From 9ed62f1b4cd0002b3516c6707809d9ad2351816f Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 25 Mar 2019 17:35:39 +0100 Subject: [PATCH 01/14] handle letsencrypt existant certs --- wo/cli/plugins/site_functions.py | 44 ++++++++++++++++++++++++-------- 1 file changed, 34 insertions(+), 10 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 28a3faa..0af68fe 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1197,11 +1197,23 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', # setup letsencrypt for domain + www.domain def setupLetsEncrypt(self, wo_domain_name): - if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf" - .format(wo_domain_name)): - Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" - .format(wo_domain_name)) - ssl = archivedCertificateHandle(self, wo_domain_name) + if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"): + if os.path.isfile("/etc/letsencrypt/" + "renewal/{0}_ecc/" + "fullchain.cer".format(wo_domain_name)): + Log.debug(self, "Let's Encrypt certificate " + "found for the domain: {0}" + .format(wo_domain_name)) + ssl = archivedCertificateHandle(self, wo_domain_name) + else: + Log.info(self, "Issuing SSL cert with acme.sh") + ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--issue " + "-d {0} -d www.{0} -w /var/www/html " + "-k ec-384 --force" + .format(wo_domain_name)) else: Log.info(self, "Issuing SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " @@ -1266,11 +1278,23 @@ def setupLetsEncrypt(self, wo_domain_name): def setupLetsEncryptSubdomain(self, wo_domain_name): - if os.path.isfile("{0}/{1}_ecc/{1}.conf" - .format(WOVariables.wo_ssl_archive, wo_domain_name)): - Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" - .format(wo_domain_name)) - ssl = archivedCertificateHandle(self, wo_domain_name) + if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"): + if os.path.isfile("/etc/letsencrypt/" + "renewal/{0}_ecc/" + "fullchain.cer".format(wo_domain_name)): + Log.debug(self, "Let's Encrypt certificate " + "found for the domain: {0}" + .format(wo_domain_name)) + ssl = archivedCertificateHandle(self, wo_domain_name) + else: + Log.info(self, "Issuing SSL cert with acme.sh") + ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--issue " + "-d {0} -w /var/www/html " + "-k ec-384 --force" + .format(wo_domain_name)) else: Log.info(self, "Issuing SSL cert with acme.sh") ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " From 97f35dea6f61d09734cf98a08e1cfcafa0e85ce5 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Mon, 25 Mar 2019 17:42:11 +0100 Subject: [PATCH 02/14] disable renew all --- wo/cli/plugins/site.py | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 92dcf5f..439bd1a 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -994,11 +994,13 @@ class WOSiteUpdateController(CementBaseController): renewLetsEncrypt(self, wo_domain) else: Log.error( - self, "You have more than 30 days with the current certificate - refusing to run.") + self, "You have more than 30 days with the current " + "certificate - refusing to run.") else: Log.error( - self, "Cannot renew - HTTPS is not configured for the given site. Install LE first...") + self, "Cannot renew - HTTPS is not configured for " + "the given site. Install LE first...") if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " @@ -1013,7 +1015,8 @@ class WOSiteUpdateController(CementBaseController): else: Log.warn( - self, "The certificate seems to be already expired. Please renew it as soon as possible...") + self, "The certificate seems to be already expired. " + "Please renew it as soon as possible...") return 0 if pargs.all and pargs.letsencrypt == "renew": @@ -1024,15 +1027,16 @@ class WOSiteUpdateController(CementBaseController): return 0 min_expiry_days = 30 if (expiry_days <= min_expiry_days): - renewLetsEncrypt(self, wo_domain) + Log.info(self, "Certificate was successfully renewed") if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") - Log.info(self, "SUCCESS: Certificate was successfully renewed For" - " https://{0}".format(wo_domain)) + Log.info(self, "SUCCESS: Certificate was successfully " + "renewed For https://{0}".format(wo_domain)) else: Log.info( - self, "You have more than 30 days with the current certificate - refusing to run.\n") + self, "You have more than 30 days with the current " + "certificate - refusing to run.\n") if (SSL.getExpirationDays(self, wo_domain) > 0): Log.info(self, "Your cert will expire within " + @@ -1044,7 +1048,8 @@ class WOSiteUpdateController(CementBaseController): # Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") else: Log.info( - self, "SSL not configured for site http://{0}".format(wo_domain)) + self, "SSL not configured for " + "site http://{0}".format(wo_domain)) return 0 if pargs.all and pargs.letsencrypt == "off": @@ -1404,7 +1409,8 @@ class WOSiteUpdateController(CementBaseController): wo_site_webroot) else: Log.debug( - self, "Updating wp-config.php failed. File could not be located.") + self, "Updating wp-config.php failed. " + "File could not be located.") Log.error( self, "wp-config.php could not be located !!") raise SiteError From 8ee6cc9dd4017a6fc93dc2297b1e8b2b9f8af647 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 04:26:12 +0100 Subject: [PATCH 03/14] fix wo info & update readme --- CHANGELOG.md | 3 ++- README.md | 26 +++++++++++++++----------- install | 2 +- wo/cli/plugins/info.py | 2 +- 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f9145ec..914e490 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Install script handle migration from EEv3 - load-balancing on unix socket for php-fpm - stub_status vhost for metrics +- "--letsencrypt=subdomain" option - opcache optimization for php-fpm - EasyEngine configuration backup before migration - EasyEngine configuration cleanup after migration @@ -29,7 +30,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - letsencrypt stack refactored with acme.sh - letsencrypt validation with webroot folder -- "--letsencrypt=subdomain" option - hardened nginx ssl_ecdh_curve - Update phpredisadmin - Increase MySQL root password size to 16 characters @@ -47,6 +47,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - PHP 7.2 & PHP 7.3 pool configuration during upgrade - WordOps backup directory creation before upgrade - EasyEngine database sync during migration +- command "wo info" ### v3.9.4 - 2019-03-15 diff --git a/README.md b/README.md index 3c0ae8d..313b955 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,12 @@

An essential toolset that eases WordPress site and server administration

-WordOps

- + +

build @@ -31,13 +34,13 @@ ## Key Features -- Easy Migration from EasyEngine v3 -- Automated WordPress, Nginx, PHP, MySQL & Redis installation -- Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 -- Hardened WordPress security with strict Nginx location directives -- Optimized Nginx configurations with multiple cache backends support -- Let's Encrypt SSL certificates handled by Acme.sh -- Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols +- **Easy to install** : One step automated installer with migration from EasyEngine v3 support +- **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation +- **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 +- **Secured** : Hardened WordPress security with strict Nginx location directives +- **Powerful** : Optimized Nginx configurations with multiple cache backends support +- **SSL** : Let's Encrypt SSL certificates handled by Acme.sh +- **Modern** : Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols ## Requirements @@ -78,8 +81,6 @@ If you are going to migrate from EasyEngine v3, here some important informations - php5.6 and php7.0 will not be removed or uninstalled - previous Nginx common configurations will not be overwritted -A tutorial will be available soon to explain how to fully migrate from EasyEngine v3 to WordOps. - ## Usage ### Standard WordPress sites @@ -149,11 +150,14 @@ For any other questions/suggestions about WordOps or if you need support, please # Contributing If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome. +There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribut by improving [WordOps documentation](https://github.com/WordOps/docs.wordops.io). + ## Credits - Main source : [EasyEngine](https://github.com/easyengine/easyengine) - Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh) +- WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli) ## License diff --git a/install b/install index 1fede4e..82e6c5a 100644 --- a/install +++ b/install @@ -7,7 +7,7 @@ # Copyright (c) 2019 - WordOps # This script is licensed under M.I.T # ------------------------------------------------------------------------- -# Version 3.9.4 - 2019-03-22 +# Version 3.9.5 - 2019-03-27 # ------------------------------------------------------------------------- readonly wo_version_old="2.2.3" readonly wo_version_new="3.9.4.3" diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 467334a..30c3153 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -41,7 +41,7 @@ class WOInfoController(CementBaseController): @expose(hide=True) def info_nginx(self): """Display Nginx information""" - version = os.popen("nginx -v 2 > &1 | awk - F '/' '{print $2}' | '" + version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | " "awk -F ' ' '{print $1}'").read() allow = os.popen("grep allow /etc/nginx/common/acl.conf | " "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() From c292af645d7aa8da70436eca1ffadf2744120491 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 04:26:54 +0100 Subject: [PATCH 04/14] update travis --- .travis.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 55e40ed..152b3c5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,26 +25,26 @@ script: - sudo wo --help - sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log - sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - + - sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log @@ -59,6 +59,7 @@ script: - sudo ls /var/www/ - sudo wp --allow-root --info + - sudo wo info || sudo tail -n50 /var/log/wo/wordops.log - sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log - sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo' - sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down" From 094be12dd8cf2998996c51e0abe43cba91cee490 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 04:51:15 +0100 Subject: [PATCH 05/14] [skip travis] fix wo screen --- README.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/README.md b/README.md index 313b955..340ffd2 100644 --- a/README.md +++ b/README.md @@ -6,10 +6,7 @@

An essential toolset that eases WordPress site and server administration

- +WordOps

From a2e6f0279572a936e5a402ef7bf76316679eea3d Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 04:58:25 +0100 Subject: [PATCH 06/14] simplify locations nginx template --- install | 2 +- wo/cli/plugins/stack.py | 28 +++++++++------------- wo/cli/templates/22222.mustache | 6 ++--- wo/cli/templates/fastcgi.mustache | 2 +- wo/cli/templates/locations-php7.mustache | 28 +--------------------- wo/cli/templates/locations.mustache | 28 +--------------------- wo/cli/templates/map-wp.mustache | 3 +-- wo/cli/templates/php.mustache | 2 +- wo/cli/templates/php7.mustache | 2 +- wo/cli/templates/redis-php7.mustache | 2 +- wo/cli/templates/redis.mustache | 2 +- wo/cli/templates/upstream.mustache | 2 +- wo/cli/templates/virtualconf-php7.mustache | 6 ++--- wo/cli/templates/virtualconf.mustache | 10 ++++---- wo/cli/templates/webp.mustache | 2 +- wo/cli/templates/wpcommon-php7.mustache | 2 +- wo/cli/templates/wpcommon.mustache | 2 +- wo/cli/templates/wpfc-php7.mustache | 2 +- wo/cli/templates/wpfc.mustache | 2 +- wo/cli/templates/wpsc-php7.mustache | 2 +- wo/cli/templates/wpsc.mustache | 2 +- 21 files changed, 39 insertions(+), 98 deletions(-) diff --git a/install b/install index 82e6c5a..ef6d4e6 100644 --- a/install +++ b/install @@ -425,7 +425,7 @@ wo_upgrade_nginx() { rm -f /tmp/nginx-wo.key sudo apt-get update - CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/upstream.conf) + CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/fastcgi.conf) if [ -z "$CHECK_NGINX_UPSTREAM_VERSION" ]; then # stop nginx diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index d3bef64..41974b0 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -271,8 +271,8 @@ class WOStackController(CementBaseController): wo_nginx.close() Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-php72.conf') - wo_nginx = open('/etc/nginx/common/locations-php72.conf', + 'file /etc/nginx/common/locations-wo.conf') + wo_nginx = open('/etc/nginx/common/locations-wo.conf', encoding='utf-8', mode='w') self.app.render((data), 'locations.mustache', out=wo_nginx) @@ -321,14 +321,6 @@ class WOStackController(CementBaseController): # php73 conf if not os.path.isfile("/etc/nginx/common/php73.conf"): # data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-php73.conf') - wo_nginx = open('/etc/nginx/common/locations-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'locations-php7.mustache', - out=wo_nginx) - wo_nginx.close() - Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php73.conf') wo_nginx = open('/etc/nginx/common/php73.conf', @@ -369,6 +361,15 @@ class WOStackController(CementBaseController): out=wo_nginx) wo_nginx.close() + if not os.path.isfile("/etc/nginx/common/locations-wo.conf"): + Log.debug(self, 'Writting the nginx configuration to ' + 'file /etc/nginx/common/locations-wo.conf') + wo_nginx = open('/etc/nginx/common/locations-wo.conf', + encoding='utf-8', mode='w') + self.app.render((data), 'locations.mustache', + out=wo_nginx) + wo_nginx.close() + # Nginx-Plus does not have nginx # package structure like this # So creating directories @@ -564,13 +565,6 @@ class WOStackController(CementBaseController): if (os.path.isdir("/etc/nginx/common") and not os.path.isfile("/etc/nginx/common/php73.conf")): data = dict() - Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-php73.conf') - wo_nginx = open('/etc/nginx/common/locations-php73.conf', - encoding='utf-8', mode='w') - self.app.render((data), 'locations-php7.mustache', - out=wo_nginx) - wo_nginx.close() Log.debug(self, 'Writting the nginx configuration to ' 'file /etc/nginx/common/php73.conf') diff --git a/wo/cli/templates/22222.mustache b/wo/cli/templates/22222.mustache index 232e88f..82bfcb6 100644 --- a/wo/cli/templates/22222.mustache +++ b/wo/cli/templates/22222.mustache @@ -1,4 +1,4 @@ -# WordOps admin NGINX CONFIGURATION +# WordOps admin NGINX CONFIGURATION - WO v3.9.5 server { @@ -21,7 +21,7 @@ server { # HTTP Authentication on port 22222 include common/acl.conf; - + # nginx-vts-status location /vts_status { vhost_traffic_status_display; @@ -47,7 +47,7 @@ server { include fastcgi_params; fastcgi_pass php72; } - + location /netdata { return 301 /netdata/; } diff --git a/wo/cli/templates/fastcgi.mustache b/wo/cli/templates/fastcgi.mustache index fcf02bd..be7469a 100644 --- a/wo/cli/templates/fastcgi.mustache +++ b/wo/cli/templates/fastcgi.mustache @@ -1,4 +1,4 @@ -# FastCGI cache settings +# FastCGI cache settings - WO v3.9.5 fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; diff --git a/wo/cli/templates/locations-php7.mustache b/wo/cli/templates/locations-php7.mustache index 9576ff3..267891c 100644 --- a/wo/cli/templates/locations-php7.mustache +++ b/wo/cli/templates/locations-php7.mustache @@ -1,4 +1,4 @@ -# NGINX CONFIGURATION FOR COMMON LOCATION +# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Basic locations files location = /favicon.ico { @@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { deny all; } -# Status pages -location = /nginx_status { - stub_status on; - access_log off; - include common/acl.conf; -} -location ~ ^/(status|ping)$ { - include fastcgi_params; - fastcgi_pass php73; - include common/acl.conf; -} -# WordOps (wo) utilities -# phpMyAdmin settings -location = /pma { - return 301 https://$host:22222/db/pma; -} -location = /phpMyAdmin { - return 301 https://$host:22222/db/pma; -} -location = /phpmyadmin { - return 301 https://$host:22222/db/pma; -} -# Adminer settings -location = /adminer { - return 301 https://$host:22222/db/adminer; -} diff --git a/wo/cli/templates/locations.mustache b/wo/cli/templates/locations.mustache index 88c98b4..267891c 100644 --- a/wo/cli/templates/locations.mustache +++ b/wo/cli/templates/locations.mustache @@ -1,4 +1,4 @@ -# NGINX CONFIGURATION FOR COMMON LOCATION +# NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Basic locations files location = /favicon.ico { @@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { deny all; } -# Status pages -location = /nginx_status { - stub_status on; - access_log off; - include common/acl.conf; -} -location ~ ^/(status|ping)$ { - include fastcgi_params; - fastcgi_pass php72; - include common/acl.conf; -} -# WordOps (wo) utilities -# phpMyAdmin settings -location = /pma { - return 301 https://$host:22222/db/pma; -} -location = /phpMyAdmin { - return 301 https://$host:22222/db/pma; -} -location = /phpmyadmin { - return 301 https://$host:22222/db/pma; -} -# Adminer settings -location = /adminer { - return 301 https://$host:22222/db/adminer; -} diff --git a/wo/cli/templates/map-wp.mustache b/wo/cli/templates/map-wp.mustache index cd6b21e..a289cee 100644 --- a/wo/cli/templates/map-wp.mustache +++ b/wo/cli/templates/map-wp.mustache @@ -1,4 +1,4 @@ -# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION +# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # do not cache xhtml request @@ -52,4 +52,3 @@ map $skip_cache $cache_uri { default 'null cache'; 0 $request_uri; } - diff --git a/wo/cli/templates/php.mustache b/wo/cli/templates/php.mustache index 7288f48..59903a8 100644 --- a/wo/cli/templates/php.mustache +++ b/wo/cli/templates/php.mustache @@ -1,4 +1,4 @@ -# PHP NGINX CONFIGURATION +# PHP NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE location / { try_files $uri $uri/ /index.php$is_args$args; diff --git a/wo/cli/templates/php7.mustache b/wo/cli/templates/php7.mustache index d0ab167..4005572 100644 --- a/wo/cli/templates/php7.mustache +++ b/wo/cli/templates/php7.mustache @@ -1,4 +1,4 @@ -# PHP NGINX CONFIGURATION +# PHP NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE location / { try_files $uri $uri/ /index.php$is_args$args; diff --git a/wo/cli/templates/redis-php7.mustache b/wo/cli/templates/redis-php7.mustache index 217509d..5e21f7a 100644 --- a/wo/cli/templates/redis-php7.mustache +++ b/wo/cli/templates/redis-php7.mustache @@ -1,4 +1,4 @@ -# Redis NGINX CONFIGURATION +# Redis NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf diff --git a/wo/cli/templates/redis.mustache b/wo/cli/templates/redis.mustache index 0a7004f..cdde0b1 100644 --- a/wo/cli/templates/redis.mustache +++ b/wo/cli/templates/redis.mustache @@ -1,4 +1,4 @@ -# Redis NGINX CONFIGURATION +# Redis NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf diff --git a/wo/cli/templates/upstream.mustache b/wo/cli/templates/upstream.mustache index fe3aa45..26e06b9 100644 --- a/wo/cli/templates/upstream.mustache +++ b/wo/cli/templates/upstream.mustache @@ -1,4 +1,4 @@ -# NGINX UPSTREAM CONFIGURATION v3.9.5 +# NGINX UPSTREAM CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE #------------------------------- # PHP 5.6 diff --git a/wo/cli/templates/virtualconf-php7.mustache b/wo/cli/templates/virtualconf-php7.mustache index c06e1e7..625fd2a 100644 --- a/wo/cli/templates/virtualconf-php7.mustache +++ b/wo/cli/templates/virtualconf-php7.mustache @@ -25,7 +25,7 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } - + # Security settings for better privacy # Deny hidden files location ~ /\.(?!well-known\/) { @@ -52,7 +52,7 @@ server { {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}} - include common/locations-php73.conf;{{/proxy}} + include common/locations-wo.conf;{{/proxy}} include {{webroot}}/conf/nginx/*.conf; - + } diff --git a/wo/cli/templates/virtualconf.mustache b/wo/cli/templates/virtualconf.mustache index 5aea885..d8610de 100644 --- a/wo/cli/templates/virtualconf.mustache +++ b/wo/cli/templates/virtualconf.mustache @@ -13,7 +13,7 @@ server { #server_name_in_redirect off; {{/multisite}} - access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}}; + access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}}; error_log /var/log/nginx/{{site_name}}.error.log; {{#proxy}} @@ -25,7 +25,7 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } - + # Security settings for better privacy # Deny hidden files location ~ /\.(?!well-known\/) { @@ -40,7 +40,7 @@ server { {{^proxy}} root {{webroot}}/htdocs; - + index {{^static}}index.php{{/static}} index.html index.htm; {{#static}} @@ -52,7 +52,7 @@ server { {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}} - include common/locations-php72.conf;{{/proxy}} + include common/locations-wo.conf;{{/proxy}} include {{webroot}}/conf/nginx/*.conf; - + } diff --git a/wo/cli/templates/webp.mustache b/wo/cli/templates/webp.mustache index db3aac4..3ed187b 100644 --- a/wo/cli/templates/webp.mustache +++ b/wo/cli/templates/webp.mustache @@ -1,4 +1,4 @@ -# WEBP NGINX CONFIGURATION +# WEBP NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE map $http_accept $webp_suffix { diff --git a/wo/cli/templates/wpcommon-php7.mustache b/wo/cli/templates/wpcommon-php7.mustache index e99977b..52054ad 100644 --- a/wo/cli/templates/wpcommon-php7.mustache +++ b/wo/cli/templates/wpcommon-php7.mustache @@ -1,4 +1,4 @@ -# WordPress COMMON SETTINGS +# WordPress COMMON SETTINGS - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Limit access to avoid brute force attack location = /wp-login.php { diff --git a/wo/cli/templates/wpcommon.mustache b/wo/cli/templates/wpcommon.mustache index 89f0e92..8ddc377 100644 --- a/wo/cli/templates/wpcommon.mustache +++ b/wo/cli/templates/wpcommon.mustache @@ -1,4 +1,4 @@ -# WordPress COMMON SETTINGS +# WordPress COMMON SETTINGS - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # Limit access to avoid brute force attack location = /wp-login.php { diff --git a/wo/cli/templates/wpfc-php7.mustache b/wo/cli/templates/wpfc-php7.mustache index aa7f087..3667c40 100644 --- a/wo/cli/templates/wpfc-php7.mustache +++ b/wo/cli/templates/wpfc-php7.mustache @@ -1,4 +1,4 @@ -# WPFC NGINX CONFIGURATION +# WPFC NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf diff --git a/wo/cli/templates/wpfc.mustache b/wo/cli/templates/wpfc.mustache index 12258d8..447870f 100644 --- a/wo/cli/templates/wpfc.mustache +++ b/wo/cli/templates/wpfc.mustache @@ -1,4 +1,4 @@ -# WPFC NGINX CONFIGURATION +# WPFC NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf diff --git a/wo/cli/templates/wpsc-php7.mustache b/wo/cli/templates/wpsc-php7.mustache index 9c5267e..1fe48a6 100644 --- a/wo/cli/templates/wpsc-php7.mustache +++ b/wo/cli/templates/wpsc-php7.mustache @@ -1,4 +1,4 @@ -# WPSC NGINX CONFIGURATION +# WPSC NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf diff --git a/wo/cli/templates/wpsc.mustache b/wo/cli/templates/wpsc.mustache index d1f795c..cfe5070 100644 --- a/wo/cli/templates/wpsc.mustache +++ b/wo/cli/templates/wpsc.mustache @@ -1,4 +1,4 @@ -# WPSC NGINX CONFIGURATION +# WPSC NGINX CONFIGURATION - WO v3.9.5 # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf From 72c4a84a9238bf19a6da1a3b50814ad5f4a2cd61 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 05:03:49 +0100 Subject: [PATCH 07/14] [skip travis] update readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 340ffd2..40b712f 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@

An essential toolset that eases WordPress site and server administration

-WordOps +WordOps

From e92c20f918ed1b7a3db27f7b7c8a04e0a20fb8b1 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 05:05:02 +0100 Subject: [PATCH 08/14] [skip travis] increase screen size --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 40b712f..93ad287 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@

An essential toolset that eases WordPress site and server administration

-WordOps +WordOps

From 195e8b383834c90cc47ad63d360055921a926afb Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 05:11:12 +0100 Subject: [PATCH 09/14] fix wo info --- wo/cli/plugins/info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 30c3153..2ffd3dd 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -42,7 +42,7 @@ class WOInfoController(CementBaseController): def info_nginx(self): """Display Nginx information""" version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | " - "awk -F ' ' '{print $1}'").read() + "awk -F ' ' '{print $1}' | tr -d '\n'").read() allow = os.popen("grep allow /etc/nginx/common/acl.conf | " "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() nc = NginxConfig() From a91bf02528d06f3cbf0448ef05ab404b263a72bd Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 05:13:10 +0100 Subject: [PATCH 10/14] [skip travis] update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 914e490..d885c88 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,6 +34,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Update phpredisadmin - Increase MySQL root password size to 16 characters - Increase MySQL users password size to 16 characters +- Nginx locations template is the same for php7.2 & 7.3 #### Fixed From 5953c0cc7e6aab6732422fde4fc0f25f37fd6db3 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 08:11:42 +0100 Subject: [PATCH 11/14] another fix for wo info --- wo/cli/plugins/info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 2ffd3dd..1449ecf 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -43,7 +43,7 @@ class WOInfoController(CementBaseController): """Display Nginx information""" version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | " "awk -F ' ' '{print $1}' | tr -d '\n'").read() - allow = os.popen("grep allow /etc/nginx/common/acl.conf | " + allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() nc = NginxConfig() nc.loadf('/etc/nginx/nginx.conf') From f5b128babd720352a46755093e9e51d9277bf977 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 09:12:30 +0100 Subject: [PATCH 12/14] add an extra space into info --- wo/cli/plugins/info.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wo/cli/plugins/info.py b/wo/cli/plugins/info.py index 1449ecf..4f0025f 100644 --- a/wo/cli/plugins/info.py +++ b/wo/cli/plugins/info.py @@ -42,7 +42,7 @@ class WOInfoController(CementBaseController): def info_nginx(self): """Display Nginx information""" version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | " - "awk -F ' ' '{print $1}' | tr -d '\n'").read() + "awk -F ' ' '{print $1}' | tr '\n' ' '").read() allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | " "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() nc = NginxConfig() From 7dd818e43d213db3c6f1cd87a51e276491e19aa0 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 12:49:17 +0100 Subject: [PATCH 13/14] fix redis-server not enabled --- wo/cli/plugins/site_functions.py | 6 +++--- wo/cli/plugins/stack.py | 36 +++++++++++++++++++------------- wo/cli/plugins/stack_upgrade.py | 7 +++++-- 3 files changed, 29 insertions(+), 20 deletions(-) diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 0af68fe..32987e7 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -141,7 +141,7 @@ def setupdomain(self, data): def setupdatabase(self, data): wo_domain_name = data['site_name'] wo_random = (''.join(random.sample(string.ascii_uppercase + - string.ascii_lowercase + string.digits, 15))) + string.ascii_lowercase + string.digits, 24))) wo_replace_dot = wo_domain_name.replace('.', '_') prompt_dbname = self.app.config.get('mysql', 'db-name') prompt_dbuser = self.app.config.get('mysql', 'db-user') @@ -804,8 +804,8 @@ def site_package_check(self, stype): not os.path.isfile("/etc/nginx/common/php73.conf")): data = dict() Log.debug(self, 'Writting the nginx configuration to ' - 'file /etc/nginx/common/locations-php73.conf') - wo_nginx = open('/etc/nginx/common/locations-php73.conf', + 'file /etc/nginx/common/locations-wo.conf') + wo_nginx = open('/etc/nginx/common/locations-wo.conf', encoding='utf-8', mode='w') self.app.render((data), 'locations-php7.mustache', out=wo_nginx) diff --git a/wo/cli/plugins/stack.py b/wo/cli/plugins/stack.py index 41974b0..5e2d166 100644 --- a/wo/cli/plugins/stack.py +++ b/wo/cli/plugins/stack.py @@ -1394,6 +1394,9 @@ class WOStackController(CementBaseController): # set redis.conf parameter # set maxmemory 10% for ram below 512MB and 20% for others # set maxmemory-policy allkeys-lru + # enable systemd service + Log.debug(self, "Enabling redis systemd service") + WOShellExec.cmd_exec(self, "systemctl enable redis-server") if os.path.isfile("/etc/redis/redis.conf"): if WOVariables.wo_ram < 512: Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" @@ -1404,6 +1407,7 @@ class WOStackController(CementBaseController): self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf") WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' " "/etc/redis/redis.conf") + WOService.restart_service(self, 'redis-server') else: Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" @@ -1464,17 +1468,24 @@ class WOStackController(CementBaseController): # PHP 7.2 if self.app.pargs.php: Log.debug(self, "Removing apt_packages variable of PHP") - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + if WOAptGet.is_installed(self, 'php7.2-fpm'): + if not WOAptGet.is_installed(self, 'php7.3-fpm'): + apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + else: + apt_packages = apt_packages + WOVariables.wo_php + else: + Log.error(self, "PHP 7.2 not found") # PHP7.3 if self.app.pargs.php73: Log.debug(self, "Removing apt_packages variable of PHP 7.3") - if not WOAptGet.is_installed(self, 'php7.3-fpm'): + if WOAptGet.is_installed(self, 'php7.3-fpm'): if not (WOAptGet.is_installed(self, 'php7.2-fpm')): apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php73 + else: + Log.error(self, "PHP 7.3 not found") # REDIS if self.app.pargs.redis: @@ -1548,15 +1559,6 @@ class WOStackController(CementBaseController): Log.info(self, "Successfully removed packages") - # Added for Ondrej Repo missing package Fix - if self.app.pargs.php: - if WOAptGet.is_installed(self, 'php7.2-fpm'): - Log.info(self, "PHP7.2-fpm found on system.") - Log.info( - self, "Verifying and installing missing packages,") - WOShellExec.cmd_exec( - self, "apt-get install -y php-memcached php-igbinary") - @expose(help="Purge packages") def purge(self): """Start purging of packages""" @@ -1601,21 +1603,25 @@ class WOStackController(CementBaseController): # PHP if self.app.pargs.php: Log.debug(self, "Purge apt_packages variable PHP") - if not WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + if WOAptGet.is_installed(self, 'php7.2-fpm'): + if not (WOAptGet.is_installed(self, 'php7.3-fpm')): + apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + else: + apt_packages = apt_packages + WOVariables.wo_php else: Log.error(self, "Cannot Purge PHP 7.2. not found.") # PHP 7.3 if self.app.pargs.php73: Log.debug(self, "Removing apt_packages variable of PHP 7.3") - if not WOAptGet.is_installed(self, 'php7.3-fpm'): + if WOAptGet.is_installed(self, 'php7.3-fpm'): if not (WOAptGet.is_installed(self, 'php7.2-fpm')): apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra else: apt_packages = apt_packages + WOVariables.wo_php73 else: Log.error(self, "Cannot Purge PHP 7.3. not found.") + # WP-CLI if self.app.pargs.wpcli: Log.debug(self, "Purge package variable WPCLI") diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 6ac25aa..0e844aa 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -72,7 +72,7 @@ class WOStackUpgradeController(CementBaseController): WOAptGet.update(self) Log.info(self, "Installing packages, please wait ...") WOAptGet.install(self, WOVariables.wo_php + - WOVariables.wo_php_extra) + WOVariables.wo_php_extra) @expose(hide=True) def default(self): @@ -106,7 +106,10 @@ class WOStackUpgradeController(CementBaseController): if self.app.pargs.php: if WOAptGet.is_installed(self, 'php7.2-fpm'): - apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + if not WOAptGet.is_installed(self, 'php7.3-fpm'): + apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra + else: + apt_packages = apt_packages + WOVariables.wo_php else: Log.info(self, "PHP 7.2 is not installed") From e6e07f3f17db9ed6580e2a8f79b5dca325325806 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Wed, 27 Mar 2019 13:37:21 +0100 Subject: [PATCH 14/14] [skip travis] fix typo --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 93ad287..00b2ba3 100644 --- a/README.md +++ b/README.md @@ -147,8 +147,7 @@ For any other questions/suggestions about WordOps or if you need support, please # Contributing If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome. -There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribut by improving [WordOps documentation](https://github.com/WordOps/docs.wordops.io). - +There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribute by helping us to improve [WordOps documentation](https://github.com/WordOps/docs.wordops.io). ## Credits