beenull/webinoly
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Initial release

Browse source 
First commit to public release.
This commit is contained in:
Cristhian Martínez Ochoa 2017-09-16 14:37:13 -06:00
parent df47e0be44
commit 13d9025391
27 changed files with 2927 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
README.md
View file

@ -1 +1,34 @@
# webinoly
# Webinoly ![CI status](https://img.shields.io/badge/build-passing-brightgreen.svg)
Optimized LEMP Web Server.
Linux Ubuntu + Nginx + MySQL (MariaDB) + PHP is one of the most reliable configurations to host your websites.
With Webinoly you can set up your web server in just one step.
### Requirements
* Ubuntu 16.04
## Usage
```bash
# Install Webinoly and LEMP
wget -qO weby qrok.es/wy && sudo bash weby 3
# Create your first site.
sudo site example.com -wp
```
## Documentation
For complete documentation, please [visit our site](https://qrokes.com/webinoly/).
## Contributing
Please open an issue first to discuss what you would like to change.
Also, you can visit our [Community Support Forum](https://qrokes.com/support/)
## Donations
[![PayPal Donations](https://www.paypalobjects.com/webstatic/en_US/i/btn/png/gold-rect-paypal-60px.png)](https://www.paypal.me/qrokes)
## License
[GNU GPLv3](https://choosealicense.com/licenses/gpl-3.0/)

89
lib/general Normal file
View file

@ -0,0 +1,89 @@
#!/bin/bash
# echo colors
red=`tput setaf 1`
gre=`tput setaf 2`
blu=`tput setaf 6`
end=`tput sgr0`
db_delete() {
local domain="$1"
if [[ $(conf_read mysql) == "true" ]]; then
# Get dbname and dbuser of a WP site
local name=$( grep -F "DB_NAME" /var/www/$domain/wp-config.php | cut -f 4 -d "'" )
local user=$( grep -F "DB_USER" /var/www/$domain/wp-config.php | cut -f 4 -d "'" )
local host=$( grep -F "DB_HOST" /var/www/$domain/wp-config.php | cut -f 4 -d "'" )
local url=$(echo "$host" | cut -f 1 -d ':')
local port=$(echo "$host" | cut -f 2 -d ':')
dbsetup="DELETE FROM mysql.user WHERE User='$user';DROP DATABASE IF EXISTS $name;DELETE FROM mysql.db WHERE Db='$name' OR Db='$name\\_%';FLUSH PRIVILEGES;"
local done="0"
local ROOT_PASS=$( echo $(conf_read mysql-root) | openssl enc -d -a -salt )
while [[ $done != "1" ]]
do
done="1"
if [[ $host == "localhost" ]]; then
sudo mysql --connect_timeout 10 --user=root -p$ROOT_PASS -e "$dbsetup"
else
echo ""
echo "${gre} External DB found in $domain "
read -p "${blu}External DB root username [root]: " uroot
read -p "External DB root password: " proot
echo "${end}"
sudo mysql --connect_timeout 10 -h "$url" -P "$port" -u"$uroot" -p"$proot" -e "$dbsetup"
fi
if [ $? != "0" ]; then
done="0"
echo "${red}============================================"
echo " [Error]: Database delete failed."
echo "============================================"
echo ""
echo "${blu} Retry [Y/n]? "
while read -r -n 1 -s answer; do
answer=${answer:-y}
if [[ $answer = [YyNn] ]]; then
break
fi
done
if [[ $answer == [Nn] ]]; then
done="1"
fi
fi
done
else
echo "${red} [ERROR] Failed to delete $domain Database. MySQL was not found in your server! ${end}"
fi
}
mysql_client_install() {
# Install alternative repos for MariaDB
sudo apt-get -y install software-properties-common
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirrors.syringanetworks.net/mariadb/repo/10.2/ubuntu xenial main'
sudo apt-get update
sudo apt-get -y install mariadb-client
conf_write mysql-client true
echo "${gre}MySQL Client has been successfully installed!${end}"
}
conf_read() {
local val=$(grep -w "^${1}:.*" /opt/webinoly/webinoly.conf | cut -f 2 -d ':')
echo $val
}
conf_write() {
if [[ ! -a /opt/webinoly/webinoly.conf ]]; then
sudo touch /opt/webinoly/webinoly.conf
fi
#if requested VAR exists overwrite it, if not, create it.
sed -i "/${1}:/d" /opt/webinoly/webinoly.conf
sh -c "echo -n '$1:$2\n' >> /opt/webinoly/webinoly.conf"
}
conf_delete() {
sed -i "/${1}:/d" /opt/webinoly/webinoly.conf
}

902
lib/install Normal file
View file

@ -0,0 +1,902 @@
#!/bin/bash
source /opt/webinoly/lib/general
webinoly_version() {
conf_write app-version 1.0.0
}
server_version() {
conf_write server-version 1.0
}
linux_optim() {
if [[ $(conf_read linux-optim) == "true" ]]; then
exit 1
fi
if [[ -n $(conf_read fd-ratio) && $(conf_read fd-ratio) =~ ^[0-9]+$ && $(conf_read fd-ratio) -le "100" ]]; then
local fdratio=$(conf_read fd-ratio)
else
local fdratio="30"
fi
if [[ -n $(conf_read nginx-fd-ratio) && $(conf_read nginx-fd-ratio) =~ ^[0-9]+$ && $(conf_read nginx-fd-ratio) -le "100" ]]; then
local nginxfdratio=$(conf_read nginx-fd-ratio)
else
local nginxfdratio="65"
fi
if [[ -n $(conf_read max-mb-uploads) && $(conf_read max-mb-uploads) =~ ^[0-9]+$ ]]; then
local maxuploads=$(conf_read max-mb-uploads)
else
local maxuploads="100"
fi
local ramkb=$(grep MemTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')
local newfd=$((($ramkb*$fdratio)/100))
local nginxfd=$((($newfd*$nginxfdratio)/100))
local cachefd=$(($nginxfd/3))
local cacheram=$(($nginxfd/1024))
sudo sysctl -w fs.file-max=$newfd
[ -d /etc/systemd/system/nginx.service.d ] || sudo mkdir /etc/systemd/system/nginx.service.d
[ -a /etc/systemd/system/nginx.service.d/nofile_limit.conf ] || sudo touch /etc/systemd/system/nginx.service.d/nofile_limit.conf
sudo echo "[Service]
LimitNOFILE=$nginxfd" | tee -a /etc/systemd/system/nginx.service.d/nofile_limit.conf
sudo sed -i "/worker_rlimit_nofile/c \worker_rlimit_nofile $nginxfd;" /etc/nginx/nginx.conf
sudo sed -i "/client_max_body_size/c \ client_max_body_size ${maxuploads}m;" /etc/nginx/nginx.conf
sudo sed -i "/open_file_cache max/c \ open_file_cache max=$cachefd inactive=5m;" /etc/nginx/nginx.conf
sudo sed -i "/fastcgi_cache_path/c \fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m max_size=${cacheram}m inactive=7d;" /etc/nginx/conf.d/fastcgi.conf
#mkdir -p /var/run/nginx-cache
#echo "tmpfs /var/run/nginx-cache tmpfs size=${cacheram}M,mode=0744,uid=www-data,gid=www-data 0 0" | sudo tee -a /etc/fstab
#sudo mount /var/run/nginx-cache
# Linux Optimization - https://www.linode.com/docs/web-servers/nginx/configure-nginx-for-optimized-performance
sudo echo "# WebinolyStart - Don't delete
fs.file-max = $newfd
net.core.somaxconn = 65536
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_fin_timeout = 20
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_max_syn_backlog = 3240000
# WebinolyEnd" | tee -a /etc/sysctl.conf
# https://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/
# https://ospi.fi/blog/centos-7-raise-nofile-limit-for-nginx.html
# https://www.masv.io/boost-nginx-connection-limits/
# https://underyx.me/2015/05/18/raising-the-maximum-number-of-file-descriptors
# sudo cat /proc/$(cat /run/nginx.pid)/limits - ver los recursos actuales del proceso main de nginx
# sudo ps aux | grep nginx --- ver todos lo procesos corriendo con nginx user
sudo sed -i "/End of file/i \# WebinolyStart - Don't delete" /etc/security/limits.conf
sudo sed -i '/End of file/i \root - nofile 4096' /etc/security/limits.conf
sudo sed -i '/End of file/i \* - nofile 4096' /etc/security/limits.conf
sudo sed -i "/End of file/i \# WebinolyEnd" /etc/security/limits.conf
swap_create
sudo sysctl -p
sudo systemctl daemon-reload
sudo kill $(cat /run/nginx.pid)
conf_write linux-optim true
sudo nginx -t && sudo service nginx start
}
linux_purge() {
if [[ $(conf_read linux-optim) == "true" ]]; then
sudo sed -i '/WebinolyStart/,/WebinolyEnd/{/.*/d}' /etc/security/limits.conf
sudo sed -i '/WebinolyStart/,/WebinolyEnd/{/.*/d}' /etc/sysctl.conf
sudo rm -rf /etc/systemd/system/nginx.service.d
sudo sed -i '/\/var\/run\/nginx-cache/d' /etc/fstab
#sudo umount /var/run/nginx-cache
sudo sysctl -p
sudo systemctl daemon-reload
conf_write linux-optim purged
fi
}
messagend_install() {
echo "${gre}*****************************************************************************************"
echo "************ LA INSTALACIÓN HA FINALIZADO CON ÉXITO ************"
echo "*****************************************************************************************${end}"
if [[ $1 == "dbpass" ]]; then
local rootpass=$( echo $(conf_read mysql-root) | openssl enc -d -a -salt )
local adminpass=$( echo $(conf_read mysql-admin) | openssl enc -d -a -salt )
echo "${gre}*****************************************************************************************"
echo "************ Guarda tus claves de acceso para la DB: ************"
echo "************ root: ${rootpass} admin: ${adminpass} ************"
echo "*****************************************************************************************"
echo "${end}"
fi
}
nginx_install() {
sudo apt-get update
sudo apt-get -y install nginx
if [[ $(conf_read login-www-data) == "true" ]]; then
sudo chown -R www-data:www-data /var/www
sudo chown root:root /var/www
fi
conf_write nginx true
messagend_install
}
php_install() {
if [[ -n $(conf_read php-ver) && ($(conf_read php-ver) == "7.1" || $(conf_read php-ver) == "7.0" || $(conf_read php-ver) == "5.6") ]]; then
echo "${gre} Custom PHP version '$(conf_read php-ver)' detected!${end}"
else
conf_write php-ver 7.1
fi
ver=$(conf_read php-ver)
sudo add-apt-repository -y 'ppa:ondrej/php'
sudo apt-get update
sudo apt-get -y install php${ver}-fpm php${ver}-curl php${ver}-gd php${ver}-imap php${ver}-mcrypt php${ver}-readline php${ver}-common php${ver}-recode php${ver}-mysql php${ver}-cli php${ver}-mbstring php${ver}-bcmath php${ver}-mysql php${ver}-opcache php${ver}-zip php${ver}-xml php-memcached php-imagick php-memcache memcached graphviz php-pear php-xdebug php-msgpack php${ver}-soap unzip pwgen
sudo cp /etc/php/$(conf_read php-ver)/fpm/php.ini /opt/webinoly/templates/source/
sudo cp /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf /opt/webinoly/templates/source/
conf_write php true
messagend_install
}
mysql_install() {
if [[ $(conf_read mysql-client) != "true" ]]; then
mysql_client_install
fi
# debconf-utils for unattended scripts && pwgen to generate random strings (passwords)
# debconf-get-selections | grep phpmyadmin <<-- list conf variables
sudo apt-get -y install debconf-utils
# Generate mysql user passwords
local AUTOGENPASS_ROOT=`pwgen -s -1`
local AUTOGENPASS_ADMIN=`pwgen -s -1`
local AUTOGENPASS_PMA=`pwgen -s -1`
local enc_pass_root=$( echo $AUTOGENPASS_ROOT | openssl enc -a -salt )
local enc_pass_admin=$( echo $AUTOGENPASS_ADMIN | openssl enc -a -salt )
conf_write mysql-root $enc_pass_root
conf_write mysql-admin $enc_pass_admin
# MariaDB Installation
echo "mariadb-server-10.2 mysql-server/root_password password $AUTOGENPASS_ROOT" | debconf-set-selections
echo "mariadb-server-10.2 mysql-server/root_password_again password $AUTOGENPASS_ROOT" | debconf-set-selections
sudo apt-get -y install mariadb-server
#Instead of mysql_secure_installation we do this: (same but manually, because not acept unattended)
#ALTER USER 'root'@'localhost' IDENTIFIED BY '${AUTOGENPASS_ROOT}'; <<<--- For MySQL 5.7.6 and newer as well as MariaDB 10.1.20 and newer instead of UPDATE
sudo mysql --user=root -p$AUTOGENPASS_ROOT <<_EOF_
UPDATE mysql.user SET authentication_string = PASSWORD('${AUTOGENPASS_ROOT}') WHERE User = 'root' AND Host = 'localhost';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
CREATE USER IF NOT EXISTS 'admin'@'localhost' IDENTIFIED BY '${AUTOGENPASS_ADMIN}';
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
_EOF_
conf_write mysql true
messagend_install
}
#NGINX OPTIM
nginx_optim() {
sudo cp -R /opt/webinoly/templates/nginx/common /etc/nginx/common
sudo cp -R /opt/webinoly/templates/nginx/conf.d/* /etc/nginx/conf.d/
sudo cat /opt/webinoly/templates/nginx/nginx.conf > /etc/nginx/nginx.conf
sudo sed -i '/REQUEST_SCHEME/c \fastcgi_param SCRIPT_FILENAME $request_filename;' /etc/nginx/fastcgi_params
sudo sed -i '/REDIRECT_STATUS/a \fastcgi_param HTTP_PROXY "";' /etc/nginx/fastcgi_params
# Create Direct Access for easy navigation
[ -L $HOME/sites-available ] || ln -s /etc/nginx/sites-available $HOME
[ -L $HOME/www ] || ln -s /var/www $HOME
# www-data sftp default uploads permissions 755 and 644, instead of 775 and 664.
sudo sed -i '/USERGROUPS_ENAB/c \USERGROUPS_ENAB no' /etc/login.defs
if [[ ! -a /etc/ssl/dhparam.pem ]]; then
sudo openssl dhparam -out /etc/ssl/dhparam.pem 2048
sudo chmod 600 /etc/ssl/dhparam.pem
fi
linux_optim
server_version
conf_write nginx-optim true
sudo nginx -t && sudo service nginx reload
}
# PHP OPTIM
php_optim() {
if [[ -n $(conf_read max-mb-uploads) && $(conf_read max-mb-uploads) =~ ^[0-9]+$ ]]; then
local maxuploads=$(conf_read max-mb-uploads)
else
local maxuploads="100"
fi
sudo sed -i '/cgi.fix_pathinfo=/c\cgi.fix_pathinfo=0' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i '/memory_limit =/c\memory_limit = 128M' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i '/max_execution_time =/c\max_execution_time = 300' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i '/expose_php =/c\expose_php = Off' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i "/upload_max_filesize =/c\upload_max_filesize = ${maxuploads}M" /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i "/post_max_size =/c\post_max_size = ${maxuploads}M" /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i '/max_file_uploads =/c\max_file_uploads = 20' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo sed -i '/date.timezone =/c\date.timezone = America/Mexico_City' /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo mkdir -p /var/log/php/$(conf_read php-ver)
sudo touch /var/log/php/$(conf_read php-ver)/fpm.log
sudo sed -i "/error_log =/c\error_log = /var/log/php/$(conf_read php-ver)/fpm.log" /etc/php/$(conf_read php-ver)/fpm/php-fpm.conf
sudo sed -i '/log_level =/c\log_level = notice' /etc/php/$(conf_read php-ver)/fpm/php-fpm.conf
sudo sed -i '/pm =/c\pm = ondemand' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/request_terminate_timeout =/c\request_terminate_timeout = 300' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.max_spare_servers =/c\pm.max_spare_servers = 30' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.min_spare_servers =/c\pm.min_spare_servers = 10' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.start_servers =/c\pm.start_servers = 20' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.max_children =/c\pm.max_children = 100' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.max_requests =/c\pm.max_requests = 500' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/pm.status_path =/c\pm.status_path = /status' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/ping.path =/c\ping.path = /ping' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo sed -i '/listen = /c\listen = 127.0.0.1:9000' /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo touch /var/log/php/$(conf_read php-ver)/slow.log
sudo cp /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i '/\[www\]/c\[debug]' /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i '/rlimit_core =/c\rlimit_core = unlimited' /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i "/slowlog =/c\slowlog = /var/log/php/$(conf_read php-ver)/slow.log" /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i '/request_slowlog_timeout =/c\request_slowlog_timeout = 10s' /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i '/listen = /c\listen = 127.0.0.1:9001' /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo echo 'php_admin_flag[xdebug.profiler_enable] = off' >> /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo echo 'php_admin_flag[xdebug.profiler_enable_trigger] = on' >> /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo echo 'php_admin_value[xdebug.profiler_output_name] = cachegrind.out.%p-%H-%R' >> /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo echo 'php_admin_value[xdebug.profiler_output_dir] = /tmp/' >> /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
sudo sed -i '/zend_extension=/c\;zend_extension=xdebug.so' /etc/php/$(conf_read php-ver)/mods-available/xdebug.ini
conf_write php-optim true
sudo service php*-fpm reload
}
nginx_tool_site() {
# Port 22222 tools site
sudo site $(conf_read tools-port) -php
sudo cp /opt/webinoly/templates/nginx/22222 /etc/nginx/sites-available/$(conf_read tools-port)
sudo sed -i "s/22222/$(conf_read tools-port)/g" /etc/nginx/sites-available/$(conf_read tools-port)
sudo service nginx reload
}
nginx_tool() {
if [[ $(conf_read php) == "true" ]]; then
nginx_tool_site
fi
# in case php was installed before nginx
if [[ $(conf_read php-tool) == "true" && ! -a /var/www/$(conf_read tools-port)/htdocs/php/index.php ]]; then
php_tool_site
fi
# Instalar Duply & Duplicity
sudo apt-get update
sudo apt-get -y install python-boto duplicity duply
# Install LetsEncrypt
sudo apt-get -y install letsencrypt
conf_write web-tool true
conf_write nginx-tool true
}
php_tool_site() {
# Status pages
sudo mkdir -p /var/www/$(conf_read tools-port)/htdocs/fpm/status
sudo touch /var/www/$(conf_read tools-port)/htdocs/fpm/status/php
sudo touch /var/www/$(conf_read tools-port)/htdocs/fpm/status/debug
#PHP info site
sudo mkdir -p /var/www/$(conf_read tools-port)/htdocs/php
sudo touch /var/www/$(conf_read tools-port)/htdocs/php/index.php
sudo echo '<?php phpinfo(); ?>' >> /var/www/$(conf_read tools-port)/htdocs/php/index.php
}
php_tool() {
# in case nginx was installed before php
if [[ $(conf_read nginx-tool) == "true" && ! -a /etc/nginx/sites-available/$(conf_read tools-port) ]]; then
nginx_tool_site
fi
if [[ $(conf_read nginx) == "true" ]]; then
php_tool_site
fi
# Redis (Object Cache)
echo | sudo add-apt-repository ppa:chris-lea/redis-server
sudo apt-get update
sudo apt-get -y install redis-server php-redis
# Postfix mail
echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections
echo "postfix postfix/mailname string $hostname" | debconf-set-selections
sudo apt-get -y install postfix
sudo service php*-fpm reload
conf_write web-tool true
conf_write php-tool true
}
mysql_tool() {
#PhpMyAdmin unattended script installation
echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | debconf-set-selections
echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect" | debconf-set-selections
echo "phpmyadmin phpmyadmin/mysql/app-pass password $AUTOGENPASS_PMA" | debconf-set-selections
echo "phpmyadmin phpmyadmin/app-password-confirm password $AUTOGENPASS_PMA" | debconf-set-selections
#PhpMyAdmin Installation
sudo apt-get -y install phpmyadmin
if [[ -d /usr/share/phpmyadmin ]]; then
sudo mv /usr/share/phpmyadmin /var/www/$(conf_read tools-port)/htdocs/pma
fi
conf_write mysql-tool true
}
# Aplication Webinoly
app_install() {
#Download and install/update Webinoly
sudo curl -o $HOME/webinoly.tar http://dl.qrokes.com/webinoly/webinoly.tar
sudo tar -xf $HOME/webinoly.tar -C /opt/webinoly --overwrite
sudo find /opt/webinoly -type d -exec chmod 755 {} \;
sudo find /opt/webinoly -type f -exec chmod 644 {} \;
# Plugin instalation
sudo chmod 755 /opt/webinoly/plugins/*
sudo mv /opt/webinoly/plugins/* /usr/bin/
}
# Remove Intallation Files
app_purge() {
sudo rm $HOME/webinoly.tar
sudo rm -rf /opt/webinoly/plugins
}
# Verify Integrity of all "required" files and system
webinoly_verify() {
local error="0"
local warning="0"
echo "${gre} Verifying integrity of the entire Webinoly system... ${end}"
echo "${red}"
# Webinoly
if [[ ! -a /opt/webinoly/lib/general ]]; then
echo "[ERROR] File: /opt/webinoly/lib/general not found!"
error="1"
fi
if [[ ! -a /opt/webinoly/lib/install ]]; then
echo "[ERROR] File: /opt/webinoly/lib/install not found!"
error="1"
fi
if [[ ! -a /opt/webinoly/templates/template-site-php ]]; then
echo "[ERROR] File: /opt/webinoly/templates/template-site-php not found!"
error="1"
fi
if [[ ! -a /opt/webinoly/webinoly.conf ]]; then
echo "[ERROR] File: /opt/webinoly/webinoly.conf not found!"
error="1"
fi
if [[ ! -a /usr/bin/webinoly ]]; then
echo "[ERROR] File: /usr/bin/webinoly not found!"
error="1"
fi
if [[ ! -a /usr/bin/site ]]; then
echo "[ERROR] File: /usr/bin/site not found!"
error="1"
fi
if [[ ! -a /usr/bin/httpauth ]]; then
echo "[ERROR] File: /usr/bin/httpauth not found!"
error="1"
fi
if [[ ! -a /usr/bin/log ]]; then
echo "[ERROR] File: /usr/bin/log not found!"
error="1"
fi
if [[ ! -a /usr/bin/stack ]]; then
echo "[ERROR] File: /usr/bin/stack not found!"
error="1"
fi
if [[ -z $(conf_read tools-port) ]]; then
echo "[ERROR] Port Tools not found!"
error="1"
fi
# NGINX
if [[ ! -a /etc/nginx/nginx.conf && $(conf_read nginx) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/nginx.conf not found!"
error="1"
elif [[ -a /etc/nginx/nginx.conf && $(conf_read nginx) != "true" ]]; then
echo "[WARNING] Seems like NGINX is installed but Webinoly can not detect it!"
warning="1"
fi
if [[ ! -a /etc/nginx/fastcgi.conf && $(conf_read nginx) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/fastcgi.conf not found!"
error="1"
elif [[ -a /etc/nginx/fastcgi.conf && $(conf_read nginx) != "true" ]]; then
echo "[WARNING] Seems like NGINX is installed but Webinoly can not detect it!"
warning="1"
fi
# NGINX Optim
if [[ ! -a /etc/nginx/fastcgi_params && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/fastcgi_params not found!"
error="1"
fi
if [[ ! -a /etc/nginx/.htpasswd && $(conf_read nginx-optim) == "true" ]]; then
echo "[WARNING] File: /etc/nginx/.htpasswd not found!"
warning="1"
fi
if [[ ! -a /etc/nginx/conf.d/blockips.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[WARNING] File: /etc/nginx/conf.d/blockips.conf not found!"
warning="1"
fi
if [[ ! -a /etc/nginx/conf.d/fastcgi.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/conf.d/fastcgi.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/conf.d/upstream.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/conf.d/upstream.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/acl.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/acl.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/locations.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/locations.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/php.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/php.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/wpcommon.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/wpcommon.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/wpfc.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/wpfc.conf not found!"
error="1"
fi
if [[ ! -a /etc/nginx/common/wpsubdir.conf && $(conf_read nginx-optim) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/common/wpsubdir.conf not found!"
error="1"
fi
# NGINX Tools
if [[ ! -a /etc/nginx/sites-available/$(conf_read tools-port) && $(conf_read nginx-tool) == "true" ]]; then
echo "[ERROR] File: /etc/nginx/sites-available/$(conf_read tools-port) not found!"
error="1"
elif [[ -a /etc/nginx/sites-available/$(conf_read tools-port) && $(conf_read nginx-tool) != "true" ]]; then
echo "[WARNING] Seems like Nginx Tools are enabled but Webinoly can not detect it!"
warning="1"
fi
if [[ ! -d /var/www/$(conf_read tools-port) && $(conf_read nginx-tool) == "true" ]]; then
echo "[ERROR] Folder: /var/www/$(conf_read tools-port) not found!"
error="1"
elif [[ -d /var/www/$(conf_read tools-port) && $(conf_read nginx-tool) != "true" ]]; then
echo "[WARNING] Seems like Nginx Tools are enabled but Webinoly can not detect it!"
warning="1"
fi
# NGINX Conf check
if [[ $(conf_read nginx) != "true" && ( $(conf_read nginx-optim) == "true" || $(conf_read nginx-tool) == "true" ) ]]; then
echo "[WARNING] NGINX Configuration corrupted!"
warning="1"
fi
# PHP
if [[ ! -a /etc/php/$(conf_read php-ver)/fpm/php.ini && $(conf_read php) == "true" ]]; then
echo "[ERROR] File: /etc/php/$(conf_read php-ver)/fpm/php.ini not found!"
error="1"
elif [[ -a /etc/php/$(conf_read php-ver)/fpm/php.ini && $(conf_read php) != "true" ]]; then
echo "[WARNING] Seems like PHP is installed but Webinoly can not detect it!"
warning="1"
fi
# PHP Optim
if [[ ! -a /etc/php/$(conf_read php-ver)/fpm/php-fpm.conf && $(conf_read php-optim) == "true" ]]; then
echo "[ERROR] File: /etc/php/$(conf_read php-ver)/fpm/php-fpm.conf not found!"
error="1"
fi
if [[ ! -a /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf && $(conf_read php-optim) == "true" ]]; then
echo "[ERROR] File: /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf not found!"
error="1"
fi
if [[ ! -a /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf && $(conf_read php-optim) == "true" ]]; then
echo "[ERROR] File: /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf not found!"
error="1"
fi
# PHP Tools
if [[ ! -a /var/www/$(conf_read tools-port)/htdocs/fpm/status/php && $(conf_read php-tool) == "true" ]]; then
echo "[ERROR] File: /var/www/$(conf_read tools-port)/htdocs/fpm/status/php not found!"
error="1"
elif [[ -a /var/www/$(conf_read tools-port)/htdocs/fpm/status/php && $(conf_read php-tool) != "true" ]]; then
echo "[WARNING] Seems like PHP Tools are enabled but Webinoly can not detect it!"
warning="1"
fi
if [[ ! -a /var/www/$(conf_read tools-port)/htdocs/fpm/status/debug && $(conf_read php-tool) == "true" ]]; then
echo "[ERROR] File: /var/www/$(conf_read tools-port)/htdocs/fpm/status/debug not found!"
error="1"
elif [[ -a /var/www/$(conf_read tools-port)/htdocs/fpm/status/debug && $(conf_read php-tool) != "true" ]]; then
echo "[WARNING] Seems like PHP Tools are enabled but Webinoly can not detect it!"
error="1"
fi
if [[ ! -a /var/www/$(conf_read tools-port)/htdocs/php/index.php && $(conf_read php-tool) == "true" ]]; then
echo "[ERROR] File: /var/www/$(conf_read tools-port)/htdocs/php/index.php not found!"
error="1"
elif [[ -a /var/www/$(conf_read tools-port)/htdocs/php/index.php && $(conf_read php-tool) != "true" ]]; then
echo "[WARNING] Seems like PHP Tools are enabled but Webinoly can not detect it!"
warning="1"
fi
# PHP Conf check
if [[ $(conf_read php) != "true" && ( $(conf_read php-optim) == "true" || $(conf_read php-tool) == "true" ) ]]; then
echo "[WARNING] PHP Configuration corrupted!"
warning="1"
fi
# MySQL
if [[ ! -d /etc/mysql && $(conf_read mysql) == "true" ]]; then
echo "[ERROR] Folder: /etc/mysql not found!"
error="1"
elif [[ -d /etc/mysql && $(conf_read mysql) != "true" ]]; then
echo "[WARNING] Seems like MySQL is installed but Webinoly can not detect it!"
warning="1"
fi
# MySQL Tools
if [[ ! -d /var/www/$(conf_read tools-port)/htdocs/pma && $(conf_read mysql-tool) == "true" ]]; then
echo "[ERROR] Folder: /var/www/$(conf_read tools-port)/htdocs/pma not found!"
error="1"
elif [[ ( -d /var/www/$(conf_read tools-port)/htdocs/pma || -d /usr/share/phpmyadmin ) && $(conf_read mysql-tool) != "true" ]]; then
echo "[WARNING] Seems like MySQL Tools (PhpMyAdmin) are enabled but Webinoly can not detect it!"
warning="1"
fi
# MySQL Conf check
if [[ $(conf_read mysql) != "true" && $(conf_read mysql-tool) == "true" ]]; then
echo "[WARNING] MySQL Configuration corrupted!"
warning="1"
fi
# Web Tools
if [[ ! -d /etc/redis && $(conf_read web-tool) == "true" && $(conf_read php_tool) == "true" ]]; then
echo "[ERROR] Folder: /etc/redis not found!"
error="1"
fi
if [[ ! -d /etc/postfix && $(conf_read web-tool) == "true" && $(conf_read php_tool) == "true" ]]; then
echo "[ERROR] Folder: /etc/postfix not found!"
error="1"
fi
if [[ ! -a /usr/bin/duplicity && $(conf_read web-tool) == "true" && $(conf_read nginx_tool) == "true" ]]; then
echo "[ERROR] File: /usr/bin/duplicity not found!"
error="1"
fi
if [[ ! -a /usr/bin/letsencrypt && $(conf_read web-tool) == "true" && $(conf_read nginx_tool) == "true" ]]; then
echo "[ERROR] File: /usr/bin/letsencrypt not found!"
error="1"
fi
if [[ ( -d /etc/redis || -d /etc/postfix || -a /usr/bin/duplicity || -a /usr/bin/letsencrypt ) && $(conf_read web-tool) != "true" ]]; then
echo "[WARNING] Seems like Web Tools (Redis, Letsencrypt, Postfix and Duplicity) are enabled but Webinoly can not detect it!"
warning="1"
fi
echo ""
if [ $error != 0 ]; then
echo "*******************************************************"
echo "******** ${gre}> > > E R R O R < < <${red} ***********"
echo "******** ${gre}System could not work properly${red} ***********"
echo "*******************************************************"
exit 1
elif [ $warning != 0 ]; then
echo "***********************************************************************************************************"
echo "******** ${gre}[ W A R N I N G ] System seems to be corrupted and could not work properly${red} ***********"
echo "***********************************************************************************************************"
exit 2
else
echo "${gre} Integrity test passed!!"
fi
echo "${end}"
}
tools_port() {
local in="$1"
while ! [[ $port -ge 0 && $port -le 65535 && $port =~ ^[0-9]+$ ]] 2>/dev/null
do
if [[ -z "$in" || $in == "empty" ]]; then
read -p "${blu}Tools Port [Default: 22222]: " port
port=${port:-22222}
else
port="$in"
in="empty"
fi
done
conf_write tools-port $port
echo "${gre} Port $port has been enabled to access all your Tools! ${end}"
}
swap_delete() {
local swapkb=$(grep SwapTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')
if [[ -n $swapkb && $swapkb =~ ^[0-9]+$ && $swapkb -gt 0 ]]; then
sudo swapoff -a -v
sudo rm /swapfile
sudo sed -i '/\/swapfile/d' /etc/fstab
sudo sed -i '/vm.swappiness/d' /etc/sysctl.conf
fi
}
swap_create() {
local swapkb="0"
local swapkb=$(grep SwapTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')
local swap=$(($swapkb/1048000))
local ramkb=$(grep MemTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')
local ram=$(($ramkb/1048000))
# Delete if new custom swap is found.
if [[ -n $(conf_read swap-mem) && $(conf_read swap-mem) =~ ^[0-9]+$ && $(conf_read swap-mem) != $swapkb ]]; then
swap_delete
swapkb=$(grep SwapTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')
fi
if [[ -z $swapkb || $swapkb == "0" ]]; then
if [[ -n $(conf_read swap-mem) && $(conf_read swap-mem) =~ ^[0-9]+$ ]]; then
local newswap=$(conf_read swap-mem)
elif [[ $ram -le 2 ]]; then
local newswap="1"
elif [[ $ram -le 6 ]]; then
local newswap="2"
elif [[ $ram -le 12 ]]; then
local newswap="3"
elif [[ $ram -le 16 ]]; then
local newswap="4"
elif [[ $ram -le 24 ]]; then
local newswap="5"
elif [[ $ram -le 32 ]]; then
local newswap="6"
elif [[ $ram -le 64 ]]; then
local newswap="8"
elif [[ $ram -le 128 ]]; then
local newswap="11"
else
local newswap="0"
fi
if [[ -z $newswap || $newswap == 0 ]]; then
echo "${red} [ERROR] Webinoly could not create a new Swap Partition! ${end}"
else
# Create SWAP Partition
sudo dd if=/dev/zero of=/swapfile bs=${newswap}M count=1024
sudo mkswap /swapfile
sudo swapon /swapfile
sudo sed -i "/LABEL.*/a \/swapfile none swap sw 0 0" /etc/fstab
echo 10 | sudo tee /proc/sys/vm/swappiness
echo vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf
sudo chown root:root /swapfile
sudo chmod 0600 /swapfile
echo "${gre} A new SWAP Partion (${newswap}Gb) has been created! ${end}"
fi
else
echo "${gre} SWAP Memory (${swap}Gb) detected!${end}"
fi
}
conf_load_read() {
local val=$(grep -F "${1}:" $HOME/webinoly.conf | cut -f 2 -d ':')
echo $val
}
config_load() {
webinoly -verify
if [[ $? == 1 || ! -a $HOME/webinoly.conf ]]; then
echo "${red} Configuration file not found or is corrupted! ${end}"
exit 1
fi
if [[ -a /opt/webinoly/webinoly.conf ]]; then
echo "${blu}"
echo " What do you want to do with your actual configuration [ P=Purge O=Overwrite C=Cancel ]? "
while read -r -n 1 -s answer; do
local answer=${answer:-n}
echo ""
if [[ $answer = [PpOoCc] ]]; then
if [[ $answer == [Pp] ]]; then
stack -purge-server-all
fi
if [[ $answer == [Oo] ]]; then
echo " Overwriting current configuration!! "
fi
if [[ $answer == [Cc] ]]; then
echo "${red} Action aborted!"
echo "${end}"
exit 1
fi
break
fi
done
echo "${end}"
fi
#sudo mv $HOME/webinoly.conf /opt/webinoly/
# Check for system variables before stack
if [[ -n $(conf_load_read swap-mem) ]]; then
conf_write swap-mem $(conf_load_read swap-mem)
fi
if [[ -n $(conf_load_read max-mb-uploads) ]]; then
conf_write max-mb-uploads $(conf_load_read max-mb-uploads)
fi
if [[ -n $(conf_load_read fd-ratio) ]]; then
conf_write fd-ratio $(conf_load_read fd-ratio)
fi
if [[ -n $(conf_load_read nginx-fd-ratio) ]]; then
conf_write nginx-fd-ratio $(conf_load_read nginx-fd-ratio)
fi
if [[ $answer == [Oo] && $(conf_read nginx-optim) == "true" ]]; then
linux_purge
linux_optim
fi
if [[ -n $(conf_load_read php-ver) ]]; then
# PHP variable version in case of Overwriting
if [[ $answer == [Oo] && $(conf_read php) == "true" && $(conf_load_read php-ver) != $(conf_read php-ver) ]]; then
conf_write delall true
stack -php -purge
conf_delete delall
fi
conf_write php-ver $(conf_load_read php-ver)
fi
# Determine which stack install
if [[ $(conf_load_read nginx-tool) == "true" && $(conf_load_read nginx-optim) == "true" && $(conf_load_read nginx) == "true" ]]; then
stack -nginx
elif [[ $(conf_load_read nginx-tool) != "true" && $(conf_load_read nginx-optim) == "true" && $(conf_load_read nginx) == "true" ]]; then
stack -nginx -notools
fi
if [[ $(conf_load_read php-tool) == "true" && $(conf_load_read php-optim) == "true" && $(conf_load_read php) == "true" ]]; then
stack -php
elif [[ $(conf_load_read php-tool) != "true" && $(conf_load_read php-optim) == "true" && $(conf_load_read php) == "true" ]]; then
stack -php -notools
fi
if [[ $(conf_load_read mysql-tool) == "true" && $(conf_load_read mysql) == "true" ]]; then
stack -mysql
elif [[ $(conf_load_read mysql-tool) != "true" && $(conf_load_read mysql) == "true" ]]; then
stack -mysql -notools
fi
if [[ $(conf_load_read mysql-tool) == "true" && $(conf_read mysql-tool) != "true" ]]; then
# When pma has been purged due to php different version
stack -pma
fi
if [[ $(conf_load_read web-tool) == "purged" ]]; then
stack -web-tools -purge
fi
# Some user preferences
if [[ -n $(conf_load_read tools-port) ]]; then
webinoly -tools-port $(conf_load_read tools-port)
fi
if [[ -n $(conf_load_read fastcgi-conf) ]]; then
webinoly -config-cache $(conf_load_read fastcgi-conf)
fi
if [[ $(conf_load_read login-www-data) == "true" ]]; then
webinoly -login-www-data
fi
if [[ $(conf_load_read wp-admin-auth) == "purged" ]]; then
httpauth -wp-admin-off
fi
echo "${gre}"
echo " Custom configuration file successfully loaded!"
echo "${end}"
}
system_info() {
echo "${blu}"
echo "[SYSTEM]"
echo "Operating System: $(sudo cat /proc/version) "
echo "Cores: $(grep ^processor /proc/cpuinfo | wc -l) "
echo "RAM: $(grep MemTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')kb "
echo "SWAP: $(grep SwapTotal /proc/meminfo | cut -f 2 -d ':' | tr -d ' ' | cut -f 1 -d 'k')kb "
echo "File descriptors: $(sudo cat /proc/sys/fs/file-max) "
echo ""
echo [Disk Usage]
sudo df -Th /
echo ""
echo "[NGINX]"
if [[ $(conf_read nginx) == "true" ]]; then
sudo nginx -v
echo "Nginx file descriptors: $(grep 'Max open files' /proc/$(cat /run/nginx.pid)/limits | cut -f 15 -d ' ') "
echo "worker_processes: $(grep worker_processes /etc/nginx/nginx.conf | cut -f 2 -d ' ' | tr -d ';') "
echo "worker_connections: $(grep worker_connections /etc/nginx/nginx.conf | cut -f 2 -d ' ' | tr -d ';')"
echo "worker_rlimit_nofile: $(grep worker_rlimit_nofile /etc/nginx/nginx.conf | cut -f 2 -d ' ' | tr -d ';')"
echo "client_max_body_size: $(grep client_max_body_size /etc/nginx/nginx.conf | cut -f 2 -d ' ' | tr -d ';')"
echo ""
echo "[CACHE]"
echo "FastCGI 200: $( grep -F "fastcgi_cache_valid 200" /etc/nginx/conf.d/fastcgi.conf | rev | cut -d' ' -f 1 | rev | tr -d ';')"
echo "FastCGI 3xx/4xx: $( grep -F "fastcgi_cache_valid 301 302 307 404" /etc/nginx/conf.d/fastcgi.conf | rev | cut -d' ' -f 1 | rev | tr -d ';' )"
echo "FastCGI inactive: $( grep -F "fastcgi_cache_path" /etc/nginx/conf.d/fastcgi.conf | rev | cut -d' ' -f 1 | rev | cut -d'=' -f 2 | tr -d ';')"
echo "FastCGI max-size: $( grep -F "fastcgi_cache_path" /etc/nginx/conf.d/fastcgi.conf | rev | cut -d' ' -f 2 | rev | cut -f 2 -d '=' )"
echo "open_file_cache_valid: $(grep open_file_cache_valid /etc/nginx/nginx.conf | cut -f 2 -d ' ' | tr -d ';')"
echo "open_file_cache max: $(grep -w open_file_cache /etc/nginx/nginx.conf | cut -f 2 -d ' ' | cut -f 2 -d '=')"
echo "open_file_cache inactive: $(grep -w open_file_cache /etc/nginx/nginx.conf | cut -f 3 -d ' ' | cut -f 2 -d '=' | tr -d ';')"
echo ""
else
echo "${red} NGINX is not installed! ${blu}"
echo ""
fi
echo "[PHP]"
if [[ $(conf_read php) == "true" ]]; then
echo $(php -v | grep -m1 "")
echo "memory_limit: $(grep memory_limit /etc/php/$(conf_read php-ver)/fpm/php.ini | cut -f 2 -d '=' )"
echo "post_max_size: $(grep post_max_size /etc/php/$(conf_read php-ver)/fpm/php.ini | cut -f 2 -d '=' )"
echo "upload_max_filesize: $(grep upload_max_filesize /etc/php/$(conf_read php-ver)/fpm/php.ini | cut -f 2 -d '=' )"
echo "max_file_uploads: $(grep max_file_uploads /etc/php/$(conf_read php-ver)/fpm/php.ini | cut -f 2 -d '=' )"
echo "max_execution_time: $(grep max_execution_time /etc/php/$(conf_read php-ver)/fpm/php.ini | cut -f 2 -d '=' )"
echo ""
else
echo "${red} PHP is not installed! ${blu}"
echo ""
fi
echo "[MYSQL]"
if [[ $(conf_read mysql) == "true" ]]; then
sudo mysql --version
echo "PhpMyAdmin: $(conf_read mysql-tool)"
echo ""
else
echo "${red} MySQL is not installed! ${blu}"
echo ""
fi
echo "[Raw Conf]"
if [[ -a /opt/webinoly/webinoly.conf ]]; then
sudo cat /opt/webinoly/webinoly.conf
else
echo "${red} [ERROR] Configuration File not found! ${blu}"
fi
echo ""
echo "${end}"
}

103
lib/site-ssl Normal file
View file

@ -0,0 +1,103 @@
#!/bin/bash
# This is a library for Site Manager Plugin
# Functions for SSL On/Off
source /opt/webinoly/lib/general
site_ssl_on() {
local cermail=$(conf_read mail)
local root="$domain"
if [[ "$cache" == "-root" ]]; then
root="$domroot"
fi
echo "${gre}"
echo "***********************************************************************************************"
echo "** Please, be careful with the number of intents or certificates you try to get. **"
echo "** Lets Encrypt provides rate limits to ensure fair usage by as many people as possible. **"
echo "** **"
echo "** If you are getting errors or having issues when trying to get a new certificate **"
echo "** read about the Let's Encrypt rate limit - https://letsencrypt.org/docs/rate-limits/ **"
echo "***********************************************************************************************"
# We need an email to notify each renew intent (cron)
while [[ -z $cermail ]]
do
echo "${blu}"
read -p "Please, enter an email to register your new certificate: ${end}" cermail
if [[ "$cermail" =~ ^[a-z0-9_\+-]+(\.[a-z0-9_\+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,4})$ ]]; then
conf_write mail $cermail
echo "${gre} Email address has been successfuly validated and saved! ${end}"
else
cermail=""
echo "${red} Please enter a valid email address!"
fi
echo "${end}"
done
# Generar nuevo certificado
if [[ ! -a /etc/letsencrypt/live/$domain/fullchain.pem ]]; then
sudo letsencrypt certonly --webroot -w /var/www/$root/htdocs/ -d $domain -d www.$domain --email $cermail --agree-tos
fi
# Configuracion NGINX del sitio para soportar SSL
if [[ -a /etc/letsencrypt/live/$root/fullchain.pem ]]; then
sudo sed -i '/listen 80/c \ listen 443 ssl http2;' /etc/nginx/sites-available/$domain
sudo sed -i '/listen \[::\]:80/c \ listen [::]:443 ssl http2;' /etc/nginx/sites-available/$domain
sudo sed -i '/headers-html.conf/a \ include common/headers-https.conf;' /etc/nginx/sites-available/$domain
sudo sed -i '/server_name /r /opt/webinoly/templates/template-site-ssl' /etc/nginx/sites-available/$domain
#sudo sed -i "s/domain.com/${root}/g" /etc/nginx/sites-available/$domain
sudo sed -i "/WebinolySSLstart/,/WebinolySSLend/{s/domain.com/$domain/}" /etc/nginx/sites-available/$domain
# Auto-Renew Certificate
if [[ ! -a /var/spool/cron/crontabs/root ]]; then
sudo touch /var/spool/cron/crontabs/root
sudo chmod 600 /var/spool/cron/crontabs/root
sudo chown root:crontab /var/spool/cron/crontabs/root
fi
cronmail=$( sudo grep -F "MAILTO=" /var/spool/cron/crontabs/root )
cronrene=$( sudo grep -F "letsencrypt renew" /var/spool/cron/crontabs/root )
if [[ -z $cronmail && -n $cermail && -z $cronrene ]]; then
echo "MAILTO=${cermail}" | sudo tee -a /var/spool/cron/crontabs/root
fi
if [[ -z $cronrene ]]; then
echo "15 3 * * 7 letsencrypt renew" | sudo tee -a /var/spool/cron/crontabs/root
fi
echo "${gre}SSL have been successfully enabled for site $domain!${end}"
else
echo "${red}"
echo " [ERROR] Certified not created!"
echo "${end}"
fi
}
site_ssl_off() {
sudo sed -i '/listen 443/c \ listen 80;' /etc/nginx/sites-available/$domain
sudo sed -i '/listen \[::\]:443/c \ listen [::]:80;' /etc/nginx/sites-available/$domain
sudo sed -i '/headers-https.conf/d' /etc/nginx/sites-available/$domain
sudo sed -i '/WebinolySSLstart/,/WebinolySSLend/{/.*/d}' /etc/nginx/sites-available/$domain
echo "${blu}"
echo " Do you want to completely delete your certificate [y/N]? "
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
echo "${end}"
if [[ $answer == [Yy] ]]; then
#sudo letsencrypt delete --cert-name $domain
rm -rf /etc/letsencrypt/live/${domain}
rm -rf /etc/letsencrypt/renewal/${domain}.conf
rm -rf /etc/letsencrypt/archive/${domain}
echo "${gre}"
echo " Certificate for your site $domain has been completely removed!"
echo "${end}"
fi
}

325
lib/sites Normal file
View file

@ -0,0 +1,325 @@
#!/bin/bash
# This is a library for Site Manager Plugin
# Functions for site creation and delete
source /opt/webinoly/lib/general
nginx_helper_plugin() {
# Download WP (latest version)
sudo curl -o /var/www/$domain/htdocs/nginx-helper-plugin.zip https://downloads.wordpress.org/plugin/nginx-helper.latest-stable.zip
sudo unzip /var/www/$domain/htdocs/nginx-helper-plugin.zip -d /var/www/$domain/htdocs/wp-content/plugins/
sudo rm /var/www/$domain/htdocs/nginx-helper-plugin.zip
echo ""
echo "${gre} Nginx Helper Plugin has been installed! ${end}"
}
wpinstall() {
echo "${blu}"
echo "Do you need to setup new MySQL database? [Y/n]"
while read -r -n 1 -s setupmysql; do
local setupmysql=${setupmysql:-y}
if [[ $setupmysql = [YyNn] ]]; then
break
fi
done
echo "Create WP-Config file automatically? [Y/n]"
while read -r -n 1 -s setupwp; do
local setupwp=${setupwp:-y}
if [[ $setupwp = [YyNn] ]]; then
break
fi
done
# Download WP (latest version)
sudo curl -o /var/www/$domain/htdocs/wp.tar.gz https://wordpress.org/latest.tar.gz
sudo tar -xf /var/www/$domain/htdocs/wp.tar.gz -C /var/www/$domain/htdocs/
sudo mv /var/www/$domain/htdocs/wordpress/* /var/www/$domain/htdocs/
sudo rm -rf /var/www/$domain/htdocs/wordpress
sudo rm /var/www/$domain/htdocs/wp.tar.gz
# Generate and auto-fill wp-config.php and also create database
if [[ "$setupmysql" == y || "$setupmysql" == Y || "$setupwp" == y || "$setupwp" == Y ]] ; then
local AUTOGENPASS_WPDB=`pwgen -s -1`
local dom=${domain//./_}
local done="0"
while [[ $done != "1" ]]
do
done="1"
# Ask DB data or suggest default values
echo ""
read -p "Database Host [localhost]:" dbhost
local dbhost=${dbhost:-localhost}
if [[ $dbhost == "localhost" && ( "$setupmysql" == y || "$setupmysql" == Y ) && $(conf_read mysql) != "true" ]]; then
echo "${red} [ERROR] MySQL is not installed or localhost was not found!${blu}"
done="0"
continue 1;
fi
# Check if localhost or external DB
if [[ $dbhost != "localhost" && ( "$setupmysql" == y || "$setupmysql" == Y ) ]]; then
if [[ $(conf_read mysql-client) != "true" ]]; then
echo "${gre}MySQL Client is not installed and we need it to conect with your external server."
echo "Wait while we install MySQL Client... installing!!!${end}"
mysql_client_install > /dev/null 2>&1 &
echo "${gre}MySQL Client has been successfully installed!${end}"
fi
echo "${blu}"
read -p "External DB root username [root]: " dburoot
read -p "External DB root password: " dbproot
echo ""
local dburoot=${dburoot:-root}
local dbproot=${dbproot:-nodefined}
local dburl=$(echo "$dbhost" | cut -f 1 -d ':')
local dbport=$(echo "$dbhost" | cut -f 2 -d ':')
fi
read -p "Database Name [$dom]:" dbname
local dbname=${dbname:-$dom}
# Check for duplicate database names, if already exists ask for another dbname to create the new db
if [[ "$setupmysql" == y || "$setupmysql" == Y ]]; then
local newdbname="$dbname"
while [[ $dbname == $newdbname && $dbreuse != y && $dbreuse != Y ]]; do
# Chech connection to DB first
if [[ $dbhost == "localhost" ]]; then
local ROOT_PASS=$( echo $(conf_read mysql-root) | openssl enc -d -a -salt )
sudo mysql --connect_timeout 10 --user=root -p$ROOT_PASS -e "quit"
else
sudo mysql --connect_timeout 10 -h "$dburl" -P "$dbport" -u"$dburoot" -p"$dbproot" -e "quit"
fi
if [[ $? != "0" ]]; then
done="0"
echo "${red}============================================"
echo " [Error]: Database conection failed."
echo "============================================${blu}"
echo ""
continue 2;
fi
if [[ $dbhost == "localhost" ]]; then
local newdbname=$(sudo mysqlshow --user=root -p$ROOT_PASS $dbname | grep -v Wildcard | grep -ow $dbname)
else
local newdbname=$(sudo mysqlshow -h "$dburl" -P "$dbport" -u"$dburoot" -p"$dbproot" $dbname | grep -v Wildcard | grep -ow $dbname)
fi
if [ "$newdbname" == "$dbname" ]; then
echo ""
echo "${red}Database $dbname already exists!${blu}"
echo "Do you want to use this DB in your new site? [y/N]"
while read -r -n 1 -s dbreuse; do
local dbreuse=${dbreuse:-n}
if [[ $dbreuse = [YyNn] ]]; then
break
fi
done
if [[ $dbreuse != y && $dbreuse != Y ]]; then
echo ""
read -p "Please enter a new DB_NAME for your Database: " newdbname
dbname="$newdbname"
elif [[ $dbreuse == y || $dbreuse == Y ]]; then
# If you want to use the DB that already exist, abort DB creation.
setupmysql="n"
fi
fi
done
fi
read -p "Database User [$dom]:" dbuser
read -p "Database Password [$AUTOGENPASS_WPDB]:" dbpass
read -p "Database Prefix [wp_]:" dbpref
echo "${end}"
# If empty, assign defalut values
local dbuser=${dbuser:-$dom}
local dbpass=${dbpass:-$AUTOGENPASS_WPDB}
local dbpref=${dbpref:-wp_}
# DB Creation
if [[ "$setupmysql" == y || "$setupmysql" == Y ]] ; then
if [[ $dbhost == "localhost" ]]; then
local dbsetup="CREATE DATABASE $dbname;GRANT ALL PRIVILEGES ON $dbname.* TO $dbuser@$dbhost IDENTIFIED BY '$dbpass';FLUSH PRIVILEGES;"
sudo mysql --connect_timeout 10 --user=root -p$ROOT_PASS -e "$dbsetup"
else
sudo mysql --connect_timeout 10 -h "$dburl" -P "$dbport" -u"$dburoot" -p"$dbproot" <<_EOF_
CREATE DATABASE ${dbname};
grant usage on ${dbname}.* to ${dbuser}@\`%\` identified by '${dbpass}';
grant all privileges on ${dbname}.* to ${dbuser}@\`%\`;
FLUSH PRIVILEGES;
_EOF_
fi
if [ $? != "0" ]; then
done="0"
echo "${red}============================================"
echo " [Error]: Database creation failed."
echo "============================================${end}"
echo ""
fi
fi
if [[ $done != "1" ]]; then
echo "${red} Some error ocurred during Database Configuration."
echo "${blu} Retry [Y/n]? ${end}"
while read -r -n 1 -s done; do
done=${done:-y}
if [[ $done = [YyNn] ]]; then
break
fi
done
if [[ $done == n || $done == N ]]; then
done="1"
fi
fi
done
fi
#WP-Config.php auto-setup
if [[ "$setupwp" == y || "$setupwp" == Y ]] ; then
# Generate random salt keys
local SALT_AUTHK=`pwgen -s -1 64`
local SALT_SECUR=`pwgen -s -1 64`
local SALT_LOGGE=`pwgen -s -1 64`
local SALT_NONCE=`pwgen -s -1 64`
local SALT_AUTHS=`pwgen -s -1 64`
local SALT_SECUS=`pwgen -s -1 64`
local SALT_LOGGS=`pwgen -s -1 64`
local SALT_NONCS=`pwgen -s -1 64`
cp /var/www/$domain/htdocs/wp-config-sample.php /var/www/$domain/wp-config.php
# Fill new wp-config with data
sudo sed -i "/DB_NAME/c \define('DB_NAME', '$dbname');" /var/www/$domain/wp-config.php
sudo sed -i "/DB_USER/c \define('DB_USER', '$dbuser');" /var/www/$domain/wp-config.php
sudo sed -i "/DB_PASSWORD/c \define('DB_PASSWORD', '$dbpass');" /var/www/$domain/wp-config.php
sudo sed -i "/DB_HOST/c \define('DB_HOST', '$dbhost');" /var/www/$domain/wp-config.php
sudo sed -i "/table_prefix/c \$table_prefix = '$dbpref';" /var/www/$domain/wp-config.php
sudo sed -i "/'AUTH_KEY'/c \define('AUTH_KEY', '$SALT_AUTHK');" /var/www/$domain/wp-config.php
sudo sed -i "/'SECURE_AUTH_KEY'/c \define('SECURE_AUTH_KEY', '$SALT_SECUR');" /var/www/$domain/wp-config.php
sudo sed -i "/'LOGGED_IN_KEY'/c \define('LOGGED_IN_KEY', '$SALT_LOGGE');" /var/www/$domain/wp-config.php
sudo sed -i "/'NONCE_KEY'/c \define('NONCE_KEY', '$SALT_NONCE');" /var/www/$domain/wp-config.php
sudo sed -i "/'AUTH_SALT'/c \define('AUTH_SALT', '$SALT_AUTHS');" /var/www/$domain/wp-config.php
sudo sed -i "/'SECURE_AUTH_SALT'/c \define('SECURE_AUTH_SALT','$SALT_SECUS');" /var/www/$domain/wp-config.php
sudo sed -i "/'LOGGED_IN_SALT'/c \define('LOGGED_IN_SALT', '$SALT_LOGGS');" /var/www/$domain/wp-config.php
sudo sed -i "/'NONCE_SALT'/c \define('NONCE_SALT', '$SALT_NONCS');" /var/www/$domain/wp-config.php
# Multisite wp-config
if [[ "$type" == "-wpsubdir" || "$type" == "-wpsubdom" ]]; then
sudo sed -i "/stop editing/i \define('WP_ALLOW_MULTISITE', true);" /var/www/$domain/wp-config.php
sudo sed -i "/stop editing/i \#define('MULTISITE', true);" /var/www/$domain/wp-config.php
sudo sed -i "/stop editing/i \#define('DOMAIN_CURRENT_SITE', '$domain');" /var/www/$domain/wp-config.php
sudo sed -i "/stop editing/i \#define('PATH_CURRENT_SITE', '/');" /var/www/$domain/wp-config.php
sudo sed -i "/stop editing/i \#define('SITE_ID_CURRENT_SITE', 1);" /var/www/$domain/wp-config.php
sudo sed -i "/stop editing/i \#define('BLOG_ID_CURRENT_SITE', 1);" /var/www/$domain/wp-config.php
fi
if [ "$type" == "-wpsubdir" ]; then
sudo sed -i "/stop editing/i \#define('SUBDOMAIN_INSTALL', false);" /var/www/$domain/wp-config.php
elif [ "$type" == "-wpsubdom" ]; then
sudo sed -i "/stop editing/i \#define('SUBDOMAIN_INSTALL', true);" /var/www/$domain/wp-config.php
sudo sed -i "/server_name /c \ server_name $domain *.$domain;" /etc/nginx/sites-available/$domain
fi
fi
}
deletesite() {
# Determine id site is WP, so you should delete the DB too.
if [[ -a /var/www/$domain/wp-config.php || -a /var/www/$domain/htdocs/wp-config.php ]]; then
echo "${blu}Delete Database [Y/n]?${end}"
while read -r -n 1 -s dbdel; do
local dbdel=${dbdel:-y}
if [[ $dbdel = [YyNn] ]]; then
break
fi
done
fi
if [[ "$dbdel" == "y" || "$dbdel" == "Y" ]]; then
db_delete $domain
fi
# Delete site files
sudo rm /etc/nginx/sites-available/$domain
sudo rm /etc/nginx/sites-enabled/$domain
sudo rm -rf /var/www/$domain
}
createsite() {
if [[ "$wp" == "1" && $(conf_read php) != "true" ]]; then
echo "${red}"
echo " [ERROR] PHP must be installed before you can create a WP site!"
echo "${end}"
exit 1
fi
if [[ "$type" == "-php" && $(conf_read php) != "true" ]]; then
echo "${red}"
echo " [ERROR] PHP must be installed before you can create a PHP site!"
echo "${end}"
exit 1
fi
# Check for duplicate sites
if [[ -a /etc/nginx/sites-available/$domain ]]; then
echo "${red}Site $domain could not be created because already exists!${end}"
exit 1
fi
sudo cp /opt/webinoly/templates/template-site-php /etc/nginx/sites-available/$domain
# Nginx conf file for the new site (-php conf is default)
sudo sed -i "s/domain.com/$domain/g" /etc/nginx/sites-available/$domain
sudo chmod 644 /etc/nginx/sites-available/$domain
sudo chown root:root /etc/nginx/sites-available/$domain
sudo ln -s /etc/nginx/sites-available/$domain /etc/nginx/sites-enabled/$domain
# Create data folder for new site
if [[ ! -d /var/www/$domain/htdocs || ! -d /var/www/$domain ]]; then
sudo mkdir -p /var/www/$domain/htdocs
if [[ "$wp" == "1" ]]; then
wpinstall
fi
else
echo "${blu}"
echo " We found a folder with $domain site data, do you want to use it [Y/n]? "
while read -r -n 1 -s wwwexist; do
wwwexist=${wwwexist:-y}
if [[ $wwwexist = [YyNn] ]]; then
break
fi
done
echo ""
if [[ $wwwexist == n || $wwwexist == N ]]; then
sudo rm -rf /var/www/$domain/htdocs
sudo mkdir -p /var/www/$domain/htdocs
if [[ "$wp" == "1" ]]; then
wpinstall
fi
fi
fi
sudo chown -R www-data:www-data /var/www
if [[ $(conf_read login-www-data) == "true" ]]; then
sudo chown root:root /var/www
fi
# Activate FastCgi cache
if [[ "$cache" == "-cache" && "$wp" == "1" ]]; then
sudo sed -i '/php.conf/c \ include common/wpfc.conf;' /etc/nginx/sites-available/$domain
nginx_helper_plugin
fi
echo "${gre}Site $domain has been successfully created!${end}"
}

59
plugins/httpauth Normal file
View file

@ -0,0 +1,59 @@
#!/bin/bash
source /opt/webinoly/lib/general
opt="$1"
# Http-Authentication Plugin
# Syntax: httpauth <option>
# Options: -add, -delete, -list, -wp-admin-on, -wp-admin-off
if [[ ! $(conf_read nginx) == "true" ]]; then
echo ""
echo "${red} NGINX is required to get HTTP Authentication working properly! ${end}"
echo ""
exit 1
fi
if [ "$opt" == "-add" ]; then
echo ""
read -p "${blu}HTTP-Auth User: ${end}" user
read -p "${blu}HTTP-Auth Password: ${end}" pass
echo ""
[ -a /etc/nginx/.htpasswd ] && exist=$( grep -F "${user}:" /etc/nginx/.htpasswd )
if [[ -z $exist ]]; then
sudo sh -c "echo -n '$user:$(openssl passwd -1 $pass)\n' >> /etc/nginx/.htpasswd"
echo "${gre}User '$user' has been added successfully!${end}"
else
echo "${red}User '$user' already exist!${end}"
fi
echo ""
elif [ "$opt" == "-delete" ]; then
read -p "${blu}HTTP-Auth User: ${end}" userpurge
sudo sed -i "/$userpurge/d" /etc/nginx/.htpasswd
echo "${gre}User '$userpurge has been deleted successfully!${end}"
elif [ "$opt" == "-list" ]; then
echo "${gre}"
cat /etc/nginx/.htpasswd | while read line
do
# Show only the user_name part, cut encrypted password string
echo "- $line" | cut -f 1 -d ':'
done
echo "${end}"
elif [ "$opt" == "-wp-admin-on" ]; then
iswpadon=$( grep -F "acl.conf;" /etc/nginx/common/wpcommon.conf )
if [[ -z $iswpadon ]]; then
sudo sed -i "/zone=one/a \ include common/acl.conf;" /etc/nginx/common/wpcommon.conf
sudo service nginx reload
conf_write wp-admin-auth true
echo "${gre} WordPress admin authentication has been enabled! ${end}"
else
echo "${gre} HTTP Authentication for WP Admin pages is already enabled! ${end}"
fi
elif [ "$opt" == "-wp-admin-off" ]; then
sudo sed -i "/acl.conf/d" /etc/nginx/common/wpcommon.conf
sudo service nginx reload
conf_write wp-admin-auth purged
echo "${gre} WordPress admin authentication has been disabled! ${end}"
else
echo "${red}Please enter a valid option!${end}"
fi

73
plugins/log Normal file
View file

@ -0,0 +1,73 @@
#!/bin/bash
# View logs in real time Plugins
# Syntax: log <domain> <option>
# Options: -wp, -error (access log is default and have no option)
# Notes: If no domain is entered, access logs are displayed.
source /opt/webinoly/lib/general
domain="$1"
opt="$2"
if [[ ! $(conf_read nginx) == "true" ]]; then
echo ""
echo "${red} NGINX is required to view your logs properly! ${end}"
echo ""
exit 1
fi
if [[ -z $opt ]]; then
case "$domain" in
"-mail")
sudo tail -f /var/log/mail.log /var/log/mail.err
;;
"-fpm")
sudo tail -f /var/log/php/$(conf_read php-ver)/*.log
;;
"-mysql")
sudo tail -f /var/log/mysql/*.log
;;
esac
fi
# Validations
if [[ "$domain" == "-error" || "$domain" == "-wp" ]]; then
domain="$2"
opt="$1"
fi
if [[ -n "$opt" && "$opt" != "-error" && "$opt" != "-wp" ]]; then
echo "${red} $opt is not a valid option!${end}"
exit 1
elif [[ -z "$domain" && -n "$opt" && ! -a /var/log/nginx/error.log ]]; then
echo "${red}Error log file could not be retrieved!${end}"
exit 1
elif [[ -n "$domain" && -n "$opt" && ! -a /var/log/nginx/$domain.error.log ]]; then
echo "${red}Error log file could not be retrieved!${end}"
exit 1
elif [[ -z "$domain" && -z "$opt" && ! -a /var/log/nginx/access.log ]]; then
echo "${red}Access log file could not be retrieved!${end}"
exit 1
elif [[ -n "$domain" && -z "$opt" && ! -a /var/log/nginx/$domain.access.log ]]; then
echo "${red}Access log file could not be retrieved!${end}"
exit 1
fi
# Show the correct log file
if [[ "$opt" == "-error" && -z "$domain" ]]; then
sudo tail -f /var/log/nginx/*error.log
elif [[ "$opt" == "-error" && -n "$domain" ]]; then
sudo tail -f /var/log/nginx/$domain.error.log
elif [[ "$opt" == "-wp" && -n "$domain" ]]; then
if [[ -a /var/www/$domain/htdocs/wp-content/debug.log ]]; then
sudo tail -f /var/www/$domain/htdocs/wp-content/debug.log
else
echo "${red} Seems like debug is not enabled in your wp-config.php file! ${end}"
fi
elif [[ -z "$domain" && -z "$opt" ]]; then
sudo tail -f /var/log/nginx/*access.log
elif [[ -n "$domain" && -z "$opt" ]]; then
sudo tail -f /var/log/nginx/$domain.access.log
fi

239
plugins/site Normal file
View file

@ -0,0 +1,239 @@
#!/bin/bash
# Site Manager Plugin (Create, delete and de/activate)
# Syntax: site <domain> <option> <argument>
# Options: -html, -php, -wp, -wpsubdir, -wpsubdom, -parked, -on, -off, -delete, -delete-all, -list, -nocache, -cache, -ssl-on, ssl-off
# Arguments: -cache, -root
# shopt is necessary for this kind !(html|22222) of patterns
shopt -s extglob
domain="$1"
type="$2"
cache="$3"
domroot="$4"
source /opt/webinoly/lib/general
source /opt/webinoly/lib/sites
source /opt/webinoly/lib/site-ssl
if [[ ! $(conf_read nginx) == "true" ]]; then
echo ""
echo "${red} NGINX is required to create a site! ${end}"
echo ""
exit 1
fi
# Check if user entered arg before option and correct it.
if [[ "$type" == "-cache" && -n $cache ]]; then
type="$3"
cache="$2"
fi
wp="0" # Evaluate if site to create is WP
if [[ "$type" == "-wp" || "$type" == "-wpsubdir" || "$type" == "-wpsubdom" ]]; then
wp="1"
fi
# Cache validation
if [[ "$cache" == "-cache" && "$wp" == "0" ]]; then
echo "${red} Site $domain is not a WP site! ${end}"
exit 1
elif [[ ( "$cache" != "-cache" && "$cache" != "-root" ) && -n "$cache" && "$type" != "-parked" ]]; then
echo "${red} $cache is not a valid argument! ${end}"
exit 1
fi
# List Sites
if [[ "$domain" == "-list" && -z "$type" && -z "$cache" ]]; then
echo ""
for site in "/var/www"/*
do
domi=$(echo $site | cut -f 4 -d "/")
echo "${gre} - $domi ${end}"
done
echo ""
# Delete all sites
elif [[ "$domain" == "-delete-all" && -z "$type" && -z "$cache" ]]; then
# List all sites in /var/www/ folder
for site in "/var/www"/*
do
# Determina if site is WP (so has DB to delete)
if [[ -a $site/wp-config.php || -a $site/htdocs/wp-config.php ]]; then
domi=$(echo $site | cut -f 4 -d "/")
db_delete $domi
echo "${gre}Database of your site ${red}${domi}${gre} has been successfully deleted! ${end}"
fi
done
# Delete all files
# -rf is necessary to not generate an error when is empty.
sudo rm -rf /etc/nginx/sites-available/!(default|$(conf_read tools-port))
sudo rm -rf /etc/nginx/sites-enabled/!(default|$(conf_read tools-port))
sudo rm -rf /var/www/!(html|$(conf_read tools-port))
echo ""
echo "${gre}All sites and data has been deleted successfully!${end}"
# Create PHP site
elif [ "$type" == "-php" ]; then
createsite
# Create HTML site
elif [ "$type" == "-html" ]; then
createsite
sudo sed -i '/index/c \ index index.html index.htm;' /etc/nginx/sites-available/$domain
sudo sed -i '/index/a \ location / { try_files $uri $uri/ =404; }' /etc/nginx/sites-available/$domain
sudo sed -i '/php.conf/d' /etc/nginx/sites-available/$domain
# Create WP site
elif [ "$type" == "-wp" ]; then
createsite
sudo sed -i '/locations.conf/i \ include common/wpcommon.conf;' /etc/nginx/sites-available/$domain
# Create WP Multisite (Sub-directory)
elif [ "$type" == "-wpsubdir" ]; then
createsite
sudo sed -i '/locations.conf/i \ include common/wpsubdir.conf;' /etc/nginx/sites-available/$domain
sudo sed -i '/locations.conf/i \ include common/wpcommon.conf;' /etc/nginx/sites-available/$domain
# Create WP Multisite (Sub-domain)
elif [ "$type" == "-wpsubdom" ]; then
createsite
sudo sed -i '/locations.conf/i \ include common/wpcommon.conf;' /etc/nginx/sites-available/$domain
# Parked Domain
elif [ "$type" == "-parked" ]; then
mapto="NeverMatchAtFirstDotCom"
if [[ -n $cache ]]; then
mapto="$cache"
fi
while [[ ! -a /etc/nginx/sites-available/$mapto ]]
do
echo "${blu}"
read -p "Main site domain: " mapto
mapto=${mapto:-NeverMatchAtFirstDotCom}
echo "${end}"
if [[ ! -a /etc/nginx/sites-available/$mapto ]]; then
echo "${red} Main site domain not found! ${end}"
fi
done
sudo cp /etc/nginx/sites-available/$mapto /etc/nginx/sites-available/$domain
sudo chmod 644 /etc/nginx/sites-available/$domain
sudo chown root:root /etc/nginx/sites-available/$domain
sudo ln -s /etc/nginx/sites-available/$domain /etc/nginx/sites-enabled/$domain
# Nginx conf file for the new parked domain
sudo sed -i "s/$mapto/$domain/g" /etc/nginx/sites-available/$domain
sudo sed -i "/root/c \ root /var/www/$mapto/htdocs;" /etc/nginx/sites-available/$domain
cusconl=$( grep -F "include /var/www/$domain/conf/nginx" /etc/nginx/sites-available/$domain | sed "s/$domain/$mapto/" )
sed -i "/include \/var\/www\/$domain\/conf\/nginx/c \ ${cusconl}" /etc/nginx/sites-available/$domain
echo "${gre}"
echo " Parked domain was successfully configured! "
echo "${end}"
# Site disabled
elif [[ "$type" == "-off" && ! -L /etc/nginx/sites-enabled/$domain ]]; then
echo "${red}Site $domain doesn't exist or is already disabled!${end}"
elif [[ "$type" == "-off" && -L /etc/nginx/sites-enabled/$domain ]]; then
echo "${gre}Site $domain has been successfully disabled!${end}"
sudo rm /etc/nginx/sites-enabled/$domain
# Site re-enabled
elif [[ "$type" == "-on" && -L /etc/nginx/sites-enabled/$domain ]]; then
echo "${gre}Site $domain is already enabled!${end}"
elif [[ "$type" == "-on" && ! -L /etc/nginx/sites-enabled/$domain ]]; then
sudo ln -s /etc/nginx/sites-available/$domain /etc/nginx/sites-enabled/$domain
echo "${gre}Site $domain has been successfully enabled!${end}"
# Delete site
elif [[ "$type" == "-delete" && -a /etc/nginx/sites-available/$domain ]]; then
deletesite
echo "${gre}Site $domain has been successfully deleted!${end}"
# SSL enabled (Letsencrypt)
elif [[ "$type" == "-ssl-on" && -a /etc/nginx/sites-available/$domain ]]; then
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
if [[ -z $isssl ]]; then
site_ssl_on
else
echo "${red}SSL is already enabled for site $domain!${end}"
fi
# SSL disabled (Letsencrypt)
elif [[ "$type" == "-ssl-off" && -a /etc/nginx/sites-available/$domain ]]; then
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
if [[ -n $isssl ]]; then
site_ssl_off
echo "${gre}SSL have been successfully disabled for site $domain!${end}"
else
echo "${red}SSL is already disabled for site $domain!${end}"
fi
# FastCGI Cache disabled
elif [[ "$type" == "-nocache" && -a /etc/nginx/sites-available/$domain ]]; then
isfc=$( grep -F "wpfc.conf" /etc/nginx/sites-available/$domain )
if [[ -n $isfc ]]; then
sudo sed -i '/wpfc.conf/c \ include common/php.conf;' /etc/nginx/sites-available/$domain
echo "${gre} FastCGI Cache in $domain has been disabled!${end}"
else
echo "${red} Site $domain is not a WP site or FastCGI were not enabled!${end}"
fi
# FastCGI Cache enabled
elif [[ "$type" == "-cache" && -a /etc/nginx/sites-available/$domain ]]; then
isphp=$( grep -F "php.conf" /etc/nginx/sites-available/$domain )
iswp=$( grep -F "wpcommon.conf" /etc/nginx/sites-available/$domain )
if [[ -n $isphp && -n $iswp ]]; then
sudo sed -i '/php.conf/c \ include common/wpfc.conf;' /etc/nginx/sites-available/$domain
if [[ ! -d /var/www/$domain/htdocs/wp-content/plugins/nginx-helper ]]; then
echo "${gre}"
echo "We recommend Nginx Helper Plugin as an easy way to manage FastCGI Cache on your site."
echo "${blu} Do you want to install it now [Y/n]? "
while read -r -n 1 -s answer; do
answer=${answer:-y}
if [[ $answer = [YyNn] ]]; then
[[ $answer = [Yy] ]] && nginx_helper_plugin
break
fi
done
fi
echo "${gre}"
echo " FastCGI Cache in $domain has been successfully enabled! "
echo "${end}"
else
echo "${red} Site $domain is not a WP site or FastCGI is already enabled!${end}"
fi
# Catch ERROR
elif [[ ! -a /etc/nginx/sites-available/$domain && ( "$type" == "-nocache" || "$type" == "-cache" || "$type" == "-delete" || "$type" == "-on" || "$type" == "-ssl-on" || "$type" == "-ssl-off" ) ]]; then
echo "${red}Site $domain doesn't exists!${end}"
else
echo "${red} Argument '${type}' is not a valid option! ${end}"
fi
shopt -u extglob
if [[ $(conf_read nginx) == "true" ]]; then
sudo service nginx reload
fi

424
plugins/stack Normal file
View file

@ -0,0 +1,424 @@
#!/bin/bash
# Server Stack Manager
# Syntax: stack <option> <arguments>
# Options: -html, -nginx, -php, -lemp, -mysql, -pma, -info, -purge-server-all, -web-tools
# Arguments: -purge, -notools, -noptim
source /opt/webinoly/lib/install
opt="$1"
arg="$2"
# Check if user entered arg before option and correct it.
if [[ $opt == "-purge" || $opt == "-notools" ]]; then
opt="$2"
arg="$1"
fi
if [[ $arg == "-noptim" && $opt == "-lemp" ]]; then
if ! [[ $(conf_read nginx) == "true" || $(conf_read php) == "true" || $(conf_read mysql) == "true" ]]; then
nginx_install
php_install
mysql_install
echo ""
echo "${gre} LEMP without optimization has been installed!!! ${end}"
echo ""
messagend_install dbpass
else
echo "${red}[ERROR] Some packages are already installed!${end}"
fi
# Delete some stack
elif [[ $arg == "-purge" && ( $opt == "-html" || $opt == "-nginx" ) ]]; then
if [[ $(conf_read nginx) != "true" ]]; then
echo "${red} Nginx is not installed, hence can not be deleted! ${end}"
exit 1
fi
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove NGINX from your server!"
echo ""
if [ "$(conf_read delall)" != "true" ]; then
echo " ${blu} Are you sure [y/N]? ${end}"
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
fi
if [[ $answer == [Yy] || $(conf_read delall) == "true" ]]; then
echo ""
echo "${blu}Do you want to delete your sites data directory (/var/www) [Y/n]? ${end}"
while read -r -n 1 -s answer; do
answer=${answer:-y}
if [[ $answer = [YyNn] ]]; then
if [[ $answer == [Yy] ]]; then
if [[ $(conf_read mysql-tool) == "true" ]]; then
stack -pma -purge
fi
site -delete-all
sudo rm -rf /var/www/$(conf_read tools-port)
sudo rm -rf /var/www/html
fi
break
fi
done
sudo service nginx stop
sudo apt-get -y purge nginx nginx-common
sudo apt-get -y purge letsencrypt python-boto duplicity duply
sudo apt-get -y autoremove
sudo rm $HOME/www
sudo rm $HOME/sites-available
linux_purge
if [[ $(conf_read php-tool) != "true" ]]; then
conf_write web-tool purged
fi
conf_write nginx purged
conf_write nginx-optim purged
conf_write nginx-tool purged
echo ""
echo "${gre} Nginx has been deleted successfully! ${end}"
echo ""
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
echo ""
elif [[ $arg == "-purge" && $opt == "-php" ]]; then
if [[ $(conf_read php) != "true" ]]; then
echo "${red} PHP is not installed, hence can not be deleted! ${end}"
exit 1
fi
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove PHP from your server!"
echo " This action will also remove PhpMyAdmin if its installed because depends on PHP. ${end}"
echo ""
if [ "$(conf_read delall)" != "true" ]; then
echo " ${blu} Are you sure [y/N]? ${end}"
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
fi
if [[ $answer == [Yy] || $(conf_read delall) == "true" ]]; then
if [[ $(conf_read mysql-tool) == "true" ]]; then
stack -pma -purge
fi
sudo service php*-fpm stop
sudo apt-get -y purge php*-fpm php*-curl php*-gd php*-imap php*-mcrypt php*-readline php*-common php*-recode php*-mysql php*-cli php*-mbstring php*-bcmath php*-mysql php*-opcache php*-zip php*-xml php*-soap php-memcached php-imagick php-memcache memcached graphviz php-pear php-xdebug php-msgpack unzip
sudo apt-get -y purge redis-server php-redis postfix
sudo add-apt-repository --remove 'ppa:ondrej/php'
sudo apt-get -y autoremove
sudo rm -rf /etc/php
sudo rm /opt/webinoly/templates/source/*
conf_write php purged
conf_write php-optim purged
if [[ $(conf_read php-tool) == "true" ]]; then
rm -rf /var/www/$(conf_read tools-port)/htdocs/fpm
rm -rf /var/www/$(conf_read tools-port)/htdocs/php
conf_write php-tool purged
fi
if [[ $(conf_read nginx-tool) != "true" ]]; then
conf_write web-tool purged
fi
echo ""
echo "${gre} PHP has been deleted successfully! ${end}"
echo ""
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
echo ""
elif [[ $arg == "-purge" && $opt == "-mysql" ]]; then
if [[ $(conf_read mysql) != "true" ]]; then
echo "${red} MySQL is not installed, hence can not be deleted! ${end}"
exit 1
fi
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove MySQL from your server! ${end}"
echo ""
if [ "$(conf_read delall)" != "true" ]; then
echo " ${blu} Are you sure [y/N]? ${end}"
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
fi
if [[ $answer == [Yy] || $(conf_read delall) == "true" ]]; then
if [[ $(conf_read mysql-tool) == "true" ]]; then
conf_write delautopma true
stack -pma -purge
conf_delete delautopma
fi
sudo service mysql stop
sudo apt-get -y purge mariadb-server mariadb-common mysql-common debconf-utils
sudo apt-get -y purge mariadb-client
sudo apt-get -y autoremove
sudo add-apt-repository --remove 'deb [arch=amd64,i386,ppc64el] http://mirrors.syringanetworks.net/mariadb/repo/10.2/ubuntu xenial main'
sudo rm -rf /etc/mysql
sudo rm -rf /var/lib/mysql
conf_delete mysql-root
conf_delete mysql-admin
conf_write mysql-client purged
conf_write mysql purged
echo ""
echo "${gre} MySQL has been deleted successfully! ${end}"
echo ""
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
echo ""
elif [[ $arg == "-purge" && $opt == "-pma" ]]; then
if [[ $(conf_read mysql-tool) != "true" ]]; then
echo "${red} PhpMyAdmin is not installed, hence can not be deleted! ${end}"
exit 1
fi
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove PhpMyAdmin from your server! ${end}"
echo ""
if [[ "$(conf_read delall)" != "true" && "$(conf_read delautopma)" != "true" ]]; then
echo " ${blu} Are you sure [y/N]? ${end} "
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
fi
if [[ $answer == [Yy] || $(conf_read delall) == "true" || $(conf_read delautopma) == "true" ]]; then
echo "phpmyadmin phpmyadmin/dbconfig-remove boolean true" | debconf-set-selections
echo "phpmyadmin phpmyadmin/purge boolean true" | debconf-set-selections
sudo apt-get -y purge phpmyadmin
sudo apt-get -y autoremove
sudo rm -rf /var/www/$(conf_read tools-port)/htdocs/pma
conf_write mysql-tool purged
echo ""
echo "${gre} PhpMyAdmin has been deleted successfully! ${end}"
echo ""
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
echo ""
elif [[ $arg == "-purge" && $opt == "-web-tools" ]]; then
if [[ $(conf_read web-tool) != "true" ]]; then
echo "${red} Web Tools (Postfix, Redis, Duplicity and Letsencrypt) are not installed, hence can not be deleted! ${end}"
exit 1
fi
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove all your Web Tools (Postfix, Redis, Duplicity and Letsencrypt) from your server! ${end}"
echo ""
if [ "$(conf_read delall)" != "true" ]; then
echo " ${blu} Are you sure [y/N]? ${end} "
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
fi
if [[ $answer == [Yy] || $(conf_read delall) == "true" ]]; then
sudo apt-get -y purge redis-server php-redis postfix letsencrypt python-boto duplicity duply
sudo apt-get -y autoremove
conf_write web-tool purged
echo ""
echo "${gre} Web Tools have been deleted successfully! ${end}"
echo ""
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
echo ""
elif [[ $arg == "-purge" && $opt == "-lemp" ]]; then
echo ""
echo "${red}If you want to remove Webinoly Stack completely from your server use the '-purge-server-all' option or remove each package individually. ${end}"
echo ""
elif [[ $arg != "-purge" && $arg != "-notools" && -n "$arg" ]]; then
echo ""
echo "${red} $arg is not a valid argument! ${end}"
echo ""
# Install some stack
elif [[ $opt == "-html" || $opt == "-nginx" ]]; then
if [[ $(conf_read nginx) != "true" ]]; then
nginx_install
nginx_optim
if [[ $arg != "-notools" ]]; then
nginx_tool
fi
echo ""
echo "${gre} Nginx has been installed successfully! ${end}"
echo ""
else
echo "${red}Nginx is already installed!${end}"
if [[ $(conf_read nginx-optim) != "true" ]]; then
nginx_optim
echo "${gre}"
echo "NGINX has been optimized by Webinoly!"
echo "${end}"
fi
if [[ $(conf_read nginx-tool) != "true" && $arg != "-notools" ]]; then
nginx_tool
echo "${gre}"
echo "NGINX Tools has been re-installed!"
echo "${end}"
fi
fi
elif [[ $opt == "-php" ]]; then
if [[ $(conf_read php) != "true" ]]; then
if [[ $(conf_read nginx) != "true" ]]; then
echo ""
echo "${blu}Nginx is not installed, do you want to install it too [Y/n]?${end} "
while read -r -n 1 -s answer; do
answer=${answer:-y}
if [[ $answer = [YyNn] ]]; then
break
fi
done
if [[ $answer != [Nn] ]]; then
stack -nginx $arg
fi
fi
php_install
php_optim
if [[ $arg != "-notools" ]]; then
php_tool
fi
echo ""
echo "${gre} PHP has been installed successfully! ${end}"
echo ""
else
echo "${red}PHP is already installed!${end}"
if [[ $(conf_read php-optim) != "true" ]]; then
php_optim
echo "${gre}"
echo "PHP has been optimized by Webinoly!"
echo "${end}"
fi
if [[ $(conf_read php-tool) != "true" && $arg != "-notools" ]]; then
php_tool
echo "${gre}"
echo "PHP Tools has been re-installed!"
echo "${end}"
fi
fi
elif [[ $opt == "-mysql" ]]; then
if [[ $(conf_read mysql) != "true" ]]; then
mysql_install
if [[ $arg != "-notools" ]]; then
stack -pma
fi
echo ""
echo "${gre} MySQL (MariaDB) has been installed successfully! ${end}"
echo ""
messagend_install dbpass
else
echo "${red}MySQL is already installed!${end}"
if [[ $(conf_read mysql-tool) != "true" && $arg != "-notools" ]]; then
stack -pma
echo "${gre}"
echo "MySQL Tools has been re-installed!"
echo "${end}"
fi
fi
elif [[ $opt == "-pma" ]]; then
if [[ $(conf_read mysql) != "true" || $(conf_read php) != "true" || $(conf_read nginx) != "true" || $(conf_read nginx-tool) != "true" ]]; then
echo "${red} You need to have MySQL, PHP and NGINX installed before you can install PhpMyAdmin! ${end}"
exit 1
fi
if [[ $(conf_read mysql-tool) != "true" ]]; then
mysql_tool
echo ""
echo "${gre} PhpMyAdmin has been installed successfully! ${end}"
echo ""
else
echo "${red}PhpMyAdmin is already installed!${end}"
fi
elif [[ $opt == "-lemp" ]]; then
stack -nginx $arg
stack -php $arg
stack -mysql $arg
echo ""
echo "${gre} Nginx, PHP, MySQL (MariaDB) and other useful tools have been installed successfully! ${end}"
echo ""
# Info & Purge-Server-All
elif [[ $opt == "-info" ]]; then
system_info
elif [[ $opt == "-purge-server-all" ]]; then
echo ""
echo "${red} ¡ C A U T I O N ! You are about to remove Webinoly Stack completely from your server!"
echo " This action will remove Nginx, PHP, MySQL and all the other tools, all your sites will remain in the server but will be publicly unavailable after this action."
echo ""
echo " If you want to remove your sites data use the webinoly command: 'sudo webinoly -delete-all'"
echo ""
echo " ${blu} Are you sure [y/N]? ${end}"
while read -r -n 1 -s answer; do
answer=${answer:-n}
if [[ $answer = [YyNn] ]]; then
break
fi
done
if [[ $answer == [Yy] ]]; then
conf_write delall true
stack -mysql -purge
stack -php -purge
stack -nginx -purge
conf_delete delall
echo "${gre}"
echo "****************************************************************************"
echo "*** Webinoly Stack have been completely removed from your server ***"
echo "**** We are sad because you decided to remove Webinoly!! ****"
echo "****************************************************************************"
echo "${end}"
else
echo ""
echo " ${gre} Action aborted!!! ${end}"
echo ""
fi
else
echo "${red} $opt is not a valid option! ${end}"
fi

230
plugins/webinoly Normal file
View file

@ -0,0 +1,230 @@
#!/bin/bash
# Webinoly Server Manager Plugin
# Syntax: webinoly <option>
# Options: -update, -server-update or -server-reset, -verify, -dbpass, -tools-port, -login-www-data, -nologin-www-data, -config-cache, -uninstall, -config-load, -info
opt="$1"
arg="$2"
source /opt/webinoly/lib/install
if [ "$opt" == "-update" ]; then
app_install
app_purge
echo ""
echo "${gre}Webinoly App has been updated successfully!${end}"
elif [[ "$opt" == "-server-update" || "$opt" == "-server-reset" ]]; then
# Regenerate NGINX conf files
if [[ $(conf_read nginx-optim) == "true" ]]; then
sudo rm -rf /etc/nginx/common
sudo rm -rf /etc/nginx/conf.d/*
linux_purge
nginx_optim
fi
# Regenerate PHP conf files
if [[ $(conf_read php-optim) == "true" ]]; then
sudo cat /opt/webinoly/templates/source/php.ini > /etc/php/$(conf_read php-ver)/fpm/php.ini
sudo cat /opt/webinoly/templates/source/www.conf > /etc/php/$(conf_read php-ver)/fpm/pool.d/www.conf
sudo rm /etc/php/$(conf_read php-ver)/fpm/pool.d/debug.conf
php_optim
fi
webinoly_version
echo ""
echo "${gre}Webinoly Server has been updated successfully!${end}"
elif [ "$opt" == "-verify" ]; then
webinoly_verify
elif [ "$opt" == "-dbpass" ]; then
if [[ -n $(conf_read mysql-root) || -n $(conf_read mysql-admin) ]]; then
echo "${gre}"
echo " root: $( echo $(conf_read mysql-root) | openssl enc -d -a -salt )"
echo " admin: $( echo $(conf_read mysql-admin) | openssl enc -d -a -salt )"
echo "${end}"
else
echo "${red}"
echo "DB Passwords not found!"
echo "${end}"
fi
elif [ "$opt" == "-tools-port" ]; then
if [[ $(conf_read nginx-tool) == "true" && $(conf_read nginx) == "true" ]]; then
oldport="$(conf_read tools-port)"
tools_port $arg
newport="$(conf_read tools-port)"
if [[ $oldport != $newport ]]; then
sudo mv /var/www/$oldport /var/www/$newport
sudo mv /etc/nginx/sites-available/$oldport /etc/nginx/sites-available/$newport
sudo rm /etc/nginx/sites-enabled/$oldport
sudo ln -s /etc/nginx/sites-available/$newport /etc/nginx/sites-enabled/$newport
sudo sed -i "s/${oldport}/${newport}/g" /etc/nginx/sites-available/$newport
sudo service nginx reload
fi
else
echo "${red}"
echo "Nginx Tools not found in your server!"
echo "${end}"
fi
elif [ "$opt" == "-login-www-data" ]; then
if [[ $(conf_read nginx) != "true" ]]; then
echo "${red} Nginx not found! ${end}"
exit 1
fi
if [[ $(conf_read login-www-data) == "true" ]]; then
echo "${red} User www-data already have SFTP access! ${end}"
exit 1
fi
# Allow access for www-data user
sudo mkdir -p /var/www/.ssh
sudo chmod 700 /var/www/.ssh
sudo cat $HOME/.ssh/authorized_keys > /var/www/.ssh/authorized_keys
sudo chmod 600 /var/www/.ssh/*
sudo chown -R www-data:www-data /var/www
# www-data sftp-only access jail - if fails usrlib must be listed in /etc/shells
sudo usermod -s /usr/lib/openssh/sftp-server www-data
sudo addgroup --system sftponly
sudo usermod -G sftponly www-data
sudo chown root:root /var/www
sudo sed -i "/Subsystem sftp/c\Subsystem sftp internal-sftp" /etc/ssh/sshd_config
sudo echo 'Match Group sftponly
ChrootDirectory /var/www
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp' >> /etc/ssh/sshd_config
falus=$( grep -F "AllowUsers" /etc/ssh/sshd_config )
if [[ -n $falus ]]; then
sudo sed -i "s/$falus/$falus www-data/" /etc/ssh/sshd_config
fi
conf_write login-www-data true
sudo service ssh restart
echo "${gre} SFTP access for www-data user has been successfuly enabled! ${end}"
elif [ "$opt" == "-nologin-www-data" ]; then
if [[ $(conf_read nginx) != "true" ]]; then
echo "${red} Nginx not found! ${end}"
exit 1
fi
if [[ $(conf_read login-www-data) != "true" ]]; then
echo "${red} User www-data already have no SFTP access! ${end}"
exit 1
fi
sudo rm -rf /var/www/.ssh
sudo sed -i '/www-data:/c\www-data:x:33:33:www-data:\/var\/www:\/usr\/sbin\/nologin' /etc/passwd
sudo gpasswd -d www-data sftponly
sudo delgroup sftponly
sudo chown www-data:www-data /var/www
sudo sed -i "/Subsystem sftp/c\Subsystem sftp \/usr\/lib\/openssh\/sftp-server" /etc/ssh/sshd_config
falus=$( grep -F "AllowUsers" /etc/ssh/sshd_config )
if [[ -n $falus ]]; then
suffix="www-data"
foo=${falus%$suffix}
sudo sed -i "s/$falus/$foo/" /etc/ssh/sshd_config
fi
conf_write login-www-data purged
sudo service ssh restart
echo "${gre} SFTP access for www-data user has been successfuly disabled! ${end}"
elif [ "$opt" == "-config-cache" ]; then
if [[ $(conf_read nginx) != "true" ]]; then
echo "${red} Nginx not found! ${end}"
exit 1
fi
hitline=$( grep -F "fastcgi_cache_valid 200" /etc/nginx/conf.d/fastcgi.conf )
hitval=$(echo "${hitline//;}" | rev | cut -d' ' -f 1 | rev)
inaline=$( grep -F "fastcgi_cache_path" /etc/nginx/conf.d/fastcgi.conf )
inactive=$(echo "${inaline//;}" | rev | cut -d' ' -f 1 | rev)
inaval=$(echo "${inactive}" | cut -d'=' -f 2)
maxsize=$(echo "${inaline}" | rev | cut -d' ' -f 2 | rev)
othline=$( grep -F "fastcgi_cache_valid 301 302 307 404" /etc/nginx/conf.d/fastcgi.conf )
othval=$(echo "${othline//;}" | rev | cut -d' ' -f 1 | rev)
if [[ -z $arg ]]; then
echo "${gre}"
echo "**********************************************************************"
echo "************* Set FastCGI Cache new time values **************"
echo "***** Example: 30d = 30days | 3h = 3hours | 5m = 5minutes ******"
echo "**********************************************************************"
echo "${blu}"
echo "FastCGI Cache Valid for Pages (HttpCode: 200) actual value is: $hitval"
read -p " Set new value: " hit
hit=${hit:-$hitval}
echo ""
echo "Purge Cache for inactive pages actual value is: $inaval"
read -p " Set new value: " ina
ina=${ina:-$inaval}
echo ""
echo "FastCGI Cache Valid for Errors and Redirections (HttpCode: 301, 302, 307, 404) actual value is: $othval"
read -p " Set new value: " oth
oth=${oth:-$othval}
else
hit=$(echo "${arg}" | cut -d',' -f 1 )
ina=$(echo "${arg}" | cut -d',' -f 2 )
oth=$(echo "${arg}" | cut -d',' -f 3 )
fi
if [[ "$hit" =~ ^[0-9]+[smhdwMy]$ && "$ina" =~ ^[0-9]+[smhdwMy]$ && "$oth" =~ ^[0-9]+[smhdwMy]$ ]]; then
sudo sed -i "/fastcgi_cache_valid 200/c \fastcgi_cache_valid 200 ${hit};" /etc/nginx/conf.d/fastcgi.conf
sudo sed -i "/fastcgi_cache_valid 301 302 307 404/c \fastcgi_cache_valid 301 302 307 404 ${oth};" /etc/nginx/conf.d/fastcgi.conf
sudo sed -i "/fastcgi_cache_path/c \fastcgi_cache_path \/var\/run\/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m ${maxsize} inactive=${ina};" /etc/nginx/conf.d/fastcgi.conf
conf_write fastcgi-conf ${hit},${ina},${oth}
echo "${gre}"
echo "******** FastCGI Cache values has been successfully updated! ********"
echo "${end}"
else
echo "${red}"
echo " [ERROR] Invalid values!"
echo "${end}"
fi
elif [ "$opt" == "-uninstall" ]; then
echo "${red}"
echo " You are about to remove completely Webinoly App from your server!!"
echo "${blu} Are you sure [y/N]? "
while read -r -n 1 -s answer; do
answer=${answer:-n}
echo ""
if [[ $answer = [YyNn] ]]; then
if [[ $answer == [Yy] ]]; then
if [[ $(conf_read linux-optim) == "purged" ]]; then
swap_delete
fi
sudo rm -rf /opt/webinoly
sudo rm /usr/bin/webinoly
sudo rm /usr/bin/stack
sudo rm /usr/bin/site
sudo rm /usr/bin/httpauth
sudo rm /usr/bin/log
echo "${gre} Webinoly App has been removed successfully from your server!"
echo "${end}"
exit 1;
else
echo "${gre} Action aborted!"
echo "${end}"
fi
break
fi
done
elif [ "$opt" == "-config-load" ]; then
config_load
elif [ "$opt" == "-info" ]; then
system_info
else
echo "${red}Please enter a valid option!${end}"
fi
if [[ $(conf_read nginx) == "true" ]]; then
sudo service nginx reload
fi

66
templates/nginx/22222 Normal file
View file

@ -0,0 +1,66 @@
# Webinoly admin NGINX CONFIGURATION
server {
listen 22222 default_server deferred;
listen [::]:22222 default_server;
access_log /var/log/nginx/22222.access.log we_log;
error_log /var/log/nginx/22222.error.log;
#ssl on;
#ssl_certificate /var/www/22222/cert/22222.crt;
#ssl_certificate_key /var/www/22222/cert/22222.key;
#ssl_stapling on;
#ssl_stapling_verify on;
#ssl_trusted_certificate /var/www/22222/cert/chain.pem;
# Force HTTP to HTTPS
#error_page 497 =200 https://$host:22222$request_uri;
root /var/www/22222/htdocs;
index index.php index.htm index.html;
# Turn on directory listing
autoindex on;
# HTTP Authentication on port 22222
include common/acl.conf;
location / {
try_files $uri $uri/ /index.php?$args;
}
# Status pages
location /nginx_status {
stub_status on;
access_log off;
# include common/acl.conf;
}
location ~ ^/(status|ping) {
include fastcgi_params;
fastcgi_pass php;
# include common/acl.conf;
}
# Display menu at location /fpm/status/
location = /fpm/status/ {}
location ~ /fpm/status/(.*) {
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_NAME /status;
fastcgi_pass $1;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
}
location ~* \.(js|css|jpg|gif|png)$ {
root /var/www/22222/htdocs/;
}
}

8
templates/nginx/common/acl.conf Normal file
View file

@ -0,0 +1,8 @@
# Webinoly protect locations
# HTTP authentication || IP address
satisfy any;
auth_basic "Restricted Area";
auth_basic_user_file .htpasswd;
# Allowed IP Address List
allow 127.0.0.1;
deny all;

3
templates/nginx/common/headers-html.conf Normal file
View file

@ -0,0 +1,3 @@
add_header Cache-Control "public, no-cache";
add_header Referrer-Policy "unsafe-url";
#add_header Content-Security-Policy " ";

4
templates/nginx/common/headers-http.conf Normal file
View file

@ -0,0 +1,4 @@
add_header X-Cache-Status $upstream_cache_status;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

2
templates/nginx/common/headers-https.conf Normal file
View file

@ -0,0 +1,2 @@
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header Strict-Transport-Security "max-age=31536000";

42
templates/nginx/common/locations.conf Normal file
View file

@ -0,0 +1,42 @@
# NGINX CONFIGURATION FOR COMMON LOCATION
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE Webinoly
# Basic locations files
location = /favicon.ico {
access_log off;
log_not_found off;
expires max;
}
location = /robots.txt {
try_files $uri $uri/ /index.php?$args;
access_log off;
log_not_found off;
}
# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
include common/headers-http.conf;
include common/headers-https.conf;
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires max;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.well-known {
allow all;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Deny backup extensions & log files
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
deny all;
access_log off;
log_not_found off;
}
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
return 403;
}

10
templates/nginx/common/php.conf Normal file
View file

@ -0,0 +1,10 @@
# PHP NGINX CONFIGURATION
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE Webinoly
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
}

36
templates/nginx/common/wpcommon.conf Normal file
View file

@ -0,0 +1,36 @@
# WordPress COMMON SETTINGS
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE Webinoly
# Limit access to avoid brute force attack
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include common/acl.conf;
include fastcgi_params;
fastcgi_pass php;
}
# Disable wp-config.txt
location = /wp-config.txt {
deny all;
access_log off;
log_not_found off;
}
# Disallow php in upload folder
location /wp-content/uploads/ {
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Yoast sitemap
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^(.*)/sitemap\.xml$ $1/sitemap_index.xml permanent;
rewrite ^.*/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
# Rules for yoast sitemap with wp|wpsubdir|wpsubdomain
rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
# Following lines are optional. Needed for Yoast Premium.
rewrite ^.*/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
rewrite ^.*/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
rewrite ^.*/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
rewrite ^.*/video-sitemap\.xsl$ /index.php?xsl=video last;
access_log off;
}

30
templates/nginx/common/wpfc.conf Normal file
View file

@ -0,0 +1,30 @@
# WPFC NGINX CONFIGURATION
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE Webinoly
set $skip_cache 0;
# POST requests and URL with a query string should always go to php
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache URL containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenter or customer with items in cart
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart") {
set $skip_cache 1;
}
# Use cached or actual file if they exists, Otherwise pass request to WordPress
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
}

10
templates/nginx/common/wpsubdir.conf Normal file
View file

@ -0,0 +1,10 @@
# WPSUBDIRECTORY NGINX CONFIGURATION
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE Webinoly
if (!-e $request_filename) {
# Redirect wp-admin to wp-admin/
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Redirect wp-* files/folders
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
# Redirect other php files
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}

2
templates/nginx/conf.d/blockips.conf Normal file
View file

@ -0,0 +1,2 @@
# Block IP Address
# deny 1.1.1.1;

11
templates/nginx/conf.d/fastcgi.conf Normal file
View file

@ -0,0 +1,11 @@
# FastCGI cache settings
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m max_size=100m inactive=7d;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
fastcgi_cache_valid 200 30d;
fastcgi_cache_valid 301 302 307 404 1m;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SERVER_NAME $http_host;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_keep_conn on;

9
templates/nginx/conf.d/upstream.conf Normal file
View file

@ -0,0 +1,9 @@
# Common upstream settings
upstream php {
#server unix:/run/php/php7.0-fpm.sock;
server 127.0.0.1:9000;
}
upstream debug {
# Debug Pool
server 127.0.0.1:9001;
}

104
templates/nginx/nginx.conf Normal file
View file

@ -0,0 +1,104 @@
user www-data;
worker_processes auto;
worker_rlimit_nofile 100000;
pid /run/nginx.pid;
events {
worker_connections 8192;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 20;
send_timeout 20;
types_hash_max_size 2048;
server_tokens off;
reset_timedout_connection on;
limit_req_status 403;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
fastcgi_read_timeout 300;
client_body_buffer_size 128k;
client_max_body_size 100m;
open_file_cache max=30000 inactive=1m;
open_file_cache_valid 3m;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
include common/headers-http.conf;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:20m;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
log_format we_log '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] '
'$http_host "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component text/xml text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

20
templates/template-site-php Normal file
View file

@ -0,0 +1,20 @@
server {
listen 80;
listen [::]:80;
server_name domain.com www.domain.com;
access_log /var/log/nginx/domain.com.access.log we_log;
error_log /var/log/nginx/domain.com.error.log;
root /var/www/domain.com/htdocs;
index index.php index.html index.htm;
include common/php.conf;
include common/locations.conf;
include common/headers-http.conf;
include common/headers-html.conf;
#include /var/www/domain.com/conf/nginx/*.conf;
}

9
templates/template-site-ssl Normal file
View file

@ -0,0 +1,9 @@
# WebinolySSLstart
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/chain.pem;
# WebinolySSLend

83
weby Normal file
View file

@ -0,0 +1,83 @@
#!/bin/bash
# Webinoly script.
# This script is designed to install latest Webinoly.
if [[ -n "$1" ]]; then
setup="$1"
else
setup=9
fi
# Diplay menu to select type of server
while ! [[ $setup -ge 0 && $setup -le 4 && $setup =~ ^[0-9]+$ ]] 2>/dev/null
do
echo ""
echo " 1 - HTML Server"
echo " 2 - PHP Server"
echo " 3 - LEMP Server (Default)"
echo " 4 - Custom Configuration"
echo " 0 - Maybe later..."
echo ""
read -p "Select the desired option to configure your server: " setup
echo ""
echo "------------------------------------------------"
setup=${setup:-3}
done
sudo mkdir /opt/webinoly
# Download and install Webinoly
# Same as app_install, but manually because is not installed yet.
sudo curl -o $HOME/webinoly.tar http://dl.qrokes.com/webinoly/webinoly.tar
sudo tar -xf $HOME/webinoly.tar -C /opt/webinoly
sudo find /opt/webinoly -type d -exec chmod 755 {} \;
sudo find /opt/webinoly -type f -exec chmod 644 {} \;
# Install plugins
sudo chmod 755 /opt/webinoly/plugins/*
sudo mv /opt/webinoly/plugins/* /usr/bin/
source /opt/webinoly/lib/install
# Save Tools Port after library is available.
if [[ -z "$2" ]]; then
portools="22222"
else
portools="$2"
fi
if [[ -a /opt/webinoly/webinoly.conf ]]; then
echo "${gre}Webinoly Configuration file was found, so we will use it!${end}"
else
tools_port $portools
fi
# NGINX Installation
if [[ $setup -gt 0 && $setup != 4 ]]; then
stack -nginx
fi
# PHP Installation
if [[ $setup -gt 1 && $setup != 4 ]]; then
stack -php
fi
# MySQL & PhpMyAdmin Installation
if [[ $setup -gt 2 && $setup != 4 ]]; then
stack -mysql
fi
# Custom Config
if [ $setup == 4 ]; then
config_load
fi
# Write app version
webinoly_version
# Borrar archivos
sudo rm $HOME/weby
app_purge