diff --git a/.gitignore b/.gitignore index 41b775b..601587c 100644 --- a/.gitignore +++ b/.gitignore @@ -64,3 +64,5 @@ coverage_report/ include/ local/ man/ + +\.pytest_cache/ diff --git a/.travis.yml b/.travis.yml index 5581386..ef0b600 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,39 +27,28 @@ script: - sudo wo stack install --web || sudo tail -n50 /var/log/wo/wordops.log - sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create html.net --html || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create php.com --php || sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create mysql-php73.com --mysql --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp-php73.com --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsc1.net --wpsc || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log - - - sudo wo site create wpsc-php73.net --wpsc --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - - - sudo wo site create wpredis.net --wpredis || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log - - - sudo wo site create wpsubdir1.com --wpsubdir || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73|| sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdomain1.com --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc || sudo tail -n50 /var/log/wo/wordops.log - - sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log + - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log + + - sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log + + - sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log + + - sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create 1.com --html || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create 2.com --php || sudo tail -n50 /var/log/wo/wordops.log @@ -71,4 +60,6 @@ script: - sudo ls /var/www/ - sudo wp --allow-root --info - - sudo bash -c 'cat /var/log/wo/wordops.log | ccze -A' + - sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log' + - sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo' + - sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" diff --git a/CHANGELOG.md b/CHANGELOG.md index 6675bc4..2c7557c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,15 +4,35 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +## Releases + +--- + ### v3.9.5 - [Unreleased] +### v3.9.4 - 2019-03-15 + +#### Added + +- Nginx module nginx_vts +- Migration script from nginx-ee to nginx-wo +- Partial support for Debian 9 (testing) +- New Nginx build v1.14.2 + #### Changed -- +- Update WP-CLI version to 2.1.0 +- Update Adminer to 4.6.2 +- Update predis to v1.1.1 +- Refactored nginx.conf +- Removed HHVM Stack +- Removed old linux distro checks +- Replace wo-acme-sh by acme.sh #### Fixed -- Fix Nginx ssl_ciphers +- Outdated Nginx ssl_ciphers suite +- Debian 9 nginx build ### v3.9.3 - 2019-03-07 @@ -42,7 +62,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Fix php services management ([#12](https://github.com/WordOps/WordOps/issues/12)) - Fix WP-CLI install - ### v3.9.2 - 2018-11-30 #### Changed diff --git a/README.md b/README.md index 0fb66b1..d57f89a 100644 --- a/README.md +++ b/README.md @@ -10,11 +10,8 @@ MIT Commits GitHub release -

- -

Key FeaturesGetting Started • @@ -32,15 +29,19 @@ - Easy Migration from EasyEngine v3 (migration script development in progress) - Automated WordPress, Nginx, PHP, MySQL & Redis installation - Up-to-date server stack with Nginx 1.14.2, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 +- Hardened WordPress security with strict Nginx location directives - Optimized Nginx configurations with multiple cache backends support - Let's Encrypt SSL certificates +- Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols ## Requirements ### Operating System -- Ubuntu : 16.04 LTS (Xenial) - 18.04 LTS (Bionic) -- Debian : 8 (Jessie) - 9 (Stretch) -> **Not fully supported yet** +- Ubuntu 16.04 LTS (Xenial) +- Ubuntu 18.04 LTS (Bionic) +- Debian 8 (Jessie) +- Debian 9 (Stretch) -> **Not fully supported yet** ### Ports requirements @@ -60,11 +61,18 @@ sudo wo site create example.com --wp # Install required packages & setup Wor WordOps made some fundamental changes: -- We've deprecated the mail stack. Less is more. As an alternative, take a look at [iRedMail](https://www.iredmail.org/) or [Caesonia](https://github.com/vedetta-com/caesonia). And an alternative for Roundcube is [Rainloop](https://www.rainloop.net/). +- We've deprecated the mail stack. As an alternative, you can take a look at [Mail-in-a-Box](https://github.com/mail-in-a-box/mailinabox), [iRedMail](https://www.iredmail.org/) or [Caesonia](https://github.com/vedetta-com/caesonia). As Roundcube alternative, there is [Rainloop](https://www.rainloop.net/) or [Afterlogic WebMail](https://github.com/afterlogic/webmail-lite-8) - Support for w3tc is dropped as a security precaution. -- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 will be replaced by PHP 7.3. +- PHP 5.6 has been replaced by PHP 7.2 and PHP 7.0 has been replaced by PHP 7.3. +- Nginx-ee package has been replaced by Nginx-wo (based on Nginx stable v1.14.2) -We will not overwrite previous php versions Nginx upstreams to avoid issues during the migration from EEv3. A step by step guide will be published soon to explain how to fully migrate from EasyEngine v3 to WordOps +We are still working on the script to migrate from EasyEngine v3 to WordOps. Here some informations about the WordOps install script : + +- Previous php upstreams in Nginx will not be overwritted +- php5.6 and php7.0 will not be removed or uninstalled +- previous Nginx common configurations will not be overwritted + +A tutorial will be available soon to explain how to fully migrate from EasyEngine v3 to WordOps. ## Usage @@ -78,7 +86,7 @@ wo site create example.com --wpfc # install wordpress + nginx fas wo site create example.com --wpredis # install wordpress + nginx redis_cache ``` -### WordPress multsite with subdirectory +### WordPress multisite with subdirectory ```bash wo site create example.com --wpsubdir # install wpmu-subdirectory without any page caching @@ -87,7 +95,7 @@ wo site create example.com --wpsubdir --wpfc # install wpmu-subdirectory + n wo site create example.com --wpsubdir --wpredis # install wpmu-subdirectory + nginx redis_cache ``` -### WordPress multsite with subdomain +### WordPress multisite with subdomain ```bash wo site create example.com --wpsubdomain # install wpmu-subdomain without any page caching @@ -102,25 +110,18 @@ wo site create example.com --wpsubdomain --wpredis # install wpmu-subdomain + n wo site create example.com --html # create example.com for static/html sites wo site create example.com --php # create example.com with php support wo site create example.com --mysql # create example.com with php & mysql support -``` - -### HHVM enabled sites - -```bash -wo site create example.com --wp --hhvm # create example.com WordPress site with HHVM support -wo site create example.com --php --hhvm # create example.com php site with HHVM support +wo site create example.com --proxy=127.0.0.1:3000 # create example.com with nginx as reverse-proxy ``` ## Cheatsheet -| | single site | multisite w/ subdir | multisite w/ subdom | +| | single site | multisite w/ subdir | multisite w/ subdom | |--------------------|---------------|-----------------------|--------------------------| -| **NO Cache** | --wp | --wpsubdir | --wpsubdomain | -| **WP Super Cache** | --wpsc | --wpsubdir --wpsc | --wpsubdomain --wpsc | +| **NO Cache** | --wp | --wpsubdir | --wpsubdomain | +| **WP Super Cache** | --wpsc | -wpsubdir --wpsc | --wpsubdomain --wpsc | | **Nginx fastcgi_cache** | --wpfc | --wpsubdir --wpfc | --wpsubdomain --wpfc | | **Redis cache** | --wpredis | --wpsubdir --wpredis | --wpsubdomain --wpredis | - ## Update WordOps ```bash diff --git a/install b/install index cdb288d..cae8e14 100644 --- a/install +++ b/install @@ -7,10 +7,10 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.3 - 2019-03-05 +# Version 3.9.4 - 2019-03-15 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" -readonly wo_version_new="3.9.3.1" +readonly wo_version_new="3.9.4" # CONTENTS # --- # 1. VARIABLES AND DECLARATIONS @@ -85,11 +85,17 @@ fi # 1 - Define variables for later use ### wo_branch="$1" -migration=0 readonly wo_log_dir=/var/log/wo/ readonly wo_install_log=/var/log/wo/install.log -readonly wo_linux_distro=$(lsb_release -i | awk '{print $3}') +readonly wo_linux_distro=$(lsb_release -is) readonly wo_distro_version=$(lsb_release -sc) +readonly wo_distro_id=$(lsb_release -rs) + +if [ -x /usr/loca/bin/ee ]; then + migration=1 +else + migration=0 +fi ### # 1 - Checking linux distro @@ -125,16 +131,16 @@ fi #### wo_install_dep() { - + { if [ "$wo_linux_distro" == "Ubuntu" ]; then - apt-get -y install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 > /dev/null 2>&1 + apt-get -y -qq install build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1 else - apt-get -y install build-essential curl gzip dirmngr python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 > /dev/null 2>&1 + apt-get -y -qq install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz gnupg2 fail2ban > /dev/null 2>&1 fi - - locale-gen en - } >> /var/log/wo/install.log 2>&1 + + locale-gen en + } >> /var/log/wo/install.log 2>&1 # Support PFS if [ -f /etc/nginx/nginx.conf ]; then # Replace previous ciphers @@ -205,7 +211,8 @@ wo_sync_db() fi # Check site is enable/live or disable - for site in $(ls /etc/nginx/sites-available/ | grep -v default); + cd /etc/nginx/sites-available || exit 1 + for site in $(echo \* | grep -v default); do if [ -f "/etc/nginx/sites-enabled/$site" ]; then wo_site_status='1' @@ -214,7 +221,7 @@ wo_sync_db() fi # Acquire information about the current nginx configuration - wo_site_current_type=$(head -n1 /etc/nginx/sites-available/$site | grep "NGINX CONFIGURATION" | rev | cut -d' ' -f3,4,5,6,7 | rev | cut -d ' ' -f2,3,4,5) + wo_site_current_type=$(head -n1 "/etc/nginx/sites-available/$site" | grep "NGINX CONFIGURATION" | rev | cut -d' ' -f3,4,5,6,7 | rev | cut -d ' ' -f2,3,4,5) # Sniff out the vhost type and cache configuration if [ "$wo_site_current_type" = "HTML" ]; then @@ -282,29 +289,6 @@ wo_sync_db() echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.3');" | sqlite3 /var/lib/wo/dbase.db - ### - # ee-acme-sh by VirtuBox, https://virtubox.net/ - ### - if [ ! -f ~/.acme.sh/acme.sh ]; then - wget -O - https://get.acme.sh | sh - BASHRC_EE_ACME_FIRST_RELEASE=$(grep "ee-acme" $HOME/.bashrc) - BASHRC_EE_ACME_LAST_RELEASE=$(grep "ee-acme.sh" $HOME/.bashrc) - - if [ -f $HOME/.ee-acme/ee-acme ] && [ -z "$BASHRC_EE_ACME_LAST_RELEASE" ]; then - rm -rf $HOME/.ee-acme/* - echo 'alias ee-acme="/root/.ee-acme/ee-acme.sh"' >> $HOME/.ee-acme/ee-acme - wget -qO $HOME/.ee-acme/ee-acme.sh https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh - chmod +x $HOME/.ee-acme/ee-acme.sh - elif [ -x $HOME/.ee-acme/ee-acme.sh ]; then - rm $HOME/.ee-acme/ee-acme.sh - wget -qO $HOME/.ee-acme/ee-acme.sh https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh - chmod +x $HOME/.ee-acme/ee-acme.sh - elif [ ! -d $HOME/.ee-acme ]; then - mkdir -p $HOME/.ee-acme - wget -qO /usr/local/bin/wo-acme https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh - chmod +x /usr/local/bin/wo-acme - fi - fi } # Once again, set the proper ACL on the WordOps configuration directory @@ -321,23 +305,59 @@ secure_wo_db() # Update the WP-CLI version wo_update_wp_cli() { - - WP_CLI_PATH=$(command -v wp) - if [ "$WP_CLI_PATH" != "/usr/local/bin/wp" ]; then - rm -rf "$WP_CLI_PATH" - # Update WP-CLI to the most recent version - wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/WordOps/wpcli-builds/gh-pages/phar/wp-cli.phar - chmod +x /usr/local/bin/wp - else - wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/WordOps/wpcli-builds/gh-pages/phar/wp-cli.phar - chmod +x /usr/local/bin/wp + { + WP_CLI_PATH=$(command -v wp) + if [ -n "$WP_CLI_PATH" ]; then + rm -rf "$WP_CLI_PATH" + # Update WP-CLI to the most recent version + wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar + chmod +x /usr/local/bin/wp + else + wget -qO /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar + chmod +x /usr/local/bin/wp + fi + [ ! -h /usr/bin/wp ] && { + ln -s /usr/local/bin/wp /usr/bin/ + } + [ ! -f /etc/bash_completion.d/wp-completion.bash ] && { + wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash + } + } >> /var/log/wo/install.log 2>&1 +} + +wo_install_acme_sh() { + # check if acme.sh is already installed + if [ ! -d /opt/acme.sh ]; then + { + # clone the git repository + git clone https://github.com/Neilpang/acme.sh.git /opt/acme.sh -q + cd /opt/acme.sh || exit 1 + # create conf directories + [ ! -d /etc/letsencrypt/config ] && { + mkdir -p /etc/letsencrypt/config + } + [ ! -d /etc/letsencrypt/live ] && { + mkdir -p /etc/letsencrypt/live + } + [ ! -d /etc/letsencrypt/renewal ] && { + mkdir -p /etc/letsencrypt/renewal + } + # install acme.sh + ./acme.sh --install \ + --home /etc/letsencrypt \ + --config-home /etc/letsencrypt/config \ + --cert-home /etc/letsencrypt/renewal + # enable auto-upgrade + /etc/letsencrypt/acme.sh --upgrade --auto-upgrade + + # Let's Encrypt .well-known folder setup + if [ ! -d /var/www/html/.well-known/acme-challenge ]; then + mkdir -p /var/www/html/.well-known/acme-challenge + chown -R www-data:www-data /var/www/html /var/www/html/.well-known + fi + + } >> /var/log/wo/install.log fi - [ ! -x /usr/bin/wp ] && { - ln -s /usr/local/bin/wp /usr/bin/ - } - [ -d /etc/bash_completion.d ] && { - wget -qO /etc/bash_completion.d/wp-completion.bash https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash - } } # Now, finally, let's install WordOps @@ -355,9 +375,64 @@ wo_install() cd /tmp/wordops || exit 1 } >> /var/log/wo/install.log 2>&1; - python3 setup.py install - + python3 setup.py install + + +} +wo_upgrade_nginx() +{ + # chec if the package nginx-ee is installed + CHECK_NGINX_EE=$(dpkg --list | grep nginx-ee) + if [ -n "$CHECK_NGINX_EE" ]; then + { + # add new Nginx repository + if [ "$wo_linux_distro" = "Ubuntu" ]; then + echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/xUbuntu_${wo_distro_id}/ /" >> /etc/apt/sources.list.d/wo-repo.list + wget -qO /tmp/nginx-wo.key "https://download.opensuse.org/repositories/home:virtubox:WordOps/xUbuntu_${wo_distro_id}/Release.key" + else + if [ "$wo_distro_version" == "jessie" ]; then + echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_8.0/ /" > /etc/apt/sources.list.d/wo-repo.list + wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_8.0/Release.key + else + echo "deb http://download.opensuse.org/repositories/home:/virtubox:/WordOps/Debian_9.0/ /" > /etc/apt/sources.list.d/wo-repo.list + wget -qO /tmp/nginx-wo.key https://download.opensuse.org/repositories/home:virtubox:WordOps/Debian_9.0/Release.key + fi + fi + # prevent apt preference to block install + [ -f /etc/apt/preferences.d/nginx-block ] && { + mv /etc/apt/preferences.d/nginx-block "$HOME/nginx-block" + } + # import the respository key for updates + apt-key add - < /tmp/nginx-wo.key + rm -f /tmp/nginx-wo.key + sudo apt-get update + # stop nginx + service nginx stop + # remove previous package + apt-mark unhold nginx-ee nginx-common nginx-custom + apt-get -y -qq autoremove nginx-ee nginx-common nginx-custom + # install new nginx package + DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confnew" -y install nginx-custom nginx-wo + # set back apt preference + [ -f "$HOME/nginx-block" ] && { + mv "$HOME/nginx-block" /etc/apt/preferences.d/nginx-block + } + # update nginx headers and ssl_ciphers + if [ -f /etc/nginx/nginx.conf ]; then + sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/nginx.conf &>> /dev/null + new_ciphers="EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES" + sed -i "s/ssl_ciphers\ \(\"\|.\|'\)\(.*\)\(\"\|.\|'\);/ssl_ciphers \"$new_ciphers\";/" /etc/nginx/nginx.conf + fi + # update redis.conf headers + if [ -f /etc/nginx/common/redis.conf ]; then + sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null + sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null + fi + systemctl enable nginx + systemctl restart nginx + } >> /var/log/wo/install.log 2>&1 + fi } wo_update_latest() @@ -408,83 +483,6 @@ wo_update_latest() fi fi - - if [ -f /etc/nginx/nginx.conf ]; then - wo_lib_echo "Updating Nginx configuration, please wait..." - - elif [ "$wo_distro_version" == "trusty" ]; then - grep -Hr 'http://download.opensuse.org/repositories/home:/rtCamp:/EasyEngine/xUbuntu_14.04/ /' /etc/apt/sources.list.d/ &>> /dev/null - if [[ $? -ne 0 ]]; then - if [ -f /etc/apt/sources.list.d/rtcamp-nginx-trusty.list ]; then - rm -rf /etc/apt/sources.list.d/rtcamp-nginx-trusty.list - fi - echo -e "\ndeb http://download.opensuse.org/repositories/home:/rtCamp:/EasyEngine/xUbuntu_14.04/ /" >> /etc/apt/sources.list.d/wo-repo.list - gpg --keyserver "hkp://pgp.mit.edu" --recv-keys '3050AC3CD2AE6F03' - gpg -a --export --armor '3050AC3CD2AE6F03' | apt-key add - - if [ -f /etc/nginx/conf.d/ee-nginx.conf ]; then - mv /etc/nginx/conf.d/ee-nginx.conf /etc/nginx/conf.d/wo-nginx.conf.old &>> /dev/null - fi - mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old &>> /dev/null - apt-get update - service nginx stop &>> /dev/null - DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install nginx-custom nginx-ee - service nginx restart &>> /dev/null - fi - CHECK_NGINX_COMMON=$(dpkg --get-selections | grep -v deinstall | grep nginx-common) - if [ -n "$CHECK_NGINX_COMMON" ]; then - apt-get update - CHECK_NGINX_MAILINE=$(dpkg --get-selections | grep -v deinstall | grep nginx-mainline) - if [ -n "$CHECK_NGINX_MAILINE" ]; then - apt-get remove -y nginx-mainline - fi - service nginx stop &>> /dev/null - DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y --allow-unauthenticated install nginx-ee nginx-custom - service nginx restart &>> /dev/null - fi - - elif [ "$wo_linux_distro" == "Debian" ]; then - grep -Hr 'http://download.opensuse.org/repositories/home:/rtCamp:/EasyEngine/Debian_8.0/ /' /etc/apt/sources.list.d/ &>> /dev/null - if [[ $? -ne 0 ]]; then - echo -e "deb http://download.opensuse.org/repositories/home:/rtCamp:/EasyEngine/Debian_8.0/ /" >> /etc/apt/sources.list.d/wo-repo.list - gpg --keyserver "hkp://pgp.mit.edu" --recv-keys '3050AC3CD2AE6F03' - gpg -a --export --armor '3050AC3CD2AE6F03' | apt-key add - - if [ -f /etc/nginx/conf.d/ee-nginx.conf ]; then - mv /etc/nginx/conf.d/ee-nginx.conf /etc/nginx/conf.d/ee-nginx.conf.old &>> /dev/null - fi - mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old &>> /dev/null - mv /etc/nginx/fastcgi_params /etc/nginx/fastcgi_params.old &>> /dev/null - apt-get update - systemctl stop nginx &>> /dev/null - apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y install nginx-custom - systemctl restart nginx &>> /dev/null - fi - CHECK_NGINX_COMMON=$(dpkg --get-selections | grep -v deinstall | grep nginx-common) - if [ -n "$CHECK_NGINX_COMMON" ]; then - apt-get update - CHECK_NGINX_MAILINE=$(dpkg --get-selections | grep -v deinstall | grep nginx-mainline) - if [ -n "$CHECK_NGINX_MAILINE" ]; then - apt-get remove -y nginx-mainline - fi - systemctl stop nginx &>> /dev/null - DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confmiss" -o Dpkg::Options::="--force-confold" -y --allow-unauthenticated install nginx-ee nginx-custom - systemctl restart nginx &>> /dev/null - fi - fi - - if [ -f /etc/nginx/nginx.conf ]; then - sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/nginx.conf &>> /dev/null - fi - - if [ -f /etc/nginx/conf.d/wo-plus.conf ]; then - sed -i "s/.*X-Powered-By.*/\tadd_header X-Powered-By \"WordOps $wo_version_new\";/" /etc/nginx/conf.d/wo-plus.conf &>> /dev/null - fi - - # Fix HHVM autostart on reboot - CHECK_HHVM_INSTALL=$(dpkg --get-selections | grep -v deinstall | grep hhvm &>> /dev/null) - if [ -n "$CHECK_HHVM_INSTALL" ]; then - update-rc.d hhvm defaults &>> /dev/null - fi - # Fix WordPress example.html issue # Ref: http://wptavern.com/xss-vulnerability-in-jetpack-and-the-twenty-fifteen-default-theme-affects-millions-of-wordpress-users dpkg --get-selections | grep -v deinstall | grep nginx &>> /dev/null @@ -492,48 +490,6 @@ wo_update_latest() cp /usr/lib/wo/templates/locations.mustache /etc/nginx/common/locations.conf &>> /dev/null fi - # Fix HHVM upstream issue that was preventing from using EasyEngine for site operations - if [ -f /etc/nginx/conf.d/upstream.conf ]; then - grep -Hr hhvm /etc/nginx/conf.d/upstream.conf &>> /dev/null - if [ $? -ne 0 ]; then - echo -e "upstream hhvm {\n# HHVM Pool\nserver 127.0.0.1:8000;\nserver 127.0.0.1:9000 backup;\n}\n" >> /etc/nginx/conf.d/upstream.conf - fi - fi - - # Fix HHVM server IP - if [ -f /etc/hhvm/server.ini ]; then - grep -Hr "hhvm.server.ip" /etc/hhvm/server.ini &>> /dev/null - if [ $? -ne 0 ]; then - echo -e "hhvm.server.ip = 127.0.0.1\n" >> /etc/hhvm/server.ini - fi - fi - - # Rename Redis Header - if [ -f /etc/nginx/common/redis-hhvm.conf ]; then - sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis-hhvm.conf &>> /dev/null - sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis-hhvm.conf &>> /dev/null - fi - - if [ -f /etc/nginx/common/redis.conf ]; then - sed -i "s/X-Cache /X-SRCache-Fetch-Status /g" /etc/nginx/common/redis.conf &>> /dev/null - sed -i "s/X-Cache-2 /X-SRCache-Store-Status /g" /etc/nginx/common/redis.conf &>> /dev/null - fi - - - if [ -f /etc/nginx/common/redis-hhvm.conf ]; then - # Update Timeout redis-hhvm.conf - grep -0 'redis2_query expire $key 6h' /etc/nginx/common/redis-hhvm.conf &>> /dev/null - if [ $? -eq 0 ]; then - sed -i 's/redis2_query expire $key 6h/redis2_query expire $key 14400/g' /etc/nginx/common/redis-hhvm.conf &>> /dev/null - fi - - #Fix for 3.3.4 redis-hhvm issue - grep -0 'HTTP_ACCEPT_ENCODING' /etc/nginx/common/redis-hhvm.conf &>> /dev/null - if [ $? -ne 0 ]; then - sed -i 's/fastcgi_params;/fastcgi_params;\n fastcgi_param HTTP_ACCEPT_ENCODING "";/g' /etc/nginx/common/redis-hhvm.conf &>> /dev/null - fi - fi - # Fix Redis-server security issue # http://redis.io/topics/security if [ -f /etc/redis/redis.conf ]; then @@ -547,7 +503,7 @@ wo_update_latest() # Let's Encrypt .well-known folder setup if [ ! -d /var/www/html/.well-known/acme-challenge ]; then mkdir -p /var/www/html/.well-known/acme-challenge - chown -R www-data:www-data /var/www/html/.well-known + chown -R www-data:www-data /var/www/html /var/www/html/.well-known fi @@ -573,22 +529,6 @@ wo_update_latest() fi fi - # Support PFS - if [ -f /etc/nginx/nginx.conf ]; then - # Replace the default ciphers - sed -i 's/HIGH:!aNULL:!MD5:!kEDH;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf - # Replace the EasyEngine ciphers - sed -i 's/ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;/ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;/' /etc/nginx/nginx.conf - # Change the TLS protocols - if [ "$wo_distro_version" == "bionic" ]; then - # Bionic supports TLSv1.3, so let's enable that - sed -i 's/TLSv1 TLSv1.1 TLSv1.2;/TLSv1.2 TLSv1.3;/g' /etc/nginx/nginx.conf - else - # If != Bionic then enable only TLSv1.2 - sed -i 's/TLSv1 TLSv1.1 TLSv1.2;/TLSv1.2;/g' /etc/nginx/nginx.conf - fi - fi - # Fix for SSL cert --all crontab -l | grep -q '\-\-min_expiry_limit' if [[ $? -eq 0 ]]; then @@ -608,16 +548,16 @@ wo_git_init() git init fi git add -A . - git commit -am "Updated Nginx" + git commit -am "Updated Nginx" } >> /var/log/wo/install.log 2>&1 # WordOps under git version control [ -d /etc/wo ] && { - cd /etc/wo || exit 1 - [ ! -d /etc/wo/.git ] && { - git init - } - git add -A . - git commit -am "Installed/Updated to WordOps" + cd /etc/wo || exit 1 + [ ! -d /etc/wo/.git ] && { + git init + } + git add -A . + git commit -am "Installed/Updated to WordOps" } >> /var/log/wo/install.log 2>&1 # PHP under git version control [ -d /etc/php ] && { @@ -641,14 +581,13 @@ if [ -x /usr/local/bin/wo ]; then read -p "Update WordOps to $wo_version_new (y/n): " wo_ans if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then wo_install_dep | tee -ai $wo_install_log - wo_sync_db >> $EE_INSTALL_LOG 2>&1 - secure_wo_db | tee -ai $EE_INSTALL_LOG - wo_upgrade_php | tee -ai $wo_install_log + wo_sync_db >> $wo_install_log 2>&1 + secure_wo_db | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log + wo_upgrade_nginx | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log - service nginx reload &>> /dev/null - service php7.2-fpm restart &>> /dev/null wo_update_wp_cli | tee -ai $wo_install_log else wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 @@ -664,14 +603,14 @@ else read -p "Update WordOps to $wo_version_new (y/n): " wo_ans if [ "$wo_ans" = "y" ] || [ "$wo_ans" = "Y" ]; then wo_install_dep | tee -ai $wo_install_log - wo_sync_db >> $EE_INSTALL_LOG 2>&1 - secure_wo_db | tee -ai $EE_INSTALL_LOG - wo_upgrade_php | tee -ai $wo_install_log + wo_sync_db >> $wo_install_log 2>&1 + secure_wo_db | tee -ai $wo_install_log wo_install | tee -ai $wo_install_log + wo_upgrade_nginx | tee -ai $wo_install_log wo_update_latest | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log service nginx reload &>> /dev/null - service php7.2-fpm restart &>> /dev/null wo_update_wp_cli | tee -ai $wo_install_log else wo_lib_error "Not updating WordOps to $wo_version_new, exit status = " 1 @@ -688,11 +627,12 @@ else wo_lib_echo "Running post-install steps " | tee -ai $wo_install_log secure_wo_db | tee -ai $wo_install_log wo_git_init | tee -ai $wo_install_log + wo_install_acme_sh | tee -ai $wo_install_log wo_update_wp_cli | tee -ai $wo_install_log fi fi -wo sync | tee -ai $WO_INSTALL_LOG +wo sync | tee -ai $wo_install_log if [ "$migration" -eq "1" ]; then echo diff --git a/wo/cli/main.py b/wo/cli/main.py index ccfcefe..e8d9812 100644 --- a/wo/cli/main.py +++ b/wo/cli/main.py @@ -1,6 +1,12 @@ """WordOps main application entry point.""" import sys import os +from cement.core import foundation +from cement.utils.misc import init_defaults +from cement.core.exc import FrameworkError, CaughtSignal +from cement.ext.ext_argparse import ArgParseArgumentHandler +from wo.core import exc +from wo.cli.ext.wo_outputhandler import WOOutputHandler # this has to happen after you import sys, but before you import anything # from Cement "source: https://github.com/datafolklabs/cement/issues/290" @@ -10,13 +16,6 @@ if '--debug' in sys.argv: else: TOGGLE_DEBUG = False -from cement.core import foundation -from cement.utils.misc import init_defaults -from cement.core.exc import FrameworkError, CaughtSignal -from cement.ext.ext_argparse import ArgParseArgumentHandler -from wo.core import exc -from wo.cli.ext.wo_outputhandler import WOOutputHandler - # Application default. Should update config/wo.conf to reflect any # changes, or additions here. defaults = init_defaults('wo') diff --git a/wo/cli/plugins/debug.py b/wo/cli/plugins/debug.py index 57da542..1db6a6a 100644 --- a/wo/cli/plugins/debug.py +++ b/wo/cli/plugins/debug.py @@ -188,27 +188,24 @@ class WODebugController(CementBaseController): nc = NginxConfig() nc.loadf('/etc/nginx/conf.d/upstream.conf') nc.set([('upstream', 'php',), 'server'], '127.0.0.1:9001') - if os.path.isfile("/etc/nginx/common/wpfc-hhvm.conf"): - nc.set([('upstream', 'hhvm',), 'server'], '127.0.0.1:9001') nc.savef('/etc/nginx/conf.d/upstream.conf') # Enable xdebug - WOFileUtils.searchreplace(self, "/etc/{0}/mods-available/".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5") + + WOFileUtils.searchreplace(self, "/etc/{0}/mods-available/".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5") + "xdebug.ini", ";zend_extension", "zend_extension") # Fix slow log is not enabled default in PHP5.6 config = configparser.ConfigParser() - config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == - 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + config.read('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config['debug']['slowlog'] = '/var/log/{0}/slow.log'.format("php/7.2" if ( - WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5") + WOVariables.wo_platform_distro == 'ubuntu') else "php5") config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5"), + with open('/etc/{0}/fpm/pool.d/debug.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5"), encoding='utf-8', mode='w') as confifile: Log.debug(self, "Writting debug.conf configuration into " - "/etc/{0}/fpm/pool.d/debug.conf".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + "/etc/{0}/fpm/pool.d/debug.conf".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config.write(confifile) self.trigger_php = True @@ -217,7 +214,7 @@ class WODebugController(CementBaseController): Log.info(self, "PHP debug is already enabled") self.msg = self.msg + ['/var/log/{0}/slow.log'.format("php/7.2" if ( - WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")] + WOVariables.wo_platform_distro == 'ubuntu') else "php5")] # PHP global debug stop elif (self.app.pargs.php == 'off' and not self.app.pargs.site_name): @@ -230,12 +227,10 @@ class WODebugController(CementBaseController): nc = NginxConfig() nc.loadf('/etc/nginx/conf.d/upstream.conf') nc.set([('upstream', 'php',), 'server'], '127.0.0.1:9000') - if os.path.isfile("/etc/nginx/common/wpfc-hhvm.conf"): - nc.set([('upstream', 'hhvm',), 'server'], '127.0.0.1:8000') nc.savef('/etc/nginx/conf.d/upstream.conf') # Disable xdebug - WOFileUtils.searchreplace(self, "/etc/{0}/mods-available/".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5") + + WOFileUtils.searchreplace(self, "/etc/{0}/mods-available/".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5") + "xdebug.ini", "zend_extension", ";zend_extension") @@ -251,43 +246,41 @@ class WODebugController(CementBaseController): # PHP5-FPM start global debug if (self.app.pargs.fpm == 'on' and not self.app.pargs.site_name): if not WOShellExec.cmd_exec(self, "grep \"log_level = debug\" " - "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")): + "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")): Log.info(self, "Setting up PHP5-FPM log_level = debug") config = configparser.ConfigParser() - config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == - 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config.remove_option('global', 'include') config['global']['log_level'] = 'debug' config['global']['include'] = '/etc/{0}/fpm/pool.d/*.conf'.format("php/7.2" if ( - WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5") - with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5"), + WOVariables.wo_platform_distro == 'ubuntu') else "php5") + with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5"), encoding='utf-8', mode='w') as configfile: Log.debug(self, "Writting php5-FPM configuration into " - "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config.write(configfile) self.trigger_php = True else: Log.info(self, "PHP5-FPM log_level = debug already setup") self.msg = self.msg + ['/var/log/{0}/fpm.log'.format("php/7.2" if ( - WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")] + WOVariables.wo_platform_distro == 'ubuntu') else "php5")] # PHP5-FPM stop global debug elif (self.app.pargs.fpm == 'off' and not self.app.pargs.site_name): if WOShellExec.cmd_exec(self, "grep \"log_level = debug\" " - "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")): + "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")): Log.info(self, "Disabling PHP5-FPM log_level = debug") config = configparser.ConfigParser() - config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == - 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config.remove_option('global', 'include') config['global']['log_level'] = 'notice' config['global']['include'] = '/etc/{0}/fpm/pool.d/*.conf'.format("php/7.2" if ( - WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5") - with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5"), + WOVariables.wo_platform_distro == 'ubuntu') else "php5") + with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5"), encoding='utf-8', mode='w') as configfile: Log.debug(self, "writting php5 configuration into " - "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') else "php5")) + "/etc/{0}/fpm/php-fpm.conf".format("php/7.2" if (WOVariables.wo_platform_distro == 'ubuntu') else "php5")) config.write(configfile) self.trigger_php = True @@ -300,8 +293,6 @@ class WODebugController(CementBaseController): # PHP global debug start if (self.app.pargs.php73 == 'on' and not self.app.pargs.site_name): - if (WOVariables.wo_platform_codename == 'wheezy' or WOVariables.wo_platform_codename == 'precise'): - Log.error(self, "PHP 7.3 not supported.") if not (WOShellExec.cmd_exec(self, "sed -n \"/upstream php73" "{/,/}/p \" /etc/nginx/" "conf.d/upstream.conf " @@ -313,8 +304,6 @@ class WODebugController(CementBaseController): nc = NginxConfig() nc.loadf('/etc/nginx/conf.d/upstream.conf') nc.set([('upstream', 'php73',), 'server'], '127.0.0.1:9173') - if os.path.isfile("/etc/nginx/common/wpfc-hhvm.conf"): - nc.set([('upstream', 'hhvm',), 'server'], '127.0.0.1:9173') nc.savef('/etc/nginx/conf.d/upstream.conf') # Enable xdebug @@ -352,8 +341,6 @@ class WODebugController(CementBaseController): nc = NginxConfig() nc.loadf('/etc/nginx/conf.d/upstream.conf') nc.set([('upstream', 'php72',), 'server'], 'unix:/var/run/php/php72-fpm.sock') - if os.path.isfile("/etc/nginx/common/wpfc-hhvm.conf"): - nc.set([('upstream', 'hhvm',), 'server'], '127.0.0.1:8000') nc.savef('/etc/nginx/conf.d/upstream.conf') # Disable xdebug @@ -633,7 +620,7 @@ class WODebugController(CementBaseController): # Reload PHP if self.trigger_php: - if WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic': + if WOVariables.wo_platform_distro == 'ubuntu': if WOAptGet.is_installed(self, 'php7.2-fpm'): WOService.reload_service(self, 'php7.2-fpm') if WOAptGet.is_installed(self, 'php7.3-fpm'): @@ -724,7 +711,7 @@ class WODebugController(CementBaseController): self.app.pargs.nginx = 'on' self.app.pargs.php = 'on' self.app.pargs.fpm = 'on' - if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') and WOAptGet.is_installed(self, 'php7.2-fpm'): + if (WOVariables.wo_platform_distro == 'ubuntu') and WOAptGet.is_installed(self, 'php7.2-fpm'): self.app.pargs.php73 = 'on' self.app.pargs.fpm73 = 'on' self.app.pargs.mysql = 'on' @@ -736,7 +723,7 @@ class WODebugController(CementBaseController): self.app.pargs.nginx = 'off' self.app.pargs.php = 'off' self.app.pargs.fpm = 'off' - if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic') and WOAptGet.is_installed(self, 'php7.2-fpm'): + if (WOVariables.wo_platform_distro == 'ubuntu') and WOAptGet.is_installed(self, 'php7.2-fpm'): self.app.pargs.php73 = 'off' self.app.pargs.fpm73 = 'off' self.app.pargs.mysql = 'off' @@ -781,15 +768,10 @@ class WODebugController(CementBaseController): WOService.reload_service(self, 'nginx') # Reload PHP if self.trigger_php: - if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'): if WOAptGet.is_installed(self, 'php7.2-fpm'): WOService.restart_service(self, 'php7.2-fpm') if WOAptGet.is_installed(self, 'php7.3-fpm'): WOService.restart_service(self, 'php7.3-fpm') - else: - WOService.restart_service(self, 'php7.2-fpm') - if WOVariables.wo_platform_codename == 'jessie': - WOService.restart_service(self, 'php7.2-fpm') if len(self.msg) > 0: if not self.app.pargs.interactive: diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 0978aed..2ae239b 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -131,7 +131,6 @@ class WOSiteController(CementBaseController): wo_db_name = '' wo_db_user = '' wo_db_pass = '' - hhvm = '' if not check_domain_exists(self, wo_domain): Log.error(self, "site {0} does not exist".format(wo_domain)) @@ -148,8 +147,6 @@ class WOSiteController(CementBaseController): wo_db_user = siteinfo.db_user wo_db_pass = siteinfo.db_password wo_db_host = siteinfo.db_host - if sitetype != "html": - hhvm = ("enabled" if siteinfo.is_hhvm else "disabled") if sitetype == "proxy": access_log = "/var/log/nginx/{0}.access.log".format(wo_domain) error_log = "/var/log/nginx/{0}.error.log".format(wo_domain) @@ -167,7 +164,7 @@ class WOSiteController(CementBaseController): data = dict(domain=wo_domain, webroot=wo_site_webroot, accesslog=access_log, errorlog=error_log, dbname=wo_db_name, dbuser=wo_db_user, php_version=php_version, - dbpass=wo_db_pass, hhvm=hhvm, + dbpass=wo_db_pass, ssl=ssl, sslprovider=sslprovider, sslexpiry=sslexpiry, type=sitetype + " " + cachetype + " ({0})" .format("enabled" if siteinfo.is_enabled else @@ -331,8 +328,6 @@ class WOSiteCreateController(CementBaseController): (['--wpredis'], dict(help="create wordpress single/multi site with redis cache", action='store_true')), - (['--hhvm'], - dict(help="create HHVM site", action='store_true')), (['-le', '--letsencrypt'], dict(help="configure letsencrypt ssl for the site", action='store_true')), (['--subdomain'], @@ -375,8 +370,6 @@ class WOSiteCreateController(CementBaseController): stype, cache = 'html', 'basic' elif stype and self.app.pargs.proxy: Log.error(self, "proxy should not be used with other site types") - if (self.app.pargs.proxy and self.app.pargs.hhvm): - Log.error(self, "Proxy site can not run on hhvm") if not self.app.pargs.site_name: try: @@ -452,9 +445,6 @@ class WOSiteCreateController(CementBaseController): else: pass - if stype == "html" and self.app.pargs.hhvm: - Log.error(self, "Can not create HTML site with HHVM") - if data and self.app.pargs.php73: if (self.app.pargs.experimental): Log.info( @@ -478,34 +468,9 @@ class WOSiteCreateController(CementBaseController): data['php73'] = False php73 = 0 - if (not self.app.pargs.wpfc) and (not self.app.pargs.wpsc) and (not self.app.pargs.wpredis) and (not self.app.pargs.hhvm): + if (not self.app.pargs.wpfc) and (not self.app.pargs.wpsc) and (not self.app.pargs.wpredis): data['basic'] = True - if data and self.app.pargs.hhvm: - if (not self.app.pargs.experimental): - Log.info(self, "HHVM is experimental feature and it may not " - "work with all plugins of your site.\nYou can " - "disable it by passing --hhvm=off later.\nDo you wish" - " to enable HHVM now for {0}?".format(wo_domain)) - - # Check prompt - check_prompt = input("Type \"y\" to continue [n]:") - if check_prompt != "Y" and check_prompt != "y": - Log.info(self, "Not using HHVM for site.") - data['hhvm'] = False - hhvm = 0 - self.app.pargs.hhvm = False - else: - data['hhvm'] = True - hhvm = 1 - else: - data['hhvm'] = True - hhvm = 1 - - elif data: - data['hhvm'] = False - hhvm = 0 - if (cache == 'wpredis' and (self.app.pargs.experimental)): Log.info(self, "Redis is experimental feature and it may not " "work with all CSS/JS/Cache of your site.\nYou can " @@ -574,7 +539,7 @@ class WOSiteCreateController(CementBaseController): php_version = "7.2" addNewSite(self, wo_domain, stype, cache, wo_site_webroot, - hhvm=hhvm, php_version=php_version) + php_version=php_version) # Setup database for MySQL site if 'wo_db_name' in data.keys() and not data['wp']: @@ -804,10 +769,6 @@ class WOSiteUpdateController(CementBaseController): dict(help="update to wpsc cache", action='store_true')), (['--wpredis'], dict(help="update to redis cache", action='store_true')), - (['--hhvm'], - dict(help='Use HHVM for site', - action='store' or 'store_const', - choices=('on', 'off'), const='on', nargs='?')), (['-le', '--letsencrypt'], dict(help="configure letsencrypt ssl for the site", action='store' or 'store_const', @@ -835,7 +796,7 @@ class WOSiteUpdateController(CementBaseController): if not (pargs.php or pargs.php73 or pargs.mysql or pargs.wp or pargs.wpsubdir or pargs.wpsubdomain or pargs.wpfc or pargs.wpsc or - pargs.hhvm or pargs.wpredis or pargs.letsencrypt): + pargs.wpredis or pargs.letsencrypt): Log.error(self, "Please provide options to update sites.") if pargs.all: @@ -858,7 +819,6 @@ class WOSiteUpdateController(CementBaseController): self.doupdatesite(pargs) def doupdatesite(self, pargs): - hhvm = None letsencrypt = False php73 = None @@ -882,8 +842,6 @@ class WOSiteUpdateController(CementBaseController): stype, cache = 'html', 'basic' elif stype and pargs.proxy: Log.error(self, "--proxy can not be used with other site types") - if (pargs.proxy and pargs.hhvm): - Log.error(self, "Proxy site can not run on hhvm") if not pargs.site_name: try: @@ -904,7 +862,6 @@ class WOSiteUpdateController(CementBaseController): else: oldsitetype = check_site.site_type oldcachetype = check_site.cache_type - old_hhvm = check_site.is_hhvm check_ssl = check_site.is_ssl check_php_version = check_site.php_version @@ -924,18 +881,8 @@ class WOSiteUpdateController(CementBaseController): Log.info(self, "\nPassword Unchanged.") return 0 - if ((stype == "proxy" and stype == oldsitetype and self.app.pargs.hhvm) - or (stype == "proxy" and - stype == oldsitetype)): - Log.info(self, Log.FAIL + - "Can not update proxy site to HHVM") - return 1 - if stype == "html" and stype == oldsitetype and self.app.pargs.hhvm: - Log.info(self, Log.FAIL + "Can not update HTML site to HHVM") - return 1 - - if ((stype == 'php' and oldsitetype not in ['html', 'proxy', 'php73']) or - # (stype == 'php73' and oldsitetype not in ['html', 'mysql', 'php', 'php73', 'wp', 'wpsubdir', 'wpsubdomain', ]) or + if ((stype == 'php' and + oldsitetype not in ['html', 'proxy', 'php73']) or (stype == 'mysql' and oldsitetype not in ['html', 'php', 'proxy', 'php73']) or (stype == 'wp' and oldsitetype not in ['html', 'php', 'mysql', @@ -954,7 +901,6 @@ class WOSiteUpdateController(CementBaseController): data['proxy'] = True data['host'] = host data['port'] = port - hhvm = False data['webroot'] = wo_site_webroot data['currsitetype'] = oldsitetype data['currcachetype'] = oldcachetype @@ -985,7 +931,7 @@ class WOSiteUpdateController(CementBaseController): if stype == 'wpsubdir': data['wpsubdir'] = True - if pargs.hhvm or pargs.php73: + if pargs.php73: if not data: data = dict(site_name=wo_domain, www_domain=wo_www_domain, currsitetype=oldsitetype, @@ -1040,13 +986,6 @@ class WOSiteUpdateController(CementBaseController): data['wpsc'] = False data['wpredis'] = True - if pargs.hhvm != 'off': - data['hhvm'] = True - hhvm = True - elif pargs.hhvm == 'off': - data['hhvm'] = False - hhvm = False - if pargs.php73 == 'on': data['php73'] = True php73 = True @@ -1153,25 +1092,6 @@ class WOSiteUpdateController(CementBaseController): "site") pargs.letsencrypt = False - if pargs.hhvm: - if hhvm is old_hhvm: - if hhvm is False: - Log.info(self, "HHVM is allready disabled for given " - "site") - elif hhvm is True: - Log.info(self, "HHVM is allready enabled for given " - "site") - - pargs.hhvm = False - - if data and (not pargs.hhvm): - if old_hhvm is True: - data['hhvm'] = True - hhvm = True - else: - data['hhvm'] = False - hhvm = False - if data and (not pargs.php73): if old_php73 is True: data['php73'] = True @@ -1180,7 +1100,7 @@ class WOSiteUpdateController(CementBaseController): data['php73'] = False php73 = False - if pargs.hhvm == "on" or pargs.letsencrypt == "on" or pargs.php73 == "on": + if pargs.letsencrypt == "on" or pargs.php73 == "on": if pargs.php73 == "on": if pargs.experimental: Log.info( @@ -1198,26 +1118,6 @@ class WOSiteUpdateController(CementBaseController): data['php73'] = True php73 = True - if pargs.hhvm == "on": - if pargs.experimental: - Log.info(self, "HHVM is experimental feature and it may not" - " work with all plugins of your site.\nYou can " - "disable it by passing --hhvm=off later.\nDo you wish" - " to enable HHVM now for {0}?".format(wo_domain)) - - # Check prompt - check_prompt = input("Type \"y\" to continue [n]:") - if check_prompt != "Y" and check_prompt != "y": - Log.info(self, "Not using HHVM for site") - data['hhvm'] = False - hhvm = False - else: - data['hhvm'] = True - hhvm = True - else: - data['hhvm'] = True - hhvm = True - if pargs.letsencrypt == "on": if pargs.experimental: @@ -1257,8 +1157,7 @@ class WOSiteUpdateController(CementBaseController): data['basic'] = True cache = 'basic' - if ((hhvm is old_hhvm) and (php73 is old_php73) and - (stype == oldsitetype and cache == oldcachetype)): + if (php73 is old_php73) and (stype == oldsitetype and cache == oldcachetype): return 1 if not data: @@ -1298,7 +1197,7 @@ class WOSiteUpdateController(CementBaseController): if 'proxy' in data.keys() and data['proxy']: updateSiteInfo(self, wo_domain, stype=stype, cache=cache, - hhvm=hhvm, ssl=True if check_site.is_ssl else False) + ssl=True if check_site.is_ssl else False) Log.info(self, "Successfully updated site" " http://{0}".format(wo_domain)) return 0 @@ -1366,7 +1265,7 @@ class WOSiteUpdateController(CementBaseController): "check issues with `nginx -t` command") updateSiteInfo(self, wo_domain, stype=stype, cache=cache, - hhvm=hhvm, ssl=True if check_site.is_ssl else False, php_version=check_php_version) + ssl=True if check_site.is_ssl else False, php_version=check_php_version) Log.info(self, "Successfully updated site" " http://{0}".format(wo_domain)) @@ -1568,11 +1467,11 @@ class WOSiteUpdateController(CementBaseController): db_name=data['wo_db_name'], db_user=data['wo_db_user'], db_password=data['wo_db_pass'], - db_host=data['wo_db_host'], hhvm=hhvm, + db_host=data['wo_db_host'], ssl=True if check_site.is_ssl else False, php_version=check_php_version) else: updateSiteInfo(self, wo_domain, stype=stype, cache=cache, - hhvm=hhvm, ssl=True if check_site.is_ssl else False, php_version=check_php_version) + ssl=True if check_site.is_ssl else False, php_version=check_php_version) Log.info(self, "Successfully updated site" " http://{0}".format(wo_domain)) return 0 diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 1c24911..9e53312 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -306,6 +306,8 @@ def setupwordpress(self, data): + "--dbpass=\'{0}\' " "--extra-php< 1 or len(cachelist) > 1: if len(cachelist) > 1: raise RuntimeError( - "Could not determine cache type.Multiple cache parameter entered") + "Could not determine cache type." + "Multiple cache parameter entered") elif False not in [x in ('php', 'mysql', 'html') for x in typelist]: sitetype = 'mysql' if not cachelist: diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 72d08c0..6ad1a9d 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -53,16 +53,12 @@ class WOStackController(CementBaseController): dict(help='Install admin tools stack', action='store_true')), (['--nginx'], dict(help='Install Nginx stack', action='store_true')), - # (['--nginxmainline'], - # dict(help='Install Nginx mainline stack', action='store_true')), (['--php'], dict(help='Install PHP 7.2 stack', action='store_true')), (['--php73'], dict(help='Install PHP 7.3 stack', action='store_true')), (['--mysql'], dict(help='Install MySQL stack', action='store_true')), - (['--hhvm'], - dict(help='Install HHVM stack', action='store_true')), (['--wpcli'], dict(help='Install WPCLI stack', action='store_true')), (['--phpmyadmin'], @@ -150,56 +146,32 @@ class WOStackController(CementBaseController): if set(WOVariables.wo_nginx).issubset(set(apt_packages)): Log.info(self, "Adding repository for NGINX, please wait...") WORepo.add(self, repo_url=WOVariables.wo_nginx_repo) - Log.debug(self, 'Adding ppa of Nginx') + Log.debug(self, 'Adding repository for Nginx') WORepo.add_key(self, WOVariables.wo_nginx_key) if (WOVariables.wo_platform_distro == 'ubuntu'): - if set(WOVariables.wo_php73).issubset(set(apt_packages)) \ - or set(WOVariables.wo_php).issubset(set(apt_packages)): + if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or + set(WOVariables.wo_php).issubset(set(apt_packages))): Log.info(self, "Adding repository for PHP, please wait...") Log.debug(self, 'Adding ppa for PHP') WORepo.add(self, ppa=WOVariables.wo_php_repo) else: - if set(WOVariables.wo_php).issubset(set(apt_packages)): + if (set(WOVariables.wo_php73).issubset(set(apt_packages)) or + set(WOVariables.wo_php).issubset(set(apt_packages))): Log.info(self, "Adding repository for PHP, please wait...") # Add repository for php - if WOVariables.wo_platform_distro == 'debian': - if WOVariables.wo_platform_codename != 'jessie': - Log.debug(self, 'Adding repo_url of php for debian') - WORepo.add(self, repo_url=WOVariables.wo_php_repo) - Log.debug(self, 'Adding Dotdeb/php GPG key') - WORepo.add_key(self, '89DF5277') - else: - Log.debug(self, 'Adding ppa for PHP') - WORepo.add(self, ppa=WOVariables.wo_php_repo) - - if WOVariables.wo_platform_distro == 'debian': - if set(WOVariables.wo_php73).issubset(set(apt_packages)): - Log.debug(self, 'Adding repo_url of php 7.3 for debian') - WORepo.add(self, repo_url=WOVariables.wo_php_repo) - Log.debug(self, 'Adding Dotdeb/php GPG key') - WORepo.add_key(self, '89DF5277') - - if set(WOVariables.wo_hhvm).issubset(set(apt_packages)): - if (WOVariables.wo_platform_codename != 'xenial' or WOVariables.wo_platform_codename != 'bionic'): - Log.info(self, "Adding repository for HHVM, please wait...") - if WOVariables.wo_platform_codename == 'precise': - Log.debug(self, 'Adding PPA for Boost') - WORepo.add(self, ppa=WOVariables.wo_boost_repo) - Log.debug(self, 'Adding ppa repo for HHVM') - WORepo.add(self, repo_url=WOVariables.wo_hhvm_repo) - Log.debug(self, 'Adding HHVM GPG Key') - WORepo.add_key(self, '0x5a16e7281be7a449') - else: - Log.info(self, "Using default Ubuntu repository for HHVM") + Log.debug(self, 'Adding repo_url of php for debian') + WORepo.add(self, repo_url=WOVariables.wo_php_repo) + Log.debug(self, 'Adding deb.sury GPG key') + WORepo.add_key(self, WOVariables.wo_php_key) if set(WOVariables.wo_redis).issubset(set(apt_packages)): Log.info(self, "Adding repository for Redis, please wait...") if WOVariables.wo_platform_distro == 'debian': Log.debug(self, 'Adding repo_url of redis for debian') WORepo.add(self, repo_url=WOVariables.wo_redis_repo) - Log.debug(self, 'Adding Dotdeb GPG key') - WORepo.add_key(self, '89DF5277') + Log.debug(self, 'Adding Deb.sury GPG key') + WORepo.add_key(self, 'AC0E47584A7A714D') else: Log.debug(self, 'Adding ppa for redis') WORepo.add(self, ppa=WOVariables.wo_redis_repo) @@ -210,63 +182,25 @@ class WOStackController(CementBaseController): if len(apt_packages): if set(WOVariables.wo_nginx).issubset(set(apt_packages)): - if set(["nginx-plus"]).issubset(set(apt_packages)) or set(["nginx"]).issubset(set(apt_packages)): + if set(["nginx"]).issubset(set(apt_packages)): # Fix for white screen death with NGINX PLUS if not WOFileUtils.grep(self, '/etc/nginx/fastcgi_params', 'SCRIPT_FILENAME'): - with open('/etc/nginx/fastcgi_params', encoding='utf-8', - mode='a') as wo_nginx: + with open('/etc/nginx/fastcgi_params', + encoding='utf-8', mode='a') as wo_nginx: wo_nginx.write('fastcgi_param \tSCRIPT_FILENAME ' '\t$request_filename;\n') - if not (os.path.isfile('/etc/nginx/common/wpfc.conf')): + if not (os.path.isfile('/etc/nginx/common/wpfc-php72.conf')): # Change WordOpsVersion in nginx.conf file WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", "# add_header", "add_header") WOFileUtils.searchreplace(self, "/etc/nginx/nginx.conf", - "\"EasyEngine\"", + "\"WordOps\"", "\"WordOps v{0}\"" .format(WOVariables.wo_version)) - WOFileUtils.searchreplace(self, '/etc/nginx/nginx.conf', - 'ECDHE-RSA-AES128-GCM' - '-SHA256:' - 'ECDHE-ECDSA-AES128' - '-GCM-SHA256:' - 'ECDHE-RSA-AES256-GCM-SHA384:' - 'ECDHE-ECDSA-AES256-GCM-SHA384:' - 'DHE-RSA-AES128-GCM-SHA256:' - 'DHE-DSS-AES128-GCM-SHA256:' - 'kEDH+AESGCM:' - 'ECDHE-RSA-AES128-SHA256:' - 'ECDHE-ECDSA-AES128-SHA256:' - 'ECDHE-RSA-AES128-SHA:' - 'ECDHE-ECDSA-AES128-SHA:' - 'ECDHE-RSA-AES256-SHA384:' - 'ECDHE-ECDSA-AES256-SHA384:' - 'ECDHE-RSA-AES256-SHA:' - 'ECDHE-ECDSA-AES256-SHA:' - 'DHE-RSA-AES128-SHA256:' - 'DHE-RSA-AES128-SHA' - 'DHE-DSS-AES128-SHA256:' - 'DHE-RSA-AES256-SHA256:' - 'DHE-DSS-AES256-SHA:' - 'DHE-RSA-AES256-SHA:' - 'ECDHE-RSA-DES-CBC3-SHA:' - 'ECDHE-ECDSA-DES-CBC3-SHA:' - 'AES128-GCM-SA256:' - 'AES256-GCM-SHA384:' - 'AES128-SHA256:AES256-SHA256:' - 'AES128-SHA:AES256-SHA:AES:' - 'CAMELLIA:DES-CBC3-SHA:!aNULL:' - '!eNULL:!EXPORT:!DES:' - '!RC4:!MD5:!PSK:' - '!ECDH:!EDH-DSS-DES-CBC3-SHA:' - '!EDH-RSA-DES-CBC3-SHA:' - '!KRB5-DES-CBC3-SHA', - 'EECDH+CHACHA20:EECDH+AESGCM:' - 'EECDH+AES') data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/blockips.conf') @@ -282,8 +216,11 @@ class WOStackController(CementBaseController): self.app.render((data), 'fastcgi.mustache', out=wo_nginx) wo_nginx.close() - data = dict(php="9000", debug="9001", hhvm="8000", php73="9072", debug7="9172", - hhvmconf=False, php7conf=True if WOAptGet.is_installed(self, 'php7.3-fpm') else False) + data = dict(php="9000", debug="9001", + php7="9070", debug7="9170", + php7conf=True + if WOAptGet.is_installed(self, 'php7.0-fpm') + else False) Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/conf.d/upstream.conf') wo_nginx = open('/etc/nginx/conf.d/upstream.conf', @@ -372,9 +309,7 @@ class WOStackController(CementBaseController): wo_nginx.close() # php7 conf - if (WOVariables.wo_platform_distro == 'debian' or - WOVariables.wo_platform_distro == 'ubuntu') and (not - os.path.isfile("/etc/nginx/common/php73.conf")): + if not os.path.isfile("/etc/nginx/common/php73.conf"): # data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/locations-php73.conf') @@ -424,9 +359,11 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - # Nginx-Plus does not have nginx package structure like this + # Nginx-Plus does not have nginx + # package structure like this # So creating directories - if set(["nginx-plus"]).issubset(set(apt_packages)) or set(["nginx"]).issubset(set(apt_packages)): + if (set(["nginx-plus"]).issubset(set(apt_packages)) or + set(["nginx"]).issubset(set(apt_packages))): Log.info(self, "Installing WordOpsConfigurations for" "NGINX") if not os.path.exists('/etc/nginx/sites-available'): @@ -505,7 +442,7 @@ class WOStackController(CementBaseController): "{0}22222/cert/22222.key 2048" .format(WOVariables.wo_webroot)) WOShellExec.cmd_exec(self, "openssl req -new -batch " - "-subj /commonName=localhost.localdomain/ " + "-subj /commonName=localhost/ " "-key {0}22222/cert/22222.key " "-out {0}22222/cert/" "22222.csr" @@ -538,7 +475,8 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/nginx"], msg="Adding Nginx into Git") WOService.reload_service(self, 'nginx') - if set(["nginx-plus"]).issubset(set(apt_packages)) or set(["nginx"]).issubset(set(apt_packages)): + if (set(["nginx-plus"]).issubset(set(apt_packages)) or + set(["nginx"]).issubset(set(apt_packages))): WOShellExec.cmd_exec(self, "sed -i -e 's/^user/#user/'" " -e '/^#user/a user" "\ www-data\;'" @@ -572,7 +510,8 @@ class WOStackController(CementBaseController): WOService.restart_service(self, 'nginx') if WOAptGet.is_installed(self, 'redis-server'): - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php72.conf")): + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/common/redis-php72.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' @@ -583,26 +522,16 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-hhvm.conf")): - + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/common/redis-php73.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-hhvm.conf') - wo_nginx = open('/etc/nginx/common/redis-hhvm.conf', + 'file /etc/nginx/common/redis-php73.conf') + wo_nginx = open('/etc/nginx/common/redis-php73.conf', encoding='utf-8', mode='w') - self.app.render((data), 'redis-hhvm.mustache', + self.app.render((data), 'redis-php7.mustache', out=wo_nginx) wo_nginx.close() - if (WOVariables.wo_platform_distro == 'ubuntu'): - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php73.conf")): - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-php73.conf') - wo_nginx = open('/etc/nginx/common/redis-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-php7.mustache', - out=wo_nginx) - wo_nginx.close() if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" @@ -614,7 +543,8 @@ class WOStackController(CementBaseController): " server 127.0.0.1:6379;\n" " keepalive 10;\n}\n") - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/conf.d/redis.conf")): + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/conf.d/redis.conf")): with open("/etc/nginx/conf.d/redis.conf", "a") as redis_file: redis_file.write("# Log format Settings\n" "log_format rt_cache_redis '$remote_addr $upstream_response_time $srcache_fetch_status [$time_local] '\n" @@ -622,7 +552,8 @@ class WOStackController(CementBaseController): "'\"$http_referer\" \"$http_user_agent\"';\n") # setup nginx common folder for php7 if self.app.pargs.php73: - if os.path.isdir("/etc/nginx/common") and (not os.path.isfile("/etc/nginx/common/php73.conf")): + if (os.path.isdir("/etc/nginx/common") and + not os.path.isfile("/etc/nginx/common/php73.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/locations-php73.conf') @@ -664,7 +595,8 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if os.path.isdir("/etc/nginx/common") and (not os.path.isfile("/etc/nginx/common/redis-php73.conf")): + if (os.path.isdir("/etc/nginx/common") and + not os.path.isfile("/etc/nginx/common/redis-php73.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/redis-php73.conf') @@ -681,84 +613,9 @@ class WOStackController(CementBaseController): php_file.write("upstream php73 {\nserver unix:/var/run/php/php73-fpm.sock;\n}\n" "upstream debug73 {\nserver 127.0.0.1:9173;\n}\n") - if set(WOVariables.wo_hhvm).issubset(set(apt_packages)): - - WOShellExec.cmd_exec(self, "update-rc.d hhvm defaults") - - WOFileUtils.searchreplace(self, "/etc/hhvm/server.ini", - "9000", "8000") - if (WOVariables.wo_platform_codename != 'xenial' or WOVariables.wo_platform_codename != 'bionic'): - WOFileUtils.searchreplace(self, "/etc/nginx/hhvm.conf", - "9000", "8000") - - with open("/etc/hhvm/php.ini", "a") as hhvm_file: - hhvm_file.write("hhvm.log.header = true\n" - "hhvm.log.natives_stack_trace = true\n" - "hhvm.mysql.socket = " - "/var/run/mysqld/mysqld.sock\n" - "hhvm.pdo_mysql.socket = " - "/var/run/mysqld/mysqld.sock\n" - "hhvm.mysqli.socket = " - "/var/run/mysqld/mysqld.sock\n") - - with open("/etc/hhvm/server.ini", "a") as hhvm_file: - hhvm_file.write("hhvm.server.ip = 127.0.0.1\n") - - if os.path.isfile("/etc/nginx/conf.d/fastcgi.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "fastcgi.conf", - "fastcgi_keep_conn"): - with open("/etc/nginx/conf.d/fastcgi.conf", - "a") as hhvm_file: - hhvm_file.write("fastcgi_keep_conn on;\n") - - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): - if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" - "upstream.conf", - "hhvm"): - with open("/etc/nginx/conf.d/upstream.conf", - "a") as hhvm_file: - hhvm_file.write("upstream hhvm {\nserver " - "127.0.0.1:8000;\n" - "server 127.0.0.1:9000 backup;\n}" - "\n") - - WOGit.add(self, ["/etc/hhvm"], msg="Adding HHVM into Git") - WOService.restart_service(self, 'hhvm') - - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/php-hhvm.conf")): - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/php-hhvm.conf') - wo_nginx = open('/etc/nginx/common/php-hhvm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-hhvm.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpfc-hhvm.conf') - wo_nginx = open('/etc/nginx/common/wpfc-hhvm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpfc-hhvm.mustache', - out=wo_nginx) - wo_nginx.close() - - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/wpsc-hhvm.conf') - wo_nginx = open('/etc/nginx/common/wpsc-hhvm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'wpsc-hhvm.mustache', - out=wo_nginx) - wo_nginx.close() - - if not WOService.reload_service(self, 'nginx'): - Log.error(self, "Failed to reload Nginx, please check " - "output of `nginx -t`") - if set(WOVariables.wo_redis).issubset(set(apt_packages)): - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-php72.conf")): + if (os.path.isfile("/etc/nginx/nginx.conf") and + not os.path.isfile("/etc/nginx/common/redis-php72.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' @@ -769,17 +626,6 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/common/redis-hhvm.conf")): - - data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/redis-hhvm.conf') - wo_nginx = open('/etc/nginx/common/redis-hhvm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'redis-hhvm.mustache', - out=wo_nginx) - wo_nginx.close() - if os.path.isfile("/etc/nginx/conf.d/upstream.conf"): if not WOFileUtils.grep(self, "/etc/nginx/conf.d/" "upstream.conf", @@ -790,14 +636,23 @@ class WOStackController(CementBaseController): " server 127.0.0.1:6379;\n" " keepalive 10;\n}\n") - if os.path.isfile("/etc/nginx/nginx.conf") and (not os.path.isfile("/etc/nginx/conf.d/redis.conf")): - with open("/etc/nginx/conf.d/redis.conf", "a") as redis_file: - redis_file.write("# Log format Settings\n" - "log_format rt_cache_redis '$remote_addr $upstream_response_time $srcache_fetch_status [$time_local] '\n" - "'$http_host \"$request\" $status $body_bytes_sent '\n" - "'\"$http_referer\" \"$http_user_agent\"';\n") + if os.path.isfile("/etc/nginx/nginx.conf"): + if not os.path.isfile("/etc/nginx/conf.d/redis.conf"): + with open("/etc/nginx/conf.d/redis.conf", + "a") as redis_file: + redis_file.write("# Log format Settings\n" + "log_format rt_cache_redis " + "'$remote_addr " + "$upstream_response_time " + "$srcache_fetch_status " + "[$time_local]" + " '\n '$http_host" + " \"$request\" " + "$status $body_bytes_sent '\n" + "'\"$http_referer\" " + "\"$http_user_agent\"';\n") - if (WOVariables.wo_platform_distro == 'ubuntu'): + if set(WOVariables.wo_php).issubset(set(apt_packages)): # Create log directories if not os.path.exists('/var/log/php/7.2/'): Log.debug(self, 'Creating directory /var/log/php/7.2/') @@ -819,7 +674,8 @@ class WOStackController(CementBaseController): config.write(configfile) # Parse /etc/php/7.2/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.2-fpm.pid", error_log="/var/log/php/7.2/fpm.log", + data = dict(pid="/run/php/php7.2-fpm.pid", + error_log="/var/log/php/7.2/fpm.log", include="/etc/php/7.2/fpm/pool.d/*.conf") Log.debug(self, "writting php7.2 configuration into " "/etc/php/7.2/fpm/php-fpm.conf") @@ -864,7 +720,7 @@ class WOStackController(CementBaseController): config['debug']['request_slowlog_timeout'] = '10s' with open('/etc/php/7.2/fpm/pool.d/debug.conf', encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP5 configuration into " + Log.debug(self, "writting PHP7.2 configuration into " "/etc/php/7.2/fpm/pool.d/debug.conf") config.write(confifile) @@ -921,8 +777,8 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") WOService.restart_service(self, 'php7.2-fpm') - # PHP7.3 configuration for debian - if (WOVariables.wo_platform_distro == 'debian') and set(WOVariables.wo_php73).issubset(set(apt_packages)): + # PHP7.3 configuration + if set(WOVariables.wo_php73).issubset(set(apt_packages)): # Create log directories if not os.path.exists('/var/log/php/7.3/'): Log.debug(self, 'Creating directory /var/log/php/7.3/') @@ -1046,131 +902,6 @@ class WOStackController(CementBaseController): WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") WOService.restart_service(self, 'php7.3-fpm') - # preconfiguration for php7.3 - if (WOVariables.wo_platform_distro == 'ubuntu') and set(WOVariables.wo_php73).issubset(set(apt_packages)): - # Create log directories - if not os.path.exists('/var/log/php/7.3/'): - Log.debug(self, 'Creating directory /var/log/php/7.3/') - os.makedirs('/var/log/php/7.3/') - - # Parse etc/php/7.2/fpm/php.ini - config = configparser.ConfigParser() - Log.debug(self, "configuring php file /etc/php/7.3/fpm/php.ini") - config.read('/etc/php/7.3/fpm/php.ini') - config['PHP']['expose_php'] = 'Off' - config['PHP']['post_max_size'] = '64M' - config['PHP']['upload_max_filesize'] = '64M' - config['PHP']['max_execution_time'] = '30' - config['PHP']['date.timezone'] = WOVariables.wo_timezone - with open('/etc/php/7.3/fpm/php.ini', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "Writting php configuration into " - "/etc/php/7.3/fpm/php.ini") - config.write(configfile) - - # Parse /etc/php/7.2/fpm/php-fpm.conf - data = dict(pid="/run/php/php7.3-fpm.pid", error_log="/var/log/php/7.3/fpm.log", - include="/etc/php/7.3/fpm/pool.d/*.conf") - Log.debug(self, "writting php 7.3 configuration into " - "/etc/php/7.3/fpm/php-fpm.conf") - wo_php_fpm = open('/etc/php/7.3/fpm/php-fpm.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'php-fpm.mustache', out=wo_php_fpm) - wo_php_fpm.close() - - # Parse /etc/php/7.3/fpm/pool.d/www.conf - config = configparser.ConfigParser() - config.read_file(codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', - "r", "utf8")) - config['www']['ping.path'] = '/ping' - config['www']['pm.status_path'] = '/status' - config['www']['pm.max_requests'] = '100' - config['www']['pm.max_children'] = '25' - config['www']['pm.start_servers'] = '5' - config['www']['pm.min_spare_servers'] = '2' - config['www']['pm.max_spare_servers'] = '5' - config['www']['request_terminate_timeout'] = '100' - config['www']['pm'] = 'ondemand' - config['www']['chdir'] = '/' - config['www']['prefix'] = '/var/run/php' - config['www']['listen'] = 'php73-fpm.sock' - config['www']['listen.backlog'] = '32768' - with codecs.open('/etc/php/7.3/fpm/pool.d/www.conf', - encoding='utf-8', mode='w') as configfile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/www.conf") - config.write(configfile) - - # Generate /etc/php/7.3/fpm/pool.d/debug.conf - WOFileUtils.copyfile(self, "/etc/php/7.3/fpm/pool.d/www.conf", - "/etc/php/7.3/fpm/pool.d/debug.conf") - WOFileUtils.searchreplace(self, "/etc/php/7.3/fpm/pool.d/" - "debug.conf", "[www]", "[debug]") - config = configparser.ConfigParser() - config.read('/etc/php/7.3/fpm/pool.d/debug.conf') - config['debug']['listen'] = '127.0.0.1:9173' - config['debug']['rlimit_core'] = 'unlimited' - config['debug']['slowlog'] = '/var/log/php/7.3/slow.log' - config['debug']['request_slowlog_timeout'] = '10s' - with open('/etc/php/7.3/fpm/pool.d/debug.conf', - encoding='utf-8', mode='w') as confifile: - Log.debug(self, "writting PHP 7.3 configuration into " - "/etc/php/7.3/fpm/pool.d/debug.conf") - config.write(confifile) - - with open("/etc/php/7.3/fpm/pool.d/debug.conf", - encoding='utf-8', mode='a') as myfile: - myfile.write("php_admin_value[xdebug.profiler_output_dir] " - "= /tmp/ \nphp_admin_value[xdebug.profiler_" - "output_name] = cachegrind.out.%p-%H-%R " - "\nphp_admin_flag[xdebug.profiler_enable" - "_trigger] = on \nphp_admin_flag[xdebug." - "profiler_enable] = off\n") - - # Disable xdebug - if not WOShellExec.cmd_exec(self, "grep -q \';zend_extension\' /etc/php/7.3/mods-available/xdebug.ini"): - WOFileUtils.searchreplace(self, "/etc/php/7.3/mods-available/" - "xdebug.ini", - "zend_extension", - ";zend_extension") - - # PHP and Debug pull configuration - if not os.path.exists('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/fpm/status/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/fpm/status/' - .format(WOVariables.wo_webroot)) - open('{0}22222/htdocs/fpm/status/debug' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - open('{0}22222/htdocs/fpm/status/php' - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='a').close() - - # Write info.php - if not os.path.exists('{0}22222/htdocs/php/' - .format(WOVariables.wo_webroot)): - Log.debug(self, 'Creating directory ' - '{0}22222/htdocs/php/ ' - .format(WOVariables.wo_webroot)) - os.makedirs('{0}22222/htdocs/php' - .format(WOVariables.wo_webroot)) - - with open("{0}22222/htdocs/php/info.php" - .format(WOVariables.wo_webroot), - encoding='utf-8', mode='w') as myfile: - myfile.write("") - - WOFileUtils.chown(self, "{0}22222" - .format(WOVariables.wo_webroot), - WOVariables.wo_php_user, - WOVariables.wo_php_user, recursive=True) - - WOGit.add(self, ["/etc/php"], msg="Adding PHP into Git") - WOService.restart_service(self, 'php7.3-fpm') - if set(WOVariables.wo_mysql).issubset(set(apt_packages)): if not os.path.isfile("/etc/mysql/my.cnf"): config = ("[mysqld]\nwait_timeout = 30\n" @@ -1396,7 +1127,6 @@ class WOStackController(CementBaseController): (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.hhvm) and (not self.app.pargs.adminer) and (not self.app.pargs.utils) and (not self.app.pargs.redis) and (not self.app.pargs.phpredisadmin) and @@ -1449,6 +1179,7 @@ class WOStackController(CementBaseController): else: Log.debug(self, "Nginx Stable already installed") + # PHP 7.2 if self.app.pargs.php: Log.debug(self, "Setting apt_packages variable for PHP 7.2") if not (WOAptGet.is_installed(self, 'php7.2-fpm')): @@ -1457,38 +1188,16 @@ class WOStackController(CementBaseController): Log.debug(self, "PHP 7.2 already installed") Log.info(self, "PHP 7.2 already installed") - # PHP 7.3 for Debian (jessie+) - if self.app.pargs.php73 and WOVariables.wo_platform_distro == 'debian': + # PHP 7.3 + if self.app.pargs.php73: Log.debug(self, "Setting apt_packages variable for PHP 7.3") if not WOAptGet.is_installed(self, 'php7.3-fpm'): apt_packages = apt_packages + WOVariables.wo_php73 - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php else: Log.debug(self, "PHP 7.3 already installed") Log.info(self, "PHP 7.3 already installed") - # PHP 7.3 for Ubuntu - if self.app.pargs.php73 and (WOVariables.wo_platform_distro == 'ubuntu'): - Log.debug(self, "Setting apt_packages variable for PHP 7.3") - if not WOAptGet.is_installed(self, 'php7.3-fpm'): - apt_packages = apt_packages + WOVariables.wo_php73 - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra - else: - Log.debug(self, "PHP 7.3 already installed") - Log.info(self, "PHP 7.3 already installed") - - if self.app.pargs.hhvm: - Log.debug(self, "Setting apt packages variable for HHVM") - if platform.architecture()[0] is '32bit': - Log.error(self, "HHVM is not supported by 32bit system") - if not WOAptGet.is_installed(self, 'hhvm'): - apt_packages = apt_packages + WOVariables.wo_hhvm - else: - Log.debug(self, "HHVM already installed") - Log.info(self, "HHVM already installed") - + # MariaDB 10.3 if self.app.pargs.mysql: Log.debug(self, "Setting apt_packages variable for MySQL") if not WOShellExec.cmd_exec(self, "mysqladmin ping"): @@ -1504,6 +1213,7 @@ class WOStackController(CementBaseController): Log.debug(self, "MySQL connection is already alive") Log.info(self, "MySQL connection is already alive") + # WP-CLI if self.app.pargs.wpcli: Log.debug(self, "Setting packages variable for WP-CLI") if not WOShellExec.cmd_exec(self, "command -v wp"): @@ -1516,21 +1226,23 @@ class WOStackController(CementBaseController): else: Log.debug(self, "WP-CLI is already installed") Log.info(self, "WP-CLI is already installed") + + # PHPMYADMIN if self.app.pargs.phpmyadmin: Log.debug(self, "Setting packages varible for phpMyAdmin ") packages = packages + [["https://github.com/phpmyadmin/" "phpmyadmin/archive/STABLE.tar.gz", "/tmp/pma.tar.gz", "phpMyAdmin"]] - + # PHPREDISADMIN if self.app.pargs.phpredisadmin: Log.debug(self, "Setting packages varible for phpRedisAdmin") packages = packages + [["https://github.com/ErikDubbelboer/" "phpRedisAdmin/archive/master.tar.gz", "/tmp/pra.tar.gz", "phpRedisAdmin"], ["https://github.com/nrk/predis/" - "archive/v1.0.1.tar.gz", + "archive/v1.1.1.tar.gz", "/tmp/predis.tar.gz", "Predis"]] - + # ADMINER if self.app.pargs.adminer: Log.debug(self, "Setting packages variable for Adminer ") packages = packages + [["https://www.adminer.org/static/download/" @@ -1540,12 +1252,13 @@ class WOStackController(CementBaseController): "htdocs/db/adminer/index.php" .format(WOVariables.wo_webroot), "Adminer"]] - + # UTILS if self.app.pargs.utils: Log.debug(self, "Setting packages variable for utils") - packages = packages + [["https://storage.googleapis.com/google-code-archive-downloads/" - "v2/code.google.com/phpmemcacheadmin/" - "phpMemcachedAdmin-1.2.2-r262.tar.gz", '/tmp/memcached.tar.gz', + packages = packages + [["https://github.com/elijaa/" + "phpmemcachedadmin/archive/" + "1.3.0.tar.gz", + '/tmp/memcached.tar.gz', 'phpMemcachedAdmin'], ["https://raw.githubusercontent.com" "/rtCamp/eeadmin/master/cache/nginx/" @@ -1647,9 +1360,8 @@ class WOStackController(CementBaseController): (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.php73) and (not self.app.pargs.mysql) and (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.hhvm) and (not self.app.pargs.adminer) and - (not self.app.pargs.utils) and (not self.app.pargs.all) and - (not self.app.pargs.redis) and + (not self.app.pargs.adminer) and (not self.app.pargs.utils) and + (not self.app.pargs.all) and (not self.app.pargs.redis) and (not self.app.pargs.phpredisadmin)): self.app.pargs.web = True self.app.pargs.admin = True @@ -1657,8 +1369,7 @@ class WOStackController(CementBaseController): if self.app.pargs.all: self.app.pargs.web = True self.app.pargs.admin = True - if (WOVariables.wo_platform_distro == 'ubuntu'): - self.app.pargs.php73 = True + self.app.pargs.php73 = True if self.app.pargs.web: self.app.pargs.nginx = True @@ -1670,60 +1381,53 @@ class WOStackController(CementBaseController): self.app.pargs.adminer = True self.app.pargs.phpmyadmin = True self.app.pargs.utils = True - + # NGINX if self.app.pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Removing apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx else: Log.error(self, "Cannot Remove! Nginx Stable version not found.") - + # PHP 7.2 if self.app.pargs.php: Log.debug(self, "Removing apt_packages variable of PHP") - if (WOVariables.wo_platform_distro == 'ubuntu'): - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra - else: - apt_packages = apt_packages + WOVariables.wo_php + if not WOAptGet.is_installed(self, 'php7.2-fpm'): + apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra # PHP7.3 if self.app.pargs.php73: - if (WOVariables.wo_platform_distro == 'ubuntu'): - Log.debug(self, "Removing apt_packages variable of PHP 7.3") - apt_packages = apt_packages + WOVariables.wo_php73 - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra - else: + Log.debug(self, "Removing apt_packages variable of PHP 7.3") + if not WOAptGet.is_installed(self, 'php7.3-fpm'): apt_packages = apt_packages + WOVariables.wo_php73 - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - Log.debug(self, "Removing apt_packages variable of HHVM") - apt_packages = apt_packages + WOVariables.wo_hhvm - + # REDIS if self.app.pargs.redis: Log.debug(self, "Remove apt_packages variable of Redis") apt_packages = apt_packages + WOVariables.wo_redis + # MariaDB if self.app.pargs.mysql: Log.debug(self, "Removing apt_packages variable of MySQL") apt_packages = apt_packages + WOVariables.wo_mysql packages = packages + ['/usr/bin/mysqltuner'] - + # WPCLI if self.app.pargs.wpcli: Log.debug(self, "Removing package variable of WPCLI ") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] else: Log.warn(self, "WP-CLI is not installed with WordOps") + # PHPMYADMIN if self.app.pargs.phpmyadmin: Log.debug(self, "Removing package variable of phpMyAdmin ") packages = packages + ['{0}22222/htdocs/db/pma' .format(WOVariables.wo_webroot)] + # PHPREDISADMIN if self.app.pargs.phpredisadmin: Log.debug(self, "Removing package variable of phpRedisAdmin ") packages = packages + ['{0}22222/htdocs/cache/redis/phpRedisAdmin' .format(WOVariables.wo_webroot)] + # ADMINER if self.app.pargs.adminer: Log.debug(self, "Removing package variable of Adminer ") packages = packages + ['{0}22222/htdocs/db/adminer' @@ -1788,17 +1492,16 @@ class WOStackController(CementBaseController): (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.php73) and (not self.app.pargs.mysql) and (not self.app.pargs.wpcli) and (not self.app.pargs.phpmyadmin) and - (not self.app.pargs.hhvm) and (not self.app.pargs.adminer) and - (not self.app.pargs.utils) and (not self.app.pargs.all) and - (not self.app.pargs.redis) and (not self.app.pargs.phpredisadmin)): + (not self.app.pargs.adminer) and (not self.app.pargs.utils) and + (not self.app.pargs.all) and (not self.app.pargs.redis) and + (not self.app.pargs.phpredisadmin)): self.app.pargs.web = True self.app.pargs.admin = True if self.app.pargs.all: self.app.pargs.web = True self.app.pargs.admin = True - if (WOVariables.wo_platform_distro == 'ubuntu'): - self.app.pargs.php73 = True + self.app.pargs.php73 = True if self.app.pargs.web: self.app.pargs.nginx = True @@ -1811,57 +1514,54 @@ class WOStackController(CementBaseController): self.app.pargs.phpmyadmin = True self.app.pargs.utils = True + # NGINX if self.app.pargs.nginx: if WOAptGet.is_installed(self, 'nginx-custom'): Log.debug(self, "Purge apt_packages variable of Nginx") apt_packages = apt_packages + WOVariables.wo_nginx else: Log.error(self, "Cannot Purge! Nginx Stable version not found.") + + # PHP if self.app.pargs.php: Log.debug(self, "Purge apt_packages variable PHP") - if (WOVariables.wo_platform_distro == 'ubuntu'): + if not WOAptGet.is_installed(self, 'php7.2-fpm'): apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra - if not WOAptGet.is_installed(self, 'php7.3-fpm'): - apt_packages = apt_packages + WOVariables.wo_php73 else: - apt_packages = apt_packages + WOVariables.wo_php - if not WOAptGet.is_installed(self, 'php7.3-fpm'): - apt_packages = apt_packages + WOVariables.wo_php73 + Log.error(self, "Cannot Purge PHP 7.2. not found.") - # For debian --php73 + # PHP 7.3 if self.app.pargs.php73: - if (WOVariables.wo_platform_distro == 'ubuntu'): - Log.debug(self, "Removing apt_packages variable of PHP 7.3") - apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php - else: + Log.debug(self, "Removing apt_packages variable of PHP 7.3") + if not WOAptGet.is_installed(self, 'php7.3-fpm'): apt_packages = apt_packages + WOVariables.wo_php73 - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php - - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - Log.debug(self, "Purge apt_packages varible of HHVM") - apt_packages = apt_packages + WOVariables.wo_hhvm - + else: + Log.error(self, "Cannot Purge PHP 7.3. not found.") + # WP-CLI + if self.app.pargs.wpcli: Log.debug(self, "Purge package variable WPCLI") if os.path.isfile('/usr/local/bin/wp'): packages = packages + ['/usr/local/bin/wp'] else: Log.warn(self, "WP-CLI is not installed with WordOps") + + # PHPMYADMIN if self.app.pargs.phpmyadmin: packages = packages + ['{0}22222/htdocs/db/pma'. format(WOVariables.wo_webroot)] Log.debug(self, "Purge package variable phpMyAdmin") + + # PHPREDISADMIN if self.app.pargs.phpredisadmin: Log.debug(self, "Removing package variable of phpRedisAdmin ") packages = packages + ['{0}22222/htdocs/cache/redis/phpRedisAdmin' .format(WOVariables.wo_webroot)] + # Adminer if self.app.pargs.adminer: Log.debug(self, "Purge package variable Adminer") packages = packages + ['{0}22222/htdocs/db/adminer' .format(WOVariables.wo_webroot)] + # utils if self.app.pargs.utils: Log.debug(self, "Purge package variable utils") packages = packages + ['{0}22222/htdocs/php/webgrind/' diff --git a/wo/cli/plugins/stack_services.py b/wo/cli/plugins/stack_services.py index f4bc268..b161974 100644 --- a/wo/cli/plugins/stack_services.py +++ b/wo/cli/plugins/stack_services.py @@ -21,15 +21,18 @@ class WOStackStatusController(CementBaseController): def start(self): """Start services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or self.app.pargs.php73 - or self.app.pargs.mysql or self.app.pargs.hhvm or self.app.pargs.memcached - or self.app.pargs.redis): + if not (self.app.pargs.nginx or self.app.pargs.php or + self.app.pargs.php73 or + self.app.pargs.mysql or + self.app.pargs.memcached or + self.app.pargs.redis): self.app.pargs.nginx = True self.app.pargs.php = True self.app.pargs.mysql = True if self.app.pargs.nginx: - if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline'): + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") @@ -63,11 +66,6 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - services = services + ['hhvm'] - else: - Log.info(self, "HHVM is not installed") if self.app.pargs.memcached: if WOAptGet.is_installed(self, 'memcached'): services = services + ['memcached'] @@ -88,15 +86,18 @@ class WOStackStatusController(CementBaseController): def stop(self): """Stop services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or self.app.pargs.php73 - or self.app.pargs.mysql or self.app.pargs.hhvm or self.app.pargs.memcached - or self.app.pargs.redis): + if not (self.app.pargs.nginx or self.app.pargs.php or + self.app.pargs.php73 or + self.app.pargs.mysql or + self.app.pargs.memcached or + self.app.pargs.redis): self.app.pargs.nginx = True self.app.pargs.php = True self.app.pargs.mysql = True if self.app.pargs.nginx: - if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline'): + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") @@ -131,11 +132,6 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - services = services + ['hhvm'] - else: - Log.info(self, "HHVM is not installed") if self.app.pargs.memcached: if WOAptGet.is_installed(self, 'memcached'): services = services + ['memcached'] @@ -156,15 +152,18 @@ class WOStackStatusController(CementBaseController): def restart(self): """Restart services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or self.app.pargs.php73 - or self.app.pargs.mysql or self.app.pargs.hhvm or self.app.pargs.memcached - or self.app.pargs.redis): + if not (self.app.pargs.nginx or self.app.pargs.php or + self.app.pargs.php73 or + self.app.pargs.mysql or + self.app.pargs.memcached or + self.app.pargs.redis): self.app.pargs.nginx = True self.app.pargs.php = True self.app.pargs.mysql = True if self.app.pargs.nginx: - if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline'): + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") @@ -189,9 +188,9 @@ class WOStackStatusController(CementBaseController): if self.app.pargs.mysql: if ((WOVariables.wo_mysql_host is "localhost") or (WOVariables.wo_mysql_host is "127.0.0.1")): - if (WOAptGet.is_installed(self, 'mysql-server') or - WOAptGet.is_installed(self, 'percona-server-server-5.6') or - WOAptGet.is_installed(self, 'mariadb-server')): + if ((WOAptGet.is_installed(self, 'mysql-server') or + WOAptGet.is_installed(self, 'percona-server-server-5.6') or + WOAptGet.is_installed(self, 'mariadb-server'))): services = services + ['mysql'] else: Log.info(self, "MySQL is not installed") @@ -199,11 +198,6 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - services = services + ['hhvm'] - else: - Log.info(self, "HHVM is not installed") if self.app.pargs.memcached: if WOAptGet.is_installed(self, 'memcached'): services = services + ['memcached'] @@ -224,16 +218,18 @@ class WOStackStatusController(CementBaseController): def status(self): """Status of services""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or self.app.pargs.php73 - or self.app.pargs.mysql or self.app.pargs.hhvm or self.app.pargs.memcached - or self.app.pargs.redis): + if not (self.app.pargs.nginx or self.app.pargs.php or + self.app.pargs.php73 or + self.app.pargs.mysql or + self.app.pargs.memcached or + self.app.pargs.redis): self.app.pargs.nginx = True self.app.pargs.php = True self.app.pargs.mysql = True - self.app.pargs.hhvm = True if self.app.pargs.nginx: - if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline'): + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") @@ -268,11 +264,6 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - services = services + ['hhvm'] - else: - Log.info(self, "HHVM is not installed") if self.app.pargs.memcached: if WOAptGet.is_installed(self, 'memcached'): services = services + ['memcached'] @@ -293,15 +284,18 @@ class WOStackStatusController(CementBaseController): def reload(self): """Reload service""" services = [] - if not (self.app.pargs.nginx or self.app.pargs.php or self.app.pargs.php73 - or self.app.pargs.mysql or self.app.pargs.hhvm or self.app.pargs.memcached - or self.app.pargs.redis): + if not (self.app.pargs.nginx or self.app.pargs.php or + self.app.pargs.php73 or + self.app.pargs.mysql or + self.app.pargs.memcached or + self.app.pargs.redis): self.app.pargs.nginx = True self.app.pargs.php = True self.app.pargs.mysql = True if self.app.pargs.nginx: - if WOAptGet.is_installed(self, 'nginx-custom') or WOAptGet.is_installed(self, 'nginx-mainline'): + if (WOAptGet.is_installed(self, 'nginx-custom') or + WOAptGet.is_installed(self, 'nginx-mainline')): services = services + ['nginx'] else: Log.info(self, "Nginx is not installed") @@ -336,9 +330,6 @@ class WOStackStatusController(CementBaseController): Log.warn(self, "Remote MySQL found, " "Unable to check MySQL service status") - if self.app.pargs.hhvm: - Log.info(self, "HHVM does not support to reload") - if self.app.pargs.memcached: if WOAptGet.is_installed(self, 'memcached'): services = services + ['memcached'] diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index fca79a1..7b0caed 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -34,8 +34,6 @@ class WOStackUpgradeController(CementBaseController): dict(help='Upgrade PHP stack', action='store_true')), (['--mysql'], dict(help='Upgrade MySQL stack', action='store_true')), - (['--hhvm'], - dict(help='Upgrade HHVM stack', action='store_true')), (['--wpcli'], dict(help='Upgrade WPCLI', action='store_true')), (['--redis'], @@ -73,7 +71,7 @@ class WOStackUpgradeController(CementBaseController): Log.info(self, "Updating apt-cache, please wait...") WOAptGet.update(self) Log.info(self, "Installing packages, please wait ...") - if (WOVariables.wo_platform_codename == 'trusty' or WOVariables.wo_platform_codename == 'xenial' or WOVariables.wo_platform_codename == 'bionic'): + if (WOVariables.wo_platform_distro == 'ubuntu'): WOAptGet.install(self, WOVariables.wo_php + WOVariables.wo_php_extra) else: WOAptGet.install(self, WOVariables.wo_php) @@ -89,9 +87,8 @@ class WOStackUpgradeController(CementBaseController): if ((not self.app.pargs.web) and (not self.app.pargs.nginx) and (not self.app.pargs.php) and (not self.app.pargs.mysql) and - (not self.app.pargs.hhvm) and (not self.app.pargs.all) and - (not self.app.pargs.wpcli) and (not self.app.pargs.redis) and - (not self.app.pargs.nginxmainline)): + (not self.app.pargs.all) and (not self.app.pargs.wpcli) and + (not self.app.pargs.redis) and (not self.app.pargs.nginxmainline)): self.app.pargs.web = True if self.app.pargs.all: @@ -118,12 +115,6 @@ class WOStackUpgradeController(CementBaseController): else: Log.info(self, "PHP 7.2 is not installed") - if self.app.pargs.hhvm: - if WOAptGet.is_installed(self, 'hhvm'): - apt_packages = apt_packages + WOVariables.wo_hhvm - else: - Log.info(self, "HHVM is not installed") - if self.app.pargs.mysql: if WOAptGet.is_installed(self, 'mariadb-server'): apt_packages = apt_packages + WOVariables.wo_mysql @@ -169,8 +160,6 @@ class WOStackUpgradeController(CementBaseController): WOService.restart_service(self, 'nginx') if set(WOVariables.wo_php).issubset(set(apt_packages)): WOService.restart_service(self, 'php7.2-fpm') - if set(WOVariables.wo_hhvm).issubset(set(apt_packages)): - WOService.restart_service(self, 'hhvm') if set(WOVariables.wo_mysql).issubset(set(apt_packages)): WOService.restart_service(self, 'mysql') if set(WOVariables.wo_redis).issubset(set(apt_packages)): diff --git a/wo/cli/plugins/sync.py b/wo/cli/plugins/sync.py index e0fd1f9..bdee23a 100644 --- a/wo/cli/plugins/sync.py +++ b/wo/cli/plugins/sync.py @@ -40,10 +40,10 @@ class WOSyncController(CementBaseController): # search for wp-config.php inside htdocs/ if not configfiles: Log.debug(self, "Config files not found in {0}/ " - .format(wo_site_webroot)) + .format(wo_site_webroot)) if site.site_type != 'mysql': Log.debug(self, "Searching wp-config.php in {0}/htdocs/ " - .format(wo_site_webroot)) + .format(wo_site_webroot)) configfiles = glob.glob(wo_site_webroot + '/htdocs/wp-config.php') if configfiles: diff --git a/wo/cli/plugins/update.py b/wo/cli/plugins/update.py index 80d42e3..4f589de 100644 --- a/wo/cli/plugins/update.py +++ b/wo/cli/plugins/update.py @@ -23,7 +23,8 @@ class WOUpdateController(CementBaseController): @expose(hide=True) def default(self): filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S") - WODownload.download(self, [["https://raw.githubusercontent.com/WordOps/WordOps/master/install", + WODownload.download(self, [["https://raw.githubusercontent.com/" + "WordOps/WordOps/master/install", "/tmp/{0}".format(filename), "update script"]]) try: diff --git a/wo/cli/templates/22222.mustache b/wo/cli/templates/22222.mustache index ab7da89..232e88f 100644 --- a/wo/cli/templates/22222.mustache +++ b/wo/cli/templates/22222.mustache @@ -21,6 +21,12 @@ server { # HTTP Authentication on port 22222 include common/acl.conf; + + # nginx-vts-status + location /vts_status { + vhost_traffic_status_display; + vhost_traffic_status_display_format html; + } location / { try_files $uri $uri/ /index.php$is_args$args; @@ -41,4 +47,27 @@ server { include fastcgi_params; fastcgi_pass php72; } + + location /netdata { + return 301 /netdata/; + } + + location ~ /netdata/(?.*) { + proxy_redirect off; + proxy_set_header Host $host; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_pass_request_headers on; + proxy_set_header Connection "keep-alive"; + proxy_store off; + proxy_pass http://netdata/$ndpath$is_args$args; + + gzip on; + gzip_proxied any; + gzip_types *; + } + } diff --git a/wo/cli/templates/fastcgi.mustache b/wo/cli/templates/fastcgi.mustache index 5a97dcf..fcf02bd 100644 --- a/wo/cli/templates/fastcgi.mustache +++ b/wo/cli/templates/fastcgi.mustache @@ -2,9 +2,16 @@ fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; +fastcgi_cache_lock on; +fastcgi_cache_lock_age 5s; +fastcgi_cache_lock_timeout 5s; fastcgi_cache_methods GET HEAD; fastcgi_cache_background_update on; -fastcgi_cache_valid 200 301 302 404 1h; +fastcgi_cache_valid 200 1h; +fastcgi_cache_valid 301 302 30m; +fastcgi_cache_valid 499 502 503 1m; +fastcgi_cache_valid 404 15m; +fastcgi_cache_valid any 15m; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; fastcgi_param SERVER_NAME $http_host; diff --git a/wo/cli/templates/locations-php7.mustache b/wo/cli/templates/locations-php7.mustache index 04bd05d..9576ff3 100644 --- a/wo/cli/templates/locations-php7.mustache +++ b/wo/cli/templates/locations-php7.mustache @@ -39,6 +39,7 @@ location ~ /\.(?!well-known\/) { # letsencrypt validation location /.well-known/acme-challenge/ { alias /var/www/html/.well-known/acme-challenge/; + allow all; } # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" { diff --git a/wo/cli/templates/locations.mustache b/wo/cli/templates/locations.mustache index 7d8c6bb..88c98b4 100644 --- a/wo/cli/templates/locations.mustache +++ b/wo/cli/templates/locations.mustache @@ -39,6 +39,7 @@ location ~ /\.(?!well-known\/) { # letsencrypt validation location /.well-known/acme-challenge/ { alias /var/www/html/.well-known/acme-challenge/; + allow all; } # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" { diff --git a/wo/cli/templates/php-hhvm.mustache b/wo/cli/templates/php-hhvm.mustache deleted file mode 100644 index ac76401..0000000 --- a/wo/cli/templates/php-hhvm.mustache +++ /dev/null @@ -1,10 +0,0 @@ -# PHP NGINX CONFIGURATION -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -location / { - try_files $uri $uri/ /index.php$is_args$args; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass hhvm; -} diff --git a/wo/cli/templates/redis-hhvm.mustache b/wo/cli/templates/redis-hhvm.mustache deleted file mode 100644 index 764ef09..0000000 --- a/wo/cli/templates/redis-hhvm.mustache +++ /dev/null @@ -1,58 +0,0 @@ -# Redis NGINX CONFIGURATION -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -set $skip_cache 0; -# POST requests and URL with a query string should always go to php -if ($request_method = POST) { - set $skip_cache 1; -} -if ($query_string != "") { - set $skip_cache 1; -} -# Don't cache URL containing the following segments -if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") { - set $skip_cache 1; -} -# Don't use the cache for logged in users or recent commenter or customer with items in cart -if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") { - set $skip_cache 1; -} -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - try_files $uri $uri/ /index.php$is_args$args; -} - -location /redis-fetch { - internal ; - set $redis_key $args; - redis_pass redis; -} -location /redis-store { - internal ; - set_unescape_uri $key $arg_key ; - redis2_query set $key $echo_request_body; - redis2_query expire $key 14400; - redis2_pass redis; - -} - -location ~ \.php$ { - set $key "nginx-cache:$scheme$request_method$host$request_uri"; - try_files $uri =404; - - srcache_fetch_skip $skip_cache; - srcache_store_skip $skip_cache; - - srcache_response_cache_control off; - - set_escape_uri $escaped_key $key; - - srcache_fetch GET /redis-fetch $key; - srcache_store PUT /redis-store key=$escaped_key; - - more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status'; - more_set_headers 'X-SRCache-Store-Status $srcache_store_status'; - - include fastcgi_params; - fastcgi_param HTTP_ACCEPT_ENCODING ""; - fastcgi_pass hhvm; -} diff --git a/wo/cli/templates/siteinfo.mustache b/wo/cli/templates/siteinfo.mustache index 3d0acbb..e196175 100644 --- a/wo/cli/templates/siteinfo.mustache +++ b/wo/cli/templates/siteinfo.mustache @@ -2,7 +2,6 @@ Information about {{domain}}: Nginx configuration {{type}} {{enable}} {{#php_version}}PHP Version {{php_version}}{{/php_version}} -{{#hhvm}}HHVM {{hhvm}}{{/hhvm}} {{#ssl}}SSL {{ssl}}{{/ssl}} {{#sslprovider}}SSL PROVIDER {{sslprovider}}{{/sslprovider}} {{#sslexpiry}}SSL EXPIRY DATE {{sslexpiry}}{{/sslexpiry}} diff --git a/wo/cli/templates/upstream.mustache b/wo/cli/templates/upstream.mustache index 89cb5b1..64a5e95 100644 --- a/wo/cli/templates/upstream.mustache +++ b/wo/cli/templates/upstream.mustache @@ -1,23 +1,36 @@ # Common upstream settings - -# PHP 5.6 upstream +#------------------------------- +# PHP 5.6 +#------------------------------- upstream php { -server 127.0.0.1:9000; +server 127.0.0.1:{{php}}; } upstream debug { -# Debug Pool -server 127.0.0.1:9001; +server 127.0.0.1:{{debug}}; } -# PHP 7.0 upstream +{{#php7conf}} +#------------------------------- +# PHP 7.0 +#------------------------------- + upstream php7 { -server 127.0.0.1:9070; +server 127.0.0.1:{{php7}}; } +upstream debug7 { +# Debug Pool +server 127.0.0.1:{{debug7}}; +} +{{/php7conf}} + +#------------------------------- +# PHP 7.2 +#------------------------------- # PHP 7.2 upstream with load-balancing on two unix sockets upstream php72 { -server unix:/var/run/php/php72-fpm.sock; + server unix:/var/run/php/php72-fpm.sock; } # PHP 7.2 debug @@ -26,18 +39,24 @@ upstream debug72 { server 127.0.0.1:9172; } +#------------------------------- +# PHP 7.3 +#------------------------------- + # PHP 7.3 upstream with load-balancing on two unix sockets upstream php73 { -server unix:/var/run/php/php73-fpm.sock; + server unix:/var/run/php/php73-fpm.sock; } -{{#php7conf}} # PHP 7.3 debug upstream debug73 { # Debug Pool -server 127.0.0.1:9173; + server 127.0.0.1:9173; } -{{/php7conf}} + +#------------------------------- +# Netdata +#------------------------------- # Netdata Monitoring Upstream upstream netdata { @@ -45,10 +64,3 @@ upstream netdata { keepalive 64; } -{{#hhvmconf}} -upstream hhvm { -# HHVM Pool -server 127.0.0.1:{{hhvm}}; -server 127.0.0.1:{{php}} backup; -} -{{/hhvmconf}} diff --git a/wo/cli/templates/virtualconf-php7.mustache b/wo/cli/templates/virtualconf-php7.mustache index bc58b9c..1e590de 100644 --- a/wo/cli/templates/virtualconf-php7.mustache +++ b/wo/cli/templates/virtualconf-php7.mustache @@ -38,7 +38,7 @@ server { } {{/static}} - {{^static}}include {{^hhvm}}{{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} {{/hhvm}}{{#hhvm}}{{#basic}}common/php-hhvm.conf;{{/basic}}{{#wpfc}}common/wpfc-hhvm.conf;{{/wpfc}} {{#wpsc}}common/wpsc-hhvm.conf;{{/wpsc}}{{#wpredis}}common/redis-hhvm.conf;{{/wpredis}} {{/hhvm}} + {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}} {{^proxy}}include common/locations-php73.conf;{{/proxy}} diff --git a/wo/cli/templates/virtualconf.mustache b/wo/cli/templates/virtualconf.mustache index 2fbd321..b4c52bf 100644 --- a/wo/cli/templates/virtualconf.mustache +++ b/wo/cli/templates/virtualconf.mustache @@ -38,7 +38,8 @@ server { } {{/static}} - {{^static}}include {{^hhvm}}{{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} {{/hhvm}}{{#hhvm}}{{#basic}}common/php-hhvm.conf;{{/basic}}{{#wpfc}}common/wpfc-hhvm.conf;{{/wpfc}} {{#wpsc}}common/wpsc-hhvm.conf;{{/wpsc}}{{#wpredis}}common/redis-hhvm.conf;{{/wpredis}} {{/hhvm}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} + {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} + {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}} {{^proxy}}include common/locations-php72.conf;{{/proxy}} {{^vma}}{{^rc}}include {{webroot}}/conf/nginx/*.conf;{{/rc}}{{/vma}} diff --git a/wo/cli/templates/wpfc-hhvm.mustache b/wo/cli/templates/wpfc-hhvm.mustache deleted file mode 100644 index d0b3f92..0000000 --- a/wo/cli/templates/wpfc-hhvm.mustache +++ /dev/null @@ -1,23 +0,0 @@ -# WPFC NGINX CONFIGURATION -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf - -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - try_files $uri $uri/ /index.php$is_args$args; -} -location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ { - try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass hhvm; - fastcgi_cache_bypass $skip_cache; - fastcgi_no_cache $skip_cache; - fastcgi_cache WORDPRESS; -} -location ~ /purge(/.*) { - fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; - access_log off; -} diff --git a/wo/cli/templates/wpsc-hhvm.mustache b/wo/cli/templates/wpsc-hhvm.mustache deleted file mode 100644 index 4040a4c..0000000 --- a/wo/cli/templates/wpsc-hhvm.mustache +++ /dev/null @@ -1,17 +0,0 @@ -# WPSC NGINX CONFIGURATION -# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE -# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf - -# Use cached or actual file if they exists, Otherwise pass request to WordPress -location / { - # If we add index.php?$args its break WooCommerce like plugins - # Ref: #330 - try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php; -} -location ~ \.php$ { - try_files $uri =404; - include fastcgi_params; - fastcgi_pass hhvm; - # Following line is needed by WP Super Cache plugin - fastcgi_param SERVER_NAME $http_host; -} diff --git a/wo/core/variables.py b/wo/core/variables.py index cc70bf7..a60b5ce 100644 --- a/wo/core/variables.py +++ b/wo/core/variables.py @@ -12,7 +12,7 @@ class WOVariables(): """Intialization of core variables""" # WordOps version - wo_version = "3.9.3" + wo_version = "3.9.4" # WordOps packages versions wo_wp_cli = "2.1.0" wo_adminer = "4.7.1" @@ -45,6 +45,12 @@ class WOVariables(): # WordOps default webroot path wo_webroot = '/var/www/' + # WordOps default renewal SSL certificates path + wo_ssl_archive = '/etc/letsencrypt/renewal' + + # WordOps default live SSL certificates path + wo_ssl_live = '/etc/letsencrypt/live' + # PHP user wo_php_user = 'www-data' @@ -83,22 +89,22 @@ class WOVariables(): # Nginx repo and packages if wo_platform_codename == 'trusty': wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/rtCamp:/EasyEngine/xUbuntu_14.04/ /") + "/virtubox:/WordOps/xUbuntu_14.04/ /") elif wo_platform_codename == 'xenial': wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/rtCamp:/EasyEngine/xUbuntu_16.04/ /") + "/virtubox:/WordOps/xUbuntu_16.04/ /") elif wo_platform_codename == 'bionic': wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/rtCamp:/EasyEngine/xUbuntu_18.04/ /") + "/virtubox:/WordOps/xUbuntu_18.04/ /") elif wo_platform_codename == 'jessie': wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/rtCamp:/EasyEngine/Debian_8.0/ /") + "/virtubox:/WordOps/Debian_8.0/ /") elif wo_platform_codename == 'stretch': wo_nginx_repo = ("deb http://download.opensuse.org/repositories/home:" - "/rtCamp:/EasyEngine/Debian_8.0/ /") + "/virtubox:/WordOps/Debian_9.0/ /") - wo_nginx = ["nginx-custom", "nginx-ee"] - wo_nginx_key = '3050AC3CD2AE6F03' + wo_nginx = ["nginx-custom", "nginx-wo"] + wo_nginx_key = '188C9FB063F0247A' # PHP repo and packages if wo_platform_distro == 'ubuntu': @@ -115,24 +121,24 @@ class WOVariables(): "php7.3-zip", "php7.3-xml", "php7.3-soap"] wo_php_extra = ["php-memcached", "php-imagick", "memcached", "graphviz", "php-xdebug", "php-msgpack", "php-redis"] + wo_php_key = '' elif wo_platform_distro == 'debian': wo_php_repo = ( - "deb https://packages.sury.org/php/ {codename} main".format(codename=wo_platform_codename)) + "deb https://packages.sury.org/php/ {codename} main" + .format(codename=wo_platform_codename)) wo_php = ["php7.2-fpm", "php7.2-curl", "php7.2-gd", "php7.2-imap", - "php7.2-common", "php7.2-readline", "php-redis", - "php7.2-mysql", "php7.2-cli", "php-imagick", - "php7.2-mbstring", "php7.2-recode", "php7.2-bcmath", - "php7.2-opcache", "php7.2-zip", "php7.2-xml", - "php7.2-soap", "php-msgpack", - "graphviz", "php-pear", "php-xdebug"] + "php7.2-readline", "php7.2-common", "php7.2-recode", + "php7.2-cli", "php7.2-mbstring", + "php7.2-bcmath", "php7.2-mysql", "php7.2-opcache", + "php7.2-zip", "php7.2-xml", "php7.2-soap"] wo_php73 = ["php7.3-fpm", "php7.3-curl", "php7.3-gd", "php7.3-imap", - "php7.3-common", "php7.3-readline", "php-redis", - "php7.3-mysql", "php7.3-cli", "php-imagick", - "php7.3-mbstring", "php7.3-recode", "php7.3-bcmath", - "php7.3-opcache", "php7.3-zip", "php7.3-xml", - "php7.3-soap", "php-msgpack", - "graphviz", "php-pear", "php-xdebug"] - wo_php_extra = [] + "php7.3-readline", "php7.3-common", "php7.3-recode", + "php7.3-cli", "php7.3-mbstring", + "php7.3-bcmath", "php7.3-mysql", "php7.3-opcache", + "php7.3-zip", "php7.3-xml", "php7.3-soap"] + wo_php_extra = ["php-memcached", "php-imagick", "memcached", + "graphviz", "php-xdebug", "php-msgpack", "php-redis"] + wo_php_key = '188C9FB063F0247A' # MySQL repo and packages if wo_platform_distro == 'ubuntu': @@ -146,17 +152,6 @@ class WOVariables(): wo_mysql = ["mariadb-server", "percona-toolkit"] - # HHVM repo details - if wo_platform_distro == 'ubuntu': - if wo_platform_codename == "trusty" or wo_platform_codename == "xenial" or wo_platform_codename == "bionic": - wo_hhvm_repo = ("deb http://dl.hhvm.com/ubuntu {codename} main" - .format(codename=wo_platform_codename)) - else: - wo_hhvm_repo = ("deb http://dl.hhvm.com/debian {codename} main" - .format(codename=wo_platform_codename)) - - wo_hhvm = ["hhvm"] - # Redis repo details if wo_platform_distro == 'ubuntu': wo_redis_repo = ("ppa:chris-lea/redis-server")