Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #45 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-03-27 13:38:17 +01:00
committed by GitHub
parent a8e974fa33 e6e07f3f17
commit f0236e9e2c
28 changed files with 142 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.travis.yml
View File

@@ -25,26 +25,26 @@ script:
- sudo wo --help
- sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log
@@ -59,6 +59,7 @@ script:
- sudo ls /var/www/
- sudo wp --allow-root --info
- sudo wo info || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo'
- sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down"

4
CHANGELOG.md
View File

@@ -18,6 +18,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Install script handle migration from EEv3
- load-balancing on unix socket for php-fpm
- stub_status vhost for metrics
- "--letsencrypt=subdomain" option
- opcache optimization for php-fpm
- EasyEngine configuration backup before migration
- EasyEngine configuration cleanup after migration
@@ -29,11 +30,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- letsencrypt stack refactored with acme.sh
- letsencrypt validation with webroot folder
- "--letsencrypt=subdomain" option
- hardened nginx ssl_ecdh_curve
- Update phpredisadmin
- Increase MySQL root password size to 16 characters
- Increase MySQL users password size to 16 characters
- Nginx locations template is the same for php7.2 & 7.3
#### Fixed
@@ -47,6 +48,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- PHP 7.2 & PHP 7.3 pool configuration during upgrade
- WordOps backup directory creation before upgrade
- EasyEngine database sync during migration
- command "wo info"
### v3.9.4 - 2019-03-15

22
README.md
View File

@@ -6,9 +6,9 @@
<h2 align="center">An essential toolset that eases WordPress site and server administration</h2>
<p align="center">
<img src="https://img.virtubox.net/images/2019/03/26/wo-stable.gif" width="540" alt="WordOps" /></p>
<img src="https://img.virtubox.net/images/2019/03/27/wordops-stable-4.mp4.gif" width="600" alt="WordOps" />
</p>
<p align="center">
<a href="https://travis-ci.org/WordOps/WordOps"><img src="https://travis-ci.org/WordOps/WordOps.svg?branch=master" alt="build"></a>
@@ -31,13 +31,13 @@
## Key Features
- Easy Migration from EasyEngine v3
- Automated WordPress, Nginx, PHP, MySQL & Redis installation
- Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- Hardened WordPress security with strict Nginx location directives
- Optimized Nginx configurations with multiple cache backends support
- Let's Encrypt SSL certificates handled by Acme.sh
- Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols
- **Easy to install** : One step automated installer with migration from EasyEngine v3 support
- **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation
- **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- **Secured** : Hardened WordPress security with strict Nginx location directives
- **Powerful** : Optimized Nginx configurations with multiple cache backends support
- **SSL** : Let's Encrypt SSL certificates handled by Acme.sh
- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols
## Requirements
@@ -78,8 +78,6 @@ If you are going to migrate from EasyEngine v3, here some important informations
- php5.6 and php7.0 will not be removed or uninstalled
- previous Nginx common configurations will not be overwritted
A tutorial will be available soon to explain how to fully migrate from EasyEngine v3 to WordOps.
## Usage
### Standard WordPress sites
@@ -149,11 +147,13 @@ For any other questions/suggestions about WordOps or if you need support, please
# Contributing
If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome.
There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribute by helping us to improve [WordOps documentation](https://github.com/WordOps/docs.wordops.io).
## Credits
- Main source : [EasyEngine](https://github.com/easyengine/easyengine)
- Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh)
- WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli)
## License

4
install
View File

@@ -7,7 +7,7 @@
# Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T
# -------------------------------------------------------------------------
# Version 3.9.4 - 2019-03-22
# Version 3.9.5 - 2019-03-27
# -------------------------------------------------------------------------
readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.3"
@@ -425,7 +425,7 @@ wo_upgrade_nginx() {
rm -f /tmp/nginx-wo.key
sudo apt-get update
CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/upstream.conf)
CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/fastcgi.conf)
if [ -z "$CHECK_NGINX_UPSTREAM_VERSION" ]; then
# stop nginx

6
wo/cli/plugins/info.py
View File

@@ -41,9 +41,9 @@ class WOInfoController(CementBaseController):
@expose(hide=True)
def info_nginx(self):
"""Display Nginx information"""
version = os.popen("nginx -v 2 > &1 | awk - F '/' '{print $2}' | '"
"awk -F ' ' '{print $1}'").read()
allow = os.popen("grep allow /etc/nginx/common/acl.conf | "
version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | "
"awk -F ' ' '{print $1}' | tr '\n' ' '").read()
allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | "
"cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read()
nc = NginxConfig()
nc.loadf('/etc/nginx/nginx.conf')

24
wo/cli/plugins/site.py
View File

@@ -994,11 +994,13 @@ class WOSiteUpdateController(CementBaseController):
renewLetsEncrypt(self, wo_domain)
else:
Log.error(
self, "You have more than 30 days with the current certificate - refusing to run.")
self, "You have more than 30 days with the current "
"certificate - refusing to run.")
else:
Log.error(
self, "Cannot renew - HTTPS is not configured for the given site. Install LE first...")
self, "Cannot renew - HTTPS is not configured for "
"the given site. Install LE first...")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
@@ -1013,7 +1015,8 @@ class WOSiteUpdateController(CementBaseController):
else:
Log.warn(
self, "The certificate seems to be already expired. Please renew it as soon as possible...")
self, "The certificate seems to be already expired. "
"Please renew it as soon as possible...")
return 0
if pargs.all and pargs.letsencrypt == "renew":
@@ -1024,15 +1027,16 @@ class WOSiteUpdateController(CementBaseController):
return 0
min_expiry_days = 30
if (expiry_days <= min_expiry_days):
renewLetsEncrypt(self, wo_domain)
Log.info(self, "Certificate was successfully renewed")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "SUCCESS: Certificate was successfully renewed For"
" https://{0}".format(wo_domain))
Log.info(self, "SUCCESS: Certificate was successfully "
"renewed For https://{0}".format(wo_domain))
else:
Log.info(
self, "You have more than 30 days with the current certificate - refusing to run.\n")
self, "You have more than 30 days with the current "
"certificate - refusing to run.\n")
if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " +
@@ -1044,7 +1048,8 @@ class WOSiteUpdateController(CementBaseController):
# Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
else:
Log.info(
self, "SSL not configured for site http://{0}".format(wo_domain))
self, "SSL not configured for "
"site http://{0}".format(wo_domain))
return 0
if pargs.all and pargs.letsencrypt == "off":
@@ -1404,7 +1409,8 @@ class WOSiteUpdateController(CementBaseController):
wo_site_webroot)
else:
Log.debug(
self, "Updating wp-config.php failed. File could not be located.")
self, "Updating wp-config.php failed. "
"File could not be located.")
Log.error(
self, "wp-config.php could not be located !!")
raise SiteError

50
wo/cli/plugins/site_functions.py
View File

@@ -141,7 +141,7 @@ def setupdomain(self, data):
def setupdatabase(self, data):
wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15)))
string.ascii_lowercase + string.digits, 24)))
wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -804,8 +804,8 @@ def site_package_check(self, stype):
not os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
@@ -1197,11 +1197,23 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
# setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate "
"found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -d www.{0} -w /var/www/html "
"-k ec-384 --force"
.format(wo_domain_name))
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
@@ -1266,11 +1278,23 @@ def setupLetsEncrypt(self, wo_domain_name):
def setupLetsEncryptSubdomain(self, wo_domain_name):
if os.path.isfile("{0}/{1}_ecc/{1}.conf"
.format(WOVariables.wo_ssl_archive, wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
if os.path.isfile("/etc/letsencrypt/"
"renewal/{0}_ecc/"
"fullchain.cer".format(wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate "
"found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -w /var/www/html "
"-k ec-384 --force"
.format(wo_domain_name))
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "

64
wo/cli/plugins/stack.py
View File

@@ -271,8 +271,8 @@ class WOStackController(CementBaseController):
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php72.conf')
wo_nginx = open('/etc/nginx/common/locations-php72.conf',
'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations.mustache',
out=wo_nginx)
@@ -321,14 +321,6 @@ class WOStackController(CementBaseController):
# php73 conf
if not os.path.isfile("/etc/nginx/common/php73.conf"):
# data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf')
wo_nginx = open('/etc/nginx/common/php73.conf',
@@ -369,6 +361,15 @@ class WOStackController(CementBaseController):
out=wo_nginx)
wo_nginx.close()
if not os.path.isfile("/etc/nginx/common/locations-wo.conf"):
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations.mustache',
out=wo_nginx)
wo_nginx.close()
# Nginx-Plus does not have nginx
# package structure like this
# So creating directories
@@ -564,13 +565,6 @@ class WOStackController(CementBaseController):
if (os.path.isdir("/etc/nginx/common") and
not os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf')
@@ -1400,6 +1394,9 @@ class WOStackController(CementBaseController):
# set redis.conf parameter
# set maxmemory 10% for ram below 512MB and 20% for others
# set maxmemory-policy allkeys-lru
# enable systemd service
Log.debug(self, "Enabling redis systemd service")
WOShellExec.cmd_exec(self, "systemctl enable redis-server")
if os.path.isfile("/etc/redis/redis.conf"):
if WOVariables.wo_ram < 512:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
@@ -1410,6 +1407,7 @@ class WOStackController(CementBaseController):
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' "
"/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server')
else:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
@@ -1470,17 +1468,24 @@ class WOStackController(CementBaseController):
# PHP 7.2
if self.app.pargs.php:
Log.debug(self, "Removing apt_packages variable of PHP")
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
if WOAptGet.is_installed(self, 'php7.2-fpm'):
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.error(self, "PHP 7.2 not found")
# PHP7.3
if self.app.pargs.php73:
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.error(self, "PHP 7.3 not found")
# REDIS
if self.app.pargs.redis:
@@ -1554,15 +1559,6 @@ class WOStackController(CementBaseController):
Log.info(self, "Successfully removed packages")
# Added for Ondrej Repo missing package Fix
if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
Log.info(self, "PHP7.2-fpm found on system.")
Log.info(
self, "Verifying and installing missing packages,")
WOShellExec.cmd_exec(
self, "apt-get install -y php-memcached php-igbinary")
@expose(help="Purge packages")
def purge(self):
"""Start purging of packages"""
@@ -1607,21 +1603,25 @@ class WOStackController(CementBaseController):
# PHP
if self.app.pargs.php:
Log.debug(self, "Purge apt_packages variable PHP")
if not WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
if WOAptGet.is_installed(self, 'php7.2-fpm'):
if not (WOAptGet.is_installed(self, 'php7.3-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.error(self, "Cannot Purge PHP 7.2. not found.")
# PHP 7.3
if self.app.pargs.php73:
Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.error(self, "Cannot Purge PHP 7.3. not found.")
# WP-CLI
if self.app.pargs.wpcli:
Log.debug(self, "Purge package variable WPCLI")

7
wo/cli/plugins/stack_upgrade.py
View File

@@ -72,7 +72,7 @@ class WOStackUpgradeController(CementBaseController):
WOAptGet.update(self)
Log.info(self, "Installing packages, please wait ...")
WOAptGet.install(self, WOVariables.wo_php +
WOVariables.wo_php_extra)
WOVariables.wo_php_extra)
@expose(hide=True)
def default(self):
@@ -106,7 +106,10 @@ class WOStackUpgradeController(CementBaseController):
if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.info(self, "PHP 7.2 is not installed")

6
wo/cli/templates/22222.mustache
View File

@@ -1,4 +1,4 @@
# WordOps admin NGINX CONFIGURATION
# WordOps admin NGINX CONFIGURATION - WO v3.9.5
server {
@@ -21,7 +21,7 @@ server {
# HTTP Authentication on port 22222
include common/acl.conf;
# nginx-vts-status
location /vts_status {
vhost_traffic_status_display;
@@ -47,7 +47,7 @@ server {
include fastcgi_params;
fastcgi_pass php72;
}
location /netdata {
return 301 /netdata/;
}

2
wo/cli/templates/fastcgi.mustache
View File

@@ -1,4 +1,4 @@
# FastCGI cache settings
# FastCGI cache settings - WO v3.9.5
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;

28
wo/cli/templates/locations-php7.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR COMMON LOCATION
# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files
location = /favicon.ico {
@@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
deny all;
}
# Status pages
location = /nginx_status {
stub_status on;
access_log off;
include common/acl.conf;
}
location ~ ^/(status|ping)$ {
include fastcgi_params;
fastcgi_pass php73;
include common/acl.conf;
}
# WordOps (wo) utilities
# phpMyAdmin settings
location = /pma {
return 301 https://$host:22222/db/pma;
}
location = /phpMyAdmin {
return 301 https://$host:22222/db/pma;
}
location = /phpmyadmin {
return 301 https://$host:22222/db/pma;
}
# Adminer settings
location = /adminer {
return 301 https://$host:22222/db/adminer;
}

28
wo/cli/templates/locations.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR COMMON LOCATION
# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files
location = /favicon.ico {
@@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
deny all;
}
# Status pages
location = /nginx_status {
stub_status on;
access_log off;
include common/acl.conf;
}
location ~ ^/(status|ping)$ {
include fastcgi_params;
fastcgi_pass php72;
include common/acl.conf;
}
# WordOps (wo) utilities
# phpMyAdmin settings
location = /pma {
return 301 https://$host:22222/db/pma;
}
location = /phpMyAdmin {
return 301 https://$host:22222/db/pma;
}
location = /phpmyadmin {
return 301 https://$host:22222/db/pma;
}
# Adminer settings
location = /adminer {
return 301 https://$host:22222/db/adminer;
}

3
wo/cli/templates/map-wp.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION
# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# do not cache xhtml request
@@ -52,4 +52,3 @@ map $skip_cache $cache_uri {
default 'null cache';
0 $request_uri;
}

2
wo/cli/templates/php.mustache
View File

@@ -1,4 +1,4 @@
# PHP NGINX CONFIGURATION
# PHP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / {
try_files $uri $uri/ /index.php$is_args$args;

2
wo/cli/templates/php7.mustache
View File

@@ -1,4 +1,4 @@
# PHP NGINX CONFIGURATION
# PHP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / {
try_files $uri $uri/ /index.php$is_args$args;

2
wo/cli/templates/redis-php7.mustache
View File

@@ -1,4 +1,4 @@
# Redis NGINX CONFIGURATION
# Redis NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/redis.mustache
View File

@@ -1,4 +1,4 @@
# Redis NGINX CONFIGURATION
# Redis NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/upstream.mustache
View File

@@ -1,4 +1,4 @@
# NGINX UPSTREAM CONFIGURATION v3.9.5
# NGINX UPSTREAM CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
#-------------------------------
# PHP 5.6

6
wo/cli/templates/virtualconf-php7.mustache
View File

@@ -25,7 +25,7 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.(?!well-known\/) {
@@ -52,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php73.conf;{{/wp}}
include common/locations-php73.conf;{{/proxy}}
include common/locations-wo.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf;
}

10
wo/cli/templates/virtualconf.mustache
View File

@@ -13,7 +13,7 @@ server {
#server_name_in_redirect off;
{{/multisite}}
access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}};
access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}};
error_log /var/log/nginx/{{site_name}}.error.log;
{{#proxy}}
@@ -25,7 +25,7 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.(?!well-known\/) {
@@ -40,7 +40,7 @@ server {
{{^proxy}}
root {{webroot}}/htdocs;
index {{^static}}index.php{{/static}} index.html index.htm;
{{#static}}
@@ -52,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php72.conf;{{/wp}}
include common/locations-php72.conf;{{/proxy}}
include common/locations-wo.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf;
}

2
wo/cli/templates/webp.mustache
View File

@@ -1,4 +1,4 @@
# WEBP NGINX CONFIGURATION
# WEBP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
map $http_accept $webp_suffix {

2
wo/cli/templates/wpcommon-php7.mustache
View File

@@ -1,4 +1,4 @@
# WordPress COMMON SETTINGS
# WordPress COMMON SETTINGS - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack
location = /wp-login.php {

2
wo/cli/templates/wpcommon.mustache
View File

@@ -1,4 +1,4 @@
# WordPress COMMON SETTINGS
# WordPress COMMON SETTINGS - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack
location = /wp-login.php {

2
wo/cli/templates/wpfc-php7.mustache
View File

@@ -1,4 +1,4 @@
# WPFC NGINX CONFIGURATION
# WPFC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpfc.mustache
View File

@@ -1,4 +1,4 @@
# WPFC NGINX CONFIGURATION
# WPFC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpsc-php7.mustache
View File

@@ -1,4 +1,4 @@
# WPSC NGINX CONFIGURATION
# WPSC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpsc.mustache
View File

@@ -1,4 +1,4 @@
# WPSC NGINX CONFIGURATION
# WPSC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf