diff --git a/config.mjs b/config.mjs index 2aa5c9f..24807f1 100644 --- a/config.mjs +++ b/config.mjs @@ -58,6 +58,26 @@ export const getConfig = () => { return rawconfig; } +export const getCredentialsConfigPath = () => { + const confp = getConfigPath(); + const pathp = confp.split('.json'); + pathp.pop(); + return `${pathp.join('')}.credentials.json`; +} + +export const getCredentialsConfig = () => { + const cpath = getCredentialsConfigPath(); + if (!existsSync(cpath)) { + console.log(`${cpath} doesnt exist`); + process.exit(1); + } + + const config = JSON.parse(readFileSync(cpath, 'utf8')); + validateConfig(config); + + return config; +} + export const updateConfigFile = (config) => { - writeFileSync(getConfigPath(), JSON.stringify(config, null, 2)); + writeFileSync(getCredentialsConfigPath(), JSON.stringify(config, null, 2)); } diff --git a/finalize.mjs b/finalize.mjs new file mode 100644 index 0000000..924e2b4 --- /dev/null +++ b/finalize.mjs @@ -0,0 +1,31 @@ +import { SSH } from "./utils.mjs"; + +/** + * Configures SSL + */ +export const finalize = (config) => { + const client = new SSH(config); + + const commands = []; + commands.push(`kusanagi configure --fqdn ${config.domain} ${config.rootsite.profile};`); + commands.push(`kusanagi ssl --email ${config.email} --https redirect --auto on ${config.rootsite.profile};`); + + [config.rootsite, ...config.subsites].forEach((site) => { + let url = `https://${config.domain}`; + if (site.path && site.path.length > 0) { + url = `${url}/${site.path}`; + } + + commands.push(`cd /home/kusanagi/${site.profile}/DocumentRoot;`); + commands.push( + `wp option get home | xargs -I{} wp search-replace {} ${url};` + ); + commands.push( + `wp option get siteurl | xargs -I{} wp search-replace {} ${url};` + ); + }) + + commands.push(`kusanagi nginx --reload;`); + + client.sshKusanagi(commands.join(' ')); +}; diff --git a/finalize.run.mjs b/finalize.run.mjs new file mode 100755 index 0000000..c9a45de --- /dev/null +++ b/finalize.run.mjs @@ -0,0 +1,6 @@ +#!/usr/bin/env node +import { getCredentialsConfig } from './config.mjs'; +import { finalize } from './finalize.mjs'; + +const config = getCredentialsConfig(); +finalize(config); diff --git a/nginx-configure.mjs b/nginx-configure.mjs index 41e8429..f5d47eb 100644 --- a/nginx-configure.mjs +++ b/nginx-configure.mjs @@ -1,3 +1,4 @@ +import { writeFileSync, unlinkSync } from "fs"; import { SSH } from "./utils.mjs"; /** @@ -10,12 +11,56 @@ export const nginxConfigure = (config) => { commands.push("cd /etc/opt/kusanagi/nginx/conf.d;"); config.subsites.forEach((subsite) => { commands.push( - `echo \\"upstream ${subsite.name} { server 127.0.0.1; }\\" > ${subsite.name}.upstream.conf;` + `echo \\"upstream ${subsite.profile} { server 127.0.0.1; }\\" > ${subsite.profile}.upstream.conf;` ); - - client.sshCentos(`sudo sed -i '/root\\\s\\/home\\/kusanagi\\/${config.rootsite.name}\\/DocumentRoot/a "location ^~ /${subsite.name}/ { \\nproxy_pass http://${subsite.name}/ \\n}"' /etc/opt/kusanagi/nginx/conf.d/${config.rootsite.name}.conf`); + commands.push( + `echo \\"upstream ${subsite.profile}_ssl { server 127.0.0.1:443; }\\" > ${subsite.profile}_ssl.upstream.conf;` + ); + + const ldpath = `nginx-location-directive.${subsite.profile}.txt`; + writeFileSync( + ldpath, + ` + location ^~ /${subsite.path}/ { + proxy_pass http://${subsite.profile}/; + } + ` + ); + const ldpathssl = `nginx-location-directive.${subsite.profile}_ssl.txt`; + writeFileSync( + ldpathssl, + ` + location ^~ /${subsite.path}/ { + proxy_pass https://${subsite.profile}_ssl/; + } + ` + ); + const requripath = `nginx-fastcgi-param.${subsite.profile}.txt`; + writeFileSync( + requripath, + ` fastcgi_param REQUEST_URI /${subsite.path}$request_uri; +` + ); + client.uploadCentos(ldpath, "./"); + client.uploadCentos(ldpathssl, "./"); + client.uploadCentos(requripath, "./"); + client.sshCentos(` + sudo mv /home/centos/${ldpath} /etc/opt/kusanagi/nginx/conf.d/; + sudo mv /home/centos/${ldpathssl} /etc/opt/kusanagi/nginx/conf.d/; + sudo mv /home/centos/${requripath} /etc/opt/kusanagi/nginx/conf.d/; + cd /etc/opt/kusanagi/nginx/conf.d/; + grep 'proxy_pass http://${subsite.profile}/;' ${config.rootsite.profile}.conf | xargs -I{} [ -z {} ] && sudo sed -i '/listen\\\s80/r ${ldpath}' ${config.rootsite.profile}.conf || echo 'proxy_pass already set'; + sudo rm ${ldpath}; + grep 'proxy_pass https://${subsite.profile}_ssl/;' ${config.rootsite.profile}.conf | xargs -I{} [ -z {} ] && sudo sed -i '/listen\\\s443/r ${ldpathssl}' ${config.rootsite.profile}.conf || echo 'proxy_pass already set'; + sudo rm ${ldpathssl}; + grep 'fastcgi_param REQUEST_URI /${subsite.path}' ${subsite.profile}.wp.inc | xargs -I{} [ -z {} ] && sudo sed -i '0,/conf.d\\/fastcgi.inc/!b;//r ${requripath}' ${subsite.profile}.wp.inc || echo 'fastcgi_param REQUEST_URL already set'; + sudo rm ${requripath}; + `); + unlinkSync(ldpath); + unlinkSync(ldpathssl); + unlinkSync(requripath); }); - commands.push("kusanagi nginx --reload;"); + commands.push("kusanagi nginx --reload;"); client.sshCentos(`sudo su - -c '${commands.join(" ")}'`); }; diff --git a/nginx-configure.run.mjs b/nginx-configure.run.mjs index 2c9a670..3564490 100755 --- a/nginx-configure.run.mjs +++ b/nginx-configure.run.mjs @@ -1,6 +1,6 @@ #!/usr/bin/env node -import { getConfig } from './config.mjs'; +import { getCredentialsConfig } from './config.mjs'; import { nginxConfigure } from './nginx-configure.mjs'; -const config = getConfig(); +const config = getCredentialsConfig(); nginxConfigure(config); diff --git a/provision.mjs b/provision.mjs index 2ec3acb..27f8d39 100644 --- a/provision.mjs +++ b/provision.mjs @@ -1,5 +1,4 @@ import _ from "lodash"; -import { generate } from "generate-password"; import { updateConfigFile } from "./config.mjs"; import { SSH, genPwd } from "./utils.mjs"; @@ -11,24 +10,19 @@ export const provision = (config) => { const outjson = _.cloneDeep(config); utils.sshKusanagi( - `kusanagi provision --wp --wplang ja --fqdn ${config.ec2.host} --no-email --dbname ${config.rootsite.dbname} --dbuser ${config.rootsite.dbuser} --dbpass '${dbpass}' '${config.rootsite.name}'` + `kusanagi provision --wp --wplang ja --fqdn ${config.ec2.host} --no-email --dbname ${config.rootsite.dbname} --dbuser ${config.rootsite.dbuser} --dbpass '${dbpass}' '${config.rootsite.profile}'` ); outjson.rootsite.dbpass = dbpass; - outjson.rootsite.fullname = config.rootsite.name; - outjson.rootsite.url = config.ec2.host; updateConfigFile(outjson); config.subsites.forEach((subsite, i) => { - const fullname = `${config.rootsite.name}-${subsite.name}`; const subdbpass = genPwd(); utils.sshKusanagi( - `kusanagi provision --wp --wplang ja --fqdn ${subsite.name} --no-email --dbname ${subsite.dbname} --dbuser ${subsite.dbuser} --dbpass '${subdbpass}' '${fullname}'` + `kusanagi provision --wp --wplang ja --fqdn ${subsite.profile} --no-email --dbname ${subsite.dbname} --dbuser ${subsite.dbuser} --dbpass '${subdbpass}' '${subsite.profile}'` ); outjson.subsites[i].dbpass = subdbpass; - outjson.subsites[i].fullname = fullname; - outjson.subsites[i].url = `${config.ec2.host}/${subsite.name}`; updateConfigFile(outjson); }); }; diff --git a/provision.run.mjs b/provision.run.mjs index 775535b..6fa8dc7 100755 --- a/provision.run.mjs +++ b/provision.run.mjs @@ -1,6 +1,6 @@ #!/usr/bin/env node -import { getConfig } from './config.mjs'; +import { getCredentialsConfig } from './config.mjs'; import { provision } from './provision.mjs'; -const config = getConfig(); +const config = getCredentialsConfig(); provision(config); diff --git a/run.mjs b/run.mjs index ab69e87..d2a45bf 100755 --- a/run.mjs +++ b/run.mjs @@ -1,11 +1,13 @@ #!/usr/bin/env node -import { getConfig } from './config.mjs'; +import { getConfig, getCredentialsConfig } from './config.mjs'; import { ec2Init } from './ec2-init.mjs'; import { provision } from './provision.mjs'; import { wpInstall } from './wp-install.mjs'; +import { nginxConfigure } from './nginx-configure.mjs'; const config = getConfig(); ec2Init(config, () => { - provision(config); - wpInstall(config); + provision(getCredentialsConfig()); + wpInstall(getCredentialsConfig()); + nginxConfigure(getCredentialsConfig()); }); diff --git a/utils.mjs b/utils.mjs index e6302de..880bf77 100644 --- a/utils.mjs +++ b/utils.mjs @@ -43,6 +43,13 @@ export class SSH { ); } + uploadCentos(localpath, remotepath) { + shell(`chmod 400 ${this.finalc.ec2.centos.pem}`); + shell( + `scp -i ${this.finalc.ec2.centos.pem} ${localpath} centos@${this.finalc.ec2.host}:${remotepath}` + ); + } + downloadCentos(remotepath, localpath) { shell(`chmod 400 ${this.finalc.ec2.centos.pem}`); shell( diff --git a/wp-install.mjs b/wp-install.mjs index 0462cbd..b8b4e24 100755 --- a/wp-install.mjs +++ b/wp-install.mjs @@ -1,5 +1,6 @@ import _ from "lodash"; -import { SSH } from "./utils.mjs"; +import { updateConfigFile } from "./config.mjs"; +import { SSH, genPwd } from "./utils.mjs"; export const getFnameFromZip = (zipFile) => { let pieces = zipFile.split("/"); @@ -22,7 +23,7 @@ const prepareFiles = (config, site) => { } const commands = []; - commands.push(`cd /home/kusanagi/${site.fullname}/DocumentRoot;`); + commands.push(`cd /home/kusanagi/${site.profile}/DocumentRoot;`); if (site.dumpFileZip) { commands.push(`cd zips;`); commands.push(`unzip -o ${dumpFile}.zip;`); @@ -49,58 +50,106 @@ const performInstall = (config, site) => { } const commands = []; - commands.push(`cd /home/kusanagi/${site.fullname}/DocumentRoot;`); + commands.push(`cd /home/kusanagi/${site.profile}/DocumentRoot;`); commands.push( `wp config create --dbname=${site.dbname} --dbuser=${site.dbuser} --dbpass=${site.dbpass};` ); commands.push(`wp db drop --yes;`); commands.push(`wp db create;`); + let url = `http://${config.ec2.host}`; + if (site.path && site.path.length > 0) { + url = `${url}/${site.path}`; + } + + const adminpwd = genPwd(); if (site.dumpFileZip) { commands.push(`wp db import ${dumpFile}.sql;`); - commands.push(`wp option get home | xargs -I{} wp search-replace {} http://${site.url};`); - commands.push(`wp option get siteurl | xargs -I{} wp search-replace {} http://${site.url};`); + commands.push( + `wp option get home | xargs -I{} wp search-replace {} ${url};` + ); + commands.push( + `wp option get siteurl | xargs -I{} wp search-replace {} ${url};` + ); commands.push(`wp core update-db;`); + if (site.wpuser && site.adminemail) { + commands.push(`wp user create ${site.wpuser} ${site.adminemail} --role=administrator --user_pass=${adminpwd};`); + } + } else { + commands.push( + `wp core install --url=${url} --title=${site.profile} --admin_user=${site.wpuser} --admin_password=${adminpwd} --admin_email=${site.adminemail};` + ); } - client.sshKusanagi(commands.join(' ')); + client.sshKusanagi(commands.join(" ")); + + client.sshCentos(` + cd /home/kusanagi/${site.profile}; + [ -f ./DocumentRoot/wp-config.php ] && cd DocumentRoot || cd ./; + sudo chmod 777 wp-config.php; + `); + client.sshKusanagi(` + cd /home/kusanagi/${site.profile}/DocumentRoot; + wp config set --type=constant FS_METHOD \'ftpext\'; + wp config set --type=constant FTP_HOST \'localhost\'; + wp config set --type=constant FTP_USER \'kusanagi\'; + `); + + return { + ...site, + wppass: adminpwd, + } }; const updatePermissions = (config, site) => { const client = new SSH(config); client.sshCentos(` - cd /home/kusanagi/${site.fullname}/DocumentRoot; - sudo chown httpd:www wp-config.php; - sudo chmod 666 wp-config.php; + cd /home/kusanagi/${site.profile}; + [ -f ./DocumentRoot/wp-config.php ] && sudo mv ./DocumentRoot/wp-config.php ./ || sudo mv ./wp-config.php ./; + sudo chown kusanagi:www wp-config.php; + sudo chmod 440 wp-config.php; + sudo chmod 755 DocumentRoot/wp-content; + cd DocumentRoot/wp-content; + sudo chmod 644 index.php advanced-cache.php replace-class.php; + sudo chmod 755 translate-accelerator; + sudo chown -R httpd:www replace-class.php translate-accelerator uploads/*; `); }; + export const wpInstall = (config) => { const client = new SSH(config); - [config.rootsite, ...config.subsites].forEach((site) => { + const ccopy = _.cloneDeep(config); + [config.rootsite, ...config.subsites].forEach((site, i) => { if (site.dumpFileZip || site.wpContentZip) { client.sshKusanagi( - `mkdir -p /home/kusanagi/${site.fullname}/DocumentRoot/zips` + `mkdir -p /home/kusanagi/${site.profile}/DocumentRoot/zips` ); } if (site.dumpFileZip) { client.uploadKusanagi( site.dumpFileZip, - `/home/kusanagi/${site.fullname}/DocumentRoot/zips/` + `/home/kusanagi/${site.profile}/DocumentRoot/zips/` ); } if (site.wpContentZip) { client.uploadKusanagi( site.wpContentZip, - `/home/kusanagi/${site.fullname}/DocumentRoot/zips/` + `/home/kusanagi/${site.profile}/DocumentRoot/zips/` ); } prepareFiles(config, site); - performInstall(config, site); + const updateds = performInstall(config, site); + if (i === 0) { + ccopy.rootsite = updateds; + } else { + ccopy.subsites[i - 1] = updateds; + } + updateConfigFile(ccopy); updatePermissions(config, site); }); }; diff --git a/wp-install.run.mjs b/wp-install.run.mjs index b304379..4afc586 100755 --- a/wp-install.run.mjs +++ b/wp-install.run.mjs @@ -1,6 +1,6 @@ #!/usr/bin/env node -import { getConfig } from './config.mjs'; +import { getCredentialsConfig } from './config.mjs'; import { wpInstall } from './wp-install.mjs'; -const config = getConfig(); +const config = getCredentialsConfig(); wpInstall(config);