virtubox
/
WordOps
mirror of https://github.com/WordOps/WordOps
1
0
Fork 0
Code Issues Releases Wiki Activity

ngxblocker implementation

This commit is contained in:
VirtuBox 2019-09-30 03:10:30 +02:00
parent 6bdafd7286
commit 6c3d645d9e
Signed by: virtubox
GPG Key ID: 22EB296C97BAD476
9 changed files with 90 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
install
View File

@ -232,7 +232,7 @@ wo_install_dep() {
if [ "$wo_linux_distro" == "Ubuntu" ]; then
# install dependencies
apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \
build-essential curl gzip python3 python3-apt python3-setuptools python3-dev sqlite3 git tar software-properties-common pigz \
gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
add-apt-repository ppa:wordops/nginx-wo -yn
else

8
setup.py
View File

@ -7,10 +7,10 @@
conf = []
templates = []
long_description = '''WordOps An essential toolset that eases WordPress
long_description = '''WordOps is an essential toolset that eases WordPress
site and server administration. It provide the ability
to install a high performance WordPress stack
with a few keystrokes'''
with a few keystrokes.'''
for name in glob.glob('config/plugins.d/*.conf'):
conf.insert(1, name)
@ -21,8 +21,8 @@
if not os.path.exists('/var/log/wo/'):
os.makedirs('/var/log/wo/')
if not os.path.exists('/var/lib/wo/'):
os.makedirs('/var/lib/wo/')
if not os.path.exists('/var/lib/wo/tmp/'):
os.makedirs('/var/lib/wo/tmp/')
setup(name='wo',
version='3.9.9.1',

23
snapcraft.yaml Normal file
View File

@ -0,0 +1,23 @@
name: test-wordops
version: git
summary: WordOps
description: |
WordOps is an essential toolset that eases WordPress
site and server administration. It provide the ability
to install a high performance WordPress stack
with a few keystrokes.
confinement: devmode
base: core18
parts:
test-wordops:
plugin: python
python-version: python3
source: .
stage-packages:
- cement
- python-apt
apps:
test-wordops:
command: wo

8
wo/cli/main.py
View File

@ -106,14 +106,14 @@ def main():
# Catch our application errors and exit 1 (error)
code = 1
print(e)
except FrameworkError as e:
# Catch framework errors and exit 1 (error)
code = 1
print(e)
except CaughtSignal as e:
# Default Cement signals are SIGINT and SIGTERM, exit 0 (non-error)
code = 0
print(e)
except FrameworkError as e:
# Catch framework errors and exit 1 (error)
code = 1
print(e)
except Exception as e:
code = 1
print(e)

58
wo/cli/plugins/site.py
View File

@ -137,8 +137,8 @@ def info(self):
pargs.site_name = pargs.site_name.strip()
(wo_domain,
wo_www_domain) = WODomain.validatedomain(self, pargs.site_name)
(wo_domain_type,
wo_root_domain) = WODomain.getdomainlevel(self, wo_domain)
(wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(
self, wo_domain)
wo_db_name = ''
wo_db_user = ''
wo_db_pass = ''
@ -731,9 +731,8 @@ def default(self):
if pargs.letsencrypt:
acme_domains = []
(wo_domain_type,
wo_root_domain) = WODomain.getdomainlevel(self,
wo_domain)
(wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(
self, wo_domain)
data['letsencrypt'] = True
letsencrypt = True
if data['letsencrypt'] is True:
@ -1036,7 +1035,6 @@ def doupdatesite(self, pargs):
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, "\nHSTS not enabled.")
return 0
elif pargs.hsts == "off":
if os.path.isfile(
'/var/www/{0}/conf/nginx/hsts.conf'
@ -1047,9 +1045,12 @@ def doupdatesite(self, pargs):
'/var/www/{0}/conf/'
'nginx/hsts.conf.disabled'
.format(wo_domain))
return 0
else:
Log.error(self, "HSTS isn't enabled")
# Service Nginx Reload
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
if (pargs.ngxblocker and not (pargs.html or
pargs.php or pargs.php73 or
@ -1059,23 +1060,11 @@ def doupdatesite(self, pargs):
pargs.wpsubdir or pargs.wpsubdomain or
pargs.hsts)):
if pargs.ngxblocker == "on":
if not os.path.isfile(
'/var/www/{0}/conf/nginx/ngxblocker.conf.disabled'
.format(wo_domain)):
try:
setupngxblocker(self, wo_domain)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, "\nngxblocker not enabled.")
return 0
else:
WOFileUtils.mvfile(self, '/var/www/{0}/conf/'
'nginx/ngxblocker.conf.disabled'
.format(wo_domain),
'/var/www/{0}/conf/'
'nginx/ngxblocker.conf'
.format(wo_domain))
return 0
try:
setupngxblocker(self, wo_domain)
except SiteError as e:
Log.debug(self, str(e))
Log.info(self, "\nngxblocker not enabled.")
elif pargs.ngxblocker == "off":
if os.path.isfile(
'/var/www/{0}/conf/nginx/ngxblocker.conf'
@ -1086,10 +1075,14 @@ def doupdatesite(self, pargs):
'/var/www/{0}/conf/'
'nginx/ngxblocker.conf.disabled'
.format(wo_domain))
return 0
else:
Log.error(self, "ngxblocker isn't enabled")
# Service Nginx Reload
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
if ((stype == 'php' and
oldsitetype not in ['html', 'proxy', 'php73']) or
(stype == 'mysql' and oldsitetype not in ['html', 'php',
@ -1243,8 +1236,8 @@ def doupdatesite(self, pargs):
acme_domains = []
acmedata = dict(acme_domains, dns=False, acme_dns='dns_cf',
dnsalias=False, acme_alias='')
(wo_domain_type,
wo_root_domain) = WODomain.getdomainlevel(self, wo_domain)
(wo_domain_type, wo_root_domain) = WODomain.getdomainlevel(
self, wo_domain)
if pargs.letsencrypt == 'on':
data['letsencrypt'] = True
@ -1660,16 +1653,7 @@ def doupdatesite(self, pargs):
"site")
if pargs.ngxblocker:
if ngxblocker is True:
if not os.path.isfile("{0}/conf/nginx/ngxblocker.conf.disabled"
.format(wo_site_webroot)):
setupngxblocker(self, wo_domain)
else:
WOFileUtils.mvfile(
self,
"{0}/conf/nginx/ngxblocker.conf.disabled"
.format(wo_site_webroot),
"{0}/conf/nginx/ngxblocker.conf"
.format(wo_site_webroot))
setupngxblocker(self, wo_domain)
elif ngxblocker is False:
if os.path.isfile("{0}/conf/nginx/ngxblocker.conf"
.format(wo_site_webroot)):

26
wo/cli/plugins/site_functions.py
View File

@ -4,6 +4,7 @@
import os
import random
import re
import shutil
import string
import subprocess
from subprocess import CalledProcessError
@ -409,7 +410,6 @@ def setupwordpress(self, data, vhostonly=False):
# os.path.abspath(os.path.join(os.getcwd(), os.pardir)))
try:
import shutil
Log.debug(self, "Moving file from {0} to {1}".format(os.getcwd(
)+'/wp-config.php', os.path.abspath(os.path.join(os.getcwd(),
@ -1606,12 +1606,20 @@ def setuprocketchat(self):
return True
def setupngxblocker(self, domain):
def setupngxblocker(self, domain, block=True):
if os.path.isdir('/var/www/{0}/conf/nginx'.format(domain)):
ngxconf = open("/var/www/{0}/conf/nginx/ngxblocker.conf"
.format(domain),
encoding='utf-8', mode='w')
ngxconf.write("# Bad Bot Blocker\n"
"include /etc/nginx/bots.d/ddos.conf;\n"
"include /etc/nginx/bots.d/blockbots.conf;\n")
ngxconf.close()
if not os.path.isfile('/var/www/{0}/conf/nginx/ngxblocker.disabled'
.format(domain)):
ngxconf = open("/var/www/{0}/conf/nginx/ngxblocker.conf"
.format(domain),
encoding='utf-8', mode='w')
ngxconf.write("# Bad Bot Blocker\n"
"include /etc/nginx/bots.d/ddos.conf;\n"
"include /etc/nginx/bots.d/blockbots.conf;\n")
ngxconf.close()
else:
WOFileUtils.mvfile(
self, '/var/www/{0}/conf/nginx/ngxblocker.disabled'
.format(domain), '/var/www/{0}/conf/nginx/ngxblocker'
.format(domain))
return 0

32
wo/cli/templates/cf-update.mustache
View File

@ -5,19 +5,21 @@ CURL_BIN=$(command -v curl)
CF_IPV4=$($CURL_BIN -sL https://www.cloudflare.com/ips-v4)
CF_IPV6=$($CURL_BIN -sL https://www.cloudflare.com/ips-v6)
echo -e '# WordOps (wo) set visitors real ip with Cloudflare\n' > /etc/nginx/conf.d/cloudflare.conf
echo "####################################"
echo "Adding Cloudflare IPv4"
echo "####################################"
for cf_ip4 in $CF_IPV4; do
echo "set_real_ip_from $cf_ip4;" >> /etc/nginx/conf.d/cloudflare.conf
done
echo "####################################"
echo "Adding Cloudflare IPv6"
echo "####################################"
for cf_ip6 in $CF_IPV6; do
echo "set_real_ip_from $cf_ip6;" >> /etc/nginx/conf.d/cloudflare.conf
done
echo 'real_ip_header CF-Connecting-IP;' >> /etc/nginx/conf.d/cloudflare.conf
if [ -d /etc/nginx/conf.d ]; then
echo -e '# WordOps (wo) set visitors real ip with Cloudflare\n' > /etc/nginx/conf.d/cloudflare.conf
echo "####################################"
echo "Adding Cloudflare IPv4"
echo "####################################"
for cf_ip4 in $CF_IPV4; do
echo "set_real_ip_from $cf_ip4;" >> /etc/nginx/conf.d/cloudflare.conf
done
echo "####################################"
echo "Adding Cloudflare IPv6"
echo "####################################"
for cf_ip6 in $CF_IPV6; do
echo "set_real_ip_from $cf_ip6;" >> /etc/nginx/conf.d/cloudflare.conf
done
echo 'real_ip_header CF-Connecting-IP;' >> /etc/nginx/conf.d/cloudflare.conf
nginx -t && service nginx reload
nginx -t && service nginx reload
fi

1
wo/core/domainvalidate.py
View File

@ -1,6 +1,5 @@
"""WordOps domain validation module."""
import os
from urllib.parse import urlparse
class WODomain():

6
wo/core/variables.py
View File

@ -11,7 +11,7 @@ class WOVariables():
"""Intialization of core variables"""
# WordOps version
wo_version = "3.9.9.1"
wo_version = "3.9.9.2"
# WordOps packages versions
wo_wp_cli = "2.3.0"
wo_adminer = "4.7.3"
@ -66,9 +66,9 @@ class WOVariables():
except Exception:
wo_user = input("Enter your name: ")
wo_email = input("Enter your email: ")
os.system("/usr/bin/git config --global user.name {0}".format(wo_user))
os.system("git config --global user.name {0}".format(wo_user))
os.system(
"/usr/bin/git config --global user.email {0}".format(wo_email))
"git config --global user.email {0}".format(wo_email))
# MySQL hostname
wo_mysql_host = ""