From dbb7dfc956bc9b5b39e367b8b880cbe6e5ae41ca Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 08:24:02 +0200 Subject: [PATCH 01/83] Improve debug log & maintenance * refactored command `wo maintenance` --- .travis.yml | 3 +- install | 41 ++++++++------- wo/cli/plugins/maintenance.py | 16 ++---- wo/cli/plugins/site.py | 2 +- wo/cli/plugins/site_functions.py | 14 +++-- wo/cli/plugins/stack.py | 90 +++++++++++++++++++------------- 6 files changed, 90 insertions(+), 76 deletions(-) diff --git a/.travis.yml b/.travis.yml index 341ef4d..b46774b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -52,4 +52,5 @@ script: - sudo wo stack upgrade --phpmyadmin --no-prompt - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - - sudo wo stack status \ No newline at end of file + - sudo wo stack status + - sudo wo maintenance \ No newline at end of file diff --git a/install b/install index 4d0a4e5..c5d7473 100755 --- a/install +++ b/install @@ -413,7 +413,7 @@ wo_install() { >> "$wo_install_log" 2>&1 if [ "$wo_force_install" = "y" ]; then - [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } + [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } fi if [ -f "$HOME/.gitconfig" ]; then @@ -449,7 +449,7 @@ wo_upgrade_nginx() { # add new Nginx repository if [ "$wo_linux_distro" = "Ubuntu" ]; then if [ ! -f /etc/apt/sources.list.d/wordops-ubuntu-nginx-wo-"$(lsb_release -sc)".list ]; then - add-apt-repository ppa:wordops/nginx-wo -y -u + add-apt-repository ppa:wordops/nginx-wo -y -u fi else if [ "$wo_distro_version" == "jessie" ]; then @@ -469,28 +469,29 @@ wo_upgrade_nginx() { } # install new nginx package - if [ -x /usr/local/bin/wo ]; then + if [ -n "$CHECK_NGINX_EE" ] || [ -n "$CHECK_NGINX_WO" ]; then + if [ -x /usr/local/bin/wo ]; then + if [ -n "$CHECK_NGINX_EE" ]; then + # remove previous package + apt-mark unhold nginx-ee nginx-common nginx-custom + apt-get --assume-yes purge nginx-ee nginx-common nginx-custom --allow-change-held-packages + # remove previous php-fpm pool configuration + if [ -n "$CHECK_PHP72" ]; then + apt-get purge php7.2-fpm -y -qq + rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} + fi + elif [ -n "$CHECK_NGINX_WO" ]; then + apt-mark unhold nginx-wo nginx-common nginx-custom + apt-get --assume-yes purge nginx-wo nginx-common nginx-custom --allow-change-held-packages - if [ -n "$CHECK_NGINX_EE" ]; then - # remove previous package - apt-mark unhold nginx-ee nginx-common nginx-custom - apt-get -y purge nginx-ee nginx-common nginx-custom --allow-change-held-packages - # remove previous php-fpm pool configuration - if [ -n "$CHECK_PHP72" ]; then - apt-get purge php7.2-fpm -y -qq - rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} fi - elif [ -n "$CHECK_NGINX_WO" ]; then - apt-mark unhold nginx-wo nginx-common nginx-custom - apt-get -y purge nginx-wo nginx-common nginx-custom --allow-change-held-packages + if [ -d /etc/nginx ]; then + rm -rf /etc/nginx + fi + /usr/local/bin/wo stack install --nginx --php + rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf,fascgi.conf,blockips.conf} /etc/nginx/htpasswd-wo fi - if [ -d /etc/nginx ]; then - rm -rf /etc/nginx - fi - - /usr/local/bin/wo stack install --nginx --php - rm -f /etc/nginx/common/acl.conf /etc/nginx/conf.d/{map-wp-cache.conf,map-wp.conf,fascgi.conf,blockips.conf} /etc/nginx/htpasswd-wo fi # restore sites and configuration diff --git a/wo/cli/plugins/maintenance.py b/wo/cli/plugins/maintenance.py index c787ef2..06a9071 100644 --- a/wo/cli/plugins/maintenance.py +++ b/wo/cli/plugins/maintenance.py @@ -3,11 +3,7 @@ from cement.core.controller import CementBaseController, expose from cement.core import handler, hook from wo.core.logging import Log -from wo.core.variables import WOVariables from wo.core.aptget import WOAptGet -from wo.core.apt_repo import WORepo -from wo.core.services import WOService -from wo.core.shellexec import WOShellExec def wo_maintenance_hook(app): @@ -27,16 +23,12 @@ class WOMaintenanceController(CementBaseController): try: Log.info(self, "updating apt-cache, please wait...") - WOShellExec.cmd_exec(self, "apt-get update") + WOAptGet.update(self) Log.info(self, "updating packages, please wait...") - WOShellExec.cmd_exec(self, "DEBIAN_FRONTEND=noninteractive " - "apt-get -o " - "Dpkg::Options::='--force-confmiss' " - "-o Dpkg::Options::='--force-confold' " - "-y dist-upgrade") + WOAptGet.dist_upgrade(self) Log.info(self, "cleaning-up packages, please wait...") - WOShellExec.cmd_exec(self, "apt-get -y --purge autoremove") - WOShellExec.cmd_exec(self, "apt-get -y autoclean") + WOAptGet.auto_remove(self) + WOAptGet.auto_clean(self) except OSError as e: Log.debug(self, str(e)) Log.error(self, "Package updates failed !") diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index d0fc061..3054133 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -619,7 +619,7 @@ class WOSiteCreateController(CementBaseController): if (data['wp'] and (self.app.pargs.vhostonly)): try: - data = setupdatabase(self, data) + wo_wp_creds = setupwordpress(self, data) # Add database information for site into database updateSiteInfo(self, wo_domain, db_name=data['wo_db_name'], db_user=data['wo_db_user'], diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 597c197..564209a 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1,7 +1,7 @@ from wo.cli.plugins.stack import WOStackController from wo.core.fileutils import WOFileUtils from wo.core.mysql import * -from wo.core.shellexec import * +from wo.core.shellexec import WOShellExec, CommandExecutionError from wo.core.sslutils import SSL from wo.core.variables import WOVariables from wo.cli.plugins.sitedb import * @@ -670,6 +670,7 @@ def installwp_plugin(self, plugin_name, data): else '' )) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("plugin activation failed") return 1 @@ -693,6 +694,7 @@ def uninstallwp_plugin(self, plugin_name, data): "--allow-root uninstall " "{0}".format(plugin_name)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("plugin uninstall failed") @@ -710,6 +712,7 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data): "{0} \'{1}\' --format=json" .format(plugin_option, plugin_data)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("plugin setup failed") else: try: @@ -720,6 +723,7 @@ def setupwp_plugin(self, plugin_name, plugin_option, plugin_data, data): .format(plugin_option, plugin_data )) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("plugin setup failed") @@ -1001,6 +1005,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot): is_wp = WOShellExec.cmd_exec(self, "wp --allow-root core" " version") except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("is WordPress site? check command failed ") # Exit if wo_domain is not wordpress install @@ -1020,6 +1025,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot): WOShellExec.cmd_exec(self, "wp --allow-root user list " "--fields=user_login | grep -v user_login") except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("fetch wp userlist command failed") if not wo_wp_user: @@ -1030,6 +1036,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot): "--fields=user_login | grep {0}$ " .format(wo_wp_user)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("if wp user exists check command failed") if is_user_exist: @@ -1308,6 +1315,7 @@ def removeAcmeConf(self, domain): "-d {0} --ecc" .format(domain)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Cert removal failed") WOFileUtils.rm(self, '/etc/letsencrypt/renewal/{0}_ecc' @@ -1651,8 +1659,6 @@ def archivedCertificateHandle(self, domain): .format(WOVariables.wo_ssl_live, domain)) sslconf.close() - updateSiteInfo(self, domain, ssl=True) - except IOError as e: Log.debug(self, str(e)) Log.debug(self, "Error occured while generating " @@ -1667,8 +1673,6 @@ def archivedCertificateHandle(self, domain): "\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t" "/etc/letsencrypt/live/{0}/key.pem".format(domain)) - updateSiteInfo(self, domain, ssl=True) - elif (check_prompt == "3"): Log.info(self, "Issuing SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index bbd036a..c7134f7 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1,36 +1,39 @@ """Stack Plugin for WordOps""" -from cement.core.controller import CementBaseController, expose from cement.core import handler, hook -from wo.cli.plugins.site_functions import * -from wo.core.variables import WOVariables -from wo.core.aptget import WOAptGet -from wo.core.download import WODownload -from wo.core.shellexec import WOShellExec, CommandExecutionError -from wo.core.fileutils import WOFileUtils -from wo.core.apt_repo import WORepo -from wo.core.extract import WOExtract -from wo.core.mysql import WOMysql -from wo.core.addswap import WOSwap -from wo.core.git import WOGit -from wo.core.checkfqdn import check_fqdn -from pynginxconfig import NginxConfig -from wo.core.services import WOService -import random -import string -import configparser -import shutil -import os -import pwd -import grp +from cement.core.controller import CementBaseController, expose + import codecs +import configparser +import grp +import os import platform +import pwd +import random +import shutil +import string + import psutil -from wo.cli.plugins.stack_services import WOStackStatusController -from wo.cli.plugins.stack_migrate import WOStackMigrateController -from wo.cli.plugins.stack_upgrade import WOStackUpgradeController -from wo.core.logging import Log +# from pynginxconfig import NginxConfig +from wo.cli.plugins.site_functions import * from wo.cli.plugins.sitedb import * +from wo.cli.plugins.stack_migrate import WOStackMigrateController +from wo.cli.plugins.stack_services import WOStackStatusController +from wo.cli.plugins.stack_upgrade import WOStackUpgradeController +from wo.core.addswap import WOSwap +from wo.core.apt_repo import WORepo +from wo.core.aptget import WOAptGet +from wo.core.cron import WOCron +from wo.core.checkfqdn import check_fqdn +from wo.core.download import WODownload +from wo.core.extract import WOExtract +from wo.core.fileutils import WOFileUtils +from wo.core.git import WOGit +from wo.core.logging import Log +from wo.core.mysql import WOMysql +from wo.core.services import WOService +from wo.core.shellexec import CommandExecutionError, WOShellExec +from wo.core.variables import WOVariables def wo_stack_hook(app): @@ -129,6 +132,7 @@ class WOStackController(CementBaseController): .format(chars=chars), log=False) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error("Failed to initialize MySQL package") Log.debug(self, "echo \"mariadb-server-10.3 " @@ -143,6 +147,7 @@ class WOStackController(CementBaseController): .format(chars=chars), log=False) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error("Failed to initialize MySQL package") else: Log.debug(self, "Pre-seeding MySQL") @@ -158,6 +163,7 @@ class WOStackController(CementBaseController): .format(chars=chars), log=False) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error("Failed to initialize MySQL package") Log.debug(self, "echo \"mariadb-server-10.1 " @@ -172,6 +178,7 @@ class WOStackController(CementBaseController): .format(chars=chars), log=False) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error("Failed to initialize MySQL package") # generate my.cnf root credentials mysql_config = """ @@ -473,6 +480,7 @@ class WOStackController(CementBaseController): "2>/dev/null" .format(password=passwd)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Failed to save HTTP Auth") # Create Symbolic link for 22222 @@ -552,6 +560,7 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error( self, "Failed to generate HTTPS " "certificate for 22222") @@ -1076,10 +1085,14 @@ class WOStackController(CementBaseController): "query_cache_type = 1 \" " "/etc/mysql/my.cnf") except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Unable to update MySQL file") WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) - + WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' + '> /dev/null 2>&1', + comment='MySQL optimization cronjob ' + 'added by WordOps') WOGit.add(self, ["/etc/mysql"], msg="Adding MySQL into Git") WOService.reload_service(self, 'mysql') @@ -1138,6 +1151,7 @@ class WOStackController(CementBaseController): WOShellExec.cmd_exec(self, "ufw allow " "49000:50000/tcp") except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Unable to add UFW rule") if os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): @@ -1265,6 +1279,7 @@ class WOStackController(CementBaseController): "flush privileges;", log=False) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) Log.info( self, "fail to setup mysql user for netdata") WOService.restart_service(self, 'netdata') @@ -1386,6 +1401,7 @@ class WOStackController(CementBaseController): '/anemometer/install.sql' .format(WOVariables.wo_webroot)) except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("Unable to import Anemometer database") WOMysql.execute(self, 'grant select on' @@ -1657,16 +1673,16 @@ class WOStackController(CementBaseController): Log.debug(self, "Setting packages variable for Adminer ") packages = packages + [["https://github.com/vrana/adminer/" "releases/download/v{0}" - "/adminer-{0}.php" - .format(WOVariables.wo_adminer), - "{0}22222/" - "htdocs/db/adminer/index.php" - .format(WOVariables.wo_webroot), - "Adminer"], - ["https://raw.githubusercontent.com" - "/vrana/adminer/master/designs/" - "pepa-linha/adminer.css", - "{0}22222/" + "/adminer-{0}.php" + .format(WOVariables.wo_adminer), + "{0}22222/" + "htdocs/db/adminer/index.php" + .format(WOVariables.wo_webroot), + "Adminer"], + ["https://raw.githubusercontent.com" + "/vrana/adminer/master/designs/" + "pepa-linha/adminer.css", + "{0}22222/" "htdocs/db/adminer/adminer.css" .format(WOVariables.wo_webroot), "Adminer theme"]] From 773681bb524453f21703d0be290fdb99e391ce36 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 11:40:12 +0200 Subject: [PATCH 02/83] Testing MySQL tuning --- CHANGELOG.md | 11 ++ wo/cli/plugins/stack.py | 224 +++++++++++++++-------------- wo/cli/templates/upstream.mustache | 10 ++ 3 files changed, 134 insertions(+), 111 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 087e42c..cf90ba2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +#### Added + +- MySQL configuration tuning +- Cronjob to optimize MySQL databases weekly + +#### Changed + +- `wo maintenance` refactored +- Improved debug log +- Updated Nginx configuration process to not overwrite files with custom data (htpasswd-wo, acl.conf etc..) + ### v3.9.6.2 - 2019-07-24 #### Changed diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index c7134f7..f8cca41 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -24,7 +24,6 @@ from wo.core.addswap import WOSwap from wo.core.apt_repo import WORepo from wo.core.aptget import WOAptGet from wo.core.cron import WOCron -from wo.core.checkfqdn import check_fqdn from wo.core.download import WODownload from wo.core.extract import WOExtract from wo.core.fileutils import WOFileUtils @@ -244,6 +243,7 @@ class WOStackController(CementBaseController): """Post activity after installation of packages""" if (apt_packages): + # Nginx configuration if set(WOVariables.wo_nginx).issubset(set(apt_packages)): if set(["nginx"]).issubset(set(apt_packages)): # Fix for white screen death with NGINX PLUS @@ -254,16 +254,18 @@ class WOStackController(CementBaseController): wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' '\t$request_filename;\n') - if not (os.path.isfile('/etc/nginx/common/wpfc-php72.conf')): - # Change WordOpsVersion in nginx.conf file - WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", - "# add_header", - "add_header") + if os.path.isfile('/etc/nginx/nginx.conf'): + if WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', + '# add_header'): + # Change WordOpsVersion in nginx.conf file + WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", + "# add_header", + "add_header") - WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", - "\"WordOps\"", - "\"WordOps v{0}\"" - .format(WOVariables.wo_version)) + WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", + "\"WordOps\"", + "\"WordOps v{0}\"" + .format(WOVariables.wo_version)) data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/blockips.conf') @@ -291,7 +293,6 @@ class WOStackController(CementBaseController): (data), 'upstream.mustache', out=wo_nginx) wo_nginx.close() - if not (os.path.isfile('/etc/nginx/conf.d/stub_status.conf')): data = dict(phpconf=True if WOAptGet.is_installed(self, 'php7.2-fpm') else False) @@ -303,7 +304,6 @@ class WOStackController(CementBaseController): (data), 'stub_status.mustache', out=wo_nginx) wo_nginx.close() - if not (os.path.isfile('/etc/nginx/conf.d/webp.conf')): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/webp.conf') @@ -329,15 +329,8 @@ class WOStackController(CementBaseController): '/etc/nginx/common') os.makedirs('/etc/nginx/common') + if os.path.exists('/etc/nginx/common'): data = dict(webroot=WOVariables.wo_webroot) - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/acl.conf') - wo_nginx = open('/etc/nginx/common/acl.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'acl.mustache', - out=wo_nginx) - wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/locations-wo.conf') wo_nginx = open('/etc/nginx/common/locations-wo.conf', @@ -387,7 +380,6 @@ class WOStackController(CementBaseController): wo_nginx.close() # php73 conf - if not os.path.isfile("/etc/nginx/common/php73.conf"): # data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php73.conf') @@ -429,22 +421,60 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if not os.path.isfile("/etc/nginx/common/locations-wo.conf"): + # create redis conf + data = dict() Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-wo.conf') - wo_nginx = open('/etc/nginx/common/locations-wo.conf', + 'file /etc/nginx/common/redis-php72.conf') + wo_nginx = open('/etc/nginx/common/redis-php72.conf', encoding='utf-8', mode='w') - self.app.render((data), 'locations.mustache', + self.app.render((data), 'redis.mustache', + out=wo_nginx) + wo_nginx.close() + + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/redis-php73.conf') + wo_nginx = open('/etc/nginx/common/redis-php73.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'redis-php7.mustache', out=wo_nginx) wo_nginx.close() - if not os.path.isfile("/etc/nginx/common/release"): with open("/etc/nginx/common/release", "a") as release_file: release_file.write("v{0}" .format(WOVariables.wo_version)) release_file.close() + # Following files should not be overwrited + + if not os.path.isfile('/etc/nginx/common/acl.conf'): + data = dict(webroot=WOVariables.wo_webroot) + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/acl.conf') + wo_nginx = open('/etc/nginx/common/acl.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'acl.mustache', + out=wo_nginx) + wo_nginx.close() + + # add redis cache format if not already done + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/conf.d" + "/redis.conf")): + with open("/etc/nginx/conf.d/" + "redis.conf", "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local] '\n" + "'$http_host \"$request\" $status" + " $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") + # Nginx-Plus does not have nginx # package structure like this # So creating directories @@ -590,64 +620,9 @@ class WOStackController(CementBaseController): else: WOService.restart_service(self, 'nginx') - # create redis conf is redis is installed - if WOAptGet.is_installed(self, 'redis-server'): - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/common/" - "redis-php72.conf")): - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php72.conf') - wo_nginx = open('/etc/nginx/common/redis-php72.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis.mustache', - out=wo_nginx) - wo_nginx.close() - - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/common/" - "redis-php73.conf")): - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - # add redis upstream if not available in upstream.conf - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "upstream.conf", - "redis"): - with open("/etc/nginx/conf.d/upstream.conf", - "a") as redis_file: - redis_file.write("upstream redis {\n" - " server 127.0.0.1:6379;\n" - " keepalive 10;\n}\n") - - # add redis cache format if not already done - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/conf.d" - "/redis.conf")): - with open("/etc/nginx/conf.d/" - "redis.conf", "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis " - "'$remote_addr " - "$upstream_response_time " - "$srcache_fetch_status " - "[$time_local] '\n" - "'$http_host \"$request\" $status" - " $body_bytes_sent '\n" - "'\"$http_referer\" " - "\"$http_user_agent\"';\n") # setup nginx common folder for php7 if self.app.pargs.php73: - if (os.path.isdir("/etc/nginx/common") and - not os.path.isfile("/etc/nginx/common/php73.conf")): + if os.path.isdir("/etc/nginx/common"): data = dict() Log.debug(self, 'Writting the nginx configuration to ' @@ -682,9 +657,6 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if (os.path.isdir("/etc/nginx/common") and - not os.path.isfile("/etc/nginx/common/" - "redis-php73.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php73.conf') @@ -694,22 +666,9 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "upstream.conf", - "php73"): - with open("/etc/nginx/conf.d/" - "upstream.conf", "a") as php_file: - php_file.write("upstream php73 {\nserver unix:" - "/var/run/php/php73-fpm.sock;\n}\n" - "upstream debug73 {\nserver " - "127.0.0.1:9173;\n}\n") # create nginx configuration for redis if set(WOVariables.wo_redis).issubset(set(apt_packages)): - if (os.path.isfile("/etc/nginx/nginx.conf") and - not os.path.isfile("/etc/nginx/common/" - "redis-php72.conf")): - + if os.path.isdir('/etc/nginx/common'): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php72.conf') @@ -1076,17 +1035,6 @@ class WOStackController(CementBaseController): encoding='utf-8', mode='w') config_file.write(config) config_file.close() - else: - try: - WOShellExec.cmd_exec(self, "sed -i \"/#max_conn" - "ections/a wait_timeout = 30 \\n" - "interactive_timeout = 60 \\n" - "performance_schema = 0\\n" - "query_cache_type = 1 \" " - "/etc/mysql/my.cnf") - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error(self, "Unable to update MySQL file") WOFileUtils.chmod(self, "/usr/bin/mysqltuner", 0o775) WOCron.setcron_weekly(self, 'mysqlcheck -Aos --auto-repair ' @@ -1789,7 +1737,6 @@ class WOStackController(CementBaseController): WOShellExec.cmd_exec(self, "systemctl enable redis-server") if os.path.isfile("/etc/redis/redis.conf"): wo_ram = psutil.virtual_memory().total / (1024 * 1024) - wo_swap = psutil.swap_memory().total / (1024 * 1024) if wo_ram < 512: Log.debug(self, "Setting maxmemory variable to " "{0} in redis.conf" @@ -1823,6 +1770,61 @@ class WOStackController(CementBaseController): "allkeys-lru/' " "/etc/redis/redis.conf") WOService.restart_service(self, 'redis-server') + if 'mariadb-server' in apt_packages: + # setting innodb memory usage + wo_ram = psutil.virtual_memory().total / (1024 * 1024) + wo_ram_innodb = int(wo_ram*0.3) + wo_ram_log_buffer = int(wo_ram_innodb*0.25) + wo_ram_log_size = int(wo_ram_log_buffer*0.5) + # replacing default values + if os.path.isfile("/etc/mysql/my.cnf"): + Log.debug(self, "Tuning MySQL configuration") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_buffer_pool_size = 256M", + "innodb_buffer_pool_size = {0}M" + .format(wo_ram_innodb)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_log_buffer_size = 8M", + "innodb_log_buffer_size = {0}M" + .format(wo_ram_log_buffer)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "#innodb_log_file_size = 50M", + "innodb_log_file_size = {0}M" + .format(wo_ram_log_size)) + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "wait_timeout " + " = 600", + "wait_timeout " + " = 120") + # disabling mariadb binlog + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "log_bin " + " = /var/log/" + "mysql/mariadb-bin", + "#log_bin " + " = /var/log/" + "mysql/mariadb-bin") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "log_bin_index " + "= /var/log/mysql/" + "mariadb-bin.index", + "#log_bin_index " + "= /var/log/mysql/" + "mariadb-bin.index") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "expire_logs_days " + "= 10", + "#expire_logs_days " + "= 10") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "max_binlog_size " + "= 100M", + "#max_binlog_size " + "= 100M") + WOService.restart_service(self, 'mysql') + if disp_msg: if (self.msg): for msg in self.msg: diff --git a/wo/cli/templates/upstream.mustache b/wo/cli/templates/upstream.mustache index 26e06b9..686a6a5 100644 --- a/wo/cli/templates/upstream.mustache +++ b/wo/cli/templates/upstream.mustache @@ -74,3 +74,13 @@ upstream netdata { server 127.0.0.1:19999; keepalive 64; } + +#------------------------------- +# Redis +#------------------------------- + +# Redis cache upstream +upstream redis { + server 127.0.0.1:6379; + keepalive 10; +} From bea1050ad2489352c8c1cfd2b4cab506dbbd6b75 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 11:48:43 +0200 Subject: [PATCH 03/83] Fix identation and mariadb log size update --- .travis.yml | 4 +- wo/cli/plugins/stack.py | 113 +++++++++++++++++++++------------------- 2 files changed, 61 insertions(+), 56 deletions(-) diff --git a/.travis.yml b/.travis.yml index b46774b..f1cbea3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,10 +47,10 @@ script: - sudo wp --allow-root --info - sudo wo info - sudo tree -L 2 /etc/nginx - - sudo cat /var/www/wp1.com/wp-config.php + - sudo cat /etc/mysql/my.cnf - sudo wo stack upgrade --netdata --no-prompt - sudo wo stack upgrade --phpmyadmin --no-prompt - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - sudo wo stack status - - sudo wo maintenance \ No newline at end of file + - sudo wo maintenance diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index f8cca41..bf92dd5 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1770,60 +1770,65 @@ class WOStackController(CementBaseController): "allkeys-lru/' " "/etc/redis/redis.conf") WOService.restart_service(self, 'redis-server') - if 'mariadb-server' in apt_packages: - # setting innodb memory usage - wo_ram = psutil.virtual_memory().total / (1024 * 1024) - wo_ram_innodb = int(wo_ram*0.3) - wo_ram_log_buffer = int(wo_ram_innodb*0.25) - wo_ram_log_size = int(wo_ram_log_buffer*0.5) - # replacing default values - if os.path.isfile("/etc/mysql/my.cnf"): - Log.debug(self, "Tuning MySQL configuration") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_buffer_pool_size = 256M", - "innodb_buffer_pool_size = {0}M" - .format(wo_ram_innodb)) - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_log_buffer_size = 8M", - "innodb_log_buffer_size = {0}M" - .format(wo_ram_log_buffer)) - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "#innodb_log_file_size = 50M", - "innodb_log_file_size = {0}M" - .format(wo_ram_log_size)) - WOFileUtils.searchreplace(self, - "/etc/mysql/my.cnf", - "wait_timeout " - " = 600", - "wait_timeout " - " = 120") - # disabling mariadb binlog - WOFileUtils.searchreplace(self, - "/etc/mysql/my.cnf", - "log_bin " - " = /var/log/" - "mysql/mariadb-bin", - "#log_bin " - " = /var/log/" - "mysql/mariadb-bin") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "log_bin_index " - "= /var/log/mysql/" - "mariadb-bin.index", - "#log_bin_index " - "= /var/log/mysql/" - "mariadb-bin.index") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "expire_logs_days " - "= 10", - "#expire_logs_days " - "= 10") - WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "max_binlog_size " - "= 100M", - "#max_binlog_size " - "= 100M") - WOService.restart_service(self, 'mysql') + if 'mariadb-server' in apt_packages: + # setting innodb memory usage + wo_ram = psutil.virtual_memory().total / (1024 * 1024) + wo_ram_innodb = int(wo_ram*0.3) + wo_ram_log_buffer = int(wo_ram_innodb*0.25) + wo_ram_log_size = int(wo_ram_log_buffer*0.5) + # replacing default values + if os.path.isfile("/etc/mysql/my.cnf"): + Log.debug(self, "Tuning MySQL configuration") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_buffer_pool_size = 256M", + "innodb_buffer_pool_size = {0}M" + .format(wo_ram_innodb)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_log_buffer_size = 8M", + "innodb_log_buffer_size = {0}M" + .format(wo_ram_log_buffer)) + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "#innodb_log_file_size = 50M", + "innodb_log_file_size = {0}M" + .format(wo_ram_log_size)) + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "wait_timeout " + " = 600", + "wait_timeout " + " = 120") + # disabling mariadb binlog + WOFileUtils.searchreplace(self, + "/etc/mysql/my.cnf", + "log_bin " + " = /var/log/" + "mysql/mariadb-bin", + "#log_bin " + " = /var/log/" + "mysql/mariadb-bin") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "log_bin_index " + "= /var/log/mysql/" + "mariadb-bin.index", + "#log_bin_index " + "= /var/log/mysql/" + "mariadb-bin.index") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "expire_logs_days " + "= 10", + "#expire_logs_days " + "= 10") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "max_binlog_size " + "= 100M", + "#max_binlog_size " + "= 100M") + WOService.stop_service(self, 'mysql') + WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0', + '/var/lib/mysql/ib_logfile0.bak') + WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile1', + '/var/lib/mysql/ib_logfile1.bak') + WOService.start_service(self, 'mysql') if disp_msg: if (self.msg): From 574343a2ad6200e3283caf9e89b521e05898a872 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 13:10:33 +0200 Subject: [PATCH 04/83] Fix my.cnf identation --- wo/cli/plugins/stack.py | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index bf92dd5..099d87e 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1780,43 +1780,42 @@ class WOStackController(CementBaseController): if os.path.isfile("/etc/mysql/my.cnf"): Log.debug(self, "Tuning MySQL configuration") WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_buffer_pool_size = 256M", - "innodb_buffer_pool_size = {0}M" + "innodb_buffer_pool_size = 256M", + "innodb_buffer_pool_size = {0}M" .format(wo_ram_innodb)) WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "innodb_log_buffer_size = 8M", - "innodb_log_buffer_size = {0}M" + "innodb_log_buffer_size = 8M", + "innodb_log_buffer_size = {0}M" .format(wo_ram_log_buffer)) WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "#innodb_log_file_size = 50M", - "innodb_log_file_size = {0}M" + "#innodb_log_file_size = 50M", + "innodb_log_file_size = {0}M" .format(wo_ram_log_size)) WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "wait_timeout " + "wait_timeout " " = 600", - "wait_timeout " + "wait_timeout " " = 120") # disabling mariadb binlog WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "log_bin " - " = /var/log/" - "mysql/mariadb-bin", + "log_bin " + "= /var/log/mysql/" + "mariadb-bin", "#log_bin " " = /var/log/" "mysql/mariadb-bin") WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "log_bin_index " + 'log_bin_index ' "= /var/log/mysql/" "mariadb-bin.index", - "#log_bin_index " + "#log_bin_index " "= /var/log/mysql/" "mariadb-bin.index") WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", - "expire_logs_days " - "= 10", - "#expire_logs_days " + "expire_logs_days = 10", + "#expire_logs_days " "= 10") WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", "max_binlog_size " From 5cf62061e7c529b907208333820bdea712839ffa Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 16:47:26 +0200 Subject: [PATCH 05/83] Another fix --- wo/cli/plugins/stack.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 099d87e..3f2a592 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1794,9 +1794,9 @@ class WOStackController(CementBaseController): WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", "wait_timeout " - " = 600", + "= 600", "wait_timeout " - " = 120") + "= 120") # disabling mariadb binlog WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", @@ -1822,6 +1822,16 @@ class WOStackController(CementBaseController): "= 100M", "#max_binlog_size " "= 100M") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_open_files =" + " 400", + "innodb_open_files =" + " 16000") + WOFileUtils.searchreplace(self, "/etc/mysql/my.cnf", + "innodb_io_capacity =" + " 400", + "innodb_io_capacity =" + " 16000") WOService.stop_service(self, 'mysql') WOFileUtils.mvfile(self, '/var/lib/mysql/ib_logfile0', '/var/lib/mysql/ib_logfile0.bak') From 11de72b4e8c7b544ea6b6326596ca6747cc8223b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 17:13:27 +0200 Subject: [PATCH 06/83] Fix kernel tweaks --- CHANGELOG.md | 5 +++++ install | 13 ++++++++++++- wo/cli/templates/kerneltweaks-service.mustache | 13 ------------- ...s-script.mustache => wo-kernel-script.mustache} | 6 ++++-- wo/cli/templates/wo-kernel-service.mustache | 14 ++++++++++++++ 5 files changed, 35 insertions(+), 16 deletions(-) delete mode 100644 wo/cli/templates/kerneltweaks-service.mustache rename wo/cli/templates/{kerneltweaks-script.mustache => wo-kernel-script.mustache} (52%) create mode 100644 wo/cli/templates/wo-kernel-service.mustache diff --git a/CHANGELOG.md b/CHANGELOG.md index cf90ba2..bb0cb30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - MySQL configuration tuning - Cronjob to optimize MySQL databases weekly +- wo-kernel systemd service to apply kernel tweaks on server startup #### Changed @@ -19,6 +20,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Improved debug log - Updated Nginx configuration process to not overwrite files with custom data (htpasswd-wo, acl.conf etc..) +#### Fixed + +- Kernel tweaks were not applied without server reboot + ### v3.9.6.2 - 2019-07-24 #### Changed diff --git a/install b/install index c5d7473..70aba7e 100755 --- a/install +++ b/install @@ -453,11 +453,12 @@ wo_upgrade_nginx() { fi else if [ "$wo_distro_version" == "jessie" ]; then + # import the respository key for updates curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key | apt-key add - else curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key | apt-key add - fi - # import the respository key for updates + fi # stop nginx @@ -649,6 +650,16 @@ wo_tweak_kernel() { modprobe tcp_htcp && echo 'tcp_htcp' >> /etc/modules-load.d/htcp.conf echo 'net.ipv4.tcp_congestion_control = htcp' >> /etc/sysctl.d/60-wo-tweaks.conf fi + # apply sysctl tweaks + sysctl -e -p /etc/sysctl.d/60-wo-tweaks.conf + if [ ! -x /opt/wo-kernel.sh ]; then + # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup + wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache + chmod +x /opt/wo-kernel.sh + wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache + systemctl enable wo-kernel.service + systemctl start wo-kernel.service + fi fi LIMIT_CHECK=$(grep "500000" /etc/security/limits.conf) diff --git a/wo/cli/templates/kerneltweaks-service.mustache b/wo/cli/templates/kerneltweaks-service.mustache deleted file mode 100644 index 60f8de9..0000000 --- a/wo/cli/templates/kerneltweaks-service.mustache +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Linux kernel tweaks - -# append here other services you want netdata to wait for them to start -After=network.target - -[Service] -Type=simple -User=root -ExecStart=/opt/kerneltweaks.sh - -[Install] -WantedBy=multi-user.target diff --git a/wo/cli/templates/kerneltweaks-script.mustache b/wo/cli/templates/wo-kernel-script.mustache similarity index 52% rename from wo/cli/templates/kerneltweaks-script.mustache rename to wo/cli/templates/wo-kernel-script.mustache index 4071530..581a70d 100644 --- a/wo/cli/templates/kerneltweaks-script.mustache +++ b/wo/cli/templates/wo-kernel-script.mustache @@ -1,7 +1,9 @@ #!/usr/bin/env bash -# Kernel tweak script launched by kerneltweak systemd service -# script path after installation /opt/kerneltweaks.sh +# WordOps Kernel tweaks script +# script path after installation /opt/wo-kernel.sh +# Netdata Memory tweak echo 1 >/sys/kernel/mm/ksm/run echo 1000 >/sys/kernel/mm/ksm/sleep_millisecs +# Redis disable transparent_hugepage echo never > /sys/kernel/mm/transparent_hugepage/enabled diff --git a/wo/cli/templates/wo-kernel-service.mustache b/wo/cli/templates/wo-kernel-service.mustache new file mode 100644 index 0000000..f64f650 --- /dev/null +++ b/wo/cli/templates/wo-kernel-service.mustache @@ -0,0 +1,14 @@ +[Unit] +Description=WordOps kernel tweaks +# append here other services you want netdata to wait for them to start +After=syslog.target network.target remote-fs.target nss-lookup.target + +[Service] +Type=simple +User=root +ExecStart=/opt/wo-kernel.sh +StandardOutput=null + +[Install] +WantedBy=multi-user.target +Alias=wo-kernel.service \ No newline at end of file From 7142d19c5cb28ce28f9e3ac944fde23a7ad5eac2 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 17:58:04 +0200 Subject: [PATCH 07/83] Try again --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 11433b9..72cfe41 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ - **Up-to-date** : PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Secured** : Hardened WordPress security with strict Nginx location directives - **Powerful** : Optimized Nginx configurations with multiple cache backends support -- **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates handled by acme.sh +- **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates with DNS API handled by acme.sh - **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on ssllabs) - **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata From 71ee3c68d80780f34615c4aa85e0dad77b7c8bb6 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 23:30:33 +0200 Subject: [PATCH 08/83] Add site_url_https to change site url with le --- install | 6 +- wo/cli/plugins/site_functions.py | 94 +++++++++++++++++++------------- 2 files changed, 61 insertions(+), 39 deletions(-) diff --git a/install b/install index 70aba7e..ad21c6f 100755 --- a/install +++ b/install @@ -7,10 +7,10 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.6 - 2019-07-24 +# Version 3.9.6.3 - 2019-07-25 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" -readonly wo_version_new="3.9.6.2" +readonly wo_version_new="3.9.6.3" # CONTENTS # --- # 1. VARIABLES AND DECLARATIONS @@ -653,12 +653,14 @@ wo_tweak_kernel() { # apply sysctl tweaks sysctl -e -p /etc/sysctl.d/60-wo-tweaks.conf if [ ! -x /opt/wo-kernel.sh ]; then + { # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache chmod +x /opt/wo-kernel.sh wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache systemctl enable wo-kernel.service systemctl start wo-kernel.service + } >> /var/log/wo/install.log 2>&1 fi fi diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 564209a..0d3cf5c 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -676,6 +676,31 @@ def installwp_plugin(self, plugin_name, data): return 1 +def site_url_https(self, site_webroot='', wo_domain=''): + Log.info(self, "Checking if site url already use https, please wait...") + WOFileUtils.chdir(self, '{0}/htdocs/'.format(site_webroot)) + test_site_url = WOShellExec.cmd_exec(self, "php {0} option get siteurl " + .format(WOVariables.wo_wpcli_path) + + "--allow-root --quiet").split(":") + if not test_site_url[0] == "https": + try: + WOShellExec.cmd_exec(self, "php {0} option update siteurl " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + WOShellExec.cmd_exec(self, "php {0} option update home " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + raise SiteError("plugin activation failed") + Log.info( + self, "Site address updated " + "successfully to https://{0}".format(wo_domain)) + else: + Log.info( + self, "Site address was already using https") + + def uninstallwp_plugin(self, plugin_name, data): wo_site_webroot = data['webroot'] Log.debug(self, "Uninstalling plugin {0}, please wait..." @@ -1331,7 +1356,6 @@ def removeAcmeConf(self, domain): WOFileUtils.rm(self, '/etc/nginx/conf.d/force-ssl-{0}.conf.disabled' .format(domain)) - WOGit.add(self, ["/etc/letsencrypt"], msg="Deleted {0} " .format(domain)) @@ -1380,10 +1404,13 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, 'keylength')) if wo_dns: acme_mode = "--dns {0}".format(wo_acme_dns) + Log.debug( + self, "Validation : DNS mode with {0}".format(wo_acme_dns)) else: acme_mode = "-w /var/www/html" - Log.info(self, "Issuing SSL cert with acme.sh") + Log.debug(self, "Validation : Webroot mode") if subdomain: + Log.info(self, "Issuing subdomain SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " @@ -1394,6 +1421,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, acme_mode, keylenght)) elif wildcard: + Log.info(self, "Issuing Wildcard SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " @@ -1404,6 +1432,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, wo_acme_dns, keylenght)) else: + Log.info(self, "Issuing domain SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " @@ -1413,25 +1442,26 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, .format(wo_domain_name, acme_mode, keylenght)) if ssl: + Log.info(self, "Deploying SSL cert with acme.sh") + Log.debug(self, "Cert deployment for domain: {0}" + .format(wo_domain_name)) try: - Log.info(self, "Deploying SSL cert with acme.sh") - Log.debug(self, "Cert deployment for domain: {0}" - .format(wo_domain_name)) - sslsetup = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " - "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--install-cert -d {1} --ecc " - "--cert-file {0}/{1}/cert.pem " - "--key-file {0}/{1}/key.pem " - "--fullchain-file " - "{0}/{1}/fullchain.pem " - "--ca-file {0}/{1}/ca.pem " - "--reloadcmd " - "\"nginx -t && " - "service nginx restart\" " - .format(WOVariables.wo_ssl_live, - wo_domain_name)) + + WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " + "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--install-cert -d {1} --ecc " + "--cert-file {0}/{1}/cert.pem " + "--key-file {0}/{1}/key.pem " + "--fullchain-file " + "{0}/{1}/fullchain.pem " + "--ca-file {0}/{1}/ca.pem " + "--reloadcmd " + "\"nginx -t && " + "service nginx restart\" " + .format(WOVariables.wo_ssl_live, + wo_domain_name)) Log.info( self, "Adding /var/www/{0}/conf/nginx/ssl.conf" .format(wo_domain_name)) @@ -1447,7 +1477,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, "ssl_stapling_verify on;\n" .format(WOVariables.wo_ssl_live, wo_domain_name)) sslconf.close() - #updateSiteInfo(self, wo_domain_name, ssl=True) + # updateSiteInfo(self, wo_domain_name, ssl=True) WOGit.add(self, ["/etc/letsencrypt"], msg="Adding letsencrypt folder") @@ -1475,7 +1505,7 @@ def renewLetsEncrypt(self, wo_domain_name): "--renew -d {0} --ecc --force" .format(wo_domain_name)) - mail_list = '' + # mail_list = '' if not ssl: Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False) @@ -1609,11 +1639,10 @@ def archivedCertificateHandle(self, domain): "{1}_ecc/{1}.conf)".format(WOVariables.wo_ssl_archive, domain) + "\nPlease select an option from below?" "\n\t1: Reinstall existing certificate" - "\n\t2: Keep the existing certificate for now" - "\n\t3: Renew & replace the certificate (limit ~5 per 7 days)" + "\n\t2: Renew & replace the certificate (limit ~5 per 7 days)" "") check_prompt = input( - "\nType the appropriate number [1-3] or any other key to cancel: ") + "\nType the appropriate number [1-2] or any other key to cancel: ") if not os.path.isfile("{0}/{1}/fullchain.pem" .format(WOVariables.wo_ssl_live, domain)): Log.error( @@ -1621,7 +1650,7 @@ def archivedCertificateHandle(self, domain): .format(WOVariables.wo_ssl_live, domain)) if check_prompt == "1": - Log.info(self, "Issuing SSL cert with acme.sh") + Log.info(self, "Reinstalling SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && " "/etc/letsencrypt/acme.sh " "--config-home " @@ -1633,7 +1662,7 @@ def archivedCertificateHandle(self, domain): "{0}/{1}/fullchain.pem " "--ca-file {0}/{1}/ca.pem " "--reloadcmd " - "\"service nginx restart\" " + "\"nginx -t && service nginx restart\" " .format(WOVariables.wo_ssl_live, domain)) if ssl: @@ -1665,15 +1694,6 @@ def archivedCertificateHandle(self, domain): "ssl.conf") elif (check_prompt == "2"): - Log.info(self, "Using Existing Certificate files") - if not os.path.isfile("{0}/{1}/fullchain.pem" - .format(WOVariables.wo_ssl_live, domain)): - Log.error(self, "Certificate files not found. Skipping.\n" - "Please check if following file exist" - "\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t" - "/etc/letsencrypt/live/{0}/key.pem".format(domain)) - - elif (check_prompt == "3"): Log.info(self, "Issuing SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " @@ -1698,7 +1718,7 @@ def archivedCertificateHandle(self, domain): "ssl_trusted_certificate " "{0}/{1}/ca.pem;\n" "--reloadcmd " - "\"service nginx restart\" " + "\"nginx -t && service nginx restart\" " .format(WOVariables.wo_ssl_live, domain)) except IOError as e: From bd1e9d68c58893ed9f8faa5a70f3ea0fb5fcfa92 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 25 Jul 2019 23:30:58 +0200 Subject: [PATCH 09/83] Add site_url_https to site --- wo/cli/plugins/site.py | 6 +++--- wo/core/variables.py | 16 +++++++--------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 3054133..2e57359 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -760,10 +760,10 @@ class WOSiteCreateController(CementBaseController): if self.app.pargs.hsts: setupHsts(self, wo_domain) + if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") - Log.info(self, "Congratulations! Successfully Configured " "SSl for Site " " https://{0}".format(wo_domain)) @@ -773,7 +773,7 @@ class WOSiteCreateController(CementBaseController): msg="Adding letsencrypts config of site: {0}" .format(wo_domain)) updateSiteInfo(self, wo_domain, ssl=letsencrypt) - + site_url_https(self, wo_domain, wo_site_webroot) elif data['letsencrypt'] is False: Log.info(self, "Not using Let\'s encrypt for Site " " http://{0}".format(wo_domain)) @@ -1320,7 +1320,7 @@ class WOSiteUpdateController(CementBaseController): if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") - + site_url_https(self, wo_domain, wo_site_webroot) Log.info(self, "Congratulations! Successfully " "Configured SSl for Site " " https://{0}".format(wo_domain)) diff --git a/wo/core/variables.py b/wo/core/variables.py index 750bf7f..6d027ef 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -3,7 +3,6 @@ import platform import socket import configparser import os -import psutil import datetime @@ -18,9 +17,7 @@ class WOVariables(): wo_phpmyadmin = "4.9.0.1" # Get WPCLI path - wo_wpcli_path = os.popen('command -v wp | tr "\n" " "').read() - if wo_wpcli_path == '': - wo_wpcli_path = '/usr/local/bin/wp ' + wo_wpcli_path = '/usr/local/bin/wp' # get wan network interface name wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " @@ -33,10 +30,11 @@ class WOVariables(): wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S') # WordOps core variables - wo_platform_distro = os.popen("lsb_release -si " + wo_platform_distro = os.popen("/usr/bin/lsb_release -si " "| tr -d \'\\n\'").read().lower() wo_platform_version = platform.linux_distribution()[1] - wo_platform_codename = os.popen("lsb_release -sc | tr -d \'\\n\'").read() + wo_platform_codename = os.popen( + "/usr/bin/lsb_release -sc | tr -d \'\\n\'").read() # Get timezone of system if os.path.isfile('/etc/timezone'): @@ -68,7 +66,7 @@ class WOVariables(): try: wo_user = config['user']['name'] wo_email = config['user']['email'] - except Exception as e: + except Exception: wo_user = input("Enter your name: ") wo_email = input("Enter your email: ") os.system("/usr/bin/git config --global user.name {0}".format(wo_user)) @@ -85,7 +83,7 @@ class WOVariables(): if [cnfpath] == config.read(cnfpath): try: wo_mysql_host = config.get('client', 'host') - except configparser.NoOptionError as e: + except configparser.NoOptionError: wo_mysql_host = "localhost" else: wo_mysql_host = "localhost" @@ -168,7 +166,7 @@ class WOVariables(): .format(codename=wo_platform_codename)) wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] - wo_fail2ban = ["fail2ban", "python3-pyinotify"] + wo_fail2ban = ["fail2ban"] # Redis repo details if wo_platform_distro == 'ubuntu': From 2ae88ed7b0951aaff3f5d7d6fb7dfe05f7d0a3fa Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 26 Jul 2019 00:38:11 +0200 Subject: [PATCH 10/83] make sysctl quiet --- install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install b/install index ad21c6f..c8079b7 100755 --- a/install +++ b/install @@ -651,7 +651,7 @@ wo_tweak_kernel() { echo 'net.ipv4.tcp_congestion_control = htcp' >> /etc/sysctl.d/60-wo-tweaks.conf fi # apply sysctl tweaks - sysctl -e -p /etc/sysctl.d/60-wo-tweaks.conf + sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf if [ ! -x /opt/wo-kernel.sh ]; then { # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup From e6a4611ee6d414e65334b12d6eeddb6d76669d1e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sat, 27 Jul 2019 21:53:52 +0200 Subject: [PATCH 11/83] Fix site url change to https --- CHANGELOG.md | 5 ++++- docs/wo.8 | 21 ++++++++++++--------- wo/cli/plugins/site.py | 5 +++-- wo/cli/plugins/site_functions.py | 14 ++++++++------ wo/core/variables.py | 5 +++-- 5 files changed, 30 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bb0cb30..0132c93 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,13 +12,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - MySQL configuration tuning - Cronjob to optimize MySQL databases weekly -- wo-kernel systemd service to apply kernel tweaks on server startup +- WO-kernel systemd service to automatically apply kernel tweaks on server startup #### Changed - `wo maintenance` refactored - Improved debug log - Updated Nginx configuration process to not overwrite files with custom data (htpasswd-wo, acl.conf etc..) +- Adminer updated to v4.7.2 +- eXtplorer updated to v2.1.13 +- Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues #### Fixed diff --git a/docs/wo.8 b/docs/wo.8 index 6ad30fa..47b17f6 100644 --- a/docs/wo.8 +++ b/docs/wo.8 @@ -1,19 +1,19 @@ -.TH wo 8 "WordOps (wo) version: 3.3.8" "Sep 10,2015" "WordOps" +.TH wo 8 "WordOps (wo) version: 3.9.6.3" "Jul 26,2019" "WordOps" .SH NAME .B WordOps (wo) \- Manage Nginx Based Websites. .SH SYNOPSIS wo [ --version | --help | info | stack | site | debug | update | clean | import_slow_log | log | secure | sync | maintenance ] .TP -wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata ] +wo stack [ install | remove | purge | migrate | upgrade] [ --web | --all | --nginx | --php | --php73 | --mysql | --admin | --adminer | --redis | --phpmyadmin | --phpredisadmin | --wpcli | --utils | --dashboard | --netdata | --fail2ban | --proftpd ] .TP -wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --redis] +wo stack [ status | start | stop | reload | restart ] [--all | --nginx | --php | --php73 |--mysql | --web | --redis | --netdata | --fail2ban | --proftpd] .TP wo site [ list | info | show | enable | disable | edit | cd | show ] [ example.com ] .TP -wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain/wildcard][--dns=dns_cf/dns_do]] +wo site create example.com [ --html | --php | --php73 | --mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis | --letsencrypt/-le/--letsencrypt=subdomain/wildcard][--dns/--dns=dns_cf/dns_do]] .TP -wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [-le/--letsencrypt=on/off/subdomain/renew/wildcard] [--dns=dns_cf/dns_do]] +wo site update example.com [ --php | --php73 |--mysql] [[--wp | --wpsubdir | --wpsubdomain ] [--wpsc | --wpfc | --wpredis ] [--password] [-le/--letsencrypt/--letsencrypt=on/off/subdomain/renew/wildcard/clean/purge] [--dns/--dns=dns_cf/dns_do]] .TP wo site delete example.com [--db | --files | --all | --no-prompt | --force/-f ] .TP @@ -46,19 +46,19 @@ Display WordOps (wo) help. .TP .B stack .TP -.B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.B install [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard | --fail2ban | --proftpd ] .br Install Nginx PHP5 MySQL Postfix stack Packages if not used with .br any options.Installs specific package if used with option. .TP -.B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.B remove [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard | --fail2ban | --proftpd ] .br Remove Nginx PHP5 MySQL Postfix stack Packages if not used with .br any options. Remove specific package if used with option. .TP -.B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard ] +.B purge [ --all | --web | --nginx | --php | --php73 |--mysql | --redis | --adminer | --phpmyadmin | --phpredismyadmin | --wpcli | --utils | --netdata | --dashboard | --fail2ban | --proftpd ] .br Purge Nginx PHP5 MySQL Postfix stack Packages if not used with any .br @@ -165,7 +165,7 @@ Update security settings. .TP .B clean [ --fastcgi | --opcache | --redis | --all ] .br -Clean NGINX fastCGI cache, Opcache, memcached, Redis cache. +Clean NGINX fastCGI cache, Opcache, Redis cache. .br Clean NGINX fastCGI cache if no option specified. .SH ARGUMENTS @@ -312,3 +312,6 @@ Report bugs at .B Rajdeep Sharma .I \ .br +.B Thomas SUCHON +.I \ +.br diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 2e57359..26a0111 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -760,7 +760,6 @@ class WOSiteCreateController(CementBaseController): if self.app.pargs.hsts: setupHsts(self, wo_domain) - if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") @@ -1320,7 +1319,6 @@ class WOSiteUpdateController(CementBaseController): if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") - site_url_https(self, wo_domain, wo_site_webroot) Log.info(self, "Congratulations! Successfully " "Configured SSl for Site " " https://{0}".format(wo_domain)) @@ -1333,6 +1331,9 @@ class WOSiteUpdateController(CementBaseController): Log.warn( self, "Your cert already EXPIRED ! " ".PLEASE renew soon . ") + # change site url to https + if data['wp'] is True: + site_url_https(self, data) elif data['letsencrypt'] is False: if self.app.pargs.letsencrypt == "off": diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 0d3cf5c..e093382 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -676,26 +676,28 @@ def installwp_plugin(self, plugin_name, data): return 1 -def site_url_https(self, site_webroot='', wo_domain=''): +def site_url_https(self, data): + wo_site_webroot = data['webroot'] + wo_domain_name = data['site_name'] Log.info(self, "Checking if site url already use https, please wait...") - WOFileUtils.chdir(self, '{0}/htdocs/'.format(site_webroot)) + WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) test_site_url = WOShellExec.cmd_exec(self, "php {0} option get siteurl " .format(WOVariables.wo_wpcli_path) + - "--allow-root --quiet").split(":") + "--allow-root --quiet").split("://") if not test_site_url[0] == "https": try: WOShellExec.cmd_exec(self, "php {0} option update siteurl " "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) + WOVariables.wo_wpcli_path, wo_domain_name)) WOShellExec.cmd_exec(self, "php {0} option update home " "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) + WOVariables.wo_wpcli_path, wo_domain_name)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) raise SiteError("plugin activation failed") Log.info( self, "Site address updated " - "successfully to https://{0}".format(wo_domain)) + "successfully to https://{0}".format(wo_domain_name)) else: Log.info( self, "Site address was already using https") diff --git a/wo/core/variables.py b/wo/core/variables.py index 6d027ef..55b0bfb 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -10,11 +10,12 @@ class WOVariables(): """Intialization of core variables""" # WordOps version - wo_version = "3.9.6.2" + wo_version = "3.9.6.3" # WordOps packages versions wo_wp_cli = "2.2.0" - wo_adminer = "4.7.1" + wo_adminer = "4.7.2" wo_phpmyadmin = "4.9.0.1" + wo_extplorer = "2.1.13" # Get WPCLI path wo_wpcli_path = '/usr/local/bin/wp' From ad81f18f799221432cb3a4c3d80c90b20a01fde3 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sat, 27 Jul 2019 22:08:16 +0200 Subject: [PATCH 12/83] Simplify stack setup --- wo/cli/plugins/stack.py | 164 ++++++++++++---------------------------- 1 file changed, 50 insertions(+), 114 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 3f2a592..a3f9a99 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -255,34 +255,6 @@ class WOStackController(CementBaseController): '\t$request_filename;\n') if os.path.isfile('/etc/nginx/nginx.conf'): - if WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', - '# add_header'): - # Change WordOpsVersion in nginx.conf file - WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", - "# add_header", - "add_header") - - WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", - "\"WordOps\"", - "\"WordOps v{0}\"" - .format(WOVariables.wo_version)) - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/blockips.conf') - wo_nginx = open('/etc/nginx/conf.d/blockips.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'blockips.mustache', out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/conf.d/fastcgi.conf') - wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'fastcgi.mustache', out=wo_nginx) - wo_nginx.close() - data = dict(php="9000", debug="9001", php7="9070", debug7="9170") Log.debug(self, 'Writting the nginx configuration to ' @@ -323,7 +295,7 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - # Setup Nginx common directory + # Setup Nginx common directory if not os.path.exists('/etc/nginx/common'): Log.debug(self, 'Creating directory' '/etc/nginx/common') @@ -331,6 +303,8 @@ class WOStackController(CementBaseController): if os.path.exists('/etc/nginx/common'): data = dict(webroot=WOVariables.wo_webroot) + + # Common Configuration Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/locations-wo.conf') wo_nginx = open('/etc/nginx/common/locations-wo.conf', @@ -339,6 +313,15 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/wpsubdir.conf') + wo_nginx = open('/etc/nginx/common/wpsubdir.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'wpsubdir.mustache', + out=wo_nginx) + wo_nginx.close() + + # PHP 7.2 conf Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php72.conf') wo_nginx = open('/etc/nginx/common/php72.conf', @@ -371,16 +354,10 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsubdir.conf') - wo_nginx = open('/etc/nginx/common/wpsubdir.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsubdir.mustache', - out=wo_nginx) - wo_nginx.close() + # PHP 7.3 conf + if os.path.isdir("/etc/nginx/common"): + data = dict() - # php73 conf - # data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php73.conf') wo_nginx = open('/etc/nginx/common/php73.conf', @@ -413,14 +390,6 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() - # create redis conf data = dict() Log.debug(self, 'Writting the nginx configuration to ' @@ -457,6 +426,23 @@ class WOStackController(CementBaseController): self.app.render((data), 'acl.mustache', out=wo_nginx) wo_nginx.close() + if not os.path.isfile('/etc/nginx/conf.d/blockips.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/blockips.conf') + wo_nginx = open('/etc/nginx/conf.d/blockips.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'blockips.mustache', out=wo_nginx) + wo_nginx.close() + + if not os.path.isfile('/etc/nginx/conf.d/fastcgi.conf'): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/conf.d/fastcgi.conf') + wo_nginx = open('/etc/nginx/conf.d/fastcgi.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'fastcgi.mustache', out=wo_nginx) + wo_nginx.close() # add redis cache format if not already done if (os.path.isfile("/etc/nginx/nginx.conf") and @@ -620,52 +606,6 @@ class WOStackController(CementBaseController): else: WOService.restart_service(self, 'nginx') - # setup nginx common folder for php7 - if self.app.pargs.php73: - if os.path.isdir("/etc/nginx/common"): - data = dict() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php73.conf') - wo_nginx = open('/etc/nginx/common/php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpcommon-php73.conf') - wo_nginx = open('/etc/nginx/common/wpcommon-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpcommon-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpfc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-php73.conf') - wo_nginx = open('/etc/nginx/common/wpsc-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-php7.mustache', - out=wo_nginx) - wo_nginx.close() - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() - # create nginx configuration for redis if set(WOVariables.wo_redis).issubset(set(apt_packages)): if os.path.isdir('/etc/nginx/common'): @@ -1616,27 +1556,22 @@ class WOStackController(CementBaseController): # ADMINER if self.app.pargs.adminer: - if not os.path.isdir('{0}22222/htdocs/db/adminer' - .format(WOVariables.wo_webroot)): - Log.debug(self, "Setting packages variable for Adminer ") - packages = packages + [["https://github.com/vrana/adminer/" - "releases/download/v{0}" - "/adminer-{0}.php" - .format(WOVariables.wo_adminer), - "{0}22222/" - "htdocs/db/adminer/index.php" - .format(WOVariables.wo_webroot), - "Adminer"], - ["https://raw.githubusercontent.com" - "/vrana/adminer/master/designs/" - "pepa-linha/adminer.css", - "{0}22222/" - "htdocs/db/adminer/adminer.css" - .format(WOVariables.wo_webroot), - "Adminer theme"]] - else: - Log.debug(self, "Adminer already installed") - Log.info(self, "Adminer already installed") + Log.debug(self, "Setting packages variable for Adminer ") + packages = packages + [["https://github.com/vrana/adminer/" + "releases/download/v{0}" + "/adminer-{0}.php" + .format(WOVariables.wo_adminer), + "{0}22222/" + "htdocs/db/adminer/index.php" + .format(WOVariables.wo_webroot), + "Adminer"], + ["https://raw.githubusercontent.com" + "/vrana/adminer/master/designs/" + "pepa-linha/adminer.css", + "{0}22222/" + "htdocs/db/adminer/adminer.css" + .format(WOVariables.wo_webroot), + "Adminer theme"]] # Netdata if self.app.pargs.netdata: @@ -1662,7 +1597,8 @@ class WOStackController(CementBaseController): "/var/lib/wo/tmp/wo-dashboard.tar.gz", "WordOps Dashboard"], ["https://github.com/soerennb/" - "extplorer/archive/v2.1.11.tar.gz", + "extplorer/archive/v{0}.tar.gz" + .format(WOVariables.wo_extplorer), "/var/lib/wo/tmp/extplorer.tar.gz", "eXtplorer"]] else: From 76f6dc927453281fad1eb9d83c25340f19f74256 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sat, 27 Jul 2019 23:11:19 +0200 Subject: [PATCH 13/83] Fix extplorer version variable --- wo/cli/plugins/stack.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index a3f9a99..5b35342 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1209,7 +1209,8 @@ class WOStackController(CementBaseController): .format(WOVariables.wo_webroot)) WOExtract.extract(self, '/var/lib/wo/tmp/extplorer.tar.gz', '/var/lib/wo/tmp/') - shutil.move('/var/lib/wo/tmp/extplorer-2.1.11', + shutil.move('/var/lib/wo/tmp/extplorer-{0}' + .format(WOVariables.wo_extplorer), '{0}22222/htdocs/files' .format(WOVariables.wo_webroot)) Log.debug(self, "Setting Privileges to " From 5cfee94f86e8420e31689623e484a72269d5fe6d Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 28 Jul 2019 20:28:02 +0200 Subject: [PATCH 14/83] Fix fail2ban standalone install --- wo/cli/plugins/stack.py | 1 + 1 file changed, 1 insertion(+) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 5b35342..c0dbeb1 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -987,6 +987,7 @@ class WOStackController(CementBaseController): # create fail2ban configuration files if set(WOVariables.wo_fail2ban).issubset(set(apt_packages)): if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): + data = dict() Log.debug(self, "Setting up fail2ban jails configuration") fail2ban_config = open('/etc/fail2ban/jail.d/custom.conf', encoding='utf-8', mode='w') From 4f2bfc2c06af36e491c39d3ac23c6104f180bb37 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 28 Jul 2019 21:23:07 +0200 Subject: [PATCH 15/83] Update nginx stack install --- .travis.yml | 3 +- CHANGELOG.md | 1 + wo/cli/plugins/secure.py | 2 - wo/cli/plugins/site_functions.py | 2 +- wo/cli/plugins/stack.py | 26 +++- wo/cli/templates/nginx-core.mustache | 212 +++++++++++++++++++++------ 6 files changed, 191 insertions(+), 55 deletions(-) diff --git a/.travis.yml b/.travis.yml index f1cbea3..8e1ee77 100644 --- a/.travis.yml +++ b/.travis.yml @@ -46,11 +46,10 @@ script: - sudo wo site update 1.com --wp && sudo wo site update 2.com --php73 && sudo wo site update 3.com --php73 && sudo wo site update 1.com --wpfc && sudo wo site update 1.com --wpsc && sudo wo site update 1.com --wpredis - sudo wp --allow-root --info - sudo wo info - - sudo tree -L 2 /etc/nginx + - sudo cat /etc/nginx/nginx.conf - sudo cat /etc/mysql/my.cnf - sudo wo stack upgrade --netdata --no-prompt - sudo wo stack upgrade --phpmyadmin --no-prompt - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - sudo wo stack status - - sudo wo maintenance diff --git a/CHANGELOG.md b/CHANGELOG.md index 0132c93..e6b8858 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -26,6 +26,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), #### Fixed - Kernel tweaks were not applied without server reboot +- Fail2ban standalone install ### v3.9.6.2 - 2019-07-24 diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index 4312e84..0df27c9 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -8,8 +8,6 @@ from wo.core.git import WOGit from wo.core.services import WOService import string import random -import sys -import hashlib import getpass diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index e093382..99d399f 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -892,7 +892,7 @@ def site_package_check(self, stype): if stype in ['mysql', 'wp', 'wpsubdir', 'wpsubdomain']: Log.debug(self, "Setting apt_packages variable for MySQL") - if not WOShellExec.cmd_exec(self, "mysqladmin ping"): + if not WOShellExec.cmd_exec(self, "/usr/bin/mysqladmin ping"): apt_packages = apt_packages + WOVariables.wo_mysql packages = packages + [["https://raw.githubusercontent.com/" "major/MySQLTuner-perl/master/" diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index c0dbeb1..048daf4 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -245,14 +245,24 @@ class WOStackController(CementBaseController): # Nginx configuration if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - if set(["nginx"]).issubset(set(apt_packages)): - # Fix for white screen death with NGINX PLUS - if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', - 'SCRIPT_FILENAME'): - with open('/etc/nginx/fastcgi_params', - encoding='utf-8', mode='a') as wo_nginx: - wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' - '\t$request_filename;\n') + # Nginx main configuration + if os.path.isfile('/etc/nginx/nginx.conf'): + data = dict() + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/nginx.conf') + wo_nginx = open('/etc/nginx/nginx.conf', + encoding='utf-8', mode='w') + self.app.render( + (data), 'nginx-core.mustache', out=wo_nginx) + wo_nginx.close() + + # Fix for white screen death with NGINX PLUS + if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', + 'SCRIPT_FILENAME'): + with open('/etc/nginx/fastcgi_params', + encoding='utf-8', mode='a') as wo_nginx: + wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' + '\t$request_filename;\n') if os.path.isfile('/etc/nginx/nginx.conf'): data = dict(php="9000", debug="9001", diff --git a/wo/cli/templates/nginx-core.mustache b/wo/cli/templates/nginx-core.mustache index e262d87..3638801 100644 --- a/wo/cli/templates/nginx-core.mustache +++ b/wo/cli/templates/nginx-core.mustache @@ -1,61 +1,189 @@ -## -# WordOps Settings -## +user www-data; +worker_processes auto; +worker_cpu_affinity auto; +worker_rlimit_nofile 100000; +pid /run/nginx.pid; -server_tokens off; -reset_timedout_connection on; -add_header X-Powered-By "WordOps {{version}}"; +pcre_jit on; -# Limit Request -limit_req_status 403; -limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; - -# Proxy Settings -# set_real_ip_from proxy-server-ip; -# real_ip_header X-Forwarded-For; - -fastcgi_read_timeout 300; -client_max_body_size 100m; - -# SSL Settings -ssl_protocols TLSv1.2; -ssl_ciphers 'EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES'; -ssl_session_cache shared:SSL:50m; -ssl_session_timeout 1d; -ssl_session_tickets off; -{{#Ubuntu}} -ssl_prefer_server_ciphers on; -{{/Ubuntu}} - -# Log format Settings -log_format rt_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' -'$http_host "$request" $status $body_bytes_sent ' -'"$http_referer" "$http_user_agent"'; +events { + multi_accept on; + worker_connections 50000; + accept_mutex on; + use epoll; +} -# GZip settings -gzip_vary on; -gzip_proxied any; -gzip_comp_level 6; -gzip_buffers 16 8k; -gzip_http_version 1.1; -# Compress all output labeled with one of the following MIME-types. -gzip_types +http { + ## + # WordOps Settings + ## + + sendfile on; + sendfile_max_chunk 512k; + + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 8; + keepalive_requests 500; + keepalive_disable msie6; + + lingering_time 20s; + lingering_timeout 5s; + + # Nginx AIO : See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/ + # http://nginx.org/en/docs/http/ngx_http_core_module.html#aio + aio threads; + + server_tokens off; + reset_timedout_connection on; + more_set_headers "X-Powered-By : WordOps"; + + # Limit Request + limit_req_status 403; + limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; + + # Proxy Settings + # set_real_ip_from proxy-server-ip; + # real_ip_header X-Forwarded-For; + + fastcgi_read_timeout 300; + client_max_body_size 100m; + + # ngx_vts_module + vhost_traffic_status_zone; + + ## + # SSL Settings + ## + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:50m; + ssl_session_tickets off; + ssl_prefer_server_ciphers on; + ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ecdh_curve secp521r1:secp384r1; + # Previous TLS v1.2 configuration + # ssl_protocols TLSv1.2; + # ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES; + + # Common security headers + more_set_headers "X-Frame-Options : SAMEORIGIN"; + more_set_headers "X-Xss-Protection : 1; mode=block"; + more_set_headers "X-Content-Type-Options : nosniff"; + more_set_headers "Referrer-Policy : strict-origin-when-cross-origin"; + more_set_headers "X-Download-Options : noopen"; + + # oscp settings + resolver 8.8.8.8 1.1.1.1 8.8.4.4 1.0.0.1 valid=300s; + resolver_timeout 10; + ssl_stapling on; + + ## + # Basic Settings + ## + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # Logging Settings + ## + + access_log off; + error_log /var/log/nginx/error.log; + + # Log format Settings + log_format wo_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' + '$http_host "$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent" "$server_protocol"'; + + ## + # Gzip Settings + ## + + # mitigation for CRIME/BREACH attacks + gzip off; + + ## + # Brotli Settings + ## + + brotli on; + brotli_static on; + brotli_buffers 16 8k; + brotli_min_length 64000; + brotli_comp_level 4; + brotli_types application/atom+xml + application/geo+json application/javascript application/json + application/ld+json + application/manifest+json + application/rdf+xml application/rss+xml application/vnd.ms-fontobject + application/wasm + application/x-font-opentype + application/x-font-truetype application/x-font-ttf + application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml + application/xml+rss + font/eot font/opentype + font/otf + image/bmp image/svg+xml + image/vnd.microsoft.icon image/x-icon + image/x-win-bitmap + text/cache-manifest + text/calendar text/css + text/javascript + text/markdown text/plain + text/vcard + text/vnd.rim.location.xloc + text/vtt text/x-component - text/xml - text/javascript; - # text/html is always compressed by HttpGzipModule + text/x-cross-domain-policy + text/xml; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + + +#mail { +# # See sample authentication script at: +# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript +# +# # auth_http localhost/auth.php; +# # pop3_capabilities "TOP" "USER"; +# # imap_capabilities "IMAP4rev1" "UIDPLUS"; +# +# server { +# listen localhost:110; +# protocol pop3; +# proxy on; +# } +# +# server { +# listen localhost:143; +# protocol imap; +# proxy on; +# } +#} From 17510fe57caa1c5471a14faddb0a4919057a6483 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 28 Jul 2019 22:22:51 +0200 Subject: [PATCH 16/83] Fix nginx.conf --- wo/cli/templates/nginx-core.mustache | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/wo/cli/templates/nginx-core.mustache b/wo/cli/templates/nginx-core.mustache index 3638801..dd4631e 100644 --- a/wo/cli/templates/nginx-core.mustache +++ b/wo/cli/templates/nginx-core.mustache @@ -54,6 +54,10 @@ http { # ngx_vts_module vhost_traffic_status_zone; + # tls dynamic records patch directive + ssl_dyn_rec_enable on; + + ## # SSL Settings ## @@ -64,7 +68,7 @@ http { ssl_prefer_server_ciphers on; ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20'; ssl_protocols TLSv1.2 TLSv1.3; - ssl_ecdh_curve secp521r1:secp384r1; + ssl_ecdh_curve X25519:P-521:P-384:P-256; # Previous TLS v1.2 configuration # ssl_protocols TLSv1.2; # ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES; @@ -98,7 +102,7 @@ http { error_log /var/log/nginx/error.log; # Log format Settings - log_format wo_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' + log_format rt_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] ' '$http_host "$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" "$server_protocol"'; From b85a81ad8d7a2634a7e39cb7f836c19dd8b9153a Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 02:32:53 +0200 Subject: [PATCH 17/83] Few code quality improvements --- CHANGELOG.md | 1 + wo/cli/plugins/debug.py | 2 +- wo/cli/plugins/import_slow_log.py | 3 --- wo/cli/plugins/info.py | 3 +-- wo/cli/plugins/site_functions.py | 36 +++++++++++++++---------------- 5 files changed, 20 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e6b8858..522491f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - MySQL configuration tuning - Cronjob to optimize MySQL databases weekly - WO-kernel systemd service to automatically apply kernel tweaks on server startup +- Brotli configuration with only well compressible MIME types #### Changed diff --git a/wo/cli/plugins/debug.py b/wo/cli/plugins/debug.py index 1c29c68..6607ecb 100644 --- a/wo/cli/plugins/debug.py +++ b/wo/cli/plugins/debug.py @@ -753,7 +753,7 @@ class WODebugController(CementBaseController): self.debug_fpm73() if self.app.pargs.mysql: # MySQL debug will not work for remote MySQL - if WOVariables.wo_mysql_host is "localhost": + if WOVariables.wo_mysql_host == "localhost": self.debug_mysql() else: Log.warn(self, "Remote MySQL found, WordOps does not support " diff --git a/wo/cli/plugins/import_slow_log.py b/wo/cli/plugins/import_slow_log.py index 4716cad..6e51b51 100644 --- a/wo/cli/plugins/import_slow_log.py +++ b/wo/cli/plugins/import_slow_log.py @@ -1,9 +1,6 @@ from cement.core.controller import CementBaseController, expose from cement.core import handler, hook -from wo.core.shellexec import WOShellExec from wo.core.logging import Log -from wo.core.variables import WOVariables -import os def wo_import_slow_log_hook(app): diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index f478ccb..2e9833d 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -2,7 +2,6 @@ from cement.core.controller import CementBaseController, expose from cement.core import handler, hook -from wo.core.variables import WOVariables from pynginxconfig import NginxConfig from wo.core.aptget import WOAptGet from wo.core.shellexec import WOShellExec @@ -279,7 +278,7 @@ class WOInfoController(CementBaseController): Log.error(self, "PHP 7.3 is not installed") if self.app.pargs.mysql: - if WOShellExec.cmd_exec(self, "mysqladmin ping"): + if WOShellExec.cmd_exec(self, "/usr/bin/mysqladmin ping"): self.info_mysql() else: Log.error(self, "MySQL is not installed") diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 99d399f..cbe6011 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1,25 +1,23 @@ -from wo.cli.plugins.stack import WOStackController -from wo.core.fileutils import WOFileUtils -from wo.core.mysql import * -from wo.core.shellexec import WOShellExec, CommandExecutionError -from wo.core.sslutils import SSL -from wo.core.variables import WOVariables -from wo.cli.plugins.sitedb import * -from wo.core.aptget import WOAptGet -from wo.core.git import WOGit -from wo.core.logging import Log -from wo.core.sendmail import WOSendMail -from wo.core.services import WOService -import subprocess -from subprocess import CalledProcessError -import os -import random -import string -import sys import getpass import glob +import os +import random import re -import platform +import string +import subprocess +from subprocess import CalledProcessError + +from wo.cli.plugins.sitedb import * +from wo.cli.plugins.stack import WOStackController +from wo.core.aptget import WOAptGet +from wo.core.fileutils import WOFileUtils +from wo.core.git import WOGit +from wo.core.logging import Log +from wo.core.mysql import * +from wo.core.services import WOService +from wo.core.shellexec import CommandExecutionError, WOShellExec +from wo.core.sslutils import SSL +from wo.core.variables import WOVariables class SiteError(Exception): From 0d4bf8a4f29ec3505228e5c45327cbe42608f397 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 04:10:47 +0200 Subject: [PATCH 18/83] Remove uneeded import --- wo/cli/plugins/site.py | 4 ---- wo/cli/plugins/sitedb.py | 3 +-- wo/cli/plugins/stack.py | 2 -- wo/cli/plugins/stack_migrate.py | 1 - wo/cli/plugins/stack_upgrade.py | 1 + wo/core/addswap.py | 1 - wo/core/aptget.py | 1 - wo/core/checkfqdn.py | 1 - wo/core/fileutils.py | 3 --- wo/core/mysql.py | 2 -- wo/core/services.py | 4 +--- wo/core/shellexec.py | 2 -- 12 files changed, 3 insertions(+), 22 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 26a0111..4d0f39a 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1,7 +1,6 @@ # """WordOps site controller.""" from cement.core.controller import CementBaseController, expose from cement.core import handler, hook -from wo.core.cron import WOCron from wo.core.sslutils import SSL from wo.core.variables import WOVariables from wo.core.shellexec import WOShellExec @@ -1219,7 +1218,6 @@ class WOSiteUpdateController(CementBaseController): if pargs.dns: data['letsencrypt'] = True letsencrypt = True - pargs.letsencrypt == 'wildcard' else: data['letsencrypt'] = True letsencrypt = True @@ -1239,10 +1237,8 @@ class WOSiteUpdateController(CementBaseController): if pargs.hsts: if pargs.hsts == "on": data['hsts'] = True - hsts = True elif pargs.hsts == "off": data['hsts'] = False - hsts = False if not data: Log.error(self, "Cannot update {0}, Invalid Options" diff --git a/wo/cli/plugins/sitedb.py b/wo/cli/plugins/sitedb.py index 4048b26..0a069a1 100644 --- a/wo/cli/plugins/sitedb.py +++ b/wo/cli/plugins/sitedb.py @@ -5,8 +5,7 @@ from sqlalchemy.ext.declarative import declarative_base from wo.core.logging import Log from wo.core.database import db_session from wo.cli.plugins.models import SiteDB -import sys -import glob + def addNewSite(self, site, stype, cache, path, diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 048daf4..9c52b1c 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -5,9 +5,7 @@ from cement.core.controller import CementBaseController, expose import codecs import configparser -import grp import os -import platform import pwd import random import shutil diff --git a/wo/cli/plugins/stack_migrate.py b/wo/cli/plugins/stack_migrate.py index 38bb394..a81d2b4 100644 --- a/wo/cli/plugins/stack_migrate.py +++ b/wo/cli/plugins/stack_migrate.py @@ -6,7 +6,6 @@ from wo.core.variables import WOVariables from wo.core.aptget import WOAptGet from wo.core.shellexec import WOShellExec from wo.core.apt_repo import WORepo -from wo.core.services import WOService import configparser import os diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 7f3e4f8..4ff5e8c 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -9,6 +9,7 @@ from wo.core.fileutils import WOFileUtils from wo.core.shellexec import WOShellExec from wo.core.extract import WOExtract from wo.core.download import WODownload +from wo.cli.plugins.stack import WOStackController import configparser import os import shutil diff --git a/wo/core/addswap.py b/wo/core/addswap.py index 02df054..ad0c14c 100644 --- a/wo/core/addswap.py +++ b/wo/core/addswap.py @@ -1,5 +1,4 @@ """WordOps Swap Creation""" -from wo.core.variables import WOVariables from wo.core.shellexec import WOShellExec from wo.core.fileutils import WOFileUtils from wo.core.aptget import WOAptGet diff --git a/wo/core/aptget.py b/wo/core/aptget.py index 75e0e11..39b391a 100644 --- a/wo/core/aptget.py +++ b/wo/core/aptget.py @@ -1,6 +1,5 @@ """WordOps package installation using apt-get module.""" import apt -import apt_pkg import sys import subprocess from wo.core.logging import Log diff --git a/wo/core/checkfqdn.py b/wo/core/checkfqdn.py index 9add740..636c211 100644 --- a/wo/core/checkfqdn.py +++ b/wo/core/checkfqdn.py @@ -1,6 +1,5 @@ from wo.core.shellexec import WOShellExec from wo.core.variables import WOVariables -import os def check_fqdn(self, wo_host): diff --git a/wo/core/fileutils.py b/wo/core/fileutils.py index a7a4c29..efc13c6 100644 --- a/wo/core/fileutils.py +++ b/wo/core/fileutils.py @@ -1,9 +1,6 @@ """WordOps file utils core classes.""" import shutil import os -import sys -import glob -import shutil import pwd import fileinput from wo.core.logging import Log diff --git a/wo/core/mysql.py b/wo/core/mysql.py index c289405..e168e85 100644 --- a/wo/core/mysql.py +++ b/wo/core/mysql.py @@ -1,9 +1,7 @@ """WordOps MySQL core classes.""" import pymysql from pymysql import connections, DatabaseError, Error -import configparser from os.path import expanduser -import sys import os from wo.core.logging import Log from wo.core.variables import WOVariables diff --git a/wo/core/services.py b/wo/core/services.py index a6e4c04..e47aca1 100644 --- a/wo/core/services.py +++ b/wo/core/services.py @@ -1,10 +1,8 @@ """WordOps Service Manager""" -import os -import sys import subprocess from subprocess import Popen from wo.core.logging import Log -import pystache + class WOService(): diff --git a/wo/core/shellexec.py b/wo/core/shellexec.py index 77b3dcf..cfb43e1 100644 --- a/wo/core/shellexec.py +++ b/wo/core/shellexec.py @@ -1,7 +1,5 @@ """WordOps Shell Functions""" from wo.core.logging import Log -import os -import sys import subprocess From 6049e72d13131ab4bcdc7de0593d35eca23e66ab Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 04:13:41 +0200 Subject: [PATCH 19/83] Fix wo stack --- wo/cli/plugins/stack_upgrade.py | 1 - 1 file changed, 1 deletion(-) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 4ff5e8c..7f3e4f8 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -9,7 +9,6 @@ from wo.core.fileutils import WOFileUtils from wo.core.shellexec import WOShellExec from wo.core.extract import WOExtract from wo.core.download import WODownload -from wo.cli.plugins.stack import WOStackController import configparser import os import shutil From eed1fa18d509c535bbf4ac5a0ad85b26a7403e62 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 04:23:37 +0200 Subject: [PATCH 20/83] Add debug log --- wo/cli/plugins/site.py | 7 +++++++ wo/cli/plugins/site_functions.py | 13 +++++++++++++ 2 files changed, 20 insertions(+) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 4d0f39a..440c27e 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -48,6 +48,7 @@ class WOSiteController(CementBaseController): self.app.pargs.site_name = (input('Enter site name : ') .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'could not input site name') self.app.pargs.site_name = self.app.pargs.site_name.strip() @@ -86,6 +87,7 @@ class WOSiteController(CementBaseController): .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'could not input site name') self.app.pargs.site_name = self.app.pargs.site_name.strip() (wo_domain, wo_www_domain) = ValidateDomain(self.app.pargs.site_name) @@ -125,6 +127,7 @@ class WOSiteController(CementBaseController): self.app.pargs.site_name = (input('Enter site name : ') .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'could not input site name') self.app.pargs.site_name = self.app.pargs.site_name.strip() (wo_domain, wo_www_domain) = ValidateDomain(self.app.pargs.site_name) @@ -191,6 +194,7 @@ class WOSiteController(CementBaseController): self.app.pargs.site_name = (input('Enter site name : ') .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'could not input site name') # TODO Write code for wo site edit command here self.app.pargs.site_name = self.app.pargs.site_name.strip() @@ -220,6 +224,7 @@ class WOSiteController(CementBaseController): self.app.pargs.site_name = (input('Enter site name : ') .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'Unable to read input, please try again') self.app.pargs.site_name = self.app.pargs.site_name.strip() @@ -258,6 +263,7 @@ class WOSiteEditController(CementBaseController): self.app.pargs.site_name = (input('Enter site name : ') .strip()) except IOError as e: + Log.debug(self, str(e)) Log.error(self, 'Unable to read input, Please try again') self.app.pargs.site_name = self.app.pargs.site_name.strip() @@ -274,6 +280,7 @@ class WOSiteEditController(CementBaseController): WOShellExec.invoke_editor(self, '/etc/nginx/sites-availa' 'ble/{0}'.format(wo_domain)) except CommandExecutionError as e: + Log.debug(self, str(e)) Log.error(self, "Failed invoke editor") if (WOGit.checkfilestatus(self, "/etc/nginx", '/etc/nginx/sites-available/{0}' diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index cbe6011..a1e06c2 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -519,6 +519,7 @@ def setupwordpress(self, data): raise SiteError( "setup WordPress tables failed for single site") except CommandExecutionError as e: + Log.debug(self, str(e)) raise SiteError("setup WordPress tables failed for single site") else: Log.debug(self, "Creating tables for WordPress multisite") @@ -551,6 +552,7 @@ def setupwordpress(self, data): raise SiteError( "setup WordPress tables failed for wp multi site") except CommandExecutionError as e: + Log.debug(self, str(e)) raise SiteError("setup WordPress tables failed for wp multi site") Log.debug(self, "Updating WordPress permalink") @@ -560,6 +562,7 @@ def setupwordpress(self, data): "rewrite structure " "/%year%/%monthnum%/%day%/%postname%/") except CommandExecutionError as e: + Log.debug(self, str(e)) raise SiteError("Update wordpress permalinks failed") """Install nginx-helper plugin """ @@ -640,6 +643,7 @@ def setupwordpressnetwork(self, data): raise SiteError("setup WordPress network failed") except CommandExecutionError as e: + Log.debug(self, str(e)) Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") raise SiteError("setup WordPress network failed") Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") @@ -656,6 +660,7 @@ def installwp_plugin(self, plugin_name, data): "--allow-root install " "{0}".format(plugin_name)) except CommandExecutionError as e: + Log.debug(self, str(e)) raise SiteError("plugin installation failed") try: @@ -810,6 +815,7 @@ def sitebackup(self, data): "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") raise SiteError("mysqldump failed to backup database") except CommandExecutionError as e: + Log.debug(self, str(e)) Log.info(self, "[" + Log.ENDC + "Fail" + Log.OKBLUE + "]") raise SiteError("mysqldump failed to backup database") Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") @@ -1083,6 +1089,7 @@ def updatewpuserpassword(self, wo_domain, wo_site_webroot): " --user_pass={1}" .format(wo_wp_user, wo_wp_pass)) except CommandExecutionError as e: + Log.debug(self, str(e)) raise SiteError("wp user password update command failed") Log.info(self, "Password updated successfully") @@ -1132,6 +1139,7 @@ def logwatch(self, logfiles): print(data[0], data[1], zlib.decompress(base64.decodestring(data[2]))) except Exception as e: + Log.debug(self, str(e)) Log.info(time.time(), 'caught exception rendering a new log line in %s' % filename) @@ -1272,10 +1280,12 @@ def deleteDB(self, dbname, dbuser, dbhost, exit=True): errormsg='Unable to drop database {0}' .format(dbname)) except StatementExcecutionError as e: + Log.debug(self, str(e)) Log.debug(self, "drop database failed") Log.info(self, "Database {0} not dropped".format(dbname)) except MySQLConnectionError as e: + Log.debug(self, str(e)) Log.debug(self, "Mysql Connection problem occured") if dbuser != 'root': @@ -1285,14 +1295,17 @@ def deleteDB(self, dbname, dbuser, dbhost, exit=True): "drop user `{0}`@`{1}`" .format(dbuser, dbhost)) except StatementExcecutionError as e: + Log.debug(self, str(e)) Log.debug(self, "drop database user failed") Log.info(self, "Database {0} not dropped".format(dbuser)) try: WOMysql.execute(self, "flush privileges") except StatementExcecutionError as e: + Log.debug(self, str(e)) Log.debug(self, "drop database failed") Log.info(self, "Database {0} not dropped".format(dbname)) except Exception as e: + Log.debug(self, str(e)) Log.error(self, "Error occured while deleting database", exit) From cf40e7bdce59df666b2769e1d1e7359cca6dbe2e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 04:29:09 +0200 Subject: [PATCH 21/83] Allow stack purge with --all --- wo/cli/plugins/site.py | 1 - wo/cli/plugins/stack.py | 6 ------ 2 files changed, 7 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 440c27e..8cfce53 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1173,7 +1173,6 @@ class WOSiteUpdateController(CementBaseController): Log.error(self, "HTTPS is not configured for given " "site", False) return 0 - pass if pargs.letsencrypt: if pargs.letsencrypt == 'on': diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 9c52b1c..fc08d00 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -2059,24 +2059,18 @@ class WOStackController(CementBaseController): WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php73 - else: - Log.error(self, "Cannot Purge PHP 7.3. not found.") # fail2ban if self.app.pargs.fail2ban: if WOAptGet.is_installed(self, 'fail2ban'): Log.debug(self, "Purge apt_packages variable of Fail2ban") apt_packages = apt_packages + WOVariables.wo_fail2ban - else: - Log.error(self, "Fail2ban not found") # proftpd if self.app.pargs.proftpd: if WOAptGet.is_installed(self, 'proftpd-basic'): Log.debug(self, "Purge apt_packages variable for ProFTPd") apt_packages = apt_packages + ["proftpd-basic"] - else: - Log.error(self, "ProFTPd not found") # WP-CLI if self.app.pargs.wpcli: From 9c0eda38779ebe7f1bba5b4e1b761042c46ad9f4 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 04:36:52 +0200 Subject: [PATCH 22/83] update Travis --- .travis.yml | 1 + CHANGELOG.md | 2 ++ install | 1 - 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8e1ee77..94421b5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -53,3 +53,4 @@ script: - sudo wo stack upgrade --composer --no-prompt - sudo wo update --travis - sudo wo stack status + - echo "yes" | sudo wo stack purge --all diff --git a/CHANGELOG.md b/CHANGELOG.md index 522491f..1f66fd7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,11 +23,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Adminer updated to v4.7.2 - eXtplorer updated to v2.1.13 - Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues +- Several code quality improvements to speed up WordOps execution #### Fixed - Kernel tweaks were not applied without server reboot - Fail2ban standalone install +- `wo stack purge --all` error due to PHP7.3 check ### v3.9.6.2 - 2019-07-24 diff --git a/install b/install index c8079b7..bef8003 100755 --- a/install +++ b/install @@ -713,7 +713,6 @@ if [ -x /usr/local/bin/wo ]; then wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_tweak_kernel | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - wo_git_init | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log else wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 From 5c90b7952bf24789be2c2fa33b24a89b4a52a4f9 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 11:23:23 +0200 Subject: [PATCH 23/83] Add uninstall script --- .travis.yml | 1 + install | 234 +++++++++++++++++++++------------------- wo/cli/plugins/stack.py | 1 + 3 files changed, 127 insertions(+), 109 deletions(-) diff --git a/.travis.yml b/.travis.yml index 94421b5..af3ff73 100644 --- a/.travis.yml +++ b/.travis.yml @@ -54,3 +54,4 @@ script: - sudo wo update --travis - sudo wo stack status - echo "yes" | sudo wo stack purge --all + - sudo bash install --purge diff --git a/install b/install index bef8003..779e648 100755 --- a/install +++ b/install @@ -7,7 +7,7 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.6.3 - 2019-07-25 +# Version 3.9.6.3 - 2019-07-29 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" readonly wo_version_new="3.9.6.3" @@ -73,6 +73,9 @@ while [ "$#" -gt 0 ]; do -s | --silent) wo_force_install="y" ;; + --purge | --uninstall) + wo_purge="y" + ;; *) # positional args ;; esac @@ -620,15 +623,15 @@ wo_git_init() { } wo_backup_ee() { - /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1 + /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1 } wo_backup_wo() { - /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /usr/local/lib/python3.6/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 + /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /usr/local/lib/python3.*/dist-packages/wo-*.egg /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 } wo_clean_ee() { - rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.6/dist-packages/ee-*.egg /etc/ee /var/lib/ee >> /var/log/wo/install.log 2>&1 + rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee >> /var/log/wo/install.log 2>&1 } wo_remove_ee_cron() { @@ -653,14 +656,14 @@ wo_tweak_kernel() { # apply sysctl tweaks sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf if [ ! -x /opt/wo-kernel.sh ]; then - { - # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup - wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache - chmod +x /opt/wo-kernel.sh - wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache - systemctl enable wo-kernel.service - systemctl start wo-kernel.service - } >> /var/log/wo/install.log 2>&1 + { + # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup + wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache + chmod +x /opt/wo-kernel.sh + wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache + systemctl enable wo-kernel.service + systemctl start wo-kernel.service + } >> /var/log/wo/install.log 2>&1 fi fi @@ -672,128 +675,141 @@ wo_tweak_kernel() { } +wo_uninstall() { + rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1 +} + ### # 4 - WO MAIN SETUP ### -# 1 - WO already installed -if [ -x /usr/local/bin/wo ]; then - if ! { - wo -v 2>&1 | grep $wo_version_new - } || [ "$wo_force_install" = "y" ]; then - if [ -z "$wo_force_install" ]; then - echo -e "Update WordOps to $wo_version_new (y/n): " && read -r WO_ANSWER - else - WO_ANSWER="y" - fi - if [ "$WO_ANSWER" = "y" ] || [ "$WO_ANSWER" = "Y" ]; then - wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - wo_install_dep | tee -ai $wo_install_log - wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log - wo_backup_wo | tee -ai $wo_install_log - wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log - secure_wo_db | tee -ai $wo_install_log - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - if [ -f "$HOME/.gitconfig" ]; then - wo_install >> $wo_install_log 2>&1 +if [ $wo_purge = "y" ]; then + wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log + wo_backup_wo | tee -ai $wo_install_log + wo_lib_echo "Uninstalling WordOps" | tee -ai $wo_install_log + wo_uninstall | tee -ai $wo_install_log + wo_lib_echo "The WordOps backup files can be found in $WO_BACKUP_FILE" +else + # 1 - WO already installed + if [ -x /usr/local/bin/wo ]; then + if ! { + wo -v 2>&1 | grep $wo_version_new + } || [ "$wo_force_install" = "y" ]; then + if [ -z "$wo_force_install" ]; then + echo -e "Update WordOps to $wo_version_new (y/n): " && read -r WO_ANSWER else - wo_install | tee -ai $wo_install_log + WO_ANSWER="y" fi - if [ -z "$wo_preserve_config" ]; then - if [ -n "$(command -v nginx)" ]; then - if [ ! -f /etc/nginx/common/release ] || ! grep -q "v3.9.6" /etc/nginx/common/release; then - wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log - wo_upgrade_nginx | tee -ai $wo_install_log + if [ "$WO_ANSWER" = "y" ] || [ "$WO_ANSWER" = "Y" ]; then + wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log + wo_install_dep | tee -ai $wo_install_log + wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log + wo_backup_wo | tee -ai $wo_install_log + wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log + secure_wo_db | tee -ai $wo_install_log + wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log + if [ -f "$HOME/.gitconfig" ]; then + wo_install >> $wo_install_log 2>&1 + else + wo_install | tee -ai $wo_install_log + fi + if [ -z "$wo_preserve_config" ]; then + if [ -n "$(command -v nginx)" ]; then + if [ ! -f /etc/nginx/common/release ] || ! grep -q "v3.9.6" /etc/nginx/common/release; then + wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log + wo_upgrade_nginx | tee -ai $wo_install_log + fi fi fi + wo_update_latest | tee -ai $wo_install_log + wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log + wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log + wo_tweak_kernel | tee -ai $wo_install_log + wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log + wo_update_wp_cli | tee -ai $wo_install_log + else + wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 fi - wo_update_latest | tee -ai $wo_install_log - wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh | tee -ai $wo_install_log - wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel | tee -ai $wo_install_log - wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - wo_update_wp_cli | tee -ai $wo_install_log else - wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 + wo_lib_error "You already have WordOps $wo_version_new, exit status = " 1 fi else - wo_lib_error "You already have WordOps $wo_version_new, exit status = " 1 - fi -else - # 2 - Migration from EEv3 - if [ -x /usr/local/bin/ee ]; then - if [ -z "$wo_force_install" ]; then - echo -e "Migrate from EasyEngine to WordOps (y/n): " && read -r WO_ANSWER + # 2 - Migration from EEv3 + if [ -x /usr/local/bin/ee ]; then + if [ -z "$wo_force_install" ]; then + echo -e "Migrate from EasyEngine to WordOps (y/n): " && read -r WO_ANSWER + else + WO_ANSWER="y" + fi + if [ "$WO_ANSWER" = "y" ] || [ "$WO_ANSWER" = "Y" ]; then + wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log + wo_install_dep | tee -ai $wo_install_log + wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log + wo_backup_ee | tee -ai $wo_install_log + wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log + wo_remove_ee_cron | tee -ai $wo_install_log + wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log + wo_sync_db | tee -ai $wo_install_log + secure_wo_db | tee -ai $wo_install_log + wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log + if [ -f "$HOME/.gitconfig" ]; then + wo_install >> $wo_install_log 2>&1 + else + wo_install | tee -ai $wo_install_log + fi + if [ -n "$(command -v nginx)" ]; then + wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log + wo_upgrade_nginx | tee -ai $wo_install_log + fi + wo_update_latest | tee -ai $wo_install_log + wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log + wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log + wo_tweak_kernel | tee -ai $wo_install_log + wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log + wo_git_init | tee -ai $wo_install_log + wo_update_wp_cli | tee -ai $wo_install_log + wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log + wo_clean_ee | tee -ai $wo_install_log + else + wo_lib_error "Not installing WordOps, exit status = " 1 + fi else - WO_ANSWER="y" - fi - if [ "$WO_ANSWER" = "y" ] || [ "$WO_ANSWER" = "Y" ]; then + # 3 - Fresh WO setup wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log - wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log - wo_backup_ee | tee -ai $wo_install_log - wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log - wo_remove_ee_cron | tee -ai $wo_install_log - wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log - wo_sync_db | tee -ai $wo_install_log - secure_wo_db | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - if [ -f "$HOME/.gitconfig" ]; then - wo_install >> $wo_install_log 2>&1 - else - wo_install | tee -ai $wo_install_log - fi - if [ -n "$(command -v nginx)" ]; then - wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log - wo_upgrade_nginx | tee -ai $wo_install_log - fi - wo_update_latest | tee -ai $wo_install_log - wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh | tee -ai $wo_install_log + wo_install | tee -ai $wo_install_log wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_tweak_kernel | tee -ai $wo_install_log + wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log + secure_wo_db | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log - wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log - wo_clean_ee | tee -ai $wo_install_log - else - wo_lib_error "Not installing WordOps, exit status = " 1 fi - else - # 3 - Fresh WO setup - wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - wo_install_dep | tee -ai $wo_install_log - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install | tee -ai $wo_install_log - wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel | tee -ai $wo_install_log - wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh | tee -ai $wo_install_log - wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - secure_wo_db | tee -ai $wo_install_log - wo_git_init | tee -ai $wo_install_log - wo_update_wp_cli | tee -ai $wo_install_log fi -fi -wo sync | tee -ai $wo_install_log + wo sync | tee -ai $wo_install_log -if [ "$ee_migration" = "1" ]; then + if [ "$ee_migration" = "1" ]; then + echo + wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!" + wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz" + echo + elif [ "$wo_upgrade" = "1" ]; then + wo_lib_echo "WordOps (wo) upgrade to $wo_version_new was succesfull!" + else + wo_lib_echo "WordOps (wo) installed successfully" + fi echo - wo_lib_echo "The migration from EasyEngine to WordOps was succesfull!" - wo_lib_echo "The EasyEngine backup files can be found in /var/lib/wo-backup/ee-backup.tgz" + wo_lib_echo_info "For autocompletion, run the following command:" + wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc" echo -elif [ "$wo_upgrade" = "1" ]; then - wo_lib_echo "WordOps (wo) upgrade to $wo_version_new was succesfull!" -else - wo_lib_echo "WordOps (wo) installed successfully" + wo_lib_echo "WordOps Documentation : https://docs.wordops.net" + wo_lib_echo "WordOps Community Forum : https://community.wordops.net" + echo + fi -echo -wo_lib_echo_info "For autocompletion, run the following command:" -wo_lib_echo_info "source /etc/bash_completion.d/wo_auto.rc" -echo -wo_lib_echo "WordOps Documentation : https://docs.wordops.net" -wo_lib_echo "WordOps Community Forum : https://community.wordops.net" -echo diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index fc08d00..0304fda 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1486,6 +1486,7 @@ class WOStackController(CementBaseController): "/master/mysqltuner.pl", "/usr/bin/mysqltuner", "MySQLTuner"]] + else: Log.debug(self, "MySQL connection is already alive") Log.info(self, "MySQL connection is already alive") From 7d1aec8117187aab769d8312d0b3caca45526b7f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 11:29:45 +0200 Subject: [PATCH 24/83] Fix bahs operator --- install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install b/install index 779e648..ce8a597 100755 --- a/install +++ b/install @@ -683,7 +683,7 @@ wo_uninstall() { # 4 - WO MAIN SETUP ### -if [ $wo_purge = "y" ]; then +if [ "$wo_purge" = "y" ]; then wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log wo_backup_wo | tee -ai $wo_install_log wo_lib_echo "Uninstalling WordOps" | tee -ai $wo_install_log From 4eb327e79b974e9abd1b2b330e623e7865d9daf1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 12:19:54 +0200 Subject: [PATCH 25/83] Remove unused import --- wo/cli/plugins/secure.py | 1 - wo/cli/plugins/site.py | 1 - wo/cli/plugins/sitedb.py | 5 ----- wo/cli/plugins/stack_upgrade.py | 1 - wo/core/nginxhashbucket.py | 1 - 5 files changed, 9 deletions(-) diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index 0df27c9..9f0c27c 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -1,6 +1,5 @@ from cement.core.controller import CementBaseController, expose from cement.core import handler, hook -from wo.core.aptget import WOAptGet from wo.core.shellexec import WOShellExec from wo.core.variables import WOVariables from wo.core.logging import Log diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 8cfce53..a56292c 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -12,7 +12,6 @@ from wo.cli.plugins.sitedb import * from wo.core.git import WOGit from subprocess import Popen from wo.core.nginxhashbucket import hashbucket -import sys import os import glob import subprocess diff --git a/wo/cli/plugins/sitedb.py b/wo/cli/plugins/sitedb.py index 0a069a1..bb7f2e4 100644 --- a/wo/cli/plugins/sitedb.py +++ b/wo/cli/plugins/sitedb.py @@ -1,13 +1,8 @@ -from sqlalchemy import Column, DateTime, String, Integer, Boolean -from sqlalchemy import ForeignKey, func -from sqlalchemy.orm import relationship, backref -from sqlalchemy.ext.declarative import declarative_base from wo.core.logging import Log from wo.core.database import db_session from wo.cli.plugins.models import SiteDB - def addNewSite(self, site, stype, cache, path, enabled=True, ssl=False, fs='ext4', db='mysql', db_name=None, db_user=None, db_password=None, diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 7f3e4f8..b214157 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -9,7 +9,6 @@ from wo.core.fileutils import WOFileUtils from wo.core.shellexec import WOShellExec from wo.core.extract import WOExtract from wo.core.download import WODownload -import configparser import os import shutil diff --git a/wo/core/nginxhashbucket.py b/wo/core/nginxhashbucket.py index a4ec755..921fe1f 100644 --- a/wo/core/nginxhashbucket.py +++ b/wo/core/nginxhashbucket.py @@ -3,7 +3,6 @@ from wo.core.fileutils import WOFileUtils import math import os import fileinput -import re import subprocess From 88f896e42981abb01f2e7f4550a37b8517da5919 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 14:37:28 +0200 Subject: [PATCH 26/83] Fix missing import --- wo/cli/plugins/sitedb.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wo/cli/plugins/sitedb.py b/wo/cli/plugins/sitedb.py index bb7f2e4..9e21e13 100644 --- a/wo/cli/plugins/sitedb.py +++ b/wo/cli/plugins/sitedb.py @@ -1,3 +1,7 @@ +from sqlalchemy import Column, DateTime, String, Integer, Boolean +from sqlalchemy import ForeignKey, func +from sqlalchemy.orm import relationship, backref +from sqlalchemy.ext.declarative import declarative_base from wo.core.logging import Log from wo.core.database import db_session from wo.cli.plugins.models import SiteDB From 4fd9d267bb9719a9f4aeb6658f46535a4dfd7299 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 15:08:49 +0200 Subject: [PATCH 27/83] Add debug log --- wo/cli/plugins/clean.py | 4 ++-- wo/cli/plugins/secure.py | 1 + wo/cli/plugins/stack.py | 3 ++- wo/core/aptget.py | 5 +++++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/wo/cli/plugins/clean.py b/wo/cli/plugins/clean.py index b434815..1a8643b 100644 --- a/wo/cli/plugins/clean.py +++ b/wo/cli/plugins/clean.py @@ -88,8 +88,8 @@ class WOCleanController(CementBaseController): def clean_opcache(self): try: Log.info(self, "Cleaning opcache") - wp = urllib.request.urlopen(" https://127.0.0.1:22222/cache" - "/opcache/opgui.php?reset=1").read() + urllib.request.urlopen(" https://127.0.0.1:22222/cache" + "/opcache/opgui.php?reset=1").read() except Exception as e: Log.debug(self, "{0}".format(e)) Log.debug(self, "Unable hit url, " diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index 9f0c27c..c9a7de6 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -113,6 +113,7 @@ class WOSecureController(CementBaseController): try: user_ip = self.app.pargs.user_input.split(',') except Exception as e: + Log.debug(self, "{0}".format(e)) user_ip = ['127.0.0.1'] for ip_addr in user_ip: if not ("exist_ip_address "+ip_addr in open('/etc/nginx/common/' diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 0304fda..7ac863b 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -176,7 +176,7 @@ class WOStackController(CementBaseController): log=False) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) - Log.error("Failed to initialize MySQL package") + Log.error(self, "Failed to initialize MySQL package") # generate my.cnf root credentials mysql_config = """ [client] @@ -1659,6 +1659,7 @@ class WOStackController(CementBaseController): 'Anemometer'] ] except Exception as e: + Log.debug(self, "{0}".format(e)) pass if (apt_packages) or (packages): diff --git a/wo/core/aptget.py b/wo/core/aptget.py index 39b391a..ce66dff 100644 --- a/wo/core/aptget.py +++ b/wo/core/aptget.py @@ -73,6 +73,7 @@ class WOAptGet(): stdout=sys.stdout).communicate() except Exception as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Unable to check for packages upgrades") def dist_upgrade(self): @@ -104,6 +105,7 @@ class WOAptGet(): "`tail /var/log/wo/wordops.log` " "and please try again...") except Exception as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Error while installing packages, " "apt-get exited with error") @@ -134,6 +136,7 @@ class WOAptGet(): "and please try again...") except Exception as e: + Log.debug(self, "{0}".format(e)) Log.info(self, Log.FAIL + "Oops Something went " "wrong!!") Log.error(self, "Check the WordOps log for more details " @@ -167,6 +170,7 @@ class WOAptGet(): "and please try again...") except Exception as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Error while installing packages, " "apt-get exited with error") @@ -243,5 +247,6 @@ class WOAptGet(): WORepo.remove(self, repo_url=repo_url) return False except Exception as e: + Log.debug(self, "{0}".format(e)) Log.error(self, "Error while downloading packages, " "apt-get exited with error") From 4417262a3dd2bc5f31c960040590b98096bc66bf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 15:38:16 +0200 Subject: [PATCH 28/83] Fix plugin data --- wo/cli/plugins/site_functions.py | 80 ++++++++++++++++---------------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index a1e06c2..0e1b147 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -568,47 +568,47 @@ def setupwordpress(self, data): """Install nginx-helper plugin """ installwp_plugin(self, 'nginx-helper', data) if data['wpfc']: - plugin_data = '{"log_level":"INFO","log_filesize":5,' - '"enable_purge":1,"enable_map":0,' - '"enable_log":0,"enable_stamp":0,' - '"purge_homepage_on_new":1,' - '"purge_homepage_on_edit":1,' - '"purge_homepage_on_del":1,' - '"purge_archive_on_new":1,' - '"purge_archive_on_edit":0,' - '"purge_archive_on_del":0,' - '"purge_archive_on_new_comment":0,' - '"purge_archive_on_deleted_comment":0,' - '"purge_page_on_mod":1,' - '"purge_page_on_new_comment":1,' - '"purge_page_on_deleted_comment":1,' - '"cache_method":"enable_fastcgi",' - '"purge_method":"get_request",' - '"redis_hostname":"127.0.0.1",' - '"redis_port":"6379",' - '"redis_prefix":"nginx-cache:"}' - setupwp_plugin(self, 'nginx-helper', - 'rt_wp_nginx_helper_options', plugin_data, data) + plugin_data = "{\"log_level\":\"INFO\",\"log_filesize\":5," + "\"enable_purge\":1,\"enable_map\":0," + "\"enable_log\":0,\"enable_stamp\":0," + "\"purge_homepage_on_new\":1," + "\"purge_homepage_on_edit\":1," + "\"purge_homepage_on_del\":1," + "\"purge_archive_on_new\":1," + "\"purge_archive_on_edit\":0," + "\"purge_archive_on_del\":0," + "\"purge_archive_on_new_comment\":0," + "\"purge_archive_on_deleted_comment\":0," + "\"purge_page_on_mod\":1," + "\"purge_page_on_new_comment\":1," + "\"purge_page_on_deleted_comment\":1," + "\"cache_method\":\"enable_fastcgi\"," + "\"purge_method\":\"get_request\"," + "\"redis_hostname\":\"127.0.0.1\"," + "\"redis_port\":\"6379\"," + "\"redis_prefix\":\"nginx-cache:\"}" + setupwp_plugin(self, "nginx-helper", + "rt_wp_nginx_helper_options", plugin_data, data) elif data['wpredis']: - plugin_data = '{"log_level":"INFO","log_filesize":5,' - '"enable_purge":1,"enable_map":0,' - '"enable_log":0,"enable_stamp":0,' - '"purge_homepage_on_new":1,' - '"purge_homepage_on_edit":1,' - '"purge_homepage_on_del":1,' - '"purge_archive_on_new":1,' - '"purge_archive_on_edit":0,' - '"purge_archive_on_del":0,' - '"purge_archive_on_new_comment":0,' - '"purge_archive_on_deleted_comment":0,' - '"purge_page_on_mod":1,' - '"purge_page_on_new_comment":1,' - '"purge_page_on_deleted_comment":1,' - '"cache_method":"enable_redis",' - '"purge_method":"get_request",' - '"redis_hostname":"127.0.0.1",' - '"redis_port":"6379",' - '"redis_prefix":"nginx-cache:"}' + plugin_data = "{\"log_level\":\"INFO\",\"log_filesize\":5," + "\"enable_purge\":1,\"enable_map\":0," + "\"enable_log\":0,\"enable_stamp\":0," + "\"purge_homepage_on_new\":1," + "\"purge_homepage_on_edit\":1," + "\"purge_homepage_on_del\":1," + "\"purge_archive_on_new\":1," + "\"purge_archive_on_edit\":0," + "\"purge_archive_on_del\":0," + "\"purge_archive_on_new_comment\":0," + "\"purge_archive_on_deleted_comment\":0," + "\"purge_page_on_mod\":1," + "\"purge_page_on_new_comment\":1," + "\"purge_page_on_deleted_comment\":1," + "\"cache_method\":\"enable_redis\"," + "\"purge_method\":\"get_request\"," + "\"redis_hostname\":\"127.0.0.1\"," + "\"redis_port\":\"6379\"," + "\"redis_prefix\":\"nginx-cache:\"}" setupwp_plugin(self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) From c016ca6bf7127b517d34fa6b172a40d22c9d863b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 15:56:50 +0200 Subject: [PATCH 29/83] Fix plugin data import --- wo/cli/plugins/site_functions.py | 33 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 0e1b147..5c4087b 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -590,25 +590,20 @@ def setupwordpress(self, data): setupwp_plugin(self, "nginx-helper", "rt_wp_nginx_helper_options", plugin_data, data) elif data['wpredis']: - plugin_data = "{\"log_level\":\"INFO\",\"log_filesize\":5," - "\"enable_purge\":1,\"enable_map\":0," - "\"enable_log\":0,\"enable_stamp\":0," - "\"purge_homepage_on_new\":1," - "\"purge_homepage_on_edit\":1," - "\"purge_homepage_on_del\":1," - "\"purge_archive_on_new\":1," - "\"purge_archive_on_edit\":0," - "\"purge_archive_on_del\":0," - "\"purge_archive_on_new_comment\":0," - "\"purge_archive_on_deleted_comment\":0," - "\"purge_page_on_mod\":1," - "\"purge_page_on_new_comment\":1," - "\"purge_page_on_deleted_comment\":1," - "\"cache_method\":\"enable_redis\"," - "\"purge_method\":\"get_request\"," - "\"redis_hostname\":\"127.0.0.1\"," - "\"redis_port\":\"6379\"," - "\"redis_prefix\":\"nginx-cache:\"}" + plugin_data = ('{"enable_purge":"1","cache_method":"enable_redis",' + '"purge_method":"get_request","enable_map":null,' + '"enable_log":null,"log_level":"INFO","log_filesize":' + '"5","enable_stamp":"1","purge_homepage_on_edit":"1",' + '"purge_homepage_on_del":"1","purge_archive_on_edit":' + '"1","purge_archive_on_del":"1","purge_archive_on_' + 'new_comment":null,"purge_archive_on_deleted_comment"' + ':null,"purge_page_on_mod":"1",' + '"purge_page_on_new_comment"' + ':"1","purge_page_on_deleted_comment":"1",' + '"redis_hostname":"127.0.0.1",' + '"redis_port":"6379","redis_prefix":' + '"nginx-cache:","purge_url":"",' + '"redis_enabled_by_constant":0}') setupwp_plugin(self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) From 412d8c6866f74ab391990dfa38957fd9081f8429 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:08:49 +0200 Subject: [PATCH 30/83] Fix plugin data import with json.dump --- wo/cli/plugins/site_functions.py | 80 +++++++++++++++++++------------- 1 file changed, 47 insertions(+), 33 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 5c4087b..57742c3 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -2,6 +2,7 @@ import getpass import glob import os import random +import json import re import string import subprocess @@ -568,42 +569,55 @@ def setupwordpress(self, data): """Install nginx-helper plugin """ installwp_plugin(self, 'nginx-helper', data) if data['wpfc']: - plugin_data = "{\"log_level\":\"INFO\",\"log_filesize\":5," - "\"enable_purge\":1,\"enable_map\":0," - "\"enable_log\":0,\"enable_stamp\":0," - "\"purge_homepage_on_new\":1," - "\"purge_homepage_on_edit\":1," - "\"purge_homepage_on_del\":1," - "\"purge_archive_on_new\":1," - "\"purge_archive_on_edit\":0," - "\"purge_archive_on_del\":0," - "\"purge_archive_on_new_comment\":0," - "\"purge_archive_on_deleted_comment\":0," - "\"purge_page_on_mod\":1," - "\"purge_page_on_new_comment\":1," - "\"purge_page_on_deleted_comment\":1," - "\"cache_method\":\"enable_fastcgi\"," - "\"purge_method\":\"get_request\"," - "\"redis_hostname\":\"127.0.0.1\"," - "\"redis_port\":\"6379\"," - "\"redis_prefix\":\"nginx-cache:\"}" + plugin_data_object = {"log_level": "INFO", + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_fastcgi", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} + plugin_data = json.dumps(plugin_data_object) setupwp_plugin(self, "nginx-helper", "rt_wp_nginx_helper_options", plugin_data, data) elif data['wpredis']: - plugin_data = ('{"enable_purge":"1","cache_method":"enable_redis",' - '"purge_method":"get_request","enable_map":null,' - '"enable_log":null,"log_level":"INFO","log_filesize":' - '"5","enable_stamp":"1","purge_homepage_on_edit":"1",' - '"purge_homepage_on_del":"1","purge_archive_on_edit":' - '"1","purge_archive_on_del":"1","purge_archive_on_' - 'new_comment":null,"purge_archive_on_deleted_comment"' - ':null,"purge_page_on_mod":"1",' - '"purge_page_on_new_comment"' - ':"1","purge_page_on_deleted_comment":"1",' - '"redis_hostname":"127.0.0.1",' - '"redis_port":"6379","redis_prefix":' - '"nginx-cache:","purge_url":"",' - '"redis_enabled_by_constant":0}') + plugin_data_object = {"log_level": "INFO", + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_redis", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} + plugin_data = json.dumps(plugin_data_object) setupwp_plugin(self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) From 1c0cc56fc4db137787c5f777cb1e3e998cd52381 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:23:39 +0200 Subject: [PATCH 31/83] Final fix for plugin data import in json --- CHANGELOG.md | 1 + wo/cli/plugins/site.py | 114 +++++++++++++++++++++++++---------------- 2 files changed, 71 insertions(+), 44 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1f66fd7..1b18282 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,6 +30,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Kernel tweaks were not applied without server reboot - Fail2ban standalone install - `wo stack purge --all` error due to PHP7.3 check +- Nginx helper configuration during plugin install for Nginx fastcgi_cache and redis-cache ### v3.9.6.2 - 2019-07-24 diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index a56292c..b73da30 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -15,6 +15,7 @@ from wo.core.nginxhashbucket import hashbucket import os import glob import subprocess +import json def wo_site_hook(app): @@ -1480,21 +1481,29 @@ class WOSiteUpdateController(CementBaseController): (data['wpfc'])) or (oldsitetype == 'wp' and data['multisite'] and data['wpfc'])): try: - plugin_data = '{"log_level":"INFO","log_filesize":5,' - '"enable_purge":1,"enable_map":0,"enable_log":0,' - '"enable_stamp":0,"purge_homepage_on_new":1,' - '"purge_homepage_on_edit":1,"purge_homepage_on_del":1,' - '"purge_archive_on_new":1,"purge_archive_on_edit":0,' - '"purge_archive_on_del":0,' - '"purge_archive_on_new_comment":0,' - '"purge_archive_on_deleted_comment":0,' - '"purge_page_on_mod":1,' - '"purge_page_on_new_comment":1,' - '"purge_page_on_deleted_comment":1,' - '"cache_method":"enable_fastcgi",' - '"purge_method":"get_request",' - '"redis_hostname":"127.0.0.1","redis_port":"6379",' - '"redis_prefix":"nginx-cache:"}' + plugin_data_object = {"log_level": "INFO", + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_fastcgi", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} + plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) @@ -1512,21 +1521,29 @@ class WOSiteUpdateController(CementBaseController): data['multisite'] and data['wpredis'])): try: - plugin_data = '{"log_level":"INFO","log_filesize":5,' - '"enable_purge":1,"enable_map":0,"enable_log":0,' - '"enable_stamp":0,"purge_homepage_on_new":1,' - '"purge_homepage_on_edit":1,"purge_homepage_on_del":1,' - '"purge_archive_on_new":1,"purge_archive_on_edit":0,' - '"purge_archive_on_del":0,' - '"purge_archive_on_new_comment":0,' - '"purge_archive_on_deleted_comment":0,' - '"purge_page_on_mod":1,' - '"purge_page_on_new_comment":1,' - '"purge_page_on_deleted_comment":1,' - '"cache_method":"enable_redis",' - '"purge_method":"get_request",' - '"redis_hostname":"127.0.0.1","redis_port":"6379",' - '"redis_prefix":"nginx-cache:"}' + plugin_data_object = {"log_level": "INFO", + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_redis", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} + plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) @@ -1540,20 +1557,29 @@ class WOSiteUpdateController(CementBaseController): return 1 else: try: - plugin_data = '{"log_level":"INFO","log_filesize":5,' - '"enable_purge":0,"enable_map":0,"enable_log":0,' - '"enable_stamp":0,"purge_homepage_on_new":1,' - '"purge_homepage_on_edit":1,"purge_homepage_on_del":1,' - '"purge_archive_on_new":1,"purge_archive_on_edit":0,' - '"purge_archive_on_del":0,' - '"purge_archive_on_new_comment":0,' - '"purge_archive_on_deleted_comment":0,' - '"purge_page_on_mod":1,"purge_page_on_new_comment":1,' - '"purge_page_on_deleted_comment":1,' - '"cache_method":"enable_redis",' - '"purge_method":"get_request",' - '"redis_hostname":"127.0.0.1",' - '"redis_port":"6379","redis_prefix":"nginx-cache:"}' + plugin_data_object = {"log_level": "INFO", + "log_filesize": 5, + "enable_purge": 0, + "enable_map": 0, + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_redis", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} + plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', 'rt_wp_nginx_helper_options', plugin_data, data) From 0f4f13f19ffda8c0ad36001fc1a7fd197aa70214 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:25:57 +0200 Subject: [PATCH 32/83] Remove add WP_CACHE_KEY_SALT in wo site update * variable already set by default for all wp sites --- wo/cli/plugins/site.py | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index b73da30..1b10b10 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1624,35 +1624,6 @@ class WOSiteUpdateController(CementBaseController): "`tail /var/log/wo/wordops.log` and please try again") return 1 - if oldcachetype != 'wpredis' and data['wpredis']: - try: - if installwp_plugin(self, 'redis-cache', data): - # add WP_CACHE_KEY_SALT if not already set - try: - Log.debug(self, "Updating wp-config.php.") - WOShellExec.cmd_exec(self, - "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set --add " - "WP_CACHE_KEY_SALT " - "\'{0}:\' --path={1}\"" - .format(wo_domain, - wo_site_webroot)) - except IOError as e: - Log.debug(self, str(e)) - Log.debug(self, "Updating wp-config.php failed.") - Log.warn(self, "Updating wp-config.php failed. " - "Could not append:" - "\ndefine( \'WP_CACHE_KEY_SALT\', " - "\'{0}:\' );".format(wo_domain) + - "\nPlease add manually") - except SiteError as e: - Log.debug(self, str(e)) - Log.info(self, Log.FAIL + "Update site failed." - "Check the log for details: " - "`tail /var/log/wo/wordops.log` and please try again") - return 1 - # Service Nginx Reload if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " From 246bc1257b0391aa468ea8062c4939189eb79af2 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:27:33 +0200 Subject: [PATCH 33/83] Remove usless import and exception variable --- setup.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/setup.py b/setup.py index c1efb3d..c2b96ff 100644 --- a/setup.py +++ b/setup.py @@ -1,6 +1,5 @@ from setuptools import setup, find_packages -import sys import os import glob import configparser @@ -32,7 +31,7 @@ config.read(os.path.expanduser("~")+'/.gitconfig') try: wo_user = config['user']['name'] wo_email = config['user']['email'] -except Exception as e: +except Exception: print("WordOps (wo) require an username & and an email " "address to configure Git (used to save server configurations)") print("Your informations will ONLY be stored locally") From d012472fce000834495b463ecd819946b1febd5e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:47:36 +0200 Subject: [PATCH 34/83] Avoid storing credentials in debug logs --- wo/cli/plugins/site_functions.py | 43 ++++++++++++++------------------ 1 file changed, 19 insertions(+), 24 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 57742c3..ce0d339 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -153,8 +153,7 @@ def setupdatabase(self, data): try: wo_db_name = input('Enter the MySQL database name [{0}]: ' .format(wo_replace_dot)) - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("Unable to input database name") if not wo_db_name: @@ -167,8 +166,7 @@ def setupdatabase(self, data): wo_db_password = getpass.getpass(prompt='Enter the MySQL database' ' password [{0}]: ' .format(wo_random)) - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("Unable to input database credentials") if not wo_db_username: @@ -189,13 +187,13 @@ def setupdatabase(self, data): Log.debug(self, "Database already exists, Updating DB_NAME .. ") wo_db_name = (wo_db_name[0:6] + generate_random()) wo_db_username = (wo_db_name[0:6] + generate_random()) - except MySQLConnectionError as e: + except MySQLConnectionError: raise SiteError("MySQL Connectivity problem occured") try: WOMysql.execute(self, "create database `{0}`" .format(wo_db_name)) - except StatementExcecutionError as e: + except StatementExcecutionError: Log.info(self, "[" + Log.ENDC + Log.FAIL + "Failed" + Log.OKBLUE + "]") raise SiteError("create database execution failed") # Create MySQL User @@ -207,7 +205,7 @@ def setupdatabase(self, data): "create user `{0}`@`{1}` identified by '{2}'" .format(wo_db_username, wo_mysql_grant_host, wo_db_password), log=False) - except StatementExcecutionError as e: + except StatementExcecutionError: Log.info(self, "[" + Log.ENDC + Log.FAIL + "Failed" + Log.OKBLUE + "]") raise SiteError("creating user failed for database") @@ -218,7 +216,7 @@ def setupdatabase(self, data): "grant all privileges on `{0}`.* to `{1}`@`{2}`" .format(wo_db_name, wo_db_username, wo_mysql_grant_host)) - except StatementExcecutionError as e: + except StatementExcecutionError: Log.info(self, "[" + Log.ENDC + Log.FAIL + "Failed" + Log.OKBLUE + "]") SiteError("grant privileges to user failed for database ") @@ -264,7 +262,7 @@ def setupwordpress(self, data): Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") raise SiteError("download WordPress core failed") - except CommandExecutionError as e: + except CommandExecutionError: Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") raise SiteError(self, "download WordPress core failed") @@ -280,8 +278,7 @@ def setupwordpress(self, data): "contain numbers, letters, and underscores") wo_wp_prefix = input('Enter the WordPress table prefix [wp_]: ' ) - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("input table prefix failed") if not wo_wp_prefix: @@ -324,7 +321,7 @@ def setupwordpress(self, data): pass else: raise SiteError("generate wp-config failed for wp single site") - except CommandExecutionError as e: + except CommandExecutionError: raise SiteError("generate wp-config failed for wp single site") try: @@ -363,6 +360,7 @@ def setupwordpress(self, data): "minor\"") except CommandExecutionError as e: + Log.debug(self, str(e)) Log.error(self, "Unable to define extra variable in wp-config.php") else: @@ -423,7 +421,7 @@ def setupwordpress(self, data): WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set CONCATENATE_SCRIPTS " - "false\"") + "false --raw\"") WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_POST_REVISIONS " @@ -431,7 +429,7 @@ def setupwordpress(self, data): WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set MEDIA_TRASH " - "true\"") + "true --raw\"") WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set EMPTY_TRASH_DAYS " @@ -442,6 +440,7 @@ def setupwordpress(self, data): "minor\"") except CommandExecutionError as e: + Log.debug(self, str(e)) Log.error(self, "Unable to define extra variable in wp-config.php") # WOFileUtils.mvfile(self, os.getcwd()+'/wp-config.php', @@ -456,6 +455,7 @@ def setupwordpress(self, data): shutil.move(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir))) except Exception as e: + Log.debug(self, str(e)) Log.error(self, 'Unable to move file from {0} to {1}' .format(os.getcwd()+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), @@ -470,8 +470,7 @@ def setupwordpress(self, data): "periods and the @ symbol.") try: wo_wp_user = input('Enter WordPress username: ') - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("input WordPress username failed") if not wo_wp_pass: wo_wp_pass = wo_random @@ -481,8 +480,7 @@ def setupwordpress(self, data): while not wo_wp_email: try: wo_wp_email = input('Enter WordPress email: ') - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("input WordPress username failed") try: @@ -491,8 +489,7 @@ def setupwordpress(self, data): Log.info(self, "EMail not Valid in config, " "Please provide valid email id") wo_wp_email = input("Enter your email: ") - except EOFError as e: - Log.debug(self, "{0}".format(e)) + except EOFError: raise SiteError("input WordPress user email failed") Log.debug(self, "Setting up WordPress tables") @@ -519,8 +516,7 @@ def setupwordpress(self, data): else: raise SiteError( "setup WordPress tables failed for single site") - except CommandExecutionError as e: - Log.debug(self, str(e)) + except CommandExecutionError: raise SiteError("setup WordPress tables failed for single site") else: Log.debug(self, "Creating tables for WordPress multisite") @@ -552,8 +548,7 @@ def setupwordpress(self, data): else: raise SiteError( "setup WordPress tables failed for wp multi site") - except CommandExecutionError as e: - Log.debug(self, str(e)) + except CommandExecutionError: raise SiteError("setup WordPress tables failed for wp multi site") Log.debug(self, "Updating WordPress permalink") From ca0bb4856a8637ddef9049a2eb92918bd9196a98 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:48:28 +0200 Subject: [PATCH 35/83] Set true and false as raw variable in wp-config --- wo/cli/plugins/site_functions.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index ce0d339..df0f94c 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -341,7 +341,7 @@ def setupwordpress(self, data): WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set CONCATENATE_SCRIPTS " - "false\"") + "false --raw\"") WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set WP_POST_REVISIONS " @@ -349,7 +349,7 @@ def setupwordpress(self, data): WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set MEDIA_TRASH " - "true\"") + "true --raw\"") WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " .format(WOVariables.wo_wpcli_path) + "config set EMPTY_TRASH_DAYS " From 46d95ba84ea39fab49136d3e47c7139513eadaa1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 16:50:32 +0200 Subject: [PATCH 36/83] Remove duplicate part --- wo/cli/plugins/site_functions.py | 114 ++++++++++--------------------- 1 file changed, 37 insertions(+), 77 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index df0f94c..5fb137e 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -323,46 +323,6 @@ def setupwordpress(self, data): raise SiteError("generate wp-config failed for wp single site") except CommandExecutionError: raise SiteError("generate wp-config failed for wp single site") - try: - - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_CACHE_KEY_SALT " - "\'{0}:\'\"".format(wo_domain_name)) - - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_MEMORY_LIMIT " - "\'128M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_MAX_MEMORY_LIMIT " - "\'256M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set CONCATENATE_SCRIPTS " - "false --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_POST_REVISIONS " - "\'10\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set MEDIA_TRASH " - "true --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set EMPTY_TRASH_DAYS " - "\'15\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_AUTO_UPDATE_CORE " - "minor\"") - - except CommandExecutionError as e: - Log.debug(self, str(e)) - Log.error(self, "Unable to define extra variable in wp-config.php") - else: Log.debug(self, "Generating wp-config for WordPress multisite") Log.debug(self, "bash -c \"php {0} --allow-root " @@ -400,48 +360,48 @@ def setupwordpress(self, data): pass else: raise SiteError("generate wp-config failed for wp multi site") - except CommandExecutionError as e: + except CommandExecutionError: raise SiteError("generate wp-config failed for wp multi site") - try: + try: - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_CACHE_KEY_SALT " - "\'{0}:\'\"".format(wo_domain_name)) + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_CACHE_KEY_SALT " + "\'{0}:\'\"".format(wo_domain_name)) - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_MEMORY_LIMIT " - "\'128M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_MAX_MEMORY_LIMIT " - "\'256M\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set CONCATENATE_SCRIPTS " - "false --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_POST_REVISIONS " - "\'10\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set MEDIA_TRASH " - "true --raw\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set EMPTY_TRASH_DAYS " - "\'15\'\"") - WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " - .format(WOVariables.wo_wpcli_path) + - "config set WP_AUTO_UPDATE_CORE " - "minor\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_MEMORY_LIMIT " + "\'128M\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_MAX_MEMORY_LIMIT " + "\'256M\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set CONCATENATE_SCRIPTS " + "false --raw\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_POST_REVISIONS " + "\'10\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set MEDIA_TRASH " + "true --raw\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set EMPTY_TRASH_DAYS " + "\'15\'\"") + WOShellExec.cmd_exec(self, "bash -c \"php {0} --allow-root " + .format(WOVariables.wo_wpcli_path) + + "config set WP_AUTO_UPDATE_CORE " + "minor\"") - except CommandExecutionError as e: - Log.debug(self, str(e)) - Log.error(self, "Unable to define extra variable in wp-config.php") + except CommandExecutionError as e: + Log.debug(self, str(e)) + Log.error(self, "Unable to define extra variable in wp-config.php") # WOFileUtils.mvfile(self, os.getcwd()+'/wp-config.php', # os.path.abspath(os.path.join(os.getcwd(), os.pardir))) From fad2e6c8a8ed80baf06c1109c38e92fe71589345 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 18:40:42 +0200 Subject: [PATCH 37/83] Fix site_url_https function --- wo/cli/plugins/site.py | 2 +- wo/cli/plugins/site_functions.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 1b10b10..49c8a71 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -778,7 +778,7 @@ class WOSiteCreateController(CementBaseController): msg="Adding letsencrypts config of site: {0}" .format(wo_domain)) updateSiteInfo(self, wo_domain, ssl=letsencrypt) - site_url_https(self, wo_domain, wo_site_webroot) + site_url_https(self, data) elif data['letsencrypt'] is False: Log.info(self, "Not using Let\'s encrypt for Site " " http://{0}".format(wo_domain)) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 5fb137e..787d655 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -650,7 +650,7 @@ def site_url_https(self, data): WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) test_site_url = WOShellExec.cmd_exec(self, "php {0} option get siteurl " .format(WOVariables.wo_wpcli_path) + - "--allow-root --quiet").split("://") + "--allow-root --quiet").split(":") if not test_site_url[0] == "https": try: WOShellExec.cmd_exec(self, "php {0} option update siteurl " From 6cbfa70764e676f1a6bd3c02e597edb6c788cd72 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 22:00:10 +0200 Subject: [PATCH 38/83] Fix site_url_https --- wo/cli/plugins/site.py | 18 ++-------- wo/cli/plugins/site_functions.py | 57 +++++++++++++++++--------------- 2 files changed, 32 insertions(+), 43 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 49c8a71..45c6cf0 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -766,6 +766,7 @@ class WOSiteCreateController(CementBaseController): if self.app.pargs.hsts: setupHsts(self, wo_domain) + site_url_https(self, wo_domain) if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") @@ -778,7 +779,6 @@ class WOSiteCreateController(CementBaseController): msg="Adding letsencrypts config of site: {0}" .format(wo_domain)) updateSiteInfo(self, wo_domain, ssl=letsencrypt) - site_url_https(self, data) elif data['letsencrypt'] is False: Log.info(self, "Not using Let\'s encrypt for Site " " http://{0}".format(wo_domain)) @@ -1219,18 +1219,6 @@ class WOSiteUpdateController(CementBaseController): data['php73'] = False php73 = False - if pargs.letsencrypt == "on": - if oldsitetype in ['wpsubdomain']: - if pargs.dns: - data['letsencrypt'] = True - letsencrypt = True - else: - data['letsencrypt'] = True - letsencrypt = True - else: - data['letsencrypt'] = True - letsencrypt = True - if pargs.wpredis and data['currcachetype'] != 'wpredis': data['wpredis'] = True data['basic'] = False @@ -1318,6 +1306,7 @@ class WOSiteUpdateController(CementBaseController): '{0}/conf/nginx/ssl.conf' .format(wo_site_webroot)) + site_url_https(self, wo_domain) if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") @@ -1333,9 +1322,6 @@ class WOSiteUpdateController(CementBaseController): Log.warn( self, "Your cert already EXPIRED ! " ".PLEASE renew soon . ") - # change site url to https - if data['wp'] is True: - site_url_https(self, data) elif data['letsencrypt'] is False: if self.app.pargs.letsencrypt == "off": diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 787d655..439e2ab 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -643,33 +643,6 @@ def installwp_plugin(self, plugin_name, data): return 1 -def site_url_https(self, data): - wo_site_webroot = data['webroot'] - wo_domain_name = data['site_name'] - Log.info(self, "Checking if site url already use https, please wait...") - WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) - test_site_url = WOShellExec.cmd_exec(self, "php {0} option get siteurl " - .format(WOVariables.wo_wpcli_path) + - "--allow-root --quiet").split(":") - if not test_site_url[0] == "https": - try: - WOShellExec.cmd_exec(self, "php {0} option update siteurl " - "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain_name)) - WOShellExec.cmd_exec(self, "php {0} option update home " - "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain_name)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - raise SiteError("plugin activation failed") - Log.info( - self, "Site address updated " - "successfully to https://{0}".format(wo_domain_name)) - else: - Log.info( - self, "Site address was already using https") - - def uninstallwp_plugin(self, plugin_name, data): wo_site_webroot = data['webroot'] Log.debug(self, "Uninstalling plugin {0}, please wait..." @@ -1338,6 +1311,35 @@ def removeAcmeConf(self, domain): .format(domain)) +def site_url_https(self, wo_domain): + if os.path.isfile('/var/www/{0}/wp-config.php'): + wo_site_webroot = ('/var/www/{0}'.format(wo_domain)) + Log.info(self, "Checking if site url already use https, please wait...") + WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) + siteurl = WOShellExec.cmd_exec(self, + "php {0} option get siteurl " + .format(WOVariables.wo_wpcli_path) + + "--allow-root --quiet") + test_https = re.split(":", siteurl) + if not test_https[0] == 'https': + try: + WOShellExec.cmd_exec(self, "php {0} option update siteurl " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + WOShellExec.cmd_exec(self, "php {0} option update home " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + raise SiteError("plugin activation failed") + Log.info( + self, "Site address updated " + "successfully to https://{0}".format(wo_domain)) + else: + Log.info( + self, "Site address was already using https") + + def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', dbhost=''): """ @@ -1568,6 +1570,7 @@ def httpsRedirect(self, wo_domain_name, redirect=True, wildcard=False): Log.debug(self, "Error occured while generating " "/etc/nginx/conf.d/force-ssl-{0}.conf" .format(wo_domain_name)) + else: try: Log.info( From a901cfbc5ce7cfe928da1cd071f85ada4b4653e7 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 29 Jul 2019 23:02:17 +0200 Subject: [PATCH 39/83] Another fix for site_url_https --- wo/cli/plugins/site_functions.py | 45 ++++++++++++++++---------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 439e2ab..2a9996b 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1314,30 +1314,31 @@ def removeAcmeConf(self, domain): def site_url_https(self, wo_domain): if os.path.isfile('/var/www/{0}/wp-config.php'): wo_site_webroot = ('/var/www/{0}'.format(wo_domain)) - Log.info(self, "Checking if site url already use https, please wait...") + Log.info(self, "Checking if site url already " + "use https, please wait...") WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) - siteurl = WOShellExec.cmd_exec(self, - "php {0} option get siteurl " - .format(WOVariables.wo_wpcli_path) + - "--allow-root --quiet") - test_https = re.split(":", siteurl) - if not test_https[0] == 'https': - try: - WOShellExec.cmd_exec(self, "php {0} option update siteurl " - "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) - WOShellExec.cmd_exec(self, "php {0} option update home " - "\"https://{1}\" --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) + wo_siteurl = WOShellExec.cmd_exec(self, + "php {0} option get siteurl " + .format(WOVariables.wo_wpcli_path) + + "--allow-root --quiet") + test_url = re.split(":", wo_siteurl) + if not (test_url[0] == 'https'): + try: + WOShellExec.cmd_exec(self, "php {0} option update siteurl " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + WOShellExec.cmd_exec(self, "php {0} option update home " + "\"https://{1}\" --allow-root".format( + WOVariables.wo_wpcli_path, wo_domain)) + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) raise SiteError("plugin activation failed") - Log.info( - self, "Site address updated " - "successfully to https://{0}".format(wo_domain)) - else: - Log.info( - self, "Site address was already using https") + Log.info( + self, "Site address updated " + "successfully to https://{0}".format(wo_domain)) + else: + Log.info( + self, "Site address was already using https") def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', From 452dc81c90627d912dacd5ea7845a03deccfff57 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 11:34:27 +0200 Subject: [PATCH 40/83] Proftpd TLS configuration --- CHANGELOG.md | 2 ++ wo/cli/plugins/site_functions.py | 4 +-- wo/cli/plugins/stack.py | 43 +++++++++++++++++++++++++++ wo/cli/templates/proftpd-tls.mustache | 12 ++++++++ 4 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 wo/cli/templates/proftpd-tls.mustache diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b18282..140b9f7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - MySQL configuration tuning - Cronjob to optimize MySQL databases weekly - WO-kernel systemd service to automatically apply kernel tweaks on server startup +- Proftpd stack now secured with TLS +- New Nginx package built with Brotli from operating system libraries - Brotli configuration with only well compressible MIME types #### Changed diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 2a9996b..f5c3070 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1325,10 +1325,10 @@ def site_url_https(self, wo_domain): if not (test_url[0] == 'https'): try: WOShellExec.cmd_exec(self, "php {0} option update siteurl " - "\"https://{1}\" --allow-root".format( + "\'https://{1}\' --allow-root".format( WOVariables.wo_wpcli_path, wo_domain)) WOShellExec.cmd_exec(self, "php {0} option update home " - "\"https://{1}\" --allow-root".format( + "\'https://{1}\' --allow-root".format( WOVariables.wo_wpcli_path, wo_domain)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 7ac863b..bb5efe3 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1042,6 +1042,49 @@ class WOStackController(CementBaseController): "PassivePorts " " " " 49000 50000") + # proftpd TLS configuration + if not os.path.isdir("/etc/proftpd/ssl"): + os.makedirs("/etc/proftpd/ssl") + try: + WOShellExec.cmd_exec(self, "openssl genrsa -out " + "/etc/proftpd/ssl/proftpd.key 2048") + WOShellExec.cmd_exec(self, "openssl req -new -batch " + "-subj /commonName=localhost/ " + "-key /etc/proftpd/ssl/proftpd.key " + "-out /etc/proftpd/ssl/proftpd.csr") + WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", + "/etc/proftpd/ssl/proftpd.key.org") + WOShellExec.cmd_exec(self, "openssl rsa -in " + "/etc/proftpd/ssl/proftpd.key.org" + "-out /etc/proftpd/ssl/" + "proftpd/proftpd.key") + WOShellExec.cmd_exec(self, "openssl x509 -req -days " + "3652 -in /etc/proftpd/ssl/" + "proftpd.csr" + "-signkey /etc/proftpd/ssl/" + "proftpd.key" + " -out /etc/proftpd/ssl/proftpd.crt") + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error( + self, "Failed to generate SSL " + "certificate for Proftpd") + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o600) + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o600) + data = dict() + Log.debug(self, 'Writting the proftpd configuration to ' + 'file /etc/proftpd/tls.conf') + wo_proftpdconf = open('/etc/proftpd/tls.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'proftpd-tls.mustache', + out=wo_proftpdconf) + wo_proftpdconf.close() + WOFileUtils.searchreplace(self, "/etc/proftpd/" + "proftpd.conf", + "#Include /etc/proftpd/tls.conf", + "Include /etc/proftpd/tls.conf") + WOService.restart_service(self, 'proftpd') + # add rule for proftpd with UFW if WOAptGet.is_installed(self, 'ufw'): try: diff --git a/wo/cli/templates/proftpd-tls.mustache b/wo/cli/templates/proftpd-tls.mustache new file mode 100644 index 0000000..6e3f9cf --- /dev/null +++ b/wo/cli/templates/proftpd-tls.mustache @@ -0,0 +1,12 @@ + +TLSEngine on +TLSLog /var/log/proftpd/tls.log +TLSProtocol TLSv1.2 +TLSCipherSuite AES256+EECDH:AES256+EDH +TLSOptions NoCertRequest AllowClientRenegotiations NoSessionReuseRequired +TLSRSACertificateFile /etc/proftpd/ssl/proftpd.crt +TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key +TLSVerifyClient off +TLSRequired on +RequireValidShell no + \ No newline at end of file From 7a9379228f423f0ec4ee0bbc9697671143ce0ac6 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 11:41:50 +0200 Subject: [PATCH 41/83] Fix typo --- wo/cli/plugins/stack.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index bb5efe3..ada3822 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1056,8 +1056,7 @@ class WOStackController(CementBaseController): "/etc/proftpd/ssl/proftpd.key.org") WOShellExec.cmd_exec(self, "openssl rsa -in " "/etc/proftpd/ssl/proftpd.key.org" - "-out /etc/proftpd/ssl/" - "proftpd/proftpd.key") + "-out /etc/proftpd/ssl/proftpd.key") WOShellExec.cmd_exec(self, "openssl x509 -req -days " "3652 -in /etc/proftpd/ssl/" "proftpd.csr" From 943ebf3d01831f207de1156d624696ef545a7e0f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 12:24:56 +0200 Subject: [PATCH 42/83] Workaround for WSL --- wo/cli/plugins/stack.py | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index ada3822..5c21a01 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1044,10 +1044,10 @@ class WOStackController(CementBaseController): " 49000 50000") # proftpd TLS configuration if not os.path.isdir("/etc/proftpd/ssl"): - os.makedirs("/etc/proftpd/ssl") - try: - WOShellExec.cmd_exec(self, "openssl genrsa -out " - "/etc/proftpd/ssl/proftpd.key 2048") + WOFileUtils.mkdir(self, "/etc/proftpd/ssl") + try: + WOShellExec.cmd_exec(self, "openssl genrsa -out " + "/etc/proftpd/ssl/proftpd.key 2048") WOShellExec.cmd_exec(self, "openssl req -new -batch " "-subj /commonName=localhost/ " "-key /etc/proftpd/ssl/proftpd.key " @@ -1055,21 +1055,19 @@ class WOStackController(CementBaseController): WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", "/etc/proftpd/ssl/proftpd.key.org") WOShellExec.cmd_exec(self, "openssl rsa -in " - "/etc/proftpd/ssl/proftpd.key.org" - "-out /etc/proftpd/ssl/proftpd.key") - WOShellExec.cmd_exec(self, "openssl x509 -req -days " - "3652 -in /etc/proftpd/ssl/" - "proftpd.csr" - "-signkey /etc/proftpd/ssl/" - "proftpd.key" - " -out /etc/proftpd/ssl/proftpd.crt") + "/etc/proftpd/ssl/proftpd.key.org" + "-out /etc/proftpd/ssl/proftpd.key") + WOShellExec.cmd_exec(self, "openssl x509 -req -days " + "3652 -in /etc/proftpd/ssl/proftpd.csr" + "-signkey /etc/proftpd/ssl/proftpd.key" + " -out /etc/proftpd/ssl/proftpd.crt") except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) Log.error( self, "Failed to generate SSL " "certificate for Proftpd") - WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o600) - WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o600) + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700) + WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700) data = dict() Log.debug(self, 'Writting the proftpd configuration to ' 'file /etc/proftpd/tls.conf') @@ -1708,7 +1706,12 @@ class WOStackController(CementBaseController): Log.debug(self, "Calling pre_pref") self.pre_pref(apt_packages) if (apt_packages): - WOSwap.add(self) + meminfo = (os.popen('cat /proc/meminfo ' + '| grep MemTotal').read()).split(" ") + memsplit = (meminfo[1]).split(" ") + wo_mem = int(mem[0]) + if wo_mem < 4000000: + WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") WOAptGet.update(self) Log.info(self, "Installing packages, please wait...") From 584feafc5ef427e61c538ca4774d335a31496da4 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 12:27:27 +0200 Subject: [PATCH 43/83] Fix indent --- wo/cli/plugins/stack.py | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 5c21a01..3bc2b27 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1045,27 +1045,28 @@ class WOStackController(CementBaseController): # proftpd TLS configuration if not os.path.isdir("/etc/proftpd/ssl"): WOFileUtils.mkdir(self, "/etc/proftpd/ssl") + try: WOShellExec.cmd_exec(self, "openssl genrsa -out " "/etc/proftpd/ssl/proftpd.key 2048") - WOShellExec.cmd_exec(self, "openssl req -new -batch " - "-subj /commonName=localhost/ " - "-key /etc/proftpd/ssl/proftpd.key " - "-out /etc/proftpd/ssl/proftpd.csr") - WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", - "/etc/proftpd/ssl/proftpd.key.org") - WOShellExec.cmd_exec(self, "openssl rsa -in " + WOShellExec.cmd_exec(self, "openssl req -new -batch " + "-subj /commonName=localhost/ " + "-key /etc/proftpd/ssl/proftpd.key " + "-out /etc/proftpd/ssl/proftpd.csr") + WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", + "/etc/proftpd/ssl/proftpd.key.org") + WOShellExec.cmd_exec(self, "openssl rsa -in " "/etc/proftpd/ssl/proftpd.key.org" "-out /etc/proftpd/ssl/proftpd.key") WOShellExec.cmd_exec(self, "openssl x509 -req -days " "3652 -in /etc/proftpd/ssl/proftpd.csr" "-signkey /etc/proftpd/ssl/proftpd.key" " -out /etc/proftpd/ssl/proftpd.crt") - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error( - self, "Failed to generate SSL " - "certificate for Proftpd") + except CommandExecutionError as e: + Log.debug(self, "{0}".format(e)) + Log.error( + self, "Failed to generate SSL " + "certificate for Proftpd") WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700) WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700) data = dict() From 1fe77cc5b379159ec8a5186e49f296852c7f178b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 12:29:19 +0200 Subject: [PATCH 44/83] Fix typo --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 3bc2b27..b0ff144 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1710,7 +1710,7 @@ class WOStackController(CementBaseController): meminfo = (os.popen('cat /proc/meminfo ' '| grep MemTotal').read()).split(" ") memsplit = (meminfo[1]).split(" ") - wo_mem = int(mem[0]) + wo_mem = int(memsplit[0]) if wo_mem < 4000000: WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") From 176a601857e6874add2913545c26681b64bc8c3e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 13:26:39 +0200 Subject: [PATCH 45/83] Fix int --- wo/cli/plugins/stack.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index b0ff144..21d8395 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1709,9 +1709,9 @@ class WOStackController(CementBaseController): if (apt_packages): meminfo = (os.popen('cat /proc/meminfo ' '| grep MemTotal').read()).split(" ") - memsplit = (meminfo[1]).split(" ") + memsplit = re.split(" ", meminfo[1]) wo_mem = int(memsplit[0]) - if wo_mem < 4000000: + if (wo_mem < 4000000): WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") WOAptGet.update(self) From 0fef40883b76483f091196e214940ac5a8f06d88 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 13:35:29 +0200 Subject: [PATCH 46/83] Fix int/float --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 21d8395..3a1cbf8 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1710,7 +1710,7 @@ class WOStackController(CementBaseController): meminfo = (os.popen('cat /proc/meminfo ' '| grep MemTotal').read()).split(" ") memsplit = re.split(" ", meminfo[1]) - wo_mem = int(memsplit[0]) + wo_mem = int(float(memsplit[0])) if (wo_mem < 4000000): WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") From 1d9156e99aac181e4a551f97d5c00d46c24757e1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 13:38:41 +0200 Subject: [PATCH 47/83] Few improvements --- wo/cli/plugins/stack.py | 1 - wo/core/download.py | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 3a1cbf8..5c17c14 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1701,7 +1701,6 @@ class WOStackController(CementBaseController): ] except Exception as e: Log.debug(self, "{0}".format(e)) - pass if (apt_packages) or (packages): Log.debug(self, "Calling pre_pref") diff --git a/wo/core/download.py b/wo/core/download.py index 36d3d7a..d81b277 100644 --- a/wo/core/download.py +++ b/wo/core/download.py @@ -33,12 +33,12 @@ class WODownload(): Log.error(self, "Unable to download file, {0}" .format(filename)) return False - except urllib.error.HTTPError as e: + except urllib.HTTPError.error as e: Log.error(self, "Package download failed. {0}" .format(pkg_name)) Log.debug(self, "[{err}]".format(err=str(e.reason))) return False - except urllib.error.ContentTooShortError as e: + except urllib.ContentTooShortError.error as e: Log.debug(self, "{0}{1}".format(e.errno, e.strerror)) Log.error(self, "Package download failed. The amount of the" " downloaded data is less than " From e1068b41913eece018e2b10e041f49002630bf26 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 13:42:17 +0200 Subject: [PATCH 48/83] Fix int --- wo/cli/plugins/stack.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 5c17c14..03feda2 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1707,9 +1707,9 @@ class WOStackController(CementBaseController): self.pre_pref(apt_packages) if (apt_packages): meminfo = (os.popen('cat /proc/meminfo ' - '| grep MemTotal').read()).split(" ") - memsplit = re.split(" ", meminfo[1]) - wo_mem = int(float(memsplit[0])) + '| grep MemTotal').read()).split(":") + memsplit = re.split(" kB", meminfo[1]) + wo_mem = int(list(memsplit[0])) if (wo_mem < 4000000): WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") From 94ed30b1c93c12d3b6f4bdc72116903a63cf373b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 13:42:57 +0200 Subject: [PATCH 49/83] Another Fix for int --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 03feda2..fcc4ac2 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1709,7 +1709,7 @@ class WOStackController(CementBaseController): meminfo = (os.popen('cat /proc/meminfo ' '| grep MemTotal').read()).split(":") memsplit = re.split(" kB", meminfo[1]) - wo_mem = int(list(memsplit[0])) + wo_mem = int(memsplit[0]) if (wo_mem < 4000000): WOSwap.add(self) Log.info(self, "Updating apt-cache, please wait...") From 23bc63364dab15ad5aa979a9fd0afcea19fd5c2f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 14:17:24 +0200 Subject: [PATCH 50/83] Fix proftpd ssl --- wo/cli/plugins/stack.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index fcc4ac2..ab1d452 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1056,11 +1056,11 @@ class WOStackController(CementBaseController): WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", "/etc/proftpd/ssl/proftpd.key.org") WOShellExec.cmd_exec(self, "openssl rsa -in " - "/etc/proftpd/ssl/proftpd.key.org" + "/etc/proftpd/ssl/proftpd.key.org " "-out /etc/proftpd/ssl/proftpd.key") WOShellExec.cmd_exec(self, "openssl x509 -req -days " - "3652 -in /etc/proftpd/ssl/proftpd.csr" - "-signkey /etc/proftpd/ssl/proftpd.key" + "3652 -in /etc/proftpd/ssl/proftpd.csr " + "-signkey /etc/proftpd/ssl/proftpd.key " " -out /etc/proftpd/ssl/proftpd.crt") except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) From 05fc7ba16103e8a2f51648af5733d92f474459ce Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 14:32:23 +0200 Subject: [PATCH 51/83] Move variable wo_wan and change variable distro --- wo/cli/plugins/stack.py | 19 ++++++++++++------- wo/cli/plugins/stack_upgrade.py | 4 ++-- wo/core/checkfqdn.py | 2 +- wo/core/variables.py | 19 ++++++------------- 4 files changed, 21 insertions(+), 23 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index ab1d452..6213d46 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -97,7 +97,7 @@ class WOStackController(CementBaseController): if set(WOVariables.wo_mysql).issubset(set(apt_packages)): # add mariadb repository excepted on raspbian and ubuntu 19.04 - if (not WOVariables.wo_platform_distro == 'raspbian'): + if (not WOVariables.wo_distro == 'raspbian'): Log.info(self, "Adding repository for MySQL, please wait...") mysql_pref = ("Package: *\nPin: origin " "sfo1.mirrors.digitalocean.com" @@ -115,7 +115,7 @@ class WOStackController(CementBaseController): # generate random 24 characters root password chars = ''.join(random.sample(string.ascii_letters, 24)) # configure MySQL non-interactive install - if (not WOVariables.wo_platform_distro == 'raspbian'): + if (not WOVariables.wo_distro == 'raspbian'): Log.debug(self, "Pre-seeding MySQL") Log.debug(self, "echo \"mariadb-server-10.3 " "mysql-server/root_password " @@ -196,7 +196,7 @@ class WOStackController(CementBaseController): # add nginx repository if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - if (WOVariables.wo_platform_distro == 'ubuntu'): + if (WOVariables.wo_distro == 'ubuntu'): Log.info(self, "Adding repository for NGINX, please wait...") WORepo.add(self, ppa=WOVariables.wo_nginx_repo) Log.debug(self, 'Adding ppa for Nginx') @@ -209,7 +209,7 @@ class WOStackController(CementBaseController): # add php repository if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or set(WOVariables.wo_php).issubset(set(apt_packages))): - if (WOVariables.wo_platform_distro == 'ubuntu'): + if (WOVariables.wo_distro == 'ubuntu'): Log.info(self, "Adding repository for PHP, please wait...") Log.debug(self, 'Adding ppa for PHP') WORepo.add(self, ppa=WOVariables.wo_php_repo) @@ -230,7 +230,7 @@ class WOStackController(CementBaseController): # add redis repository if set(WOVariables.wo_redis).issubset(set(apt_packages)): Log.info(self, "Adding repository for Redis, please wait...") - if WOVariables.wo_platform_distro == 'ubuntu': + if WOVariables.wo_distro == 'ubuntu': Log.debug(self, 'Adding ppa for redis') WORepo.add(self, ppa=WOVariables.wo_redis_repo) else: @@ -1234,12 +1234,17 @@ class WOStackController(CementBaseController): 'wo-dashboard.tar.gz', '{0}22222/htdocs' .format(WOVariables.wo_webroot)) + wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " + "grep -oP \"dev [^[:space:]]+ \" " + "| cut -d ' ' -f 2").read() + if wo_wan == '': + wo_wan = 'eth0' if WOVariables.wo_wan != 'eth0': - WOFileUtils.searchreplace(self, "{0}22222/htdocs/index.php" + WOFileUtils.searchreplace(self, + "{0}22222/htdocs/index.php" .format(WOVariables.wo_webroot), "eth0", "{0}".format(WOVariables.wo_wan)) - Log.debug(self, "Setting Privileges to " "{0}22222/htdocs" .format(WOVariables.wo_webroot)) diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index b214157..0344c09 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -49,7 +49,7 @@ class WOStackUpgradeController(CementBaseController): @expose(hide=True) def upgrade_php56(self): - if WOVariables.wo_platform_distro == "ubuntu": + if WOVariables.wo_distro == "ubuntu": if os.path.isfile("/etc/apt/sources.list.d/ondrej-php5-5_6-{0}." "list".format(WOVariables.wo_platform_codename)): Log.error(self, "Unable to find PHP 5.5") @@ -68,7 +68,7 @@ class WOStackUpgradeController(CementBaseController): if start_upgrade != "Y" and start_upgrade != "y": Log.error(self, "Not starting PHP package update") - if WOVariables.wo_platform_distro == "ubuntu": + if WOVariables.wo_distro == "ubuntu": WORepo.remove(self, ppa="ppa:ondrej/php5") WORepo.add(self, ppa=WOVariables.wo_php_repo) diff --git a/wo/core/checkfqdn.py b/wo/core/checkfqdn.py index 636c211..c9d4ff1 100644 --- a/wo/core/checkfqdn.py +++ b/wo/core/checkfqdn.py @@ -12,7 +12,7 @@ def check_fqdn(self, wo_host): WOShellExec.cmd_exec(self, "sed -i \"1i\\127.0.0.1 {0}\" /etc/hosts" .format(wo_host)) - if WOVariables.wo_platform_distro == 'debian': + if WOVariables.wo_distro == 'debian': WOShellExec.cmd_exec(self, "/etc/init.d/hostname.sh start") else: WOShellExec.cmd_exec(self, "service hostname restart") diff --git a/wo/core/variables.py b/wo/core/variables.py index 55b0bfb..9d85fff 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -20,18 +20,11 @@ class WOVariables(): # Get WPCLI path wo_wpcli_path = '/usr/local/bin/wp' - # get wan network interface name - wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " - "grep -oP \"dev [^[:space:]]+ \" " - "| cut -d ' ' -f 2").read() - if wo_wan == '': - wo_wan = 'eth0' - # Current date and time of System wo_date = datetime.datetime.now().strftime('%d%b%Y%H%M%S') # WordOps core variables - wo_platform_distro = os.popen("/usr/bin/lsb_release -si " + wo_distro = os.popen("/usr/bin/lsb_release -si " "| tr -d \'\\n\'").read().lower() wo_platform_version = platform.linux_distribution()[1] wo_platform_codename = os.popen( @@ -91,14 +84,14 @@ class WOVariables(): # WordOps stack installation variables # Nginx repo and packages - if wo_platform_distro == 'ubuntu': + if wo_distro == 'ubuntu': if wo_platform_codename == 'trusty': wo_nginx_repo = ("deb http://download.opensuse.org" "/repositories/home:" "/virtubox:/WordOps/xUbuntu_14.04/ /") else: wo_nginx_repo = "ppa:wordops/nginx-wo" - elif wo_platform_distro == 'debian': + elif wo_distro == 'debian': if wo_platform_codename == 'jessie': wo_nginx_repo = ("deb http://download.opensuse.org" "/repositories/home:" @@ -119,7 +112,7 @@ class WOVariables(): wo_nginx_key = '188C9FB063F0247A' # PHP repo and packages - if wo_platform_distro == 'ubuntu': + if wo_distro == 'ubuntu': wo_php_repo = "ppa:ondrej/php" wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", "php7.2-readline", "php7.2-common", "php7.2-recode", @@ -155,7 +148,7 @@ class WOVariables(): wo_php_key = 'AC0E47584A7A714D' # MySQL repo and packages - if wo_platform_distro == 'ubuntu': + if wo_distro == 'ubuntu': wo_mysql_repo = ("deb [arch=amd64,ppc64el] " "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" "10.3/ubuntu {codename} main" @@ -170,7 +163,7 @@ class WOVariables(): wo_fail2ban = ["fail2ban"] # Redis repo details - if wo_platform_distro == 'ubuntu': + if wo_distro == 'ubuntu': wo_redis_repo = ("ppa:chris-lea/redis-server") else: From a70bd3804b799618666db9a8313af2824e3bfaf8 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 15:55:48 +0200 Subject: [PATCH 52/83] Fix wo_wan variable --- wo/cli/plugins/stack.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 6213d46..c34d563 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1237,9 +1237,7 @@ class WOStackController(CementBaseController): wo_wan = os.popen("/sbin/ip -4 route get 8.8.8.8 | " "grep -oP \"dev [^[:space:]]+ \" " "| cut -d ' ' -f 2").read() - if wo_wan == '': - wo_wan = 'eth0' - if WOVariables.wo_wan != 'eth0': + if (wo_wan != 'eth0' and wo_wan != ''): WOFileUtils.searchreplace(self, "{0}22222/htdocs/index.php" .format(WOVariables.wo_webroot), From 7e55998d6eb5bacb4e5202acbbf62eb646bb0602 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 17:55:24 +0200 Subject: [PATCH 53/83] Final fix for variable wo_wan --- wo/cli/plugins/stack.py | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index c34d563..f991a1a 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -243,16 +243,6 @@ class WOStackController(CementBaseController): # Nginx configuration if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - # Nginx main configuration - if os.path.isfile('/etc/nginx/nginx.conf'): - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/nginx.conf') - wo_nginx = open('/etc/nginx/nginx.conf', - encoding='utf-8', mode='w') - self.app.render( - (data), 'nginx-core.mustache', out=wo_nginx) - wo_nginx.close() # Fix for white screen death with NGINX PLUS if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', @@ -1242,7 +1232,7 @@ class WOStackController(CementBaseController): "{0}22222/htdocs/index.php" .format(WOVariables.wo_webroot), "eth0", - "{0}".format(WOVariables.wo_wan)) + "{0}".format(wo_wan)) Log.debug(self, "Setting Privileges to " "{0}22222/htdocs" .format(WOVariables.wo_webroot)) From 3a99e199a12428bed5c4cffe79fceca9302cc49f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 21:39:53 +0200 Subject: [PATCH 54/83] Fix site_url_https missing .format --- wo/cli/plugins/site.py | 3 ++- wo/cli/plugins/site_functions.py | 12 ++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 45c6cf0..901173d 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1300,13 +1300,14 @@ class WOSiteUpdateController(CementBaseController): setupLetsEncrypt(self, wo_domain, False, True, True, wo_acme_dns) httpsRedirect(self, wo_domain, True, True) + site_url_https(self, wo_domain) else: WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled" .format(wo_site_webroot), '{0}/conf/nginx/ssl.conf' .format(wo_site_webroot)) + site_url_https(self, wo_domain) - site_url_https(self, wo_domain) if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index f5c3070..e36ec8f 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1311,9 +1311,9 @@ def removeAcmeConf(self, domain): .format(domain)) -def site_url_https(self, wo_domain): - if os.path.isfile('/var/www/{0}/wp-config.php'): - wo_site_webroot = ('/var/www/{0}'.format(wo_domain)) +def site_url_https(self, domain): + if os.path.isfile('/var/www/{0}/wp-config.php'.format(domain)): + wo_site_webroot = ('/var/www/{0}'.format(domain)) Log.info(self, "Checking if site url already " "use https, please wait...") WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) @@ -1326,16 +1326,16 @@ def site_url_https(self, wo_domain): try: WOShellExec.cmd_exec(self, "php {0} option update siteurl " "\'https://{1}\' --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) + WOVariables.wo_wpcli_path, domain)) WOShellExec.cmd_exec(self, "php {0} option update home " "\'https://{1}\' --allow-root".format( - WOVariables.wo_wpcli_path, wo_domain)) + WOVariables.wo_wpcli_path, domain)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) raise SiteError("plugin activation failed") Log.info( self, "Site address updated " - "successfully to https://{0}".format(wo_domain)) + "successfully to https://{0}".format(domain)) else: Log.info( self, "Site address was already using https") From da1dadbff5e84ab76564d8dd9f8a79e1b8b2786f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 23:17:19 +0200 Subject: [PATCH 55/83] Add favicon & badge --- README.md | 2 +- favicon.ico | Bin 0 -> 15086 bytes 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 favicon.ico diff --git a/README.md b/README.md index 72cfe41..e21be0b 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ MIT Commits GitHub release -
+
Badge Twitter Badge Slack diff --git a/favicon.ico b/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..6057fb94a1d9812bd9ae96af3b22e854cc754db2 GIT binary patch literal 15086 zcmeHO33OJ)75-D87Q2AjdTO;Atf)P<9@<*Z@tiK&#cH)ZF31u+~~tH|O4qR3tl zPy{PdM3(Fc30X)WkOW8|EFmOhAtYf*LP$c$zGr&B`)6L>GVlNYBtXbHopUDdfAj9l zy>sW@nLGF1I2>M%K8_(n9Q5>d_zreB9(Fh!-rnu+109Y$Y8yyTe4o_U;aErj_Y(|t zag3#kb}sigALhUQFE|EJok=x|YBN=FomS8W8bRv-%mYuVYpFI-y1k)zP-}#&dQ*luD^d5`gaze z1`oVcLtYvvBB%aLM7?pZ2%q>95iq{Z6=peEN&S>n4b@oFq|KeqPj96pQNO9C0e@QxQJtr!MIL?coz|7da6tMO9HY z_pQ5BD9Uq^dCWkc?})3p76BvriHv}cL~C<{P?f^NVIp+gEovHg%?5~bNr9@aqNS-` zoY?jrtz(}~%c5JplPo~i_s)AvG}Trp@uRV=wMC?S{tCmI$Mk#7Ar34bN^@_t?cY#U zDt5p3h_b(Vyw1LZ{*!_8ZE?#F1qt7fe1FTzL*oCb$kh_e_L;Wz-K#=>5Xolov1nVo z@JLqW>DQigwsE-^& z%6?l*a|f8sua?Go5&!YyhW>J#u0FxPjDQbqFj|{)W7cZ411I`thAy@O+O(Y5_P$~L zx=Od~hkd#DXrv7`YctMH;4Dk{_=zi`1CZTx|9KW1XgIy=OA$Bc_oBJJ z+VVX+dojEZ@+O?mOp-=s@7e8${8O2qliAUriNZ6Mjtg z&ne6IlJqzcH2Ox`%liq)v$@oig-@zwU+NgasP;zKISC7%6mfI^ zATU>R$qrx6@)7>(?V`FU$NZUbqCaSGr=xb??PM3opnI?>d};jTl_SY^YqijjL3)$6 zWtOGAt*uoY{B#WW#XebdWQPR?4e5R#bV~<#Y?4D&$=be5)6bY0Lqua$nFXw&vQ#uw zmRQ;wYc7e{Sr0k)SDbCZ3oS5cz`US;cKmhK&ayxGE`hz+T)@BNRim71OF9CZzasyb z8O-+m@|iTT{gof_`3Ct&`eZoU-sTQ9CHW$P^bfSSqE+>cWuNw7?8WBNSY0k+X8u}R zTiDBI61SMaY~Rl%1@L_ncp;-Z-+oZQ_BR)tIf)DZ-X$HtxF>wyHxJ406$M5c8L-E{ znW=n_H7_JyKkG}p66VvzbV(sOjK)gli0W9 zp9Y>{{c!J5l_Ijc0)0BC15Vk$Q+c)nN80Au2A%*u!b2OU{!$V7Ebcea49bpZJ0|CR97 zS>WL-NL=)^1)mOXw6uQEovU)==!NjUgC~WlD5kX&hM~s**D~ZX2}!C zGW<{~n+1cNivG;7_F6yMBVuPiBpT`dYgd{ZYRKk%RLM)=h0UrewWZL3yFJnYmVFyp z#Mmk8#w+;;zZuRXoK1EGw!Yon9C%?<;A}J(*i!oz|3i(}v?h?Vv@NsEL-2c3U8PI^ z5^T}4`+b#t(O8@s%{G%^`IFK(-{1N9zlGt}OpP7tS&lSHr;BM zW`g}1Fq~rNbWd<)C-XP5)d9=>x@jL_jPO_Q;F!y~B!5v5zeybU_wzJlWByIp?ZEiXhg>Sw4G;Gjx%RH|3gFLh<^*|(Ji3G0703_nh!|5fS5+IYedrRy zkcj2!<5`tw)7dYCe6vfZ4{NaS1(|gwGh|Vx=8yX{?x?cJxN|{#hc6rJz3ZKaDW3kI z!LI;4IIx1^Cc2!A3*`TEcSo0ez&b@z{u|L{ni5%OPC>>_?fbHJjZ+VadP;m zq9~_DAD`lw=d{5d@c`?zf7x>ey+;fJcV)y4^*LtnC!LP{LZb=(H29Q}6I7m?($NkX zpfNp>0n8ukr7r~un^|@uUmtAXOLKjdXs)Z$K%GAP`*^?0-@8$3#}C9(J<$Qq=}3z; z^iAFLHpe76*NJ=|cBL$9Kl>IC`#eT|4t;?52!u_N1%&Js-JM(#MPM$dR-wN7ldQ+>?k-j?Ysb zhb+(soF}ei0JNPn#Y_?VkbJ{;yS^*kkm0L)f2_J{e&gm-rbv&Kf_J=cc4nJ~6L&(iz0? zxe)K+TbJLpCy#pz`|KsL@Pmd;xJ_y6rBjZNT!W_CO5Q{D{M5!J83-8BmvUKO5P7@T zbKE#|?9GO`OIXMX;$qnAk(-P20&ViU_M|qPkC-$3)QIOJ2Bv*i*aMO_eyYZ7?*n{* z;pzeoK1#!wR-A6{0Iulm<~QK(>HAkt-#>fw{ymSq2WGFpwRs0__$lC)@TRKyDd>OA z%!TA+1J$nh3D5_9>#1tG$9hA1nO<*Mr_iR`N89@t`Xb(h+$7{zMNApw+#^WOkduQp ze6x#5VeCk<1*-}(dHXtlFqr@M0r^O{x1!*Di=0Y#28CXm&y~9JLXP_bcWtTj?2`7f zYM;k`AoJa^FT&PHq!?_%f+zUwk$a{7+|~F-eG$8XorRnRY3Cyc8M!kkXv4QsiVp=- ztVJIq!Q6Mg^$X4k!aX5*)o1~`0kJ69XSmm)4fjjf+ieAU*pU6x@hz`w)o kG}q`iA0Qj{&-y$$)&Yzq$CG1t(1yO<(qHp_(AoF@0R`Xd&j0`b literal 0 HcmV?d00001 From 94c0598672b99492ad3dff41e0e945d3be631bdf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 23:20:41 +0200 Subject: [PATCH 56/83] Fix badge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e21be0b..76d1122 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ MIT Commits GitHub release -
+
Badge Twitter Badge Slack From 9ea2e75084bdfdf3604a09aaa4ea3bb09d2dd0ea Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 23:21:23 +0200 Subject: [PATCH 57/83] Add line --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 76d1122..814c9f1 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,8 @@ MIT Commits GitHub release -
+
+ Badge Twitter Badge Slack From 3ee46e306fa2669fd909f20e5a215200a3560d9f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 30 Jul 2019 23:22:37 +0200 Subject: [PATCH 58/83] Change badge color to blue --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 814c9f1..9081778 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ MIT Commits GitHub release -
+
Badge Twitter Badge Slack From 1efea52369299bc408c775d0b27316c22edce95b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 31 Jul 2019 13:08:01 +0200 Subject: [PATCH 59/83] Update install script to speed up travis * do not clone again the repository anymore * do not require to choose the git branch * should work properly with pull requests --- .travis.yml | 2 +- install | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index af3ff73..8b8258c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,7 +31,7 @@ script: - sudo bash -c 'echo -e "[user]\n\tname = abc\n\temail = root@localhost.com" > /home/travis/.gitconfig' - sudo echo "Travis Banch = $TRAVIS_BRANCH" - sudo apt-get install -qq --force-yes git python3-setuptools python3-dev python3-apt ccze tree - - sudo bash install -b $TRAVIS_BRANCH --travis + - sudo bash install --travis - sudo wo --help && sudo wo stack install && sudo wo stack install --proftpd - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql && sudo wo site create proxy.com --proxy=127.0.0.1:3000 - sudo wo site create wp1.com --wp && sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc diff --git a/install b/install index ce8a597..26bbb05 100755 --- a/install +++ b/install @@ -429,6 +429,16 @@ wo_install() { } +# Clone Github repository if it doesn't exist +wo_install_travis() { + + if [ -f "$HOME/.gitconfig" ]; then + # install and redirect log to not print python package install + python3 setup.py install >> $wo_install_log 2>&1 + fi + +} + wo_upgrade_nginx() { { @@ -780,7 +790,11 @@ else wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log wo_install_dep | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install | tee -ai $wo_install_log + if [ "$wo_travis" = "y" ]; then + wo_install_travis | tee -ai $wo_install_log + else + wo_install | tee -ai $wo_install_log + fi wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_tweak_kernel | tee -ai $wo_install_log wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log From 2077fc0a7c204467c0be0e5c748ee5484f5b1ef8 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 31 Jul 2019 20:26:52 +0200 Subject: [PATCH 60/83] Fix bad indentation --- wo/cli/plugins/site_functions.py | 2 +- wo/core/shellexec.py | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index e36ec8f..519faae 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1332,7 +1332,7 @@ def site_url_https(self, domain): WOVariables.wo_wpcli_path, domain)) except CommandExecutionError as e: Log.debug(self, "{0}".format(e)) - raise SiteError("plugin activation failed") + raise SiteError("migration to https failed") Log.info( self, "Site address updated " "successfully to https://{0}".format(domain)) diff --git a/wo/core/shellexec.py b/wo/core/shellexec.py index cfb43e1..77ba8a5 100644 --- a/wo/core/shellexec.py +++ b/wo/core/shellexec.py @@ -35,11 +35,11 @@ class WOShellExec(): .format(cmd_stdout, cmd_stderr)) return False except OSError as e: - Log.debug(self, str(e)) - raise CommandExecutionError + Log.debug(self, str(e)) + raise CommandExecutionError except Exception as e: - Log.debug(self, str(e)) - raise CommandExecutionError + Log.debug(self, str(e)) + raise CommandExecutionError def invoke_editor(self, filepath, errormsg=''): """ From ee23c7e8c14ae2e5572ca7b3c85582a3ae28d89f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 31 Jul 2019 20:50:56 +0200 Subject: [PATCH 61/83] Few adjustements on opcache --- CHANGELOG.md | 1 + wo/cli/plugins/stack.py | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 140b9f7..5ad0290 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -26,6 +26,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - eXtplorer updated to v2.1.13 - Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues - Several code quality improvements to speed up WordOps execution +- Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) #### Fixed diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index f991a1a..da85cf6 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -657,6 +657,7 @@ class WOStackController(CementBaseController): config['PHP']['post_max_size'] = '100M' config['PHP']['upload_max_filesize'] = '100M' config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' config['PHP']['max_input_vars'] = '20000' config['Date']['date.timezone'] = WOVariables.wo_timezone config['opcache']['opcache.enable'] = '1' @@ -664,7 +665,8 @@ class WOStackController(CementBaseController): config['opcache']['opcache.max_accelerated_files'] = '10000' config['opcache']['opcache.memory_consumption'] = '256' config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '2' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' config['opcache']['opcache.validate_timestamps'] = '1' with open('/etc/php/7.2/fpm/php.ini', encoding='utf-8', mode='w') as configfile: @@ -818,6 +820,7 @@ class WOStackController(CementBaseController): config['PHP']['post_max_size'] = '100M' config['PHP']['upload_max_filesize'] = '100M' config['PHP']['max_execution_time'] = '300' + config['PHP']['max_input_time'] = '300' config['PHP']['max_input_vars'] = '20000' config['Date']['date.timezone'] = WOVariables.wo_timezone config['opcache']['opcache.enable'] = '1' @@ -825,7 +828,8 @@ class WOStackController(CementBaseController): config['opcache']['opcache.max_accelerated_files'] = '10000' config['opcache']['opcache.memory_consumption'] = '256' config['opcache']['opcache.save_comments'] = '1' - config['opcache']['opcache.revalidate_freq'] = '2' + config['opcache']['opcache.revalidate_freq'] = '5' + config['opcache']['opcache.consistency_checks'] = '0' config['opcache']['opcache.validate_timestamps'] = '1' with open('/etc/php/7.3/fpm/php.ini', encoding='utf-8', mode='w') as configfile: From c863284e96eddf7b9af53524c49770b225f3b4bb Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 1 Aug 2019 10:31:50 +0200 Subject: [PATCH 62/83] Get siteurl variable properly --- wo/cli/plugins/site_functions.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 519faae..07d5abd 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1317,10 +1317,10 @@ def site_url_https(self, domain): Log.info(self, "Checking if site url already " "use https, please wait...") WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) - wo_siteurl = WOShellExec.cmd_exec(self, - "php {0} option get siteurl " - .format(WOVariables.wo_wpcli_path) + - "--allow-root --quiet") + wo_siteurl = WOShellExec.cmd_exec_stdout(self, + "php {0} option get siteurl " + .format(WOVariables.wo_wpcli_path) + + "--allow-root --quiet") test_url = re.split(":", wo_siteurl) if not (test_url[0] == 'https'): try: From ba376c037b540f3ad7f00830f2771d36c271bab3 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 1 Aug 2019 10:39:15 +0200 Subject: [PATCH 63/83] Few improvements --- wo/cli/plugins/debug.py | 4 +++- wo/cli/plugins/info.py | 4 ++++ wo/cli/plugins/log.py | 8 ++++---- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/wo/cli/plugins/debug.py b/wo/cli/plugins/debug.py index 6607ecb..649cfea 100644 --- a/wo/cli/plugins/debug.py +++ b/wo/cli/plugins/debug.py @@ -3,7 +3,7 @@ from cement.core.controller import CementBaseController, expose from cement.core import handler, hook from wo.core.aptget import WOAptGet -from wo.core.shellexec import * +from wo.core.shellexec import WOShellExec from wo.core.mysql import WOMysql from wo.core.services import WOService from wo.core.logging import Log @@ -92,6 +92,7 @@ class WODebugController(CementBaseController): debug_address = (self.app.config.get('stack', 'ip-address') .split()) except Exception as e: + Log.debug(self, "{0}".format(e)) debug_address = ['0.0.0.0/0'] # Check if IP address is 127.0.0.1 then enable debug globally @@ -660,6 +661,7 @@ class WODebugController(CementBaseController): try: cron_time = int(self.app.pargs.interval) except Exception as e: + Log.debug(self, "{0}".format(e)) cron_time = 5 try: diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 2e9833d..d5daaac 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -93,6 +93,7 @@ class WOInfoController(CementBaseController): www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' '_trigger]']) except Exception as e: + Log.debug(self, "{0}".format(e)) www_xdebug = 'off' config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2")) @@ -111,6 +112,7 @@ class WOInfoController(CementBaseController): debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' 'enable_trigger]']) except Exception as e: + Log.debug(self, "{0}".format(e)) debug_xdebug = 'off' data = dict(version=version, expose_php=expose_php, @@ -168,6 +170,7 @@ class WOInfoController(CementBaseController): www_xdebug = (config['www']['php_admin_flag[xdebug.profiler_enable' '_trigger]']) except Exception as e: + Log.debug(self, "{0}".format(e)) www_xdebug = 'off' config.read('/etc/php/7.3/fpm/pool.d/debug.conf') @@ -186,6 +189,7 @@ class WOInfoController(CementBaseController): debug_xdebug = (config['debug']['php_admin_flag[xdebug.profiler_' 'enable_trigger]']) except Exception as e: + Log.debug(self, "{0}".format(e)) debug_xdebug = 'off' data = dict(version=version, expose_php=expose_php, diff --git a/wo/cli/plugins/log.py b/wo/cli/plugins/log.py index 5b08189..7baf633 100644 --- a/wo/cli/plugins/log.py +++ b/wo/cli/plugins/log.py @@ -97,7 +97,7 @@ class WOLogShowController(CementBaseController): '/var/log/php5/fpm.log'] if self.app.pargs.mysql: # MySQL debug will not work for remote MySQL - if WOVariables.wo_mysql_host is "localhost": + if WOVariables.wo_mysql_host == "localhost": if os.path.isfile('/var/log/mysql/mysql-slow.log'): self.msg = self.msg + ['/var/log/mysql/mysql-slow.log'] else: @@ -236,7 +236,7 @@ class WOLogResetController(CementBaseController): '/var/log/php5/fpm.log'] if self.app.pargs.mysql: # MySQL debug will not work for remote MySQL - if WOVariables.wo_mysql_host is "localhost": + if WOVariables.wo_mysql_host == "localhost": if os.path.isfile('/var/log/mysql/mysql-slow.log'): self.msg = self.msg + ['/var/log/mysql/mysql-slow.log'] else: @@ -364,7 +364,7 @@ class WOLogGzipController(CementBaseController): '/var/log/php5/fpm.log'] if self.app.pargs.mysql: # MySQL debug will not work for remote MySQL - if WOVariables.wo_mysql_host is "localhost": + if WOVariables.wo_mysql_host == "localhost": if os.path.isfile('/var/log/mysql/mysql-slow.log'): self.msg = self.msg + ['/var/log/mysql/mysql-slow.log'] else: @@ -502,7 +502,7 @@ class WOLogMailController(CementBaseController): '/var/log/php5/fpm.log'] if self.app.pargs.mysql: # MySQL debug will not work for remote MySQL - if WOVariables.wo_mysql_host is "localhost": + if WOVariables.wo_mysql_host == "localhost": if os.path.isfile('/var/log/mysql/mysql-slow.log'): self.msg = self.msg + ['/var/log/mysql/mysql-slow.log'] else: From e9481aa964cc8e4cab4c537168f59af5eb9d87c7 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 1 Aug 2019 11:09:49 +0200 Subject: [PATCH 64/83] Update changelog, set binary full path --- CHANGELOG.md | 1 + wo/cli/plugins/info.py | 6 +++--- wo/cli/plugins/site.py | 2 +- wo/cli/plugins/site_functions.py | 4 ++-- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ad0290..c640687 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Proftpd stack now secured with TLS - New Nginx package built with Brotli from operating system libraries - Brotli configuration with only well compressible MIME types +- WordPress site url automatically updated to `https://domain.tld` when using `-le/--letsencrypt` flag #### Changed diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index d5daaac..efaf767 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -225,7 +225,7 @@ class WOInfoController(CementBaseController): "-f1 | tr -d '\n'").read() host = "localhost" port = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep ^port | awk " + "/bin/grep ^port | awk " "'{print($2)}' | tr -d '\n'").read() wait_timeout = os.popen("/usr/bin/mysql -e \"show variables\" | grep " "^wait_timeout | awk '{print($2)}' | " @@ -239,10 +239,10 @@ class WOInfoController(CementBaseController): "grep Max_used_connections | awk " "'{print($2)}' | tr -d '\n'").read() datadir = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep datadir | awk" + "/bin/grep datadir | awk" " '{print($2)}' | tr -d '\n'").read() socket = os.popen("/usr/bin/mysql -e \"show variables\" | " - "grep \"^socket\" | " + "/bin/grep \"^socket\" | " "awk '{print($2)}' | tr -d '\n'").read() data = dict(version=version, host=host, port=port, wait_timeout=wait_timeout, diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 901173d..2cb7bf8 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -237,7 +237,7 @@ class WOSiteController(CementBaseController): WOFileUtils.chdir(self, wo_site_webroot) try: - subprocess.call(['bash']) + subprocess.call(['/bin/bash']) except OSError as e: Log.debug(self, "{0}{1}".format(e.errno, e.strerror)) Log.error(self, "unable to change directory") diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 07d5abd..ae6e430 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -38,7 +38,7 @@ def pre_run_checks(self): try: Log.debug(self, "checking NGINX configuration ...") FNULL = open('/dev/null', 'w') - ret = subprocess.check_call(["nginx", "-t"], stdout=FNULL, + subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL, stderr=subprocess.STDOUT) except CalledProcessError as e: Log.debug(self, "{0}".format(str(e))) @@ -89,7 +89,7 @@ def setupdomain(self, data): try: Log.debug(self, "Checking generated nginx conf, please wait...") FNULL = open('/dev/null', 'w') - ret = subprocess.check_call(["nginx", "-t"], stdout=FNULL, + subprocess.check_call(["/usr/sbin/nginx", "-t"], stdout=FNULL, stderr=subprocess.STDOUT) Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") except CalledProcessError as e: From 50bf3d4185afa6d304e4230f6cdb750c5316642c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 1 Aug 2019 17:02:39 +0200 Subject: [PATCH 65/83] Fix phpredisadmin install --- README.md | 2 +- install | 8 +++----- wo/cli/plugins/stack.py | 3 ++- wo/core/variables.py | 7 +------ 4 files changed, 7 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 9081778..019b5b2 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ MIT Commits GitHub release -
+
Badge Twitter Badge Slack diff --git a/install b/install index 26bbb05..83c90a8 100755 --- a/install +++ b/install @@ -182,16 +182,14 @@ wo_install_dep() { } if [ "$wo_linux_distro" == "Ubuntu" ]; then # install dependencies - DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 + DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 else # install dependencies - DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 + DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 # add php repository gpg key [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } # add nginx repository gpg key - wget https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key -O Release.key - apt-key add - < Release.key - rm -f Release.key + curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_10/Release.key | apt-key add - fi locale-gen en diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index da85cf6..43be6c9 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1377,7 +1377,8 @@ class WOStackController(CementBaseController): # phpredisadmin if any('/var/lib/wo/tmp/pra.tar.gz' == x[1] for x in packages): - if not os.path.exists('{0}22222/htdocs/cache/redis' + if not os.path.exists('{0}22222/htdocs/cache/' + 'redis/phpRedisAdmin' .format(WOVariables.wo_webroot)): Log.debug(self, "Creating new directory " "{0}22222/htdocs/cache/redis" diff --git a/wo/core/variables.py b/wo/core/variables.py index 9d85fff..d553aef 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -85,12 +85,7 @@ class WOVariables(): # WordOps stack installation variables # Nginx repo and packages if wo_distro == 'ubuntu': - if wo_platform_codename == 'trusty': - wo_nginx_repo = ("deb http://download.opensuse.org" - "/repositories/home:" - "/virtubox:/WordOps/xUbuntu_14.04/ /") - else: - wo_nginx_repo = "ppa:wordops/nginx-wo" + wo_nginx_repo = "ppa:wordops/nginx-wo" elif wo_distro == 'debian': if wo_platform_codename == 'jessie': wo_nginx_repo = ("deb http://download.opensuse.org" From 6a882d6a755d1a8134ac2eb9b6f6670ab051a3af Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 1 Aug 2019 17:06:01 +0200 Subject: [PATCH 66/83] Another fix for phpredisadmin --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 43be6c9..6d8c898 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1590,7 +1590,7 @@ class WOStackController(CementBaseController): # PHPREDISADMIN if self.app.pargs.phpredisadmin: - if not os.path.isdir('/var/www/22222/htdocs/cache/redis'): + if not os.path.isdir('/var/www/22222/htdocs/cache/redis/phpRedisAdmin'): Log.debug( self, "Setting packages variable for phpRedisAdmin") self.app.pargs.composer = True From 1882b5c29e89d1ca2123da9dbb1215b7ce91c5f9 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 2 Aug 2019 01:05:09 +0200 Subject: [PATCH 67/83] Improve redis configuration * version bump to 3.9.7 * update changelog --- CHANGELOG.md | 5 ++++ install | 4 ++-- setup.py | 2 +- wo/cli/plugins/stack.py | 53 +++++++++++++++++++++++++++-------------- wo/core/variables.py | 2 +- 5 files changed, 44 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c640687..7869166 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +### v3.9.7 - 2019-08-02 + #### Added - MySQL configuration tuning @@ -28,6 +30,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues - Several code quality improvements to speed up WordOps execution - Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) +- #### Fixed @@ -35,6 +38,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Fail2ban standalone install - `wo stack purge --all` error due to PHP7.3 check - Nginx helper configuration during plugin install for Nginx fastcgi_cache and redis-cache +- phpRedisAdmin stack installation +- Fixed Travis CI build on pull requests ### v3.9.6.2 - 2019-07-24 diff --git a/install b/install index 83c90a8..204861e 100755 --- a/install +++ b/install @@ -7,10 +7,10 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.6.3 - 2019-07-29 +# Version 3.9.7 - 2019-08-02 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" -readonly wo_version_new="3.9.6.3" +readonly wo_version_new="3.9.7" # CONTENTS # --- # 1. VARIABLES AND DECLARATIONS diff --git a/setup.py b/setup.py index c2b96ff..14a12e6 100644 --- a/setup.py +++ b/setup.py @@ -56,7 +56,7 @@ if not os.path.isfile('/root/.gitconfig'): shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') setup(name='wo', - version='3.9.6.2', + version='3.9.7', description=long_description, long_description=long_description, classifiers=[], diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 6d8c898..ef34d53 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -10,6 +10,7 @@ import pwd import random import shutil import string +import re import psutil # from pynginxconfig import NginxConfig @@ -1590,7 +1591,8 @@ class WOStackController(CementBaseController): # PHPREDISADMIN if self.app.pargs.phpredisadmin: - if not os.path.isdir('/var/www/22222/htdocs/cache/redis/phpRedisAdmin'): + if not os.path.isdir('/var/www/22222/htdocs/' + 'cache/redis/phpRedisAdmin'): Log.debug( self, "Setting packages variable for phpRedisAdmin") self.app.pargs.composer = True @@ -1728,38 +1730,53 @@ class WOStackController(CementBaseController): WOShellExec.cmd_exec(self, "systemctl enable redis-server") if os.path.isfile("/etc/redis/redis.conf"): wo_ram = psutil.virtual_memory().total / (1024 * 1024) - if wo_ram < 512: + if wo_ram < 1024: Log.debug(self, "Setting maxmemory variable to " "{0} in redis.conf" .format(int(wo_ram*1024*1024*0.1))) - WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory" - " /maxmemory {0}/'" - " /etc/redis/redis.conf" - .format(int(wo_ram*1024*1024*0.1))) + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory ", + "maxmemory {0}" + .format + (int(wo_ram*1024*1024*0.1))) Log.debug( self, "Setting maxmemory-policy variable to " "allkeys-lru in redis.conf") - WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-" - "policy.*/maxmemory-policy " - "allkeys-lru/' " - "/etc/redis/redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory-policy " + "noeviction", + "maxmemory-policy " + "allkeys-lru") + Log.debug( + self, "Setting tcp-backlog variable to " + "in redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "tcp-backlog 511", + "tcp-backlog 32768") WOService.restart_service(self, 'redis-server') else: Log.debug(self, "Setting maxmemory variable to {0} " "in redis.conf" .format(int(wo_ram*1024*1024*0.2))) - WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory " - "/maxmemory {0}/' " - "/etc/redis/redis.conf" - .format(int(wo_ram*1024*1024*0.2))) + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory ", + "maxmemory {0}" + .format + (int(wo_ram*1024*1024*0.1))) Log.debug( self, "Setting maxmemory-policy variable " "to allkeys-lru in redis.conf") - WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-" - "policy.*/maxmemory-policy " - "allkeys-lru/' " - "/etc/redis/redis.conf") + WOFileUtils.searchreplace(self, + "/etc/redis/redis.conf", + "# maxmemory-policy " + "noeviction", + "maxmemory-policy " + "allkeys-lru") WOService.restart_service(self, 'redis-server') if 'mariadb-server' in apt_packages: # setting innodb memory usage diff --git a/wo/core/variables.py b/wo/core/variables.py index d553aef..4e1ba54 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -10,7 +10,7 @@ class WOVariables(): """Intialization of core variables""" # WordOps version - wo_version = "3.9.6.3" + wo_version = "3.9.7" # WordOps packages versions wo_wp_cli = "2.2.0" wo_adminer = "4.7.2" From 6ade7f3206a6066a2e4f7ba420195d8a74594ef7 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 2 Aug 2019 12:10:44 +0200 Subject: [PATCH 68/83] Fix wo-kernel service not installed --- install | 32 +++++++++++++++++--------------- wo/cli/plugins/site_functions.py | 5 +++++ 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/install b/install index 204861e..365775c 100755 --- a/install +++ b/install @@ -663,22 +663,24 @@ wo_tweak_kernel() { fi # apply sysctl tweaks sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf - if [ ! -x /opt/wo-kernel.sh ]; then - { - # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup - wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache - chmod +x /opt/wo-kernel.sh - wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache - systemctl enable wo-kernel.service - systemctl start wo-kernel.service - } >> /var/log/wo/install.log 2>&1 - fi + else + sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf + fi + if [ ! -x /opt/wo-kernel.sh ]; then + { + # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup + wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache + chmod +x /opt/wo-kernel.sh + wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache + systemctl enable wo-kernel.service + systemctl start wo-kernel.service + } >> /var/log/wo/install.log 2>&1 + fi - fi - LIMIT_CHECK=$(grep "500000" /etc/security/limits.conf) - if [ -z "$LIMIT_CHECK" ]; then - echo -e "* hard nofile 500000\n* soft nofile 500000\nroot hard nofile 500000\nroot soft nofile 500000\n" >> /etc/security/limits.conf - fi + fi + LIMIT_CHECK=$(grep "500000" /etc/security/limits.conf) + if [ -z "$LIMIT_CHECK" ]; then + echo -e "* hard nofile 500000\n* soft nofile 500000\nroot hard nofile 500000\nroot soft nofile 500000\n" >> /etc/security/limits.conf fi } diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index ae6e430..4181afe 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1384,13 +1384,16 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, 'keylength')) if wo_dns: acme_mode = "--dns {0}".format(wo_acme_dns) + validation_mode = "DNS with {0}".format(wo_acme_dns) Log.debug( self, "Validation : DNS mode with {0}".format(wo_acme_dns)) else: acme_mode = "-w /var/www/html" + validation_mode = "Webroot challenge" Log.debug(self, "Validation : Webroot mode") if subdomain: Log.info(self, "Issuing subdomain SSL cert with acme.sh") + Log.info(self, "Validation mode : {0}".format(validation_mode)) ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " @@ -1402,6 +1405,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, keylenght)) elif wildcard: Log.info(self, "Issuing Wildcard SSL cert with acme.sh") + Log.info(self, "Validation mode : {0}".format(validation_mode)) ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " @@ -1413,6 +1417,7 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, keylenght)) else: Log.info(self, "Issuing domain SSL cert with acme.sh") + Log.info(self, "Validation mode : {0}".format(validation_mode)) ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " "--config-home " "'/etc/letsencrypt/config' " From dc16a0bc2826823893a3c694c8b7f2591b64a1b8 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 2 Aug 2019 12:13:31 +0200 Subject: [PATCH 69/83] Another fix for wo-kernel service --- install | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/install b/install index 365775c..693bbf5 100755 --- a/install +++ b/install @@ -666,18 +666,18 @@ wo_tweak_kernel() { else sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf fi - if [ ! -x /opt/wo-kernel.sh ]; then - { - # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup - wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache - chmod +x /opt/wo-kernel.sh - wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache - systemctl enable wo-kernel.service - systemctl start wo-kernel.service - } >> /var/log/wo/install.log 2>&1 - fi - fi + if [ ! -x /opt/wo-kernel.sh ]; then + { + # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup + wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache + chmod +x /opt/wo-kernel.sh + wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache + systemctl enable wo-kernel.service + systemctl start wo-kernel.service + } >> /var/log/wo/install.log 2>&1 + fi + LIMIT_CHECK=$(grep "500000" /etc/security/limits.conf) if [ -z "$LIMIT_CHECK" ]; then echo -e "* hard nofile 500000\n* soft nofile 500000\nroot hard nofile 500000\nroot soft nofile 500000\n" >> /etc/security/limits.conf From 49e09683f585977c0e738cf44c65def4b5d2817e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sat, 3 Aug 2019 03:44:53 +0200 Subject: [PATCH 70/83] Fixes for migration from EEv3 --- CHANGELOG.md | 5 ++++- install | 3 ++- wo/core/variables.py | 9 +++++++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7869166..e347b0d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - New Nginx package built with Brotli from operating system libraries - Brotli configuration with only well compressible MIME types - WordPress site url automatically updated to `https://domain.tld` when using `-le/--letsencrypt` flag +- More informations during certificate issuance about validation mode selected +- `--php72` as alternative for `--php` +- Automated removal of the deprecated variable `ssl on;` in previous Nginx ssl.conf #### Changed @@ -30,7 +33,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues - Several code quality improvements to speed up WordOps execution - Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) -- #### Fixed @@ -40,6 +42,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Nginx helper configuration during plugin install for Nginx fastcgi_cache and redis-cache - phpRedisAdmin stack installation - Fixed Travis CI build on pull requests +- Nginx `server_names_hash_bucket_size` variable error after WordOps upgrade ### v3.9.6.2 - 2019-07-24 diff --git a/install b/install index 693bbf5..a650341 100755 --- a/install +++ b/install @@ -513,6 +513,7 @@ wo_upgrade_nginx() { sed -i "s/locations-php7.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/locations-php72.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i 's/ssl on;/#ssl on;/' /var/www/*/conf/nginx/ssl.conf # update redis.conf headers if [ -f /etc/nginx/common/redis.conf ]; then @@ -529,7 +530,7 @@ wo_upgrade_nginx() { else VERIFY_NGINX_BUCKET=$(nginx -t 2>&1 | grep "server_names_hash_bucket_size") if [ -n "$VERIFY_NGINX_BUCKET" ]; then - sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g" /etc/nginx/nginx.conf + sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 128;/g" /etc/nginx/nginx.conf fi systemctl stop nginx systemctl start nginx diff --git a/wo/core/variables.py b/wo/core/variables.py index 4e1ba54..cf3474e 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -25,7 +25,7 @@ class WOVariables(): # WordOps core variables wo_distro = os.popen("/usr/bin/lsb_release -si " - "| tr -d \'\\n\'").read().lower() + "| tr -d \'\\n\'").read().lower() wo_platform_version = platform.linux_distribution()[1] wo_platform_codename = os.popen( "/usr/bin/lsb_release -sc | tr -d \'\\n\'").read() @@ -153,7 +153,12 @@ class WOVariables(): "http://sfo1.mirrors.digitalocean.com/mariadb/repo/" "10.3/debian {codename} main" .format(codename=wo_platform_codename)) - wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] + + if wo_platform_codename == 'jessie': + wo_mysql = ["mariadb-server", "percona-toolkit", + "python3-mysql.connector"] + else: + wo_mysql = ["mariadb-server", "percona-toolkit", "python3-mysqldb"] wo_fail2ban = ["fail2ban"] From d7fc33ce0d42b386e54f4820bed00bd8541526f1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 12:24:10 +0200 Subject: [PATCH 71/83] Update README & add 22222 info --- CHANGELOG.md | 1 + README.md | 41 +++++++++++++++++++++-------------------- install | 14 ++++++++++---- wo/cli/plugins/stack.py | 13 ++++++++++--- 4 files changed, 42 insertions(+), 27 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e347b0d..df458f5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,6 +33,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Removed WordOps version from the Nginx header X-Powered-By to avoid possible security issues - Several code quality improvements to speed up WordOps execution - Few adjustements on PHP-FPM configuration (max_input_time,opcache.consistency_checks) +- Added /dev/urandom & /dev/shm to open_basedir in PHP-FPM configuration #### Fixed diff --git a/README.md b/README.md index 019b5b2..2aaccac 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,8 @@

An essential toolset that eases WordPress site and server administration

-WordOps + +

@@ -33,7 +34,7 @@

WordOps.netDocumentation • -Community forum • +Community ForumDashboard demo

@@ -48,28 +49,28 @@ - **Secured** : Hardened WordPress security with strict Nginx location directives - **Powerful** : Optimized Nginx configurations with multiple cache backends support - **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates with DNS API handled by acme.sh -- **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on ssllabs) +- **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on [ssllabs](https://www.ssllabs.com/ssltest/analyze.html?d=demo.wordops.eu&latest)) - **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata +- **User Friendly** : WordOps dashboard with server status/monitoring and tools ([demo](https://demo.wordops.eu)) + +--- ## Requirements ### Operating System -- Ubuntu 16.04 LTS (Xenial) +#### Recommended + - Ubuntu 18.04 LTS (Bionic) + +#### Also compatible + +- Ubuntu 16.04 LTS (Xenial) - Ubuntu 19.04 (Disco) -- Debian 8 (Jessie) - Debian 9 (Stretch) - Debian 10 (Buster) - Not ready for production - Raspbian 9 (Stretch) -### Ports requirements - -- SSH (22 or custom) -- HTTP & HTTPS (80 & 443) -- WO Admin (22222) -- GPG key Server (11371 outbound) - ## Getting Started ```bash @@ -77,9 +78,7 @@ wget -qO wo wops.cc && sudo bash wo # Install WordOps sudo wo site create example.com --wp # Install required packages & setup WordPress on example.com ``` -## Must read - -[From EasyEngine to WordOps](https://docs.wordops.net/about/from-easyengine-to-wordops/) +Detailed Getting Started guide with additional installation methods can be found in [the documentation](https://docs.wordops.net/getting-started/installation-guide/). ## Usage @@ -88,9 +87,9 @@ sudo wo site create example.com --wp # Install required packages & setup Wor ```bash wo site create example.com --wp # install wordpress without any page caching wo site create example.com --wp --php73 # install wordpress with PHP 7.3 without any page caching -wo site create example.com --wpsc # install wordpress with wp-super-cache plugin wo site create example.com --wpfc # install wordpress + nginx fastcgi_cache wo site create example.com --wpredis # install wordpress + nginx redis_cache +wo site create example.com --wpsc # install wordpress with wp-super-cache plugin ``` ### WordPress multisite with subdirectory @@ -116,17 +115,19 @@ wo site create example.com --wpsubdomain --wpredis # install wpmu-subdomain + n ```bash wo site create example.com --html # create example.com for static/html sites wo site create example.com --php # create example.com with php support +wo site create example.com --php73 # create example.com with php 7.3 support wo site create example.com --mysql # create example.com with php & mysql support +wo site create example.com --mysql --php73 # create example.com with php 7.3 & mysql support wo site create example.com --proxy=127.0.0.1:3000 # create example.com with nginx as reverse-proxy ``` ### Sites secured with Let's Encrypt ```bash -wo site create example.com --wp --letsencrypt # wordpress secured with letsencrypt -wo site create sub.example.com --wp --letsencrypt=subdomain # wordpress + letsencrypt subdomain -wo site create site.tld --wp --letsencrypt --hsts # install wordpress & secure site with letsencrypt with HSTS -wo site create site.tld --wp --letsencrypt=wildcard --dns=dns_cf # install wordpress & issue a wildcard SSL certificate with Cloudflare DNS API +wo site create example.com --wp --letsencrypt # wordpress & letsencrypt +wo site create sub.example.com --wp --letsencrypt=subdomain # wordpress & letsencrypt subdomain +wo site create site.tld --wp --letsencrypt --hsts # wordpress & letsencrypt with HSTS +wo site create site.tld --wp --letsencrypt=wildcard --dns=dns_cf # wordpress & wildcard SSL certificate with Cloudflare DNS API ``` ## Update WordOps diff --git a/install b/install index a650341..18957e6 100755 --- a/install +++ b/install @@ -686,6 +686,10 @@ wo_tweak_kernel() { } +wo_clean() { + rm -rf /usr/local/lib/python3.*/dist-packages/wo-* +} + wo_uninstall() { rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1 } @@ -716,9 +720,9 @@ else wo_install_dep | tee -ai $wo_install_log wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log wo_backup_wo | tee -ai $wo_install_log - wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log + wo_clean | tee -ai $wo_install_log if [ -f "$HOME/.gitconfig" ]; then wo_install >> $wo_install_log 2>&1 else @@ -726,15 +730,17 @@ else fi if [ -z "$wo_preserve_config" ]; then if [ -n "$(command -v nginx)" ]; then - if [ ! -f /etc/nginx/common/release ] || ! grep -q "v3.9.6" /etc/nginx/common/release; then + if [ ! -f /etc/nginx/common/release ] || ! grep -q "v3.9.7" /etc/nginx/common/release; then wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log wo_upgrade_nginx | tee -ai $wo_install_log fi fi fi wo_update_latest | tee -ai $wo_install_log - wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh | tee -ai $wo_install_log + if [ ! -d /opt/acme/.sh ]; then + wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log + fi wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log wo_tweak_kernel | tee -ai $wo_install_log wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index ef34d53..804b49f 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -11,6 +11,7 @@ import random import shutil import string import re +import request import psutil # from pynginxconfig import NginxConfig @@ -486,7 +487,7 @@ class WOStackController(CementBaseController): passwd = ''.join([random.choice (string.ascii_letters + string.digits) - for n in range(6)]) + for n in range(16)]) try: WOShellExec.cmd_exec(self, "printf \"WordOps:" "$(openssl passwd -crypt " @@ -594,6 +595,10 @@ class WOStackController(CementBaseController): ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') if set(["nginx"]).issubset(set(apt_packages)): + server_ip = requests.get('http://v4.wordops.eu') + print("WordOps backend configuration was successful\n" + + "You can access it on : https://{0}:22222" + .format(server_ip)) print("HTTP Auth User Name: WordOps" + "\nHTTP Auth Password : {0}".format(passwd)) WOService.reload_service(self, 'nginx') @@ -716,7 +721,8 @@ class WOStackController(CementBaseController): encoding='utf-8', mode='a') as myfile: myfile.write("\nphp_admin_value[open_basedir] " "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/\"\n") + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") # Generate /etc/php/7.2/fpm/pool.d/www-two.conf WOFileUtils.copyfile(self, "/etc/php/7.2/fpm/pool.d/www.conf", @@ -879,7 +885,8 @@ class WOStackController(CementBaseController): encoding='utf-8', mode='a') as myfile: myfile.write("\nphp_admin_value[open_basedir] " "= \"/var/www/:/usr/share/php/:" - "/tmp/:/var/run/nginx-cache/\"\n") + "/tmp/:/var/run/nginx-cache/:" + "/dev/shm:/dev/urandom\"\n") # Generate /etc/php/7.3/fpm/pool.d/www-two.conf WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", From 6776e66cbf55436be0fe5002e50f1f0d0614a5b6 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 12:30:06 +0200 Subject: [PATCH 72/83] Replace video by gif --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 2aaccac..827827f 100644 --- a/README.md +++ b/README.md @@ -6,8 +6,7 @@

An essential toolset that eases WordPress site and server administration

- - +WordOps

From c3fc1f3b65993716d16f8ccd88c50fb8985351d7 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 12:36:42 +0200 Subject: [PATCH 73/83] Fix import --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 804b49f..4ab3e7f 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -11,7 +11,7 @@ import random import shutil import string import re -import request +import requests import psutil # from pynginxconfig import NginxConfig From 0b3c1f3ee7f6a33922daae839c8dc651b0dfbab4 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 12:42:46 +0200 Subject: [PATCH 74/83] Add python3-requests --- install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install b/install index 18957e6..93d9f54 100755 --- a/install +++ b/install @@ -182,10 +182,10 @@ wo_install_dep() { } if [ "$wo_linux_distro" == "Ubuntu" ]; then # install dependencies - DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 + DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 else # install dependencies - DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 + DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1 # add php repository gpg key [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } # add nginx repository gpg key From bbe625a9c957aaacc6c775569864a6eb1bd92cea Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 14:24:25 +0200 Subject: [PATCH 75/83] Add contributing and code of conduct --- CODE_OF_CONDUCT.md | 73 ++++++++++++++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 41 ++++++++++++++++++++++++++ 2 files changed, 114 insertions(+) create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..5f8b59a --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,73 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, sex characteristics, gender identity and expression, +level of experience, education, socio-economic status, nationality, personal +appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team lead at contact@wordops.io. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +[homepage]: https://www.contributor-covenant.org diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..a7bb730 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,41 @@ +# Contributing + +Thank you for considering contributing to WordOps. + +We love to receive contributions. Maintaining a CLI tool for deploying WordPress with Nginx with a few key strokes require to have enough knowledge for each stack configuration and to work with non-interactive operations. We rely on community contributions and user feedback to continue providing the best CLI tool to deploy WordPress with Nginx, PHP-FPM, MariaDB and Redis. + +There are many ways to contribute, with varying requirements of skills, explained in detail in the following sections. + +## All WordOps Users + +### Give WordOps a GitHub star + +This is the minimum open-source users should contribute back to the projects they use. Github stars help the project gain visibility, stand out. So, if you use WordOps, consider pressing that button. **It really matters**. + +### Spread the word + +Community growth allows the project to attract new talent willing to contribute. This talent is then developing new features and improves the project. These new features and improvements attract more users and so on. It is a loop. So, post about WordOps, present it to local meetups you attend, let your online social network or twitter, facebook, reddit, etc. know you are using it. **The more people involved, the faster the project evolves**. + +### Provide feedback + +Is there anything that bothers you about WordOps? Did you experience an issue while installing it or using it? Would you like to see it evolve to you need? Let us know. [Open a github issue](https://github.com/WordOps/WordOps/issues) to discuss it or open a thread on our [Community Forum](https://community.wordops.net/). Feedback is very important for open-source projects. We can't commit we will do everything, but your feedback influences our road-map significantly. + +## Experienced Users + +### Help other users + +As the project grows, an increasing share of our time is spent on supporting this community of users in terms of answering questions, of helping users understand how WordOps works and find their way with it. Helping other users is crucial. It allows the developers and maintainers of the project to focus on improving it. + +### Improve documentation + +All of our documentation is in markdown (.md) files inside the WordOps GitHub project. All of our [HTML documentation](https://docs.wordops.net) is generated from these files. At the top right of each documentation page you will see a pencil, that leads you directly to the markdown file that was used to generated it. Don't be afraid to click it and edit any of these documents and submit a GitHub Pull Request with your corrections/additions. + +## Developers + +(available soon) + +### Contributions Ground Rules + +#### Code of Conduct and CLA + +We expect all contributors to abide by the [Contributor Covenant Code of Conduct](CODE_OF_CONDUCT.md). From 65813a309fa78c9c28a7de88b60a0772396df758 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 14:40:35 +0200 Subject: [PATCH 76/83] adding --php72 --- CHANGELOG.md | 2 ++ wo/cli/plugins/site.py | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df458f5..ba005be 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - More informations during certificate issuance about validation mode selected - `--php72` as alternative for `--php` - Automated removal of the deprecated variable `ssl on;` in previous Nginx ssl.conf +- Project Contributing guidelines +- Project Code of conduct #### Changed diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 2cb7bf8..e314b06 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -309,7 +309,7 @@ class WOSiteCreateController(CementBaseController): nargs='?')), (['--html'], dict(help="create html site", action='store_true')), - (['--php'], + (['--php72', '--php'], dict(help="create php 7.2 site", action='store_true')), (['--php73'], dict(help="create php 7.3 site", action='store_true')), @@ -800,7 +800,7 @@ class WOSiteUpdateController(CementBaseController): action='store_true')), (['--html'], dict(help="update to html site", action='store_true')), - (['--php'], + (['--php72', '--php'], dict(help="update to php site", action='store_true')), (['--php73'], dict(help="update to php73 site", From ffb88b6a9b4d5f4afb435fe81cc260cf20eac6c0 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 16:40:34 +0200 Subject: [PATCH 77/83] Fix pargs.php72 --- wo/cli/plugins/site.py | 139 ++++++++++++++++++++++------------------- 1 file changed, 74 insertions(+), 65 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index e314b06..d5e5e59 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -309,7 +309,9 @@ class WOSiteCreateController(CementBaseController): nargs='?')), (['--html'], dict(help="create html site", action='store_true')), - (['--php72', '--php'], + (['--php'], + dict(help="create php 7.2 site", action='store_true')), + (['--php72'], dict(help="create php 7.2 site", action='store_true')), (['--php73'], dict(help="create php 7.3 site", action='store_true')), @@ -367,6 +369,8 @@ class WOSiteCreateController(CementBaseController): @expose(hide=True) def default(self): pargs = self.app.pargs + if pargs.php72: + self.app.pargs.php = True # self.app.render((data), 'default.mustache') # Check domain name validation data = dict() @@ -800,8 +804,10 @@ class WOSiteUpdateController(CementBaseController): action='store_true')), (['--html'], dict(help="update to html site", action='store_true')), - (['--php72', '--php'], + (['--php72'], dict(help="update to php site", action='store_true')), + (['--php'], + dict(help="update to php site", action='store_true')), (['--php73'], dict(help="update to php73 site", action='store' or 'store_const', @@ -849,6 +855,9 @@ class WOSiteUpdateController(CementBaseController): def default(self): pargs = self.app.pargs + if pargs.php72: + self.app.pargs.php = True + if pargs.all: if pargs.site_name: Log.error(self, "`--all` option cannot be used with site name" @@ -1469,27 +1478,27 @@ class WOSiteUpdateController(CementBaseController): data['multisite'] and data['wpfc'])): try: plugin_data_object = {"log_level": "INFO", - "log_filesize": 5, - "enable_purge": 1, - "enable_map": "0", - "enable_log": 0, - "enable_stamp": 0, - "purge_homepage_on_new": 1, - "purge_homepage_on_edit": 1, - "purge_homepage_on_del": 1, - "purge_archive_on_new": 1, - "purge_archive_on_edit": 0, - "purge_archive_on_del": 0, - "purge_archive_on_new_comment": 0, - "purge_archive_on_deleted_comment": 0, - "purge_page_on_mod": 1, - "purge_page_on_new_comment": 1, - "purge_page_on_deleted_comment": 1, - "cache_method": "enable_fastcgi", - "purge_method": "get_request", - "redis_hostname": "127.0.0.1", - "redis_port": "6379", - "redis_prefix": "nginx-cache:"} + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_fastcgi", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', @@ -1509,27 +1518,27 @@ class WOSiteUpdateController(CementBaseController): data['wpredis'])): try: plugin_data_object = {"log_level": "INFO", - "log_filesize": 5, - "enable_purge": 1, - "enable_map": "0", - "enable_log": 0, - "enable_stamp": 0, - "purge_homepage_on_new": 1, - "purge_homepage_on_edit": 1, - "purge_homepage_on_del": 1, - "purge_archive_on_new": 1, - "purge_archive_on_edit": 0, - "purge_archive_on_del": 0, - "purge_archive_on_new_comment": 0, - "purge_archive_on_deleted_comment": 0, - "purge_page_on_mod": 1, - "purge_page_on_new_comment": 1, - "purge_page_on_deleted_comment": 1, - "cache_method": "enable_redis", - "purge_method": "get_request", - "redis_hostname": "127.0.0.1", - "redis_port": "6379", - "redis_prefix": "nginx-cache:"} + "log_filesize": 5, + "enable_purge": 1, + "enable_map": "0", + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_redis", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', @@ -1545,27 +1554,27 @@ class WOSiteUpdateController(CementBaseController): else: try: plugin_data_object = {"log_level": "INFO", - "log_filesize": 5, - "enable_purge": 0, - "enable_map": 0, - "enable_log": 0, - "enable_stamp": 0, - "purge_homepage_on_new": 1, - "purge_homepage_on_edit": 1, - "purge_homepage_on_del": 1, - "purge_archive_on_new": 1, - "purge_archive_on_edit": 0, - "purge_archive_on_del": 0, - "purge_archive_on_new_comment": 0, - "purge_archive_on_deleted_comment": 0, - "purge_page_on_mod": 1, - "purge_page_on_new_comment": 1, - "purge_page_on_deleted_comment": 1, - "cache_method": "enable_redis", - "purge_method": "get_request", - "redis_hostname": "127.0.0.1", - "redis_port": "6379", - "redis_prefix": "nginx-cache:"} + "log_filesize": 5, + "enable_purge": 0, + "enable_map": 0, + "enable_log": 0, + "enable_stamp": 0, + "purge_homepage_on_new": 1, + "purge_homepage_on_edit": 1, + "purge_homepage_on_del": 1, + "purge_archive_on_new": 1, + "purge_archive_on_edit": 0, + "purge_archive_on_del": 0, + "purge_archive_on_new_comment": 0, + "purge_archive_on_deleted_comment": 0, + "purge_page_on_mod": 1, + "purge_page_on_new_comment": 1, + "purge_page_on_deleted_comment": 1, + "cache_method": "enable_redis", + "purge_method": "get_request", + "redis_hostname": "127.0.0.1", + "redis_port": "6379", + "redis_prefix": "nginx-cache:"} plugin_data = json.dumps(plugin_data_object) setupwp_plugin( self, 'nginx-helper', From a56ea8776ec7d9fe94e63402a843524c63c8c527 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 16:51:17 +0200 Subject: [PATCH 78/83] Add message about WordOps backend --- wo/cli/plugins/stack.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 4ab3e7f..739dec5 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -594,9 +594,10 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') + server_ip = requests.get('http://v4.wordops.eu') if set(["nginx"]).issubset(set(apt_packages)): - server_ip = requests.get('http://v4.wordops.eu') - print("WordOps backend configuration was successful\n" + + + print("WordOps backend configuration was successful\n" "You can access it on : https://{0}:22222" .format(server_ip)) print("HTTP Auth User Name: WordOps" + @@ -607,6 +608,9 @@ class WOStackController(CementBaseController): "Name: WordOps"] + ["HTTP Auth Password : {0}" .format(passwd)]) + self.msg = (self.msg + ["WordOps backend is available " + "on https://{0}:22222" + .format(server_ip)]) else: WOService.restart_service(self, 'nginx') From ed85482a24fde65e9f4fa8f7a2b7c474be829767 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 17:03:10 +0200 Subject: [PATCH 79/83] Display server IP --- wo/cli/plugins/stack.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 739dec5..f91b2d6 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -610,7 +610,7 @@ class WOStackController(CementBaseController): .format(passwd)]) self.msg = (self.msg + ["WordOps backend is available " "on https://{0}:22222" - .format(server_ip)]) + .format(server_ip.text)]) else: WOService.restart_service(self, 'nginx') From 62eca49326716ad7fecabd94e3c9747bf816d0fd Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 18:43:38 +0200 Subject: [PATCH 80/83] Add hostname alternative --- README.md | 3 +-- wo/cli/plugins/stack.py | 6 ++++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 827827f..9605769 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,6 @@

WordOps -

@@ -47,7 +46,7 @@ - **Up-to-date** : PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Secured** : Hardened WordPress security with strict Nginx location directives - **Powerful** : Optimized Nginx configurations with multiple cache backends support -- **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates with DNS API handled by acme.sh +- **SSL** : Domain, Subdomain & Wildcard Let's Encrypt SSL certificates with DNS API support - **Modern** : Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on [ssllabs](https://www.ssllabs.com/ssltest/analyze.html?d=demo.wordops.eu&latest)) - **Monitoring** : Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata - **User Friendly** : WordOps dashboard with server status/monitoring and tools ([demo](https://demo.wordops.eu)) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index f91b2d6..ae27f19 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -609,8 +609,10 @@ class WOStackController(CementBaseController): ["HTTP Auth Password : {0}" .format(passwd)]) self.msg = (self.msg + ["WordOps backend is available " - "on https://{0}:22222" - .format(server_ip.text)]) + "on https://{0}:22222 " + "or https://{1}:22222" + .format(server_ip.text, + WOVariables.wo_fqdn)]) else: WOService.restart_service(self, 'nginx') From cfd0b42b26f0c522df758dc72df337ad13d31d47 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 18:49:51 +0200 Subject: [PATCH 81/83] Use bionic instead of xenial on Travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8b8258c..01e50c8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ sudo: required -dist: xenial +dist: bionic language: bash From 5d6756259ec95e89d94651da163e3978af1195bf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 19:21:53 +0200 Subject: [PATCH 82/83] Move variable server_ip --- wo/cli/plugins/stack.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index ae27f19..a1ccaf0 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -580,9 +580,11 @@ class WOStackController(CementBaseController): Log.error( self, "Failed to generate HTTPS " "certificate for 22222") + server_ip = requests.get('http://v4.wordops.eu') if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' .format(WOVariables.wo_webroot)): + with open("/var/www/22222/conf/nginx/" "ssl.conf", "a") as php_file: php_file.write("ssl_certificate " @@ -594,7 +596,7 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') - server_ip = requests.get('http://v4.wordops.eu') + if set(["nginx"]).issubset(set(apt_packages)): print("WordOps backend configuration was successful\n" From e0a605989e8f9364544dd7b8be7d0185adf47147 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 4 Aug 2019 19:28:06 +0200 Subject: [PATCH 83/83] Prepare for release --- install | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install b/install index 93d9f54..d0d2de2 100755 --- a/install +++ b/install @@ -495,7 +495,10 @@ wo_upgrade_nginx() { elif [ -n "$CHECK_NGINX_WO" ]; then apt-mark unhold nginx-wo nginx-common nginx-custom apt-get --assume-yes purge nginx-wo nginx-common nginx-custom --allow-change-held-packages - + if [ -n "$CHECK_PHP72" ]; then + apt-get purge php7.2-fpm -y -qq + rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} + fi fi if [ -d /etc/nginx ]; then rm -rf /etc/nginx