From e444886c52b3a95f2d46f4d3bc842f22a1a9cfd0 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 6 Sep 2019 22:21:16 +0200 Subject: [PATCH 01/20] Move setuphsts into sslutils --- wo/cli/plugins/site.py | 6 ++-- wo/cli/plugins/site_functions.py | 17 --------- wo/cli/plugins/stack_config.py | 52 ++++++++++++++++++++++++++++ wo/cli/templates/nginx-core.mustache | 2 +- wo/core/sslutils.py | 2 +- 5 files changed, 57 insertions(+), 22 deletions(-) create mode 100644 wo/cli/plugins/stack_config.py diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 4e19cfc..7846d55 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -768,7 +768,7 @@ class WOSiteCreateController(CementBaseController): httpsRedirect(self, wo_domain, True, wo_wildcard) if pargs.hsts: - setupHsts(self, wo_domain) + SSL.setuphsts(self, wo_domain) SSL.siteurlhttps(self, wo_domain) if not WOService.reload_service(self, 'nginx'): @@ -969,7 +969,7 @@ class WOSiteUpdateController(CementBaseController): pargs.wpsubdir or pargs.wpsubdomain or pargs.password)): try: - setupHsts(self, wo_domain) + SSL.setuphsts(self, wo_domain) except SiteError as e: Log.debug(self, str(e)) Log.info(self, "\nFail to enable HSTS") @@ -1474,7 +1474,7 @@ class WOSiteUpdateController(CementBaseController): .format(wo_site_webroot)): if not os.path.isfile("{0}/conf/nginx/hsts.conf" .format(wo_site_webroot)): - setupHsts(self, wo_domain) + SSL.setuphsts(self, wo_domain) else: Log.error(self, "HSTS is already configured for given " "site") diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index b6a1355..8156f11 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1548,23 +1548,6 @@ def renewLetsEncrypt(self, wo_domain_name): # redirect= False to disable https redirection -def setupHsts(self, wo_domain_name): - Log.info( - self, "Adding /var/www/{0}/conf/nginx/hsts.conf" - .format(wo_domain_name)) - - hstsconf = open("/var/www/{0}/conf/nginx/hsts.conf" - .format(wo_domain_name), - encoding='utf-8', mode='w') - hstsconf.write("more_set_headers " - "\"Strict-Transport-Security: " - "max-age=31536000; " - "includeSubDomains; " - "preload\";") - hstsconf.close() - return 0 - - def httpsRedirect(self, wo_domain_name, redirect=True, wildcard=False): if redirect: if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled" diff --git a/wo/cli/plugins/stack_config.py b/wo/cli/plugins/stack_config.py new file mode 100644 index 0000000..3c5166a --- /dev/null +++ b/wo/cli/plugins/stack_config.py @@ -0,0 +1,52 @@ +import os +import shutil + +from cement.core import handler, hook +from cement.core.controller import CementBaseController, expose + +from wo.cli.plugins.stack_pref import post_pref, pre_pref +from wo.core.aptget import WOAptGet +from wo.core.download import WODownload +from wo.core.extract import WOExtract +from wo.core.fileutils import WOFileUtils +from wo.core.logging import Log +from wo.core.services import WOService +from wo.core.shellexec import WOShellExec +from wo.core.variables import WOVariables + + +class WOStackUpgradeController(CementBaseController): + class Meta: + label = 'config' + stacked_on = 'stack' + stacked_type = 'nested' + exit_on_close = True + description = ('Upgrade stack safely') + arguments = [ + (['--nginx'], + dict(help='Upgrade all stack', action='store_true')), + (['--php'], + dict(help='Upgrade PHP 7.2 stack', action='store_true')), + (['--php73'], + dict(help='Upgrade PHP 7.3 stack', action='store_true')), + (['--mysql'], + dict(help='Upgrade MySQL stack', action='store_true')), + (['--wpcli'], + dict(help='Upgrade WPCLI', action='store_true')), + (['--redis'], + dict(help='Upgrade Redis', action='store_true')), + (['--netdata'], + dict(help='Upgrade Netdata', action='store_true')), + (['--dashboard'], + dict(help='Upgrade WordOps Dashboard', action='store_true')), + (['--composer'], + dict(help='Upgrade Composer', action='store_true')), + (['--phpmyadmin'], + dict(help='Upgrade phpMyAdmin', action='store_true')), + (['--no-prompt'], + dict(help="Upgrade Packages without any prompt", + action='store_true')), + (['--force'], + dict(help="Force Packages upgrade without any prompt", + action='store_true')), + ] diff --git a/wo/cli/templates/nginx-core.mustache b/wo/cli/templates/nginx-core.mustache index 9d205c5..dd1db4b 100644 --- a/wo/cli/templates/nginx-core.mustache +++ b/wo/cli/templates/nginx-core.mustache @@ -32,7 +32,7 @@ http { # Limit Request limit_req_status 403; limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; - limit_req_zone $binary_remote_addr zone=two:10m rate=10r/s; + limit_req_zone $binary_remote_addr zone=two:10m rate=10r/s; # Proxy Settings # set_real_ip_from proxy-server-ip; diff --git a/wo/core/sslutils.py b/wo/core/sslutils.py index b04745f..9bb620d 100644 --- a/wo/core/sslutils.py +++ b/wo/core/sslutils.py @@ -119,7 +119,7 @@ class SSL: return iswildcard - def setupHsts(self, wo_domain_name): + def setuphsts(self, wo_domain_name): Log.info( self, "Adding /var/www/{0}/conf/nginx/hsts.conf" .format(wo_domain_name)) From a70a45a484daa6899b05ead73b132ffcd86ab694 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 15 Sep 2019 14:47:58 +0200 Subject: [PATCH 02/20] Update main.py according to cement docs --- install | 9 ++-- wo/cli/main.py | 83 ++++++++++++++++----------------- wo/cli/plugins/stack_pref.py | 90 ++++++++++++++++++------------------ 3 files changed, 90 insertions(+), 92 deletions(-) diff --git a/install b/install index 926c222..88bf2ff 100755 --- a/install +++ b/install @@ -9,7 +9,7 @@ # ------------------------------------------------------------------------- # wget -qO wo wops.cc && sudo bash wo # ------------------------------------------------------------------------- -# Version 3.9.8.10 - 2019-09-04 +# Version 3.9.8.11 - 2019-09-07 # ------------------------------------------------------------------------- # CONTENTS @@ -541,6 +541,7 @@ wo_upgrade_nginx() { sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/php.conf/php72.conf/" /etc/nginx/sites-available/* sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* + sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* sed -i 's/ssl on;/#ssl on;/' /var/www/*/conf/nginx/ssl.conf # update redis.conf headers @@ -970,10 +971,10 @@ else elif [ "$wo_upgrade" = "1" ]; then wo_lib_echo "WordOps (wo) upgrade to $wo_version_new was succesfull!" echo - wo_lib_echo "To upgrade Nginx use the command:" - wo_lib_echo_info "wo stack upgrade --nginx" + wo_lib_echo "To upgrade WordOps stacks use the command:" + wo_lib_echo_info "wo stack upgrade --all" echo - wo_lib_echo "To update other packages use the command:" + wo_lib_echo "To update all other server packages use the command:" wo_lib_echo_info "wo maintenance" else wo_lib_echo "WordOps (wo) installed successfully" diff --git a/wo/cli/main.py b/wo/cli/main.py index d0c009e..36fbf04 100644 --- a/wo/cli/main.py +++ b/wo/cli/main.py @@ -79,56 +79,55 @@ class WOTestApp(WOApp): # Define the applicaiton object outside of main, as some libraries might wish # to import it as a global (rather than passing it into another class/func) -app = WOApp() - def main(): - try: - global sys - # Default our exit status to 0 (non-error) - code = 0 + with WOApp() as app: + try: + global sys + # Default our exit status to 0 (non-error) + code = 0 - # if not root...kick out - if not os.geteuid() == 0: - print("\nNon-privileged users cant use WordOps. " - "Switch to root or invoke sudo.\n") - app.close(1) + # if not root...kick out + if not os.geteuid() == 0: + print("\nNon-privileged users cant use WordOps. " + "Switch to root or invoke sudo.\n") + app.close(1) - # Setup the application - app.setup() + # Setup the application + app.setup() - # Dump all arguments into wo log - app.log.debug(sys.argv) + # Dump all arguments into wo log + app.log.debug(sys.argv) - # Run the application - app.run() - except exc.WOError as e: - # Catch our application errors and exit 1 (error) - code = 1 - print(e) - except FrameworkError as e: - # Catch framework errors and exit 1 (error) - code = 1 - print(e) - except CaughtSignal as e: - # Default Cement signals are SIGINT and SIGTERM, exit 0 (non-error) - code = 0 - print(e) - except Exception as e: - code = 1 - print(e) - finally: - # Print an exception (if it occurred) and --debug was passed - if app.debug: - import sys - import traceback + # Run the application + app.run() + except exc.WOError as e: + # Catch our application errors and exit 1 (error) + code = 1 + print(e) + except FrameworkError as e: + # Catch framework errors and exit 1 (error) + code = 1 + print(e) + except CaughtSignal as e: + # Default Cement signals are SIGINT and SIGTERM, exit 0 (non-error) + code = 0 + print(e) + except Exception as e: + code = 1 + print(e) + finally: + # Print an exception (if it occurred) and --debug was passed + if app.debug: + import sys + import traceback - exc_type, exc_value, exc_traceback = sys.exc_info() - if exc_traceback is not None: - traceback.print_exc() + exc_type, exc_value, exc_traceback = sys.exc_info() + if exc_traceback is not None: + traceback.print_exc() - # # Close the application - app.close(code) + # # Close the application + app.close(code) def get_test_app(**kw): diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index 7488f70..3aa4c24 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -780,22 +780,22 @@ def post_pref(self, apt_packages, packages, upgrade=False): with open("/etc/php/7.3/fpm/pool.d/debug.conf", encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") + myfile.write( + "php_admin_value[xdebug.profiler_output_dir] " + "= /tmp/ \nphp_admin_value[xdebug.profiler_" + "output_name] = cachegrind.out.%p-%H-%R " + "\nphp_admin_flag[xdebug.profiler_enable" + "_trigger] = on \nphp_admin_flag[xdebug." + "profiler_enable] = off\n") # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\'" - " /etc/php/7.3/mods-available" - "/xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.3/" - "mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") + if not WOShellExec.cmd_exec( + self, "grep -q \';zend_extension\'" + " /etc/php/7.3/mods-available/xdebug.ini"): + WOFileUtils.searchreplace( + self, "/etc/php/7.3/mods-available/" + "xdebug.ini", + "zend_extension", ";zend_extension") # PHP and Debug pull configuration if not os.path.exists('{0}22222/htdocs/fpm/status/' @@ -892,20 +892,21 @@ def post_pref(self, apt_packages, packages, upgrade=False): if not os.path.isfile("/etc/fail2ban/jail.d/custom.conf"): Log.info(self, "Configuring Fail2Ban") data = dict() - WOTemplate.render(self, - '/etc/fail2ban/jail.d/custom.conf', - 'fail2ban.mustache', - data, overwrite=False) - WOTemplate.render(self, - '/etc/fail2ban/filter.d/' - 'wo-wordpress.conf', - 'fail2ban-wp.mustache', - data, overwrite=False) - WOTemplate.render(self, - '/etc/fail2ban/filter.d/' - 'nginx-forbidden.conf', - 'fail2ban-forbidden.mustache', - data, overwrite=False) + WOTemplate.render( + self, + '/etc/fail2ban/jail.d/custom.conf', + 'fail2ban.mustache', + data, overwrite=False) + WOTemplate.render( + self, + '/etc/fail2ban/filter.d/wo-wordpress.conf', + 'fail2ban-wp.mustache', + data, overwrite=False) + WOTemplate.render( + self, + '/etc/fail2ban/filter.d/nginx-forbidden.conf', + 'fail2ban-forbidden.mustache', + data, overwrite=False) WOGit.add(self, ["/etc/fail2ban"], msg="Adding Fail2ban into Git") @@ -916,22 +917,18 @@ def post_pref(self, apt_packages, packages, upgrade=False): if os.path.isfile("/etc/proftpd/proftpd.conf"): Log.info(self, "Configuring ProFTPd") Log.debug(self, "Setting up Proftpd configuration") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# DefaultRoot", - "DefaultRoot") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# RequireValidShell", - "RequireValidShell") - WOFileUtils.searchreplace(self, "/etc/proftpd/" - "proftpd.conf", - "# PassivePorts " - " " - "49152 65534", - "PassivePorts " - " " - " 49000 50000") + WOFileUtils.searchreplace( + self, "/etc/proftpd/proftpd.conf", + "# DefaultRoot", "DefaultRoot") + WOFileUtils.searchreplace( + self, "/etc/proftpd/proftpd.conf", + "# RequireValidShell", "RequireValidShell") + WOFileUtils.searchreplace( + self, "/etc/proftpd/proftpd.conf", + "# PassivePorts " + "49152 65534", + "PassivePorts " + " 49000 50000") # proftpd TLS configuration if not os.path.isdir("/etc/proftpd/ssl"): WOFileUtils.mkdir(self, "/etc/proftpd/ssl") @@ -1361,9 +1358,10 @@ def post_pref(self, apt_packages, packages, upgrade=False): WOShellExec.cmd_exec(self, 'mysql < {0}22222/htdocs/db' '/anemometer/install.sql' .format(WOVariables.wo_webroot)) - except CommandExecutionError as e: + except Exception as e: Log.debug(self, "{0}".format(e)) - raise SiteError("Unable to import Anemometer database") + Log.error(self, "failed to configure Anemometer", + exit=False) WOMysql.execute(self, 'grant select on' ' *.* to \'anemometer\'' From af2073b3afab1227bfe24ce741b3fb131f775b07 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 15 Sep 2019 14:50:52 +0200 Subject: [PATCH 03/20] remove old --experimental flag --- wo/cli/plugins/site.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 7846d55..2a767b7 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -382,9 +382,6 @@ class WOSiteCreateController(CementBaseController): (['--vhostonly'], dict(help="only create vhost and database " "without installing WordPress", action='store_true')), - (['--experimental'], - dict(help="Enable Experimental packages without prompt", - action='store_true')), ] @expose(hide=True) From ebd216c073266dd24e2c364b6dc37cd294f3c0f9 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 15 Sep 2019 14:54:48 +0200 Subject: [PATCH 04/20] Fix main.py --- wo/cli/main.py | 87 +++++++++++++++++++++++++------------------------- 1 file changed, 44 insertions(+), 43 deletions(-) diff --git a/wo/cli/main.py b/wo/cli/main.py index 36fbf04..864deff 100644 --- a/wo/cli/main.py +++ b/wo/cli/main.py @@ -2,7 +2,7 @@ import os import sys -from cement.core import foundation +from cement.core.foundation import CementApp from cement.core.exc import CaughtSignal, FrameworkError from cement.ext.ext_argparse import ArgParseArgumentHandler from cement.utils.misc import init_defaults @@ -40,7 +40,7 @@ class WOArgHandler(ArgParseArgumentHandler): super(WOArgHandler, self).error("unknown args") -class WOApp(foundation.CementApp): +class WOApp(CementApp): class Meta: label = 'wo' @@ -79,55 +79,56 @@ class WOTestApp(WOApp): # Define the applicaiton object outside of main, as some libraries might wish # to import it as a global (rather than passing it into another class/func) +app = WOApp() + def main(): - with WOApp() as app: - try: - global sys - # Default our exit status to 0 (non-error) - code = 0 + try: + global sys + # Default our exit status to 0 (non-error) + code = 0 - # if not root...kick out - if not os.geteuid() == 0: - print("\nNon-privileged users cant use WordOps. " - "Switch to root or invoke sudo.\n") - app.close(1) + # if not root...kick out + if not os.geteuid() == 0: + print("\nNon-privileged users cant use WordOps. " + "Switch to root or invoke sudo.\n") + app.close(1) - # Setup the application - app.setup() + # Setup the application + app.setup() - # Dump all arguments into wo log - app.log.debug(sys.argv) + # Dump all arguments into wo log + app.log.debug(sys.argv) - # Run the application - app.run() - except exc.WOError as e: - # Catch our application errors and exit 1 (error) - code = 1 - print(e) - except FrameworkError as e: - # Catch framework errors and exit 1 (error) - code = 1 - print(e) - except CaughtSignal as e: - # Default Cement signals are SIGINT and SIGTERM, exit 0 (non-error) - code = 0 - print(e) - except Exception as e: - code = 1 - print(e) - finally: - # Print an exception (if it occurred) and --debug was passed - if app.debug: - import sys - import traceback + # Run the application + app.run() + except exc.WOError as e: + # Catch our application errors and exit 1 (error) + code = 1 + print(e) + except FrameworkError as e: + # Catch framework errors and exit 1 (error) + code = 1 + print(e) + except CaughtSignal as e: + # Default Cement signals are SIGINT and SIGTERM, exit 0 (non-error) + code = 0 + print(e) + except Exception as e: + code = 1 + print(e) + finally: + # Print an exception (if it occurred) and --debug was passed + if app.debug: + import sys + import traceback - exc_type, exc_value, exc_traceback = sys.exc_info() - if exc_traceback is not None: - traceback.print_exc() + exc_type, exc_value, exc_traceback = sys.exc_info() + if exc_traceback is not None: + traceback.print_exc() - # # Close the application - app.close(code) + # # Close the application + app.close(code) def get_test_app(**kw): From 40c330a523b3c8d40f35d178142243ab60da3614 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 15 Sep 2019 16:12:01 +0200 Subject: [PATCH 05/20] Switch to bionic --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 27d38af..a237494 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ sudo: required -dist: xenial +dist: bionic language: bash From 2745ae7227f065f85d5325f0468d57a8ba4a7a2c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Sun, 15 Sep 2019 21:45:33 +0200 Subject: [PATCH 06/20] Fix htpasswd protection when migrating from EasyEngine v3 --- CHANGELOG.md | 8 ++++++++ install | 1 + 2 files changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3777422..0d4c423 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +#### Changed + +- WP-CLI updated to v2.3.0 + +#### Fixed + +- htpasswd protection when migrating from EasyEngine v3 [Issue #152](https://github.com/WordOps/WordOps/issues/152) + ### v3.9.8.11 - 2019-09-06 #### Changed diff --git a/install b/install index 88bf2ff..49ee625 100755 --- a/install +++ b/install @@ -539,6 +539,7 @@ wo_upgrade_nginx() { sed -i "s/locations-php71.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/locations-php72.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/htpasswd-ee/htpasswd-wo/" /etc/nginx/common/acl.conf sed -i "s/php.conf/php72.conf/" /etc/nginx/sites-available/* sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* From f7dbdab891a1237665199044f574ea073b03857b Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 16 Sep 2019 03:11:52 +0200 Subject: [PATCH 07/20] Add travis webhook --- .travis.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.travis.yml b/.travis.yml index a237494..4d263aa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,6 +5,8 @@ language: bash notifications: slack: wordops:MyZBNbI7JfhbAi3YyFckMdaa + webhooks: + secure: "JiGtzYplTyFg/L6Rsi7ptEQIV29O5qCWU2Zf5pLITsQrBrQO4cIXXp9G4Z+cenXjfIiqbqIgU0US3zXeIAl4g14xdfzmMYeMMwuKBpI8afMYv8MD6ldoP0MTFHQfROE6OXxKLVUvZn1R0oLLU1fzVSI0qGjNkt20cf/Lrt/reH/zS5hAI92kWI3u2zPu7Zn/g/a8MO/Y3Iv7v1PSQaVkVJVqtOK3U2GJqhIv2G1AVcaPb7Nh/V2zm2dDYBVT0UotBnlBUcUXbEMP77D9pjtWXd1/0rWuJIHixMjwUybpZqY75UMee5INynU6OZRsv029LRHAIMkWhfBkdVN/U5jhQJzui14+vRQrb5nfUMG8Cd8INojDlu6dk/ps2GzTCCXBITeMQKAouUoHD2LEbsNp17xi1K4ZlKb3+0lrOAiS4JYFE6wOo4yMlLTYoquYSqk7AuxuUS8A5OD5MYxhk9uafiTSxKFOo39KYWTSaACsPD8q1swaTSjoYm9skyZvIkIFq5bHBCYEGFe6X/NY9l5tz3hSe+TJOerCHsg+dXVuQl+pIp5nw2as9TH9ox5Vgqc9Zh4GbTDQVvdAmUpmlsZ/SKoOMCkmkB1aRNFq/7RnERIJyAEGJbauHWmjtOM4cCxesl0L0b2Eab89zQpSn7pzE8JTiJgpzCUc22p653PTaqM=" addons: apt: From 7b6532f1185a2541d450d224c4fc747b2b54cb2d Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 17 Sep 2019 01:30:58 +0200 Subject: [PATCH 08/20] Split setup.py in two file to redirect logs --- gitconfig.py | 34 ++++++++++++++++++++++++++++++++++ install | 10 +++------- setup.py | 38 +++----------------------------------- wo/core/variables.py | 2 +- 4 files changed, 41 insertions(+), 43 deletions(-) create mode 100644 gitconfig.py diff --git a/gitconfig.py b/gitconfig.py new file mode 100644 index 0000000..65ef8e2 --- /dev/null +++ b/gitconfig.py @@ -0,0 +1,34 @@ +import configparser +import os +import re +import shutil + +# WordOps git configuration management +config = configparser.ConfigParser() +config.read(os.path.expanduser("~")+'/.gitconfig') +try: + wo_user = config['user']['name'] + wo_email = config['user']['email'] +except Exception: + print("WordOps (wo) require an username & and an email " + "address to configure Git (used to save server configurations)") + print("Your informations will ONLY be stored locally") + + wo_user = input("Enter your name: ") + while wo_user == "": + print("Unfortunately, this can't be left blank") + wo_user = input("Enter your name: ") + + wo_email = input("Enter your email: ") + + while not re.match(r"^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$", + wo_email): + print("Whoops, seems like you made a typo - " + "the e-mailaddress is invalid...") + wo_email = input("Enter your email: ") + + os.system("git config --global user.name {0}".format(wo_user)) + os.system("git config --global user.email {0}".format(wo_email)) + +if not os.path.isfile('/root/.gitconfig'): + shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') diff --git a/install b/install index 49ee625..3bf236a 100755 --- a/install +++ b/install @@ -462,13 +462,9 @@ wo_install() { [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } fi - if [ -f "$HOME/.gitconfig" ]; then - # install and redirect log to not print python package install - python3 setup.py install >> $wo_install_log 2>&1 - else - # install without redirecting logs to prompt user for name & email - python3 setup.py install - fi + # install and redirect log to not print python package install + python3 gitconfig.py + python3 setup.py install >> $wo_install_log 2>&1 } diff --git a/setup.py b/setup.py index 66e548f..8b3b270 100644 --- a/setup.py +++ b/setup.py @@ -1,10 +1,8 @@ -from setuptools import setup, find_packages -import os import glob -import configparser -import re -import shutil +import os + +from setuptools import find_packages, setup conf = [] templates = [] @@ -26,36 +24,6 @@ if not os.path.exists('/var/log/wo/'): if not os.path.exists('/var/lib/wo/'): os.makedirs('/var/lib/wo/') -# WordOps git configuration management -config = configparser.ConfigParser() -config.read(os.path.expanduser("~")+'/.gitconfig') -try: - wo_user = config['user']['name'] - wo_email = config['user']['email'] -except Exception: - print("WordOps (wo) require an username & and an email " - "address to configure Git (used to save server configurations)") - print("Your informations will ONLY be stored locally") - - wo_user = input("Enter your name: ") - while wo_user == "": - print("Unfortunately, this can't be left blank") - wo_user = input("Enter your name: ") - - wo_email = input("Enter your email: ") - - while not re.match(r"^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$", - wo_email): - print("Whoops, seems like you made a typo - " - "the e-mailaddress is invalid...") - wo_email = input("Enter your email: ") - - os.system("git config --global user.name {0}".format(wo_user)) - os.system("git config --global user.email {0}".format(wo_email)) - -if not os.path.isfile('/root/.gitconfig'): - shutil.copy2(os.path.expanduser("~")+'/.gitconfig', '/root/.gitconfig') - setup(name='wo', version='3.9.8.11', description=long_description, diff --git a/wo/core/variables.py b/wo/core/variables.py index fb3dd39..fb7b664 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -13,7 +13,7 @@ class WOVariables(): # WordOps version wo_version = "3.9.8.11" # WordOps packages versions - wo_wp_cli = "2.2.0" + wo_wp_cli = "2.3.0" wo_adminer = "4.7.2" wo_phpmyadmin = "4.9.0.1" wo_extplorer = "2.1.13" From 91097c87dcfbe3614d67ff514a8ff183c3f3fdb5 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 17 Sep 2019 03:20:12 +0200 Subject: [PATCH 09/20] Improve install script --- README.md | 8 ++-- install | 131 +++++++++++++++++++++++++++--------------------------- 2 files changed, 69 insertions(+), 70 deletions(-) diff --git a/README.md b/README.md index d0dfe1a..9dc7748 100644 --- a/README.md +++ b/README.md @@ -11,13 +11,13 @@

build -MIT -Commits +MIT +Commits GitHub release
WordOps install codacy -Badge Twitter -Badge Slack +Badge Twitter +Badge Rocket.chat

diff --git a/install b/install index 3bf236a..29df611 100755 --- a/install +++ b/install @@ -133,7 +133,6 @@ echo "" # 1- Check whether lsb_release is installed, and if not, install it ### if ! command_exists lsb_release; then - wo_lib_echo "Installing lsb-release, please /bin/bash --init-file <(echo 'source /etc/bash_completion.d/wo_auto.rc')..." apt-get install lsb-release -qq fi @@ -245,7 +244,7 @@ wo_timesync() { # enable ntp timedatectl set-ntp 1 fi -} +} >> $wo_install_log 2>&1 ### # 3 - Create/migrate the essentials @@ -442,28 +441,35 @@ wo_install_acme_sh() { fi } -# Clone Github repository if it doesn't exist -wo_install() { - { - rm -f /etc/bash_completion.d/wo_auto.rc - rm -rf /var/lib/wo/tmp/WordOps-* - if [ -z "$wo_version" ]; then - curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp - cd "/var/lib/wo/tmp/WordOps-$wo_branch" || exit 1 - else - curl -sL https://github.com/WordOps/WordOps/archive/v${wo_version}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp - cd "/var/lib/wo/tmp/WordOps-$wo_version" || exit 1 - fi +# Download WordOps +wo_download() { + rm -f /etc/bash_completion.d/wo_auto.rc + rm -rf /var/lib/wo/tmp/WordOps-* + if [ -z "$wo_version" ]; then + curl -sL https://github.com/WordOps/WordOps/archive/${wo_branch}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp + mv "/var/lib/wo/tmp/WordOps-$wo_branch" /var/lib/wo/tmp/WordOps-install + else + curl -sL https://github.com/WordOps/WordOps/archive/v${wo_version}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp + mv "/var/lib/wo/tmp/WordOps-$wo_version" /var/lib/wo/tmp/WordOps-install + fi +} >> "$wo_install_log" 2>&1 - } \ - >> "$wo_install_log" 2>&1 +wo_git_config() { if [ "$wo_force_install" = "y" ]; then [ ! -f "$HOME/.gitconfig" ] && { bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME.local" > $HOME/.gitconfig'; } fi - # install and redirect log to not print python package install + # .gitconfig inital setup + cd /var/lib/wo/tmp/WordOps-install || exit 1 python3 gitconfig.py + +} + +# WordOps install +wo_install() { + + cd /var/lib/wo/tmp/WordOps-install || exit 1 python3 setup.py install >> $wo_install_log 2>&1 } @@ -536,9 +542,6 @@ wo_upgrade_nginx() { sed -i "s/locations-php72.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* sed -i "s/htpasswd-ee/htpasswd-wo/" /etc/nginx/common/acl.conf - sed -i "s/php.conf/php72.conf/" /etc/nginx/sites-available/* - sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* - sed -i "s/php7.conf/php72.conf/" /etc/nginx/sites-available/* sed -i 's/ssl on;/#ssl on;/' /var/www/*/conf/nginx/ssl.conf # update redis.conf headers @@ -639,22 +642,22 @@ wo_git_init() { } wo_backup_ee() { - /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt >> /var/log/wo/install.log 2>&1 -} + /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt +} >> $wo_install_log 2>&1 wo_backup_wo() { /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 -} +} >> $wo_install_log 2>&1 wo_clean_ee() { - rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee >> /var/log/wo/install.log 2>&1 -} + rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee +} >> $wo_install_log 2>&1 wo_remove_ee_cron() { crontab -l | sed '/ee site update --le=renew --all 2> \/dev\/null/d' | crontab - -} +} >> $wo_install_log 2>&1 wo_tweak_kernel() { @@ -671,7 +674,7 @@ wo_tweak_kernel() { # apply sysctl tweaks sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf fi -} +} >> $wo_install_log 2>&1 wo_systemd_tweak() { @@ -691,11 +694,11 @@ wo_systemd_tweak() { echo -e "* hard nofile 500000\n* soft nofile 500000\nroot hard nofile 500000\nroot soft nofile 500000\n" >> /etc/security/limits.conf fi -} +} >> $wo_install_log 2>&1 wo_domain_suffix() { curl -sL https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat | sed '/^\/\//d' | sed '/^$/d' | sed 's/^\s+//g' > /var/lib/wo/public_suffix_list.dat -} +} >> $wo_install_log 2>&1 wo_mariadb_tweak() { # increase mariadb open_files_limit @@ -724,11 +727,11 @@ wo_nginx_tweak() { wo_clean() { rm -rf /usr/local/lib/python3.*/dist-packages/wo-* -} +} >> $wo_install_log 2>&1 wo_uninstall() { - rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates >> /var/log/wo/install.log 2>&1 -} + rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates +} >> $wo_install_log 2>&1 wo_ufw_setup() { if ! grep -q "ENABLED=yes" /etc/ufw/ufw.conf; then @@ -798,7 +801,7 @@ wo_cheat_install() { ln -s /usr/local/bin/cht.sh /usr/local/bin/cheat } curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh -} +} >> $wo_install_log 2>&1 ### # 4 - WO MAIN SETUP @@ -825,20 +828,19 @@ else wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log wo_backup_wo & secure_wo_db & - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log + wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log + wo_download & wo_clean & wait + wo_git_config + wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log if [ "$wo_travis" = "y" ]; then wo_install_travis & else - if [ -f "$HOME/.gitconfig" ]; then - wo_install >> $wo_install_log 2>&1 & - else - wo_install - fi + wo_install fi wo_update_latest & - if [ ! -d /opt/acme/.sh ]; then + if [ ! -d /opt/acme.sh ]; then wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log wo_install_acme_sh & fi @@ -869,32 +871,30 @@ else fi fi wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - wo_install_dep >> $wo_install_log 2>&1 & - wo_timesync >> $wo_install_log 2>&1 & + wo_install_dep & + wo_timesync & wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log - wo_backup_ee >> $wo_install_log 2>&1 & + wo_backup_ee & wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log - wo_remove_ee_cron >> $wo_install_log 2>&1 & + wo_remove_ee_cron & wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log wo_sync_db >> $wo_install_log 2>&1 & - secure_wo_db >> $wo_install_log 2>&1 & + secure_wo_db & + wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log + wo_download & wait wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - if [ -f "$HOME/.gitconfig" ]; then - wo_install >> $wo_install_log 2>&1 & - else - wo_install | tee -ai $wo_install_log - fi + wo_install if command_exists nginx; then wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log - wo_upgrade_nginx >> $wo_install_log 2>&1 & + wo_upgrade_nginx & fi wait - wo_update_latest >> $wo_install_log 2>&1 & + wo_update_latest & wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh >> $wo_install_log 2>&1 & + wo_install_acme_sh & wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel >> $wo_install_log 2>&1 & + wo_tweak_kernel & if [ ! -f /opt/wo-kernel.sh ]; then wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log wo_systemd_tweak & @@ -905,7 +905,7 @@ else if [ -d /etc/systemd/system/mariadb.service.d ]; then wo_mariadb_tweak & fi - wo_domain_suffix >> $wo_install_log & + wo_domain_suffix & wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log { wo_git_init & @@ -921,33 +921,32 @@ else [ -z "$wo_travis" ] && { wo_dist_upgrade >> $wo_install_log } - wo_install_dep >> $wo_install_log & - wo_timesync >> $wo_install_log & + wo_install_dep & + wo_timesync & + wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log + wo_download & wait + wo_git_config wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log if [ "$wo_travis" = "y" ]; then - wo_install_travis | tee -ai $wo_install_log & + wo_install_travis & else - if [ -f "$HOME/.gitconfig" ]; then - wo_install >> $wo_install_log 2>&1 & - else - wo_install | tee -ai $wo_install_log - fi + wo_install fi if [ "$ufw" = "y" ]; then wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log wo_ufw_setup & fi wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel >> $wo_install_log 2>&1 & + wo_tweak_kernel & if [ ! -f /opt/wo-kernel.sh ]; then wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log - wo_systemd_tweak >> $wo_install_log 2>&1 & + wo_systemd_tweak & fi wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log + wo_install_acme_sh & wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log { - wo_install_acme_sh & secure_wo_db & wo_cheat_install & wo_domain_suffix & From 02f0d6d155762c2fb90943e50bde0eb2d88d080e Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Tue, 17 Sep 2019 15:37:35 +0200 Subject: [PATCH 10/20] Fix travis --- install | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/install b/install index 29df611..bba4756 100755 --- a/install +++ b/install @@ -832,11 +832,11 @@ else wo_download & wo_clean & wait - wo_git_config wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log if [ "$wo_travis" = "y" ]; then wo_install_travis & else + wo_git_config wo_install fi wo_update_latest & @@ -926,11 +926,12 @@ else wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log wo_download & wait - wo_git_config - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log if [ "$wo_travis" = "y" ]; then + wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_install_travis & else + wo_git_config + wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log wo_install fi if [ "$ufw" = "y" ]; then @@ -952,6 +953,7 @@ else wo_domain_suffix & wo_git_init & wo_update_wp_cli & + wait } >> $wo_install_log wait fi From 9281b6f260e82d684a1ab68f35902fb00931f269 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 18 Sep 2019 11:20:23 +0200 Subject: [PATCH 11/20] Refactor install script --- CHANGELOG.md | 3 + install | 599 ++++++++++++++++++++++----------------------------- 2 files changed, 258 insertions(+), 344 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d4c423..9f7d6a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,10 +11,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), #### Changed - WP-CLI updated to v2.3.0 +- Improved SSL certificates management from previous letsencrypt or certbot install +- Use a separate python file for gitconfig during installation to redirect setup.py output into logs #### Fixed - htpasswd protection when migrating from EasyEngine v3 [Issue #152](https://github.com/WordOps/WordOps/issues/152) +- acme.sh install when migration from EasyEngine v3 [Issue #153](https://github.com/WordOps/WordOps/issues/153) ### v3.9.8.11 - 2019-09-06 diff --git a/install b/install index bba4756..c512171 100755 --- a/install +++ b/install @@ -9,7 +9,7 @@ # ------------------------------------------------------------------------- # wget -qO wo wops.cc && sudo bash wo # ------------------------------------------------------------------------- -# Version 3.9.8.11 - 2019-09-07 +# Version 3.9.8.12 - 2019-09-18 # ------------------------------------------------------------------------- # CONTENTS @@ -107,10 +107,22 @@ unset LANG export LANG='en_US.UTF-8' export LC_ALL='C.UTF-8' +# check if a command exist command_exists() { command -v "$@" > /dev/null 2>&1 } +# run functions and exit on failure +_run() { + if [ -n "$2" ]; then + wo_lib_echo "$2" + fi + if ! { "$1" >> "$wo_install_log" 2>&1; }; then + exit 1 + fi + +} + if [ -z "$wo_travis" ]; then if command_exists curl; then apt-get update -qq & @@ -160,8 +172,10 @@ WO_ARCH="$(uname -m)" if [ -x /usr/local/bin/ee ]; then ee_migration=1 + ufw="n" elif [ -x /usr/local/bin/wo ]; then wo_upgrade=1 + ufw="n" fi if [ -z "$ufw" ]; then ufw="y" @@ -189,7 +203,6 @@ fi ### if [ ! -d "$wo_log_dir" ] || [ ! -d "$wo_backup_dir" ] || [ ! -d "$wo_tmp_dir" ]; then - wo_lib_echo "Creating WordOps directory" mkdir -p "$wo_backup_dir" "$wo_log_dir" "$wo_tmp_dir" || wo_lib_error "Whoops - seems we are unable to create the log directory $wo_log_dir, exit status " $? # create wordops log files @@ -203,48 +216,47 @@ fi #### wo_dist_upgrade() { - # update server packages + # perform server packages upgrade apt-get dist-upgrade --option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes --quiet -} >> "$wo_install_log" 2>&1 +} wo_install_dep() { - { + if [ "$wo_linux_distro" == "Ubuntu" ]; then + # install dependencies + apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ + build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \ + gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 + add-apt-repository ppa:wordops/nginx-wo -yn + else + # install dependencies + apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ + build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar \ + software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 + # add php repository gpg key + [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } + # add nginx repository gpg key + curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_10/Release.key | apt-key add - + fi - if [ "$wo_linux_distro" == "Ubuntu" ]; then - # install dependencies - apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ - build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \ - gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 - add-apt-repository ppa:wordops/nginx-wo -yn - else - # install dependencies - apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \ - build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar \ - software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1 - # add php repository gpg key - [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; } - # add nginx repository gpg key - curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_10/Release.key | apt-key add - - fi - - locale-gen en - # enable unattended upgades - if [ ! -f /etc/apt/apt.conf.d/20auto-upgrades ]; then - cp /usr/share/unattended-upgrades/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades - fi - } >> "$wo_install_log" 2>&1 + locale-gen en + # enable unattended upgades + if [ ! -f /etc/apt/apt.conf.d/20auto-upgrades ]; then + cp /usr/share/unattended-upgrades/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades + fi } wo_timesync() { # set default ntp pools - if ! grep -q "time.cloudflare.com" /etc/systemd/timesyncd.conf; then - sed -e 's/^#NTP=/NTP=time.cloudflare.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org/' -i /etc/systemd/timesyncd.conf - # enable ntp - timedatectl set-ntp 1 + if [ -f /etc/systemd/timesyncd.conf ]; then + if ! grep -q "time.cloudflare.com" /etc/systemd/timesyncd.conf; then + sed -e 's/^#NTP=/NTP=time.cloudflare.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org/' -i /etc/systemd/timesyncd.conf + # enable ntp + timedatectl set-ntp 1 + fi fi -} >> $wo_install_log 2>&1 +} ### # 3 - Create/migrate the essentials @@ -370,66 +382,65 @@ secure_wo_db() { # Update the WP-CLI version wo_update_wp_cli() { - { - WP_CLI_PATH=$(command -v wp) - if [ -n "$WP_CLI_PATH" ]; then - rm -rf "$WP_CLI_PATH" - fi - # Update WP-CLI to the most recent version - wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar - chmod +x /usr/local/bin/wp - [ ! -h /usr/bin/wp ] && { - ln -s /usr/local/bin/wp /usr/bin/ - } - [ -d /etc/bash_completion.d ] && { - wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash - } - } >> "$wo_install_log" 2>&1 + WP_CLI_PATH=$(command -v wp) + if [ -n "$WP_CLI_PATH" ]; then + rm -rf "$WP_CLI_PATH" + fi + # Update WP-CLI to the most recent version + wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar + chmod +x /usr/local/bin/wp + [ ! -h /usr/bin/wp ] && { + ln -s /usr/local/bin/wp /usr/bin/ + } + [ -d /etc/bash_completion.d ] && { + wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash + } + } wo_install_acme_sh() { # check if acme.sh is already installed - if [ ! -x /etc/letsencrypt/acme.sh ] && [ ! -d /etc/letsencrypt/archive ]; then - { - # clone the git repository - if [ -d /opt/acme.sh/.git ]; then - git -C /opt/acme.sh pull origin master - else - git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q - fi - cd /opt/acme.sh || exit 1 - # create conf directories - mkdir -p /etc/letsencrypt/{config,live,renewal} - # install acme.sh - ./acme.sh --install \ - --home /etc/letsencrypt \ - --config-home /etc/letsencrypt/config \ - --cert-home /etc/letsencrypt/renewal - # enable auto-upgrade - /etc/letsencrypt/acme.sh --config-home '/etc/letsencrypt/config' --upgrade --auto-upgrade + if [ ! -x /etc/letsencrypt/acme.sh ]; then + + # clone the git repository + if [ -d /opt/acme.sh/.git ]; then + git -C /opt/acme.sh pull origin master + else + git clone --depth=50 https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q + fi + cd /opt/acme.sh || exit 1 + # create conf directories + mkdir -p /etc/letsencrypt/{config,live,renewal} + # install acme.sh + ./acme.sh --install \ + --home /etc/letsencrypt \ + --config-home /etc/letsencrypt/config \ + --cert-home /etc/letsencrypt/renewal + # enable auto-upgrade + /etc/letsencrypt/acme.sh --config-home '/etc/letsencrypt/config' --upgrade --auto-upgrade - } >> "$wo_install_log" 2>&1 fi - if [ -x "$HOME/.acme.sh/acme.sh" ]; then - { - # backup acme.sh folder - /bin/tar -I pigz -cf /var/lib/wo-backup/acme.sh.tar.gz "$HOME/.acme.sh" - # rsync previous certificates to new acme.sh location - /usr/bin/rsync -rltgoDpz --exclude="account.conf" \ - --exclude="acme.sh" \ - --exclude="acme.sh.env" \ - --exclude="deploy" \ - --exclude="dnsapi" \ - --exclude="http.header" \ - --exclude="ca" \ - "$HOME/.acme.sh/" \ - /etc/letsencrypt/renewal/ - # remove previous acme.sh folder - rm -rf "$HOME/.acme.sh" - # removing previous cronjob - crontab -l | sed '/41 0 \* \* \* "\/root\/\.acme\.sh"\/acme.sh --cron --home "\/root\/\.acme\.sh" > \/dev\/null/d' | crontab - - } >> "$wo_install_log" 2>&1 + if [ -x "$HOME/.acme.sh/acme.sh" ]; then + # backup acme.sh folder + /bin/tar -I pigz -cf /var/lib/wo-backup/acme.sh.tar.gz "$HOME/.acme.sh" + # rsync previous certificates to new acme.sh location + /usr/bin/rsync -rltgoDpz --exclude="account.conf" \ + --exclude="acme.sh" \ + --exclude="acme.sh.env" \ + --exclude="deploy" \ + --exclude="dnsapi" \ + --exclude="http.header" \ + --exclude="ca" \ + "$HOME/.acme.sh/" \ + /etc/letsencrypt/renewal/ + # remove previous acme.sh folder + rm -rf "$HOME/.acme.sh" + mkdir "$HOME/.acme.sh" + touch "$HOME/.acme.sh/acme.sh.env" + # removing previous cronjob + crontab -l | sed '/41 0 \* \* \* "\/root\/\.acme\.sh"\/acme.sh --cron --home "\/root\/\.acme\.sh" > \/dev\/null/d' | crontab - + fi # Let's Encrypt .well-known folder setup if [ ! -d /var/www/html/.well-known/acme-challenge ]; then @@ -452,7 +463,7 @@ wo_download() { curl -sL https://github.com/WordOps/WordOps/archive/v${wo_version}.tar.gz | tar -I pigz -xf - -C /var/lib/wo/tmp mv "/var/lib/wo/tmp/WordOps-$wo_version" /var/lib/wo/tmp/WordOps-install fi -} >> "$wo_install_log" 2>&1 +} wo_git_config() { @@ -470,7 +481,7 @@ wo_git_config() { wo_install() { cd /var/lib/wo/tmp/WordOps-install || exit 1 - python3 setup.py install >> $wo_install_log 2>&1 + python3 setup.py install } @@ -479,95 +490,90 @@ wo_install_travis() { if [ -f "$HOME/.gitconfig" ]; then # install and redirect log to not print python package install - python3 setup.py install >> $wo_install_log 2>&1 + python3 setup.py install fi } wo_upgrade_nginx() { - { + if [ -d /var/lib/wo-backup/nginx ]; then + /bin/tar -I pigz "$NGINX_BACKUP_FILE" /var/lib/wo-backup/nginx + rm -rf /var/lib/wo-backup/nginx + fi + # backup nginx conf + if [ -d /etc/nginx ]; then + /usr/bin/rsync -a --noatime /etc/nginx/ /var/lib/wo-backup/nginx/ + fi + if [ -d /etc/php ]; then + /usr/bin/rsync -a --noatime /etc/php/ /var/lib/wo-backup/php/ + fi + # chec if the package nginx-ee is installed + CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee) + CHECK_PHP72=$(command -v php-fpm7.2) - if [ -d /var/lib/wo-backup/nginx ]; then - /bin/tar -I pigz "$NGINX_BACKUP_FILE" /var/lib/wo-backup/nginx - rm -rf /var/lib/wo-backup/nginx - fi - # backup nginx conf - if [ -d /etc/nginx ]; then - /usr/bin/rsync -a --noatime /etc/nginx/ /var/lib/wo-backup/nginx/ - fi - if [ -d /etc/php ]; then - /usr/bin/rsync -a --noatime /etc/php/ /var/lib/wo-backup/php/ - fi - # chec if the package nginx-ee is installed - CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee) - CHECK_PHP72=$(command -v php-fpm7.2) + # add new Nginx repository + if [ "$wo_distro_version" == "jessie" ]; then + # import the respository key for updates + curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key | apt-key add - + else + curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key | apt-key add - + fi - # add new Nginx repository - if [ "$wo_distro_version" == "jessie" ]; then - # import the respository key for updates - curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key | apt-key add - - else - curl -sL https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key | apt-key add - - fi - - # install new nginx package - if [ -n "$CHECK_NGINX_EE" ]; then - if [ -x /usr/local/bin/wo ]; then - [ -f /etc/apt/preferences.d/nginx-block ] && { mv /etc/apt/preferences.d/nginx-block /var/lib/wo/tmp/nginx-block; } - # stop nginx - service nginx stop - # remove previous package - apt-mark unhold nginx-ee nginx-common nginx-custom - apt-get autoremove nginx-ee nginx-common nginx-custom --allow-change-held-packages --purge -qq - # remove previous php-fpm pool configuration - if [ -n "$CHECK_PHP72" ]; then - apt-get purge php7.2-fpm -y -qq - rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} - fi - if [ -d /etc/nginx ]; then - rm -rf /etc/nginx - fi - /usr/local/bin/wo stack install --nginx --php - rm -f /etc/nginx/common/acl.conf /etc/nginx/htpasswd-wo - /usr/bin/rsync -au --noatime /var/lib/wo-backup/nginx/ /etc/nginx/ - /usr/local/bin/wo stack upgrade --nginx --force + # install new nginx package + if [ -n "$CHECK_NGINX_EE" ]; then + if [ -x /usr/local/bin/wo ]; then + [ -f /etc/apt/preferences.d/nginx-block ] && { mv /etc/apt/preferences.d/nginx-block /var/lib/wo/tmp/nginx-block; } + # stop nginx + service nginx stop + # remove previous package + apt-mark unhold nginx-ee nginx-common nginx-custom + apt-get autoremove nginx-ee nginx-common nginx-custom --allow-change-held-packages --purge -qq + # remove previous php-fpm pool configuration + if [ -n "$CHECK_PHP72" ]; then + apt-get purge php7.2-fpm -y -qq + rm -f /etc/php/7.2/fpm/pool.d/{www.conf,www-two.conf,debug.conf} fi - fi - # restore sites and configuration - [ -f /etc/nginx/htpasswd-ee ] && { cp -f /etc/nginx/htpasswd-ee /etc/nginx/htpasswd-wo; } - sed -i "s/locations.conf/locations-wo.conf/" /etc/nginx/sites-available/* - sed -i "s/locations-php7.conf/locations-wo.conf/" /etc/nginx/sites-available/* - sed -i "s/locations-php71.conf/locations-wo.conf/" /etc/nginx/sites-available/* - sed -i "s/locations-php72.conf/locations-wo.conf/" /etc/nginx/sites-available/* - sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* - sed -i "s/htpasswd-ee/htpasswd-wo/" /etc/nginx/common/acl.conf - sed -i 's/ssl on;/#ssl on;/' /var/www/*/conf/nginx/ssl.conf - - # update redis.conf headers - if [ -f /etc/nginx/common/redis.conf ]; then - sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf - sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf - - fi - - VERIFY_NGINX_CONFIG=$(nginx -t 2>&1 | grep failed) - # check if nginx -t do not return errors - if [ -z "$VERIFY_NGINX_CONFIG" ]; then - systemctl stop nginx - systemctl start nginx - else - VERIFY_NGINX_BUCKET=$(nginx -t 2>&1 | grep "server_names_hash_bucket_size") - if [ -n "$VERIFY_NGINX_BUCKET" ]; then - sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 128;/g" /etc/nginx/nginx.conf + if [ -d /etc/nginx ]; then + rm -rf /etc/nginx fi - systemctl stop nginx - systemctl start nginx + /usr/local/bin/wo stack install --nginx --php + rm -f /etc/nginx/common/acl.conf /etc/nginx/htpasswd-wo + /usr/bin/rsync -au --noatime /var/lib/wo-backup/nginx/ /etc/nginx/ + /usr/local/bin/wo stack upgrade --nginx --force fi - [ -f /var/lib/wo/tmp/nginx-block ] && { mv /var/lib/wo/tmp/nginx-block /etc/apt/preferences.d/nginx-block; } + fi + # restore sites and configuration + [ -f /etc/nginx/htpasswd-ee ] && { cp -f /etc/nginx/htpasswd-ee /etc/nginx/htpasswd-wo; } + sed -i "s/locations.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/locations-php7.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/locations-php71.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/locations-php72.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/locations-php73.conf/locations-wo.conf/" /etc/nginx/sites-available/* + sed -i "s/htpasswd-ee/htpasswd-wo/" /etc/nginx/common/acl.conf + sed -i 's/ssl on;/#ssl on;/' /var/www/*/conf/nginx/ssl.conf - } \ - >> "$wo_install_log" 2>&1 + # update redis.conf headers + if [ -f /etc/nginx/common/redis.conf ]; then + sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf + sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf + + fi + + VERIFY_NGINX_CONFIG=$(nginx -t 2>&1 | grep failed) + # check if nginx -t do not return errors + if [ -z "$VERIFY_NGINX_CONFIG" ]; then + systemctl stop nginx + systemctl start nginx + else + VERIFY_NGINX_BUCKET=$(nginx -t 2>&1 | grep "server_names_hash_bucket_size") + if [ -n "$VERIFY_NGINX_BUCKET" ]; then + sed -i "s/# server_names_hash_bucket_size 64;/server_names_hash_bucket_size 128;/g" /etc/nginx/nginx.conf + fi + systemctl stop nginx + systemctl start nginx + fi + [ -f /var/lib/wo/tmp/nginx-block ] && { mv /var/lib/wo/tmp/nginx-block /etc/apt/preferences.d/nginx-block; } } @@ -603,7 +609,7 @@ wo_update_latest() { if [ -z "$CHECK_REDIS_BIND" ]; then echo 'bind 127.0.0.1 ::1' >> /etc/redis/redis.conf - service redis-server restart > /dev/null 2>&1 + service redis-server restart fi fi @@ -620,7 +626,7 @@ wo_git_init() { } git add -A . git commit -am "Updated Nginx" - } >> /var/log/wo/install.log 2>&1 + } # WordOps under git version control [ -d /etc/wo ] && { cd /etc/wo || exit 1 @@ -629,7 +635,7 @@ wo_git_init() { } git add -A . git commit -am "Installed/Updated to WordOps" - } >> /var/log/wo/install.log 2>&1 + } # PHP under git version control [ -d /etc/php ] && { cd /etc/php || exit 1 @@ -638,26 +644,26 @@ wo_git_init() { } git add -A . git commit -am "Updated PHP" - } >> /var/log/wo/install.log 2>&1 + } } wo_backup_ee() { /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt -} >> $wo_install_log 2>&1 +} wo_backup_wo() { /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 -} >> $wo_install_log 2>&1 +} wo_clean_ee() { rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee -} >> $wo_install_log 2>&1 +} wo_remove_ee_cron() { crontab -l | sed '/ee site update --le=renew --all 2> \/dev\/null/d' | crontab - -} >> $wo_install_log 2>&1 +} wo_tweak_kernel() { @@ -674,19 +680,17 @@ wo_tweak_kernel() { # apply sysctl tweaks sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf fi -} >> $wo_install_log 2>&1 +} wo_systemd_tweak() { if [ ! -x /opt/wo-kernel.sh ]; then - { - # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup - wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache - chmod +x /opt/wo-kernel.sh - wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache - systemctl enable wo-kernel.service - systemctl start wo-kernel.service - } >> /var/log/wo/install.log 2>&1 + # download and setup wo-kernel systemd service to apply kernel tweaks for netdata and redis on server startup + wget -qO /opt/wo-kernel.sh https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-script.mustache + chmod +x /opt/wo-kernel.sh + wget -qO /lib/systemd/system/wo-kernel.service https://raw.githubusercontent.com/WordOps/WordOps/updating-configuration/wo/cli/templates/wo-kernel-service.mustache + systemctl enable wo-kernel.service + systemctl start wo-kernel.service fi LIMIT_CHECK=$(grep "500000" /etc/security/limits.conf) @@ -694,44 +698,40 @@ wo_systemd_tweak() { echo -e "* hard nofile 500000\n* soft nofile 500000\nroot hard nofile 500000\nroot soft nofile 500000\n" >> /etc/security/limits.conf fi -} >> $wo_install_log 2>&1 +} wo_domain_suffix() { curl -sL https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat | sed '/^\/\//d' | sed '/^$/d' | sed 's/^\s+//g' > /var/lib/wo/public_suffix_list.dat -} >> $wo_install_log 2>&1 +} wo_mariadb_tweak() { # increase mariadb open_files_limit - { - if [ -d /etc/systemd/system/mariadb.service.d ] && [ ! -f /etc/systemd/system/mariadb.service.d/limits.conf ]; then - echo -e '[Service]\nLimitNOFILE=500000' > /etc/systemd/system/mariadb.service.d/limits.conf - systemctl daemon-reload - service mysql restart - fi - } >> /var/log/wo/install.log 2>&1 + if [ -d /etc/systemd/system/mariadb.service.d ] && [ ! -f /etc/systemd/system/mariadb.service.d/limits.conf ]; then + echo -e '[Service]\nLimitNOFILE=500000' > /etc/systemd/system/mariadb.service.d/limits.conf + systemctl daemon-reload + service mysql restart + fi } wo_nginx_tweak() { # increase nginx open_files_limit - { - if [ ! -d /etc/systemd/system/nginx.service.d ]; then - mkdir -p /etc/systemd/system/nginx.service.d - if [ ! -f /etc/systemd/system/nginx.service.d/limits.conf ]; then - echo -e '[Service]\nLimitNOFILE=500000' > /etc/systemd/system/nginx.service.d/limits.conf - systemctl daemon-reload - nginx -t && service nginx restart - fi + if [ ! -d /etc/systemd/system/nginx.service.d ]; then + mkdir -p /etc/systemd/system/nginx.service.d + if [ ! -f /etc/systemd/system/nginx.service.d/limits.conf ]; then + echo -e '[Service]\nLimitNOFILE=500000' > /etc/systemd/system/nginx.service.d/limits.conf + systemctl daemon-reload + nginx -t && service nginx restart fi - } >> /var/log/wo/install.log 2>&1 + fi } wo_clean() { rm -rf /usr/local/lib/python3.*/dist-packages/wo-* -} >> $wo_install_log 2>&1 +} wo_uninstall() { rm -rf /usr/local/lib/python3.*/dist-packages/{pystache-*,cement-2.*,wo-*} /usr/local/bin/wo /etc/bash_completion.d/wo_auto.rc /var/lib/wo /etc/wo /usr/lib/wo/templates -} >> $wo_install_log 2>&1 +} wo_ufw_setup() { if ! grep -q "ENABLED=yes" /etc/ufw/ufw.conf; then @@ -791,8 +791,7 @@ wo_ufw_setup() { service rsyslog restart fi fi -} \ - >> $wo_install_log +} wo_cheat_install() { curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh @@ -801,17 +800,16 @@ wo_cheat_install() { ln -s /usr/local/bin/cht.sh /usr/local/bin/cheat } curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh -} >> $wo_install_log 2>&1 +} ### # 4 - WO MAIN SETUP ### -wait + +# wo uninstall script if [ "$wo_purge" = "y" ]; then - wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log - wo_backup_wo | tee -ai $wo_install_log - wo_lib_echo "Uninstalling WordOps" | tee -ai $wo_install_log - wo_uninstall | tee -ai $wo_install_log + _run wo_backup_wo "Backing-up WO install" + _run wo_uninstall "Uninstalling WordOps" wo_lib_echo "The WordOps backup files can be found in $WO_BACKUP_FILE" exit 0 else @@ -822,142 +820,55 @@ else wo_lib_error "You already have WordOps $wo_version_new" 1 fi fi - wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - wo_install_dep & - wo_timesync & - wo_lib_echo "Backing-up WO install" | tee -ai $wo_install_log - wo_backup_wo & - secure_wo_db & - wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log - wo_download & - wo_clean & - wait - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - if [ "$wo_travis" = "y" ]; then - wo_install_travis & - else - wo_git_config - wo_install - fi - wo_update_latest & - if [ ! -d /opt/acme.sh ]; then - wo_lib_echo "Updating acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh & - fi - wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel & - if [ ! -f /opt/wo-kernel.sh ]; then - wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log - wo_systemd_tweak & - fi - if [ -x /usr/sbin/nginx ]; then - wo_nginx_tweak & - fi - if [ -d /etc/systemd/system/mariadb.service.d ]; then - wo_mariadb_tweak & - fi - wo_cheat_install & - wo_domain_suffix & - wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - wo_update_wp_cli & - wait - else - # 2 - Migration from EEv3 - if [ -x /usr/local/bin/ee ]; then - if [ -z "$wo_force_install" ]; then - echo -e "Migrate from EasyEngine to WordOps (y/n): " && read -r WO_ANSWER - if [ "$WO_ANSWER" != "y" ] && [ "$WO_ANSWER" != "Y" ]; then - wo_lib_error "Not installing WordOps" 1 - fi - fi - wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - wo_install_dep & - wo_timesync & - wo_lib_echo "Backing-up EE install" | tee -ai $wo_install_log - wo_backup_ee & - wo_lib_echo "Removing EasyEngine cronjob" | tee -ai $wo_install_log - wo_remove_ee_cron & - wo_lib_echo "Syncing WO database" | tee -ai $wo_install_log - wo_sync_db >> $wo_install_log 2>&1 & - secure_wo_db & - wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log - wo_download & - wait - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install - if command_exists nginx; then - wo_lib_echo "Upgrading Nginx" | tee -ai $wo_install_log - wo_upgrade_nginx & - fi - wait - wo_update_latest & - wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh & - wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel & - if [ ! -f /opt/wo-kernel.sh ]; then - wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log - wo_systemd_tweak & - fi - if command_exists nginx; then - wo_nginx_tweak & - fi - if [ -d /etc/systemd/system/mariadb.service.d ]; then - wo_mariadb_tweak & - fi - wo_domain_suffix & - wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - { - wo_git_init & - wo_update_wp_cli & - wo_cheat_install & - } >> $wo_install_log - wait - wo_lib_echo "Cleaning-up EE previous install" | tee -ai $wo_install_log - wo_clean_ee >> $wo_install_log - else - # 3 - Fresh WO setup - wo_lib_echo "Installing wo dependencies " | tee -ai $wo_install_log - [ -z "$wo_travis" ] && { - wo_dist_upgrade >> $wo_install_log - } - wo_install_dep & - wo_timesync & - wo_lib_echo "Downloading WordOps " | tee -ai $wo_install_log - wo_download & - wait - if [ "$wo_travis" = "y" ]; then - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install_travis & - else - wo_git_config - wo_lib_echo "Installing WordOps " | tee -ai $wo_install_log - wo_install - fi - if [ "$ufw" = "y" ]; then - wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log - wo_ufw_setup & - fi - wo_lib_echo "Applying Kernel tweaks" | tee -ai $wo_install_log - wo_tweak_kernel & - if [ ! -f /opt/wo-kernel.sh ]; then - wo_lib_echo "Adding systemd service tweak" | tee -ai $wo_install_log - wo_systemd_tweak & - fi - wo_lib_echo "Installing acme.sh" | tee -ai $wo_install_log - wo_install_acme_sh & - wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log - { - secure_wo_db & - wo_cheat_install & - wo_domain_suffix & - wo_git_init & - wo_update_wp_cli & - wait - } >> $wo_install_log - wait + _run wo_backup_wo "Backing-up WO install" + _run wo_clean + # 2 - Migration from EEv3 + elif [ -x /usr/local/bin/ee ]; then + if [ -z "$wo_force_install" ]; then + echo -e "Migrate from EasyEngine to WordOps (y/n): " && read -r WO_ANSWER + if [ "$WO_ANSWER" != "y" ] && [ "$WO_ANSWER" != "Y" ]; then + wo_lib_error "Not installing WordOps" 1 + fi fi + _run wo_backup_ee "Backing-up EE install" + _run wo_remove_ee_cron "Removing EasyEngine cronjob" + _run wo_sync_db "Syncing WO database" fi + _run wo_install_dep "Installing wo dependencies" + _run wo_timesync + if [ "$ufw" = "y" ]; then + wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log + wo_ufw_setup + fi + # skip steps if travis + if [ -z "$wo_travis" ]; then + _run wo_dist_upgrade + _run wo_download "Downloading WordOps" + wo_git_config + _run wo_install "Installing WordOps" + else + _run wo_install_travis "Installing WordOps" + fi + if [ -x /usr/local/bin/ee ]; then + _run wo_upgrade_nginx "Upgrading Nginx" + _run wo_clean_ee "Cleaning previous EasyEngine install" + fi + _run wo_install_acme_sh + _run wo_tweak_kernel "Applying Kernel tweaks" + if [ ! -f /opt/wo-kernel.sh ]; then + _run wo_systemd_tweak "Adding systemd service tweak" + fi + if [ -x /usr/sbin/nginx ]; then + _run wo_nginx_tweak & + fi + if [ -d /etc/systemd/system/mariadb.service.d ]; then + _run wo_mariadb_tweak & + fi + _run wo_cheat_install "Running post-install steps" + _run wo_domain_suffix + _run wo_update_wp_cli + _run wo_update_latest + _run secure_wo_db wo sync >> $wo_install_log 2>&1 From 0873ea25553c60906c1fa1c968f27ab27326ed00 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 18 Sep 2019 15:07:48 +0200 Subject: [PATCH 12/20] update cement to 2.8.2 --- install | 7 +++---- requirements.txt | 2 +- setup.py | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/install b/install index c512171..bd6cd1d 100755 --- a/install +++ b/install @@ -837,8 +837,7 @@ else _run wo_install_dep "Installing wo dependencies" _run wo_timesync if [ "$ufw" = "y" ]; then - wo_lib_echo "Configuring UFW" | tee -ai $wo_install_log - wo_ufw_setup + _run wo_ufw_setup "Configuring UFW" fi # skip steps if travis if [ -z "$wo_travis" ]; then @@ -859,10 +858,10 @@ else _run wo_systemd_tweak "Adding systemd service tweak" fi if [ -x /usr/sbin/nginx ]; then - _run wo_nginx_tweak & + _run wo_nginx_tweak fi if [ -d /etc/systemd/system/mariadb.service.d ]; then - _run wo_mariadb_tweak & + _run wo_mariadb_tweak fi _run wo_cheat_install "Running post-install steps" _run wo_domain_suffix diff --git a/requirements.txt b/requirements.txt index 6a4b1a5..2df9c0a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -cement>=2.8.0 +cement>=2.8.2 diff --git a/setup.py b/setup.py index 8b3b270..c6c5b50 100644 --- a/setup.py +++ b/setup.py @@ -25,7 +25,7 @@ if not os.path.exists('/var/lib/wo/'): os.makedirs('/var/lib/wo/') setup(name='wo', - version='3.9.8.11', + version='3.9.8.12', description=long_description, long_description=long_description, classifiers=[], @@ -46,7 +46,7 @@ setup(name='wo', # "nose", # "coverage", # Required to function - 'cement == 2.8.0', + 'cement == 2.8.2', 'pystache', 'python-apt', 'pynginxconfig', From 9b1853b25b07c9ef065b6850b247edb28b5f1bcf Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 19 Sep 2019 14:07:34 +0200 Subject: [PATCH 13/20] Update install and refactor site.py --- config/bash_completion.d/wo_auto.rc | 70 ++++++++++++++--------------- install | 1 + wo/cli/plugins/secure.py | 16 ++++--- wo/cli/plugins/site.py | 30 +++++++------ wo/core/domainvalidate.py | 3 +- wo/core/random.py | 17 +++++++ wo/core/variables.py | 2 +- 7 files changed, 81 insertions(+), 58 deletions(-) create mode 100644 wo/core/random.py diff --git a/config/bash_completion.d/wo_auto.rc b/config/bash_completion.d/wo_auto.rc index 56ec872..b0ffd54 100644 --- a/config/bash_completion.d/wo_auto.rc +++ b/config/bash_completion.d/wo_auto.rc @@ -94,7 +94,7 @@ _wo_complete() ;; "edit" | "enable" | "info" | "log" | "show" | "cd" | "delete") - if [ ${COMP_WORDS[1]} == "log" ]; then + if [ ""${COMP_WORDS[1]}"" == "log" ]; then COMPREPLY=( $(compgen \ -W "$(find /etc/nginx/sites-available/ -type f -printf "%P " 2> /dev/null) --nginx --php --fpm --mysql --access" \ -- $cur) ) @@ -131,7 +131,7 @@ _wo_complete() ;; esac - if [ ${COMP_WORDS[1]} == "debug" ] && ([ "$prev" != "--start" ] && [ "$prev" != "--nginx" ] && [ "$prev" != "--php" ] && [ "$prev" != "--php73" ] && [ "$prev" != "--fpm" ] && [ "$prev" != "--fpm7" ] && [ "$prev" != "--mysql" ] && [ "$prev" != "-i" ] && [ "$prev" != "--interactive" ] && [ "$prev" != "--import-slow-log" ] && [ "$prev" != "--stop" ]); then + if [ ""${COMP_WORDS[1]}"" == "debug" ] && ([ "$prev" != "--start" ] && [ "$prev" != "--nginx" ] && [ "$prev" != "--php" ] && [ "$prev" != "--php73" ] && [ "$prev" != "--fpm" ] && [ "$prev" != "--fpm7" ] && [ "$prev" != "--mysql" ] && [ "$prev" != "-i" ] && [ "$prev" != "--interactive" ] && [ "$prev" != "--import-slow-log" ] && [ "$prev" != "--stop" ]); then retlist="--all --wp --rewrite -i --all=off --wp=off --rewrite=off" ret="${retlist[@]/$prev}" COMPREPLY=( $(compgen \ @@ -139,7 +139,7 @@ _wo_complete() -- $cur) ) fi - #if [ ${COMP_WORDS[1]} == "log" ] && ([ "$prev" != "--access" ] || [ "$prev" != "--nginx" ] || [ "$prev" != "--php" ] || [ "$prev" != "--fpm" ] || [ "$prev" != "--mysql" ] || [ "$prev" != "-i" ] || ["$prev" != "--interactive" ] || ["$prev" != "--stop" ]); then + #if [ "${COMP_WORDS[1]}" == "log" ] && ([ "$prev" != "--access" ] || [ "$prev" != "--nginx" ] || [ "$prev" != "--php" ] || [ "$prev" != "--fpm" ] || [ "$prev" != "--mysql" ] || [ "$prev" != "-i" ] || ["$prev" != "--interactive" ] || ["$prev" != "--stop" ]); then # retlist="--all --wp --rewrite -i --all=off --wp=off --rewrite=off" # ret="${retlist[@]/$prev}" # COMPREPLY=( $(compgen \ @@ -148,7 +148,7 @@ _wo_complete() #fi - elif [ $COMP_CWORD -eq 4 ]; then + elif [ "$COMP_CWORD" -eq 4 ]; then case "$mprev" in # HANDLE EVERYTHING AFTER THE THIRD LEVEL NAMESPACE @@ -204,11 +204,11 @@ _wo_complete() case "$prev" in "--wp") - if [ ${COMP_WORDS[1]} != "debug" ]; then - if [ ${COMP_WORDS[2]} == "create" ]; then + if [ "${COMP_WORDS[1]}" != "debug" ]; then + if [ "${COMP_WORDS[2]}" == "create" ]; then retlist="--wp --wpsc --wpfc --user --email --pass --wpredis --wprocket --wpce --letsencrypt -le --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do --php73" - elif [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=wildcard --letsencrypt=off --letsencrypt=clean -le=off -le=wildcard --dns --dns=dns_cf --dns=dns_do" + elif [ "${COMP_WORDS[2]}" == "update" ]; then + retlist="--wp --wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le --letsencrypt --letsencrypt=wildcard -le=wildcard --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -223,11 +223,11 @@ _wo_complete() ;; "--wpsubdir" | "--wpsubdomain") - if [ ${COMP_WORDS[1]} != "debug" ]; then - if [ ${COMP_WORDS[2]} == "create" ]; then + if [ "${COMP_WORDS[1]}" != "debug" ]; then + if [ "${COMP_WORDS[2]}" == "create" ]; then retlist="--wpsc --wpfc --user --email --pass --wpredis --wprocket --wpce -le -le=wildcard --letsencrypt --letsencrypt=wildcard --php73 --dns --dns=dns_cf --dns=dns_do" - elif [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le -le=off -le=wildcard --letsencrypt --letsencrypt=wildcard --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do" + elif [ "${COMP_WORDS[2]}" == "update" ]; then + retlist="--wpfc --wpsc --php73 --php73=off --wpredis --wprocket --wpce -le -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -241,9 +241,9 @@ _wo_complete() -- $cur) ) ;; - "--wpredis --wprocket --wpce" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") - if [ ${COMP_WORDS[2]} == "create" ]; then - retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --php73 -le -le=off -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do" + "--wpredis" | "--wprocket" | "--wpce" | "--wpfc" | "--wpsc" | "--wpsubdir" | "--wpsubdomain" | "--user" | "--pass" | "--email" | "--wp") + if [ "${COMP_WORDS[2]}" == "create" ]; then + retlist="--user --pass --email --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce --php73 -le -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -254,9 +254,9 @@ _wo_complete() -- $cur) ) ;; - "--wpredis --wprocket --wpce" | "--wpfc") - if [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off --letsencrypt --letsencrypt=off --letsencrypt=clean --dns --dns=dns_cf --dns=dns_do" + "--wpredis" | "--wprocket" | "--wpce" | "--wpfc") + if [ "${COMP_WORDS[2]}" == "update" ]; then + retlist="--password --php --php73 --mysql --wp --wpsubdir --wpsubdomain -le --letsencrypt --dns --dns=dns_cf --dns=dns_do" else retlist="" fi @@ -268,23 +268,23 @@ _wo_complete() ;; "--web" | "--admin" | "--nginx" | "--php" | "--php73" | "--mysql" | "--wpcli" | "--phpmyadmin" | "--adminer" | "--utils" | "--fail2ban" | "--redis | --phpredisadmin | --netdata") - if [[ ${COMP_WORDS[2]} == "install" || ${COMP_WORDS[2]} == "purge" || ${COMP_WORDS[2]} == "remove" ]]; then + if [[ "${COMP_WORDS[2]}" == "install" || "${COMP_WORDS[2]}" == "purge" || "${COMP_WORDS[2]}" == "remove" ]]; then retlist="--web --admin --security --nginx --php --php73 --mysql --wpcli --phpmyadmin --adminer --utils --redis --fail2ban --phpredisadmin --netdata -f --force" - elif [[ ${COMP_WORDS[2]} == "start" || ${COMP_WORDS[2]} == "reload" || ${COMP_WORDS[2]} == "restart" || ${COMP_WORDS[2]} == "stop" ]]; then + elif [[ "${COMP_WORDS[2]}" == "start" || "${COMP_WORDS[2]}" == "reload" || "${COMP_WORDS[2]}" == "restart" || "${COMP_WORDS[2]}" == "stop" ]]; then retlist="--nginx --php --php73 --mysql --redis --netdata" - elif [[ ${COMP_WORDS[1]} == "debug" ]]; then + elif [[ "${COMP_WORDS[1]}" == "debug" ]]; then retlist="--start --nginx --php --php73 --fpm --fpm7 --mysql -i --interactive -stop --import-slow-log --import-slow-log-interval= -" if [[ $prev == '--mysql' ]]; then retlist="--start --nginx --php --php73 --fpm --fpm7 --mysql -i --interactive --stop --import-slow-log" fi - elif [[ ${COMP_WORDS[1]} == "log" ]]; then - if [ ${COMP_WORDS[2]} == "show" ]; then + elif [[ "${COMP_WORDS[1]}" == "log" ]]; then + if [ "${COMP_WORDS[2]}" == "show" ]; then retlist="--access --nginx --php --mysql --fpm --wp" - elif [ ${COMP_WORDS[2]} == "reset" ]; then + elif [ "${COMP_WORDS[2]}" == "reset" ]; then retlist="--access --nginx --php --mysql --fpm --wp --slow-log-db" - elif [ ${COMP_WORDS[2]} == "mail" ]; then + elif [ "${COMP_WORDS[2]}" == "mail" ]; then retlist="--access --nginx --php --mysql --fpm --wp --to=" fi @@ -304,12 +304,12 @@ _wo_complete() ;; "--all") - if [ ${COMP_WORDS[1]} == "clean" ]; then + if [ "${COMP_WORDS[1]}" == "clean" ]; then retlist="--opcache --fastcgi --redis" - elif [ ${COMP_WORDS[2]} == "delete" ]; then + elif [ "${COMP_WORDS[2]}" == "delete" ]; then retlist="--db --files --force" - elif [ ${COMP_WORDS[2]} == "update" ]; then - retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off -le=wildcard --letsencrypt --letsencrypt=off " + elif [ "${COMP_WORDS[2]}" == "update" ]; then + retlist="--password --php --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=off -le=wildcard --letsencrypt --letsencrypt=off " else retlist="" fi @@ -333,16 +333,16 @@ _wo_complete() -W "$(echo $ret)" \ -- $cur) ) ;; - "--access" | "--fpm" | "--wp" | "--slow-log-db") - if [[ ${COMP_WORDS[1]} == "log" ]]; then - if [ ${COMP_WORDS[2]} == "show" ]; then + "--access" | "--fpm" | "--slow-log-db") + if [[ "${COMP_WORDS[1]}" == "log" ]]; then + if [ "${COMP_WORDS[2]}" == "show" ]; then retlist="--access --nginx --php --mysql --fpm --wp" - elif [ ${COMP_WORDS[2]} == "reset" ]; then + elif [ "${COMP_WORDS[2]}" == "reset" ]; then retlist="--access --nginx --php --mysql --fpm --wp --slow-log-db" - elif [ ${COMP_WORDS[2]} == "mail" ]; then + elif [ "${COMP_WORDS[2]}" == "mail" ]; then retlist="--access --nginx --php --mysql --fpm --wp --to=" fi @@ -357,7 +357,7 @@ _wo_complete() esac case "$mprev" in "--user" | "--email" | "--pass") - if [ ${COMP_WORDS[2]} == "create" ]; then + if [ "${COMP_WORDS[2]}" == "create" ]; then retlist="--user --pass --email --html --php --php73 --mysql --wp --wpsubdir --wpsubdomain --wpfc --wpsc --wpredis --wprocket --wpce -le -le=wildcard --letsencrypt --letsencrypt=wildcard --dns --dns=dns_cf --dns=dns_do" fi ret="${retlist[@]/$prev}" diff --git a/install b/install index bd6cd1d..5c7dd46 100755 --- a/install +++ b/install @@ -797,6 +797,7 @@ wo_cheat_install() { curl -sL https://cht.sh/:cht.sh > /usr/local/bin/cht.sh chmod +x /usr/local/bin/cht.sh [ ! -h /usr/local/bin/cheat ] && { + rm -f /usr/local/bin/cheat ln -s /usr/local/bin/cht.sh /usr/local/bin/cheat } curl -sL https://cheat.sh/:bash_completion > /etc/bash_completion.d/cht.sh diff --git a/wo/cli/plugins/secure.py b/wo/cli/plugins/secure.py index 38f8190..ec3d916 100644 --- a/wo/cli/plugins/secure.py +++ b/wo/cli/plugins/secure.py @@ -10,6 +10,7 @@ from wo.core.logging import Log from wo.core.services import WOService from wo.core.shellexec import WOShellExec from wo.core.variables import WOVariables +from wo.core.random import RANDOM def wo_secure_hook(app): @@ -21,14 +22,17 @@ class WOSecureController(CementBaseController): label = 'secure' stacked_on = 'base' stacked_type = 'nested' - description = ('Secure command secure auth, ip and port') + description = ( + 'Secure command provide the ability to' + 'adjust settings for backend and to harden server security.') arguments = [ (['--auth'], - dict(help='secure auth', action='store_true')), + dict(help='secure backend authentification', + action='store_true')), (['--port'], - dict(help='secure port', action='store_true')), + dict(help='set backend port', action='store_true')), (['--ip'], - dict(help='secure ip', action='store_true')), + dict(help='set backend whitelisted ip', action='store_true')), (['user_input'], dict(help='user input', nargs='?', default=None)), (['user_pass'], @@ -49,9 +53,7 @@ class WOSecureController(CementBaseController): def secure_auth(self): """This function secures authentication""" pargs = self.app.pargs - passwd = ''.join([random.choice - (string.ascii_letters + string.digits) - for n in range(24)]) + passwd = RANDOM.long(self) if not pargs.user_input: username = input("Provide HTTP authentication user " "name [{0}] :".format(WOVariables.wo_user)) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 2a767b7..f4175b7 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -11,7 +11,7 @@ from cement.core.controller import CementBaseController, expose from wo.cli.plugins.site_functions import * from wo.cli.plugins.sitedb import (addNewSite, deleteSiteInfo, getAllsites, getSiteInfo, updateSiteInfo) -from wo.core.domainvalidate import DMN +from wo.core.domainvalidate import WODomain from wo.core.fileutils import WOFileUtils from wo.core.git import WOGit from wo.core.logging import Log @@ -58,7 +58,7 @@ class WOSiteController(CementBaseController): pargs.site_name = pargs.site_name.strip() # validate domain name - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) # check if site exists if not check_domain_exists(self, wo_domain): @@ -95,7 +95,7 @@ class WOSiteController(CementBaseController): Log.debug(self, str(e)) Log.error(self, 'could not input site name') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) # check if site exists if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) @@ -135,8 +135,8 @@ class WOSiteController(CementBaseController): Log.debug(self, str(e)) Log.error(self, 'could not input site name') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) - (wo_domain_type, wo_root_domain) = DMN.getdomainlevel(self, wo_domain) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) + (wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(self, wo_domain) wo_db_name = '' wo_db_user = '' wo_db_pass = '' @@ -187,7 +187,7 @@ class WOSiteController(CementBaseController): def log(self): pargs = self.app.pargs pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) wo_site_webroot = getSiteInfo(self, wo_domain).site_path if not check_domain_exists(self, wo_domain): @@ -209,7 +209,7 @@ class WOSiteController(CementBaseController): Log.error(self, 'could not input site name') # TODO Write code for wo site edit command here pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) @@ -240,7 +240,7 @@ class WOSiteController(CementBaseController): Log.error(self, 'Unable to read input, please try again') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) @@ -281,7 +281,7 @@ class WOSiteEditController(CementBaseController): Log.error(self, 'Unable to read input, Please try again') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) @@ -423,7 +423,7 @@ class WOSiteCreateController(CementBaseController): Log.error(self, "Unable to input site name, Please try again!") pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) if not wo_domain.strip(): Log.error(self, "Invalid domain name, " "Provide valid domain name") @@ -716,7 +716,8 @@ class WOSiteCreateController(CementBaseController): "`tail /var/log/wo/wordops.log` and please try again") if pargs.letsencrypt: - (wo_domain_type, wo_root_domain) = DMN.getdomainlevel(self, wo_domain) + (wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(self, + wo_domain) data['letsencrypt'] = True letsencrypt = True if data['letsencrypt'] is True: @@ -929,7 +930,7 @@ class WOSiteUpdateController(CementBaseController): Log.error(self, 'Unable to input site name, Please try again!') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) wo_site_webroot = WOVariables.wo_webroot + wo_domain check_site = getSiteInfo(self, wo_domain) @@ -1127,7 +1128,8 @@ class WOSiteUpdateController(CementBaseController): pargs.php73 = False if pargs.letsencrypt: - (wo_domain_type, wo_root_domain) = DMN.getdomainlevel(self, wo_domain) + (wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(self, + wo_domain) if pargs.letsencrypt == 'on': data['letsencrypt'] = True letsencrypt = True @@ -1856,7 +1858,7 @@ class WOSiteDeleteController(CementBaseController): Log.error(self, 'could not input site name') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = DMN.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) wo_db_name = '' wo_prompt = '' wo_nginx_prompt = '' diff --git a/wo/core/domainvalidate.py b/wo/core/domainvalidate.py index ff7ddd3..de74fce 100644 --- a/wo/core/domainvalidate.py +++ b/wo/core/domainvalidate.py @@ -3,7 +3,8 @@ import os from urllib.parse import urlparse -class DMN(): +class WODomain(): + """WordOps domain validation utilities""" def validatedomain(self, url): """ diff --git a/wo/core/random.py b/wo/core/random.py new file mode 100644 index 0000000..cb7482d --- /dev/null +++ b/wo/core/random.py @@ -0,0 +1,17 @@ +import random +import string + + +class RANDOM: + + def short(self): + short_random = ''.join([random.choice + (string.ascii_letters + string.digits) + for n in range(8)]) + return short_random + + def long(self): + long_random = ''.join([random.choice + (string.ascii_letters + string.digits) + for n in range(24)]) + return long_random diff --git a/wo/core/variables.py b/wo/core/variables.py index fb7b664..aa39058 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -11,7 +11,7 @@ class WOVariables(): """Intialization of core variables""" # WordOps version - wo_version = "3.9.8.11" + wo_version = "3.9.8.12" # WordOps packages versions wo_wp_cli = "2.3.0" wo_adminer = "4.7.2" From 251ffb7931a5e873b019d44f99270c72537a10ce Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 19 Sep 2019 14:19:38 +0200 Subject: [PATCH 14/20] update travis --- tests/travis.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/travis.sh b/tests/travis.sh index 2542b61..5bc2929 100644 --- a/tests/travis.sh +++ b/tests/travis.sh @@ -17,7 +17,7 @@ exit_script() { echo -e "${CGREEN}#############################################${CEND}" echo -e ' stack install ' echo -e "${CGREEN}#############################################${CEND}" -stack_list='nginx php php73 mysql redis fail2ban clamav proftpd admin' +stack_list='nginx php php73 mysql redis fail2ban clamav proftpd netdata phpmyadmin composer dashboard extplorer adminer redis phpredisadmin mysqltuner utils' for stack in $stack_list; do echo -ne " Installing $stack [..]\r" if { From a4f316867b6901e56c6e860896ad686be7ce35dd Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 19 Sep 2019 15:59:25 +0200 Subject: [PATCH 15/20] Update changelog, and site.py --- CHANGELOG.md | 11 ++++++++--- install | 1 + tests/init-file | 3 --- wo/cli/plugins/site.py | 3 ++- 4 files changed, 11 insertions(+), 7 deletions(-) delete mode 100644 tests/init-file diff --git a/CHANGELOG.md b/CHANGELOG.md index 9f7d6a6..d6f180f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,11 +8,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] +### v3.9.8.12 - 2019-09-19 + #### Changed -- WP-CLI updated to v2.3.0 -- Improved SSL certificates management from previous letsencrypt or certbot install -- Use a separate python file for gitconfig during installation to redirect setup.py output into logs +- [APP] WP-CLI updated to v2.3.0 +- [CORE] Improved SSL certificates management from previous letsencrypt or certbot install +- [CORE] Use a separate python file for gitconfig during installation to redirect setup.py output into logs +- [CORE] updated cement to v2.8.2 +- [CORE] removed old `--experimental flag` +- [CORE] Improve and simplify install script #### Fixed diff --git a/install b/install index 5c7dd46..b909571 100755 --- a/install +++ b/install @@ -144,6 +144,7 @@ echo "" ### # 1- Check whether lsb_release is installed, and if not, install it ### +wait if ! command_exists lsb_release; then apt-get install lsb-release -qq fi diff --git a/tests/init-file b/tests/init-file deleted file mode 100644 index d8a3a07..0000000 --- a/tests/init-file +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash --init-file -source /etc/bash_completion.d/wo_auto.rc -source ~/.bashrc diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index f4175b7..668941c 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -95,7 +95,8 @@ class WOSiteController(CementBaseController): Log.debug(self, str(e)) Log.error(self, 'could not input site name') pargs.site_name = pargs.site_name.strip() - (wo_domain, wo_www_domain) = WODomain.validatedomain(self, pargs.site_name) + (wo_domain, wo_www_domain) = WODomain.validatedomain(self, + pargs.site_name) # check if site exists if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) From fb5685e12809269cb528456451388c492790c441 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Thu, 19 Sep 2019 23:41:44 +0200 Subject: [PATCH 16/20] Fix installer --- install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install b/install index b909571..a972e58 100755 --- a/install +++ b/install @@ -125,7 +125,7 @@ _run() { if [ -z "$wo_travis" ]; then if command_exists curl; then - apt-get update -qq & + apt-get update -qq else apt-get update -qq && apt-get -y install curl -qq > /dev/null 2>&1 fi @@ -144,7 +144,7 @@ echo "" ### # 1- Check whether lsb_release is installed, and if not, install it ### -wait + if ! command_exists lsb_release; then apt-get install lsb-release -qq fi From afc0ab02020167094187f5eb2a4f9bf4fb81919c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 20 Sep 2019 00:42:58 +0200 Subject: [PATCH 17/20] Fix wo_backup --- install | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/install b/install index a972e58..3dd079d 100755 --- a/install +++ b/install @@ -123,6 +123,14 @@ _run() { } +check_path() { + if [ -d "$1" ]; then + return 0 + else + return 1 + fi +} + if [ -z "$wo_travis" ]; then if command_exists curl; then apt-get update -qq @@ -649,11 +657,31 @@ wo_git_init() { } wo_backup_ee() { - /bin/tar -I pigz -cf "$EE_BACKUP_FILE" /etc/nginx /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee /etc/letsencrypt + if [ -d /etc/nginx ]; then + local EE_NGINX="/etc/nginx" + else + local EE_NGINX="" + fi + if [ -d /etc/letsencrypt ]; then + local EE_LE="/etc/letsencrypt" + else + local EE_LE="" + fi + /bin/tar -I pigz -cf "$EE_BACKUP_FILE" "$EE_NGINX" /usr/local/bin/ee /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee "$EE_LE" } wo_backup_wo() { - /bin/tar -I pigz -cf "$WO_BACKUP_FILE" /etc/nginx /etc/wo /var/lib/wo /etc/letsencrypt >> /var/log/wo/install.log 2>&1 + if [ -d /etc/nginx ]; then + local WO_NGINX="/etc/nginx" + else + local WO_NGINX="" + fi + if [ -d /etc/letsencrypt ]; then + local WO_LE="/etc/letsencrypt" + else + local WO_LE="" + fi + /bin/tar -I pigz -cf "$WO_BACKUP_FILE" "$WO_NGINX" /etc/wo /var/lib/wo "$WO_LE" } wo_clean_ee() { From 71f8e75fad9dc74e4df7f0222b9ee1554e2655bd Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 20 Sep 2019 00:45:05 +0200 Subject: [PATCH 18/20] Update changelog --- CHANGELOG.md | 2 +- install | 2 +- setup.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d6f180f..a87bdb8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### v3.9.x - [Unreleased] -### v3.9.8.12 - 2019-09-19 +### v3.9.8.12 - 2019-09-20 #### Changed diff --git a/install b/install index 3dd079d..1e7fd83 100755 --- a/install +++ b/install @@ -9,7 +9,7 @@ # ------------------------------------------------------------------------- # wget -qO wo wops.cc && sudo bash wo # ------------------------------------------------------------------------- -# Version 3.9.8.12 - 2019-09-18 +# Version 3.9.8.12 - 2019-09-20 # ------------------------------------------------------------------------- # CONTENTS diff --git a/setup.py b/setup.py index c6c5b50..09aa70a 100644 --- a/setup.py +++ b/setup.py @@ -9,7 +9,7 @@ templates = [] long_description = '''WordOps An essential toolset that eases WordPress site and server administration. It provide the ability - to Install a high performance WordPress stack + to install a high performance WordPress stack with a few keystrokes''' for name in glob.glob('config/plugins.d/*.conf'): From 71b18636f41f7cdf902dd3d0682d2f32b3f806c9 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 20 Sep 2019 01:07:19 +0200 Subject: [PATCH 19/20] Fix backup --- install | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/install b/install index 1e7fd83..a8b41e7 100755 --- a/install +++ b/install @@ -671,21 +671,13 @@ wo_backup_ee() { } wo_backup_wo() { - if [ -d /etc/nginx ]; then - local WO_NGINX="/etc/nginx" - else - local WO_NGINX="" - fi - if [ -d /etc/letsencrypt ]; then - local WO_LE="/etc/letsencrypt" - else - local WO_LE="" - fi /bin/tar -I pigz -cf "$WO_BACKUP_FILE" "$WO_NGINX" /etc/wo /var/lib/wo "$WO_LE" + return 0 } wo_clean_ee() { rm -f /usr/local/bin/ee /etc/bash_completion.d/ee_auto.rc /usr/lib/ee/templates /usr/local/lib/python3.*/dist-packages/ee-*.egg /etc/ee /var/lib/ee + return 0 } wo_remove_ee_cron() { From bef95a0b75732939f4d00f79431f70675f998fa6 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 20 Sep 2019 01:13:01 +0200 Subject: [PATCH 20/20] Initialize wo db only if nginx installed --- install | 116 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 57 insertions(+), 59 deletions(-) diff --git a/install b/install index a8b41e7..b81a667 100755 --- a/install +++ b/install @@ -279,18 +279,16 @@ wo_sync_db() { mkdir -p /var/lib/wo if [ -f /var/lib/ee/ee.db ]; then - # Copy the EasyEngine database + # Make a backup of the EasyEngine database cp /var/lib/ee/ee.db /var/lib/wo/dbase-ee.db - ### - # Clean WO installation - ### - + # Copy ee database cp /var/lib/ee/ee.db /var/lib/wo/dbase.db else + if [ -d /etc/nginx/sites-available ]; then - # Create an empty database for WordOps - echo "CREATE TABLE sites ( + # Create an empty database for WordOps + echo "CREATE TABLE sites ( id INTEGER PRIMARY KEY AUTOINCREMENT, sitename UNIQUE, site_type CHAR, @@ -309,69 +307,69 @@ wo_sync_db() { php_version VARCHAR );" | sqlite3 /var/lib/wo/dbase.db - # Check site is enable/live or disable - AV_SITES="$(basename -a /etc/nginx/sites-available/* | grep -v default)" - for site in $AV_SITES; do - if [ -h "/etc/nginx/sites-enabled/$site" ]; then - wo_site_status='1' - else - wo_site_status='0' - fi - - # Acquire information about the current nginx configuration - - wo_site_current_type=$(grep "common/" "/etc/nginx/sites-available/$site" | awk -F "/" '{print $2}') - - if echo "$wo_site_current_type" | grep -q "php"; then - if echo "$wo_site_current_type" | grep -q "php7"; then - wo_php_version="7.0" + # Check site is enable/live or disable + AV_SITES="$(basename -a /etc/nginx/sites-available/* | grep -v default)" + for site in $AV_SITES; do + if [ -h "/etc/nginx/sites-enabled/$site" ]; then + wo_site_status='1' else - wo_php_version="5.6" + wo_site_status='0' fi - else - wo_php_version="" - fi - if echo "$wo_site_current_type" | grep -q "redis"; then - wo_site_current_cache="wpredis" - elif echo "$wo_site_current_type" | grep -q wpsc; then - wo_site_current_cache="wpsc" - elif echo "$wo_site_current_type" | grep -q wpfc; then - wo_site_current_cache="wpfc" - else - wo_site_current_cache="basic" - fi + # Acquire information about the current nginx configuration - if echo "$wo_site_current_type" | grep -q wp; then - if echo "$wo_site_current_type" | grep -q wpsubdir; then - wo_site_current="wpsubdir" - elif echo "$wo_site_current_type" | grep -q wpsudomain; then - wo_site_current="wpsubdomain" - else - wo_site_current="wp" - fi - else - if echo "$wo_site_current_type" | grep -q location; then - wo_site_current="proxy" - elif echo "$wo_site_current_type" | grep -q php; then - wo_site_current="html" - else - if [ -f "/var/www/${site}/ee-config.php" ] || [ -f "/var/www/${site}/wo-config.php" ]; then - wo_site_current="mysql" + wo_site_current_type=$(grep "common/" "/etc/nginx/sites-available/$site" | awk -F "/" '{print $2}') + + if echo "$wo_site_current_type" | grep -q "php"; then + if echo "$wo_site_current_type" | grep -q "php7"; then + wo_php_version="7.0" else - wo_site_current="php" + wo_php_version="5.6" + fi + else + wo_php_version="" + fi + + if echo "$wo_site_current_type" | grep -q "redis"; then + wo_site_current_cache="wpredis" + elif echo "$wo_site_current_type" | grep -q wpsc; then + wo_site_current_cache="wpsc" + elif echo "$wo_site_current_type" | grep -q wpfc; then + wo_site_current_cache="wpfc" + else + wo_site_current_cache="basic" + fi + + if echo "$wo_site_current_type" | grep -q wp; then + if echo "$wo_site_current_type" | grep -q wpsubdir; then + wo_site_current="wpsubdir" + elif echo "$wo_site_current_type" | grep -q wpsudomain; then + wo_site_current="wpsubdomain" + else + wo_site_current="wp" + fi + else + if echo "$wo_site_current_type" | grep -q location; then + wo_site_current="proxy" + elif echo "$wo_site_current_type" | grep -q php; then + wo_site_current="html" + else + if [ -f "/var/www/${site}/ee-config.php" ] || [ -f "/var/www/${site}/wo-config.php" ]; then + wo_site_current="mysql" + else + wo_site_current="php" + fi fi fi - fi - wo_webroot="/var/www/$site" + wo_webroot="/var/www/$site" - # Import the configuration into the WordOps SQLite database - echo "INSERT INTO sites (sitename, site_type, cache_type, site_path, is_enabled, is_ssl, storage_fs, storage_db) + # Import the configuration into the WordOps SQLite database + echo "INSERT INTO sites (sitename, site_type, cache_type, site_path, is_enabled, is_ssl, storage_fs, storage_db) VALUES (\"$site\", \"$wo_site_current\", \"$wo_site_current_cache\", \"$wo_webroot\", \"$wo_site_status\", 0, 'ext4', 'mysql');" | sqlite3 /var/lib/wo/dbase.db - done - + done + fi fi # echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db