Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #45 from WordOps/updating-configuration

Browse Source 
Updating configuration
This commit is contained in:
VirtuBox
2019-03-27 13:38:17 +01:00
committed by GitHub
parent a8e974fa33 e6e07f3f17
commit f0236e9e2c
28 changed files with 142 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.travis.yml
View File

@@ -25,26 +25,26 @@ script:
- sudo wo --help - sudo wo --help
- sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp-php73.net --wp --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log - sudo wo stack install || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log - sudo wo stack install --admin || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create html.net --html && sudo wo site create php.com --php && sudo wo site create mysql.com --mysql || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create proxy.com --proxy=127.0.0.1:3000 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wp1.com --wp || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsc1.net --wpsc && sudo wo site create wpfc1.com --wpfc || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsc-php73.net --wpsc --php73 && sudo wo site create wpfc-php73.net --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpredis.net --wpredis && sudo wo site create wpredis-php73.net --wpredis --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdir1.com --wpsubdir && sudo wo site create wpsubdir-php73.com --wpsubdir --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdirwpsc1.com --wpsubdir --wpsc && sudo wo site create wpsubdirwpsc2.com --wpsubdir --wpfc || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdirwpsc1-php73.com --wpsubdir --wpsc --php73 && sudo wo site create wpsubdirwpsc2-php73.com --wpsubdir --wpfc --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdomain1.com --wpsubdomain && sudo wo site create wpsubdomain1-php73.com --wpsubdomain --php73 || sudo tail -n50 /var/log/wo/wordops.log
- sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log - sudo wo site create wpsubdomainwpsc.org --wpsubdomain --wpsc && sudo wo site create wpsubdomainwpfc.org --wpsubdomain --wpfc && sudo wo site create wpsubdomainwpfc2.in --wpfc --wpsubdomain || sudo tail -n50 /var/log/wo/wordops.log
@@ -59,6 +59,7 @@ script:
- sudo ls /var/www/ - sudo ls /var/www/
- sudo wp --allow-root --info - sudo wp --allow-root --info
- sudo wo info || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log - sudo bash -c 'nginx -T 2>&1 > /var/log/wo/nginx.log 2>&1' || sudo tail -n50 /var/log/wo/wordops.log
- sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo' - sudo bash -c 'tar -I pigz -cf wordops.tar.gz /var/log/wo'
- sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down" - sudo curl --progress-bar --upload-file "wordops.tar.gz" https://transfer.vtbox.net/$(basename wordops.tar.gz) && echo "" || sudo echo "transfer.sh is down"

4
CHANGELOG.md
View File

@@ -18,6 +18,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Install script handle migration from EEv3 - Install script handle migration from EEv3
- load-balancing on unix socket for php-fpm - load-balancing on unix socket for php-fpm
- stub_status vhost for metrics - stub_status vhost for metrics
- "--letsencrypt=subdomain" option
- opcache optimization for php-fpm - opcache optimization for php-fpm
- EasyEngine configuration backup before migration - EasyEngine configuration backup before migration
- EasyEngine configuration cleanup after migration - EasyEngine configuration cleanup after migration
@@ -29,11 +30,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- letsencrypt stack refactored with acme.sh - letsencrypt stack refactored with acme.sh
- letsencrypt validation with webroot folder - letsencrypt validation with webroot folder
- "--letsencrypt=subdomain" option
- hardened nginx ssl_ecdh_curve - hardened nginx ssl_ecdh_curve
- Update phpredisadmin - Update phpredisadmin
- Increase MySQL root password size to 16 characters - Increase MySQL root password size to 16 characters
- Increase MySQL users password size to 16 characters - Increase MySQL users password size to 16 characters
- Nginx locations template is the same for php7.2 & 7.3
#### Fixed #### Fixed
@@ -47,6 +48,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- PHP 7.2 & PHP 7.3 pool configuration during upgrade - PHP 7.2 & PHP 7.3 pool configuration during upgrade
- WordOps backup directory creation before upgrade - WordOps backup directory creation before upgrade
- EasyEngine database sync during migration - EasyEngine database sync during migration
- command "wo info"
### v3.9.4 - 2019-03-15 ### v3.9.4 - 2019-03-15

22
README.md
View File

@@ -6,9 +6,9 @@
<h2 align="center">An essential toolset that eases WordPress site and server administration</h2> <h2 align="center">An essential toolset that eases WordPress site and server administration</h2>
<p align="center"> <p align="center">
<img src="https://img.virtubox.net/images/2019/03/26/wo-stable.gif" width="540" alt="WordOps" /></p> <img src="https://img.virtubox.net/images/2019/03/27/wordops-stable-4.mp4.gif" width="600" alt="WordOps" />
</p>
<p align="center"> <p align="center">
<a href="https://travis-ci.org/WordOps/WordOps"><img src="https://travis-ci.org/WordOps/WordOps.svg?branch=master" alt="build"></a> <a href="https://travis-ci.org/WordOps/WordOps"><img src="https://travis-ci.org/WordOps/WordOps.svg?branch=master" alt="build"></a>
@@ -31,13 +31,13 @@
## Key Features ## Key Features
- Easy Migration from EasyEngine v3 - **Easy to install** : One step automated installer with migration from EasyEngine v3 support
- Automated WordPress, Nginx, PHP, MySQL & Redis installation - **Fast deployment** : Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation
- Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0 - **Up-to-date** : Nginx 1.14.2 with Brotli support, PHP 7.2 & 7.3, MariaDB 10.3 & Redis 5.0
- Hardened WordPress security with strict Nginx location directives - **Secured** : Hardened WordPress security with strict Nginx location directives
- Optimized Nginx configurations with multiple cache backends support - **Powerful** : Optimized Nginx configurations with multiple cache backends support
- Let's Encrypt SSL certificates handled by Acme.sh - **SSL** : Let's Encrypt SSL certificates handled by Acme.sh
- Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols - **Modern** : Secured SSL/TLS encryption with strong ciphers_suite and modern TLS protocols
## Requirements ## Requirements
@@ -78,8 +78,6 @@ If you are going to migrate from EasyEngine v3, here some important informations
- php5.6 and php7.0 will not be removed or uninstalled - php5.6 and php7.0 will not be removed or uninstalled
- previous Nginx common configurations will not be overwritted - previous Nginx common configurations will not be overwritted
A tutorial will be available soon to explain how to fully migrate from EasyEngine v3 to WordOps.
## Usage ## Usage
### Standard WordPress sites ### Standard WordPress sites
@@ -149,11 +147,13 @@ For any other questions/suggestions about WordOps or if you need support, please
# Contributing # Contributing
If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome. If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome.
There is no need to be a developer or a system administrator to contribute to WordOps project. You can still contribute by helping us to improve [WordOps documentation](https://github.com/WordOps/docs.wordops.io).
## Credits ## Credits
- Main source : [EasyEngine](https://github.com/easyengine/easyengine) - Main source : [EasyEngine](https://github.com/easyengine/easyengine)
- Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh) - Acme client : [Acme.sh](https://github.com/Neilpang/acme.sh)
- WordPress deployment : [WP-CLI](https://github.com/wp-cli/wp-cli)
## License ## License

4
install
View File

@@ -7,7 +7,7 @@
# Copyright (c) 2019 - WordOps # Copyright (c) 2019 - WordOps
# This script is licensed under M.I.T # This script is licensed under M.I.T
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
# Version 3.9.4 - 2019-03-22 # Version 3.9.5 - 2019-03-27
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
readonly wo_version_old="2.2.3" readonly wo_version_old="2.2.3"
readonly wo_version_new="3.9.4.3" readonly wo_version_new="3.9.4.3"
@@ -425,7 +425,7 @@ wo_upgrade_nginx() {
rm -f /tmp/nginx-wo.key rm -f /tmp/nginx-wo.key
sudo apt-get update sudo apt-get update
CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/upstream.conf) CHECK_NGINX_UPSTREAM_VERSION=$(grep "v3.9.5" /etc/nginx/conf.d/fastcgi.conf)
if [ -z "$CHECK_NGINX_UPSTREAM_VERSION" ]; then if [ -z "$CHECK_NGINX_UPSTREAM_VERSION" ]; then
# stop nginx # stop nginx

6
wo/cli/plugins/info.py
View File

@@ -41,9 +41,9 @@ class WOInfoController(CementBaseController):
@expose(hide=True) @expose(hide=True)
def info_nginx(self): def info_nginx(self):
"""Display Nginx information""" """Display Nginx information"""
version = os.popen("nginx -v 2 > &1 | awk - F '/' '{print $2}' | '" version = os.popen("nginx -v 2>&1 | awk -F '/' '{print $2}' | "
"awk -F ' ' '{print $1}'").read() "awk -F ' ' '{print $1}' | tr '\n' ' '").read()
allow = os.popen("grep allow /etc/nginx/common/acl.conf | " allow = os.popen("grep ^allow /etc/nginx/common/acl.conf | "
"cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read() "cut -d' ' -f2 | cut -d';' -f1 | tr '\n' ' '").read()
nc = NginxConfig() nc = NginxConfig()
nc.loadf('/etc/nginx/nginx.conf') nc.loadf('/etc/nginx/nginx.conf')

24
wo/cli/plugins/site.py
View File

@@ -994,11 +994,13 @@ class WOSiteUpdateController(CementBaseController):
renewLetsEncrypt(self, wo_domain) renewLetsEncrypt(self, wo_domain)
else: else:
Log.error( Log.error(
self, "You have more than 30 days with the current certificate - refusing to run.") self, "You have more than 30 days with the current "
"certificate - refusing to run.")
else: else:
Log.error( Log.error(
self, "Cannot renew - HTTPS is not configured for the given site. Install LE first...") self, "Cannot renew - HTTPS is not configured for "
"the given site. Install LE first...")
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
@@ -1013,7 +1015,8 @@ class WOSiteUpdateController(CementBaseController):
else: else:
Log.warn( Log.warn(
self, "The certificate seems to be already expired. Please renew it as soon as possible...") self, "The certificate seems to be already expired. "
"Please renew it as soon as possible...")
return 0 return 0
if pargs.all and pargs.letsencrypt == "renew": if pargs.all and pargs.letsencrypt == "renew":
@@ -1024,15 +1027,16 @@ class WOSiteUpdateController(CementBaseController):
return 0 return 0
min_expiry_days = 30 min_expiry_days = 30
if (expiry_days <= min_expiry_days): if (expiry_days <= min_expiry_days):
renewLetsEncrypt(self, wo_domain) Log.info(self, "Certificate was successfully renewed")
if not WOService.reload_service(self, 'nginx'): if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. " Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command") "check issues with `nginx -t` command")
Log.info(self, "SUCCESS: Certificate was successfully renewed For" Log.info(self, "SUCCESS: Certificate was successfully "
" https://{0}".format(wo_domain)) "renewed For https://{0}".format(wo_domain))
else: else:
Log.info( Log.info(
self, "You have more than 30 days with the current certificate - refusing to run.\n") self, "You have more than 30 days with the current "
"certificate - refusing to run.\n")
if (SSL.getExpirationDays(self, wo_domain) > 0): if (SSL.getExpirationDays(self, wo_domain) > 0):
Log.info(self, "Your cert will expire within " + Log.info(self, "Your cert will expire within " +
@@ -1044,7 +1048,8 @@ class WOSiteUpdateController(CementBaseController):
# Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") # Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ")
else: else:
Log.info( Log.info(
self, "SSL not configured for site http://{0}".format(wo_domain)) self, "SSL not configured for "
"site http://{0}".format(wo_domain))
return 0 return 0
if pargs.all and pargs.letsencrypt == "off": if pargs.all and pargs.letsencrypt == "off":
@@ -1404,7 +1409,8 @@ class WOSiteUpdateController(CementBaseController):
wo_site_webroot) wo_site_webroot)
else: else:
Log.debug( Log.debug(
self, "Updating wp-config.php failed. File could not be located.") self, "Updating wp-config.php failed. "
"File could not be located.")
Log.error( Log.error(
self, "wp-config.php could not be located !!") self, "wp-config.php could not be located !!")
raise SiteError raise SiteError

50
wo/cli/plugins/site_functions.py
View File

@@ -141,7 +141,7 @@ def setupdomain(self, data):
def setupdatabase(self, data): def setupdatabase(self, data):
wo_domain_name = data['site_name'] wo_domain_name = data['site_name']
wo_random = (''.join(random.sample(string.ascii_uppercase + wo_random = (''.join(random.sample(string.ascii_uppercase +
string.ascii_lowercase + string.digits, 15))) string.ascii_lowercase + string.digits, 24)))
wo_replace_dot = wo_domain_name.replace('.', '_') wo_replace_dot = wo_domain_name.replace('.', '_')
prompt_dbname = self.app.config.get('mysql', 'db-name') prompt_dbname = self.app.config.get('mysql', 'db-name')
prompt_dbuser = self.app.config.get('mysql', 'db-user') prompt_dbuser = self.app.config.get('mysql', 'db-user')
@@ -804,8 +804,8 @@ def site_package_check(self, stype):
not os.path.isfile("/etc/nginx/common/php73.conf")): not os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf') 'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf', wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache', self.app.render((data), 'locations-php7.mustache',
out=wo_nginx) out=wo_nginx)
@@ -1197,11 +1197,23 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncrypt(self, wo_domain_name): def setupLetsEncrypt(self, wo_domain_name):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf" if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
.format(wo_domain_name)): if os.path.isfile("/etc/letsencrypt/"
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" "renewal/{0}_ecc/"
.format(wo_domain_name)) "fullchain.cer".format(wo_domain_name)):
ssl = archivedCertificateHandle(self, wo_domain_name) Log.debug(self, "Let's Encrypt certificate "
"found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -d www.{0} -w /var/www/html "
"-k ec-384 --force"
.format(wo_domain_name))
else: else:
Log.info(self, "Issuing SSL cert with acme.sh") Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
@@ -1266,11 +1278,23 @@ def setupLetsEncrypt(self, wo_domain_name):
def setupLetsEncryptSubdomain(self, wo_domain_name): def setupLetsEncryptSubdomain(self, wo_domain_name):
if os.path.isfile("{0}/{1}_ecc/{1}.conf" if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"):
.format(WOVariables.wo_ssl_archive, wo_domain_name)): if os.path.isfile("/etc/letsencrypt/"
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" "renewal/{0}_ecc/"
.format(wo_domain_name)) "fullchain.cer".format(wo_domain_name)):
ssl = archivedCertificateHandle(self, wo_domain_name) Log.debug(self, "Let's Encrypt certificate "
"found for the domain: {0}"
.format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else:
Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config' "
"--issue "
"-d {0} -w /var/www/html "
"-k ec-384 --force"
.format(wo_domain_name))
else: else:
Log.info(self, "Issuing SSL cert with acme.sh") Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "

64
wo/cli/plugins/stack.py
View File

@@ -271,8 +271,8 @@ class WOStackController(CementBaseController):
wo_nginx.close() wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php72.conf') 'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-php72.conf', wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w') encoding='utf-8', mode='w')
self.app.render((data), 'locations.mustache', self.app.render((data), 'locations.mustache',
out=wo_nginx) out=wo_nginx)
@@ -321,14 +321,6 @@ class WOStackController(CementBaseController):
# php73 conf # php73 conf
if not os.path.isfile("/etc/nginx/common/php73.conf"): if not os.path.isfile("/etc/nginx/common/php73.conf"):
# data = dict() # data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf') 'file /etc/nginx/common/php73.conf')
wo_nginx = open('/etc/nginx/common/php73.conf', wo_nginx = open('/etc/nginx/common/php73.conf',
@@ -369,6 +361,15 @@ class WOStackController(CementBaseController):
out=wo_nginx) out=wo_nginx)
wo_nginx.close() wo_nginx.close()
if not os.path.isfile("/etc/nginx/common/locations-wo.conf"):
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-wo.conf')
wo_nginx = open('/etc/nginx/common/locations-wo.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations.mustache',
out=wo_nginx)
wo_nginx.close()
# Nginx-Plus does not have nginx # Nginx-Plus does not have nginx
# package structure like this # package structure like this
# So creating directories # So creating directories
@@ -564,13 +565,6 @@ class WOStackController(CementBaseController):
if (os.path.isdir("/etc/nginx/common") and if (os.path.isdir("/etc/nginx/common") and
not os.path.isfile("/etc/nginx/common/php73.conf")): not os.path.isfile("/etc/nginx/common/php73.conf")):
data = dict() data = dict()
Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/locations-php73.conf')
wo_nginx = open('/etc/nginx/common/locations-php73.conf',
encoding='utf-8', mode='w')
self.app.render((data), 'locations-php7.mustache',
out=wo_nginx)
wo_nginx.close()
Log.debug(self, 'Writting the nginx configuration to ' Log.debug(self, 'Writting the nginx configuration to '
'file /etc/nginx/common/php73.conf') 'file /etc/nginx/common/php73.conf')
@@ -1400,6 +1394,9 @@ class WOStackController(CementBaseController):
# set redis.conf parameter # set redis.conf parameter
# set maxmemory 10% for ram below 512MB and 20% for others # set maxmemory 10% for ram below 512MB and 20% for others
# set maxmemory-policy allkeys-lru # set maxmemory-policy allkeys-lru
# enable systemd service
Log.debug(self, "Enabling redis systemd service")
WOShellExec.cmd_exec(self, "systemctl enable redis-server")
if os.path.isfile("/etc/redis/redis.conf"): if os.path.isfile("/etc/redis/redis.conf"):
if WOVariables.wo_ram < 512: if WOVariables.wo_ram < 512:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
@@ -1410,6 +1407,7 @@ class WOStackController(CementBaseController):
self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf") self, "Setting maxmemory-policy variable to allkeys-lru in redis.conf")
WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' " WOShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy allkeys-lru/' "
"/etc/redis/redis.conf") "/etc/redis/redis.conf")
WOService.restart_service(self, 'redis-server') WOService.restart_service(self, 'redis-server')
else: else:
Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" Log.debug(self, "Setting maxmemory variable to {0} in redis.conf"
@@ -1470,17 +1468,24 @@ class WOStackController(CementBaseController):
# PHP 7.2 # PHP 7.2
if self.app.pargs.php: if self.app.pargs.php:
Log.debug(self, "Removing apt_packages variable of PHP") Log.debug(self, "Removing apt_packages variable of PHP")
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else:
Log.error(self, "PHP 7.2 not found")
# PHP7.3 # PHP7.3
if self.app.pargs.php73: if self.app.pargs.php73:
Log.debug(self, "Removing apt_packages variable of PHP 7.3") Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else: else:
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
else:
Log.error(self, "PHP 7.3 not found")
# REDIS # REDIS
if self.app.pargs.redis: if self.app.pargs.redis:
@@ -1554,15 +1559,6 @@ class WOStackController(CementBaseController):
Log.info(self, "Successfully removed packages") Log.info(self, "Successfully removed packages")
# Added for Ondrej Repo missing package Fix
if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'):
Log.info(self, "PHP7.2-fpm found on system.")
Log.info(
self, "Verifying and installing missing packages,")
WOShellExec.cmd_exec(
self, "apt-get install -y php-memcached php-igbinary")
@expose(help="Purge packages") @expose(help="Purge packages")
def purge(self): def purge(self):
"""Start purging of packages""" """Start purging of packages"""
@@ -1607,21 +1603,25 @@ class WOStackController(CementBaseController):
# PHP # PHP
if self.app.pargs.php: if self.app.pargs.php:
Log.debug(self, "Purge apt_packages variable PHP") Log.debug(self, "Purge apt_packages variable PHP")
if not WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra if not (WOAptGet.is_installed(self, 'php7.3-fpm')):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else: else:
Log.error(self, "Cannot Purge PHP 7.2. not found.") Log.error(self, "Cannot Purge PHP 7.2. not found.")
# PHP 7.3 # PHP 7.3
if self.app.pargs.php73: if self.app.pargs.php73:
Log.debug(self, "Removing apt_packages variable of PHP 7.3") Log.debug(self, "Removing apt_packages variable of PHP 7.3")
if not WOAptGet.is_installed(self, 'php7.3-fpm'): if WOAptGet.is_installed(self, 'php7.3-fpm'):
if not (WOAptGet.is_installed(self, 'php7.2-fpm')): if not (WOAptGet.is_installed(self, 'php7.2-fpm')):
apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra apt_packages = apt_packages + WOVariables.wo_php73 + WOVariables.wo_php_extra
else: else:
apt_packages = apt_packages + WOVariables.wo_php73 apt_packages = apt_packages + WOVariables.wo_php73
else: else:
Log.error(self, "Cannot Purge PHP 7.3. not found.") Log.error(self, "Cannot Purge PHP 7.3. not found.")
# WP-CLI # WP-CLI
if self.app.pargs.wpcli: if self.app.pargs.wpcli:
Log.debug(self, "Purge package variable WPCLI") Log.debug(self, "Purge package variable WPCLI")

7
wo/cli/plugins/stack_upgrade.py
View File

@@ -72,7 +72,7 @@ class WOStackUpgradeController(CementBaseController):
WOAptGet.update(self) WOAptGet.update(self)
Log.info(self, "Installing packages, please wait ...") Log.info(self, "Installing packages, please wait ...")
WOAptGet.install(self, WOVariables.wo_php + WOAptGet.install(self, WOVariables.wo_php +
WOVariables.wo_php_extra) WOVariables.wo_php_extra)
@expose(hide=True) @expose(hide=True)
def default(self): def default(self):
@@ -106,7 +106,10 @@ class WOStackUpgradeController(CementBaseController):
if self.app.pargs.php: if self.app.pargs.php:
if WOAptGet.is_installed(self, 'php7.2-fpm'): if WOAptGet.is_installed(self, 'php7.2-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra if not WOAptGet.is_installed(self, 'php7.3-fpm'):
apt_packages = apt_packages + WOVariables.wo_php + WOVariables.wo_php_extra
else:
apt_packages = apt_packages + WOVariables.wo_php
else: else:
Log.info(self, "PHP 7.2 is not installed") Log.info(self, "PHP 7.2 is not installed")

6
wo/cli/templates/22222.mustache
View File

@@ -1,4 +1,4 @@
# WordOps admin NGINX CONFIGURATION # WordOps admin NGINX CONFIGURATION - WO v3.9.5
server { server {
@@ -21,7 +21,7 @@ server {
# HTTP Authentication on port 22222 # HTTP Authentication on port 22222
include common/acl.conf; include common/acl.conf;
# nginx-vts-status # nginx-vts-status
location /vts_status { location /vts_status {
vhost_traffic_status_display; vhost_traffic_status_display;
@@ -47,7 +47,7 @@ server {
include fastcgi_params; include fastcgi_params;
fastcgi_pass php72; fastcgi_pass php72;
} }
location /netdata { location /netdata {
return 301 /netdata/; return 301 /netdata/;
} }

2
wo/cli/templates/fastcgi.mustache
View File

@@ -1,4 +1,4 @@
# FastCGI cache settings # FastCGI cache settings - WO v3.9.5
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M;
fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;

28
wo/cli/templates/locations-php7.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR COMMON LOCATION # NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files # Basic locations files
location = /favicon.ico { location = /favicon.ico {
@@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
deny all; deny all;
} }
# Status pages
location = /nginx_status {
stub_status on;
access_log off;
include common/acl.conf;
}
location ~ ^/(status|ping)$ {
include fastcgi_params;
fastcgi_pass php73;
include common/acl.conf;
}
# WordOps (wo) utilities
# phpMyAdmin settings
location = /pma {
return 301 https://$host:22222/db/pma;
}
location = /phpMyAdmin {
return 301 https://$host:22222/db/pma;
}
location = /phpmyadmin {
return 301 https://$host:22222/db/pma;
}
# Adminer settings
location = /adminer {
return 301 https://$host:22222/db/adminer;
}

28
wo/cli/templates/locations.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR COMMON LOCATION # NGINX CONFIGURATION FOR COMMON LOCATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Basic locations files # Basic locations files
location = /favicon.ico { location = /favicon.ico {
@@ -52,29 +52,3 @@ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|b
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
deny all; deny all;
} }
# Status pages
location = /nginx_status {
stub_status on;
access_log off;
include common/acl.conf;
}
location ~ ^/(status|ping)$ {
include fastcgi_params;
fastcgi_pass php72;
include common/acl.conf;
}
# WordOps (wo) utilities
# phpMyAdmin settings
location = /pma {
return 301 https://$host:22222/db/pma;
}
location = /phpMyAdmin {
return 301 https://$host:22222/db/pma;
}
location = /phpmyadmin {
return 301 https://$host:22222/db/pma;
}
# Adminer settings
location = /adminer {
return 301 https://$host:22222/db/adminer;
}

3
wo/cli/templates/map-wp.mustache
View File

@@ -1,4 +1,4 @@
# NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION # NGINX CONFIGURATION FOR FASTCGI_CACHE EXCEPTION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# do not cache xhtml request # do not cache xhtml request
@@ -52,4 +52,3 @@ map $skip_cache $cache_uri {
default 'null cache'; default 'null cache';
0 $request_uri; 0 $request_uri;
} }

2
wo/cli/templates/php.mustache
View File

@@ -1,4 +1,4 @@
# PHP NGINX CONFIGURATION # PHP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / { location / {
try_files $uri $uri/ /index.php$is_args$args; try_files $uri $uri/ /index.php$is_args$args;

2
wo/cli/templates/php7.mustache
View File

@@ -1,4 +1,4 @@
# PHP NGINX CONFIGURATION # PHP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
location / { location / {
try_files $uri $uri/ /index.php$is_args$args; try_files $uri $uri/ /index.php$is_args$args;

2
wo/cli/templates/redis-php7.mustache
View File

@@ -1,4 +1,4 @@
# Redis NGINX CONFIGURATION # Redis NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/redis.mustache
View File

@@ -1,4 +1,4 @@
# Redis NGINX CONFIGURATION # Redis NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/upstream.mustache
View File

@@ -1,4 +1,4 @@
# NGINX UPSTREAM CONFIGURATION v3.9.5 # NGINX UPSTREAM CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
#------------------------------- #-------------------------------
# PHP 5.6 # PHP 5.6

6
wo/cli/templates/virtualconf-php7.mustache
View File

@@ -25,7 +25,7 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
} }
# Security settings for better privacy # Security settings for better privacy
# Deny hidden files # Deny hidden files
location ~ /\.(?!well-known\/) { location ~ /\.(?!well-known\/) {
@@ -52,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}} {{^static}}include {{#basic}}common/php73.conf;{{/basic}}{{#wpfc}}common/wpfc-php73.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php73.conf;{{/wpsc}}{{#wpredis}}common/redis-php73.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php73.conf;{{/wp}} {{#wp}}include common/wpcommon-php73.conf;{{/wp}}
include common/locations-php73.conf;{{/proxy}} include common/locations-wo.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf; include {{webroot}}/conf/nginx/*.conf;
} }

10
wo/cli/templates/virtualconf.mustache
View File

@@ -13,7 +13,7 @@ server {
#server_name_in_redirect off; #server_name_in_redirect off;
{{/multisite}} {{/multisite}}
access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}}; access_log /var/log/nginx/{{site_name}}.access.log {{^wpredis}}{{^static}}rt_cache{{/static}}{{/wpredis}}{{#wpredis}}rt_cache_redis{{/wpredis}};
error_log /var/log/nginx/{{site_name}}.error.log; error_log /var/log/nginx/{{site_name}}.error.log;
{{#proxy}} {{#proxy}}
@@ -25,7 +25,7 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
} }
# Security settings for better privacy # Security settings for better privacy
# Deny hidden files # Deny hidden files
location ~ /\.(?!well-known\/) { location ~ /\.(?!well-known\/) {
@@ -40,7 +40,7 @@ server {
{{^proxy}} {{^proxy}}
root {{webroot}}/htdocs; root {{webroot}}/htdocs;
index {{^static}}index.php{{/static}} index.html index.htm; index {{^static}}index.php{{/static}} index.html index.htm;
{{#static}} {{#static}}
@@ -52,7 +52,7 @@ server {
{{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}} {{^static}}include {{#basic}}common/php72.conf;{{/basic}}{{#wpfc}}common/wpfc-php72.conf;{{/wpfc}} {{#wpsc}}common/wpsc-php72.conf;{{/wpsc}}{{#wpredis}}common/redis-php72.conf;{{/wpredis}}
{{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}} {{#wpsubdir}}include common/wpsubdir.conf;{{/wpsubdir}}{{/static}}
{{#wp}}include common/wpcommon-php72.conf;{{/wp}} {{#wp}}include common/wpcommon-php72.conf;{{/wp}}
include common/locations-php72.conf;{{/proxy}} include common/locations-wo.conf;{{/proxy}}
include {{webroot}}/conf/nginx/*.conf; include {{webroot}}/conf/nginx/*.conf;
} }

2
wo/cli/templates/webp.mustache
View File

@@ -1,4 +1,4 @@
# WEBP NGINX CONFIGURATION # WEBP NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
map $http_accept $webp_suffix { map $http_accept $webp_suffix {

2
wo/cli/templates/wpcommon-php7.mustache
View File

@@ -1,4 +1,4 @@
# WordPress COMMON SETTINGS # WordPress COMMON SETTINGS - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack # Limit access to avoid brute force attack
location = /wp-login.php { location = /wp-login.php {

2
wo/cli/templates/wpcommon.mustache
View File

@@ -1,4 +1,4 @@
# WordPress COMMON SETTINGS # WordPress COMMON SETTINGS - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# Limit access to avoid brute force attack # Limit access to avoid brute force attack
location = /wp-login.php { location = /wp-login.php {

2
wo/cli/templates/wpfc-php7.mustache
View File

@@ -1,4 +1,4 @@
# WPFC NGINX CONFIGURATION # WPFC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpfc.mustache
View File

@@ -1,4 +1,4 @@
# WPFC NGINX CONFIGURATION # WPFC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf # $skip_cache variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpsc-php7.mustache
View File

@@ -1,4 +1,4 @@
# WPSC NGINX CONFIGURATION # WPSC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf

2
wo/cli/templates/wpsc.mustache
View File

@@ -1,4 +1,4 @@
# WPSC NGINX CONFIGURATION # WPSC NGINX CONFIGURATION - WO v3.9.5
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf