{0}22222'
.format(WOVariables.wo_webroot),
@@ -1363,11 +1390,19 @@ class WOStackController(CementBaseController):
Log.debug(self, "Setting packages variable for Adminer ")
packages = packages + [["https://www.adminer.org/static/"
"download/{0}/adminer-{0}.php"
"".format(WOVariables.wo_adminer),
.format(WOVariables.wo_adminer),
"{0}22222/"
"htdocs/db/adminer/index.php"
.format(WOVariables.wo_webroot),
"Adminer"]]
"Adminer"],
["https://raw.githubusercontent.com"
"/vrana/adminer/master/designs/"
"pepa-linha/adminer.css",
"{0}22222/"
"htdocs/db/adminer/adminer.css"
.format(WOVariables.wo_webroot),
"Adminer theme"]]
# Netdata
if self.app.pargs.netdata:
Log.debug(self, "Setting packages variable for Netdata")
@@ -1451,24 +1486,36 @@ class WOStackController(CementBaseController):
WOShellExec.cmd_exec(self, "systemctl enable redis-server")
if os.path.isfile("/etc/redis/redis.conf"):
if WOVariables.wo_ram < 512:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
Log.debug(self, "Setting maxmemory variable to "
"{0} in redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.1)))
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory <bytes>/maxmemory {0}/' /etc/redis/redis.conf"
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory"
" <bytes>/maxmemory {0}/'"
" /etc/redis/redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.1)))
Log.debug(
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' "
self, "Setting maxmemory-policy variable to "
"allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-"
"policy.*/maxmemory-policy "
"allkeys-lru/' "
"/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server')
else:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
Log.debug(self, "Setting maxmemory variable to {0} "
"in redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.2)))
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory <bytes>/maxmemory {0}/' /etc/redis/redis.conf"
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory "
"<bytes>/maxmemory {0}/' "
"/etc/redis/redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.2)))
Log.debug(
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' "
self, "Setting maxmemory-policy variable "
"to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-"
"policy.*/maxmemory-policy "
"allkeys-lru/' "
"/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server')
if disp_msg:
@@ -1518,7 +1565,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Removing apt_packages variable of Nginx")
apt_packages = apt_packages + WOVariables.wo_nginx
else:
Log.error(self, "Cannot Remove! Nginx Stable version not found.")
Log.error(self, "Cannot Remove! Nginx Stable "
"version not found.")
# PHP 7.2
if self.app.pargs.php:
Log.debug(self, "Removing apt_packages variable of PHP")
@@ -1662,7 +1710,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Purge apt_packages variable PHP")
if WOAptGet.is_installed(self, 'php7.2-fpm'):
if not (WOAptGet.is_installed(self, 'php7.3-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php + \
WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else:
@@ -1673,7 +1722,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
apt_packages = apt_packages + WOVariables.wo_php73 + \
WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php73
else:

6
wo/cli/plugins/stack_services.py
View File

@@ -14,7 +14,8 @@ class WOStackStatusController(CementBaseController):
description = 'Check the stack status'
arguments = [
(['--memcached'],
dict(help='start/stop/restart memcached', action='store_true')),
dict(help='start/stop/restart memcached',
action='store_true')),
]
@expose(help="Start stack services")
@@ -186,7 +187,8 @@ class WOStackStatusController(CementBaseController):
if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")):
if ((WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or
WOAptGet.is_installed(self,
'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server'))):
services = services + ['mysql']
else:

8
wo/cli/templates/22222.mustache
View File

@@ -7,9 +7,6 @@ server {
access_log /var/log/nginx/22222.access.log rt_cache;
error_log /var/log/nginx/22222.error.log;
ssl_certificate {{webroot}}22222/cert/22222.crt;
ssl_certificate_key {{webroot}}22222/cert/22222.key;
# Force HTTP to HTTPS
error_page 497 =200 https://$host:22222$request_uri;
@@ -65,9 +62,8 @@ server {
proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
}
include {{webroot}}22222/conf/nginx/*.conf;
}

3
wo/cli/templates/fail2ban-wp.mustache Normal file
View File

@@ -0,0 +1,3 @@
[Definition]
failregex = ^<HOST>.* "POST .*/wp-login.php([/\?#\\].*)? HTTP/.*" 200
ignoreregex =

24
wo/cli/templates/fail2ban.mustache Normal file
View File

@@ -0,0 +1,24 @@
[recidive]
enabled = true
[nginx-http-auth]
enabled = true
[nginx-botsearch]
enabled = true
[wo-wordpress]
enabled = true
filter = wo-wordpress
action = iptables-multiport[name="wo-wordpress", port="http,https"]
logpath = /var/log/nginx/*access.log
maxretry = 5
[nginx-forbidden]
enabled = true
filter = nginx-forbidden
port = http,https
logpath = /var/log/nginx/*error*.log
findtime = 60
bantime = 6000
maxretry = 3

3
wo/core/shellexec.py
View File

@@ -53,7 +53,6 @@ class WOShellExec():
Log.debug(self, "{0}{1}".format(e.errno, e.strerror))
raise CommandExecutionError
def cmd_exec_stdout(self, command, errormsg='', log=True):
"""Run shell command from Python"""
try:
@@ -80,4 +79,4 @@ class WOShellExec():
raise CommandExecutionError
except Exception as e:
Log.debug(self, str(e))
raise CommandExecutionError
raise CommandExecutionError

26
wo/core/sslutils.py
View File

@@ -9,7 +9,8 @@ class SSL:
# check if exist
if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem'
.format(domain)):
Log.error(self, 'File Not Found : /etc/letsencrypt/live/{0}/cert.pem'
Log.error(self, 'File Not Found: '
'/etc/letsencrypt/live/{0}/cert.pem'
.format(domain), False)
if returnonerror:
return -1
@@ -17,8 +18,14 @@ class SSL:
"`tail /var/log/wo/wordops.log` and please try again...")
current_date = WOShellExec.cmd_exec_stdout(self, "date -d \"now\" +%s")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \"`openssl x509 -in /etc/letsencrypt/live/{0}/cert.pem"
" -text -noout|grep \"Not After\"|cut -c 25-`\" +%s".format(domain))
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \""
"`openssl x509 -in "
"/etc/letsencrypt/live/"
"{0}/cert.pem"
" -text -noout|grep "
"\"Not After\"|"
"cut -c 25-`\" "
"+%s".format(domain))
days_left = int((int(expiration_date) - int(current_date)) / 86400)
if (days_left > 0):
@@ -31,11 +38,18 @@ class SSL:
# check if exist
if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem'
.format(domain)):
Log.error(self, 'File Not Found : /etc/letsencrypt/live/{0}/cert.pem'
Log.error(self, 'File Not Found: /etc/letsencrypt/'
'live/{0}/cert.pem'
.format(domain), False)
Log.error(self, "Check the WordOps log for more details "
"`tail /var/log/wo/wordops.log` and please try again...")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \"`openssl x509 -in /etc/letsencrypt/live/{0}/cert.pem"
" -text -noout|grep \"Not After\"|cut -c 25-`\" ".format(domain))
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d "
"\"`openssl x509 -in "
"/etc/letsencrypt/live/"
"{0}/cert.pem"
" -text -noout|grep "
"\"Not After\"|"
"cut -c 25-`\" "
.format(domain))
return expiration_date

2
wo/core/variables.py
View File

@@ -152,6 +152,8 @@ class WOVariables():
wo_mysql = ["mariadb-server", "percona-toolkit"]
wo_fail2ban = "fail2ban"
# Redis repo details
if wo_platform_distro == 'ubuntu':
wo_redis_repo = ("ppa:chris-lea/redis-server")