From 33698d594983b33fc8e69f6e1bd10d1f6b5e7240 Mon Sep 17 00:00:00 2001 From: gau1991 Date: Tue, 30 Dec 2014 18:50:43 +0530 Subject: [PATCH] Fixed Nginx missing config, started work on ee debug --- config/plugins.d/debug.conf | 8 +++ ee/cli/bootstrap.py | 2 - ee/cli/controllers/debug.py | 45 ---------------- ee/cli/plugins/debug.py | 48 +++++++++++++++++ ee/cli/plugins/stack.py | 84 +++++++++++++++++++++++++++++ ee/cli/templates/acl.mustache | 8 +++ ee/cli/templates/blockips.mustache | 2 + ee/cli/templates/fastcgi.mustache | 9 ++++ ee/cli/templates/locations.mustache | 65 ++++++++++++++++++++++ ee/cli/templates/php.mustache | 10 ++++ ee/cli/templates/upstream.mustache | 9 ++++ ee/cli/templates/w3tc.mustache | 31 +++++++++++ ee/cli/templates/wpcommon.mustache | 35 ++++++++++++ ee/cli/templates/wpfc.mustache | 36 +++++++++++++ ee/cli/templates/wpsc.mustache | 31 +++++++++++ ee/cli/templates/wpsubdir.mustache | 10 ++++ 16 files changed, 386 insertions(+), 47 deletions(-) create mode 100644 config/plugins.d/debug.conf delete mode 100644 ee/cli/controllers/debug.py create mode 100644 ee/cli/plugins/debug.py create mode 100644 ee/cli/templates/acl.mustache create mode 100644 ee/cli/templates/blockips.mustache create mode 100644 ee/cli/templates/fastcgi.mustache create mode 100644 ee/cli/templates/locations.mustache create mode 100644 ee/cli/templates/php.mustache create mode 100644 ee/cli/templates/upstream.mustache create mode 100644 ee/cli/templates/w3tc.mustache create mode 100644 ee/cli/templates/wpcommon.mustache create mode 100644 ee/cli/templates/wpfc.mustache create mode 100644 ee/cli/templates/wpsc.mustache create mode 100644 ee/cli/templates/wpsubdir.mustache diff --git a/config/plugins.d/debug.conf b/config/plugins.d/debug.conf new file mode 100644 index 00000000..9ccdf106 --- /dev/null +++ b/config/plugins.d/debug.conf @@ -0,0 +1,8 @@ +### Example Plugin Configuration for EasyEngine + +[debug] + +### If enabled, load a plugin named `example` either from the Python module +### `ee.cli.plugins.example` or from the file path +### `/var/lib/ee/plugins/example.py` +enable_plugin = true diff --git a/ee/cli/bootstrap.py b/ee/cli/bootstrap.py index b22b6ca3..07250f46 100644 --- a/ee/cli/bootstrap.py +++ b/ee/cli/bootstrap.py @@ -5,7 +5,6 @@ from cement.core import handler from ee.cli.controllers.base import EEBaseController -from ee.cli.controllers.debug import EEDebugController from ee.cli.controllers.clean import EECleanController from ee.cli.controllers.secure import EESecureController from ee.cli.controllers.isl import EEImportslowlogController @@ -14,7 +13,6 @@ from ee.cli.controllers.info import EEInfoController def load(app): handler.register(EEBaseController) - handler.register(EEDebugController) handler.register(EECleanController) handler.register(EEInfoController) handler.register(EEImportslowlogController) diff --git a/ee/cli/controllers/debug.py b/ee/cli/controllers/debug.py deleted file mode 100644 index 1347c420..00000000 --- a/ee/cli/controllers/debug.py +++ /dev/null @@ -1,45 +0,0 @@ -"""EasyEngine site controller.""" - -from cement.core.controller import CementBaseController, expose - - -class EEDebugController(CementBaseController): - class Meta: - label = 'debug' - stacked_on = 'base' - stacked_type = 'nested' - description = 'debug command used for debugging issued with stack or \ - site specific configuration' - arguments = [ - (['--fpm'], - dict(help='debug fpm', action='store_true')), - (['--mysql'], - dict(help='debug mysql', action='store_true')), - (['--nginx'], - dict(help='debug nginx', action='store_true')), - (['--php'], - dict(help='debug php', action='store_true')), - (['--rewrite'], - dict(help='debug rewrite', action='store_true')), - (['--stop'], - dict(help='stop debugging', action='store_true')), - ] - - @expose(hide=True) - def default(self): - # TODO Default action for ee debug command - print("Inside EEDebugController.default().") - - # debug command Options and subcommand calls and definations to - # mention here - - # If using an output handler such as 'mustache', you could also - # render a data dictionary using a template. For example: - # - # data = dict(foo='bar') - # self.app.render(data, 'default.mustache') - # - # - # The 'default.mustache' file would be loaded from - # ``ee.cli.templates``, or ``/var/lib/ee/templates/``. - # diff --git a/ee/cli/plugins/debug.py b/ee/cli/plugins/debug.py new file mode 100644 index 00000000..bcdaf710 --- /dev/null +++ b/ee/cli/plugins/debug.py @@ -0,0 +1,48 @@ +"""Debug Plugin for EasyEngine.""" + +from cement.core.controller import CementBaseController, expose +from cement.core import handler, hook + + +def debug_plugin_hook(app): + # do something with the ``app`` object here. + pass + + +class EEDebugController(CementBaseController): + class Meta: + label = 'debug' + description = 'debug command enables/disbaled stack debug' + stacked_on = 'base' + stacked_type = 'nested' + arguments = [ + (['--stop'], + dict(help='Install web stack', action='store_true')), + (['--start'], + dict(help='Install admin tools stack', action='store_true')), + (['--nginx'], + dict(help='Install mail server stack', action='store_true')), + (['--php'], + dict(help='Install Nginx stack', action='store_true')), + (['--fpm'], + dict(help='Install PHP stack', action='store_true')), + (['--mysql'], + dict(help='Install MySQL stack', action='store_true')), + (['--wp'], + dict(help='Install Postfix stack', action='store_true')), + (['--rewrite'], + dict(help='Install WPCLI stack', action='store_true')), + (['-i', '--interactive'], + dict(help='Install WPCLI stack', action='store_true')), + ] + + @expose(hide=True) + def default(self): + print("Inside Debug") + + +def load(app): + # register the plugin class.. this only happens if the plugin is enabled + handler.register(EEDebugController) + # register a hook (function) to run after arguments are parsed. + hook.register('post_argument_parsing', debug_plugin_hook) diff --git a/ee/cli/plugins/stack.py b/ee/cli/plugins/stack.py index 01c00bcb..f7a065df 100644 --- a/ee/cli/plugins/stack.py +++ b/ee/cli/plugins/stack.py @@ -165,6 +165,88 @@ class EEStackController(CementBaseController): self.app.render((data), 'nginx-core.mustache', out=ee_nginx) ee_nginx.close() + data = dict() + self.app.log.debug('writting the nginx configration to file' + '/etc/nginx/conf.d/blockips.conf ') + ee_nginx = open('/etc/nginx/conf.d/blockips.conf', 'w') + self.app.render((data), 'blockips.mustache', out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('writting the nginx configration to file' + '/etc/nginx/conf.d/fastcgi.conf ') + ee_nginx = open('/etc/nginx/conf.d/fastcgi.conf', 'w') + self.app.render((data), 'fastcgi.mustache', out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('writting the nginx configration to file' + '/etc/nginx/conf.d/upstream.conf ') + ee_nginx = open('/etc/nginx/conf.d/upstream.conf', 'w') + self.app.render((data), 'upstream.mustache', out=ee_nginx) + ee_nginx.close() + + # Setup Nginx common directory + if not os.path.exists('/etc/nginx/common'): + self.app.log.debug('Creating directory' + '/etc/nginx/common') + os.makedirs('/etc/nginx/common') + + data = dict() + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/acl.conf') + ee_nginx = open('/etc/nginx/common/acl.conf', 'w') + self.app.render((data), 'acl.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/locations.conf') + ee_nginx = open('/etc/nginx/common/locations.conf', 'w') + self.app.render((data), 'locations.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/ php.conf') + ee_nginx = open('/etc/nginx/common/php.conf', 'w') + self.app.render((data), 'php.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/w3tc.conf') + ee_nginx = open('/etc/nginx/common/w3tc.conf', 'w') + self.app.render((data), 'w3tc.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/wpcommon.conf') + ee_nginx = open('/etc/nginx/common/wpcommon.conf', 'w') + self.app.render((data), 'wpcommon.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/wpfc.conf') + ee_nginx = open('/etc/nginx/common/wpfc.conf', 'w') + self.app.render((data), 'wpfc.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/wpsc.conf') + ee_nginx = open('/etc/nginx/common/wpsc.conf', 'w') + self.app.render((data), 'wpsc.mustache', + out=ee_nginx) + ee_nginx.close() + + self.app.log.debug('Writting the nginx configration to' + 'file /etc/nginx/common/wpsubdir.conf') + ee_nginx = open('/etc/nginx/common/wpsubdir.conf', 'w') + self.app.render((data), 'wpsubdir.mustache', + out=ee_nginx) + ee_nginx.close() + if set(EEVariables.ee_php).issubset(set(apt_packages)): # Parse etc/php5/fpm/php.ini config = configparser.ConfigParser() @@ -695,6 +777,8 @@ class EEStackController(CementBaseController): self.app.log.debug("Calling pre_pref ") self.pre_pref(apt_packages) if len(apt_packages): + self.app.log.debug("Updating apt-cache") + pkg.update() self.app.log.debug("Installing all apt_packages") pkg.install(apt_packages) if len(packages): diff --git a/ee/cli/templates/acl.mustache b/ee/cli/templates/acl.mustache new file mode 100644 index 00000000..122675f9 --- /dev/null +++ b/ee/cli/templates/acl.mustache @@ -0,0 +1,8 @@ +# EasyEngine (ee) protect locations using +# HTTP authentication || IP address +satisfy any; +auth_basic "Restricted Area"; +auth_basic_user_file htpasswd-ee; +# Allowed IP Address List +allow 127.0.0.1; +deny all; diff --git a/ee/cli/templates/blockips.mustache b/ee/cli/templates/blockips.mustache new file mode 100644 index 00000000..8228bedb --- /dev/null +++ b/ee/cli/templates/blockips.mustache @@ -0,0 +1,2 @@ +# Block IP Address +# deny 1.1.1.1; diff --git a/ee/cli/templates/fastcgi.mustache b/ee/cli/templates/fastcgi.mustache new file mode 100644 index 00000000..37f06e0f --- /dev/null +++ b/ee/cli/templates/fastcgi.mustache @@ -0,0 +1,9 @@ +# FastCGI cache settings +fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m; +fastcgi_cache_key "$scheme$request_method$host$request_uri"; +fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; +fastcgi_cache_valid any 1h; +fastcgi_buffers 16 16k; +fastcgi_buffer_size 32k; +fastcgi_param SERVER_NAME $http_host; +fastcgi_ignore_headers Cache-Control Expires Set-Cookie; diff --git a/ee/cli/templates/locations.mustache b/ee/cli/templates/locations.mustache new file mode 100644 index 00000000..c8414fb2 --- /dev/null +++ b/ee/cli/templates/locations.mustache @@ -0,0 +1,65 @@ +# NGINX CONFIGURATION FOR COMMON LOCATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +# Basic locations files +location = /favicon.ico { + access_log off; + log_not_found off; + expires max; +} +location = /robots.txt { + # Some WordPress plugin gererate robots.txt file + # Refer #340 issue + try_files $uri $uri/ /index.php?$args; + access_log off; + log_not_found off; +} +# Cache static files +location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ { + add_header "Access-Control-Allow-Origin" "*"; + access_log off; + log_not_found off; + expires max; +} +# Security settings for better privacy +# Deny hidden files +location ~ /\. { + deny all; + access_log off; + log_not_found off; +} +# Deny backup extensions & log files +location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ { + deny all; + access_log off; + log_not_found off; +} +# Return 403 forbidden for readme.(txt|html) or license.(txt|html) +if ($request_uri ~* "^.+(readme|license)\.(txt|html)$") { + return 403; +} +# Status pages +location /nginx_status { + stub_status on; + access_log off; + include common/acl.conf; +} +location ~ ^/(status|ping) { + include fastcgi_params; + fastcgi_pass php; + include common/acl.conf; +} +# EasyEngine (ee) utilities +# phpMyAdmin settings +location /pma { + return 301 https://$host:22222/db/pma; +} +location /phpMyAdmin { + return 301 https://$host:22222/db/pma; +} +location /phpmyadmin { + return 301 https://$host:22222/db/pma; +} +# Adminer settings +location /adminer { + return 301 https://$host:22222/db/adminer; +} diff --git a/ee/cli/templates/php.mustache b/ee/cli/templates/php.mustache new file mode 100644 index 00000000..3546f571 --- /dev/null +++ b/ee/cli/templates/php.mustache @@ -0,0 +1,10 @@ +# PHP NGINX CONFIGURATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +location / { + try_files $uri $uri/ /index.php?$args; +} +location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php; +} diff --git a/ee/cli/templates/upstream.mustache b/ee/cli/templates/upstream.mustache new file mode 100644 index 00000000..d147724e --- /dev/null +++ b/ee/cli/templates/upstream.mustache @@ -0,0 +1,9 @@ +# Common upstream settings +upstream php { +# server unix:/run/php5-fpm.sock; +server 127.0.0.1:9000; +} +upstream debug { +# Debug Pool +server 127.0.0.1:9001; +} diff --git a/ee/cli/templates/w3tc.mustache b/ee/cli/templates/w3tc.mustache new file mode 100644 index 00000000..5b162822 --- /dev/null +++ b/ee/cli/templates/w3tc.mustache @@ -0,0 +1,31 @@ + +# W3TC NGINX CONFIGURATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +set $cache_uri $request_uri; +# POST requests and URL with a query string should always go to php +if ($request_method = POST) { + set $cache_uri 'null cache'; +} +if ($query_string != "") { + set $cache_uri 'null cache'; +} +# Don't cache URL containing the following segments +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; +} +# Don't use the cache for logged in users or recent commenter +if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; +} +# Use cached or actual file if they exists, Otherwise pass request to WordPress +location / { + try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args; +} +location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ { + try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; +} +location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php; +} diff --git a/ee/cli/templates/wpcommon.mustache b/ee/cli/templates/wpcommon.mustache new file mode 100644 index 00000000..e6b34782 --- /dev/null +++ b/ee/cli/templates/wpcommon.mustache @@ -0,0 +1,35 @@ +# WordPress COMMON SETTINGS +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +# Limit access to avoid brute force attack +location = /wp-login.php { + limit_req zone=one burst=1 nodelay; + include fastcgi_params; + fastcgi_pass php; +} +# Disable wp-config.txt +location = /wp-config.txt { + deny all; + access_log off; + log_not_found off; +} +# Disallow php in upload folder +location /wp-content/uploads/ { + location ~ \.php$ { + #Prevent Direct Access Of PHP Files From Web Browsers + deny all; + } +} +# Yoast sitemap +location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ { + rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent; + rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last; + # Rules for yoast sitemap with wp|wpsubdir|wpsubdomain + rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last; + rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; + # Following lines are options. Needed for WordPress seo addons + rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last; + rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last; + rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last; + rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last; + access_log off; +} diff --git a/ee/cli/templates/wpfc.mustache b/ee/cli/templates/wpfc.mustache new file mode 100644 index 00000000..ff5240c7 --- /dev/null +++ b/ee/cli/templates/wpfc.mustache @@ -0,0 +1,36 @@ +# WPFC NGINX CONFIGURATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +set $skip_cache 0; +# POST requests and URL with a query string should always go to php +if ($request_method = POST) { + set $skip_cache 1; +} +if ($query_string != "") { + set $skip_cache 1; +} +# Don't cache URL containing the following segments +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $skip_cache 1; +} +# Don't use the cache for logged in users or recent commenter +if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { + set $skip_cache 1; +} +# Use cached or actual file if they exists, Otherwise pass request to WordPress +location / { + try_files $uri $uri/ /index.php?$args; +} +location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ { + try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; +} +location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php; + fastcgi_cache_bypass $skip_cache; + fastcgi_no_cache $skip_cache; + fastcgi_cache WORDPRESS; +} +location ~ /purge(/.*) { + fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; +} diff --git a/ee/cli/templates/wpsc.mustache b/ee/cli/templates/wpsc.mustache new file mode 100644 index 00000000..2600a795 --- /dev/null +++ b/ee/cli/templates/wpsc.mustache @@ -0,0 +1,31 @@ +# WPSC NGINX CONFIGURATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +set $cache_uri $request_uri; +# POST requests and URL with a query string should always go to php +if ($request_method = POST) { + set $cache_uri 'null cache'; +} +if ($query_string != "") { + set $cache_uri 'null cache'; +} +# Don't cache URL containing the following segments +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; +} +# Don't use the cache for logged in users or recent commenter +if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; +} +# Use cached or actual file if they exists, Otherwise pass request to WordPress +location / { + # If we add index.php?$args its break WooCommerce like plugins + # Ref: #330 + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php; +} +location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass php; + # Following line is needed by WP Super Cache plugin + fastcgi_param SERVER_NAME $http_host; +} diff --git a/ee/cli/templates/wpsubdir.mustache b/ee/cli/templates/wpsubdir.mustache new file mode 100644 index 00000000..7b65841f --- /dev/null +++ b/ee/cli/templates/wpsubdir.mustache @@ -0,0 +1,10 @@ +# WPSUBDIRECTORY NGINX CONFIGURATION +# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee) +if (!-e $request_filename) { + # Redirect wp-admin to wp-admin/ + rewrite /wp-admin$ $scheme://$host$uri/ permanent; + # Redirect wp-* files/folders + rewrite ^(/[^/]+)?(/wp-.*) $2 last; + # Redirect other php files + rewrite ^(/[^/]+)?(/.*\.php) $2 last; +}