Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #54 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-04-16 11:50:55 +02:00
committed by GitHub
parent 180eaf5ce5 f85d2073dc
commit c2a19048ef
20 changed files with 648 additions and 299 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.travis.yml
View File

@@ -13,7 +13,12 @@ before_script:
- sudo bash -c 'echo example.com > /etc/hostname' - sudo bash -c 'echo example.com > /etc/hostname'
- sudo apt-get -qq purge mysql* graphviz* - sudo apt-get -qq purge mysql* graphviz*
- sudo apt-get -qq autoremove --purge - sudo apt-get -qq autoremove --purge
- sudo apt-get update addons:
apt:
update: true
git:
quiet: true
script: script:
- lsb_release -a - lsb_release -a
@@ -21,13 +26,8 @@ script:
- sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig'
- sudo echo "Travis Banch = $TRAVIS_BRANCH" - sudo echo "Travis Banch = $TRAVIS_BRANCH"
- sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree - sudo apt-get install -y --force-yes git python3-setuptools python3-dev python3-apt ccze tree
- sudo bash install $TRAVIS_BRANCH - sudo bash install -b $TRAVIS_BRANCH
- sudo wo --help - sudo wo --help && sudo wo stack install && sudo wo stack install --admin
- sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log
@@ -60,7 +60,4 @@ script:
- sudo ls /var/www/ - sudo ls /var/www/
- sudo wp --allow-root --info - sudo wp --allow-root --info
- sudo wo info || sudo tail -n50 /var/log/wo/wordops.log - sudo wo info || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo'
- sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down"
- sudo tree -L 2 /etc/nginx - sudo tree -L 2 /etc/nginx

5
CHANGELOG.md
View File

@@ -27,6 +27,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- "wo maintenance" command to perform server package update & cleanup - "wo maintenance" command to perform server package update & cleanup
- Support for Netdata on backend : https://server.hostname:22222/netdata/ - Support for Netdata on backend : https://server.hostname:22222/netdata/
- New Stacks : composer and netdata - New Stacks : composer and netdata
- additional argument for letsencrypt : --hsts
- Theme for adminer
- Credits for tools shipped with WordOps
#### Changed #### Changed
@@ -37,6 +40,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Increase MySQL root password size to 16 characters - Increase MySQL root password size to 16 characters
- Increase MySQL users password size to 16 characters - Increase MySQL users password size to 16 characters
- Nginx locations template is the same for php7.2 & 7.3 - Nginx locations template is the same for php7.2 & 7.3
- refactor install script
- backend SSL configuration now stored in /var/www/22222/conf/nginx/ssl.conf
#### Fixed #### Fixed

43
README.md
View File

@@ -1,7 +1,7 @@
<h1 align="center" style="font-size:54px;"><a href="https://wordops.net"> <p align="center"><img src="https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/logo.png" width="400" alt="Wordops" /><a href="https://wordops.net">
WordOps</a>
<br> <br>
</h1> </p>
<h2 align="center">An essential toolset that eases WordPress site and server administration</h2> <h2 align="center">An essential toolset that eases WordPress site and server administration</h2>
@@ -19,7 +19,6 @@
<p align="center"> <p align="center">
<a href="#key-features">Key Features</a> • <a href="#key-features">Key Features</a> •
<a href="#getting-started">Getting Started</a> •
<a href="#usage">Usage</a> • <a href="#usage">Usage</a> •
<a href="https://github.com/WordOps/WordOps/projects">RoadMap</a> • <a href="https://github.com/WordOps/WordOps/projects">RoadMap</a> •
<a href="https://github.com/WordOps/WordOps/blob/master/CHANGELOG.md">Changelog</a> • <a href="https://github.com/WordOps/WordOps/blob/master/CHANGELOG.md">Changelog</a> •
@@ -28,8 +27,10 @@
</p> </p>
<p align="center"> <p align="center">
<a href="https://wordops.net"> WordOps site</a> • <a href="https://wordops.net"> WordOps site</a> •
<a href="https://docs.wordops.net">Documentation</a> •
<a href="https://community.wordops.net">Community forum</a> • <a href="https://community.wordops.net">Community forum</a> •
<a href="https://docs.wordops.net">Documentation</a> <a href="https://community.wordops.io/slack">Slack</a>
</p> </p>
--- ---
@@ -41,8 +42,9 @@
- **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- **Secured** : Hardened WordPress security with strict Nginx location directives - **Secured** : Hardened WordPress security with strict Nginx location directives
- **Powerful** : Optimized Nginx configurations with multiple cache backends support - **Powerful** : Optimized Nginx configurations with multiple cache backends support
- **SSL** : Let's Encrypt SSL certificates handled by Acme.sh - **SSL** : Let's Encrypt SSL certificates handled by acme.sh
- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols - **Modern** : Secured SSL/TLS encryption with strong ciphers_suite, modern TLS protocols and HSTS support
- **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata
## Requirements ## Requirements
@@ -63,7 +65,7 @@
## Getting Started ## Getting Started
```bash ```bash
wget -qO wo wops.cc && sudo bash wo # Install WordOps curl -sL wops.cc | sudo bash # Install WordOps
sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com
``` ```
@@ -75,6 +77,7 @@ WordOps made some fundamental changes:
- Support for w3tc is dropped as a security precaution. - Support for w3tc is dropped as a security precaution.
- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3. - PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3.
- Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.14.2 with Brolti support) - Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.14.2 with Brolti support)
- HHVM stack has been removed
- Let's Encrypt stack isn't based on letsencrypt-auto anymore, we use acme.sh to handle SSL certificates - Let's Encrypt stack isn't based on letsencrypt-auto anymore, we use acme.sh to handle SSL certificates
If you are going to migrate from EasyEngine v3, here some important informations : If you are going to migrate from EasyEngine v3, here some important informations :
@@ -129,15 +132,6 @@ wo site create example.com --wp --letsencrypt # install wordpress & secure site
wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt wo site create sub.example.com --wp --letsencrypt=subdomain # install wordpress and secure subdomain with letsencrypt
``` ```
## Cheatsheet
| | single site | multisite w/ subdir | multisite w/ subdom |
|--------------------|---------------|-----------------------|--------------------------|
| **NO Cache** | --wp | --wpsubdir | --wpsubdomain |
| **WP Super Cache** | --wpsc | -wpsubdir --wpsc | --wpsubdomain --wpsc |
| **Nginx fastcgi_cache** | --wpfc | --wpsubdir --wpfc | --wpsubdomain --wpfc |
| **Redis cache** | --wpredis | --wpsubdir --wpredis | --wpsubdomain --wpredis |
## Update WordOps ## Update WordOps
```bash ```bash
@@ -146,8 +140,8 @@ wo update
## Support ## Support
If you feel there is a bug directly related to WordOps, feel free to open an issue. If you feel there is a bug directly related to WordOps, or if you want to suggest new features for WordOps, feel free to open an issue.
For any other questions/suggestions about WordOps or if you need support, please use the [WordOps Community Forum](https://community.wordops.net/). For any other questions about WordOps or if you need support, please use the [Community Forum](https://community.wordops.net/).
# Contributing # Contributing
@@ -156,9 +150,18 @@ There is no need to be a developer or a system administrator to contribute to Wo
## Credits ## Credits
- Main source : [EasyEngine](https://github.com/easyengine/easyengine) - Source : [EasyEngine](https://github.com/easyengine/easyengine)
Shipped with WordOps
- Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh) - Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh)
- WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli) - WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli)
- Monitoring : [Netdata](https://github.com/netdata/netdata)
- [phpMyAdmin](https://www.phpmyadmin.net/)
- [Adminer](https://www.adminer.org/)
- [phpRedisAdmin](https://github.com/erikdubbelboer/phpRedisAdmin)
- [PHPMemcachedAdmin](https://github.com/elijaa/phpmemcachedadmin)
- [opcacheGUI](https://github.com/amnuts/opcache-gui)
## License ## License

20
config/bash_completion.d/wo_auto.rc
View File

@@ -74,7 +74,7 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE
"install" | "purge" | "remove" ) "install" | "purge" | "remove" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin" \ -W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban" \
-- $cur) ) -- $cur) )
;; ;;
"upgrade" ) "upgrade" )
@@ -84,7 +84,7 @@ _wo_complete()
;; ;;
"start" | "stop" | "reload" | "restart" | "status") "start" | "stop" | "reload" | "restart" | "status")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--nginx --php --php73 --mysql --memcache --redis" \ -W "--nginx --php --php73 --mysql --memcache --redis --fail2ban --netdata" \
-- $cur) ) -- $cur) )
;; ;;
"migrate") "migrate")
@@ -159,7 +159,7 @@ _wo_complete()
"create") "create")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt -le" \ -W "--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --proxy= --wpredis --letsencrypt --letsencrypt=subdomain -le" \
-- $cur) ) -- $cur) )
;; ;;
@@ -213,7 +213,7 @@ _wo_complete()
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73" retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --le --le=subdomain --le=off "
else else
retlist="" retlist=""
fi fi
@@ -230,7 +230,7 @@ _wo_complete()
"--wpsubdir" | "--wpsubdomain") "--wpsubdir" | "--wpsubdomain")
if [ ${COMP_WORDS[1]} != "debug" ]; then if [ ${COMP_WORDS[1]} != "debug" ]; then
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73" retlist="--wpsc --wpfc --user --email --pass --wpredis --letsencrypt --letsencrypt=subdomain --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" retlist="--wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew"
else else
@@ -248,7 +248,7 @@ _wo_complete()
"--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") "--wpredis" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt " retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --php73 --letsencrypt --letsencrypt=subdomain"
else else
retlist="" retlist=""
fi fi
@@ -272,7 +272,7 @@ _wo_complete()
-- $cur) ) -- $cur) )
;; ;;
"--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcache" | "--redis | --phpredisadmin") "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--memcached" | "--redis | --phpredisadmin")
if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then
retlist="--web --admin --nginx --php --php73 --mysql--wpcli --phpmyadmin --adminer --utils --memcache --redis --phpredisadmin" retlist="--web --admin --nginx --php --php73 --mysql--wpcli --phpmyadmin --adminer --utils --memcache --redis --phpredisadmin"
elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then
@@ -324,8 +324,8 @@ _wo_complete()
-- $cur) ) -- $cur) )
;; ;;
"--memcache" | "--opcache" | "--fastcgi" | "--all" | "--redis") "--memcached" | "--opcache" | "--fastcgi" | "--all" | "--redis")
retlist="--memcache --opcache --fastcgi --redis --all" retlist="--memcached --opcache --fastcgi --redis --all"
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "$(echo $ret)" \ -W "$(echo $ret)" \
@@ -363,7 +363,7 @@ _wo_complete()
case "$mprev" in case "$mprev" in
"--user" | "--email" | "--pass") "--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt" retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain"
fi fi
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \

24
docs/wo.8
View File

@@ -3,17 +3,17 @@
.B WordOps (wo) .B WordOps (wo)
\- Manage Nginx Based Websites. \- Manage Nginx Based Websites.
.SH SYNOPSIS .SH SYNOPSIS
wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync] wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance]
.TP .TP
wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --hhvm | --phpmyadmin | --phpredisadmin | --wpcli | --utils ] wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils ]
.TP .TP
wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcache | --redis] wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --memcached | --redis]
.TP .TP
wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ] wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ]
.TP .TP
wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm | --letsencrypt/-le]] wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain]]
.TP .TP
wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm ] [--password] [--letsencrypt=on/off/renew]] wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [--letsencrypt=on/off/subdomain/renew]]
.TP .TP
wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ] wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ]
.TP .TP
@@ -129,13 +129,13 @@ Disable site by Destroying softlink with site file in
.br .br
Edit NGINX configuration of site. Edit NGINX configuration of site.
.TP .TP
.B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --hhvm ]] .B create [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ]]
.br .br
Create new site according to given options. If no options provided Create new site according to given options. If no options provided
.br .br
create static site with html only. create static site with html only.
.TP .TP
.B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis | --hhvm ] [--password]] .B update [ example.com ] [ --html | --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [ --wpsc | --wpfc | --wpredis ] [--password]]
.br .br
Update site configuration according to specified options. Update site configuration according to specified options.
.TP .TP
@@ -163,9 +163,9 @@ if used with --all=off argument.
.br .br
Update security settings. Update security settings.
.TP .TP
.B clean [ --fastcgi | --opcache | --memcache | --redis | --all ] .B clean [ --fastcgi | --opcache | --memcached | --redis | --all ]
.br .br
Clean NGINX fastCGI cache, Opcache, Memcache, Redis cache. Clean NGINX fastCGI cache, Opcache, memcached, Redis cache.
.br .br
Clean NGINX fastCGI cache if no option specified. Clean NGINX fastCGI cache if no option specified.
.SH ARGUMENTS .SH ARGUMENTS
@@ -274,17 +274,13 @@ Install and activate Nginx-helper and WP Super Cache plugin.
.TP .TP
.B --wpfc .B --wpfc
.br .br
Install and activate Nginx-helper and W3 Total Cache plugin with Install and activate Nginx-helper plugin with
.br .br
Nginx FastCGI cache. Nginx FastCGI cache.
.TP .TP
.B --wpredis .B --wpredis
.br .br
Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching. Install, activate, configure Nginx-helper and Redis Object Cache Plugin, Configure NGINX for Redis Page Caching.
.TP
.B --hhvm
.br
Install, activate Nginx-helper and configure NGINX for HHVM.
.SH FILES .SH FILES
.br .br
/etc/wo/wo.conf /etc/wo/wo.conf

169
install
View File

@@ -7,10 +7,10 @@
# Copyright (c) 2019 - WordOps # Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T # This script is licensed under M.I.T
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.5 - 2019-03-27 # Version 3.9.5 - 2019-04-14
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.3" readonly wo_version_new="3.9.4.5"
# CONTENTS # CONTENTS
# --- # ---
# 1. VARIABLES AND DECLARATIONS # 1. VARIABLES AND DECLARATIONS
@@ -56,7 +56,7 @@ wo_lib_error() {
### ###
if [[ $EUID -ne 0 ]]; then if [[ $EUID -ne 0 ]]; then
wo_lib_echo_fail "Sudo privilege required..." wo_lib_echo_fail "Sudo privilege required..."
wo_lib_echo_fail "Use: wget -qO wo wordops.se/tup && sudo bash wo" wo_lib_echo_fail "Use: curl -sL wops.cc | sudo bash"
exit 100 exit 100
fi fi
@@ -78,10 +78,30 @@ if [ -z "$(command -v lsb_release)" ]; then
apt-get -y install lsb-release -qq apt-get -y install lsb-release -qq
fi fi
while [ "$#" -gt 0 ]; do
case "$1" in
-b | --branch)
wo_branch="$2"
shift
;;
-p | --preserve)
wo_preserve_config="y"
;;
--force)
wo_force_install="y"
;;
*) # positional args
;;
esac
shift
done
### ###
# 1 - Define variables for later use # 1 - Define variables for later use
### ###
wo_branch="$1" if [ -z "$wo_branch" ]; then
wo_branch=master
fi
readonly wo_log_dir=/var/log/wo/ readonly wo_log_dir=/var/log/wo/
readonly wo_backup_dir=/var/lib/wo-backup/ readonly wo_backup_dir=/var/lib/wo-backup/
readonly wo_install_log=/var/log/wo/install.log readonly wo_install_log=/var/log/wo/install.log
@@ -95,14 +115,15 @@ EE_BACKUP_FILE="/var/lib/wo-backup/ee-backup.$TIME.tar.gz"
WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz" WO_BACKUP_FILE="/var/lib/wo-backup/wo-backup.$TIME.tar.gz"
if [ -x /usr/local/bin/ee ]; then if [ -x /usr/local/bin/ee ]; then
migration=1 ee_migration=1
else elif [ -x /usr/local/bin/wo ]; then
migration=0 wo_upgrade=1
fi fi
### ###
# 1 - Checking linux distro # 1 - Checking linux distro
### ###
if [ -z "$wo_force_install" ]; then
if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then if [ "$wo_linux_distro" != "Ubuntu" ] && [ "$wo_linux_distro" != "Debian" ]; then
wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment." wo_lib_echo_fail "WordOps (wo) only supports Ubuntu and Debian at the moment."
wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support" wo_lib_echo_fail "If you are feeling adventurous, you are free to fork WordOps to support"
@@ -115,6 +136,7 @@ else
exit 100 exit 100
fi fi
fi fi
fi
### ###
# 1 - To prevent errors or unexpected behaviour, create the log and ACL it # 1 - To prevent errors or unexpected behaviour, create the log and ACL it
@@ -154,20 +176,20 @@ wo_install_dep() {
locale-gen en locale-gen en
} >> "$wo_install_log" 2>&1 } >> "$wo_install_log" 2>&1
# Support PFS # Support PFS
if [ -f /etc/nginx/nginx.conf ]; then # if [ -f /etc/nginx/nginx.conf ]; then
# Replace previous ciphers # # Replace previous ciphers
new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES" # new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES"
sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf # sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf
# Change the TLS protocols # # Change the TLS protocols
sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf # sed -i "s/ssl_protocols\ \(.*\);/ssl_protocols TLSv1.2;/" /etc/nginx/nginx.conf
fi # fi
# Let's Encrypt .well-known folder setup # # Let's Encrypt .well-known folder setup
if [ ! -d /var/www/html/.well-known/acme-challenge ]; then # if [ ! -d /var/www/html/.well-known/acme-challenge ]; then
mkdir -p /var/www/html/.well-known/acme-challenge # mkdir -p /var/www/html/.well-known/acme-challenge
chown -R www-data:www-data /var/www/html /var/www/html/.well-known # chown -R www-data:www-data /var/www/html /var/www/html/.well-known
chmod 750 /var/www/html /var/www/html/.well-known # chmod 750 /var/www/html /var/www/html/.well-known
fi # fi
} }
### ###
@@ -228,8 +250,8 @@ wo_sync_db() {
wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}') wo_site_current_type=$(grep "common/" /etc/nginx/sites-available/$site | awk -F "/" '{print $2}')
if [ "$(echo "$wo_site_current_type" | grep php)" ]; then if [ "$(echo $wo_site_current_type | grep php)" ]; then
if [ "$(echo "$wo_site_current_type" | grep php7)" ]; then if [ "$(echo $wo_site_current_type | grep php7)" ]; then
wo_php_version="7.0" wo_php_version="7.0"
else else
wo_php_version="5.6" wo_php_version="5.6"
@@ -238,28 +260,28 @@ wo_sync_db() {
wo_php_version="" wo_php_version=""
fi fi
if [ "$(echo "$wo_site_current_type" | grep redis)" ]; then if [ "$(echo $wo_site_current_type | grep redis)" ]; then
wo_site_current_cache="wpredis" wo_site_current_cache="wpredis"
elif [ -z "$(echo "$wo_site_current_type" | grep wpsc)" ]; then elif [ -z "$(echo $wo_site_current_type | grep wpsc)" ]; then
wo_site_current_cache="wpsc" wo_site_current_cache="wpsc"
elif [ -z "$(echo "$wo_site_current_type" | grep wpfc)" ]; then elif [ -z "$(echo $wo_site_current_type | grep wpfc)" ]; then
wo_site_current_cache="wpfc" wo_site_current_cache="wpfc"
else else
wo_site_current_cache="basic" wo_site_current_cache="basic"
fi fi
if [ "$(echo "$wo_site_current_type" | grep wp)" ]; then if [ "$(echo $wo_site_current_type | grep wp)" ]; then
if [ -z "$(echo "$wo_site_current_type" | grep wpsubdir)" ]; then if [ -z "$(echo $wo_site_current_type | grep wpsubdir)" ]; then
wo_site_current="wpsubdir" wo_site_current="wpsubdir"
elif [ -z "$(echo "$wo_site_current_type" | grep wpsudomain)" ]; then elif [ -z "$(echo $wo_site_current_type | grep wpsudomain)" ]; then
wo_site_current="wpsubdomain" wo_site_current="wpsubdomain"
else else
wo_site_current="wp" wo_site_current="wp"
fi fi
else else
if [ -z "$(echo "$wo_site_current_type" | grep location)" ]; then if [ -z "$(echo $wo_site_current_type | grep location)" ]; then
wo_site_current="proxy" wo_site_current="proxy"
elif [ -z "$(echo "$wo_site_current_type" | grep php)" ]; then elif [ -z "$(echo $wo_site_current_type | grep php)" ]; then
wo_site_current="html" wo_site_current="html"
else else
if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then if [ -f /var/www/${site}/ee-config.php ] || [ -f /var/www/${site}/wo-config.php ]; then
@@ -360,37 +382,35 @@ wo_install_acme_sh() {
} >> "$wo_install_log" 2>&1 } >> "$wo_install_log" 2>&1
fi fi
if [ -d "$HOME/.acme/.sh" ]; then if [ -d "$HOME/.acme.sh" ]; then
{ {
rsync -az --exclude="account.conf" \ /usr/bin/rsync -rltgoDpz --exclude="account.conf" \
--exclude="acme.sh" \ --exclude="acme.sh" \
--exclude="acme.sh.env" \ --exclude="acme.sh.env" \
--exclude="deploy" \ --exclude="deploy" \
--exclude="dnsapi" \ --exclude="dnsapi" \
--exclude="http.header" \ --exclude="http.header" \
--exclude="ca" \ --exclude="ca" \
--del \
"$HOME/.acme.sh/" \ "$HOME/.acme.sh/" \
/etc/letsencrypt/renewal/ /etc/letsencrypt/renewal/
} >> "$wo_install_log" 2>&1 } >> "$wo_install_log" 2>&1
fi fi
} }
# Now, finally, let's install WordOps # Clone Github repository if it doesn't exist
wo_install() { wo_install() {
{ {
rm -rf /tmp/easyengine if [ ! -d /tmp/WordOps/.git ]; then
rm -rf /tmp/wordops rm -rf /tmp/WordOps
git clone https://github.com/WordOps/WordOps.git /tmp/WordOps -b "$wo_branch"
[ -z "$wo_branch" ] && { else
wo_branch=master git -C /tmp/WordOps pull origin "$wo_branch"
} fi
cd /tmp/WordOps || exit 1
git clone -b "$wo_branch" https://github.com/WordOps/WordOps.git /tmp/wordops --quiet
cd /tmp/wordops || exit 1
} >> "$wo_install_log" 2>&1 } >> "$wo_install_log" 2>&1
python3 setup.py install python3 setup.py install
} }
wo_upgrade_nginx() { wo_upgrade_nginx() {
@@ -402,13 +422,17 @@ wo_upgrade_nginx() {
rm -rf /var/lib/wo-backup/nginx rm -rf /var/lib/wo-backup/nginx
fi fi
# backup nginx conf # backup nginx conf
/usr/bin/rsync -az /etc/nginx/ /var/lib/wo-backup/nginx/ if [ -d /etc/nginx ]; then
/usr/bin/rsync -az /etc/nginx/ /var/lib/wo-backup/nginx/
fi
if [ -d /etc/php ]; then
/usr/bin/rsync -az /etc/php/ /var/lib/wo-backup/php/
fi
# chec if the package nginx-ee is installed # chec if the package nginx-ee is installed
CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee) CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee)
CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo) CHECK_NGINX_WO=$(dpkg --list | grep nginx-wo)
CHECK_PHP72=$(dpkg --list | grep php7.2-fpm) CHECK_PHP72=$(command -v php-fpm7.2)
CHECK_PHP73=$(dpkg --list | grep php7.3-fpm) CHECK_PHP73=$(command -v php-fpm7.3)
# add new Nginx repository # add new Nginx repository
if [ "$wo_linux_distro" = "Ubuntu" ]; then if [ "$wo_linux_distro" = "Ubuntu" ]; then
@@ -447,25 +471,28 @@ wo_upgrade_nginx() {
# remove previous package # remove previous package
apt-mark unhold nginx-ee nginx-common nginx-custom apt-mark unhold nginx-ee nginx-common nginx-custom
apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom --purge apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom --purge
rm -rf /etc/nginx
elif [ -n "$CHECK_NGINX_WO" ]; then elif [ -n "$CHECK_NGINX_WO" ]; then
apt-mark unhold nginx-wo nginx-common nginx-custom apt-mark unhold nginx-wo nginx-common nginx-custom
apt-get -y -qq autoremove nginx-wo nginx-common nginx-custom --purge apt-get -y -qq autoremove nginx-wo nginx-common nginx-custom --purge
fi
if [ -d /etc/nginx ]; then
rm -rf /etc/nginx rm -rf /etc/nginx
fi fi
# remove previous php-fpm pool configuration # remove previous php-fpm pool configuration
if [ -n "$CHECK_PHP72" ]; then if [ -n "$CHECK_PHP72" ]; then
apt-get remove php7.2-fpm -y -qq --purge apt-get remove php7.2-fpm -y -qq --purge
rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
fi fi
/usr/local/bin/wo stack install --nginx --php
echo "$wo_version_new" > /etc/nginx/common/release
if [ -n "$CHECK_PHP73" ]; then if [ -n "$CHECK_PHP73" ]; then
WO_STACK_INSTALL_ARGS="--php73"
apt-get remove php7.3-fpm -y -qq --purge apt-get remove php7.3-fpm -y -qq --purge
rm -f /etc/php/7.3/fpm/pool.d/{www.conf,www-two.conf,debug.conf} rm -f /etc/php/7.3/fpm/pool.d/{www.conf,www-two.conf,debug.conf}
/usr/local/bin/wo stack install --php73 else
WO WO_STACK_INSTALL_ARGS=""
fi fi
/usr/local/bin/wo stack install --nginx --php $WO_STACK_INSTALL_ARGS
echo "$wo_version_new" > /etc/nginx/common/release
rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf} rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf}
fi fi
@@ -593,7 +620,7 @@ wo_backup_ee() {
} }
wo_backup_wo() { wo_backup_wo() {
tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo >> /var/log/wo/install.log 2>&1 tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx/ /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo >> /var/log/wo/install.log 2>&1
} }
wo_clean_ee() { wo_clean_ee() {
@@ -623,10 +650,8 @@ if [ -x /usr/local/bin/wo ]; then
wo_upgrade_nginx | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log
fi fi
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
if [ ! -d /opt/acme.sh ]; then wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log wo_install_acme_sh | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
fi
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
@@ -655,10 +680,8 @@ else
wo_upgrade_nginx | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log
fi fi
wo_update_latest | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log
if [ ! -d /opt/acme.sh ]; then wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log
wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log wo_install_acme_sh | tee -ai $wo_install_log
wo_install_acme_sh | tee -ai $wo_install_log
fi
wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log
wo_git_init | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log
wo_update_wp_cli | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log
@@ -684,21 +707,19 @@ fi
wo sync | tee -ai $wo_install_log wo sync | tee -ai $wo_install_log
if [ "$migration" -eq "1" ]; then if [ "$ee_migration" = "1" ]; then
echo echo
wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!" wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!"
wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz" wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz"
echo echo
wo_lib_echo_info "For autocompletion, run the following command:" elif [ "$wo_upgrade" = "1" ]; then
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc" wo_lib_echo "WordOps (wo) upgrade to $wo_version_new was succesfull!"
echo
wo_lib_echo "WordOps (wo) help: https://docs.wordops.net"
else else
echo wo_lib_echo "WordOps (wo) installed successfully"
wo_lib_echo "For WordOps (wo) auto completion, run the following command"
echo
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
echo
wo_lib_echo "Yay! WordOps (wo) installed/updated successfully"
wo_lib_echo "WordOps (wo) help: https://docs.wordops.net"
fi fi
wo_lib_echo_info "For autocompletion, run the following command:"
wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc"
echo
wo_lib_echo "WordOps Documentation : https://docs.wordops.net"
wo_lib_echo "WordOps Community Forum : https://community.wordops.net"
echo

BIN
logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

12
setup.py
View File

@@ -33,11 +33,9 @@ try:
wo_user = config['user']['name'] wo_user = config['user']['name']
wo_email = config['user']['email'] wo_email = config['user']['email']
except Exception as e: except Exception as e:
print("WordOps (wo) required your name & email address to track" print("WordOps (wo) require an username & and an email "
" changes you made under the Git version control") "address to configure Git (used to save server configurations)")
print("WordOps (wo) will be able to send you daily reports & alerts in " print("Your informations will ONLY be stored locally")
"upcoming version")
print("WordOps (wo) will NEVER share your information with other parties")
wo_user = input("Enter your name: ") wo_user = input("Enter your name: ")
while wo_user is "": while wo_user is "":
@@ -55,7 +53,7 @@ except Exception as e:
os.system("git config --global user.email {0}".format(wo_email)) os.system("git config --global user.email {0}".format(wo_email))
if not os.path.isfile('/root/.gitconfig'): if not os.path.isfile('/root/.gitconfig'):
shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig')
setup(name='wo', setup(name='wo',
version='3.9.4', version='3.9.4',
@@ -87,7 +85,7 @@ setup(name='wo',
'psutil == 3.1.1', 'psutil == 3.1.1',
'sh', 'sh',
'SQLAlchemy', 'SQLAlchemy',
], ],
data_files=[('/etc/wo', ['config/wo.conf']), data_files=[('/etc/wo', ['config/wo.conf']),
('/etc/wo/plugins.d', conf), ('/etc/wo/plugins.d', conf),
('/usr/lib/wo/templates', templates), ('/usr/lib/wo/templates', templates),

7
wo/cli/controllers/base.py
View File

@@ -13,12 +13,11 @@ Copyright (c) 2019 WordOps.
class WOBaseController(CementBaseController): class WOBaseController(CementBaseController):
class Meta: class Meta:
label = 'base' label = 'base'
description = ("WordOps is the commandline tool to manage your" description = ("An essential toolset that eases WordPress "
" websites based on WordPress and Nginx with easy to" "site and server administration with Nginx")
" use commands")
arguments = [ arguments = [
(['-v', '--version'], dict(action='version', version=BANNER)), (['-v', '--version'], dict(action='version', version=BANNER)),
] ]
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):

5
wo/cli/plugins/clean.py
View File

@@ -89,11 +89,12 @@ class WOCleanController(CementBaseController):
try: try:
Log.info(self, "Cleaning opcache") Log.info(self, "Cleaning opcache")
wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache" wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache"
"/opcache/opgui.php?page=reset").read() "/opcache/opgui.php?reset=1").read()
except Exception as e: except Exception as e:
Log.debug(self, "{0}".format(e)) Log.debug(self, "{0}".format(e))
Log.debug(self, "Unable hit url, " Log.debug(self, "Unable hit url, "
" https://127.0.0.1:22222/cache/opcache/opgui.php?page=reset," " https://127.0.0.1:22222/cache/opcache/"
"opgui.php?reset=1,"
" please check you have admin tools installed") " please check you have admin tools installed")
Log.debug(self, "please check you have admin tools installed," Log.debug(self, "please check you have admin tools installed,"
" or install them with `wo stack install --admin`") " or install them with `wo stack install --admin`")

269
wo/cli/plugins/site.py
View File

@@ -163,7 +163,8 @@ class WOSiteController(CementBaseController):
sslexpiry = '' sslexpiry = ''
data = dict(domain=wo_domain, webroot=wo_site_webroot, data = dict(domain=wo_domain, webroot=wo_site_webroot,
accesslog=access_log, errorlog=error_log, accesslog=access_log, errorlog=error_log,
dbname=wo_db_name, dbuser=wo_db_user, php_version=php_version, dbname=wo_db_name, dbuser=wo_db_user,
php_version=php_version,
dbpass=wo_db_pass, dbpass=wo_db_pass,
ssl=ssl, sslprovider=sslprovider, sslexpiry=sslexpiry, ssl=ssl, sslprovider=sslprovider, sslexpiry=sslexpiry,
type=sitetype + " " + cachetype + " ({0})" type=sitetype + " " + cachetype + " ({0})"
@@ -279,7 +280,8 @@ class WOSiteEditController(CementBaseController):
except CommandExecutionError as e: except CommandExecutionError as e:
Log.error(self, "Failed invoke editor") Log.error(self, "Failed invoke editor")
if (WOGit.checkfilestatus(self, "/etc/nginx", if (WOGit.checkfilestatus(self, "/etc/nginx",
'/etc/nginx/sites-available/{0}'.format(wo_domain))): '/etc/nginx/sites-available/{0}'
.format(wo_domain))):
WOGit.add(self, ["/etc/nginx"], msg="Edit website: {0}" WOGit.add(self, ["/etc/nginx"], msg="Edit website: {0}"
.format(wo_domain)) .format(wo_domain))
# Reload NGINX # Reload NGINX
@@ -334,6 +336,9 @@ class WOSiteCreateController(CementBaseController):
action='store' or 'store_const', action='store' or 'store_const',
choices=('on', 'subdomain', 'wildcard'), choices=('on', 'subdomain', 'wildcard'),
const='on', nargs='?')), const='on', nargs='?')),
(['--hsts'],
dict(help="enable HSTS for site secured with letsencrypt",
action='store_true')),
(['--user'], (['--user'],
dict(help="provide user for WordPress site")), dict(help="provide user for WordPress site")),
(['--email'], (['--email'],
@@ -493,7 +498,8 @@ class WOSiteCreateController(CementBaseController):
webroot=data['webroot']) webroot=data['webroot'])
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
if 'proxy' in data.keys() and data['proxy']: if 'proxy' in data.keys() and data['proxy']:
addNewSite(self, wo_domain, stype, cache, wo_site_webroot) addNewSite(self, wo_domain, stype, cache, wo_site_webroot)
@@ -507,7 +513,8 @@ class WOSiteCreateController(CementBaseController):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
if wo_auth and len(wo_auth): if wo_auth and len(wo_auth):
for msg in wo_auth: for msg in wo_auth:
Log.info(self, Log.ENDC + msg, log=False) Log.info(self, Log.ENDC + msg, log=False)
@@ -545,7 +552,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_db_host']) dbhost=data['wo_db_host'])
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
try: try:
wodbconfig = open("{0}/wo-config.php" wodbconfig = open("{0}/wo-config.php"
@@ -575,7 +583,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_db_host']) dbhost=data['wo_db_host'])
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
# Setup WordPress if Wordpress site # Setup WordPress if Wordpress site
if data['wp']: if data['wp']:
@@ -599,7 +608,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_mysql_grant_host']) dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
# Service Nginx Reload call cleanup if failed to reload nginx # Service Nginx Reload call cleanup if failed to reload nginx
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
@@ -617,7 +627,8 @@ class WOSiteCreateController(CementBaseController):
Log.info(self, Log.FAIL + "service nginx reload failed." Log.info(self, Log.FAIL + "service nginx reload failed."
" check issues with `nginx -t` command.") " check issues with `nginx -t` command.")
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` "
"and please try again")
WOGit.add(self, ["/etc/nginx"], WOGit.add(self, ["/etc/nginx"],
msg="{0} created with {1} {2}" msg="{0} created with {1} {2}"
@@ -640,7 +651,8 @@ class WOSiteCreateController(CementBaseController):
dbhost=data['wo_mysql_grant_host']) dbhost=data['wo_mysql_grant_host'])
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.error(self, "Check the log for details: " Log.error(self, "Check the log for details: "
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` and "
"please try again")
if wo_auth and len(wo_auth): if wo_auth and len(wo_auth):
for msg in wo_auth: for msg in wo_auth:
@@ -661,18 +673,30 @@ class WOSiteCreateController(CementBaseController):
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` and please try again")
if self.app.pargs.letsencrypt == "on": if self.app.pargs.letsencrypt == "on":
data['letsencrypt'] = True if self.app.pargs.hsts:
letsencrypt = True data['letsencrypt'] = True
letsencrypt = True
data['hsts'] = True
hsts = True
else:
data['letsencrypt'] = True
letsencrypt = True
data['hsts'] = False
hsts = False
if data['letsencrypt'] is True: if data['letsencrypt'] is True:
setupLetsEncrypt(self, wo_domain) setupLetsEncrypt(self, wo_domain)
httpsRedirect(self, wo_domain) httpsRedirect(self, wo_domain)
if data['hsts'] is True:
setupHsts(self, wo_domain)
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site " Log.info(self, "Congratulations! Successfully Configured "
"SSl for Site "
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
# Add nginx conf folder into GIT # Add nginx conf folder into GIT
@@ -689,15 +713,23 @@ class WOSiteCreateController(CementBaseController):
data['letsencrypt'] = True data['letsencrypt'] = True
letsencrypt = True letsencrypt = True
if self.app.pargs.hsts == 'on':
data['hsts'] = True
hsts = True
if data['letsencrypt'] is True: if data['letsencrypt'] is True:
setupLetsEncryptSubdomain(self, wo_domain) setupLetsEncryptSubdomain(self, wo_domain)
httpsRedirect(self, wo_domain) httpsRedirect(self, wo_domain)
if data['hsts'] is True:
setupHsts(self, wo_domain)
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site " Log.info(self, "Congratulations! Successfully Configured "
"SSl for Site "
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
# Add nginx conf folder into GIT # Add nginx conf folder into GIT
@@ -753,6 +785,11 @@ class WOSiteUpdateController(CementBaseController):
action='store' or 'store_const', action='store' or 'store_const',
choices=('on', 'off', 'renew', 'subdomain', 'wildcard'), choices=('on', 'off', 'renew', 'subdomain', 'wildcard'),
const='on', nargs='?')), const='on', nargs='?')),
(['--hsts'],
dict(help="configure hsts for the site",
action='store' or 'store_const',
choices=('on', 'off'),
const='on', nargs='?')),
(['--proxy'], (['--proxy'],
dict(help="update to proxy site", nargs='+')), dict(help="update to proxy site", nargs='+')),
(['--experimental'], (['--experimental'],
@@ -776,7 +813,7 @@ class WOSiteUpdateController(CementBaseController):
if not (pargs.php or pargs.php73 or if not (pargs.php or pargs.php73 or
pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.mysql or pargs.wp or pargs.wpsubdir or
pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or
pargs.wpredis or pargs.letsencrypt): pargs.wpredis or pargs.letsencrypt or pargs.hsts):
Log.error(self, "Please provide options to update sites.") Log.error(self, "Please provide options to update sites.")
if pargs.all: if pargs.all:
@@ -853,7 +890,8 @@ class WOSiteUpdateController(CementBaseController):
if (pargs.password and not (pargs.html or if (pargs.password and not (pargs.html or
pargs.php or pargs.php73 or pargs.mysql or pargs.php or pargs.php73 or pargs.mysql or
pargs.wp or pargs.wpfc or pargs.wpsc or pargs.wp or pargs.wpfc or pargs.wpsc or
pargs.wpsubdir or pargs.wpsubdomain)): pargs.wpsubdir or pargs.wpsubdomain or
pargs.hsts)):
try: try:
updatewpuserpassword(self, wo_domain, wo_site_webroot) updatewpuserpassword(self, wo_domain, wo_site_webroot)
except SiteError as e: except SiteError as e:
@@ -1009,7 +1047,8 @@ class WOSiteUpdateController(CementBaseController):
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.") str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
Log.info(self, "Expiration date: " + Log.info(self, "Expiration date: " +
str(SSL.getExpirationDate(self, wo_domain))) str(SSL.getExpirationDate(self, wo_domain)))
@@ -1040,12 +1079,14 @@ class WOSiteUpdateController(CementBaseController):
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.") str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
Log.info(self, "Expiration date: \n\n" + Log.info(self, "Expiration date: \n\n" +
str(SSL.getExpirationDate(self, wo_domain))) str(SSL.getExpirationDate(self, wo_domain)))
return 0 return 0
# else: # else:
# Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") # Log.warn(self, "Your cert already EXPIRED !
# .PLEASE renew soon . ")
else: else:
Log.info( Log.info(
self, "SSL not configured for " self, "SSL not configured for "
@@ -1115,6 +1156,14 @@ class WOSiteUpdateController(CementBaseController):
cache == oldcachetype): cache == oldcachetype):
return 1 return 1
if pargs.hsts:
if pargs.hsts == "on":
data['hsts'] = True
hsts = True
elif pargs.hsts == "off":
data['hsts'] = False
hsts = False
if not data: if not data:
Log.error(self, "Cannot update {0}, Invalid Options" Log.error(self, "Cannot update {0}, Invalid Options"
.format(wo_domain)) .format(wo_domain))
@@ -1125,7 +1174,7 @@ class WOSiteUpdateController(CementBaseController):
data['wo_db_pass'] = check_site.db_password data['wo_db_pass'] = check_site.db_password
data['wo_db_host'] = check_site.db_host data['wo_db_host'] = check_site.db_host
if not pargs.letsencrypt: if not (pargs.letsencrypt or pargs.hsts):
try: try:
pre_run_checks(self) pre_run_checks(self)
except SiteError as e: except SiteError as e:
@@ -1175,15 +1224,18 @@ class WOSiteUpdateController(CementBaseController):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.info(self, "Congratulations! Successfully Configured SSl for Site " Log.info(self, "Congratulations! Successfully "
"Configured SSl for Site "
" https://{0}".format(wo_domain)) " https://{0}".format(wo_domain))
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.") str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
else: else:
Log.warn( Log.warn(
self, "Your cert already EXPIRED ! .PLEASE renew soon . ") self, "Your cert already EXPIRED ! "
".PLEASE renew soon . ")
elif data['letsencrypt'] is False: elif data['letsencrypt'] is False:
if os.path.isfile("{0}/conf/nginx/ssl.conf" if os.path.isfile("{0}/conf/nginx/ssl.conf"
@@ -1194,6 +1246,12 @@ class WOSiteUpdateController(CementBaseController):
'{0}/conf/nginx/ssl.conf.disabled' '{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot)) .format(wo_site_webroot))
httpsRedirect(self, wo_domain, False) httpsRedirect(self, wo_domain, False)
if os.path.isfile("{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
@@ -1228,7 +1286,8 @@ class WOSiteUpdateController(CementBaseController):
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
str(SSL.getExpirationDays(self, wo_domain)) + " days.") str(SSL.getExpirationDays(self, wo_domain)) +
" days.")
else: else:
Log.warn( Log.warn(
self, "Your cert already EXPIRED !" self, "Your cert already EXPIRED !"
@@ -1243,6 +1302,14 @@ class WOSiteUpdateController(CementBaseController):
'{0}/conf/nginx/ssl.conf.disabled' '{0}/conf/nginx/ssl.conf.disabled'
.format(wo_site_webroot)) .format(wo_site_webroot))
httpsRedirect(self, wo_domain, False) httpsRedirect(self, wo_domain, False)
if os.path.isfile(("{0}/conf/nginx/hsts.conf")
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/"
"hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
@@ -1261,6 +1328,39 @@ class WOSiteUpdateController(CementBaseController):
updateSiteInfo(self, wo_domain, ssl=letsencrypt) updateSiteInfo(self, wo_domain, ssl=letsencrypt)
return 0 return 0
if pargs.hsts:
if data['hsts'] is True:
if os.path.isfile(("{0}/conf/nginx/ssl.conf")
.format(wo_site_webroot)):
if not os.path.isfile("{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot)):
setupHsts(self, wo_domain)
else:
Log.error(self, "HSTS is already configured for given "
"site")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
else:
Log.error(self, "HTTPS is not configured for given "
"site")
return 0
elif data['hsts'] is False:
if os.path.isfile(("{0}/conf/nginx/hsts.conf")
.format(wo_site_webroot)):
WOFileUtils.mvfile(self, "{0}/conf/nginx/hsts.conf"
.format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf.disabled'
.format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
else:
Log.error(self, "HSTS is not configured for given "
"site")
return 0
if stype == oldsitetype and cache == oldcachetype: if stype == oldsitetype and cache == oldcachetype:
# Service Nginx Reload # Service Nginx Reload
@@ -1269,7 +1369,8 @@ class WOSiteUpdateController(CementBaseController):
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
updateSiteInfo(self, wo_domain, stype=stype, cache=cache, updateSiteInfo(self, wo_domain, stype=stype, cache=cache,
ssl=True if check_site.is_ssl else False, php_version=check_php_version) ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
Log.info(self, "Successfully updated site" Log.info(self, "Successfully updated site"
" http://{0}".format(wo_domain)) " http://{0}".format(wo_domain))
@@ -1327,44 +1428,98 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed. " Log.info(self, Log.FAIL + "Update site failed. "
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
if ((oldcachetype in ['wpsc', 'basic', 'wpredis'] and if ((oldcachetype in ['wpsc', 'basic', 'wpredis'] and
(data['wpfc'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpfc'])): (data['wpfc'])) or (oldsitetype == 'wp' and
data['multisite'] and data['wpfc'])):
try: try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_fastcgi",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1","redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin( setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. " Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
elif ((oldcachetype in ['wpsc', 'basic', 'wpfc'] and elif ((oldcachetype in ['wpsc', 'basic', 'wpfc'] and
(data['wpredis'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpredis'])): (data['wpredis'])) or (oldsitetype == 'wp' and
data['multisite'] and
data['wpredis'])):
try: try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1","redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin( setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. " Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
else: else:
try: try:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":0,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":0,"enable_map":0,"enable_log":0,'
'"enable_stamp":0,"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379","redis_prefix":"nginx-cache:"}'
setupwp_plugin( setupwp_plugin(
self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data)
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update nginx-helper settings failed. " Log.info(self, Log.FAIL + "Update nginx-helper "
"settings failed. "
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
if oldcachetype == 'wpsc' and not data['wpsc']: if oldcachetype == 'wpsc' and not data['wpsc']:
@@ -1374,7 +1529,8 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed." Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
if oldcachetype == 'wpredis' and not data['wpredis']: if oldcachetype == 'wpredis' and not data['wpredis']:
@@ -1384,7 +1540,8 @@ class WOSiteUpdateController(CementBaseController):
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, Log.FAIL + "Update site failed." Log.info(self, Log.FAIL + "Update site failed."
"Check the log for details:" "Check the log for details:"
" `tail /var/log/wo/wordops.log` and please try again") " `tail /var/log/wo/wordops.log` "
"and please try again")
return 1 return 1
if oldcachetype != 'wpsc' and data['wpsc']: if oldcachetype != 'wpsc' and data['wpsc']:
@@ -1401,10 +1558,12 @@ class WOSiteUpdateController(CementBaseController):
try: try:
if installwp_plugin(self, 'redis-cache', data): if installwp_plugin(self, 'redis-cache', data):
# search for wp-config.php # search for wp-config.php
if WOFileUtils.isexist(self, "{0}/wp-config.php".format(wo_site_webroot)): if WOFileUtils.isexist(self, "{0}/wp-config.php"
.format(wo_site_webroot)):
config_path = '{0}/wp-config.php'.format( config_path = '{0}/wp-config.php'.format(
wo_site_webroot) wo_site_webroot)
elif WOFileUtils.isexist(self, "{0}/htdocs/wp-config.php".format(wo_site_webroot)): elif WOFileUtils.isexist(self, "{0}/htdocs/wp-config.php"
.format(wo_site_webroot)):
config_path = '{0}/htdocs/wp-config.php'.format( config_path = '{0}/htdocs/wp-config.php'.format(
wo_site_webroot) wo_site_webroot)
else: else:
@@ -1415,22 +1574,24 @@ class WOSiteUpdateController(CementBaseController):
self, "wp-config.php could not be located !!") self, "wp-config.php could not be located !!")
raise SiteError raise SiteError
if WOShellExec.cmd_exec(self, "grep -q \"WP_CACHE_KEY_SALT\" {0}" if WOShellExec.cmd_exec(self, "grep -q "
"\"WP_CACHE_KEY_SALT\" {0}"
.format(config_path)): .format(config_path)):
pass pass
else: else:
try: try:
wpconfig = open("{0}".format(config_path), wpconfig = open("{0}".format(config_path),
encoding='utf-8', mode='a') encoding='utf-8', mode='a')
wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\', \'{0}:\' );" wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\',"
.format(wo_domain)) " \'{0}:\' );".format(wo_domain))
wpconfig.close() wpconfig.close()
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Updating wp-config.php failed.") Log.debug(self, "Updating wp-config.php failed.")
Log.warn(self, "Updating wp-config.php failed. " Log.warn(self, "Updating wp-config.php failed. "
"Could not append:" "Could not append:"
"\ndefine( \'WP_CACHE_KEY_SALT\', \'{0}:\' );".format(wo_domain) + "\ndefine( \'WP_CACHE_KEY_SALT\', "
"\'{0}:\' );".format(wo_domain) +
"\nPlease add manually") "\nPlease add manually")
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
@@ -1473,10 +1634,12 @@ class WOSiteUpdateController(CementBaseController):
db_user=data['wo_db_user'], db_user=data['wo_db_user'],
db_password=data['wo_db_pass'], db_password=data['wo_db_pass'],
db_host=data['wo_db_host'], db_host=data['wo_db_host'],
ssl=True if check_site.is_ssl else False, php_version=check_php_version) ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
else: else:
updateSiteInfo(self, wo_domain, stype=stype, cache=cache, updateSiteInfo(self, wo_domain, stype=stype, cache=cache,
ssl=True if check_site.is_ssl else False, php_version=check_php_version) ssl=True if check_site.is_ssl else False,
php_version=check_php_version)
Log.info(self, "Successfully updated site" Log.info(self, "Successfully updated site"
" http://{0}".format(wo_domain)) " http://{0}".format(wo_domain))
return 0 return 0
@@ -1608,9 +1771,11 @@ class WOSiteDeleteController(CementBaseController):
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)
Log.info(self, "Deleted site {0}".format(wo_domain)) Log.info(self, "Deleted site {0}".format(wo_domain))
# else: # else:
# Log.error(self, " site {0} does not exists".format(wo_domain)) # Log.error(self, " site {0} does
# not exists".format(wo_domain))
else: else:
if (mark_db_delete_prompt or mark_webroot_delete_prompt or (mark_webroot_deleted and mark_db_deleted)): if (mark_db_delete_prompt or mark_webroot_delete_prompt or
(mark_webroot_deleted and mark_db_deleted)):
# TODO Delete nginx conf # TODO Delete nginx conf
removeNginxConf(self, wo_domain) removeNginxConf(self, wo_domain)
deleteSiteInfo(self, wo_domain) deleteSiteInfo(self, wo_domain)

162
wo/cli/plugins/site_functions.py
View File

@@ -96,8 +96,8 @@ def setupdomain(self, data):
Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]")
except CalledProcessError as e: except CalledProcessError as e:
Log.debug(self, "{0}".format(str(e))) Log.debug(self, "{0}".format(str(e)))
Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" +
+ Log.OKBLUE + "]") Log.OKBLUE + "]")
raise SiteError("created nginx configuration failed for site." raise SiteError("created nginx configuration failed for site."
" check with `nginx -t`") " check with `nginx -t`")
@@ -141,7 +141,8 @@ def setupdomain(self, data):
def setupdatabase(self, data): def setupdatabase(self, data):
wo_domain_name = data['site_name'] wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase + wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 24))) string.ascii_lowercase +
string.digits, 24)))
wo_replace_dot = wo_domain_name.replace('.', '_') wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name') prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user') prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -242,7 +243,8 @@ def setupwordpress(self, data):
wo_wp_email = self.app.config.get('wordpress', 'email') wo_wp_email = self.app.config.get('wordpress', 'email')
# Random characters # Random characters
wo_random = (''.join(random.sample(string.ascii_uppercase + wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15))) string.ascii_lowercase +
string.digits, 15)))
wo_wp_prefix = '' wo_wp_prefix = ''
# wo_wp_user = '' # wo_wp_user = ''
# wo_wp_pass = '' # wo_wp_pass = ''
@@ -312,8 +314,8 @@ def setupwordpress(self, data):
"--dbuser=\'{2}\' --dbhost=\'{3}\' " "--dbuser=\'{2}\' --dbhost=\'{3}\' "
.format(data['wo_db_name'], wo_wp_prefix, .format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_user'], data['wo_db_host'] data['wo_db_user'], data['wo_db_host']
) ) +
+ "--dbpass=\'{0}\' " "--dbpass=\'{0}\' "
"--extra-php<<PHP \n {1} {redissalt}\nPHP\"" "--extra-php<<PHP \n {1} {redissalt}\nPHP\""
.format(data['wo_db_pass'], .format(data['wo_db_pass'],
"\n\ndefine(\'WP_DEBUG\', false);", "\n\ndefine(\'WP_DEBUG\', false);",
@@ -344,13 +346,13 @@ def setupwordpress(self, data):
"\n\ndefine(\'WP_DEBUG\', false);")) "\n\ndefine(\'WP_DEBUG\', false);"))
try: try:
if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root" if WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root"
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ " core config " " core config " +
+ "--dbname=\'{0}\' --dbprefix=\'{1}\' " "--dbname=\'{0}\' --dbprefix=\'{1}\' "
"--dbhost=\'{2}\' " "--dbhost=\'{2}\' "
.format(data['wo_db_name'], wo_wp_prefix, .format(data['wo_db_name'], wo_wp_prefix,
data['wo_db_host']) data['wo_db_host']) +
+ "--dbuser=\'{0}\' --dbpass=\'{1}\' " "--dbuser=\'{0}\' --dbpass=\'{1}\' "
"--extra-php<<PHP \n {2} {3} {redissalt}\nPHP\"" "--extra-php<<PHP \n {2} {3} {redissalt}\nPHP\""
.format(data['wo_db_user'], .format(data['wo_db_user'],
data['wo_db_pass'], data['wo_db_pass'],
@@ -375,13 +377,15 @@ def setupwordpress(self, data):
import shutil import shutil
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd( Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd(
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir)))) )+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(),
os.pardir))))
shutil.move(os.getcwd()+'/wp-config.php', shutil.move(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir))) os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
except Exception as e: except Exception as e:
Log.error(self, 'Unable to move file from {0} to {1}' Log.error(self, 'Unable to move file from {0} to {1}'
.format(os.getcwd()+'/wp-config.php', .format(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir))), False) os.path.abspath(os.path.join(os.getcwd(),
os.pardir))), False)
raise SiteError("Unable to move wp-config.php") raise SiteError("Unable to move wp-config.php")
if not wo_wp_user: if not wo_wp_user:
@@ -488,11 +492,47 @@ def setupwordpress(self, data):
"""Install nginx-helper plugin """ """Install nginx-helper plugin """
installwp_plugin(self, 'nginx-helper', data) installwp_plugin(self, 'nginx-helper', data)
if data['wpfc']: if data['wpfc']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_fastcgi",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data) 'rt_wp_nginx_helper_options', plugin_data, data)
elif data['wpredis']: elif data['wpredis']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data) 'rt_wp_nginx_helper_options', plugin_data, data)
@@ -569,13 +609,13 @@ def uninstallwp_plugin(self, plugin_name, data):
.format(plugin_name)) .format(plugin_name))
try: try:
WOShellExec.cmd_exec(self, "php {0} plugin " WOShellExec.cmd_exec(self, "php {0} plugin "
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ "--allow-root deactivate " "--allow-root deactivate "
"{0}".format(plugin_name)) "{0}".format(plugin_name))
WOShellExec.cmd_exec(self, "php {0} plugin " WOShellExec.cmd_exec(self, "php {0} plugin "
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ "--allow-root uninstall " "--allow-root uninstall "
"{0}".format(plugin_name)) "{0}".format(plugin_name))
except CommandExecutionError as e: except CommandExecutionError as e:
raise SiteError("plugin uninstall failed") raise SiteError("plugin uninstall failed")
@@ -590,16 +630,17 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data):
if not data['multisite']: if not data['multisite']:
try: try:
WOShellExec.cmd_exec(self, "php {0} " WOShellExec.cmd_exec(self, "php {0} "
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ "--allow-root option update " "--allow-root option update "
"{0} \'{1}\' --format=json".format(plugin_option, plugin_data)) "{0} \'{1}\' --format=json"
.format(plugin_option, plugin_data))
except CommandExecutionError as e: except CommandExecutionError as e:
raise SiteError("plugin setup failed") raise SiteError("plugin setup failed")
else: else:
try: try:
WOShellExec.cmd_exec(self, "php {0} " WOShellExec.cmd_exec(self, "php {0} "
.format(WOVariables.wo_wpcli_path) .format(WOVariables.wo_wpcli_path) +
+ "--allow-root network meta update 1 " "--allow-root network meta update 1 "
"{0} \'{1}\' --format=json" "{0} \'{1}\' --format=json"
.format(plugin_option, plugin_data .format(plugin_option, plugin_data
)) ))
@@ -721,7 +762,8 @@ def site_package_check(self, stype):
self, "Error: two different PHP versions cannot be " self, "Error: two different PHP versions cannot be "
"combined within the same WordOps site") "combined within the same WordOps site")
if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir', 'wpsubdomain']: if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir',
'wpsubdomain']:
Log.debug(self, "Setting apt_packages variable for PHP 7.2") Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.2-fpm'):
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'):
@@ -730,7 +772,8 @@ def site_package_check(self, stype):
else: else:
apt_packages = apt_packages + WOVariables.wo_php apt_packages = apt_packages + WOVariables.wo_php
if self.app.pargs.php73 and stype in ['mysql', 'wp', 'wpsubdir', 'wpsubdomain']: if self.app.pargs.php73 and stype in ['mysql', 'wp',
'wpsubdir', 'wpsubdomain']:
Log.debug(self, "Setting apt_packages variable for PHP 7.3") Log.debug(self, "Setting apt_packages variable for PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.2-fpm'):
@@ -799,7 +842,7 @@ def site_package_check(self, stype):
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + \ apt_packages = apt_packages + WOVariables.wo_php + \
WOVariables.wo_php73 + WOVariables.wo_php_extra WOVariables.wo_php73 + WOVariables.wo_php_extra
else: else:
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
@@ -1103,7 +1146,8 @@ def detSitePar(opts):
def generate_random(): def generate_random():
wo_random10 = (''.join(random.sample(string.ascii_uppercase + wo_random10 = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 16))) string.ascii_lowercase +
string.digits, 16)))
return wo_random10 return wo_random10
@@ -1146,8 +1190,8 @@ def deleteDB(self, dbname, dbuser, dbhost, exit=True):
def deleteWebRoot(self, webroot): def deleteWebRoot(self, webroot):
# do some preprocessing before proceeding # do some preprocessing before proceeding
webroot = webroot.strip() webroot = webroot.strip()
if (webroot == "/var/www/" or webroot == "/var/www" if (webroot == "/var/www/" or webroot == "/var/www" or
or webroot == "/var/www/.." or webroot == "/var/www/."): webroot == "/var/www/.." or webroot == "/var/www/."):
Log.debug(self, "Tried to remove {0}, but didn't remove it" Log.debug(self, "Tried to remove {0}, but didn't remove it"
.format(webroot)) .format(webroot))
return False return False
@@ -1200,7 +1244,8 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name): def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"): if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
if os.path.isfile("/etc/letsencrypt/" if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/" "renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)): "fullchain.cer".format(wo_domain_name)):
@@ -1281,7 +1326,8 @@ def setupLetsEncrypt(self, wo_domain_name):
def setupLetsEncryptSubdomain(self, wo_domain_name): def setupLetsEncryptSubdomain(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"): if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
if os.path.isfile("/etc/letsencrypt/" if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/" "renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)): "fullchain.cer".format(wo_domain_name)):
@@ -1371,10 +1417,12 @@ def renewLetsEncrypt(self, wo_domain_name):
mail_list = '' mail_list = ''
if not ssl: if not ssl:
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False) Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!",
False)
if (SSL.getExpirationDays(self, wo_domain_name) > 0): if (SSL.getExpirationDays(self, wo_domain_name) > 0):
Log.error(self, "Your current certificate will expire within " + Log.error(self, "Your current certificate will expire within " +
str(SSL.getExpirationDays(self, wo_domain_name)) + " days.", False) str(SSL.getExpirationDays(self, wo_domain_name)) +
" days.", False)
else: else:
Log.error(self, "Your current certificate already expired!", False) Log.error(self, "Your current certificate already expired!", False)
@@ -1405,6 +1453,23 @@ def renewLetsEncrypt(self, wo_domain_name):
# redirect= False to disable https redirection # redirect= False to disable https redirection
def setupHsts(self, wo_domain_name):
Log.info(
self, "Adding /var/www/{0}/conf/nginx/hsts.conf"
.format(wo_domain_name))
hstsconf = open("/var/www/{0}/conf/nginx/hsts.conf"
.format(wo_domain_name),
encoding='utf-8', mode='w')
hstsconf.write("more_set_headers "
"\"Strict-Transport-Security: "
"max-age=31536000; "
"'includeSubDomains; "
"preload\";")
hstsconf.close()
return 0
def httpsRedirect(self, wo_domain_name, redirect=True): def httpsRedirect(self, wo_domain_name, redirect=True):
if redirect: if redirect:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled" if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled"
@@ -1426,23 +1491,30 @@ def httpsRedirect(self, wo_domain_name, redirect=True):
sslconf.write("server {\n" sslconf.write("server {\n"
"\tlisten 80;\n" + "\tlisten 80;\n" +
"\tlisten [::]:80;\n" + "\tlisten [::]:80;\n" +
"\tserver_name www.{0} {0};\n".format(wo_domain_name) + "\tserver_name www.{0} {0};\n"
"\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}") .format(wo_domain_name) +
"\treturn 301 https://{0}"
.format(wo_domain_name)+"$request_uri;\n}")
sslconf.close() sslconf.close()
# Nginx Configation into GIT # Nginx Configation into GIT
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) "/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name))
Log.info(self, "Added HTTPS Force Redirection for Site " Log.info(self, "Added HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name)) " http://{0}".format(wo_domain_name))
WOGit.add(self, WOGit.add(self,
["/etc/nginx"], msg="Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) ["/etc/nginx"], msg="Adding /etc/nginx/conf.d/"
"force-ssl-{0}.conf".format(wo_domain_name))
else: else:
if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)): if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf"
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name), .format(wo_domain_name)):
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name)) WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(wo_domain_name),
"/etc/nginx/conf.d/force-ssl-{0}.conf.disabled"
.format(wo_domain_name))
Log.info(self, "Disabled HTTPS Force Redirection for Site " Log.info(self, "Disabled HTTPS Force Redirection for Site "
" http://{0}".format(wo_domain_name)) " http://{0}".format(wo_domain_name))
@@ -1478,7 +1550,8 @@ def archivedCertificateHandle(self, domain):
"{0}/{1}/fullchain.pem " "{0}/{1}/fullchain.pem "
"--reloadcmd " "--reloadcmd "
"\"service nginx restart\" " "\"service nginx restart\" "
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live,
domain))
if ssl: if ssl:
try: try:
@@ -1495,7 +1568,8 @@ def archivedCertificateHandle(self, domain):
sslconf.write("listen 443 ssl http2;\n" sslconf.write("listen 443 ssl http2;\n"
"listen [::]:443 ssl http2;\n" "listen [::]:443 ssl http2;\n"
"ssl on;\n" "ssl on;\n"
"ssl_certificate {0}/{1}/fullchain.pem;\n" "ssl_certificate "
"{0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n" "ssl_certificate_key {0}/{1}/key.pem;\n"
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
sslconf.close() sslconf.close()
@@ -1525,7 +1599,7 @@ def archivedCertificateHandle(self, domain):
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--renew -d {0} --ecc " "--renew -d {0} --ecc "
"--force" "--force"
.format(domain)) .format(domain))
if ssl: if ssl:

140
wo/cli/plugins/stack.py
View File

@@ -90,7 +90,8 @@ class WOStackController(CementBaseController):
if set(WOVariables.wo_mysql).issubset(set(apt_packages)): if set(WOVariables.wo_mysql).issubset(set(apt_packages)):
Log.info(self, "Adding repository for MySQL, please wait...") Log.info(self, "Adding repository for MySQL, please wait...")
mysql_pref = ("Package: *\nPin: origin sfo1.mirrors.digitalocean.com" mysql_pref = ("Package: *\nPin: origin "
"sfo1.mirrors.digitalocean.com"
"\nPin-Priority: 1000\n") "\nPin-Priority: 1000\n")
with open('/etc/apt/preferences.d/' with open('/etc/apt/preferences.d/'
'MariaDB.pref', 'w') as mysql_pref_file: 'MariaDB.pref', 'w') as mysql_pref_file:
@@ -441,6 +442,14 @@ class WOStackController(CementBaseController):
os.makedirs('{0}22222/cert' os.makedirs('{0}22222/cert'
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
if not os.path.exists('{0}22222/conf/nginx'
.format(WOVariables.wo_webroot)):
Log.debug(self, "Creating directory "
"{0}22222/conf/nginx"
.format(WOVariables.wo_webroot))
os.makedirs('{0}22222/conf/nginx'
.format(WOVariables.wo_webroot))
WOFileUtils.create_symlink(self, ['/var/log/nginx/' WOFileUtils.create_symlink(self, ['/var/log/nginx/'
'22222.access.log', '22222.access.log',
'{0}22222/' '{0}22222/'
@@ -487,7 +496,17 @@ class WOStackController(CementBaseController):
except CommandExecutionError as e: except CommandExecutionError as e:
Log.error( Log.error(
self, "Failed to generate HTTPS certificate for 22222") self, "Failed to generate HTTPS "
"certificate for 22222")
if not os.path.isfile('{0}22222/conf/nginx/ssl.conf'
.format(WOVariables.wo_webroot)):
with open("/etc/nginx/conf.d/"
"upstream.conf", "a") as php_file:
php_file.write("ssl_certificate "
"/var/www/22222/cert/22222.crt;\n"
"ssl_certificate_key "
"/var/www/22222/cert/22222.key;\n")
# Nginx Configation into GIT # Nginx Configation into GIT
WOGit.add(self, WOGit.add(self,
@@ -504,6 +523,7 @@ class WOStackController(CementBaseController):
else: else:
WOService.restart_service(self, 'nginx') WOService.restart_service(self, 'nginx')
# create redis conf is redis is installed
if WOAptGet.is_installed(self, 'redis-server'): if WOAptGet.is_installed(self, 'redis-server'):
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/common/" not os.path.isfile("/etc/nginx/common/"
@@ -530,6 +550,7 @@ class WOStackController(CementBaseController):
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
# add redis upstream if not available in upstream.conf
if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): if os.path.isfile("/etc/nginx/conf.d/upstream.conf"):
if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" if not WOFileUtils.grep(self, "/etc/nginx/conf.d/"
"upstream.conf", "upstream.conf",
@@ -540,8 +561,10 @@ class WOStackController(CementBaseController):
" server 127.0.0.1:6379;\n" " server 127.0.0.1:6379;\n"
" keepalive 10;\n}\n") " keepalive 10;\n}\n")
# add redis cache format if not already done
if (os.path.isfile("/etc/nginx/nginx.conf") and if (os.path.isfile("/etc/nginx/nginx.conf") and
not os.path.isfile("/etc/nginx/conf.d/redis.conf")): not os.path.isfile("/etc/nginx/conf.d"
"/redis.conf")):
with open("/etc/nginx/conf.d/" with open("/etc/nginx/conf.d/"
"redis.conf", "a") as redis_file: "redis.conf", "a") as redis_file:
redis_file.write("# Log format Settings\n" redis_file.write("# Log format Settings\n"
@@ -841,7 +864,8 @@ class WOStackController(CementBaseController):
config.write(configfile) config.write(configfile)
# Parse /etc/php/7.3/fpm/php-fpm.conf # Parse /etc/php/7.3/fpm/php-fpm.conf
data = dict(pid="/run/php/php7.3-fpm.pid", error_log="/var/log/php7.3-fpm.log", data = dict(pid="/run/php/php7.3-fpm.pid",
error_log="/var/log/php7.3-fpm.log",
include="/etc/php/7.3/fpm/pool.d/*.conf") include="/etc/php/7.3/fpm/pool.d/*.conf")
Log.debug(self, "writting php 7.3 configuration into " Log.debug(self, "writting php 7.3 configuration into "
"/etc/php/7.3/fpm/php-fpm.conf") "/etc/php/7.3/fpm/php-fpm.conf")
@@ -1011,28 +1035,38 @@ class WOStackController(CementBaseController):
shutil.move('/tmp/phpmyadmin-STABLE/', shutil.move('/tmp/phpmyadmin-STABLE/',
'{0}22222/htdocs/db/pma/' '{0}22222/htdocs/db/pma/'
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
shutil.copyfile('{0}22222/htdocs/db/pma/config.sample.inc.php' shutil.copyfile('{0}22222/htdocs/db/pma'
'/config.sample.inc.php'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
'{0}22222/htdocs/db/pma/config.inc.php' '{0}22222/htdocs/db/pma/config.inc.php'
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
Log.debug(self, 'Setting Blowfish Secret Key FOR COOKIE AUTH to ' Log.debug(self, 'Setting Blowfish Secret Key '
'FOR COOKIE AUTH to '
'{0}22222/htdocs/db/pma/config.inc.php file ' '{0}22222/htdocs/db/pma/config.inc.php file '
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
blowfish_key = ''.join([random.choice blowfish_key = ''.join([random.choice
(string.ascii_letters + string.digits) (string.ascii_letters +
string.digits)
for n in range(25)]) for n in range(25)])
WOFileUtils.searchreplace(self, WOFileUtils.searchreplace(self,
'{0}22222/htdocs/db/pma/config.inc.php' '{0}22222/htdocs/db/pma'
'/config.inc.php'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
"$cfg[\'blowfish_secret\'] = \'\';", "$cfg[\'blowfish_secret\'] = \'{0}\';" "$cfg[\'blowfish_secret\']"
" = \'\';",
"$cfg[\'blowfish_secret\']"
" = \'{0}\';"
.format(blowfish_key)) .format(blowfish_key))
Log.debug(self, 'Setting HOST Server For Mysql to ' Log.debug(self, 'Setting HOST Server For Mysql to '
'{0}22222/htdocs/db/pma/config.inc.php file ' '{0}22222/htdocs/db/pma/config.inc.php file '
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
WOFileUtils.searchreplace(self, WOFileUtils.searchreplace(self,
'{0}22222/htdocs/db/pma/config.inc.php' '{0}22222/htdocs/db/pma'
'/config.inc.php'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
"$cfg[\'Servers\'][$i][\'host\'] = \'localhost\';", "$cfg[\'Servers\'][$i][\'host\'] = \'{0}\';" "$cfg[\'Servers\'][$i][\'host\']"
" = \'localhost\';", "$cfg"
"[\'Servers\'][$i][\'host\'] = \'{0}\';"
.format(WOVariables.wo_mysql_host)) .format(WOVariables.wo_mysql_host))
Log.debug(self, 'Setting Privileges of webroot permission to ' Log.debug(self, 'Setting Privileges of webroot permission to '
'{0}22222/htdocs/db/pma file ' '{0}22222/htdocs/db/pma file '
@@ -1045,18 +1079,21 @@ class WOStackController(CementBaseController):
# composer install and phpmyadmin update # composer install and phpmyadmin update
if any('/tmp/composer-install' == x[1] if any('/tmp/composer-install' == x[1]
for x in packages): for x in packages):
Log.info(self, "Installing composer, please wait...")
WOShellExec.cmd_exec(self, "php -q /tmp/composer-install " WOShellExec.cmd_exec(self, "php -q /tmp/composer-install "
"--install-dir=/tmp/") "--install-dir=/tmp/")
shutil.copyfile('/tmp/composer.phar', shutil.copyfile('/tmp/composer.phar',
'/usr/local/bin/composer') '/usr/local/bin/composer')
WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775) WOFileUtils.chmod(self, "/usr/local/bin/composer", 0o775)
Log.info(self, "Updating phpMyAdmin, please wait...")
WOShellExec.cmd_exec(self, "sudo -u www-data -H composer " WOShellExec.cmd_exec(self, "sudo -u www-data -H composer "
"update --no-dev -d " "update -n --no-dev -d "
"/var/www/22222/htdocs/db/pma/") "/var/www/22222/htdocs/db/pma/")
# netdata install # netdata install
if any('/tmp/kickstart.sh' == x[1] if any('/tmp/kickstart.sh' == x[1]
for x in packages): for x in packages):
if not os.path.exists('/etc/netdata'): if not os.path.exists('/etc/netdata'):
Log.info(self, "Installing Netdata, please wait...")
WOShellExec.cmd_exec(self, "bash /tmp/kickstart.sh " WOShellExec.cmd_exec(self, "bash /tmp/kickstart.sh "
"--dont-wait --no-updates") "--dont-wait --no-updates")
WOFileUtils.searchreplace(self, "/usr/lib/netdata/conf.d/" WOFileUtils.searchreplace(self, "/usr/lib/netdata/conf.d/"
@@ -1160,7 +1197,8 @@ class WOStackController(CementBaseController):
' BY \'{1}\''.format(self.app.config.get( ' BY \'{1}\''.format(self.app.config.get(
'mysql', 'grant-host'), 'mysql', 'grant-host'),
chars), chars),
errormsg="cannot grant priviledges", log=False) errormsg="cannot grant priviledges",
log=False)
# Custom Anemometer configuration # Custom Anemometer configuration
Log.debug(self, "configration Anemometer") Log.debug(self, "configration Anemometer")
@@ -1180,9 +1218,6 @@ class WOStackController(CementBaseController):
if any('/tmp/pra.tar.gz' == x[1] if any('/tmp/pra.tar.gz' == x[1]
for x in packages): for x in packages):
Log.debug(self, 'Extracting file /tmp/pra.tar.gz to '
'loaction /tmp/')
WOExtract.extract(self, '/tmp/pra.tar.gz', '/tmp/')
if not os.path.exists('{0}22222/htdocs/cache/redis' if not os.path.exists('{0}22222/htdocs/cache/redis'
.format(WOVariables.wo_webroot)): .format(WOVariables.wo_webroot)):
Log.debug(self, "Creating new directory " Log.debug(self, "Creating new directory "
@@ -1190,23 +1225,15 @@ class WOStackController(CementBaseController):
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
os.makedirs('{0}22222/htdocs/cache/redis' os.makedirs('{0}22222/htdocs/cache/redis'
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
if not os.path.exists('{0}22222/htdocs/cache/' if os.path.isfile("/usr/local/bin/composer"):
'redis/phpRedisAdmin' WOShellExec.cmd_exec(self, "sudo -u www-data -H "
.format(WOVariables.wo_webroot)): "composer "
shutil.move('/tmp/phpRedisAdmin-master/', "create-project -n -s dev "
'{0}22222/htdocs/cache/redis/phpRedisAdmin' "erik-dubbelboer/php-redis-admin "
.format(WOVariables.wo_webroot)) "/var/www/22222/htdocs/cache"
"/redis/phpRedisAdmin/ ")
Log.debug(self, 'Extracting file /tmp/predis.tar.gz to '
'loaction /tmp/')
WOExtract.extract(self, '/tmp/predis.tar.gz', '/tmp/')
shutil.move('/tmp/predis-1.0.1/',
'{0}22222/htdocs/cache/redis/'
'phpRedisAdmin/vendor'
.format(WOVariables.wo_webroot))
Log.debug(self, 'Setting Privileges of webroot permission to ' Log.debug(self, 'Setting Privileges of webroot permission to '
'{0}22222/htdocs/cache/ file ' '{0}22222/htdocs/cache/file '
.format(WOVariables.wo_webroot)) .format(WOVariables.wo_webroot))
WOFileUtils.chown(self, '{0}22222' WOFileUtils.chown(self, '{0}22222'
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
@@ -1363,11 +1390,19 @@ class WOStackController(CementBaseController):
Log.debug(self, "Setting packages variable for Adminer ") Log.debug(self, "Setting packages variable for Adminer ")
packages = packages + [["https://www.adminer.org/static/" packages = packages + [["https://www.adminer.org/static/"
"download/{0}/adminer-{0}.php" "download/{0}/adminer-{0}.php"
"".format(WOVariables.wo_adminer), .format(WOVariables.wo_adminer),
"{0}22222/" "{0}22222/"
"htdocs/db/adminer/index.php" "htdocs/db/adminer/index.php"
.format(WOVariables.wo_webroot), .format(WOVariables.wo_webroot),
"Adminer"]] "Adminer"],
["https://raw.githubusercontent.com"
"/vrana/adminer/master/designs/"
"pepa-linha/adminer.css",
"{0}22222/"
"htdocs/db/adminer/adminer.css"
.format(WOVariables.wo_webroot),
"Adminer theme"]]
# Netdata # Netdata
if self.app.pargs.netdata: if self.app.pargs.netdata:
Log.debug(self, "Setting packages variable for Netdata") Log.debug(self, "Setting packages variable for Netdata")
@@ -1451,24 +1486,36 @@ class WOStackController(CementBaseController):
WOShellExec.cmd_exec(self, "systemctl enable redis-server") WOShellExec.cmd_exec(self, "systemctl enable redis-server")
if os.path.isfile("/etc/redis/redis.conf"): if os.path.isfile("/etc/redis/redis.conf"):
if WOVariables.wo_ram < 512: if WOVariables.wo_ram < 512:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" Log.debug(self, "Setting maxmemory variable to "
"{0} in redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.1))) .format(int(WOVariables.wo_ram*1024*1024*0.1)))
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory <bytes>/maxmemory {0}/' /etc/redis/redis.conf" WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory"
" <bytes>/maxmemory {0}/'"
" /etc/redis/redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.1))) .format(int(WOVariables.wo_ram*1024*1024*0.1)))
Log.debug( Log.debug(
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf") self, "Setting maxmemory-policy variable to "
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' " "allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-"
"policy.*/maxmemory-policy "
"allkeys-lru/' "
"/etc/redis/redis.conf") "/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server') WOService.restart_service(self, 'redis-server')
else: else:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" Log.debug(self, "Setting maxmemory variable to {0} "
"in redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.2))) .format(int(WOVariables.wo_ram*1024*1024*0.2)))
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory <bytes>/maxmemory {0}/' /etc/redis/redis.conf" WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory "
"<bytes>/maxmemory {0}/' "
"/etc/redis/redis.conf"
.format(int(WOVariables.wo_ram*1024*1024*0.2))) .format(int(WOVariables.wo_ram*1024*1024*0.2)))
Log.debug( Log.debug(
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf") self, "Setting maxmemory-policy variable "
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' " "to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-"
"policy.*/maxmemory-policy "
"allkeys-lru/' "
"/etc/redis/redis.conf") "/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server') WOService.restart_service(self, 'redis-server')
if disp_msg: if disp_msg:
@@ -1518,7 +1565,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Removing apt_packages variable of Nginx") Log.debug(self, "Removing apt_packages variable of Nginx")
apt_packages = apt_packages + WOVariables.wo_nginx apt_packages = apt_packages + WOVariables.wo_nginx
else: else:
Log.error(self, "Cannot Remove! Nginx Stable version not found.") Log.error(self, "Cannot Remove! Nginx Stable "
"version not found.")
# PHP 7.2 # PHP 7.2
if self.app.pargs.php: if self.app.pargs.php:
Log.debug(self, "Removing apt_packages variable of PHP") Log.debug(self, "Removing apt_packages variable of PHP")
@@ -1662,7 +1710,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Purge apt_packages variable PHP") Log.debug(self, "Purge apt_packages variable PHP")
if WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
if not (WOAptGet.is_installed(self, 'php7.3-fpm')): if not (WOAptGet.is_installed(self, 'php7.3-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra apt_packages = apt_packages + WOVariables.wo_php + \
WOVariables.wo_php_extra
else: else:
apt_packages = apt_packages + WOVariables.wo_php apt_packages = apt_packages + WOVariables.wo_php
else: else:
@@ -1673,7 +1722,8 @@ class WOStackController(CementBaseController):
Log.debug(self, "Removing apt_packages variable of PHP 7.3") Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra apt_packages = apt_packages + WOVariables.wo_php73 + \
WOVariables.wo_php_extra
else: else:
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
else: else:

6
wo/cli/plugins/stack_services.py
View File

@@ -14,7 +14,8 @@ class WOStackStatusController(CementBaseController):
description = 'Check the stack status' description = 'Check the stack status'
arguments = [ arguments = [
(['--memcached'], (['--memcached'],
dict(help='start/stop/restart memcached', action='store_true')), dict(help='start/stop/restart memcached',
action='store_true')),
] ]
@expose(help="Start stack services") @expose(help="Start stack services")
@@ -186,7 +187,8 @@ class WOStackStatusController(CementBaseController):
if ((WOVariables.wo_mysql_host is "localhost") or if ((WOVariables.wo_mysql_host is "localhost") or
(WOVariables.wo_mysql_host is "127.0.0.1")): (WOVariables.wo_mysql_host is "127.0.0.1")):
if ((WOAptGet.is_installed(self, 'mysql-server') or if ((WOAptGet.is_installed(self, 'mysql-server') or
WOAptGet.is_installed(self, 'percona-server-server-5.6') or WOAptGet.is_installed(self,
'percona-server-server-5.6') or
WOAptGet.is_installed(self, 'mariadb-server'))): WOAptGet.is_installed(self, 'mariadb-server'))):
services = services + ['mysql'] services = services + ['mysql']
else: else:

8
wo/cli/templates/22222.mustache
View File

@@ -7,9 +7,6 @@ server {
access_log /var/log/nginx/22222.access.log rt_cache; access_log /var/log/nginx/22222.access.log rt_cache;
error_log /var/log/nginx/22222.error.log; error_log /var/log/nginx/22222.error.log;
ssl_certificate {{webroot}}22222/cert/22222.crt;
ssl_certificate_key {{webroot}}22222/cert/22222.key;
# Force HTTP to HTTPS # Force HTTP to HTTPS
error_page 497 =200 https://$host:22222$request_uri; error_page 497 =200 https://$host:22222$request_uri;
@@ -65,9 +62,8 @@ server {
proxy_store off; proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args; proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
} }
include {{webroot}}22222/conf/nginx/*.conf;
} }

3
wo/cli/templates/fail2ban-wp.mustache Normal file
View File

@@ -0,0 +1,3 @@
[Definition]
failregex = ^<HOST>.* "POST .*/wp-login.php([/\?#\\].*)? HTTP/.*" 200
ignoreregex =

24
wo/cli/templates/fail2ban.mustache Normal file
View File

@@ -0,0 +1,24 @@
[recidive]
enabled = true
[nginx-http-auth]
enabled = true
[nginx-botsearch]
enabled = true
[wo-wordpress]
enabled = true
filter = wo-wordpress
action = iptables-multiport[name="wo-wordpress", port="http,https"]
logpath = /var/log/nginx/*access.log
maxretry = 5
[nginx-forbidden]
enabled = true
filter = nginx-forbidden
port = http,https
logpath = /var/log/nginx/*error*.log
findtime = 60
bantime = 6000
maxretry = 3

1
wo/core/shellexec.py
View File

@@ -53,7 +53,6 @@ class WOShellExec():
Log.debug(self, "{0}{1}".format(e.errno, e.strerror)) Log.debug(self, "{0}{1}".format(e.errno, e.strerror))
raise CommandExecutionError raise CommandExecutionError
def cmd_exec_stdout(self, command, errormsg='', log=True): def cmd_exec_stdout(self, command, errormsg='', log=True):
"""Run shell command from Python""" """Run shell command from Python"""
try: try:

26
wo/core/sslutils.py
View File

@@ -9,7 +9,8 @@ class SSL:
# check if exist # check if exist
if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem' if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem'
.format(domain)): .format(domain)):
Log.error(self, 'File Not Found : /etc/letsencrypt/live/{0}/cert.pem' Log.error(self, 'File Not Found: '
'/etc/letsencrypt/live/{0}/cert.pem'
.format(domain), False) .format(domain), False)
if returnonerror: if returnonerror:
return -1 return -1
@@ -17,8 +18,14 @@ class SSL:
"`tail /var/log/wo/wordops.log` and please try again...") "`tail /var/log/wo/wordops.log` and please try again...")
current_date = WOShellExec.cmd_exec_stdout(self, "date -d \"now\" +%s") current_date = WOShellExec.cmd_exec_stdout(self, "date -d \"now\" +%s")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \"`openssl x509 -in /etc/letsencrypt/live/{0}/cert.pem" expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \""
" -text -noout|grep \"Not After\"|cut -c 25-`\" +%s".format(domain)) "`openssl x509 -in "
"/etc/letsencrypt/live/"
"{0}/cert.pem"
" -text -noout|grep "
"\"Not After\"|"
"cut -c 25-`\" "
"+%s".format(domain))
days_left = int((int(expiration_date) - int(current_date)) / 86400) days_left = int((int(expiration_date) - int(current_date)) / 86400)
if (days_left > 0): if (days_left > 0):
@@ -31,11 +38,18 @@ class SSL:
# check if exist # check if exist
if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem' if not os.path.isfile('/etc/letsencrypt/live/{0}/cert.pem'
.format(domain)): .format(domain)):
Log.error(self, 'File Not Found : /etc/letsencrypt/live/{0}/cert.pem' Log.error(self, 'File Not Found: /etc/letsencrypt/'
'live/{0}/cert.pem'
.format(domain), False) .format(domain), False)
Log.error(self, "Check the WordOps log for more details " Log.error(self, "Check the WordOps log for more details "
"`tail /var/log/wo/wordops.log` and please try again...") "`tail /var/log/wo/wordops.log` and please try again...")
expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d \"`openssl x509 -in /etc/letsencrypt/live/{0}/cert.pem" expiration_date = WOShellExec.cmd_exec_stdout(self, "date -d "
" -text -noout|grep \"Not After\"|cut -c 25-`\" ".format(domain)) "\"`openssl x509 -in "
"/etc/letsencrypt/live/"
"{0}/cert.pem"
" -text -noout|grep "
"\"Not After\"|"
"cut -c 25-`\" "
.format(domain))
return expiration_date return expiration_date

2
wo/core/variables.py
View File

@@ -152,6 +152,8 @@ class WOVariables():
wo_mysql = ["mariadb-server", "percona-toolkit"] wo_mysql = ["mariadb-server", "percona-toolkit"]
wo_fail2ban = "fail2ban"
# Redis repo details # Redis repo details
if wo_platform_distro == 'ubuntu': if wo_platform_distro == 'ubuntu':
wo_redis_repo = ("ppa:chris-lea/redis-server") wo_redis_repo = ("ppa:chris-lea/redis-server")