From d1f0ccc7202d43c90ee7640f7acd4b7c3c158ee1 Mon Sep 17 00:00:00 2001
From: jeroenlaylo <jeroen@laylo.io>
Date: Mon, 3 Dec 2018 23:06:09 +0100
Subject: [PATCH] Call for testing version :)

---
 install                | 63 +++++++++++++++++++-----------------------
 wo/cli/plugins/site.py | 14 +++++-----
 2 files changed, 36 insertions(+), 41 deletions(-)

diff --git a/install b/install
index b82c90a..1d94ead 100644
--- a/install
+++ b/install
@@ -66,7 +66,7 @@ fi
 wo_branch=$1
 migration=0
 readonly wo_version_old="2.2.3"
-readonly wo_version_new="3.9."
+readonly wo_version_new="3.9.2"
 readonly wo_log_dir=/var/log/wo/
 readonly wo_install_log=/var/log/wo/install.log
 readonly wo_linux_distro=$(lsb_release -i | awk '{print $3}')
@@ -335,30 +335,6 @@ function wo_install()
     python3 setup.py install || wo_lib_error "An error was encountered during the installation, exit status " $?
 }
 
-function wo_upgrade_php(){
-
-    if [ "$wo_linux_distro" == "Ubuntu" ]; then
-        add-apt-repository -y 'ppa:ondrej/php'
-        wo_lib_echo "Updating the PHP repository for some neat PHP 7 support"
-        apt-get update &>> /dev/null
-        apt-get -y install php7.2-fpm php7.2-curl php7.2-gd php7.2-imap php7.2-mcrypt php7.2-readline php7.2-mysql php7.2-cli php7.2-common php7.2-curl php7.2-mbstring php7.2-bcmath php7.2-recode php7.2-mysql php7.2-opcache php-memcached php-imagick memcached php-pear php-xdebug php-msgpack php7.2-zip php7.2-xml php7.2-soap php-memcache || wo_lib_error "Unable to install PHP 5.6 packages, exit status " 1
-        mkdir -p /var/log/php/7.2/
-        touch /var/log/php/7.2/slow.log /var/log/php/7.2/fpm.log
-        systemctl php7.2-fpm restart &>> /dev/null
-
-    elif [ "$wo_linux_distro" == "Debian" ]; then
-        apt-get install apt-transport-https lsb-release ca-certificates locales locales-all -y
-        export LC_ALL=en_US.UTF-8
-        export LANG=en_US.UTF-8
-        wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
-        echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
-        apt-get update &>> /dev/null
-        apt-get -y install php7.2-fpm php7.2-curl php7.2-gd php7.2-imap php7.2-mcrypt php7.2-readline php7.2-mysql php7.2-cli php7.2-common php7.2-curl php7.2-mbstring php7.2-bcmath php7.2-recode php7.2-mysql php7.2-opcache php-memcached php-imagick memcached php-pear php-xdebug php-msgpack php7.2-zip php7.2-xml php7.2-soap php-memcache || wo_lib_error "Unable to install PHP 5.6 packages, exit status " 1
-        systemctl php7.2-fpm restart &>> /dev/null 
-   fi
-
-}
-
 function wo_update_latest()
 {
 
@@ -586,8 +562,7 @@ if [ -f /etc/ImageMagick/policy.xml  ]
         # Replace the default ciphers
         sed -i 's/HIGH:!aNULL:!MD5:!kEDH;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf
         # Replace the EasyEngine ciphers
-        sed -i 's/ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
-/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf
+        sed -i 's/ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf
         # Change the TLS protocols
         if [ "$wo_distro_version" == "bionic" ]; then
             # Bionic supports TLSv1.3, so let's enable that
@@ -598,13 +573,33 @@ if [ -f /etc/ImageMagick/policy.xml  ]
         fi
     fi
 
-   #Fix for SSL cert --all
-   crontab -l | grep -q '\-\-min_expiry_limit'
-   if [[ $? -eq 0 ]]; then
+    if [ "$wo_linux_distro" == "Ubuntu" ]; then
+        add-apt-repository -y 'ppa:ondrej/php'
+        wo_lib_echo "Updating the PHP repository for some neat PHP 7.2 support"
+        apt-get update &>> /dev/null
+        apt-get -y install php7.2-fpm php7.2-curl php7.2-gd php7.2-imap php7.2-mcrypt php7.2-common php7.2-readline php7.2-redis php7.2-mysql php7.2-cli php7.2-memcache php7.2-imagick php7.2-mbstring php7.2-recode php7.2-bcmath php7.2-opcache php7.2-zip php7.2-xml php7.2-soap php7.2-msgpack memcached graphviz php-pear php7.2-xdebug || wo_lib_error "Not all PHP packages could be installed. " 1
+        mkdir -p /var/log/php/7.2/
+        touch /var/log/php/7.2/slow.log /var/log/php/7.2/fpm.log
+        systemctl php7.2-fpm restart &>> /dev/null
+
+    elif [ "$wo_linux_distro" == "Debian" ]; then
+        apt-get install apt-transport-https lsb-release ca-certificates locales locales-all -y
+        export LC_ALL=en_US.UTF-8
+        export LANG=en_US.UTF-8
+        wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
+        echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
+        apt-get update &>> /dev/null
+        apt-get -y install php7.2-fpm php7.2-curl php7.2-gd php7.2-imap php7.2-mcrypt php7.2-common php7.2-readline php7.2-redis php7.2-mysql php7.2-cli php7.2-memcache php7.2-imagick php7.2-mbstring php7.2-recode php7.2-bcmath php7.2-opcache php7.2-zip php7.2-xml php7.2-soap php7.2-msgpack memcached graphviz php-pear php7.2-xdebug || wo_lib_error "Not all PHP packages could be installed." 1
+        systemctl php7.2-fpm restart &>> /dev/null 
+    fi
+
+    #Fix for SSL cert --all
+    crontab -l | grep -q '\-\-min_expiry_limit'
+    if [[ $? -eq 0 ]]; then
         crontab -l > /var/spool/cron/cron-backup.txt  #backup cron before editing
         crontab -l | sed '/--min_expiry_limit/d' | crontab -
         /bin/bash -c "crontab -l 2> /dev/null | { cat; echo -e \"\n0 0 * * 0 wo site update --le=renew --all 2> /dev/null # Renew all letsencrypt SSL cert. Set by WordOps\"; } | crontab -"
-   fi
+    fi
 }
 
 # Do git intialisation
@@ -645,15 +640,15 @@ if [ ! -f /usr/local/bin/wo ]; then
     wo_install_dep | tee -ai $wo_install_log
     wo_lib_echo "Installing WordOps $wo_branch" | tee -ai $wo_install_log
     secure_wo_db | tee -ai $WO_INSTALL_LOG
-    wo_upgrade_php | tee -ai $wo_install_log
     wo_install | tee -ai $wo_install_log
     wo_update_latest | tee -ai $wo_install_log
     wo_lib_echo "Running post-install steps" | tee -ai $wo_install_log
-    secure_wo_db | tee -ai $WO_INSTALL_LOG
+    wo_sync_db 2&>>1 $WO_INSTALL_LOG
     wo_git_init | tee -ai $wo_install_log
     service nginx reload &>> /dev/null
     service php7.2-fpm restart &>> /dev/null
     wo_update_wp_cli | tee -ai $wo_install_log
+    ln -sf /usr/local/bin/wo /usr/local/sbin/ee 
 else
     wo -v 2>&1 | grep $wo_version_new &>> /dev/null
     if [[ $? -ne 0 ]];then
@@ -662,13 +657,13 @@ else
             wo_install_dep | tee -ai $wo_install_log
             wo_sync_db 2&>>1 $WO_INSTALL_LOG
             secure_wo_db | tee -ai $WO_INSTALL_LOG
-            wo_upgrade_php | tee -ai $wo_install_log
             wo_install | tee -ai $wo_install_log
             wo_update_latest | tee -ai $wo_install_log
             wo_git_init | tee -ai $wo_install_log
             service nginx reload &>> /dev/null
             service php7.2-fpm restart &>> /dev/null
             wo_update_wp_cli | tee -ai $wo_install_log
+            ln -sf /usr/local/bin/wo /usr/local/sbin/ee 
         else
             wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1
         fi
diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py
index f7ec234..1a7752e 100644
--- a/wo/cli/plugins/site.py
+++ b/wo/cli/plugins/site.py
@@ -1065,10 +1065,10 @@ class WOSiteUpdateController(CementBaseController):
                 if (expiry_days <= min_expiry_days):
                     renewLetsEncrypt(self,wo_domain)
                 else:
-                    Log.error(self,"More than 30 days left for certificate Expiry. Not renewing now.")
+                    Log.error(self,"You have more than 30 days with the current certificate - refusing to run.")
 
             else:
-                Log.error(self,"Cannot RENEW ! SSL is not configured for given site .")
+                Log.error(self,"Cannot renew - HTTPS is not configured for the given site. Install LE first...")
 
             if not WOService.reload_service(self, 'nginx'):
                             Log.error(self, "service nginx reload failed. "
@@ -1077,10 +1077,10 @@ class WOSiteUpdateController(CementBaseController):
                            " https://{0}".format(wo_domain))
             if (SSL.getExpirationDays(self,wo_domain)>0):
                     Log.info(self, "Your cert will expire within " + str(SSL.getExpirationDays(self,wo_domain)) + " days.")
-                    Log.info(self, "Expiration DATE: " + str(SSL.getExpirationDate(self,wo_domain)))
+                    Log.info(self, "Expiration date: " + str(SSL.getExpirationDate(self,wo_domain)))
 
             else:
-                    Log.warn(self, "Your cert already EXPIRED !. PLEASE renew soon . ")
+                    Log.warn(self, "The certificate seems to be already expired. Please renew it as soon as possible...")
             return 0
 
         if pargs.all and pargs.letsencrypt == "renew":
@@ -1098,11 +1098,11 @@ class WOSiteUpdateController(CementBaseController):
                     Log.info(self, "SUCCESS: Certificate was successfully renewed For"
                                " https://{0}".format(wo_domain))
                 else:
-                    Log.info(self,"More than 30 days left for certificate Expiry. Not renewing now.\n")
+                    Log.info(self,"You have more than 30 days with the current certificate - refusing to run.\n")
 
                 if (SSL.getExpirationDays(self,wo_domain)>0):
                         Log.info(self, "Your cert will expire within " + str(SSL.getExpirationDays(self,wo_domain)) + " days.")
-                        Log.info(self, "Expiration DATE: \n\n" + str(SSL.getExpirationDate(self,wo_domain)))
+                        Log.info(self, "Expiration date: \n\n" + str(SSL.getExpirationDate(self,wo_domain)))
                 return 0
                 #else:
                  #       Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
@@ -1113,7 +1113,7 @@ class WOSiteUpdateController(CementBaseController):
         if pargs.all and pargs.letsencrypt == "off":
             if letsencrypt is check_ssl:
                 if letsencrypt is False:
-                    Log.error(self, "SSl is not configured for given "
+                    Log.error(self, "HTTPS is not configured for given "
                              "site",False)
                     return 0
             pass