Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix hsts arg

Browse Source
This commit is contained in:
VirtuBox
2019-04-15 14:44:06 +02:00
parent 1e10bf6294
commit ce50ee30a4
3 changed files with 81 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
config/bash_completion.d/wo_auto.rc
View File

@@ -74,7 +74,7 @@ _wo_complete()
# HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE
"install" | "purge" | "remove" ) "install" | "purge" | "remove" )
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata" \ -W "--web --admin --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --all --redis --phpredisadmin --composer --netdata --fail2ban" \
-- $cur) ) -- $cur) )
;; ;;
"upgrade" ) "upgrade" )
@@ -84,7 +84,7 @@ _wo_complete()
;; ;;
"start" | "stop" | "reload" | "restart" | "status") "start" | "stop" | "reload" | "restart" | "status")
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \
-W "--nginx --php --php73 --mysql --memcache --redis" \ -W "--nginx --php --php73 --mysql --memcache --redis --fail2ban --netdata" \
-- $cur) ) -- $cur) )
;; ;;
"migrate") "migrate")
@@ -213,7 +213,7 @@ _wo_complete()
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73" retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --letsencrypt --php73"
elif [ ${COMP_WORDS[2]} == "update" ]; then elif [ ${COMP_WORDS[2]} == "update" ]; then
retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew" retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --letsencrypt --letsencrypt=subdomain --letsencrypt=off --letsencrypt=renew --le --le=subdomain --le=off "
else else
retlist="" retlist=""
fi fi
@@ -363,7 +363,7 @@ _wo_complete()
case "$mprev" in case "$mprev" in
"--user" | "--email" | "--pass") "--user" | "--email" | "--pass")
if [ ${COMP_WORDS[2]} == "create" ]; then if [ ${COMP_WORDS[2]} == "create" ]; then
retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt" retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --letsencrypt --letsencrypt=subdomain"
fi fi
ret="${retlist[@]/$prev}" ret="${retlist[@]/$prev}"
COMPREPLY=( $(compgen \ COMPREPLY=( $(compgen \

35
wo/cli/plugins/site.py
View File

@@ -673,13 +673,16 @@ class WOSiteCreateController(CementBaseController):
"`tail /var/log/wo/wordops.log` and please try again") "`tail /var/log/wo/wordops.log` and please try again")
if self.app.pargs.letsencrypt == "on": if self.app.pargs.letsencrypt == "on":
data['letsencrypt'] = True
letsencrypt = True
if self.app.pargs.hsts: if self.app.pargs.hsts:
if self.app.pargs.hsts == "on": data['letsencrypt'] = True
data['hsts'] = True letsencrypt = True
hsts = True data['hsts'] = True
hsts = True
else:
data['letsencrypt'] = True
letsencrypt = True
data['hsts'] = False
hsts = False
if data['letsencrypt'] is True: if data['letsencrypt'] is True:
setupLetsEncrypt(self, wo_domain) setupLetsEncrypt(self, wo_domain)
@@ -808,7 +811,7 @@ class WOSiteUpdateController(CementBaseController):
if not (pargs.php or pargs.php73 or if not (pargs.php or pargs.php73 or
pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.mysql or pargs.wp or pargs.wpsubdir or
pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or
pargs.wpredis or pargs.letsencrypt): pargs.wpredis or pargs.letsencrypt or pargs.hsts):
Log.error(self, "Please provide options to update sites.") Log.error(self, "Please provide options to update sites.")
if pargs.all: if pargs.all:
@@ -1315,16 +1318,21 @@ class WOSiteUpdateController(CementBaseController):
return 0 return 0
if pargs.hsts: if pargs.hsts:
if check_ssl: if os.path.isfile(("{0}/conf/nginx/ssl.conf")
if not os.path.isfile(("{0}/conf/nginx/hsts.conf.disabled") .format(wo_site_webroot)):
.format(wo_site_webroot)): if (not os.path.isfile("{0}/conf/nginx/hsts.conf.disabled"
.format(wo_site_webroot))):
setupHsts(self, wo_domain) setupHsts(self, wo_domain)
else: else:
WOFileUtils.mvfile(self, "{0}/conf/nginx/" WOFileUtils.mvfile(self, "{0}/conf/nginx/"
"hsts.conf.disabled" "hsts.conf.disabled"
.format(wo_site_webroot), .format(wo_site_webroot),
'{0}/conf/nginx/hsts.conf' '{0}/conf/nginx/hsts.conf'
.format(wo_site_webroot)) .format(wo_site_webroot))
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
else: else:
Log.error(self, "HTTPS is not configured for given " Log.error(self, "HTTPS is not configured for given "
"site") "site")
@@ -1552,15 +1560,14 @@ class WOSiteUpdateController(CementBaseController):
wpconfig = open("{0}".format(config_path), wpconfig = open("{0}".format(config_path),
encoding='utf-8', mode='a') encoding='utf-8', mode='a')
wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\'," wpconfig.write("\n\ndefine( \'WP_CACHE_KEY_SALT\',"
" \'{0}:\' );" " \'{0}:\' );".format(wo_domain))
.format(wo_domain))
wpconfig.close() wpconfig.close()
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Updating wp-config.php failed.") Log.debug(self, "Updating wp-config.php failed.")
Log.warn(self, "Updating wp-config.php failed. " Log.warn(self, "Updating wp-config.php failed. "
"Could not append:" "Could not append:"
"\ndefine( \'WP_CACHE_KEY_SALT\', " "\ndefine( \'WP_CACHE_KEY_SALT\', "
"\'{0}:\' );".format(wo_domain) + "\'{0}:\' );".format(wo_domain) +
"\nPlease add manually") "\nPlease add manually")
except SiteError as e: except SiteError as e:

67
wo/cli/plugins/site_functions.py
View File

@@ -141,7 +141,8 @@ def setupdomain(self, data):
def setupdatabase(self, data): def setupdatabase(self, data):
wo_domain_name = data['site_name'] wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase + wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 24))) string.ascii_lowercase +
string.digits, 24)))
wo_replace_dot = wo_domain_name.replace('.', '_') wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name') prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user') prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -242,7 +243,8 @@ def setupwordpress(self, data):
wo_wp_email = self.app.config.get('wordpress', 'email') wo_wp_email = self.app.config.get('wordpress', 'email')
# Random characters # Random characters
wo_random = (''.join(random.sample(string.ascii_uppercase + wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15))) string.ascii_lowercase +
string.digits, 15)))
wo_wp_prefix = '' wo_wp_prefix = ''
# wo_wp_user = '' # wo_wp_user = ''
# wo_wp_pass = '' # wo_wp_pass = ''
@@ -375,13 +377,15 @@ def setupwordpress(self, data):
import shutil import shutil
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd( Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd(
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(), os.pardir)))) )+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(),
os.pardir))))
shutil.move(os.getcwd()+'/wp-config.php', shutil.move(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir))) os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
except Exception as e: except Exception as e:
Log.error(self, 'Unable to move file from {0} to {1}' Log.error(self, 'Unable to move file from {0} to {1}'
.format(os.getcwd()+'/wp-config.php', .format(os.getcwd()+'/wp-config.php',
os.path.abspath(os.path.join(os.getcwd(), os.pardir))), False) os.path.abspath(os.path.join(os.getcwd(),
os.pardir))), False)
raise SiteError("Unable to move wp-config.php") raise SiteError("Unable to move wp-config.php")
if not wo_wp_user: if not wo_wp_user:
@@ -488,11 +492,47 @@ def setupwordpress(self, data):
"""Install nginx-helper plugin """ """Install nginx-helper plugin """
installwp_plugin(self, 'nginx-helper', data) installwp_plugin(self, 'nginx-helper', data)
if data['wpfc']: if data['wpfc']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_fastcgi","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_fastcgi",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data) 'rt_wp_nginx_helper_options', plugin_data, data)
elif data['wpredis']: elif data['wpredis']:
plugin_data = '{"log_level":"INFO","log_filesize":5,"enable_purge":1,"enable_map":0,"enable_log":0,"enable_stamp":0,"purge_homepage_on_new":1,"purge_homepage_on_edit":1,"purge_homepage_on_del":1,"purge_archive_on_new":1,"purge_archive_on_edit":0,"purge_archive_on_del":0,"purge_archive_on_new_comment":0,"purge_archive_on_deleted_comment":0,"purge_page_on_mod":1,"purge_page_on_new_comment":1,"purge_page_on_deleted_comment":1,"cache_method":"enable_redis","purge_method":"get_request","redis_hostname":"127.0.0.1","redis_port":"6379","redis_prefix":"nginx-cache:"}' plugin_data = '{"log_level":"INFO","log_filesize":5,'
'"enable_purge":1,"enable_map":0,'
'"enable_log":0,"enable_stamp":0,'
'"purge_homepage_on_new":1,'
'"purge_homepage_on_edit":1,'
'"purge_homepage_on_del":1,'
'"purge_archive_on_new":1,'
'"purge_archive_on_edit":0,'
'"purge_archive_on_del":0,'
'"purge_archive_on_new_comment":0,'
'"purge_archive_on_deleted_comment":0,'
'"purge_page_on_mod":1,'
'"purge_page_on_new_comment":1,'
'"purge_page_on_deleted_comment":1,'
'"cache_method":"enable_redis",'
'"purge_method":"get_request",'
'"redis_hostname":"127.0.0.1",'
'"redis_port":"6379",'
'"redis_prefix":"nginx-cache:"}'
setupwp_plugin(self, 'nginx-helper', setupwp_plugin(self, 'nginx-helper',
'rt_wp_nginx_helper_options', plugin_data, data) 'rt_wp_nginx_helper_options', plugin_data, data)
@@ -722,7 +762,8 @@ def site_package_check(self, stype):
self, "Error: two different PHP versions cannot be " self, "Error: two different PHP versions cannot be "
"combined within the same WordOps site") "combined within the same WordOps site")
if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir', 'wpsubdomain']: if not self.app.pargs.php73 and stype in ['php', 'mysql', 'wp', 'wpsubdir',
'wpsubdomain']:
Log.debug(self, "Setting apt_packages variable for PHP 7.2") Log.debug(self, "Setting apt_packages variable for PHP 7.2")
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if not WOAptGet.is_installed(self, 'php7.2-fpm'):
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if not WOAptGet.is_installed(self, 'php7.3-fpm'):
@@ -1105,7 +1146,8 @@ def detSitePar(opts):
def generate_random(): def generate_random():
wo_random10 = (''.join(random.sample(string.ascii_uppercase + wo_random10 = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 16))) string.ascii_lowercase +
string.digits, 16)))
return wo_random10 return wo_random10
@@ -1375,10 +1417,12 @@ def renewLetsEncrypt(self, wo_domain_name):
mail_list = '' mail_list = ''
if not ssl: if not ssl:
Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False) Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!",
False)
if (SSL.getExpirationDays(self, wo_domain_name) > 0): if (SSL.getExpirationDays(self, wo_domain_name) > 0):
Log.error(self, "Your current certificate will expire within " + Log.error(self, "Your current certificate will expire within " +
str(SSL.getExpirationDays(self, wo_domain_name)) + " days.", False) str(SSL.getExpirationDays(self, wo_domain_name)) +
" days.", False)
else: else:
Log.error(self, "Your current certificate already expired!", False) Log.error(self, "Your current certificate already expired!", False)
@@ -1523,7 +1567,8 @@ def archivedCertificateHandle(self, domain):
sslconf.write("listen 443 ssl http2;\n" sslconf.write("listen 443 ssl http2;\n"
"listen [::]:443 ssl http2;\n" "listen [::]:443 ssl http2;\n"
"ssl on;\n" "ssl on;\n"
"ssl_certificate {0}/{1}/fullchain.pem;\n" "ssl_certificate "
"{0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n" "ssl_certificate_key {0}/{1}/key.pem;\n"
.format(WOVariables.wo_ssl_live, domain)) .format(WOVariables.wo_ssl_live, domain))
sslconf.close() sslconf.close()