Skip to content

Commit

Permalink
Improve LEMPer CLI tool
Browse files Browse the repository at this point in the history
  • Loading branch information
@joglomedia
joglomedia committed Dec 29, 2024
1 parent 118d45d commit 13bbb5e
Show file tree
Hide file tree
Showing 4 changed files with 99 additions and 73 deletions.
2 changes: 1 addition & 1 deletion lib/lemper-bench.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ tram=$( free -m | awk '/^Mem:/ { print $2 }' )
echo "Total RAM size: $tram MB"
swap=$( free -m | awk '/^Swap:/ { print $2 }' )
echo "Total Swap size: $swap MB"
up=$(uptime|awk '{ $1=$2=$(NF-6)=$(NF-5)=$(NF-4)=$(NF-3)=$(NF-2)=$(NF-1)=$NF=""; print }')
up=$(uptime | awk '{ $1=$2=$(NF-6)=$(NF-5)=$(NF-4)=$(NF-3)=$(NF-2)=$(NF-1)=$NF=""; print }')
echo "System uptime: $up"
load=$(uptime | awk -F: '{ print $5 }')
echo "Load average: $load"
Expand Down
93 changes: 55 additions & 38 deletions lib/lemper-create.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -797,6 +797,19 @@ function validate_ipv6() {
echo ${return}
}

##
# Validate FQDN domain.
##
function validate_fqdn() {
local FQDN=${1}

if grep -qP "(?=^.{4,253}\.?$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}\.?$)" <<< "${FQDN}"; then
echo true # success
else
echo false # error
fi
}

##
# Workaround for local domain (e.g. example.test)
# working on Local/Dev environment.
Expand Down Expand Up @@ -847,8 +860,7 @@ function install_wordpress() {
if [ ! -f "${WEBROOT}/wp-includes/class-wp.php" ]; then
if [[ -z $(command -v "wp-cli") ]]; then
info "WP CLI command not found, trying to install it first."
run wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar \
-O /usr/local/bin/wp-cli && \
run curl -sSL -o /usr/local/bin/wp-cli https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
run chmod ugo+x /usr/local/bin/wp-cli && \
run ln -sf /usr/local/bin/wp-cli /usr/bin/wp-cli
fi
Expand Down Expand Up @@ -1022,8 +1034,9 @@ function init_lemper_create() {
if [[ -z "${SERVERNAME}" ]]; then
fail -e "Domain name parameter shouldn't be empty.\n -d or --domain-name parameter is required!"
else
if ! grep -qP "(?=^.{4,253}\.?$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}\.?$)" <<< "${SERVERNAME}"; then
fail -e "Domain name parameter must be a valid FQDN!"
#if ! grep -qP "(?=^.{4,253}\.?$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}\.?$)" <<< "${SERVERNAME}"; then
if [[ $(validate_fqdn "${SERVERNAME}") == false ]]; then
fail "Your Domain name is not valid 'Fully Qualified Domain Name (FQDN)' format!"
fi
fi

Expand Down Expand Up @@ -1167,8 +1180,7 @@ function init_lemper_create() {
echo "Downloading Drupal latest skeleton files..."

if curl -sLI https://www.drupal.org/download-latest/zip | grep -q "HTTP/[.12]* [2].."; then
run wget https://www.drupal.org/download-latest/zip \
-O "${TMPDIR}/drupal.zip" && \
run curl -sSL -o "${TMPDIR}/drupal.zip" https://www.drupal.org/download-latest/zip && \
run unzip -q "${TMPDIR}/drupal.zip" -d "${TMPDIR}" && \
run rsync -rq ${TMPDIR}/drupal-*/ "${WEBROOT}" && \
run rm -f "${TMPDIR}/drupal.zip" && \
Expand Down Expand Up @@ -1307,7 +1319,7 @@ function init_lemper_create() {
run composer create-project --prefer-dist symfony/website-skeleton "${WEBROOT}"
else
warning "Symfony CLI not found, trying to install it first..."
run wget https://get.symfony.com/cli/installer -O - | bash
run bash -c "curl -sSL https://get.symfony.com/cli/installer -o - | bash"

if [[ -f "${HOME}/.symfony/bin/symfony" ]]; then
run cp -f "${HOME}/.symfony/bin/symfony" /usr/local/bin/symfony
Expand Down Expand Up @@ -1351,7 +1363,7 @@ function init_lemper_create() {
--admin_user="${APP_ADMIN_USER}" --admin_password="${APP_ADMIN_PASS}" \
--admin_email="${APP_ADMIN_EMAIL}" --path="${WEBROOT}" && \
run sudo -u "${USERNAME}" -i -- wp-cli plugin install \
akismet autoptimize cache-enabler classic-editor nginx-helper redis-cache --activate --path="${WEBROOT}"
akismet autoptimize nginx-helper redis-cache --activate --path="${WEBROOT}"
fi

# Install WooCommerce.
Expand All @@ -1364,7 +1376,7 @@ function init_lemper_create() {
run sudo -u "${USERNAME}" -i -- wp-cli plugin install woocommerce --activate --path="${WEBROOT}"
run sudo -u "${USERNAME}" -i -- wp-cli theme install storefront --activate --path="${WEBROOT}"
else
if wget -q -O "${TMPDIR}/woocommerce.zip" \
if curl -sSL -o "${TMPDIR}/woocommerce.zip" \
https://downloads.wordpress.org/plugin/woocommerce.zip; then
run unzip -q "${TMPDIR}/woocommerce.zip" -d "${WEBROOT}/wp-content/plugins/"
run rm -f "${TMPDIR}/woocommerce.zip"
Expand Down Expand Up @@ -1396,7 +1408,7 @@ function init_lemper_create() {
--title="WordPress Multisite Managed by LEMPer Stack" --admin_user="${APP_ADMIN_USER}" \
--admin_password="${APP_ADMIN_PASS}" --admin_email="${APP_ADMIN_EMAIL}" --path="${WEBROOT}" && \
run sudo -u "${USERNAME}" -i -- wp-cli plugin install \
akismet autoptimize cache-enabler classic-editor nginx-helper redis-cache --activate-network --path="${WEBROOT}"
akismet autoptimize nginx-helper redis-cache --activate-network --path="${WEBROOT}"
fi

# Mercator domain mapping.
Expand Down Expand Up @@ -1436,23 +1448,26 @@ EOL
fi
;;

filerun)
echo "Setting up FileRun virtual host..."
owncloud)
echo "Setting up OwnCloud virtual host..."

# Install FileRun skeleton.
# Install OwnCloud skeleton.
if [[ ${INSTALL_APP} == true ]]; then
# Clone new Filerun files.
if [ ! -f "${WEBROOT}/system/classes/filerun.php" ]; then
echo "Downloading FileRun skeleton files..."

if wget -q -O "${TMPDIR}/FileRun.zip" http://www.filerun.com/download-latest; then
run unzip -q "${TMPDIR}/FileRun.zip" -d "${WEBROOT}"
run rm -f "${TMPDIR}/FileRun.zip"
# Clone new OwnCloud files.
if [[ ! -f "${WEBROOT}/occ" ]]; then
echo "Downloading OwnCloud skeleton files..."

OWNCLOUD_DOWNLOAD_URL="https://download.owncloud.com/server/stable/owncloud-complete-latest.zip"

if curl -sLI "${OWNCLOUD_DOWNLOAD_URL}" | grep -q "HTTP/[.12]* [2].."; then
run curl -sSL -o "${TMPDIR}/owncloud.zip" "${OWNCLOUD_DOWNLOAD_URL}" && \
run unzip -q "${TMPDIR}/owncloud.zip" -d "${WEBROOT}"
run rm -f "${TMPDIR}/owncloud.zip"
else
error "Something went wrong while downloading FileRun files."
error "Something went wrong while downloading OwnCloud files."
fi
else
info "FileRun skeleton files already exists."
info "OwnCloud skeleton files already exists."
fi
else
# Create default index file.
Expand All @@ -1462,7 +1477,7 @@ EOL
create_index_file > "${WEBROOT}/index.html"
fi
fi

# Fix ownership.
run chown -hR "${USERNAME}:${USERNAME}" "${WEBROOT}"

Expand Down Expand Up @@ -1600,9 +1615,8 @@ EOL
fi
fi

echo "Fix files ownership and permission..."

# Fix document root ownership.
echo "Fix file ownership and permissions..."
run chown -hR "${USERNAME}:${USERNAME}" "${WEBROOT}"

# Fix document root permission.
Expand All @@ -1614,7 +1628,7 @@ EOL
info "New domain ${SERVERNAME} added in dry run mode."
fi

echo "Enable ${SERVERNAME} virtual host."
echo "Enable the ${SERVERNAME} virtual host."

# Enable site.
if [[ ! -f "/etc/nginx/sites-enabled/${SERVERNAME}.conf" ]]; then
Expand All @@ -1628,32 +1642,35 @@ EOL
# Validate config, reload when validated.
if nginx -t 2>/dev/null > /dev/null; then
run systemctl restart nginx
echo "Nginx server reloaded with new configuration."
echo "Nginx server reloaded with the new configuration."
else
info "Something went wrong with Nginx configuration."
info "Something went wrong with the Nginx configuration."
fi

if [[ -f "/etc/nginx/sites-enabled/${SERVERNAME}.conf" && -e /var/run/nginx.pid ]]; then
success "Your ${SERVERNAME} successfully added to Nginx virtual host."
success "Your ${SERVERNAME} was successfully added to the Nginx virtual host."

# Enable HTTPS.
APP_HTTP_PROTO="http"

if [[ ${ENABLE_SSL} == true ]]; then
echo "Enable HTTPS protocol utilizing Let's Encrypt SSL for ${SERVERNAME}..."
echo "Enabling HTTPS protocol using Let's Encrypt SSL for ${SERVERNAME}..."
#echo "You can enable HTTPS from lemper-cli after this setup!"
#echo "command: lemper-cli site mod --enable-ssl ${SERVERNAME}"
run lemper-cli site mod --enable-ssl "${SERVERNAME}"
run lemper-cli site mod --enable-ssl "${SERVERNAME}" && \
APP_HTTP_PROTO="https"
fi

# WordPress MS notice.
if [[ "${FRAMEWORK}" == "wordpress-ms" ]]; then
echo ""
info -e "You're installing Wordpress Multisite.\nYou should activate Nginx Helper plugin to work properly."
info -e "\nYou're installing Wordpress Multisite.\nYou should activate the Nginx Helper plugin for it to work properly."
fi

# Save app installation details.
if [[ ${INSTALL_APP} == true ]]; then
echo -e "\nYour application login details:\nAdmin user: ${APP_ADMIN_USER}\nAdmin pass: ${APP_ADMIN_PASS}\nAdmin email: ${APP_ADMIN_EMAIL}"
echo -e "Database user: ${APP_DB_USER}\nDatabase pass: ${APP_DB_PASS}\nDatabase name: ${APP_DB_NAME}"
echo -e "\nYour application's login details:\nAdmin Username: ${APP_ADMIN_USER}\nAdmin Password: ${APP_ADMIN_PASS}\nAdmin Email : ${APP_ADMIN_EMAIL}"
echo -e "DB Username: ${APP_DB_USER}\nDB Password: ${APP_DB_PASS}\nDB Name : ${APP_DB_NAME}"
echo -e "Site Address: ${APP_HTTP_PROTO}://${SERVERNAME}"
cat > "/etc/lemper/vhost.d/${SERVERNAME}.conf" <<EOL
[${SERVERNAME}]
APP_UID="${APP_UID}"
Expand All @@ -1670,13 +1687,13 @@ EOL
fi
else
if [[ ${DRYRUN} == true ]]; then
info "Your ${SERVERNAME} successfully added in dry run mode."
info "Your ${SERVERNAME} was successfully added in dry run mode."
else
fail "An error occurred when adding ${SERVERNAME} to Nginx virtual host."
fail "An error occurred while adding ${SERVERNAME} to the Nginx virtual host."
fi
fi
else
error "Virtual host config file for ${SERVERNAME} is already exists. Aborting..."
error "The virtual host config file for ${SERVERNAME} already exists. Aborting..."
fi
else
echo "${PROG_NAME}: missing required arguments."
Expand Down
45 changes: 28 additions & 17 deletions lib/lemper-manage.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -436,7 +436,7 @@ function enable_ssl() {
local DOMAIN=${1}
verify_vhost "${DOMAIN}"

if [[ ! -f "/etc/letsencrypt/live/${DOMAIN}/fullchain.pem" ]]; then
#if [[ ! -f "/etc/letsencrypt/live/${DOMAIN}/fullchain.pem" ]]; then
if [[ "${ENVIRONMENT}" == prod* ]]; then
echo "Certbot: Get Let's Encrypt certificate..."

Expand All @@ -448,11 +448,11 @@ function enable_ssl() {
if [[ -n $(command -v certbot) ]]; then
# Is it wildcard vhost?
if grep -qwE "${DOMAIN}\ \*.${DOMAIN}" "/etc/nginx/sites-available/${DOMAIN}.conf"; then
run certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory --agree-tos \
run certbot certonly --force-renewal --manual --noninteractive --manual-public-ip-logging-ok \
--preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory --agree-tos \
--webroot-path="${WEBROOT}" -d "${DOMAIN}" -d "*.${DOMAIN}"
else
run certbot certonly --webroot --preferred-challenges http --agree-tos \
run certbot certonly --force-renewal --webroot --noninteractive --preferred-challenges http --agree-tos \
--webroot-path="${WEBROOT}" -d "${DOMAIN}"
fi
else
Expand Down Expand Up @@ -480,9 +480,9 @@ function enable_ssl() {
run openssl dhparam -out /etc/nginx/ssl/dhparam-2048.pem 2048
#run openssl dhparam -out /etc/nginx/ssl/dhparam-4096.pem 4096
fi
else
info "SSL certificates is already exists for ${DOMAIN}."
fi
#else
# info "SSL certificates is already exists for ${DOMAIN}."
#fi

# Update vhost config.
if [[ "${DRYRUN}" != true ]]; then
Expand All @@ -495,10 +495,9 @@ function enable_ssl() {
# Change listening port to 443.
if grep -qwE "^\ listen\ (\b[0-9]{1,3}\.){3}[0-9]{1,3}\b:80" "/etc/nginx/sites-available/${DOMAIN}.conf"; then
run sed -i "s/\:80/\:443\ ssl/g" "/etc/nginx/sites-available/${DOMAIN}.conf"
else
run sed -i "s/listen\ 80/listen\ 443\ ssl/g" "/etc/nginx/sites-available/${DOMAIN}.conf"
fi


run sed -i "s/listen\ 80/listen\ 443\ ssl/g" "/etc/nginx/sites-available/${DOMAIN}.conf"
run sed -i "s/listen\ \[::\]:80/listen\ \[::\]:443\ ssl/g" "/etc/nginx/sites-available/${DOMAIN}.conf"

# Enable SSL configs.
Expand All @@ -519,7 +518,7 @@ function enable_ssl() {
# "/etc/nginx/sites-available/${DOMAIN}.conf"
#fi

# Append redirection block.
# Append HTTP <=> HTTPS redirection block.
cat >> "/etc/nginx/sites-available/${DOMAIN}.conf" <<EOL
## HTTP to HTTPS redirection.
Expand Down Expand Up @@ -957,80 +956,92 @@ function init_lemper_manage() {
-e | --enable)
enable_vhost "${2}"
shift 2
exit 0
;;
-d | --disable)
disable_vhost "${2}"
shift 2
exit 0
;;
-r | --remove)
remove_vhost "${2}"
shift 2
exit 0
;;
-c | --enable-fastcgi-cache)
enable_fastcgi_cache "${2}"
shift 2
exit 0
;;
--disable-fastcgi-cache)
disable_fastcgi_cache "${2}"
shift 2
exit 0
;;
-f | --enable-fail2ban)
enable_fail2ban "${2}"
shift 2
exit 0
;;
--disable-fail2ban)
disable_fail2ban "${2}"
shift 2
exit 0
;;
-p | --enable-pagespeed)
enable_mod_pagespeed "${2}"
shift 2
exit 0
;;
--disable-pagespeed)
disable_mod_pagespeed "${2}"
shift 2
exit 0
;;
-s | --enable-ssl)
enable_ssl "${2}"
exit 0
shift 2
exit 0
;;
--disable-ssl)
disable_ssl "${2}"
exit 0
shift 2
exit 0
;;
--remove-ssl)
remove_ssl "${2}"
exit 0
shift 2
exit 0
;;
--renew-ssl)
renew_ssl "${2}"
exit 0
shift 2
exit 0
;;
-b | --enable-brotli)
enable_brotli "${2}"
shift 2
exit 0
;;
-g | --enable-gzip)
enable_gzip "${2}"
shift 2
exit 0
;;
--disable-compression)
disable_compression "${2}"
shift 2
exit 0
;;
-h | --help)
show_usage
exit 0
shift 2
exit 0
;;
-v | --version)
echo "${PROG_NAME} version ${PROG_VER}"
exit 0
shift 2
exit 0
;;
--) shift
break
Expand Down
Loading

0 comments on commit 13bbb5e

Please sign in to comment.